Microsoft Defender ATP for Linux enters public preview
Microsoft opened a public preview of Defender Advanced Threat Protection for several Linux distributions, giving security teams cross-platform EDR telemetry and anti-malware coverage to harden mixed fleets.
Executive briefing: Microsoft announced Microsoft Defender ATP for Linux public preview on . Packages for RHEL, CentOS, Ubuntu, Debian, and SUSE add endpoint detection and response (EDR), command-line anti-malware scans, and centralized alerting through the Defender Security Center alongside Windows telemetry.
Operator action: Evaluate the preview in a test tenant, enable canary groups for supported Linux servers, and validate audit/collection policies before broad rollout. Confirm kernel and library prerequisites, integrate Defender alerts into SIEM workflows, and update endpoint baselines to reflect the new agent and exclusions for mission-critical workloads.
Sources: Microsoft provides distribution-specific installation guides and notes on supported environments within the preview announcement.
Continue in the Infrastructure pillar
Return to the hub for curated research and deep-dive guides.
Latest guides
-
Edge Resilience Infrastructure Guide — Zeph Tech
Engineer resilient edge estates using ETSI MEC standards, DOE grid assessments, and GSMA availability benchmarks documented by Zeph Tech.
-
Infrastructure Resilience Guide — Zeph Tech
Coordinate capacity planning, supply chain, and reliability operations using DOE grid programmes, Uptime Institute benchmarks, and NERC reliability mandates covered by Zeph Tech.
-
Infrastructure Sustainability Reporting Guide — Zeph Tech
Produce audit-ready infrastructure sustainability disclosures aligned with CSRD, IFRS S2, and sector-specific benchmarks curated by Zeph Tech.