Microsoft has announced that it will add a selection of useful security features to its Defender for Endpoint on Linux offering. In addition to Antivirus (AV) and Endpoint Detection and Response (EDR) capabilities, which are generally available as of January 2021, Defender for Endpoint on Linux has acquired more Threat and Vulnerability Management (TVM) capabilities earlier this year. year in June 2021. “With the recent integration of Microsoft Defender for Endpoint on Linux into Azure Security Center, the benefits of our Linux EDR and TVM now extend to Azure Defender customers,” Microsoft noted. Azure Defender provides threat protection for workloads running on Microsoft's cloud computing platform, Azure, and other clouds. For starters, Linux EDR detection has been enhanced with live response capabilities and is now available to public preview customers. According to Microsoft, the live response capability allows administrators to investigate problems and take corrective action in real time. The feature also helps improve incident investigations by helping to collect forensic data, share suspicious entities for further analysis, and proactively search for potential threats. Additionally, based on customer feedback, Microsoft has expanded its list of supported Linux server distributions with the addition of Amazon Linux 2 and Fedora 33+, and several later variants of Red Hat Enterprise Linux (RHEL). It is also making Defender Antivirus Behavior Monitoring generally available on Linux and plans to use these behavior-based signals as additional execution signals for its cloud-based machine learning (ML) models. "With behavioral monitoring, Microsoft Defender for Endpoint protection on Linux is extended to generically intercept entirely new classes of threats, such as ransomware, sensitive data harvesting, crypto mining and more. Behavioral monitoring alerts behavior appear in Microsoft 365 Defender along with all other alerts and can be effectively investigated," Microsoft says, asking for user feedback. Help protect your computers with the best endpoint protection tools