🔥FOLLOW UP: Manage security settings for Windows, macOS, and Linux natively in Defender for Endpoint🔥
We are excited to announce the public preview of a unified security settings management experience that offers a consistent, sole source of truth for managing endpoint security settings across Windows, macOS, and Linux.
These features are now built into the Microsoft 365 Defender portal, and therefore easily accessible for security teams, but built on the powerful capabilities of Microsoft Intune.
Starting today, customers will benefit from a host of new capabilities:
Native security settings management capabilities in Defender for Endpoint that support Windows, macOS, and Linux.
Existing endpoint security policies are automatically ingested in the Microsoft 365 Defender portal.
Create and edit AV policies directly from the Microsoft 365 Defender portal.
Policies are automatically synchronised with Microsoft Intune to ensure coordination between IT and Security teams for organizations who use Intune as a full management suite.
A new list on the device page, which shows all security policies and their settings
Simplified device onboarding: Removal of Azure Active Directory hybrid join as a management prerequisite.
Cross-platform support
Security administrators can now use the security settings management capabilities in Defender for Endpoint to manage their security configuration settings across Windows, macOS and Linux devices without the need for separate management tools, or updates to IT resources.
Managing security policies in the Microsoft 365 Defender portal
Up until today, security administrators were required to use additional tools to manage their endpoint security settings, which can slow down response. The new integration of Microsoft Intune’s endpoint security experience into the Microsoft Defender for Endpoint bridges this gap to help organizations better protect themselves by operating from a single portal.
While Microsoft Intune is not a requirement, the seamless sync offers additional benefits for organizations using both products. All data is shared, always in sync and therefore ensures that IT and security teams share sole source of truth for both IT administrators using Microsoft Intune and Security administrators – thanks to this integration, both administrators will see the same data between their portals, preventing confusion, misconfigurations, and potential security gaps.
Simplified device onboarding
For organizations that wanted to use security settings management capabilities in the past, Defender for Endpoint required all devices to fully register with Azure AD. This required fixing of pre-existing misconfigurations that prevented devices from successfully joining their identity inventory. Starting today, devices no longer need to be joined to the organizations Azure AD and can instantly be managed with Defender for Endpoint. This significantly simplifies the onboarding process and security settings can be deployed to all in-scope devices immediately.
Want to learn more? 💡
Tech community: Manage your security settings across Windows, macOS, and Linux natively in Defender for Endpoint (microsoft.com)
Previous article: 🔥MDE UPDATE: Manage endpoint security policies in Microsoft Defender for Endpoint🔥 (substack.com)