Extending Windows Defender ATP
to macOS and Linux Systems
As a member of the Microsoft Intelligent Security Association partner program, Ziften has collaborated with Microsoft and integrated our Zenith security platform with Microsoft Windows Defender Advanced Threat Protection (ATP). The integration enables customers to detect, view, investigate, and respond to advanced cyber-attacks on Windows, as well as macOS, and Linux-based endpoints directly within the Microsoft Windows Defender ATP Management Console.
Extend Windows Defender ATP to macOS and Linux Systems
Even the best endpoint defenses, including those for desktops, laptops, servers, and VMs can be breached, as attacks become more sophisticated and targeted. Ziften’s Zenith works with Microsoft’s Windows Defender ATP delivering a cloud-based, "single pane of glass" to detect, view, investigate, and respond to advanced cyber-attacks and breaches on Windows, macOS, and Linux-based endpoints.
Detecting Attacks and
Zero Day Exploits
Microsoft Windows Defender ATP and Ziften Zenith are powered by the Azure cloud, and when deployed together deliver behavioral and machine learning security analytics to detect attacks that make it past other defenses across any asset, anywhere - client devices, servers, and cloud VMs – whether on-network or remote; connected or not.
Visually Investigate Forensic
Evidence Across All Endpoints
With the integrated security solution, security teams can visually investigate forensic evidence across all endpoints to easily uncover the scope of any breach. Teams can also proactively explore 6 months of rich machine timeline that unifies security events from Windows, macOS, and Linux systems, including client devices, servers, and cloud VMs.
Quickly Respond to
Contain the Attack
With investigations complete, organizations can immediately take actions directly from the Microsoft Windows Defender ATP console to quickly contain the attack and prevent reoccurrence of the issue. Beginning with quarantining the entire set of infected systems, organizations can remotely execute all of the remediation activities commonly used by incident responders.
Ziften and Microsoft Integrated Threat Detection and Response
Ziften and Microsoft Windows Defender ATP Integration Report
Microsoft and Ziften – Fighting Attacks and Zero Day Exploits
Software Company Improves Endpoint Protection and Real-Time Visibility