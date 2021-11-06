Times have changed and as strange as it may seem today Microsoft and Linux they are allies, friends we might say. Inevitable, moreover, considering that today the virtual machines with Linux on board are the most used on Azure, the cloud of the Redmond company. Microsoft has announced that it plans to further extend the protection of these environments, enhancing the EDR (Endpoint Detection and Response) solution for Linux machines.

Linux EDR live response is accessible in the form of Live Preview and now supports new distributions, including Amazon Linux 2 and Fedora 33, RHEL6.7 +, CentOS 6.7+. However, support for Debian distributions will come soon.



The solution has also been extended to detect new types of threats, including ransomware, and introduces in-memory process scanning and behavior monitoring. The ability to correlate events across multiple processes has also been extended, a feature that leverages cloud machine learning models. These innovations will allow the detection of ransomware, cryptomining and attackers trying to collect sensitive information.

Further information is available at this address.