Microsoft To Integrate 3rd-party Security Info Into Its Windows Defender Advanced Threat Protection Service (zdnet.com) 26
Microsoft is partnering with other security vendors to integrate their macOS, Linux, iOS, and Android security wares with its Windows Defender Advanced Threat Protection (ATP) service From a report: Microsoft has announced the first three such partners: Bitdefender, Lookoutm and Ziften. These companies will feed any threats detected into the single Windows Defender ATP console. With Defender ATP, every device has its own timeline with event history dating back up to six months. According to Microsoft, no additional infrastructure is needed to onboard events from macOS, Linux, iOS and/or Android devices. Integration with Bitdefender's GravityZone Cloud -- which allows users to get macOS and Linux threat intelligence on malware and suspicious files -- is in public preview as of today. A trial version is available now. Integration with Lookout's Mobile Endpoint Security for iOS and Android and Ziften's Zenith systems and security operations platform for macOS and Linux will be in public preview "soon," Microsoft's blog post says.
Upload your 'suspicious' documents for you (Score:2, Interesting)
Beware this.
Anything that could be construed as 'suspicious' by the software, or 'targetted' by any entity that wants more information from X is going to dump on people.
Basically, a nice plausible way to say this was 'accidental' but still get access to interesting files like corporate secrets, design files, etc, etc, on your PC.
Re: (Score:3)
This is a worry as well. If can be a vector for compromise, witting or unwitting.
Realistically, we don't need more AV BS. Instead, we need better application separation, snapshotting, ability to roll back, and defense in depth. For example, Excel shouldn't be touching Word documents unless the user explicitly specifies it, and an unknown third party web extension shouldn't be touching anything out of its temp directory.
We definitely don't need third parties and even OS vendors having the ability (and the
Re: (Score:1)
You spelled NSALinux wrong.
Re: (Score:2)
It is doable right now. SELinux and AppArmor can do this, Macs have the app sandbox, Windows has privilege and policy restrictions and (as of the last big update) has something along these lines. This just needs to be more prevalent. It is a step to add granularity to security, but it definitely will minimize damage a rogue program can do.
QubesOS comes to mind as an idea.
Re: (Score:2)
making it a very appealing target for malware to exploit ironicly.
Frosty cnosel (Score:2)
Screw that, I'd rather have an APK console!
Semi-related. (Score:2)
I miss the 'Borg' icon, dammit. Y'all need to bring that back.
Re: (Score:1)
Microsoft is a shadow of its former self. They don't deserve the icon anymore.
Sharing is caring (Score:2)
By cross referencing all the telemetry data on windows 10, + Cortana random sound sampling + uploading suspicious samples to central 3rd party forensic analysis labs Microsoft can keep you safe.
Thank you Microsoft for giving me YET ANOTHER REASON not to touch Windows 10. If I need to game I'll use 7, anything else is Linux.
Re: (Score:2)
From more secure to less secure platform (Score:1)
Re: (Score:2)
Stil whitelisting NSA Spyware (Score:1)
You're the best Micrisoft. THE BEST.
advanced? (Score:2)
I give up what about MS's thingy is advanced?