Microsoft Defender ATP – Support for Linux is coming

After releasing Microsoft Defender Advanced Threat Protection for MacOS few months ago, Microsoft is expanding the support of Defender ATP to Linux platform.

If you are using one of the common Linux server distribution (RHEL 7+, CentOS Linux 7+, Ubuntu 16 LTS, or higher LTS, SLES 12+, Debian 9+ or Oracle EL 7) you will be able to onboard them onto Defender ATP to have a single advanced protection solution for your workloads, leveraging the advanced security capabilities provided by Defender ATP.

Defender ATP can be deployed on Linux using either Puppet, Ansible or your existing Linux configuration management tool.

To onboard Linux on Defender ATP, you will first need to turn on the preview feature from the Microsoft Defender Security Center ( using the Settings\Advanced Features\Preview Features

Then you can read and follow the documentation available at

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies