Windows Defender Advanced Threat Protection (ATP) customers can protect their non-Windows devices while keeping a centralized “single pane of glass” experience. Microsoft Defender ATP provides a unified security solution for the Mac, providing two key components for cross-platform support for Microsoft Defender ATP on Mac:

  • A new user interface on Mac clients called Microsoft Defender ATP. The user interface brings a similar experience to what customers have today on Windows 10 devices.
  • Reporting for Mac devices on the Microsoft Defender ATP portal.

Users can also configure advanced settings, for example:

  • Disabling or enabling real-time protection, cloud-delivered protection, and automatic sample submission
  • Adding exclusions for files and paths
  • Managing notifications when threats are found
  • Manually checking for security intelligence updates 

Some of these options can be disabled by an administrator using Microsoft Intune or other Mac management consoles to prevent end users from making changes.

Machines with alerts and detections will be surfaced in the Microsoft Defender ATP portal, including rich context and alert process trees. Security analysts and admins can review these alerts just as they can do today – except they’ll also see detections on Mac devices.

Configuration, including deployment, can be managed with Microsoft Intune – coming soon. A number of settings can also be configured via alternative Mac and MDM management tools such, as JAMF, available now.