Microsoft Defender for Endpoint now supports live response capabilities on macOS and Linux

Microsoft Defender for Endpoint now helps analysts identify and remediate threats in real-time.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know

Microsoft Defender for Endpoint now supports live response capabilities for macOS and Linux. The functionality is in public preview, and it allows analysts to perform in-depth investigations of issues and to take action in real-time. Defender for Endpoint is an enterprise tool for detecting and responding to threats and vulnerabilities. Microsoft announced preview support for live response capabilities in aTech Community post(viaBleeping Computer).

“With live response, you have the power to do in-depth investigative work and take immediate response actions to promptly contain identified threats – in real-time,” explains Microsoft.

The aim of live response is to enhance investigations by collecting data, running scripts, and sending suspicious entities for analysis. It also allows security experts to remediate threats and proactively hunt for emerging threats.

Microsoft also introduced new commands for the platforms, including enforcing network isolation, collecting an investigation package, and running an antivirus scan.

“Live response is designed to enhance investigations by enabling your security operations team to collect forensic data, run scripts, send suspicious entities for analysis, remediate threats, and proactively hunt for emerging threats,” explains Microsoft’s Israel Cohen-Pavon.

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He’s covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean’s journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_.