Microsoft Defender for Endpoints Now Detects Jailbroken iOS Devices



Microsoft announced new and improved features for corporate security teams who use Microsoft Defender for Endpoints on Android and iOS and use Microsoft’s Threat and Vulnerability Management APIs.

Protection of mobile devices

If users are (currently integrated) with Microsoft Defender for Endpoints – a cloud-based enterprise endpoint security platform designed to help corporate networks prevent, detect, investigate, and respond to advanced threats. A new mobile app has been added that makes it easy to see if the Microsoft Tunnel VPN connection is working, if web protection is enabled, and if the app on your mobile device is potentially dangerous.

The onboarding process for iOS users has also been simplified.

However, the biggest new additions are iOS jailbreak detection and support for mobile app management (MAM) on devices that aren’t registered with Intune on Android and iOS.

From now on, Microsoft Defender for Endpoints on iOS will detect both unmanaged and managed jailbroken devices.

“Jailbreaking an iOS device improves the root access granted to users on the device. When this happens, users can easily load potentially malicious apps and the iPhone fixes a security vulnerability. You don’t get the important automatic iOS updates that you might have. These types of devices present additional risk and are more likely to harm your organization. ”OK Shravan Thota, Senior Program Manager at Microsoft.

When the solution detects a corrupted device, the security team sees a “high risk” alert in Microsoft 365 Defender, and if the conditional access settings are based on the device’s risk score, the device blocks access to company assets. Will be done.

Microsoft is also advising advocates to set additional compliance policies for Microsoft Intune, a cloud-based service for managing mobile devices and mobile applications, “as an additional layer of defense against jailbreak scenarios.”

Finally, Microsoft Defender for Endpoints now supports Mobile Application Management (MAM) on Android and iOS for devices that are not registered through Intune.

“This update also enables Microsoft Defender for Endpoints to protect organizational data in managed apps for users who don’t use MDM but use Intune to manage their mobile apps. While using Intune for mobile application management, we will extend support to customers who use other enterprise mobility management solutions such as AirWatch, MobileIron and MaaS360, ”added Thota.

Threat and Vulnerability Management

Microsoft Now Available A new API to manage Microsoft threats and vulnerabilities for businesses that deal with large data sets and device inventories on a daily basis.

New APIs will help improve them. Vulnerability Management Build programs by letting you create custom reports and dashboards, automate tasks, and integrate third-party tools.

You can use the API to detect device vulnerabilities, misconfigurations, missing security updates, end-of-life products, list of software installed on your device, etc.

Customized reports and dashboards help security teams focus on what matters most at a particular time / day, making it easy to communicate important information and information to management.



About Author

Leave A Reply