Microsoft Defender ATP detects jailbroken Apple devices

Microsoft has added support for detecting jailbroken iOS devices to its enterprise endpoint security platform product (Defender for Endpoint, formerly Microsoft Defender Advanced Threat Protection).

The ability to detect jailbroken devices is part of a series of new breach protection features that Microsoft has added to the platform for both iOS and Android devices.

In a blog post announcing the new features, Shravan Thota, Senior Program Manager at Microsoft, said the platform can now detect and flag both managed and non-managed jailbroken iOS devices. be managed.

'A jailbroken device will then be considered a high-risk device, and this risk is shared with the security group's admin and app protection policies so you can block it from accessing it. into the company's resources' - Thota shared.

This feature complements the anti-phishing protection that the platform has extended to iOS devices.

Microsoft Defender ATP detects jailbroken Apple devices Picture 1

Explaining the importance of this feature, Thota said that jailbroken iOS devices allow users to download apps from sources outside of the official App Store that can be harmful. Furthermore, jailbroken devices do not receive critical iOS updates, which leaves them vulnerable to security.

By flagging these jailbroken iOS devices, the enterprise endpoint security platform can help security teams restrict their access to the corporate network.

Thota explains, the previous platform relied on end users to provide VPN permissions to extend anti-phishing protection to the device. Conversely, network administrators will now be able to push the necessary VPN profiles to all registered devices, saving users the effort of manually defining VPN-related permissions.

Kareem Winters

Update 17 June 2021