What's new in Microsoft Defender for Endpoint on iOS

Applies to:

Want to experience Microsoft Defender for Endpoint? Sign up for a free trial.

User Enrollment

Microsoft Defender for Endpoint iOS can now be deployed on Intune User Enrolled devices. This new feature offers security and IT teams the flexibility to deploy Defender for Endpoint for iOS to user-enrolled devices so that work data and applications are protected, while end-user privacy is upheld on those devices. For more information, see User Enrollment setup.

Device Tagging

Mobile Device Tagging is now generally available. This feature enables bulk tagging the mobile devices by allowing the admins to set up tags via Intune. Admin can configure the device tags through Intune via configuration policies and push them to user's devices. Once the User installs and activates Defender, the client app passes the device tags to the Security Portal. The Device tags appear against the devices in the Device Inventory. For more information, read Configure Device Tagging.

Vulnerability assessment of apps

Vulnerability assessment of apps on Microsoft Defender for Endpoint for iOS is now generally available. Defender for Endpoint on iOS supports vulnerability assessments of apps only for enrolled (MDM) devices. For more information, see Configure vulnerability assessment of apps.

Network protection

Network Protection on Microsoft Defender for Endpoint is now generally available. Network protection provides protection against rogue Wi-Fi related threats, rogue hardware like pineapple devices and notifies the user if a related threat is detected. Users also see a guided experience to connect to secure networks and change networks when they're connected to an unsecure connection.

This feature is now enabled by default for all users. As a result, users will be able to see the Network Protection Card in the Defender for Endpoint iOS app along with App Protection and Web Protection. Users are also required to provide Local Network permission. This permission is needed to enhance the existing rogue wifi detection. Admins can change the default value for the Network Protection feature if they decide not to use it via the Intune App Configuration policies.

There are also several admin controls to offer flexibility, including privacy controls to configure the data that's sent by Defender for Endpoint from iOS devices. For more information, read Configure Network Protection.

Privacy Controls

Microsoft Defender for Endpoint on iOS enables Privacy Controls for both the Admins and the End Users. This includes the controls for enrolled (MDM) and unenrolled (MAM) devices. Admins can configure the privacy in the phish alert report while End Users can configure the information shared to their organization.

Optional Permissions and Disable Web Protection

Microsoft Defender for Endpoint on iOS enables Optional Permissions in the onboarding flow. Currently the permissions required by MDE are mandatory in the onboarding flow. With this feature, admin can deploy MDE on BYOD devices without enforcing the mandatory VPN Permission during onboarding. End Users can onboard the app without the mandatory permissions and can later review these permissions. This feature is currently present only for enrolled devices (MDM).

With Disable Web Protection, customers who don't want to set up a VPN can configure to disable Web Protection and deploy MDE without that feature. Other MDE features will continue to work. This configuration is available for both the enrolled (MDM) devices and unenrolled (MAM) devices.

Integration with Tunnel

Microsoft Defender for Endpoint on iOS can now integrate with Microsoft Tunnel, a VPN gateway solution to enable security and connectivity in a single app. Integration with Tunnel provides a simpler, secure VPN experience on iOS with just one app. This feature was earlier available only on Android. For more information, see the techcommunity post here

Improved experience on supervised iOS devices

Microsoft Defender for Endpoint on iOS now has specialized ability on supervised iOS/iPadOS devices, given the increased management capabilities provided by the platform on these types of devices. It can also provide Web Protection without setting up a local VPN on the device. This gives end-users a seamless experience while still being protected from phishing and other web-based attacks. For details, visit this documentation

Microsoft Defender for Endpoint is now Microsoft Defender in the App store

Microsoft Defender for Endpoint is now available as Microsoft Defender in the app store. With this update, the app is available as preview for Consumers in the US region. Based on how you log into the app with your work or personal account, you'll have access to features for Microsoft Defender for Endpoint or to features for Microsoft Defender for individuals. For more information, see this blog.

Vulnerability Management

On January 25, 2022, we announced the general availability of Vulnerability management on Android and iOS. For more information, see the techcommunity post here.

1.1.28250101

  • Integration with Tunnel - Microsoft Defender for Endpoint on iOS can now integrate with Microsoft Tunnel, a VPN gateway solution to enable security and connectivity in a single app. For more information, see Microsoft Tunnel Overview.
  • Zero-touch onboard for enrolled iOS devices enrolled through Microsoft Intune is generally available. For more information, see Zero touch onboarding of Microsoft Defender for Endpoint.
  • Bug fixes.

1.1.24210103

1.1.23250104

  • Performance optimizations - Test battery performance with this version and let us know your feedback.
  • Zero-touch onboard for enrolled iOS devices - With this version, the preview of Zero-touch onboard for devices enrolled through Microsoft Intune has been added. For more information, see this documentation for more details on setup and configuration.
  • Privacy Controls - Configure privacy controls for phish alert report. For more information, see Configure iOS features.

1.1.23010101

  • Bug fixes and performance improvements
    • Performance optimizations were made in this release. Test battery performance with this version and let us know your feedback.

1.1.20240103

  • Device Health card - Device Health card notifies end-users about any pending software updates.
  • Usability enhancements - End-users can now disable the Defender for Endpoint VPN from the Microsoft Defender app itself. Prior to this update, end-users had to disable VPN only from the Settings app.
  • Bug fixes.

1.1.20020101

  • UX Enhancements - Microsoft Defender for Endpoint has a new look.
  • Bug fixes.

1.1.17240101

1.1.15140101

1.1.15010101

  • With this version, we're announcing support for iPadOS/iPad devices.
  • Bug fixes.

Tip

Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.