Onboard non-Windows devices

Applies to:


  • macOS
  • Linux

Want to experience Defender for Endpoint? Sign up for a free trial.

Defender for Endpoint provides a centralized security operations experience for Windows and non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Microsoft 365 Defender and better protect your organization's network.

You'll need to know the exact Linux distros and macOS versions that are compatible with Defender for Endpoint for the integration to work. For more information, see:

Onboarding non-Windows devices

You can choose to onboard non-Windows devices through Microsoft Defender for Endpoint or through a third-party solution.


Repackaging the Defender for Endpoint installation package is not a supported scenario. Doing so can negatively impact the integrity of the product and lead to adverse results, including but not limited to triggering tampering alerts and updates failing to apply.

You'll need to take the following steps:

  1. Select your preferred method of onboarding:

    • To onboard macOS devices using Microsoft Defender for Endpoint, see Microsoft Defender for Endpoint on Mac.
    • To onboard Linux devices using Microsoft Defender for Endpoint, see Microsoft Defender for Endpoint on Linux.
    • To onboard non-windows devices using third party solution:
      1. In the navigation pane, select Partners and APIs > Connected Applications. Make sure the third-party solution is listed.
      2. In the Connected Applications page, select the partner that supports your non-Windows devices.
      3. Select View to open the partner's page. Follow the instructions provided on the page.
      4. After creating an account or subscribing to the partner solution, you should get to a stage where a tenant Global Admin in your organization is asked to accept a permission request from the partner application. Read the permission request carefully to make sure that it's aligned with the service that you require.
  2. Run a detection test by following the instructions of the third-party solution.

Offboard non-Windows devices

For macOS and Linux devices, you can choose to offboard through Microsoft Defender for Endpoint. In the navigation pane, select Settings > Offboard > Select Operating System to start the offboarding Process.

You can also offboard non-Windows devices by disabling the third-party integration. Enable coverage for devices running non-Windows platforms by integrating third-party solutions.


Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.