After releasing Microsoft Defender Advanced Threat Protection for MacOS few months ago, Microsoft is expanding the support of Defender ATP to Linux platform.

If you are using one of the common Linux server distribution (RHEL 7+, CentOS Linux 7+, Ubuntu 16 LTS, or higher LTS, SLES 12+, Debian 9+ or Oracle EL 7) you will be able to onboard them onto Defender ATP to have a single advanced protection solution for your workloads, leveraging the advanced security capabilities provided by Defender ATP.

Defender ATP can be deployed on Linux using either Puppet, Ansible or your existing Linux configuration management tool.

To onboard Linux on Defender ATP, you will first need to turn on the preview feature from the Microsoft Defender Security Center (https://securitycenter.windows.com/) using the Settings\Advanced Features\Preview Features

Then you can read and follow the documentation available at http://aka.ms/mdatplinuxonboarding