Understood. Let me know what you hear back. I'm wondering if process can be set up similar to how you can download and unpackage updates on Windows to apply for linux. Then we could use the process in the below article to set up a proxy to distribute the updates.
Defender ATP for Linux Intelligence Updates
Borgna, Andrew
1
Reputation point
Do MS Defender for Linux agents require external access for intelligence updates? Or can a share repository be set up similar to the instruction below for Windows that would allow us to have a centralized VM for pulling down and distributing updates to the Linux agents?