How to install Microsoft Defender on MacOS

When you run the local script on Mac, it creates a trust with Microsoft Entra ID (if that trust doesn't already exist), enrolls the Mac in Microsoft Intune (if it isn't already enrolled), and then onboards the Mac to Defender for Business. It is recommended to only run onboarding for up to 10 devices at a time via this method.

1. Go to the Microsoft Defender portal (https://security.microsoft.com), and sign in.

2. In the navigation pane, choose Settings > Endpoints, and then under Device management, choose Onboarding.

3. Select macOS.

4. Under Connectivity type, select Streamlined.

5. In the Deployment method section, choose Local script, and then select Download onboarding package. Save the package to a removable drive. Also select Download installation package, and save it to your removable device.

6. On your Mac, save the installation package as wdav.pkg to a local directory.

7. Save the onboarding package as WindowsDefenderATPOnboardingPackage.zip to the same directory you used for the installation package.

8. Use Finder to navigate to wdav.pkg you saved, and then open it.

9. Select Continue, agree with the license terms, and then enter your password when prompted.

10. You're prompted to allow installation of a driver from Microsoft (either System Extension Blocked or Installation is on hold, or both). You must allow the driver installation. Select Open Security Preferences or Open System Preferences > Security & Privacy, and then select Allow.

11. Extract the zip file and manually run MicrosoftDefenderATPOnboardingMacOs.sh with Terminal. This will execute the script containing the license information.