Not even Macs are completely secure. In-depth tests of 10 macOS security suites reveal which provide the best protection.
macOS includes various mechanisms to block malware, but that doesn't mean it is 100 percent protected. For example, we have seen malware distributed with a valid Apple certificate. An additional defensive layer in the form of security software may save your Mac from falling foul of malware.
To help you pick from the available products, we're providing detailed results from the latest independent tests of 10 macOS security suites by AV-Test.org.
How the macOS anti-malware tools performed
The macOS security suites tested included:
- Bitdefender Antivirus for Mac 5.2 ($49.99)
- Canimaan Software ClamXav Sentry 2.12 ($40.45)
- ESET Endpoint Security 6.4 ($49.95)
- Intego Mac Internet Security X9 10.9 ($US39.99)
- Kaspersky Lab Internet Security for Mac 16 ($39.95)
- MacKeeper 3.14 ($95.40)
- ProtectWorks AntiVirus 2.0 ($42.99)
- Sophos Central Endpoint 9.6 (POA)
- Symantec Norton Security 7.3 ($84.99)
- Trend Micro Antivirus 7.0 ($49.95 for two Macs)
AV-Test macOS test results
|Detection rate of MacOS X malware||Detection rate of MacOS X potentially unwanted applications||Detection rate of Windows malware||False positives on demand/ during installation|
|Bitdefender Antivirus for Mac||100%||> 99%||> 99%||0/0|
|Canimaan Software ClamXav Sentry||98.4%||> 90%||> 20%||0/0|
|ESET Endpoint Security||98.4%||> 99%||> 99%||0/0|
|Intego Mac Internet Security X9||100%||> 99%||> 0%||0/0|
|Kaspersky Lab Internet Security for Mac||100%||> 95%||> 99%||0/0|
|MacKeeper||85.9%||> 90%||> 90%||0/0|
|ProtectWorks AntiVirus||94.6%||> 85%||> 20%||0/0|
|Sophos Central Endpoint||98.4%||> 95%||> 99%||0/0|
|Symantec Norton Security||100%||> 99%||> 70%||0/0|
|Trend Micro Antivirus||99.5%||> 95%||> 99%||0/0|
Next: Test results explained and final verdict
The test results explained
The primary reason you install security software is to detect malware, so high detection rates are very important.
Four packages delivered 100 percent detection of Mac malware in the tests: Bitdefender Antivirus, Intego Mac Internet Security X9, Kaspersky Lab Internet Security for Mac 16, and Symantec's Norton Security 7.3.
They, along with Bitdefender and Eset, also detected more than 99 percent of Mac PUAs (potentially unwanted applications). Different vendors have different definitions, but a PUA is typically an application that comes bundled with another that you really did mean to install, and that delivers advertising, pushes you towards a different search engine, or opens security holes (by installing a keylogger or leaking other information, for example).
None of the products gave any false positive results, which is a good thing – you don't want to be unnecessarily alarmed or interrupted while you work.
You might also be concerned about Windows malware, whether that is because you run that operating system on your Mac either under virtualisation (Parallels Desktop, VirtualBox, VMware Fusion) or by dual-booting (Boot Camp), or because you want to avoid sending an infected file to someone else.
As you might expect, the products from vendors that support multiple platforms fared relatively well in AV-Test's testing. Bitdefender, Eset, Kaspersky, Sophos and Trend Micro all detected at least 99 percent of the nearly 5400 samples of Windows malware. Surprisingly, Norton only detected more than 70 percent. ClamXav Sentry and Intego are both highly Mac-focussed, and only managed to score more than 0 and more than 20 percent respectively.
One of the reasons we sometimes hear for not using security software on a Mac is its impact on performance. There may have been a time when that was true, but most of the products tested had little or no effect on performance.
AV-Test measured this aspect of the products by copying more than 27GB of files and downloading a set of test files.
With ClamXav Sentry and MacKeeper, these tasks took the same amount of time as they did on a Mac with no additional security software. With Kaspersky and Norton, the four-minute job took just one second longer (0.4 percent). Sophos and Trend Micro added a mere five seconds (2 percent). The worst performer – Intego – slowed the task by 40 seconds or 17 percent.
Overall, the top-rated products were Kaspersky Lab Internet Security for Mac 16 and Symantec's Norton Security 7.3. Both achieved 100 percent detection with virtually no impact on performance.
However, as its name suggests, AV-Test focuses on the detection of malware. But there are some other capabilities that you might want to look for in a security suite.
These include the detection of phishing attempts, blocking access to 'known bad' web pages, password management, file-level encryption (macOS can encrypt your entire disk).