Test Modules under MacOS

Usabillity

The focus in the test of security programs is clearly on determining the effectiveness of protection. However, usability of security products plays a role that should not be underestimated. Because false alarms can disturb the work routine just as much as malware attacks can.

Stage 1: False detections of legitimate software as malware during a system scan

This part of the false alarm test detects the quantity of false detections of harmless files by security programs. In hundreds of test cases, the products are required to achieve a rate of false alarms as low as possible.

Files for the test originate from a constantly growing 15-year-old archive of known benign software. Files from gray areas (e.g. remote administration software, password recovery programs or commercial keyloggers) are removed from the test set in order to record only unambiguous false alarms.

The test set is generally subjected to an on-demand scan. For all programs without an on-demand scan function, the files are launched in sequence on the test system.

Stage 2 – False alarm test for standard software: false warnings concerning certain actions and blocking of these actions carried out while installing and using legitimate software

In this module, the testers determine the number of false alarms caused by the products when deploying the latest versions of widespread software. This includes running a selection of the "Top 100 for MacOS", i.e. the most widely-used programs on Apple computers, e.g. Apache Open Office, Firefox, GIMP, Google Chrome, iTunes, Java, Libre Office, Opera, Picasa, Safari and Virtualbox.

In addition to monitoring error-free downloads, the test also looks for smooth installation and problem-free use. Thus, among other things, the testers detect false warning messages, as well as queries from the security products, which require user interaction, disturbing the work routine. As a result of these tests, a complete report is assembled on the number and type of falsely issued warning messages and blocked programs.

Subscribe to the AV-TEST Newsletter

Well-informed
on security

More ›