MacOS Mojave: 16 Security Solutions for Consumer and Corporate Users Put to the Test
Consumers and companies want more security under MacOS. AV-TEST tested 16 suitable security packages in the laboratory and identified strong security partners.
Anyone who thinks that Mac users are not worthwhile targets for Trojans, ransomware etc. is mistaken. More and more attackers are appearing out in the field and are being collected, registered and catalogued by AV-TEST. There are a good number of security solutions on the market to enhance cyber security on Mac devices. In June 2019, the AV-TEST lab tested many of these packages under the new MacOS Mojave: 10 of them are designed for home users and 6 for corporate computing use.
16 products put to the test in the lab
The products were tested in several phases: in terms of their protection, performance and usability. The consumer products from Avast, AVG, Avira, Bitdefender, F-Secure, Intego, Kaspersky, Symantec, Trend Micro and VIPRE Security were included on the test roster. Moreover, the corporate solutions tested included Bitdefender, Crowdstrike, Ensilo, ESET, F-Secure and Sophos.
The highest score achievable in the test is 18 points. Among the products for home users, this top score was achieved by a total of 4 packages. They are from Bitdefender, Symantec, Trend Micro and VIPRE Security. All other products came in at excellent 17.5 and 17 points!Among the corporate solutions, the package from Sophos garnered the top score of 18 points. Following close behind at 17.5 points are the packages from Bitdefender, ESET and F-Secure. Crowdstrike achieved 17 points, whereas Ensilo received only 15.5 points.
Focus on protection
The main task of the security packages is, of course, to detect and fend off all possible cyber threats. In the test, the laboratory used a set containing over 550 current and particularly dangerous malware samples. Nearly all the consumer products detected 100 percent of the attackers in the test. Only the packages from Avira and F-Secure exhibited individual detection errors. The result: 99.8 and 99.5 percent respectively.
The 6 corporate solutions tested filtered all the malware samples without any error: 100% detection.
Special test with Windows malware samples and PUAs
Many Macs are directly connected to Windows PCs, e.g. via networks. Clever attackers try to exploit this fact and deliver Windows malware samples to Macs. While this malware cannot harm the Macs, it does exploit them as a distribution hub for attacking the Windows PCs. That is why in an unrated test, the lab evaluates whether the security software also detects these attackers. Nearly all packages for home users filtered out the 1,200 Windows attackers used in the test at a rate between 90 and 99 percent. As Intego is strictly a Mac-world product, it does not recognize any Windows malware samples. For corporate products, Crowdstrike and Ensilo were the only solutions that drew a blank most of the time. All other enterprise solutions detected over 99 percent of the Windows malware.
In addition, an evaluation was conducted as to whether the packages were able to detect "potentially unwanted applications" – PUAs for short. This test was not rated either. Although these applications are not a threat, they are a pain to users, slowing down the Mac, exhibiting odd behavior, displaying lots of advertising or having strange privacy policies. Some manufacturers see no direct threat in PUAs, which is why they do not classify them as malware samples. Nearly all consumer packages in the test filtered out 90 to 99 percent of the 900 PUAs in the test. Only Avira exhibited some weaknesses here.
Among the corporate solutions, Crowdstrike and Ensilo were unable to sort out many PUAs. All other packages removed 90 to 99 percent of the set containing PUAs.
Hardly any load on the system
For the speed test, in the performance category, each security solution was installed on a Mac, and then a set routine of operations was performed. The time required in the test was clocked, recorded and compared with the data of a previously tested reference system without a security solution. Among the operations were everyday tasks, such as copying data, downloading, installing and launching programs. Using the test data, the laboratory calculated the system load of the individual products.
The packages for home users caused such a low system load, they earned a score of 5.5 or even the top score of 6 points. Only Avira slowed down the system slightly more – earning only 5 points.
The scenario for business users was different. The solutions from F-Secure and Sophos receive 6 points and Bitdefender and ESET a strong 5.5 points. Crowdstrike uses too many system resources and thus earned only 5 points. Ensilo even scored a mere 4 points.
False alarms are annoying and often expensive for companies
The last test section, usability, checks for false positives. In the process, the laboratory has each security solution scan over 450,000 clean programs. In addition, 60 popular programs are installed. Ideally, no alarm should sound throughout the entire test. In the case of consumer products, this was the case in the test for a large number of products. Only F-Secure and Intego committed minor errors and just missed attaining a perfect rating of 6 points: 5.5 points.
The scenario is quite similar for corporate solutions: Bitdefender, ESET, Crowdstrike and Sophos deliver an absolutely glitchless performance, thus earning 6 points. This can save costs, as it means that an administrator will not have to deal with false alarms. The endpoint packages from F-Secure and Ensilo commit tiny errors and have some points taken off as a result: 5.5 points.
Conclusion: Mac users are increasingly the focus of malware threats
While it may be true that latest growth statistics of malware for MacOS cannot compare to those for Windows, the Mac user population is smaller as well. If we examine the numbers from 2014 to 2016, the level remains steady at just over 6,000 registered malware samples. By 2017, however, the rate had already risen to over 27,000 – more than a fourfold increase. By the end of 2018, just over 90,000 copies had already been tallied! The experts at AV-TEST anticipate that the 100,000 mark will be exceeded by the end of the year in terms of Mac malware samples.
In light of this mounting risk, home users and business users ought to implement good security solutions. The latest test is evidence that most products do a good job.
In the case of packages for consumers, 4 packages reached the highest score of 18. They are from Bitdefender, Symantec, Trend Micro and VIPRE Security. An extremely pleasant surprise: All other products came in at excellent 17.5 and 17 points!
In endpoint solutions for corporate users, only Sophos achieved the top score of 18 points. As an alternative, following close behind at 17.5 points, however, are the solutions from Bitdefender, ESET and F-Secure. Crowdstrike scored a good 17 points, but the solution slowed the test Mac down a bit. With respect to Ensilo, the system load was clearly too high and resulted in a deduction of points: a total of only 15.5 points.
One big takeaway from the results for all products: They have all received the full 6 points in the crucial test area of protection!