Strong Protection for MacOS Sierra: 12 Packages Put to the Test
Even if there are far fewer malware samples out there for MacOS Sierra than for windows, this does not make them any less dangerous. Too often, the danger of a successful malware attack is played down and described as improbable. But when it does happen, it wreaks total havoc. One of the improbable cases involving hundreds of thousands of hijacked Macs was in fact called Flashback. There continue to be malware programs with a valid Apple certificate, in which case they are not stopped by the protection integrated in MacOS Sierra.
12 products put to the test
Instead of shutting down the internal protection mechanism of MacOS Sierra, all the tested security packages enhance it. At first, this may sound like a higher overhead and system load. That is why in the current test, the laboratory examined not only the protection function of the programs but also their system load. The following products are in the test:
- Avast Mac Security 2015 11.18 - freeware
- AVG AntiVirus 2015.0 - freeware
- Bitdefender Antivirus for Mac 184.108.40.206
- ESET Endpoint Security 220.127.116.11
- F-Secure SAFE 16.4
- Intego Mac Internet Security X9 10.9.4
- Kaspersky Internet Security 18.104.22.168c
- Panda Antivirus 10.7.12
- Sentinel SentinelOne 1.8.2
- Sophos Home for Mac 1.2.1 - freeware
- Symantec Norton Security 7.2
- Webroot SecureAnywhere 22.214.171.124
A total of 3 out of 12 applications are available as freeware, at least for private users. They are designated accordingly.
4 products provide top security performance
In the detection test, four products were able to detect and remove all malware samples 100 percent: AVG AntiVirus, Bitdefender Antivirus, SentinelOne and Sophos Home. Most of the other products offered good, but not flawless, detection. F-Secure SAFE only detected just over 60 % of the malware threats, Webroot SecureAnywhere attained a mere 22.6 %. While the test set only consisted of 31 malware threats, they were in fact brand new from September and October 2016. After all, the objective was to determine whether the systems also protect reliably against new malware samples and not whether they recognize the old ones.
Additionally, the laboratory examined whether the solutions were also able to detect Windows malware. While MacOS Sierra may be impervious to executed or unzipped Trojans and other security threats, they could still continue to attack Windows devices in heterogeneous networks. This enhanced test, however, was not rated, and therefore does not reappear in the ratings charts. Although it is not their primary task, the applications delivered strong detection performance: Bitdefender identified and removed even 100 percent of the more than 7,000 Windows malware samples. The additional packages from Avast, ESET, Sentinel, Kaspersky Lab and AVG had high detection rates of 99.5 to 99.9 % of Windows malware.
Partly only 1 percent additional system load
All the products had to pass the test examining their system load. To do so, the testers copied a data set on a reference system with a total size of 27.3 GB. In addition, many downloads were also performed. The total time of 241 seconds required for this served as a reference value for all the products.
The solution from Sentinel required only 242 seconds for this test – thus, merely one second more than the reference system. The security packages from Symantec, ESET and Kaspersky Lab also came in only 2 to 3 seconds above the reference value. 3 seconds only represent an additional system load of just over 1.2 %.
In this test, the packages from Bitdefender, AVG, Sophos and Webroot came in at 9 to 16 seconds above the reference value; F-Secure, Panda and Intego even up to 64 seconds. Finishing last, Avast required an unacceptable 287 seconds more than the reference system. The high result, however, only occurred due to the delay in the download test. The manufacturer responded to this, noting that they rely heavily on browser protection. That is also commendable, in order to block phishing sites or to fend off exploits. Only for downloads, this simply takes too long.
No false positives through false detection
As an additional test category, the lab installed and launched known, clean applications under all the security solutions. None of the products committed an error in this test – delivering perfect performance.
As an additional non-rated test, the laboratory at AV-TEST examined the behavior of the products in case of unwanted software. So-called PUA (potentially unwanted applications) are pesky programs that do not cause any damage and are therefore not classified as malware. In terms of assessing PUA, however, there are differences of opinion between the test laboratory and security software manufacturers. From the perspective of testers, annoying software that executes unwanted operations is also malware. Manufacturers often take a different viewpoint.
For this additional test, over 4000 PUAs were installed on the test systems. The application from Kaspersky Lab did the best job in the PUA test, and all the other products also performed strongly. Only one product has apparently still completely tuned out the topic of PUAs.
Good additional protection for MacOS Sierra
If security performance is the main focus, then the security packages from AVG, Bitdefender, Sentinel and Sophos performed the most reliably in the test. If we consider the system load required for this, however, then the product from Sentinel is the best recommendation. It places hardly any measurable system load on MacOS Sierra for daily routines. The other packages required additional system resources from 3 to 5 % for their detection performance. Which is still an acceptable loss in performance.
The packages from AVG and Sophos can be used as freeware by private users. While both slow down an MacOS Sierra system somewhat more than the paid software products, the difference is still well within the goalposts.