Test: 14 Security Packages for MacOS Ventura
Of course, the number of MacOS systems used is not as high as other systems, for example Windows. Nonetheless, the attackers could not care less if the computer being attacked, extorted or enslaved in a botnet has a Mac or Windows system. A Mac user, however, should indeed care about the risks posed to their system and all their data. To identify the best possible protection for MacOS systems with Ventura, the AV-TEST laboratory tested a total of 14 protection solutions for Mac – nine for consumer users and five for corporate users.
A total of up to 18 points was available for each of the products examined in the test – six points each in the test categories of protection, performance and usability. While nearly all the solutions for corporate users achieved nothing but top scores, the products for consumer users revealed a number of minor weaknesses.
14 products tested under MacOS Ventura 13.4
In its latest test in June, the laboratory examined nine consumer user products from the following vendors: Avast, AVG, Avira, Bitdefender, F-Secure, Intego, Kaspersky, Norton and Trend Micro.
The five Mac solutions for companies stemmed from Acronis, Bitdefender, CrowdStrike, Sophos and Trellix.
All the security products were tested in the categories of protection, performance and usability. When testing protection, the lab uses nearly 500 MacOS malware samples, some of which were only found online a few days before the test: so-called zero-day malware. MacOS malware that is already known is also used in the test to check whether the security products are also able to detect and defend against malware samples that have already been registered.
Security packages for MacOS Ventura put to the test
A malware detection test on MacOS security packages
Often perfect defense against all malware
In the tests on products for consumer users, the following solutions achieved a detection rate of 100% for all digital malware samples: Avast Security, AVG AntiVirus, Bitdefender Antivirus for Mac, Kaspersky Plus and Trend Micro Antivirus. For this, they received the maximum of 6 points.
The other packages received only 5.5 or 5 points. The Norton 360 solution made minor errors, with a detection rate of 99.4 percent. Avira Security and Intego VirusBarrier both achieved 99.2 percent. F-Secure Safe failed to detect several attackers, with an overall detection rate of 99.0 percent
The five solutions for corporate users did a somewhat better job. Both Acronis Cyber Protect and Bitdefender Endpoint Security achieved completely error-free detection. CrowdStrike Falcon Sensor had a detection rate of 99.6 percent, which is also very good. All of these products received the full 6 points.
Sophos Endpoint and Trellix Endpoint Security each had a detection rate of 99.4 percent and were therefore slightly penalized with their total of 5.5 points each.
Increased system load is not an option
Regardless of whether consumers use their Mac at home or in a company, their installed protection software should not interrupt their work or make it agonizingly slow. This is why when using the test products, the laboratory carries out a number of typical everyday tasks on the Mac computer, for example copying files, downloads or installations. To gain a comparison, all of the tasks were completed on a Mac without a security product before the test, and the times required were noted down.
7 of the 9 products for consumer users tested performed outstandingly and did not attract any negative attention. They were therefore awarded the full 6 points in the category of performance. F-Secure Safe had a slightly negative impact and thus received 5.5 points. Intego VirusBarrier slowed down the system slightly too much, so was only awarded 5 out of 6 points.
The five solutions for corporate users gave no cause for complaint and all received the full total of 6 points for their final result.
Is it really malware or not?
Many users have unfortunately encountered the problem of a message window from their security solution suddenly popping up on their screen, letting them know that it has blocked a file or program identified as an attacker. But what if this is a false alarm, and the file is actually completely harmless? Such an experience often causes users to doubt their trust in their protection software. Against this background, the laboratory also conducts tests in the category of usability. Here, it checks when the system watchdogs can really perfectly tell the difference between good and evil.
When testing for false positives, the laboratory uses more than 90,000 harmless files, which it copies onto a system. The experts also install dozens of programs and tools, and run them on the system. Given that these are all harmless procedures, the security packages should be able to recognize them as such – and that is precisely what they all did!
None of the 14 products examined made any mistakes in this test category. As a result, all the products received the full 6 points.
Bitdefender Antivirus for Mac
CrowdStrike Falcon Sensor
Acronis Cyber Protect
Bitdefender Endpoint Security for Mac
An additional test with no points awarded: Windows and PUA
Be it at home or in the office, many Macs work together with Windows systems via a network. Although Windows malware cannot harm a Mac, it can infect a Windows PC via the network connection. That is why the lab additionally tests whether the Mac protection software also detects and eliminates more than 3,200 Windows malware samples – but without awarding any points.
Most of the Mac security packages for consumer users and corporate users achieved a detection rate of more than 95 and up to 99 percent for Windows malware. Only the consumer user package from F-Secure scored less. The corporate solution from CrowdStrike has not implemented Windows malware detection in its Mac version.
In a second additional test, also without any points, the laboratory tests whether the security products can also detect potentially unwanted applications, known as PUA for short. These programs are not dangerous, but extremely annoying.
All the protection solutions examined, for both consumer users and corporate users, detected the more than 1,700 PUA used in the test – mostly with a rate above 99 percent. Only F-Secure is less strict when encountering such programs, while CrowdStrike does not recognize this type of software.
Good protection under MacOS Ventura
The current test makes it very easy to find a good security product for home users or corporate users. 7 of the 9 security packages for consumer users achieved 17.5 or even the maximum total of 18 points. Only two products achieved scores slightly lower than this, but nonetheless secured a very good result.
When it comes to the corporate solutions, Acronis, Bitdefender and CrowdStrike were all awarded the full total of 18 points. The other products tested, from Sophos and Trellix, followed close behind with 17.5 points.