August 09, 2023 | Text: Markus Selinger | Antivirus for macOS
  • Share:

Test: 14 Security Packages for MacOS Ventura

Only recently, a number of reports have claimed that MacOS is becoming a stronger focus among cybercriminals. New malware droppers have come to light, and it has been revealed that the APT group LockBit has acquired the attack code of the notorious ransomware groups BlackMatter and DarkSide to target MacOS systems. For more protection when using MacOS Ventura, AV-TEST has now tested nine security packages for consumer users and five solutions for company networks. While many of the products achieved impressive results, others had a few difficulties.

Protection software for MacOS Ventura Security software for consumer users and corporate users put to the test under MacOS Ventura
Protection software for MacOS Ventura

Security software for consumer users and corporate users put to the test under MacOS Ventura

zoom

Of course, the number of MacOS systems used is not as high as other systems, for example Windows. Nonetheless, the attackers could not care less if the computer being attacked, extorted or enslaved in a botnet has a Mac or Windows system. A Mac user, however, should indeed care about the risks posed to their system and all their data. To identify the best possible protection for MacOS systems with Ventura, the AV-TEST laboratory tested a total of 14 protection solutions for Mac – nine for consumer users and five for corporate users.

A total of up to 18 points was available for each of the products examined in the test – six points each in the test categories of protection, performance and usability. While nearly all the solutions for corporate users achieved nothing but top scores, the products for consumer users revealed a number of minor weaknesses.

14 products tested under MacOS Ventura 13.4

In its latest test in June, the laboratory examined nine consumer user products from the following vendors: Avast, AVG, Avira, Bitdefender, F-Secure, Intego, Kaspersky, Norton and Trend Micro.

The five Mac solutions for companies stemmed from Acronis, Bitdefender, CrowdStrike, Sophos and Trellix.

All the security products were tested in the categories of protection, performance and usability. When testing protection, the lab uses nearly 500 MacOS malware samples, some of which were only found online a few days before the test: so-called zero-day malware. MacOS malware that is already known is also used in the test to check whether the security products are also able to detect and defend against malware samples that have already been registered.

Security packages for MacOS Ventura put to the test

The test shows how well the security products provide protection for home users or corporate users under MacOS Ventura

zoom ico
A malware detection test on MacOS security packages

With only a few exceptions, the security packages for home users and corporate users achieved very successful malware detection rates when tested under MacOS

zoom ico

1

Security packages for MacOS Ventura put to the test

2

A malware detection test on MacOS security packages

Often perfect defense against all malware

In the tests on products for consumer users, the following solutions achieved a detection rate of 100% for all digital malware samples: Avast Security, AVG AntiVirus, Bitdefender Antivirus for Mac, Kaspersky Plus and Trend Micro Antivirus. For this, they received the maximum of 6 points.

The other packages received only 5.5 or 5 points. The Norton 360 solution made minor errors, with a detection rate of 99.4 percent. Avira Security and Intego VirusBarrier both achieved 99.2 percent. F-Secure Safe failed to detect several attackers, with an overall detection rate of 99.0 percent

The five solutions for corporate users did a somewhat better job. Both Acronis Cyber Protect and Bitdefender Endpoint Security achieved completely error-free detection. CrowdStrike Falcon Sensor had a detection rate of 99.6 percent, which is also very good. All of these products received the full 6 points.

Sophos Endpoint and Trellix Endpoint Security each had a detection rate of 99.4 percent and were therefore slightly penalized with their total of 5.5 points each.

Increased system load is not an option

Regardless of whether consumers use their Mac at home or in a company, their installed protection software should not interrupt their work or make it agonizingly slow. This is why when using the test products, the laboratory carries out a number of typical everyday tasks on the Mac computer, for example copying files, downloads or installations. To gain a comparison, all of the tasks were completed on a Mac without a security product before the test, and the times required were noted down.

7 of the 9 products for consumer users tested performed outstandingly and did not attract any negative attention. They were therefore awarded the full 6 points in the category of performance. F-Secure Safe had a slightly negative impact and thus received 5.5 points. Intego VirusBarrier slowed down the system slightly too much, so was only awarded 5 out of 6 points.

The five solutions for corporate users gave no cause for complaint and all received the full total of 6 points for their final result.

Is it really malware or not?

Many users have unfortunately encountered the problem of a message window from their security solution suddenly popping up on their screen, letting them know that it has blocked a file or program identified as an attacker. But what if this is a false alarm, and the file is actually completely harmless? Such an experience often causes users to doubt their trust in their protection software. Against this background, the laboratory also conducts tests in the category of usability. Here, it checks when the system watchdogs can really perfectly tell the difference between good and evil.

When testing for false positives, the laboratory uses more than 90,000 harmless files, which it copies onto a system. The experts also install dozens of programs and tools, and run them on the system. Given that these are all harmless procedures, the security packages should be able to recognize them as such – and that is precisely what they all did!

None of the 14 products examined made any mistakes in this test category. As a result, all the products received the full 6 points.

Kaspersky Plus

The security package from Kaspersky performed flawlessly throughout the test and was therefore awarded all 18 points

zoom ico
AVG AntiVirus

The security package for consumer users produced impressive results in all test categories and therefore achieved the top score of 6 points three times over

zoom ico
Bitdefender Antivirus for Mac

The security package for consumer users received the maximum total of 18 points for its error-free performance in the current test

zoom ico
CrowdStrike Falcon Sensor

The corporate solution from CrowdStrike achieved the full total of 6 points in all three test categories

zoom ico
Acronis Cyber Protect

At the end of the test, the corporate solution from Acronis had collected the maximum total of 18 points

zoom ico
Bitdefender Endpoint Security for Mac

For its top scores in the categories of protection, performance and usability, the Bitdefender solution was awarded the full 18 points

zoom ico

1

Kaspersky Plus

2

AVG AntiVirus

3

Bitdefender Antivirus for Mac

4

CrowdStrike Falcon Sensor

5

Acronis Cyber Protect

6

Bitdefender Endpoint Security for Mac

An additional test with no points awarded: Windows and PUA

Be it at home or in the office, many Macs work together with Windows systems via a network. Although Windows malware cannot harm a Mac, it can infect a Windows PC via the network connection. That is why the lab additionally tests whether the Mac protection software also detects and eliminates more than 3,200 Windows malware samples – but without awarding any points.

Most of the Mac security packages for consumer users and corporate users achieved a detection rate of more than 95 and up to 99 percent for Windows malware. Only the consumer user package from F-Secure scored less. The corporate solution from CrowdStrike has not implemented Windows malware detection in its Mac version.

In a second additional test, also without any points, the laboratory tests whether the security products can also detect potentially unwanted applications, known as PUA for short. These programs are not dangerous, but extremely annoying.

All the protection solutions examined, for both consumer users and corporate users, detected the more than 1,700 PUA used in the test – mostly with a rate above 99 percent. Only F-Secure is less strict when encountering such programs, while CrowdStrike does not recognize this type of software.

Good protection under MacOS Ventura

The current test makes it very easy to find a good security product for home users or corporate users. 7 of the 9 security packages for consumer users achieved 17.5 or even the maximum total of 18 points. Only two products achieved scores slightly lower than this, but nonetheless secured a very good result.

When it comes to the corporate solutions, Acronis, Bitdefender and CrowdStrike were all awarded the full total of 18 points. The other products tested, from Sophos and Trellix, followed close behind with 17.5 points.

Social Media

We want to stay in touch with you! Now there is an easy way to receive regular updates on the latest news and test releases.