Macs may be a far less tempting target for malware and viruses, but they’re not immune from attack. Even if you don’t care about adware or being used as a means to infect users on other platforms, it’s still possible to fall victim to ransomware, password theft, or stolen iPhone backups.
Endpoint Security Comparison: Sophos vs Trend Micro vs Symantec and Others. One of which runs Mac OS while others run Windows 7 and 10. Citrix Xenserver is used heavily for virtualization with a total number of 20 virtual servers. Trend Micro Smart Protection for Endpoints. Symantec Endpoint Protection. Vipre Endpoint. Sophos Home (for Mac) recently earned certification from AV-Test, with 100 percent protection against Mac malware. It also eliminated more than 99 percent of Windows malware, and more than 95. Jul 05, 2017 I'm running AVG. I just installed Sophos Home for Mac - doesn't seem to have a quarantine. I heard that Avast purchased AVG last year.
Accordingly, good antivirus software will protect your Mac on all of these fronts. It’ll catch malware that’s still spreading or in circulation; block ransomware; protect older systems with out-of-date software from security vulnerabilities; prevent your Mac from acting as a carrier for malware aimed at other operating systems; and keep infected files off of any virtual machines you’re running.
Antivirus for Mac cheat sheet
Our quick-hit recommendations:
- Best paid antivirus for Mac:Sophos Home Premium for Mac[sophos.com]
- Best free antivirus for Mac:Avast Free Mac Security[avast.com]
Many antivirus suites provide a decent level of protection, but a few rise above all others by providing the very best in performance. Our top contenders dominate by posting perfect (or virtually near perfect) scores from security research labs, passing our own malware detection tests with flying colors, offering well-designed interfaces, and even throwing in extra features like a firewall or password manager.
Updated 08/15/19: Added our review of Avira Free Antivirus, a worthy free option that’s easy to use and effective.
Looking for Windows antivirus recommendations? You can read about the best antivirus suites for PC on our sister site, PCWorld.
Best overall antivirus software
Sophos Home Premium has the most extensive and up-to-date approach to fighting malware at an unbeatable price.
Sophos Home Premium has it all: Effective malware protection, ransomware monitoring, protection against potentially-unwanted-apps, and additional features that often require separately licensed software. Its cloud-based configuration and generous licensing (up to 10 Macs and PCs) also make it easy to shield friends and family from threats, no matter where they live. (Full details available in our review.)
Best free antivirus software
Though Sophos does offer a good free version of its software, Avast Free Mac Security edges it out as the best free antivirus software for macOS. In security lab tests, Avast detected 99.9 percent of macOS malware, and 100 percent of Windows malware. However, if you want more advanced protection (like ransomware detection), you’ll need to upgrade to paid software.
What to look for in antivirus software
By our reckoning, antivirus software should be able to neutralize a threat before it can begin wreaking havoc. That means preventing the download, installation, or execution of malicious software.
Since you can encounter threats by visiting compromised or malicious websites, receiving virus-laden attachments, or accessing USB drives with malware, good AV software should scan on a continuous basis unless you configure it otherwise. And ideally, files identified as malicious should be quarantined into a special storage area managed by the AV software, with the option to automatically delete files known to be malware or repair normal documents that also carry devious payloads.
Great AV suites also will monitor the filesystem for certain kinds of changes. Ransomware—which is malware that will rapidly encrypt user files like documents and mailboxes and then delete the originals—has become a huge moneymaker on other platforms. As a prime opportunity for attackers, it’s the greatest danger Mac users likely face as a category.
Detecting this pattern and halting it before any files are unavailable should be possible without an anti-malware system knowing the specific innards of a ransomware virus. Sophos, our top pick, includes this feature in the Home Premium version of its 2018 update. Other vendors, like Avast and Trend Micro Antivirus, offer an alternative feature that allows you to whitelist programs allowed to manipulate files in specific directories. So if this particular type of attack becomes rapidly popular, you’ll be protected.
Good antivirus software should also use minimal computational resources. That’s especially the case these days—AV monitoring hasn’t become much more complicated than when it first became available, and faster, multi-core CPUs can easily handle the demands of running AV software in the background without disturbing your active work.
Sophos Antivirus For Mac Review
Beyond these primary features, an easy-to-navigate interface and extra features are worth factoring into your decision. Some AV software are full-fledged suites that offer additional options like backup service for essential files, a password manager, parental controls, anti-tracking and privacy modes or options, a more advanced firewall, and the blocking of Potentially Unwanted Applications (PUAs).
How we test
Each software package is evaluated creating a clean installation of macOS Mojave, cloning it for each AV product, and then booting separately into each one to install a different package. This was to ensure that previous app installations didn’t interfere with new ones—sometimes AV software treats other AV software as an infection.
In addition to visiting malicious websites, downloading known malicious software, and even running said malware, we also reference the most recent reports from two labs that regularly cover macOS malware: AV Comparatives and AV-TEST. These laboratories test AV software against sets of known malware as well as products that are grouped as potentially unwanted applications (like adware).
The latter doesn’t damage or expose your computer or its files but may consume power and CPU cycles. Because the testing effectively looks at a combination of virus databases and behavior, they remain good gauges even after many months. When an antivirus software package lacks a rating from a known security research lab, we do more extensive testing with real malware.
Finally, while we gave props for a lot of different features and behaviors, we marked products down if they lacked any or all of the following:
- A nearly perfect score on macOS malware detection
- Ransomware monitoring
- Native browser plug-in or system-level Web proxy
- A high score on Windows malware detection
Privacy concerns
Using an anti-virus product, especially any that includes tools to also improve your online privacy, may lull you into believing you’re safe from personal and private information leaking out. That’s not quite the case. While there’s no reason to panic, you should consider a few reasonable issues.
First, an antivirus product may upload the complete text of files flagged to the cloud, where it can be analyzed by separate tools hosted there. This practice is normal and sensible: Some malware can detect when a running process may examine it, and will then engage in subterfuge. Antivirus software makers also can access their massive databases to examine files with characteristics that trigger their algorithms—certain elements that match known malware. As a result, security researchers discover new viruses, worms, Trojans horses, and the like.
However, helping the greater good means you’ll have to be comfortable with trusting a third-party with your file contents. Where appropriate, we noted privacy policy issues in individual reviews.
Second, this software may also rely partly or entirely on cloud-based checks of URLs, malware, and the like. Accordingly, an AV package might upload every URL you visit, metadata about files, signatures of files, information about your computer’s hardware, a list of running or installed applications, and more. Companies vary on their disclosure of such policies, and may not let you opt out of this kind of sharing. We note issues in each review as available.
Third, anti-virus software makers also get a sense of what behavior is happening on your computer that’s being monitored or blocked, and may use that information for their own purposes. In some cases, you can opt out of this information gathering.
All of our antivirus for Mac reviews
If you have specific requirements or just wish to see other options, below is a list of all the antivirus software we’ve reviewed. We’ll keep evaluating new and refreshed software on a regular basis, so be sure to come back to see what else we’ve put through the ringer.
Since the testing of Mac antivirus (AV) applications began in April 2013, Sophos and Avast have been consistently taking up the number one and two places in a list of 35 applications. (NOTE: The AV field changes quick, check the latest test results PDF to see if the previous statement still applies) After updating the malware sample pool a few days ago and re-testing several applications I noticed that Avast overtook Sophos again, a battle for the best position that has been going on for a while now. I am asked which AV is the best and I will usually recommend the one with the best detection rate as this is the most important feature, detect malware and quarantine/remove it or at the very least notify of it’s detection. So which one is the best?
As of this moment Avast ranks number one in detection tests with a 97% score, Sophos follows very closely with a 96% score. This is by no means definitive as it may change again next time I add samples to the pool (currently 300 with over 250 still being analyzed and tested to make sure they are valid samples). With detection rate being pretty much the same for both products, we’ll have to start comparing other features.
Price:
Both Sophos and Avast are free. The AV is offered for free because both companies feel if their free product makes people happy they will (hopefully) spend money on other products and services they offer. Also because they are free there is no support in the form of an online or phone support service, user forums are available though where users just like you help eachother out.
Who? – Tie
Resource usage:
How an AV impacts system performance is very important. Norton and McAffee gave AV for Mac in general a bad reputation back in the day because they simply crippled even the most powerful Mac. This reputation is very hard to shake, not just for them but all those that offer AV products for Mac. (Norton’s current version (12 at the time of writing) is actually a very well written application that performs beautifully, McAffee is unfortunately still garbage.) Sophos has less of an impact on the system than Avast, possibly because Avast has more features or maybe because Sophos is written better, I don’t know. In the latest test Sophos impacted system performance by 8.86 – 12.53% on various Intel Macs and 18.25% on a PowerPC G5 when performing a full system scan. Avast had an impact of 5.16 – 20.39% on various Intel Macs, no PowerPC version available. Depending on what you use your Mac for these numbers may or may not be a big deal to you. If your system runs a scan at a set interval as some companies require, even while you are working, a few percent can matter.
Who? – Sophos
Scan time:
As scanning impacts performance you want it to be over as soon as possible unless you run your scans at night or while you are at lunch. In this aspect Avast outperforms Sophos but again the difference is small. Overall we’re just talking a few minutes faster but on an old Core 2 Duo Mac mini Avast beat Sophos by a good hour.
Who? – Avast
Compatibility:
Sophos offers both an Intel and a PowerPC version and supports OS X 10.4 – 10.8 (works on 10.9 Mavericks too). Avast offers only an Intel version and supports OS X 10.5 – 10.8 (works on 10.9 Mavericks too). While most won’t care about legacy support it is important to a lot of people out there still. PowerPC Macs may be old but are not obsolete (even thou Apple labels them as such). They are still used as servers, family computers and test machines. A few people I know still use G5’s with an old version of Photoshop as it simply does what they need it to do, they have no need for an Intel Mac or the latest Creative Suite.
Who? – Sophos
Update frequency:
Unless you have a truly advanced AV with proper heuristics, you need the AV company to push out frequent updates to it’s definitions database. More often is better. Sophos and Avast rely on these updates to protect you from malware as they do not have heuristics (actually none of the applications that are available for OS X use true heuristics). Let’s say a new piece of malware hits the internet on a large scale like MacDefender or FlashBack did, you want your AV to be able to detect these things asap. A few hours can mean the difference between becoming infected or blocking the threat. Sophos checks for updates every hour and the company releases a new database file every 6 hours so you’ll be sure to have the latest version at least within one hour after it becomes available. Avast checks for updates right after your Mac starts and every 6 hours after that, the company releases updated database files usually twice a day.
Who? – Sophos
Features:
While Avast has separate features for Mal and Web scanning Sophos’ on-access scanner does an equally fine job of detecting malware that tries to sneak in through email or web. They both offer quarantine but only Sophos offers the ability to schedule scans. Avast offers an account option that can come in handy if you want to check the status of multiple computers at a glance. The ability to schedule scans is more important though.
Who? – Sophos
Avast For Mac Free Download
Update [December 2013]: This article remains very popular so I want to point out that the AV industry is changing all the time and detection results along with it. While Avast and Sophos tested really well in August 2013, they are no longer in the top 3 or top 6 for that matter at the time of this update (December 19, 2013). Since this post was written I have learned not to srite posts like this again because the information can be outdated and inaccurate a week later. Avast and Sophos still perform well but always check the latest version of the Detection rate Results PDF for the most up-to-date information.