AV-Comparatives: Mac Security Test & Review - June 2023
#1
Bug 
Quote:
[Image: avc-logo.png]

Introduction

It is an often-heard view that macOS computers don’t need antivirus protection. Whilst it is certainly true that the population of macOS malware is very tiny compared to that for Windows and Android, there have still been many instances of macOS malware getting into the wild. Moreover, Apple Mac security needs to be considered in the wider context of other types of attacks.

Apple ships some anti-malware capabilities within macOS: Gatekeeper, which warns when apps without a digital signature (i.e., not certified by Apple) are run, and XProtect Remediator, which checks files against known-malware signatures and remediates infections if malware makes its way onto the Mac. These features are essentially invisible to the user, other than configuration options and alerts. System and security updates are installed automatically using the macOS update process.

macOS includes other features which secure and harden the system. For example, Sandboxing isolates apps from critical system components, user data, and other apps. Sandboxed apps (e.g., downloaded from the Apple App Store) run in an isolated context where they cannot access areas outside of it and thus cause damage. This does not protect you from malware but limits what it can do.

Since macOS 10.15 (Catalina), apps require explicit permission to access user files and other sensitive information (e.g., camera, microphone, logs). Additionally, macOS system files and user data are stored on separate disk volumes which makes it more challenging for malware to cause problems with the system.

The effectiveness of Apple’s built-in anti-malware features have been questioned, however, and some security experts recommend strengthening the defences by adding in a third-party antivirus solution. There are many good reasons for this. Firstly, the approach taken by Apple might be adequate for well-established malware but might not respond quickly enough to emerging threats. Secondly, you might want a broader base of malware evaluation. Thirdly, macOS is not immune to bugs.

Some AV programs designed for macOS can also detect malware aimed at other operating systems (e.g., Windows, Android). In a scenario, where malware is inadvertently passed on from one operating system (e.g., Windows) to another (e.g., macOS) using an USB stick, even if the latter machine is not at risk, you might well benefit from effectively handling such threats.

Additional browser extensions and network monitoring functions can identify potential phishing websites. Readers should note that Mac users are just as vulnerable to phishing attacks as e.g., Windows users, as phishing sites deceive the user rather than alter the operating system.

Other programs might offer VPN (virtual private network) capabilities which can be useful when you need to operate your computer in an untrusted environment or a public location such as an Internet café, where the integrity of the connection is uncertain. You might also opt to utilize third-party tools for parental control instead of relying solely on macOS’ built-in features, if you believe this is more appropriate to your family needs.

Experienced and responsible Mac users who are careful about which programs they install, and which sources they obtain them from, may well argue – very reasonably – that they are not at risk from Mac malware. However, we feel that non-expert users, children, and users who frequently like to experiment with new software could definitely benefit from having security software on their Mac systems, in addition to the security features provided by the macOS itself.

In general, there are only a limited number of anti-malware products for macOS available on the market. As already mentioned above, the reason being that the threat landscape of macOS is very tiny compared to that of Windows and, therefore, Windows users are more likely to be attacked than Mac users.

Through our yearly Mac testing, we have found that the vendors being evaluated demonstrate a commendable commitment to threat research and continuous product improvement. Their efforts are focused on providing effective security solutions that safeguard Mac users against the ever-changing and potentially rapidly evolving Mac threat landscape. We strongly encourage other security vendors to actively participate in third-party tests to ensure their products meet the current standards and expectations.

Readers who are concerned that third-party security software will slow their Mac down can be reassured that we considered this in our test; we did not observe any major performance reduction during the course of the test with any of the programs reviewed.

As with Windows computers, Macs can be made safer by employing good security practices. We recommend the following:
  1. Do not use an administrator account for day-to-day computing
  2. Use secure passwords (iCloud Keychain) or passkeys (biometric identification such as Touch/Face ID) and enforce multi-factor authentication wherever possible
  3. Deactivate any services such as Airport, Bluetooth, or IPv6 that you don’t use
  4. Be careful about which programs you install and where you download them from
  5. Pay attention when granting programs permissions to sensitive system areas or information
  6. Be wary of opening any links that you receive via e.g., email
  7. Keep your macOS and third-party software up to date with the latest patches
Tested Products Additional information about the products and additional third-party engines/signatures used inside the products: Trellix uses the Bitdefender engine. Intego uses the Avira engine for detection of Windows malware. AVG is a rebranded version of Avast. Avast/AVG specifically asked us to test their free version.

We congratulate these manufacturers, who elected to have their products reviewed and tested, as we feel their commitment is a valuable contribution to improving security for Mac systems.
...
Full Report
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
uBlock Origin 1.62.0
uBlock Origin 1.62...harlan4096 — 12:51
uBOLite_2024.12.30.1320
uBOLite_2024.12.30...harlan4096 — 10:37
VESA announces DisplayHDR True Black 100...
DisplayHDR True Bl...harlan4096 — 10:36
AdGuard v4.5.8 for iOS
AdGuard v4.5.8 for...harlan4096 — 09:45
Hasleo Backup Suite 5.0.1
Hasleo Backup Suit...harlan4096 — 09:44

[-]
Birthdays
Today's Birthdays
avatar (41)Tyreeplurb
Upcoming Birthdays
avatar (49)theoldevext
avatar (44)algratCep
avatar (49)Qlaude2Sap
avatar (43)tabthinLem
avatar (38)ixofehym
avatar (50)Josepharelf
avatar (39)kholukrefar
avatar (48)Lauraimike
avatar (50)WilsonWag
avatar (48)StevenPiole
avatar (39)zetssToomy
avatar (46)GornOr
avatar (44)StephenViedy
avatar (46)tuebrUNure
avatar (39)alexeytsa4721
avatar (49)Jamesmog
avatar (37)opeqyrav
avatar (38)theatidere
avatar (47)denisEquivok
avatar (35)mikebrian01
avatar (37)ivanoFloom
avatar (40)uxegihor

[-]
Online Staff
There are no staff members currently online.

>