Every day, independent test lab AV-TEST.org captures more than 400,000 new malware samples for Windows and 5,000 new samples for Android. For the Mac they identify less than 100 per month. But there is malware out there for the Mac and it does hit users in the real world, if less often and less intensely than on the PC.
The existence of quite a few companies in the business of Mac anti-malware software shows that there's enough demand for it too. That's why AV-TEST just completed a test of 18 products in this space:
- avast! Free Antivirus 9.0 (41877)
- AVG AntiVirus 14.0 (4715)
- Avira Free Antivirus 220.127.116.11
- Bitdefender Antivirus for Mac 2.21.4959
- Comodo Antivirus 1.1.214829.106
- ESET Cyber Security Pro 18.104.22.168
- F-Secure Anti-Virus for Mac 1.0.282 (13406)
- G Data Antivirus for Mac 2.30.5095
- Intego VirusBarrier 10.8.1
- Kaspersky Internet Security 22.214.171.124c
- McAfee Internet Security 126.96.36.199 (1702)
- Microworld eScan for Mac 5.5-8
- Norman Antivirus for Mac 3.0.7664
- Panda Antivirus 10.7.8 (772)
- Sophos Anti-Virus 8.0.23
- Symantec Norton Internet Security 5.6 (25)
- Trend Micro Titanium 3.0.1251
- Webroot SecureAnywhere 188.8.131.52: 181
You can find complete results on their site. Five of the products (avast!, Sophos, AVG, Comodo and Avira) are free. The G Data and Norman products use the Bitdefender engine and the Panda product is based on the Intego product.
AV-TEST used "...the products which are offered at the AV vendor's websites as downloads. The versions available at the Mac App Store might be limited in functionality, as they cannot access all APIs."
AV-TEST provides test results for malware detection, both on-access and on-demand; false positives; impact on system performance; and ancillary features, specifically anti-spam, anti-phishing, personal firewall, safe browsing, parental control, backup and encryption.
The products from avast!, Bitdefender, G Data, Norman, ESET, Intego, Panda, Microworld, F-Secure, Sophos and Kaspersky detected a very high percentage of the malware on-access. AV-TEST also gives results for on-demand scanning, but their importance pales (in our opinoin) in comparison to those of on-access. Kaspersky detected 95.2% on-access, several others detected 97.6% and 98.8% and four products detected 100% of malware on-access. All of these numbers are excellent, but obviously it doesn't get better than 100%.
Several products, all with well-known brands, had disappointing results. Trend Micro (33.3%), Webroot (22.6%) and McAfee(21.4%) all stand out in a bad way.
None of the products had a single false positive. This may be possible because of the relatively low number of samples.
System performance impact has some interesting results. The test was to copy 7.4GB of files and the reference number (no anti-malware products) was 17.2 seconds. If you leave out the products from Microworld and Trend Micro, the average of the rest is 18.9 seconds and the high is 20.8, both perfectly acceptable. With Microworld eScan installed the operation took 40.4 seconds. With Trend Micro it took 470.3. Clearly something was very wrong with Trend Micro and this specific operation. AV-TEST says that they observed no meaningful performance degradation with any of the products in normal interaction.
Compared to PC products, the Mac products offer very few additional features. Eight of them add no extra features (as counted by AV-TEST). Only five offer more than one. The only real stand-out is ESET Cyber Security Pro, which offers anti-spam, personal firewall, safe browsing and parental control.
With all that data it's hard to pick a single product out, except to point out that avast! Free Antivirus and Sophos Anti-Virus are the only free products among those with good results both in detection and system performance and that ESET has several additional features missing in the others.
Corrected on September 5: The first version of this story did not mention avast! Free Antivirus as one of the top-performing free products. It was an oversight and we apologize.
This leaves plenty of good products. You may decide that there's no point in using anything other than the free avast! and Sophos products, but for a few bucks you might see something in one of the others that appeals to you. Looks like Mac anti-malware is a buyer's market.