The products tested were:
- AVIRA Free Mac Security 10.0.0.64
- ESET Cyber Security Pro 5.0.110
- F-Secure Anti-Virus for Mac B12533.C740
- Intego Mac Premium Bundle 10.7.5
- Kaspersky Security for Mac 184.108.40.206
- Quick Heal Total Security for Mac 1.0
- Sophos Anti-Virus for Mac Home Edition 8.0.15c
- ZeoBit MacKeeper 2.5.1
The tests were performed on OS X Mountain Lion.
One of AV-Comparatives' strengths is that they define their test procedure and follow it for all products. The downside to this approach is that you have to define which features you are going to test and ignore all the others.
The AV-Comparatives reviews in this report note briefly that a product contains features out of the report's scope, such as a firewall or backup, but they only test a defined set of antivirus-related features. This seriously limits the usefulness of the report, as those other features are likely to be more useful to Mac users than the antivirus.
There is one exception to this rule: the report describes Kaspersky Security for Mac's Virtual Keyboard, a software keyboard meant to bypass keyloggers in password fields. Kaspersky for Windows products have it as well. Why this feature was given attention is not clear.
I don't mean to belittle the value of antivirus software on the Mac, at least not completely. Clearly Mac malware constitutes only a tiny fraction of the population, nearly all of which is specific to Windows, but there's enough that it would be a mistake to ignore the potential. Most Mac users to ignore it and run without antivirus. The only things which could change that would be severe outbreaks of malware — and if this hasn't happened yet, it's not going to — or compelling separate features to draw the consumer in.
The tests don't reveal a lot of difference in malware detection between the products, but AV-Comparatives used only 20 samples. They say "In our opinion, these 20 malicious Mac apps represent a substantial part of all recent Mac malware from the first half of 2013." If so, it underscores just how little attention is being paid to Macs by the malware authoring community.
With only 20 samples, it's not surprising that all products but one — Quick Heal Total Security for Mac — detected all of the Mac malware samples. Quick Heal actually detected only half of the samples. Not a good sign.
Because a Mac could be a conduit for delivery of malware to a Windows system, AV-Comparatives also tested detection of Windows malware using a set of "around 500 very prevalent malware samples". AVIRA, ESET, Kaspersky, Quick Heal, Sophos and ZeoBit detected all the Windows samples. F-Secure and Intego detected only some of the samples and F-Secure claims only limited Windows anti-malware capabilities in their Mac product.
In their summary at the conclusion, AV-Comparatives lists the strong points for all products, and the non-antivirus features figure strongly. No surprise, since there's not a whole lot of difference otherwise.