AV-TEST Tested: 12 Security Solutions for MacOS Big Sur

  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.


Level 73
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
Whether it is a Mac at home or a Mac endpoint in a corporate environment: users should never go without a good security solution on board. The lab at AV-TEST thoroughly examined 12 products and can issue firm recommendations.

Yet many Mac users unfortunately still believe their Apple system is invulnerable, thus a protection solution is not for them. But back to reality: as recently as April of this year, Apple was forced to acknowledge that there was a zero-day vulnerability enabling Mac's Gatekeeper security features to be circumvented. It is actually supposed to check applications in terms of their certification, filtering out trojans, viruses and other malware. Apple immediately recommended users to update their systems to the new MacOS Big Sur. But not every user was willing or able to do so. Those who had additional protection on board were lucky. In the meantime, Apple has released an update that closes the dangerous vulnerability.

12 security packages for consumer and corporate users​

The lab examined 7 security packages for consumers and 5 solutions for Mac endpoints in a corporate environment. The MacOS Big Sur was used as a test platform, and the consumer protection packages were from Avast, Avira, Bitdefender, F-Secure, Intego, NortonLifeLock and Trend Micro.

The solutions for Mac enterprise endpoints came from Bitdefender, ESET, FireEye, Sophos and Symantec.

All protection packages and solutions were vetted in terms of their protection, performance and usability. For each category, the laboratory can award up to 6 points. Thus, the top score in the test is 18 points. AV-TEST also awards a security certificate for a successful security test. To mark their achievements, the lab issues consumer products the certificate of AV-TEST CERTIFIED, and solutions for corporate users the certificate of AV-TEST APPROVED.

The test results: among the 7 consumer protection packages evaluated, the lab awarded the full 18 points to the products from Avast, Intego, NortonLifeLock and Trend Micro. Coming in next were Bitdefender and F-Secure with 17.5 points; Avira received still a very good score of 17 points.

There was a similar positive outcome in the findings involving corporate solutions: ESET, Sophos and Symantec reached the full 18 points. This was followed by Bitdefender with 17.5 points and FireEye with 17 points.

Detection, quarantining, deleting​

In the area of protection, the lab examines the capability of detecting malware. The digital malware samples are mostly brand-new. First the products for consumers were evaluated. Managing to complete the test error-free and with 100 percent detection were Avast, Bitdefender, Intego, NortonLifeLock and Trend Micro. The packages from Avira and F-Secure followed close behind at 99.8 percent detection each.

The packages for endpoints in a corporate environment can ferret out the digital attackers even more effectively. The solutions from Bitdefender, ESET, FireEye and Symantec detected the attackers 100 percent. The product from Sophos committed a miniscule error: 99.9 percent.

No braking allowed!​

In the test category of performance, the lab tests the level of resources the protection packages require and thus the load placed on the Mac. The test uses a reference Mac and performs a variety of tasks on it, such as copying files, downloads, launching programs or installing apps. The testers clock the times required as a reference value. The lab then repeats all the tasks with an installed protection solution.

There were hardly any anomalies among the packages for private users in the current test. In fact, the packages from Avast, Intego, NortonLifeLock, Trend Micro and F-Secure achieved the full 6 points. The protection packages from Bitdefender and Avira slowed the system down slightly, and for this they received a small point reduction: 5.5 points each.

Among the corporate solutions, ESET, Sophos and Symantec earned the full 6 points, as they placed no measurable load on the system. Bitdefender was somewhat conspicuous: 5.5 points. Only FireEye slowed things down a bit more in places: 5 points.

Sorry, false alarm!​

Every false positive committed by a protection solution causes slight panic in users or creates unnecessary work for support staff in corporate environments. In order to test this detection function, in the category of usability, the testers ran just under 130,000 harmless files through the systems and observed what the protection solutions detected. The result was perfect! Among the packages for private users in all solutions for corporate user, there was not a single false alarm. That is why all the products garnered the full 6 points.

Extra tests without point rating​

With the categories discussed thus far, the certification tests and point ratings were complete. But the testers were also interested in examining how Mac and Windows interact. After all, both systems often operate within one network. If malware for Windows lands in a Mac, this naturally does not disrupt the Mac. But the digital malware sample could threaten the Windows PCs over the network. That is why without conducting any rating, the lab evaluated whether the Mac protection packages detected Windows malware.

The lab also checked whether the packages were able to detect potentially unwanted applications – PUAs for short – and warn against them. The programs are not dangerous, but they can really get on users' nerves.

For the Windows and PUA test, the testers used Windows malware over 2,800 times and just under 1,000 PUAs. Among the consumer packages, Avast, Bitdefender and Trend Micro achieved detection rates above 99 percent. Intego was just below this value. Avira, NortonLifeLock and F-Secure averaged significantly poorer results.

The detection rate among corporate solutions turned out to be generally higher: Bitdefender, ESET, Sophos and Symantec found the Malware and PUAs at rates of 95 to 99 percent. Only FireEye came in lower.

The best MacOS protection programs​

The final test table shows that there is really good protection software out there for the Mac – for both consumer and corporate users.

For consumers, the top recommendations are the products in the test scoring 18 points. They came from Avast, Intego, NortonLifeLock and Trend Micro. But the jockeying for first place could hardly have been more heated, as Bitdefender and F-Secure followed with 17.5 points. Even the last place was still very good, as Avira earned 17 out of 18 possible points.

The corporate endpoint solutions also achieved very favorable results. ESET, Sophos and Symantec racked up the full 18 points. Hot on their heels were Bitdefender with 17.5 points and FireEye with 17 points. One highlight worth noting: all corporate products received the full 6 points in the most important category of malware detection!

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.