Battle What is the best protection for my M1 MacBook Air ?

Compare list
Kaspersky, Bitdefender, MacAfee, Trend Micro, Intego, Others

rain2reign

Level 8
Verified
Well-known
Jun 21, 2020
363
I have no doubt that the usual duo, being Bitdefender and Kaspersky, would do a good job. Though, I'd have to cast my vote for Intego. Sole focus being the Apple eco-system and have been doing so successfully, since 1997. Are as far as I know also GDPR-compliant, like the other two mentioned.

Note: their windows compatibility is a fairly recent feature, since September 2020. Which you pay 10 Euros more for in their store.
 
Last edited:

The_King

Level 12
Verified
Top Poster
Well-known
Aug 2, 2020
547
The Best protection would be Bitdefender.
 

enaph

Level 29
Verified
Honorary Member
Top Poster
Well-known
Jun 14, 2011
1,804
None.
macOS has enough security features built-in which utilized properly will keep your data secure.
There are few settings you should enable right after logging in:

- turn on firewall
- turn on automatic updates
- turn on FileVault
- setup backup with Time Machine
- password protect screen saver
- disable automatic login and remote access
- allow only installs from AppStore and identified developers
- use password manager

XProtect (macOS built-in anti-malware) is enabled by default and you don't need to configure it.
 

Ink

Administrator
Verified
Staff Member
Jan 8, 2011
22,490
None

Sure Mac isn't Windows, but it's not immune to viruses either. However if you treat Mac like Windows, then you'll fall into the same pit.

Follow the steps by @pablozi.

Link: Set up users, guests, and groups on Mac
  • Administrator: An administrator can add and manage other users, install apps, and change settings. The new user you create when you first set up your Mac is an administrator. Your Mac can have multiple administrators. You can create new ones, and convert standard users to administrators.
    • Don’t set up automatic login for an administrator. If you do, someone could simply restart your Mac and gain access with administrator privileges. To keep your Mac secure, don’t share administrator names and passwords.
  • Standard: Standard users are set up by an administrator. Standard users can install apps and change their own settings, but can’t add other users or change other users’ settings.
For more information about the options for each type of user, click the Help button in the lower-left corner of the dialog.
 

rain2reign

Level 8
Verified
Well-known
Jun 21, 2020
363
@JB007 one more for you.
This one was recommended to me on Reddit when I first got my hands on my MacBook:

Sounds like common sense to me. :p

I recommend the same methodology to people all the time for Windows and Unix. Only add stuff, if you actually need it. Or in this case, if you find the built-in security not adequate for your uses (use-case dependent), you can always switch. In the end Apple tries its best, but is still not a security-malware focused company. Go with what you have and add stuff only if you need it. :)
 

enaph

Level 29
Verified
Honorary Member
Top Poster
Well-known
Jun 14, 2011
1,804

Ink

Administrator
Verified
Staff Member
Jan 8, 2011
22,490
Why not use Adguard Adblocker for Safari, or other installed browsers?

The more system-dependant apps you install, the higher risk of lowering the responsiveness and core performance. Not to mention many apps may not yet be native to the M1 chip.


The risk is very low compared to Windows. Just look at the numbers...
Screen Shot 2021-03-20 at 18.19.03.png
 

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
784
Note that in macOS Big Sur, the so called built-in antivirus (XProtect and Malware Removal Tool) are significantly revamped, and use YARA rules for signatures instead of dumbly hardcoded hashes. Furthermore, Apple's GateKeeper is cloud-connected with both certificate and application level blocking, much like SmartScreen or SONAR. I agree with the others that with DNS-level and ad blocker level hardening to try to crack down on malvertising, you should be fine without a third party AV software.

Currently third party AVs rely heavily on custom hooks via kernel extensions (kexts), and Apple is trying to deprecate those. In fact right now on M1 to install kernel extensions you have to downgrade your secure boot, which in my opinion puts your system into a worse security state than without AV. That's not the fault of any third party AV, but the shortcoming of the APIs Apple has provided for implementing antivirus software.

Apple has a fast track record of responding to in the wild threats. Usually the same day that an article comes out about a piece of malware, Apple has already blocked it.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top