Keep all of your devices safe — from PC to Mac and Android to iOS — with these options for comprehensive malware protection software.
Macs may be a far less tempting target for malware and viruses, but they’re not immune from attack. Even if you don’t care about adware or being used as a means to infect users on other platforms, it’s still possible to fall victim to ransomware, password theft, or stolen iPhone backups.
Accordingly, good antivirus software will protect your Mac on all of these fronts. It’ll catch malware that’s still spreading or in circulation; block ransomware; protect older systems with out-of-date software from security vulnerabilities; prevent your Mac from acting as a carrier for malware aimed at other operating systems; and keep infected files off of any virtual machines you’re running.
Many antivirus suites provide a decent level of protection, but a few rise above all others by providing the very best in performance. Our top contenders dominate by posting perfect (or virtually near perfect) scores from security research labs, passing our own malware detection tests with flying colors, offering well-designed interfaces, and even throwing in extra features like a firewall or password manager.
Updated 02/11/2019: Added a link to our ESET Cyber Security Pro review. To read the full review, click here.
Looking for Windows antivirus recommendations? You can read about the best antivirus suites for PC on our sister site, PCWorld.
Latest antivirus for Mac news
- More than $1.1 million was lost to cybercrime every minute in 2018. That’s the key takeaway of the latest RiskIQ Evil Internet Minute report. In total, more than $600 billion will be lost to cybercrime and nearly 980 million people will be attacked in 2018
- North Korea’s alleged state-sponsored hackers, the Lazarus Group, has launched its first known malware attack against Mac computers, Kaspersky Labs reports. Kaspersky says a third-party “trojanized cryptocurrency trading application ... compromised several banks and infiltrated a number of global cryptocurrency exchanges” to steal digital currencies like Bitcoin.
- Enterprise security firm Cylance is launching its first consumer-grade package: Cylance Smart Antivirus. The new software claims to use advanced, predictive AI to kill threats, all with a consumer-friendly interface and minimal penalties to device performance.
Best overall antivirus software
on Sophos
Sophos Home Premium has the most extensive and up-to-date approach to fighting malware at an unbeatable price.
Sophos Home Premium has it all: Effective malware protection, ransomware monitoring, protection against potentially-unwanted-apps, and additional features that often require separately licensed software. Its cloud-based configuration and generous licensing (up to 10 Macs and PCs) also make it easy to shield friends and family from threats, no matter where they live. (Full details available in our review.)
Best free antivirus software
Though Sophos does offer a good free version of its software, Avast Free Mac Security edges it out as the best free antivirus software for macOS. In security lab tests, Avast detected 99.9 percent of macOS malware, and 100 percent of Windows malware. However, if you want more advanced protection (like ransomware detection), you'll need to upgrade to paid software.
What to look for in antivirus software
By our reckoning, antivirus software should be able to neutralize a threat before it can begin wreaking havoc. That means preventing the download, installation, or execution of malicious software.
Since you can encounter threats by visiting compromised or malicious websites, receiving virus-laden attachments, or accessing USB drives with malware, good AV software should scan on a continuous basis unless you configure it otherwise. And ideally, files identified as malicious should be quarantined into a special storage area managed by the AV software, with the option to automatically delete files known to be malware or repair normal documents that also carry devious payloads.
Great AV suites also will monitor the filesystem for certain kinds of changes. Ransomware—which is malware that will rapidly encrypt user files like documents and mailboxes and then delete the originals—has become a huge moneymaker on other platforms. As a prime opportunity for attackers, it’s the greatest danger Mac users likely face as a category.
Detecting this pattern and halting it before any files are unavailable should be possible without an anti-malware system knowing the specific innards of a ransomware virus. Sophos, our top pick, includes this feature in the Home Premium version of its 2018 update. Other vendors, like Avast and Trend Micro Antivirus, offer an alternative feature that allows you to whitelist programs allowed to manipulate files in specific directories. So if this particular type of attack becomes rapidly popular, you’ll be protected.
Good antivirus software should also use minimal computational resources. That’s especially the case these days—AV monitoring hasn’t become much more complicated than when it first became available, and faster, multi-core CPUs can easily handle the demands of running AV software in the background without disturbing your active work.
Beyond these primary features, an easy-to-navigate interface and extra features are worth factoring into your decision. Some AV software are full-fledged suites that offer additional options like backup service for essential files, a password manager, parental controls, anti-tracking and privacy modes or options, a more advanced firewall, and the blocking of Potentially Unwanted Applications (PUAs).
How we test
Each software package is evaluated creating a clean installation of macOS Mojave, cloning it for each AV product, and then booting separately into each one to install a different package. This was to ensure that previous app installations didn’t interfere with new ones—sometimes AV software treats other AV software as an infection.
In addition to visiting malicious websites, downloading known malicious software, and even running said malware, we also reference the most recent reports from two labs that regularly cover macOS malware: AV Comparatives and AV-TEST. These laboratories test AV software against sets of known malware as well as products that are grouped as potentially unwanted applications (like adware).
The latter doesn’t damage or expose your computer or its files but may consume power and CPU cycles. Because the testing effectively looks at a combination of virus databases and behavior, they remain good gauges even after many months. When an antivirus software package lacks a rating from a known security research lab, we do more extensive testing with real malware.
Finally, while we gave props for a lot of different features and behaviors, we marked products down if they lacked any or all of the following:
- A nearly perfect score on macOS malware detection
- Ransomware monitoring
- Native browser plug-in or system-level Web proxy
- A high score on Windows malware detection
Privacy concerns
Using an anti-virus product, especially any that includes tools to also improve your online privacy, may lull you into believing you’re safe from personal and private information leaking out. That’s not quite the case. While there’s no reason to panic, you should consider a few reasonable issues.
First, an antivirus product may upload the complete text of files flagged to the cloud, where it can be analyzed by separate tools hosted there. This practice is normal and sensible: Some malware can detect when a running process may examine it, and will then engage in subterfuge. Antivirus software makers also can access their massive databases to examine files with characteristics that trigger their algorithms—certain elements that match known malware. As a result, security researchers discover new viruses, worms, Trojans horses, and the like.
However, helping the greater good means you’ll have to be comfortable with trusting a third-party with your file contents. Where appropriate, we noted privacy policy issues in individual reviews.
Second, this software may also rely partly or entirely on cloud-based checks of URLs, malware, and the like. Accordingly, an AV package might upload every URL you visit, metadata about files, signatures of files, information about your computer’s hardware, a list of running or installed applications, and more. Companies vary on their disclosure of such policies, and may not let you opt out of this kind of sharing. We note issues in each review as available.
Third, anti-virus software makers also get a sense of what behavior is happening on your computer that’s being monitored or blocked, and may use that information for their own purposes. In some cases, you can opt out of this information gathering.
All of our antivirus for Mac reviews
If you have specific requirements or just wish to see other options, below is a list of all the antivirus software we’ve reviewed. We’ll keep evaluating new and refreshed software on a regular basis, so be sure to come back to see what else we’ve put through the ringer.
We designed macOS with advanced technologies that work together to constantly monitor, encrypt, update — and ultimately keep your Mac safer. And with macOS Mojave available as a free upgrade, it’s never been easier to protect your Mac.*
Apple T2 chip.
The next generation of security.
The Apple T2 chip — featured on iMac Pro and the 2018 MacBook Pro with Touch Bar — keeps your Mac safer than ever. The Secure Enclave coprocessor in the Apple T2 chip provides the foundation for Touch ID, secure boot, and encrypted storage capabilities. Touch ID gives you a seamless way to use your fingerprint as a passcode and make purchases with Apple Pay. Secure boot helps ensure that you are running trusted operating system software from Apple, while the Apple T2 chip automatically encrypts your storage drive.
Apple helps you keep your Mac secure with software updates.
The best way to keep your Mac secure is to run the latest software. When new updates are available, macOS sends you a notification. Just accept the updates with a click and they download automatically. macOS checks for new updates every day, so it’s easy to always have the latest and safest version.
FileVault 2 encrypts your data.
With FileVault 2, your data is safe and secure — even if your Mac falls into the wrong hands. FileVault 2 encrypts the entire drive on your Mac, protecting your data with XTS-AES 128 encryption. And on Mac systems with an Apple T2 chip, FileVault 2 keys are created and protected by the Secure Enclave. Want to start fresh or give your Mac to someone else? FileVault 2 makes it easy to clean data off your Mac. Instant wipe removes the encryption keys from your Mac — making the data completely inaccessible — then proceeds with a thorough wipe of all data from the disk.
Runtime protections
defend at the core.
The technically sophisticated runtime protections in macOS work at the very core of your Mac to help keep your system safe. Technologies like XD (execute disable), Address Space Layout Randomization (ASLR), and Kernel ASLR make it difficult for malware to run or do harm by subverting memory or other apps. System Integrity Protection (SIP) ensures that even with root access to your system, malware cannot change critical system files and settings. On macOS Mojave, developers can opt in to an Enhanced Runtime that extends these runtime protections to their apps. And on Mac computers with an Apple T2 chip, secure boot ensures that only legitimate macOS operating system software loads on your Mac.
Your Mac stays on the alert.
Innocent-looking files downloaded over the Internet may contain dangerous malware in disguise. That’s why files you download using Safari, Mail, and Messages are screened to determine if they contain applications. If they do, macOS alerts you, then warns you the first time you open one. You decide whether to open the application or cancel the attempt. And if a file contains software identified as malicious, macOS offers to move it to the Trash.
macOS and iCloud can help find your missing Mac.
macOS and iCloud can help keep your Mac safe even when you misplace it. Sign in to iCloud.com from another computer or use the Find My iPhone app on an iPhone, iPad, or iPod touch to locate your missing Mac on a map. If your Mac is offline when you try to find it, you can ask to receive an email as soon as it makes a Wi‑Fi connection. You can also display a message on your Mac screen so whoever has it knows how to get it back to you. And until your Mac is back in safe hands, you can set a passcode lock remotely, suspend Apple Pay, or even initiate a remote wipe to delete your personal data and restore your Mac to its factory settings.
Download safe apps from the Mac App Store.
Apple reviews each app before it’s accepted by the store, and if there’s ever a problem with an app, Apple can quickly remove it from the store. All apps from the App Store are sandboxed to protect your Mac and data from harmful actions.
Sandboxing helps contain malicious code.
The App Sandbox in macOS helps ensure that apps do only what they’re intended to do. App sandboxing isolates apps from the critical system components of your Mac, your data, and your other apps. Even if an app is compromised by malicious software, sandboxing automatically blocks it to keep your computer and your information safe. macOS delivers sandboxing protection for Safari, Mail, Messages, FaceTime, Calendar, Contacts, Photos, Notes, Reminders, Photo Booth, Quick Look previews, Game Center, Dictionary, Font Book, and the Mac App Store.
Gatekeeper makes downloading apps from the Internet safer.
Gatekeeper gives you more control over what you install on your Mac. It allows you to run apps from the Mac App Store as well as those from other sources that are signed with a Developer ID from Apple. The Developer ID allows Gatekeeper to block apps created by malware developers and to verify that apps haven’t been tampered with. With macOS Mojave, developers can upload their apps to Apple for a security check. And now you’ll see a streamlined dialog when you first launch these apps.
Stay in control of what data apps can access.
macOS puts you in control of which apps can access your calendar, contacts, photos, location, reminders, and private system data like your Messages history, Mail database, and Safari data — as well as your camera and mic.
Intelligent Tracking Prevention.
Remember when you looked at that green mountain bike online? And then saw annoying green mountain bike ads everywhere you browsed? Safari uses machine learning to identify advertisers and others who track your online behavior, and removes the cross‑site tracking data they leave behind. So your browsing stays your business. And now Safari keeps embedded content such as Like buttons, Share buttons, and comment widgets from tracking you without your permission. We know you’ll like that.
Fingerprinting defense.
When you browse the web, the characteristics of your device can be used by advertisers to create a “fingerprint” to follow you online. Safari now thwarts this by only sharing a simplified system profile, making it more difficult for data companies to identify and track you.
Stronger passwords are harder to crack.
The strongest passwords are long and complex. Creating passwords like this for every site can be tedious. But Safari makes it easy by automatically creating and storing strong passwords for you, then autofilling your passwords across all your Apple devices. And in Safari preferences, you can see any passwords that have been used more than once and easily update them.
To further increase security for your Apple ID, Apple recommends that you turn on two-factor authentication. With two-factor authentication, your account can be accessed only on devices you trust, like your iPhone, iPad, or Mac. So when you want to sign in with your Apple ID on a new device for the first time, you need to provide two pieces of information — your password and the six-digit verification code that’s automatically displayed on your trusted devices.
iCloud Keychain securely stores your passwords, punctuation, and numbers.
Once you have a unique, strong password, iCloud Keychain will remember it so you don’t have to. iCloud Keychain stores your user names and passwords and syncs them between the devices you choose — Mac, iPhone, iPad, and iPod touch. When you visit a site, iCloud Keychain will fill in your login information to give you access to your online accounts, and it can also autofill your credit card information when you’re checking out online. And your information is always protected with robust, 256-bit AES encryption.
Antiphishing protects you from fraudulent websites.
Phishing is a form of attack in which online thieves try to acquire sensitive information such as user names, passwords, and credit card details by creating fake websites that look like sites from legitimate companies — like your bank or a social networking site. The antiphishing technology in Safari can protect you from such scams by detecting these fraudulent websites. And if you try to visit a suspicious site, Safari disables the page and displays an alert warning you about its suspect nature.