The myth that Macs can’t suffer viruses, Trojans, or other types of malware attack is busted. Oh, the situation isn’t nearly as bad as on Windows or Android, but Macs really do need antivirus protection. There are free options available, including Avast Security (for Mac), but commercial antivirus utilities offer more features and do better in testing. Looking at what this product adds beyond the features in the free edition, it’s really hard to justify the price.
This product’s main window looks exactly like that of the free edition, except for the absence of the upgrade offer. Plenty of white space surrounds a simple security status indicator. The left-rail menu is also the same as in the free edition. The difference is that clicking Ransomware Shield or Wi-Fi Inspector brings up the component, rather than displaying an upgrade invitation. The look is very different from that of Avast Pro Antivirus, which uses a dark gray background with occasional elements in purple and green.
Pricing and OS Support
Like Bitdefender and Kaspersky, Avast supports macOS versions back to 10.9 (Mavericks). If you have an antique Mac that for some reason can’t even run Mavericks, consider ESET, ProtectWorks, or ClamXav—all of which support versions of macOS from 10.6 (Snow Leopard) on. At the other end of the spectrum, Avira, Trend Micro, and Symantec Norton Security Deluxe (for Mac) require macOS 10.11 (El Capitan) or better.
The most common pricing plan for Mac antivirus runs $39.99 per year for one license or $59.99 for three. Bitdefender, ESET Cyber Security (for Mac), Kaspersky, and Malwarebytes all fit this profile. Price-wise, Avast is on the high end, at $59.99 per year or $69.99 for three licenses. That’s expensive, considering that the free edition has all the same features except for Ransomware Shield and Wi-Fi Inspector, which I’ll detail below.
This utility shares all the features of the free Avast Security (for Mac), and that’s saying a lot. I’ll briefly summarize those shared features here, and you can should read my review of the free product for more details.
AV-Comparatives certified Avast’s Mac malware protection as effective. In testing, it protected against 99.9 percent of Mac malware and 100 percent of Windows malware. AV-Test Institute, the other major lab that tests Mac antivirus, did not include Avast in testing. Note, though, that Bitdefender and Kaspersky earned 100 percent in both tests, and received certification from both labs.
I don’t have the same kind of resources for antivirus testing under macOS as I do for Windows. I did try scanning a folder containing my current collection of Windows malware. Avast detected and quarantined 85 percent of the samples, which is quite good. Only Webroot SecureAnywhere Antivirus (for Mac), with 86 percent, and Sophos, with 100 percent, have done better. At the low end, McAfee caught 25 percent and Intego just 18 percent.
Avast’s full scan finished in 14.5 minutes, which is quite a bit faster than the current average of 24 minutes. The impressive Home Network Security Scanner took less than three minutes to take note of all devices on my network. It found 36 devices and flagged legitimate security problems on two of them.
Phishing websites masquerade as secure sites in the hopes of fooling you into giving away your login credentials. It doesn’t matter which browser you use, or which operating system. Avast’s scores in my hands-on phishing protection test were extremely poor. The phishing protection systems built into Chrome, Firefox, and Internet Explorer all outperformed Avast, by a long shot.
The Online Security browser extension marks up search results to flag dangerous links. It also displays a list of all ad trackers and other trackers on the current page, with an option to actively block these. Kaspersky Internet Security for Mac includes a similar active Do Not Track feature.
Avast comes with a basic password manager that installs as a separate application. It handles basic functions like password capture and replay, saving secure notes, and generating strong passwords. The app stores passwords locally, but you can set up syncing between all your macOS, iOS, Windows, and Android devices. However, you won’t find any advanced features like secure password sharing, two-factor authentication, or password inheritance.
Everything I’ve described to this point is also available in the free edition. The premium-only Ransomware Shield component simply prevents unauthorized access to files in sensitive folders. By default, it protects the Documents and Pictures folders for the current user. Naturally, you can add other folders if needed. A similar feature in Bitdefender Antivirus for Mac also protects your Time Machine backups.
To test this kind of access control on Windows, I use a small text editor that I wrote myself, something that would never show up on a list of trusted applications. I don’t have such a program for macOS, so I had to disable the feature that automatically trusts Apple and App Store applications.
Operation is very simple. When an untrusted program tries to modify a protected app, Avast pops up a warning. If you’ve just installed and launched a new photo editor, click Allow. If you don’t recognize the program, click Block. Note that clicking Allow only makes the program trusted temporarily. To ensure that new photo editor doesn’t get blocked, you must manually add it to the list of Allowed Apps.
This type of access control is an effective tool for ransomware protection, one used by many security tools both on Windows and macOS. However, it does require vigilance on your part. When you see the Ransomware Shield popup, examine it carefully, and only click Allow if you’re absolutely sure the program is legitimate.
As noted, you get the Home Network Security Scan even in the free edition. The premium edition adds a component called Wi-Fi Inspector. Despite the name, the main function of this component is to alert you when new devices join the network. It maintains its own simple list of devices. If you click Deep Scan, it launches the Home Network Security Scan.
Wi-Fi Inspector’s device list doesn’t identify security issues the way the security scan does. On the plus side, it lists the MAC address and IP address for each device, along with the name. For many devices, the name is a clear identification, like neils–ipad or all-in-one-pc, but some come out with names like unknown6542990b6483. If you have basic network skills, you can use those addresses to figure out which device corresponds to a weird name. Bitdefender Home Scanner (a Windows utility) lets you edit such entries to give them a friendly name, and even remembers the name on subsequent scans. With Avast, you’ll just have to keep a list of which device matches which weird name.
I did encounter a serious problem with the device list. It found 36 devices on my network, but I couldn’t scroll down to see more than the first bunch of devices. My Avast contact confirmed this as a bug. It’s not such a big problem, as you can see all your connected devices in network scanner.
The real point of Wi-Fi Inspector is to alert you when a new device connects. Just after installation, you’ll probably see quite a few of these, as devices that were turned off during the initial scan wake up. Once you get past that shakeout period, you should pay close attention to the new-device notifications. If you don’t recognize the device, it could be a neighbor mooching your Wi-Fi, or even a hack attempt.
If you determine that the new connection isn’t legitimate, there’s not a lot you can do about it. Wi-Fi Inspector offers notification, but no direct way to act on that information. Your best bet is to snap a screenshot of the notification and then find a friend who’s a network whiz. Your buddy can use the info from the screenshot to log into your router’s settings and ban the device from the network.
Doesn’t Add Enough
Avast Security Pro offers certified Mac malware protection, a network security scanner, and a password manager, but those features also come with the free Avast Security. The Pro edition adds ransomware protection that works by banning untrusted applications from modifying your files. It also adds real-time notification of new connections to your network, but offers no way to do anything if you determine the new connection is perfidious. That’s not much for $59.99 per year. The only reason to buy this product is if you want to protect your Macs in a business setting, but in that case, you can get better protection for less.
Bitdefender Antivirus for Mac has certification from two labs, excellent phishing protection, an anti-ransomware feature much like Avast’s, and more. Kaspersky Internet Security for Mac also has two certifications, and it comes with a full parental control system, excellent anti-phishing, protection against webcam peepers, and more. These are our Editors’ Choice products for macOS antivirus, and they both costs $20 less than Avast.