Protection solutions for MacOS Sonoma tested


Share post

The major test of protection software for companies and single-user PCs for MacOS took place for the first time in the AV-TEST laboratory under the MacOS version Sonoma 14.3. 12 products tested showed what they can do in the areas of protection, system load and usability. One product surprised us with a slip-up. 

The increasing tensions in the world, the rise in ransomware or infostealers and many dangerous phishing attacks are not exempt from the Mac world either. On the contrary: the attacks are increasing because cyber criminals see great potential in the Mac user group. Attacks via infostealers in particular are also very current in the Mac universe. In addition, there are vulnerabilities in popular software with a cloud connection that attackers immediately exploit. Therefore, perfect protection for MacOS is essential.

MacOS Sonoma: 12 protection packages tested

🔎 The most important protection solutions for MacOS under Sonoma in the test (Image: AV-TEST).

In their quarterly test Q1 from January to March 2024, the laboratory experts at AV-TEST examined 4 endpoint solutions for companies and 8 products for single-user PCs. For the first time, the new version MacOS Sonoma 14.3 was used as a test platform. All products were tested in the test areas of protection, system load and usability. The testers awarded up to 6 points for each area. The best score in the test was therefore 18 points.

Solutions from Bitdefender, Crowdstrike, Sophos and Trellix were tested as corporate products. Products from Avast, AVG, Avira, Bitdefender, Clario, Kaspersky, Norton and Trend Micro were tested for single-user PCs.

The final result of the test shows that most products achieve the highest possible score of 18. A few are just below that with 17,5 points. Only one product achieves only 16 points.

More at



AV-TEST GmbH is an independent provider of services in the field of IT security and anti-virus research with a focus on the identification and analysis of the latest malware and its use in comprehensive comparative tests. The fact that the test data is up-to-date enables the quick-response analysis of new malware, the early detection of virus trends, and the investigation and certification of IT security solutions. The results of the AV-TEST Institute represent an exclusive information base and serve manufacturers for product optimization, specialist magazines for the publication of results and end customers for orientation in product selection.

The company AV-TEST has been operating in Magdeburg since 2004 and employs more than 30 people with profound specialist and practical experience. The laboratories are equipped with 300 client and server systems in which more than 2.500 terabytes of self-determined test data of harmful and harmless information are stored and processed. Further information can be found at


Matching articles on the topic

Bitterfeld: Ransomware attack cost 2,5 million euros

The cyber attack with ransomware on the district of Bitterfeld three years ago shows the uncomfortable truth: it took years to ➡ Read more

New ransomware variant Fog discovered

Not much is known about the threat actors of the new ransomware variant called Fog. So far, only US organizations have been affected ➡ Read more

Europol: Almost 600 criminal Cobalt Strike servers shut down

Old and unlicensed versions of Cobalt Strike, the legitimate testing tool used by pentesters and red teams, are in the hands of ➡ Read more

Kinsing malware – millions of attacks daily

Since 2019, Kinsing malware, which particularly attacks cloud-native infrastructures, has been on the rise. A new study presents attack techniques and tactics of the ➡ Read more

Complex IT security: 450 end devices – 3 IT employees

Many companies use several security solutions at the same time. This leads to a high level of complexity. In an international survey, Malwarebytes asked 50 companies ➡ Read more

Microsoft sends customers warning email that looks like spam

After the attack by Midnight Blizzard in January, Microsoft warned its customers in June by sending an explanatory email. Unfortunately, ➡ Read more

Telegram: 361 million user data leaked

Cybercriminals have published millions of email addresses as well as usernames and passwords of online accounts in channels of the messenger service Telegram, according to the operator ➡ Read more

EU ATM malware attacks ATMs

ATMs are a popular target for cybercriminals. The new EU ATM malware is targeting European ATMs. Criminals can ➡ Read more