LABS FEATURE
Antivirus software continues to be a contentious topic. Some vehemently argue that the protection built into Windows, macOS, iOS and Android is more than enough to keep people safe. Others prefer to invest in a suite that will cover not only their main PCs but also their mobile devices, not to mention those of their family.
Then there’s business protection. While that’s beyond the scope of this group test, which is focused on consumers, we reveal what’s on offer for companies of all sizes – including Microsoft’s heavily integrated solution, for better or worse.
So, how do you decide what’s best for you? By being informed. We use data from three independent testing houses as the basis of this Labs, and with a summary of results on p76. The good news is that all the main products offer excellent protection, but some – how do we put this delicately? – are more intrusive than others.
We also suggest you examine our feature table on p62 closely. This details exactly what features are included with each product, and our buyer’s guide on p64 will help you work out what you might actually want or need for your protection.
But the most important aid of all is our reviews. Based on the results and our own usability testing of each package, these will give you a concise verdict on the 12 products on test.
We need to talk about AV software: a buyer’s guide
If you’re running Windows 10 or 11 then it has built-in AV protection, so why worry about buying software? It’s a fair question, but not the only one you need to answer.
Modern security software packs in loads of features, but if you’re shopping for antivirus software then your top priroity is simple: not getting infected by malicious software.
That means that real-time malware protection is the critical feature of a security suite. This is a service that continuously monitors your PC for malicious software, primarily by scanning new files and websites your computer encounters.
It’s also our minimum bar for inclusion in this group test. For example, the free edition of Malwarebytes is effective and justifiably popular but, unlike its paid-for version, it only provides on-demand scanning.
Every single product in this group test is capable of protecting your computer against the vast majority of malicious software. Performance analysis of malware protection is in the business of assessing edge cases, unfamiliar malware and false positives. These marginal instances can have an impact on your quality of life and, potentially, the health of your PC.
Malware signatures – the hashes of known malicious files – remain important to both real-time and on-demand scanning, and this is why you still see testing houses running flat file scans against large batches of recently collected malware introduced on a disk.
But polymorphic viruses and other forms of obfuscated malware have been around for decades, which is where heuristic scanning comes in: this looks at characteristics and behaviours of a suspicious file or process to determine whether it’s likely to be a threat.
Does it use known detection-evasion techniques such as encryption or compression (“packing”)? Does it engage in potentially threatening behaviour such as attempting to delete files or terminate processes? Characteristics like these allow antivirus software to decide whether an unknown program is likely to be a threat or not.
Can it beat Microsoft Defender?
The fundamental question about any third-party antivirus solution is whether it can consistently perform better than Microsoft Defender antivirus, which comes built into Windows 10 and 11, and requires no additional software installation or payment.
We’ll be reviewing the free “for individuals” version of Microsoft Defender that ships with the operating system on the same terms as its rivals, but the fact that you don’t need to install anything new or update any licences makes it a compelling choice when it comes to protecting the PCs of less tech-savvy friends and relations. But that’s only assuming that its protection continues to meet the grade.
At the start of its life, Defender didn’t. However, due to the huge number of systems on it’s deployed, Microsoft has a real advantage when it comes to obtaining malware samples to analyse, which informs not only its malware signature database, but also the behaviour data it has to add to its heuristic rules of thumb for sketchy software.
Over the past few years Defender has matured into a piece of software that even seasoned security experts have started to respect, and that’s been based on a fine string of performances across the likes of AV Comparatives, AV-Test and SE Labs.
How much to pay
Just for once, free antivirus isn’t one of those you-get-what-you-pay-for deals. In fact, there are good reasons for companies to produce effective free AV software: they benefit by getting more data about malware that their free users encounter, by promoting their paid-for products, and by the reputational boost that their free products bring.
Naturally, though, they want to upsell you to their full security suites. These generally include features that are more expensive to provide, from online password managers to cloud backup and even hands-on helplines in case you lose your wallet or have your identity stolen.
We’ve roughly divided antivirus suites into free products, mid-tier services that you can expect to pay around $100 a year for, and high-end suites with numerous service-based features, plenty of installation
