Mac Security

Here’s The Only Mac Security Software You Need

Justin Pot 19-01-2016

If you’re a new Mac user (or even if you’re not), you might be confused about what kind of security software you do and don’t need. The truth is, for most people, OS X is fairly secure out of the box. And there are a number of programs out there that potentially do more harm than good.


Which Mac security programs can be trusted? And do I really need them? Let’s go over basic requirements for a Mac firewall, anti-virus, cleaning apps and password managers and learn about a few free apps that can be trusted — as well as some apps that probably shouldn’t be.

Firewall: Stick With What’s Built In, Or Buy Little Snitch

Does your Mac really need a firewall Does Your Mac Really Need a Firewall? What You Need to Know Do you need a firewall on your Mac? Here's everything you need to know, including how to turn on and off your Mac's firewall. Read More ? Probably not. The built-in protection of OS X means any unused port is closed off, so most of the functionality people think of when they say “firewall” is already provided as part of the operating system.

Here's The Only Mac Security Software You Need mac firewall settings

For more control, you can enable the firewall in System Preferences > Security & Privacy to block a few specific apps from using the network. For most users, this is more than enough protection.

If you’re the sort of user who wants precise control over which apps can and cannot access the Internet – and also the sort of user knowledgable enough to use an advanced firewall – look into Little Snitch.



This is probably the best firewall for Mac Which Apps Are Using Your Internet Connection? Find Out With Little Snitch [Mac OS X] We've shown you how to enable the included firewall in OS X, but it's quite limited. It allows you to block traffic on a per-app basis, but beyond that there's not a lot of configuration... Read More , giving you a fine level of control and access to all networking information while still managing to feel like a native Mac application.

Not everyone needs a dedicated Mac firewall, but if you want one check out Little Snitch first. Just be warned: a lot of programs on your Mac use the Internet, so you’re going to see a lot of warnings when you first start using this. If you don’t know what you’re doing, you might end up disabling something you need, so only dive in if you’ve got some time on your hands to look things up and make a bunch of decisions.

Anti-Malware Software: Scan Occasionally With MalwareBytes

Mac malware consistently makes headlines in the tech world, mostly because of its novelty. Decades of arrogant Mac users talking up how they “can’t get viruses” are probably a big part of this, but even without the fanboy factor the relative scarcity of malware on the platform means any bit of malware is going to make headlines.


Let’s be clear: Macs can get malware. Some of it is pretty nasty.

Even so, Mac malware is not a terribly common problem for the average Mac user, especially if you’re not the sort of person who seeks out pirated software. When you think you have malware, the problem is almost always something else entirely. And in many cases, Apple’s updates will quietly disable malware on your system without even telling you.

For this reason, I think any kind of always-running anti-malware software is overkill. Paying for and installing something like Norton or Sophos to constantly run in the background and ask you to install updates isn’t just overkill, it could slow down your Mac and potentially cause other problems.



Instead, I recommend periodic scans. If you suspect malware, run though our list of ways to find out if your Mac has a virus 3 Signs Your Mac Is Infected With a Virus (And How to Check) If your Mac is acting weird, it could be infected with a virus. How can you check for a virus on your Mac? We'll show you. Read More , then run the free MalwareBytes for Mac just to make sure. If you’re really paranoid, add BitDefender for Mac to the routine as well.

Windows users know that the best anti-malware tool is common sense – Mac users living in the current age of Mac malware would be wise to heed this advice. Don’t pirate software, avoid downloading apps from sites like MacUpdate Why You Shouldn't Download Mac Apps From MacUpdate Any More MacUpdate has joined the dark side, bundling adware into free downloads like Firefox. If you want to avoid this completely, stop downloading apps from MacUpdate. Read More , and generally make sure you can trust a program before running it. If you’re really paranoid, leave Gatekeeper enabled on your Mac What Is GateKeeper & How Does It Help Protect My Mac? [MakeUseOf Explains] Will your favorite programs ever run again? Certain programs won't load anymore - a message about Unidentified Developers shows up instead. There isn't even an obvious option to run the app. Gatekeeper just might be... Read More to stop any unauthorized program from running. Walled gardens are maligned by power users, but they’re pretty safe for everyone else.

Here's The Only Mac Security Software You Need mac fbi malwarae popup

One more note: Mac ransomeware sometimes pops up Mac User With Ransomware? How To Easily Remove This "Malware" Threat The FBI Ransomware didn't only affect Windows users; Mac owners were conned into paying up. Ironically, however, the OSX version wasn't really malware, but merely a browser popup that is easily removed. Read More , but it’s not actually a Mac-specific thing. It’s just a bit of browser trickery, and the solution is always to restart your browser (use Activity Monitor if things get really tricky What Is Activity Monitor? The Mac Equivalent of Task Manager Learn all about Activity Monitor on your Mac and how to use it to check detailed information about your system. Read More ).


Cleanup Software: CCleaner Full Version of CCleaner Now Released For The Mac No matter how intuitive and reportedly "trouble free" Macs are to run, believe me, several months after you add hundreds of files, applications, and download thousands of webpages, your shiny new iMac or MacBook Air... Read More or Onyx

Often when people suspect Mac malware the real problem is a buildup of non-malware issues that slow things down. For this reason it’s a good idea to occasionally clean up your Mac.

But what tool should you use? We’ve recommended time and time again that you should avoid applications the MacKeeper Does Your Mac Really Need Tools Like MacKeeper? System cleaning tools and utility suites aren't just for Windows PCs. But what do these tools do, exactly? And should you use them? Read More , which make big promises before asking you for money to perform simple tasks that other apps do for free.

There are other far more helpful cleanup tools out there. CCleaner for Mac Full Version of CCleaner Now Released For The Mac No matter how intuitive and reportedly "trouble free" Macs are to run, believe me, several months after you add hundreds of files, applications, and download thousands of webpages, your shiny new iMac or MacBook Air... Read More is a simple way to remove all the excess files built up by OS X and popular programs over time.


You can run it without worrying about messing up your system, but it doesn’t give you access to advanced tuneup tools like permissions and maintenance scripts. If you want more control, and access to all sorts of hidden options OnyX Gives Access To All Kinds Of Hidden Mac Options [Mac] Keeping your Mac running in tip-top shape is important. If you use your computer for work, you are going to want it running as fast as possible. Apple actually has all kinds of options available... Read More , Onyx is your best bet. This free app is the Swiss army knife of Mac cleaning tools.


If you want to clean out your Mac, don’t pay for software like MacBooster or MacKeeper. Stick to the above free tools.

Password Manager: Built In, Or Bring Your Own

If your passwords are easy to crack, no amount of security software is going to protect you. Never use the same password twice for critical things like email, file storage, or banking.

It’s a lot to remember, which is why password managers are so important. These let you keep track of long passwords without needing to memorize them yourself.

Apple has started bundling a pretty good one with OS X, and if you have two-factor authentication What Is Two-Factor Authentication, And Why You Should Use It Two-factor authentication (2FA) is a security method that requires two different ways of proving your identity. It is commonly used in everyday life. For example paying with a credit card not only requires the card,... Read More enabled with iCloud it’s a pretty secure way to store all of your long passwords. It even syncs with your mobile devices, if you happen to have an iPhone or iPad.


Some people will prefer a more active approach, which is why we came up with a comprehensive list of different password managers 5 Password Management Tools Compared: Find the One That's Perfect for You Choosing some sort of password management strategy to deal with the huge amount of passwords we need is crucial. If you're like most people, you probably store your passwords in your brain. To remember them... Read More . I personally use KeePassX because I like manually keeping track of my passwords, but you might prefer something else (1Password and LastPass are great, premium options).

Whatever tool you prefer, make sure you’re not using the same password for multiple critical applications. It will come back to bite you later.

What Mac Security Tools Do You Recommend?

This article reflects my experiences working in IT and writing about Mac software, and we think it’s pretty much all you need to keep your Mac secure (along with a healthy dose of common sense). Of course, you may have your own favourites — and we’d love to hear what you think!

What are your favorite Mac security apps? What do you use them for, and why do you trust them?

Related topics: Antivirus, Computer Security, Malware, OS X El Capitan, Ransomware.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Scott
    January 9, 2017 at 3:21 am

    I bought a new loaded Macbook Pro in Q3 2012 and put on the free version of Sophos for Mac. It slowed my computer down to a screech. After working with Apple support, which was great, I ended up uninstalling Sophos and my computer's performance returned to normal.

    Maybe Sophos is better now, but if it hasn't had a major change, I would stay away. A SysAdmin person told me Sophos was a native Windows app that was adapted to work on a Mac. If that is true, it seems like not being a native OSX app would be the cause.

  2. Pixturesk
    January 1, 2017 at 11:59 am

    I use a combination of Sophos for Mac Free Edition, CCleaner, AntiMalware Bytes + Onyx. Also occasionally I run the Shields Up test at to see just how stealth my iMac is.

  3. Kai M.
    February 12, 2016 at 11:37 pm

    Good list of Mac utilities Justin!

    I am particularly fond of OnyX which not only does a great job cleaning up Macs, but also provides a solid second opinion to Disk Utility when you're dealing with a HDD or OS X install that seems to be going awry (and yes you do have to upgrade OnyX when you upgrade your OS as the software is OS X version specific).

    The Malwarebytes antivirus program you mention is just a re-branded version of Adwaremedic antivirus for Mac (Malwarebytes bought Adwaremedic last year). I've used the previous version for years when cleaning my clients Macs and it's great and lightweight. Since being bought by Malwarebytes it seems to continue to work flawlessly.

    I would also add that Sophos Antivirus for Mac Home edition is a solid "real-time" antivirus that doesn't, in my experience, have any negative impacts on machine speeds (unlike Norton, Avast, and some of the other Mac versions out there) and is free for personal use.

    ClamXAV is also decent, but I used to have issues with the older versions updating virus definitions. They seem to have fixed that in the new versions though.

    Also, I would definitely would recommend an AdBlocker for every web browser your using, because I've seen a rise in Mac specific scam sights that pop-up when users click on a link (even in top level sites like the New York Times, CNN, or Fox News).

    Anyway, I thought I'd mention that.

    Keep up the good work!

  4. Charlie
    January 27, 2016 at 2:07 pm

    I've been a Cleaner user for some time on Windows but prefer a previously-installed Cookie by sweetP Productions ( for, well, cookie control.

    My Macbook Pro has had Little Snitch installed for years. It takes a little getting used to, as it has the habit of producing pop-up alerts for most all sites. It does offer the feature of allowing outbound connections for session or forever. Trouble is, most times when one visits a site there are usually more than one 'other' site involved.

    Some years ago I installed "Namebench", a DNS diagnostic app which can help find faster DNS settings, which involves the brief scanning of over 2,000 URL's. It didn't take me long to learn to turn Little Snitch off, or temporarily disable it in order to allow this multi-scanning process. Failure to disable LS while the scanning goes on means you literally have to allow each and every single site access.

  5. Culvero
    January 26, 2016 at 11:30 pm

    - Native OS X firewall-Check
    - Malware Bytes-Check....add ClamXav & have a separate ADMIN account & all other user accounts including my own do NOT have administrative rights;I do all updates and maintenance from the ADMN account
    - Titanium Software's Onyx-Check....add Deeper & Maintenance
    -OS X/iOS Native Pass Word Manager-Check...backed up with a hidden & locked paper journal containing all pertinent data
    - Time Machine-Check....add periodical full disk backup to separate storage device, hide & lock up
    - add...Whole Disk Encryption with native OS X Filevault
    - add... -Web of Trust Extension to guide you away from the wrong path
    - add...An Ad Blocker to each browser that you use

  6. Anonymous
    January 24, 2016 at 6:53 pm

    "Windows users know that the best anti-malware tool is common sense..."
    Real Windows users know that common sense isn't enough. Worms can sneak in through open ports and compromise your machine, even if you only visit "trusted" websites (and "trusted" websites can be compromised to force in malware).
    Windows requires a full-time, running-in-the-background virus/malware scanner, even if Macs don't. Don't let anyone kid you by saying "I'm smart, so I don't need antivirus."

    • Justin Pot
      January 25, 2016 at 1:51 am

      Hey Howard, sorry if I seemed to imply you don't need an antivirus for Windows. What I meant to say is that common sense is the best protection. Which is just to say that, without common sense, any antivirus is more or less useless.

  7. FezVrasta
    January 22, 2016 at 12:26 am

    You forgot Time Machine, it can save you a lot of headaches if you are so unlucky to get some serious virus. But mostly it's useful to recover data when the user makes some mess by its own.

    Also, I have a .sparsebundle encrypted volume (you can create one with Disk Utility) where I save all the files I want to keep safe while I use my Macs.

    Another great utility, for the Chrome users, is Extensions Defender, a simple extension that help you keeping your Chrome free from malicious extensions.

    • Justin Pot
      January 22, 2016 at 2:23 am

      Nice additional tips! Thanks for stopping by.

  8. Jouni "rautamiekka" Järvinen
    January 20, 2016 at 2:02 pm

    Since OS X is largely [Free]BSD Unix, the same should apply as what applies to Linux: the only malware that can run without administrative powers is the regular binary, if allowed, otherwise it's bombproof.

  9. Mark
    January 19, 2016 at 11:34 pm

    Apologies for my previous comment, the built in updated only gave me version 3.0.1 of Onyx. I followed the link from your article for version 3.1.3 and it is working.

    • Justin Pot
      January 20, 2016 at 4:13 am

      I went through the same steps while writing the article! Glad I double-checked, and that it's working for you now. :)

  10. Mark
    January 19, 2016 at 11:28 pm

    Not sure what version of OSX you are on , but I am on 10.11.2 and neither CCleaner nor Onyx are compatible. Disappointing because I already had these tools installed and for the most part was already following this article's advice!

    • Keith
      January 20, 2016 at 6:11 am

      I have been using CClenaer and Malwarebytes for years on mine and my clients Windows PCs. Now I use them on my Mac and on clients Macs.
      Brilliant, easy to use and reliable free tools.I just installed the latest CCleaner on my 10.11.2 Mac with no issues, it runs fine.

      • Justin Pot
        January 20, 2016 at 2:43 pm

        You just need to remember to update CCleaner when you update OS X or you will sometimes see error messages like the one Mark is talking about.