- CrowdStrike Falcon® Pro for Mac achieved 100% Mac malware protection in the May 2023 AV-Comparatives Mac Security Test
- This 2023 win marks the sixth consecutive year that CrowdStrike Falcon Pro for Mac has won the Approved Mac Security Product award from AV-Comparatives, a leading third-party independent organization that evaluates the efficacy of endpoint security solutions
- Falcon Pro for Mac employs cloud-based and on-sensor AI and machine learning (ML) to proactively protect business and enterprise customers against threats, and the test showed no observable performance reduction on the host Mac and zero false positives
Mac computers are becoming increasingly popular in business and enterprise applications. This growing adoption has had one negative side effect: Adversaries are increasingly targeting Macs, hoping that companies buy into the concept of macOS being immune to cyberattack. While macOS does provide advanced security features, these can be defeated by a determined attacker. CrowdStrike researchers have been tracking a wide range of malware that specifically targets macOS, including ransomware, backdoors and trojans.
AV-Comparatives runs a yearly test that pits leading Mac cybersecurity solutions against a wide range of malicious applications (malware) to determine their effectiveness at protecting Macs against attack. For the sixth consecutive year, CrowdStrike Falcon Pro for Mac won the AV-Comparatives Approved Mac Security Product award. During testing, Falcon Pro for Mac achieved 100% protection against Mac malware, with zero false positives and with no observable performance reduction on the Macs used for testing.
How AV-Comparatives Tested
The methodology used by AV-Comparatives starts with Macs that were wiped down, with a fresh install of macOS Ventura. The computers remained connected to the internet, enabling use of cloud services.
AV-Comparatives collected 309 Mac malware samples that are representative of what the organization detected being used in the wild during the first half of 2023. For Mac users, these malware samples represent the current threat landscape. Testers inserted USB flash drives containing these malware samples into the Macs, providing the first opportunity for security products to detect and protect against the malware. Any samples that were not detected were then copied to the Mac’s system disk and executed. If a security solution did not detect and neutralize by this stage, it was considered a miss.
In addition, the same procedure was used with a set of clean Mac applications to test for false positives. This is an important factor because if a security product alerts on valid applications as being malware — a false positive — then the SecOps team is required to investigate on the assumption it is signaling an attack. False positives waste time and resources and reduce confidence in the security product.
Falcon Pro with Advanced AI and Machine Learning Protected Against 100% of Mac Malware, with Zero False Positives
Unlike many common cybersecurity solutions, Falcon Pro for Mac does not rely on signature-based detection — it leverages the advanced AI and ML technology CrowdStrike has been perfecting for more than a decade. Falcon Pro for Mac’s layered approach protects endpoints from new and unknown malware and threats by employing both on-sensor and in-the-cloud machine learning capabilities, coupled with behavior-based malware detection.
The results of the May 2023 AV-Comparatives Mac Security Test show how incredibly effective CrowdStrike’s technology is at stopping breaches. Of the 309 Mac malware samples employed during testing, Falcon Pro for Mac had zero misses, providing 100% detection and 100% protection. There were zero false positives recorded. The Mac computers used in testing showed no observable performance reduction thanks to the lightweight Falcon sensor.
A business or enterprise customer protecting its Macs using CrowdStrike Falcon Pro for Mac has best-in-class protection from malware, a lower cost by avoiding SecOps teams having to chase false positives and an industry-leading ability to stop breaches.
CrowdStrike Is Committed to Third-PartyTesting and Transparency
In its report, AV-Comparatives notes:
“Through our yearly Mac testing, we have found that the vendors being evaluated demonstrate a commendable commitment to threat research and continuous product improvement. Their efforts are focused on providing effective security solutions that safeguard Mac users against the ever-changing and potentially rapidly evolving Mac threat landscape. We strongly encourage other security vendors to actively participate in third-party tests to ensure their products meet the current standards and expectations.”
CrowdStrike is committed to third-party testing. We believe that participating in these evaluations — and having the independent performance data publicly available — is critical to customers being able to make an informed decision about the best cybersecurity solution for their needs. The results of these tests highlight CrowdStrike’s cybersecurity industry leadership and clearly demonstrate the value of the Falcon platform’s use of advanced AI and ML technologies.
In addition, we feel that the feedback received as part of third-party testing is an opportunity to make our products even stronger. Having leading third-party testing organizations like AV-Comparatives constantly pushing the envelope using real-world attack tactics and techniques helps to ensure that the CrowdStrike Falcon platform remains the industry leader in providing protection against cyberattacks and stopping breaches.
Additional Resources
- Read the blog: CrowdStrike Falcon Platform Achieves 100% Detection and Protection Against MacOS Malware with Zero False Positives in Latest MacOS AV-TEST
- To learn what other industry analysts are saying about CrowdStrike, visit the Industry Recognition webpage.
- Learn more about Falcon Endpoint Security for macOS.
- Test CrowdStrike next-gen AV for yourself with a free trial of Falcon Prevent™.