As organizations increasingly face malware attacks that target macOS, detecting and preventing attacks without disruption caused by false positives and false warning messages is increasingly important. That’s why we’re proud to share that the CrowdStrike Falcon^® platform once again achieved 100% detection and prevention of macOS malware with ZERO false positives in the latest AV-TEST macOS evaluation. 

In the evaluation, CrowdStrike Falcon^® Pro for Mac earned the maximum points achievable, with a perfect 18.0 point score. CrowdStrike earned the perfect score across three crucial evaluation categories: 

• Protection against macOS malware 
• Performance impact on the host system 
• Usability of the platform (avoiding disruptions caused by false positives and false warning messages)

This marks the third consecutive AV-TEST evaluation for macOS where CrowdStrike Falcon Pro for Mac achieved the maximum score, the only security vendor to achieve this milestone in 2022. The Falcon platform’s layered approach includes on-sensor and cloud-based machine learning with indicators of attack to detect and protect against widespread macOS malware, as well as previously unknown variants. In this AV-TEST evaluation, the Falcon platform delivered 100% macOS malware protection with zero false positives, zero false warnings and no disruption to Mac users. 

See Falcon endpoint security for macOS in action in this short demo.

How AV-TEST Evaluates and Certifies MacOS Business Security Products

AV-TEST runs quarterly macOS for business security product evaluations. Security vendors are awarded points based on their products’ performance in three primary categories: protection, performance and usability. Each category is worth up to six points, and the maximum number of points that can be awarded as a result of the complete evaluation is 18. Vendors earn a seal of approval from AV-TEST if their product is able to score a minimum of 10 points.

The Protection test category evaluates the security product’s ability to detect and protect against widespread and prevalent macOS malware discovered during the past four months, including worms, viruses and trojans. AV-TEST employs 409 malicious samples as part of this test. CrowdStrike detected and protected against 100% of macOS malware, earning a perfect six point score.

During the Performance evaluation, AV-TEST measures the impact the security solution has on the performance of the Mac computers during daily use. This includes determining if the security product is slowing down the downloading or installation of frequently used applications, if it is slowing the launch of frequently used applications and if it is having a negative speed impact on copying files both locally and over the network. AV-TEST’s methodology for determining performance impact employed 25 installed applications, 44 downloaded files, 60 test cases for launching applications and 2,016 files. After exceeding the industry average (as defined by AV-TEST) for all four tests, CrowdStrike once again earned a perfect score of six points.

The final suite of tests conducted by AV-TEST measures Usability, or the impact of the security product on the host Mac. The primary concern here is false positives — incorrectly identifying legitimate software installed on the computer as being malware — and false warning issued when the user undertakes tasks such as installing legitimate software. False positives are disruptive and negatively impact a computer’s usability while potentially causing significant disruptions caused by automated remediation capabilities. AV-TEST used the security products to scan 20,177 files and ran 80 test cases involving installing and using legitimate software. CrowdStrike had zero false positives and zero false warning messages, for another perfect score.

With a six-point score in each of the three test rounds, CrowdStrike Falcon Pro for Mac ended up with a perfect 18 point AV-TEST macOS business security product score, the third consecutive such result in 2022 and the only security solution to achieve this milestone this year.

CrowdStrike’s Commitment to Testing and Transparency

As the most-tested next-generation security platform in the world, CrowdStrike is committed to public testing and evaluation to help customers make the right choice for their security needs. We continue to participate in independent evaluation efforts by third-party organizations, earning cybersecurity industry recognition for our transparency and consistently high performance during testing. In recent testing: 

• CrowdStrike achieved the highest detection coverage (99%) in the first-ever closed-book MITRE ATT&CK^® Evaluations for Security Service Providers.
• CrowdStrike Falcon® Pro for Mac achieved 100% Mac malware protection in the May 2022 AV-Comparatives Mac Security Test and Review. 
• The CrowdStrike Falcon platform achieved 100% ransomware prevention with zero false positives in SE Labs EDR ransomware testing 

Participating in evaluations and multi-use case tests alongside other security vendors helps inform organizations of the effectiveness of our technologies. It also enables us to constantly improve by identifying and building relevant and valuable detection and protection capabilities into the Falcon platform to protect companies from threats and stop breaches.

Additional Resources

• Read the blog, CrowdStrike Falcon® Pro for Mac Wins Fourth AV-Comparatives Approved Security Product Award.
• To learn what other industry analysts are saying about CrowdStrike, visit the Industry Recognition webpage.
• Learn more about Falcon Endpoint Security for macOS.
• Check out a video demo for Falcon Endpoint Security for macOS.
• Test CrowdStrike next-gen AV for yourself with a free trial of Falcon Prevent™.