How to choose the right security suite
Navigating the various choices of security suite, from free to options costing over £200, can seem impossible. This guide will point you in the right direction
Modern security software packs in loads of features, but make no mistake: not getting infected by malware should be your top priority.
That means real-time malware protection is the critical feature of a security suite. This is a service that continuously monitors your PC for malicious software, primarily by scanning new files and websites your computer encounters.
It’s also our minimum bar for inclusion in this group test. For example, the free edition of Malwarebytes is effective and justifiably popular but, unlike its paid-for version, it only provides on-demand scanning.
Every single product in this group test will protect your computer against the vast majority of malicious software. Performance analysis of malware protection is in the business of assessing edge cases, unfamiliar malware and false positives. These marginal instances can have an impact on your quality of life and, potentially, the health of your PC.
What anti-malware protection looks for
Malware signatures – the hashes of known malicious files – remain important to both real-time and on-demand scanning, and this is why you still see testing houses running flat file scans against large batches of recently collected malware introduced on a disk.
But polymorphic viruses and other forms of obfuscated malware have been around for decades, which is where heuristic scanning comes in: this looks at characteristics and behaviours of a suspicious file or process to determine whether it’s likely to be a threat.
For example, does it use known detectionevasion techniques such as encryption or compression (“packing”)? Does it engage in potentially threatening behaviour such as attempting to delete files or terminate processes? Characteristics such as these allow antivirus software to decide whether an unknown program is likely to be a threat or not.
Can it beat Microsoft Defender?
The fundamental question about any third-party antivirus solution is whether it can consistently perform better than Microsoft Defender Antivirus, which comes built into Windows 10 and 11, and requires no additional software installation or payment.
Although every other security suite in this group test is paid-for, we’ve reviewed the “for individuals” version of Microsoft Defender that comes free with Windows on the same terms as its rivals. The fact that you don’t need to install anything new or update any licences makes it a compelling choice, particularly when it comes to protecting the PCs of less tech-savvy friends and relations. However, as Windows’ default protection against viruses, it has to match the performance of third-party software to justify being left active.
Due to the huge number of systems it’s deployed on, Microsoft has a real advantage when it comes to obtaining malware samples to analyse, which informs not only its malware signature database, but also the behaviour data it has to add to its heuristic rules of thumb for sketchy software. However, as the results show, that doesn’t make it the best choice and competition is important.
Due to the huge number of systems it’s deployed on, Microsoft has a real advantage when it comes to obtaining malware samples
Money matters
Although it’s not the main focus of this group test, free antivirus is a good choice as long as you choose reputable companies whose software receives proper testing. Free AV firms benefit by getting more data about malware that their free users encounter, by promoting their paid-for products, and by the reputational boost that their free products bring.
Paid-for security suites generally include features that are more expensive to provide, from password managers and parental controls to cloud backup and even hands-on helplines in case you lose your wallet or have your identity stolen.
We’ve generally picked products towards the higher end of each company’s range, and then tried to find the lowest price we can for each of them. In the feature table on p80 and the reviews, you’ll find both the price direct from the company’s website and the cheapest third-party deal. Most of the time, that either means the PC Pro shop ( store. pcpro.co.uk) or Amazon.
As you’ll see, there’s a huge difference between direct prices and those from retail. The former range from £50 to over £200, while the in-store prices range from £17 to £55. And there’s a hidden difference, too: most of the time, if you buy from retail you won’t get hit with an auto-renewal. However, on almost every occasion if you order direct from a supplier then you’ll get a “discounted” rate for the first year and a higher price for renewals.
Extra features
While our scores are weighted heavily towards real-time protection against malware, all the products in this group test do a lot more (other than Windows Defender), helping to justify their status as fully fledged security suites.
Some of these features specifically concern device security. We’re big fans of ransomware protection that can lock down and/or back up your most important folders, for instance.
You may also appreciate web-based management consoles that allow you to remotely find, lock down or wipe lost computers or mobile devices.
There are a bunch of extra security features, too: dedicated webcam protection, bootable rescue disks to help you recover after a malware infection, firewall software that, in almost all cases, has a less creaky interface for creating rules than Microsoft’s integrated solution.
You’ll also see a lot of things that you might otherwise buy as a dedicated service, such as password managers, parental control software, cloud backup services and VPNs.
While it might be convenient to get everything bundled together, these “extra” products can be a long way from best-in-class. In particular, you don’t want your password manager or cloud backup provider – long-term, high-security subscriptions by their nature – to be tied into a bundle with malware protection that you might decide to swap to another provider in a year’s time.
If you’re a power user, you probably already have opinions and requirements about many of these things. If you use multiple operating systems, or want a VPN that you can deploy to your router, the VPNs bundled with security suites rarely provide sufficient flexibility.
Bundled parental control suites tend to be mostly okay, with the caveat that they rarely offer features above and beyond what you get built into Windows (Microsoft Family Safety) or macOS (macOS Parental Controls). Their main point of difference is that they offer a crossplatform solution. However, buyer beware: some third-party parental control suites, including those provided with internet security software, are less than respectful of children’s rights under British law.
The final category of extras consists of tools such as local encrypted data stores, secure file shredders, Registry cleaners, disk usage analysers and even disk defragmenters. Although these can be handy, there are free and opensource applications that do as well or better in almost all cases, so these can be safely ignored as filler.
We’re big fans of ransomware protection that can lock down and/or back up your most important folders