At a Glance
- MacOS Catalina - Sophos needs access to your device. Per the instructions at I've created a configuration profile and pushed it out to a few test machines running Catalina. Unfortunately, we are still seeing the popup instructing the user to grant Full Disk Access to Sophos.
- Mac mini (M1, 2020) MacBook Pro (13-inch, M1, 2020) Sophos Intercept X for Mac does not natively support this new chipset; however, it can be made to work using a piece of backwards compatibility software called Rosetta 2. This software needs to be installed on the Mac before joining it to the EAP and it updating to 10.0.2.
Catalina 10.15 introduced changes to permissions that block the installation of the CAA for macOS. The.der file cannot be dragged and dropped anymore into the Shared folder. This article describes the steps to resolve this issue. Applies to the following Sophos products and versions.
- Detection of ransomware in progress
- Low price per computer
- Cloud-based remote configuration
- Bug in current version that requires repetitive log in to view activity history
Sophos Home Premium has the most extensive and up-to-date approach to fighting malware at an unbeatable price.
Sophos released its latest version of what it simply calls Sophos Home (free) and Sophos Home Premium (paid) just before we began testing, and as such it may have a leg up on competitors that have revisions in progress. As it stands, the set of features, cloud-based configuration, and price make it the outstanding entrant in the field.
On its anti-virus performance, it’s not perfect, but it’s close. AV-TEST found it detected 98.4 percent of macOS malware, over 95 percent of macOS PUA, and over 99 percent of Windows malware. Those scores could be marginally better, but these databases are constantly being updated. During our real-world tests, it knocked out macOS malware as soon as it was unzipped from an encrypted archive. It also prevented us from loading web pages with malicious software via the WICAR test site.
Note: This review is part of our best antivirus roundup. Go there for details about competing products and how we tested them.
Sophos doesn’t have a full standalone app to manage its operation. Rather, you use the cloud-based Web app in a browser to handle configuration, operation, and remote management of other systems. Sophos appears in macOS as just a system menu item with a few options, such as the ability to perform a manual scan. Because the software protects a system in real time, the scan function is needed only if protection is otherwise paused.
The cloud-based approach allows Sophos to push updates to its interface without requiring a user download, and it has the most robust remote management of any of the software packages we tested. Only Sophos seems to put all controls in the cloud, while other AV software that offer Web-based controls have just a subset, such as initiating a remote scan.
Sophos markets this as a way to help family members, especially ones not at the same address. That’s apparent both from the licensing, with a $50 a year fee covering up to 10 computers (Mac and PC), and from how the license owner can send a link for another person to install and join the family group without additional steps for setup. Then the administrator can configure and run scans remotely.
As one of only two companies offering ransomware-specific file monitoring, Sophos rises to the top with a proviso: We were unable to independently test the feature separately, although we had it demonstrated for us by the company and examined said demo in-depth. (More on that in a moment.) That’s because Apple’s silent XProtect feature has definitions for all known ransomware, blocking it from running. XProtect uses virus signatures, so cannot protect against new ransomware malware or variants, but will block anything already discovered.
The demo Sophos showed us used an in-house ransomware test package developed by its research side. We examined script on our own, and it’s straightforward—we didn’t find any weird gotchas or wired demos in it. As the demonstration virus infected files, the originals were retained and not deleted, and by the time three files had been hit, Sophos Home Premium halted the attack and alerted the user. It’s possible to have legitimate software that encrypts or modifies a set of files, and thus the software provides an alert and won’t allow the putative file to delete documents.
Sophos Home also includes outbound network blocking to known malicious servers, malicious website blocking, web filtering for parental control, and alerts for mic and webcam usage. Sophos handles the web and network stuff via its kernel extension, which examines all traffic and allows central management of options.
The bottom line
Sophos Home Premium is the best in show, providing effective malware protection, PUA protection, ransomware monitoring, and additional features that often require separately licensed software. Its cloud-based configuration and generous licensing makes it possible to protect a household and an extended family, giving it an edge over its nearest competition.
If you’re considering Sophos’ free version, it’s quite good but lacks enough of the Premium version’s features that we recommend the free version of Avast Security instead.
Sophos Mac Os Big Sur
Version tested: 2.0.2
Sophos Vpn Macos Catalina
Editor’s note: Updated 4/20/2018 to clarify how we evaluated the performance of Sophos’s ransomeware detection.