The Secfix Agent runs as a background service on employee devices, continuously monitoring and updating key data relevant to information security compliance. One of its core functions is to verify the presence of antivirus (AV) software.
You can view antivirus compliance under Monitoring → Computers, in the AV INSTALLED column.
Types of Antivirus checks performed
Native Antivirus Verification:
Supported platforms: macOS and Windows
The agent checks whether the operating system’s built-in antivirus is enabled and active.
Third-Party Antivirus Verification
Supported platforms: macOS, Windows, and Linux
Secfix checks for third-party antivirus tools installed as Desktop Applications and Browser Plug-ins.
These can be viewed under: Employee → Profile → Employee Computer → See all applications
MacOS Antivirus Detection
Detection Procedure
Secfix first checks if macOS native antivirus (XProtect) is active.
If XProtect is inactive, the agent:
Scans all installed desktop applications
Scans for browser plug-ins
If no valid AV is found, the system marks the computer as non-compliant (❌) on both the Computers and Automated Checks pages.
Supported macOS Antivirus Solutions:
XProtect
Avast Antivirus
Avira Antivirus
Bitdefender Endpoint Security for Mac
Bitdefender Virus Scanner
Carbon Black
CrowdStrike Falcon
Cylance Endpoint Security
CylancePROTECT
ESET Antivirus
Jamf Protect
Malwarebytes
Microsoft Defender/Windows Defender
SentinelOne
Sophos Antivirus
Sophos Endpoint
Sophos Home Antivirus
Trend Micro Security Agent
VMware Carbon Black Cloud
Webroot SecureAnywhere
Troubleshooting:
Reactivate the native MacOS Antivirus, XProtect+Gatekeeper using this Guide.
Windows Antivirus Detection
Detection Procedure
Secfix checks if Windows Defender (Microsoft Defender) is active.
If Windows Defender is inactive, the agent:
Scans desktop applications
Scans for browser plug-ins
If no valid AV is found, the computer is marked as non-compliant (❌).
Supported Windows Antivirus Solutions:
Microsoft Defender/Windows Defender
Avast Free Antivirus
Avast Premium Security
Avast Antivirus Gratuit
Avira Antivirus
Bitdefender Antivirus Free
Bitdefender Endpoint Security Tools
CrowdStrike Windows Sensor
Cylance PROTECT
ESET Security
Forticlient
Kaspersky Internet Security
Kaspersky Total Security
Norton 360 Premier
Norton AntiVirus
Norton Security
Norton Security Online
McAfee AntiVirus
McAfee Endpoint Security Threat Prevention
McAfee LiveSafe
McAfee All Access x96 Total Protection
McAfee All Access- Total Protection
SentinelOne
Sophos Anti-Virus
Sophos Home
Symantec Endpoint Protection
Webroot SecureAnywhere
Windows Security Center
Troubleshooting:
Use this guide to activate native Windows Antivirus (Windows Defender).
Linux Antivirus Detection
Detection Procedure:
Linux does not come with a native antivirus, but some industry auditors recommend using one for compliance. The Secfix Agent scans:
Installed desktop antivirus software
Browser-based antivirus plug-ins
If none are found, the system may reflect a non-compliant status, depending on your organization’s policy.
Supported Linux Antivirus Solutions:
ESET
Bitdefender
Kaspersky
Sophos
Comodo
F-Secure
ClamAV
F-prot
Chkrootkit
Avast
Forticlient
If your antivirus solution isn't on the Secfix Agent's list, submit it as a feature request here.
FAQ
Where do I see if antivirus is installed on employee computers?
Navigate to Monitoring → Computers, and check the AV INSTALLED column. It will show a ✅ for compliant devices or ❌ if no supported AV is found.
What happens if an employee doesn’t have any antivirus installed?
The device will be marked as non-compliant (❌) in the Secfix Computers page. This status also appears in Automated Checks for remediation.
Is XProtect on macOS enough to pass compliance?
Yes, but only if it is active. If XProtect is disabled and no other third-party antivirus is detected, the device will be flagged as non-compliant.
Does Secfix detect antivirus plug-ins in browsers?
Yes. Secfix identifies browser-based antivirus plug-ins even if they are not clearly listed in the main application panel.
Why doesn’t Linux have a native antivirus check?
Linux systems don’t ship with native antivirus software. However, Secfix still scans for third-party tools, as auditors may require this.