Threat Protection - Antivirus for Personal Devices

Most personal devices are already protected — Windows, macOS, and Linux all ship with built-in antivirus and anti-malware protection that's on by default or takes only a minute to verify. This article explains the difference between antivirus and anti-malware protection, how to confirm your operating system's built-in protection is active, safe-computing practices that stop most threats before they start, and what to check if you plan to install additional third-party software — including the antivirus requirement for Pitt VPN (GlobalProtect).

Antivirus vs. Anti-Malware

In the past, choosing antivirus software meant comparing many competing products at different price points. Today, operating systems build strong security protections in as a core feature, so most personal devices need little or no additional software.

  • Antivirus software blocks or removes traditional malware by recognizing patterns associated with already-known threats.
  • Anti-malware software uses broader detection techniques to catch newer and more sophisticated malware strains that don't match a known pattern yet.
Note: Use both together.
The Cybersecurity and Infrastructure Security Agency (CISA) recommends running antivirus and anti-malware protection together, since each is tuned to catch a different category of threat. No antivirus or anti-malware product can guarantee complete protection against every threat — regular updates remain your primary defense.

Built-In Security by Operating System

Keeping your operating system and applications fully updated is your primary defense — even a fully patched system can occasionally be affected by a brand-new, not-yet-documented threat. Select your operating system below to see what's already protecting your device and what, if anything, you need to do.

Note: Managing a University-owned device instead?
For University-owned devices, FAQs, and guidance for departmental IT support staff, see Antivirus for University Owned Devices.

Antivirus Starts with Safe Computing Practices

Whether you rely on built-in protection or install additional software, your device becomes a target the moment it connects to a network. Safe computing habits are the first and best line of defense:

  1. Use reputable software. Download applications only from trusted sources, such as official app stores or verified vendor websites, to reduce the risk of malware.
  2. Keep software updated. Update your operating system and installed applications as soon as an update is available — an unpatched system is like an unpatched roof: the damage shows up later, somewhere else.
  3. Enable a firewall. A firewall monitors incoming and outgoing network traffic and blocks unauthorized access. Pay attention to any message from your firewall about blocked traffic — it may mean an application is trying to send or receive data it shouldn't, or that a website is attempting something it shouldn't.
  4. Use strong, unique passwords and enable multi-factor authentication wherever it's offered. A password manager can generate and track strong passwords so you don't have to.
  5. Be cautious with email. Don't open attachments or select links from unknown or suspicious senders. Stay alert even for messages from people you recognize — never provide a password to anyone for any reason, and be wary of unexpected attachments or requests for information.
  6. Browse safely. Use a secure, up-to-date browser, be cautious of unfamiliar websites, and consider ad and script blockers to reduce the risk of drive-by downloads and malicious scripts. Be deliberate about granting website permissions — a site allowed to send notifications can later use that permission to display pop-ups or malicious ads.
  7. Back up regularly. Regular backups to an external drive or cloud storage limit the damage from malware such as ransomware, which locks your files and demands payment to unlock them. Creating occasional system restore points also helps.
  8. Stay informed. Cybersecurity threats and attacker techniques change constantly. Resources like CISA publish current guidance for recognizing and avoiding new risks.

Should I Install Additional Software?

The practices above stop most malware before it becomes a problem, but you may still want an extra layer of protection. The antivirus landscape changes quickly — a product that leads the field one year can be discontinued, sold, or repurposed the next, so there's no single permanent recommendation.

If you're evaluating a third-party product, look for recently published articles from recognized technology publications rather than relying on older "best of" lists. Search-engine results and app-store rankings can be influenced by advertising rather than actual effectiveness.

Note: Not sure where to start, or think you may already have a virus?
Contact the Technology Help Desk at 412-624-HELP (4357) for current recommendations or to report a suspected infection.

Microsoft Defender and Additional Software

Warning: Installing a second antivirus product can silently disable Defender.
Microsoft Defender is usually active by default on personal Windows devices, but installing a different antivirus product can turn Defender off without notifying you. If you later uninstall that additional software, your device can be left without active protection. Confirm Defender is active using Microsoft's guide to staying protected with Windows Security.

Antivirus Products Approved for Pitt VPN (GlobalProtect)

Pitt VPN (GlobalProtect) checks that your device's antivirus software is a current version and has been updated within the last seven days. If it isn't, you'll see a message stating that antivirus is missing or out of date. If that happens, update your antivirus software or make sure your operating system is fully up to date.

Note: How to read the vendor support charts.
PaloAlto (the GlobalProtect vendor) publishes lists of antivirus products approved for GlobalProtect's HIP profiles. These lists show vendors only, not version numbers. Open the chart for your operating system, select the Anti Malware tile, and cross-reference the list against the software you're considering.
OPSWAT support charts for antivirus products approved for GlobalProtect HIP profiles, by operating system
Operating System Support Chart
Windows OPSWAT Windows Support Charts
macOS OPSWAT macOS Support Charts
Linux OPSWAT Linux Support Charts

Troubleshooting

Pitt VPN still says my antivirus is missing or out of date after I updated it.
Run a manual scan and confirm the update completed successfully, then reconnect to GlobalProtect. Some antivirus products need a restart before GlobalProtect recognizes the new definitions.

I installed a third-party antivirus product and now Windows Security shows Defender as off.
This is expected — Windows disables Defender automatically when it detects another active antivirus product to avoid conflicts. If you later remove the third-party product, follow the steps above to confirm Defender turns back on.

I think my device may already be infected.
Stop entering passwords or sensitive information on the device and contact the Technology Help Desk at 412-624-HELP (4357) for assistance.

Request Help Print Article

Related Articles (1)

A directory of Pitt-provided security tools and services for students, faculty, and staff — multifactor authentication, antivirus, VPN, encryption, software updates, sensitive data discovery, and vulnerability assessments

Related Services / Offerings (2)

SOFTWARE AND APPLICATIONS DISTRIBUTION Pitt Digital provides a wide variety of software titles through the University's agreements with software vendors.
SECURE COMPUTING The University of Pittsburgh has a robust series of security controls to protect from threats including Enterprise Spam and Virus Filter with Exchange Online Protection and Microsoft Defender for Endpoint.