Actually it is still true that there is no need to run a third party antivirus on a Mac. The only thing in the wild is the same thing there was nine-years ago—Trojans. And the Trojans are still basically the same as they were. There were about 40 Trojans in 2009 and there are about 150 now in just eight distinct families that affect Macs. All of those are identified by the Mac's operating system which will warn the user if they are downloaded, installed, or first run and require the user to provide an ADMINISTRATOR'S NAME and PASSWORD before such actions can continue, not just a simple "OK". . . therefore it takes industrial strength stupid users to get infected by such malware on a Mac.
Apple's built-in protection is more than adequate without buying and running antivirus or even antimalware apps. The problem is that all third-party apps that provide this function TURN OFF Apple's already effective and unobtrusive protection so they can intercept such malware so they will show the user they are doing their job! Yet the third-party software always has an impact on system performance without providing any more protection that what Apple already provided.
Some new vectors of attack have developed in the past three years. . . but these vectors are not something a software antivirus could ever defend against. Such vectors were hardware based through USB and Thunderbolt devices and required FIRMWARE updates to lockout the ability to add changes to the controlling firmware from external hardware invasive sources. Apple closed those off by firmware updates. . . and by locking the system through one more additional layer beyond root access that can't be accessed except through a boot process with a separate password. Such things are not and cannot be protected by software that will not be booted until after the system loads. The only possible protection has to hardware and system security that Apple has added.
> ...it is still true that there is no need to run a third party antivirus on a Mac... Apple's built-in protection is more than adequate without buying and running antivirus or even antimalware apps... All third-party apps that provide this function TURN OFF Apple's [built-in] protection...
What the...? If an application level program can turn off the operating system's built-in protection, then that built-in protection is worthless, because a Trojan-borne piece of malware can do the same thing, and all it takes is tricking the user into typing a password. We all know how easy that is.
Security should be by design, not bolt-on, and not disableable (except by recompiling in a sandbox during development). Being able to disable system security defenses in application software is an industrial strength design flaw. For the life of me, I cannot concoct a justification for that design decision.
So what the heck was Apple thinking when they added that particular API? "Let's give applications the ability to pull our pants down to our ankles, so they can look good"?? WTF?