Last updated: July 3, 2026
Author: Neil Brown, cybersecurity advocate
Affiliate disclosure: Neil Brown Reviews may earn a commission when you buy through some links on this site. This does not change the rating formula. It also does not change the exact facts I report. I keep the review process separate from affiliate income.
My plain-English testing promise
I write for people who want safer devices without jargon. Most readers do not want a lab report. They want to know what works, what costs too much, and what is easy to use.
I use a hybrid testing model. I combine my own hands-on checks with data from world-class independent labs. This gives you practical advice backed by hard data.
What I test myself
I spend 20-30 minutes with every product I review. I install the software and go through the setup process. I navigate the main dashboard and look for the scan button, settings, and alerts. I test basic features like the VPN or password manager. I take my own screenshots so you can see exactly what the app looks like today.
A product can have strong protection and still be a poor fit for everyday users. I look at how clear the dashboard is. I check whether the plan limits are easy to understand. I also look at how easy it is to find customer support.
Here is a summary of what I check personally:
| Area | What I look for |
|---|---|
| Setup | Download, install, account creation, first scan |
| Dashboard | Status messages, scan buttons, settings clarity |
| Plan clarity | Device limits, renewal notes, add-ons, trial terms |
| Features | VPN, password manager, firewall, parental controls |
| Support | Help center, chat, phone options, refund information |
What I do not test
I do not run a full malware laboratory. I do not collect live malware samples. I do not test detection rates in a controlled lab environment. No home review site should claim to do this.
For protection and detection scores, I rely entirely on independent experts. These organizations test products at a scale that a small site cannot match.
Where protection scores come from
I use current data from three independent testing organizations.
AV-TEST publishes home-user antivirus results with separate scores for protection, performance, and usability. Each category is scored out of 6 points, for a maximum of 18 points. I use these scores as a primary input for the Protection category in my scoring formula.
AV-Comparatives publishes consumer tests, including real-world protection tests. These tests are designed to reflect everyday attack conditions. I use these results as a secondary check on protection quality.
SE Labs publishes security evaluation reports. It tests products against real-world attack methods. I use SE Labs data where it is available and relevant.
I always note the test period when I use lab data. Lab results can change over time. A product may perform well in one period and less well later. I treat one lab result as useful context, not as the whole story.
| Source | How I use it |
|---|---|
| AV-TEST | Primary protection score input. I note the test period. |
| AV-Comparatives | Real-world protection context where available. |
| SE Labs | Attack-chain and home anti-malware report context. |
How I score products
Every review uses a 10-point overall score. The score is a weighted calculation based on five categories.
| Category | Weight | What it measures | Data source |
|---|---|---|---|
| Protection | 35% | Malware, ransomware, web protection, phishing defense | Independent labs (AV-TEST, AV-Comparatives, SE Labs) |
| Ease of use | 20% | Setup, dashboard clarity, alerts, beginner fit | Neil’s hands-on testing |
| Features | 20% | VPN, password manager, firewall, parental controls, identity tools | Hybrid (vendor data + Neil’s hands-on checks) |
| Value | 15% | Price, device limits, renewal terms, included features | Automated pricing and plan research |
| Privacy and trust | 10% | Ownership clarity, data practices, regional restrictions | Automated privacy and ownership research |
The overall score is rounded to one decimal place.
| Score | Label | Meaning |
|---|---|---|
| 9.0 to 10.0 | Excellent | A strong choice for the stated use case. |
| 8.0 to 8.9 | Very good | Worth considering, with clear caveats. |
| 7.0 to 7.9 | Good | Useful for some users, but not a top pick. |
| 6.0 to 6.9 | Fair | Limited fit. Consider only in narrow cases. |
| Below 6.0 | Not recommended | Avoid for most readers or use with strong caution. |
What “Testing In Progress” means
Sometimes a review is published before my hands-on session is complete. When that happens, the review says so clearly. The Ease of Use score shows as “Pending” with a note. The overall score is marked as provisional.
The Protection, Features, Value, and Privacy scores still come from current lab data and product research. Once I finish my hands-on session, I update the page. The provisional marks are then removed.
How I keep pages current
Core commercial pages are checked at least quarterly. Pricing, plan names, product ownership, and lab results can change. When I find a material change, I update the relevant page.
Some products need faster updates. Kaspersky is one example. U.S. restrictions affect whether U.S. readers should consider it. Ownership changes also matter. I note the date of any major update at the top of each page.
Corrections policy
If you spot a factual error, please use the contact route on the About page. I aim to correct clear factual mistakes promptly. Please include the page URL and the exact point that needs review.
Where to go next
If you are choosing antivirus now, start with the best antivirus guide. To compare maintained reviews, visit the antivirus reviews page. You can also read more about Neil on the About page.