Microsoft is “generally competent,” according to O’Callahan

Sorry had to DQ the article cause of that /s

None, because they typicially open up a larger attack surface than the system would have without them. It’s been like that for a while now. For references, I’d recommend this article from Ars Technica, who reference some very knowledgeable people (including Chrome’s Security Chief at the time).

There was a time when AV software was useful. We’re a decade past that, the world has changed, software has changed, defenses have changed, and AV software did not keep up.

Windows defender on Windows PC’s. Nothing on Linux.

What would you run an antivirus for? I trust the software I out on my servers, if I didn’t I wouldn’t be installing it or at the very least would put it in a VM.

I have real security boundaries in place, no need for useless scareware.

None. I won’t install something that checks the whole system, but maybe a tool something that checks installed packages or container images against some known cve database and alerts me if it has findings.

I have my server behind NAT and I use Tailscale to access it from elsewhere.

On my debian server, I have trivy to scan containers and I use clamav to scan files now and again but clamav uses up a lot of ram and its not a mailserver so I’m planning on uninstalling it.

On desktops I use virus total to scan PDFs or small files and stick to foss software

Clamav against any new downloaded files. That’s about it