I use ClamXav. It's small and unobtrusive. The only "drawback" is that I haven't figured out how to have it check for virus definition updates on its own. It's free (donationware) and does the job for me.

Edit: I'm an idiot, it checks all definitions on launch. :)

Daniel

ClamAV is the built-in virus scanner on OS X Server's amavisd/postfix setup.

So I use it on my workstations too.

Its great, and free, and updated on par with the big boys.

I'll give it a whirl.

Also, I need some suggestions for good OS X security sites. I'm an active Security professional, but have never researched Mac before.

Emory can probably point you in the right direction on this one.

Heh.

Well there isn't a lot of "Mac-centric" security sites out there.

http://www.securemac.com/

Is arguably the best though it isn't exactly great. It is mostly just news and software information. Some of the researchers at Shmoo are avid OS X users and they tend to write some very good papers when the need arises. I've found that Macintouch.com of all places has better information when new threats or vulnerabilities are introduced. The OS X Server list at Apple is a good mailing list as well.

As far as auditing tools and assessment tools, OS X is very versatile and all of the shit you'd expect to work on Unix will work on OS X.

Ethereal, p0f, snort, nessus, hping, nikto, whisker, blah blah blah. It all works.

Apple also has a Common Criteria toolkit available for OS X: http://www.apple.com/support/downloads/commoncriteriatools.html and rudimentary support for smartcards.

FWIW I'm an infosec researcher (intrusion detection specialist) by day.

There have also been some good posts on Mac security on MacGeekery in the past little while. I found them most helpful.

http://www.macgeekery.com/tips/security