I just got a new computer — where do I start with security?

A new machine is the best time to set up security correctly. There's nothing to clean up, no conflicts with existing software to navigate, and no inherited configuration to work around. The defaults you establish now — which product runs, how it's configured, what else you install — define the machine's security posture going forward.

Quick answer

Want top-tier detection with minimal maintenance→Bitdefender — Autopilot, 18/18 AV-TEST detection, handles configuration silently after installation

Performance matters — gaming or developer machine→ESET — lowest measured overhead on clean hardware, gaming mode included, exclusion control for dev workflows

Privacy-first, EU jurisdiction, no data concerns about the software→F-Secure — quiet, minimal telemetry, no data monetization, annual transparency report

When it matters

Security setup on a new machine is not just AV selection — it's a sequence:

Run Windows Update before installing anything — new machines often have weeks of security patches pending; installing AV on an unpatched OS is protection built on an incomplete foundation
Choose one real-time AV product and disable Windows Defender's real-time component if installing a third-party product — running two real-time engines simultaneously causes conflicts
Install a password manager alongside the AV — a new machine is the cleanest point to establish a credential management habit before passwords accumulate in a browser
Enable the built-in firewall if it isn't already — on Windows, Windows Defender Firewall should be active regardless of which AV you use
Review what software came preinstalled — OEM machines often include trial software and bundled apps that add attack surface; remove anything you won't use

When it fails

Phishing — entering credentials on a convincing fake site is a human decision that no AV intercepts at the point of entry; browser phishing warnings are the closest available mitigation
Browser extensions — extensions installed from the browser store are not scanned by AV in real time; audit permissions before installing
Credential exposure from other services — if an email address and password from a previous data breach are reused on this machine's accounts, no local AV detects the exposure

A new machine with updated OS, a single well-chosen AV product, a password manager with unique passwords per site, and a maintained set of browser extensions is a significantly more secure baseline than a new machine with nothing but default settings.

How providers fit

Bitdefender fits if the goal is top-tier detection with minimal required maintenance. Autopilot handles all security decisions without prompts. Bitdefender regularly earns top AV-TEST protection scores. On a clean new machine, it installs without conflicts and establishes a strong baseline without configuration overhead.

ESET fits if performance overhead on the new machine is a consideration — gaming setups, developer machines, or machines where resource usage matters. Lowest measured overhead in AV-Comparatives testing. Granular exclusion control for workflows that generate many file system events.

F-Secure fits if the choice of security software is part of a broader privacy stance. Minimal telemetry, no data monetization, EU GDPR jurisdiction, annual transparency report. Runs quietly without generating noise or upsell prompts after installation.

Bottom line

Update the OS first. Then install one product: Bitdefender for strong detection coverage with minimal maintenance overhead, ESET if performance is a constraint, F-Secure if the software's own data practices matter. Add a password manager in the same session — it's one of the highest-impact security habits you can establish alongside AV selection.

I just want simple protection that works→How do I switch from my old AV to a new one→Quick decision: setting this up for someone else→