> Scanning binaries for known malware is already built into the OS.

Clearly it isn't. XProtect is a joke. It's 2004-era ClamAV level of protection.