In my personal and professional experience, A/V is effective but not in the way you might think. A/V has a very good detection and quarantine rate for situations where the infection vector is bloody obvious. When you open the .zip attachment to that email and then go right on ahead and run the .exe inside, that's when a good A/V product will save you.
What I'm saying is that I view A/V as protection from users, not from malicious actors. In a corporate environment with mixed-skill users, A/V is key. On my own devices, I don't frequently get into situations where A/V would be effective, the threats that are more likely to get me are more sophisticated.
This isn't to say that I don't have Windows Defender enabled, but I don't see a value return in purchasing a commercial product.
What I'm saying is that I view A/V as protection from users, not from malicious actors. In a corporate environment with mixed-skill users, A/V is key. On my own devices, I don't frequently get into situations where A/V would be effective, the threats that are more likely to get me are more sophisticated.
This isn't to say that I don't have Windows Defender enabled, but I don't see a value return in purchasing a commercial product.