|
Archive for the ‘AMTSO’ Category
Monday, October 12th, 2009
Yesterday’s AMTSO conference brought with it formal announcements of Board positions, new tools for the AMTSO to offer testers (be sure to join the group!) and potential new efforts. There were some Board updates due to terms expiring, and discussion about the group’s directions. The meeting and its agenda are posted at the site’s meeting link.
The group continues to pursue ways to improve testing methods, and finding and collecting malware has always been an issue for improvement. The group is attempting to ensure testing samples that are current, and providing testing matter that exercises products in ways adequate to support reviewer conclusions.
Various papers were discussed and only two of these put up for vote. The group passed the two important papers today that will be posted to the website soon — “Issues in Creating Samples for Testing”, and “Network AV Testing”.
Posted in AMTSO, AntiMalware Solutions | No Comments »
Saturday, May 9th, 2009
The Anti-Malware Testing Standards Organization finished up its meeting in Budapest, Hungary this week. PC Tools was in attendance at this meeting as well, seeing three new papers passed and contributing to others in progress.
The AMTSO website has changed a bit, but the goals and our commitment to contributing to these standards and meeting challenges around anti-malware testing methodologies has not. Our second year of active participation should witness more outbound efforts by the organization. The three papers passed in this meeting will be posted on the documents section of the web site soon:
1. Testing Sample Validation
2. A Process for Evaluating Testing and Reviews
3. In the Cloud Testing Procedures.
Now that the body has voted these standards are firmly in place, the testing groups, media, academics, advisors and vendors participating in the group will see it move forward with a more active role in applying and clarifying these standards.
Posted in AMTSO | No Comments »
Monday, November 17th, 2008
Larry Seltzer posted a fine review of the new AMTSO documents over on eWeek.
It’s always great to see the words “I’m really impressed with what I’m reading in these standards.” He even goes over the “Best Practices for Dynamic Testing” document, which is relevant to properly evaluating ThreatFire and other behavioral-based anti-malware solutions — delivering malware to the system in the same way that a user would see it attacking their system. We were especially interested in the “Dynamic Testing” document details and crafting at the last Oxford meeting. He understands the issues addressed in the document, including issues with using Virtual Machines in testing, and the article finishes with a hint of the reality of the process: “Don’t expect that you’ll start seeing results compliant with these guidelines a lot. Testing like this is difficult and expensive and few labs are set up to do it. If all goes well, more will be from now on.”
It’s great to see positive interest in the testing standards already. Let’s hope that Larry and others at eWeek are interested in becoming a member as well.
Posted in AMTSO, AntiMalware Solutions, Virtual Machines | No Comments »
|
|
|
|
