Anti-Malware Testing Standards Organization

Last updated

Anti-Malware Testing Standards Organization (AMTSO) is an international non-profit organization set up in 2008 [1] to address a perceived need for improvement in the quality, relevance and objectivity of anti-malware testing methodologies.

Contents

Stated objectives

According to the AMTSO web site, the organization's charter lists the following objectives:

Organization

Until 2012 AMTSO was administered by an elected and unpaid Board of Directors, with strategic and other input from an Advisory Board, and six committees to handle specific operations such as membership, fees, PR and so on. Subsequently, a major infrastructural change took place, introducing an executive team with a CEO, CTO, CFO and VPs of Marketing and Strategy [2] in addition to the already existing Board.

Board of Directors

As of 2023 the Board of Directors constitutes 50% vendor, 50% tester membership and comprises the following: [3]

Membership

Source: [4]

While it grew out of discussions between security vendors and security product testing organizations, membership of AMTSO is also open to academics, reviewers, publications, [5] and does include some individual members. [6] However, the high cost of full membership generally discourages individual members and small organizations from joining, and in early 2011, the organization offered a much cheaper subscription rate [7] that didn't, however, offer full voting rights. [8] AMTSO currently offers a two-tier membership model: entity members get full benefits of membership, while individual members get the same benefits apart from the right to vote. [9]

Security tester members have included:

* Each of these labs is accepted by Microsoft as an "industry standard organization" for the purposes of independent certification. [10]

Membership controversy

Some members of the wider security community and even testers have raised issue with the organization's membership, [11] which includes a preponderance of security vendors. [12] This has led to some tester members leaving and then sometimes rejoining the organization.

Tester member NSS Labs sued AMTSO, as well as CrowdStrike, ESET and Symantec, in an anti-trust case that was later dismissed. [13] Shortly thereafter NSS Labs ceased operation. [14]

Work

The organization has created some potentially useful resources for testers, including a page that flags relevant papers and other resources outside AMTSO, [15] and a repository of guidelines documents for the benefit of aspiring testers [16] on a wide range of topics. Another popular freely available resource is the Security Features Check, which attempts to download a faux malicious file to a desktop or Android device. This is a simple test to ensure that basic anti-malware standards are implemented on the test device. [17]

It also organizes workshops three times a year: discussion and generation of guidelines documents are a major by-product of these sessions.[ citation needed ]

Related Research Articles

A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed and often masks its existence or the existence of other software. The term rootkit is a compound of "root" and the word "kit". The term "rootkit" has negative connotations through its association with malware.

<span class="mw-page-title-main">Antivirus software</span> Computer software to defend against malicious computer viruses

Antivirus software, also known as anti-malware, is a computer program used to prevent, detect, and remove malware.

The EICAR Anti-Virus Test File or EICAR test file is a computer file that was developed by the European Institute for Computer Antivirus Research (EICAR) and Computer Antivirus Research Organization (CARO) to test the response of computer antivirus (AV) programs. Instead of using real malware, which could cause real damage, this test file allows people to test anti-virus software without having to use a real computer virus.

<span class="mw-page-title-main">ESET NOD32</span> Computer protection software

ESET NOD32 Antivirus, commonly known as NOD32, is an antivirus software package made by the Slovak company ESET. ESET NOD32 Antivirus is sold in two editions, Home Edition and Business Edition. The Business Edition packages add ESET Remote Administrator allowing for server deployment and management, mirroring of threat signature database updates and the ability to install on Microsoft Windows Server operating systems.

Norton AntiVirus is an anti-virus or anti-malware software product founded by Peter Norton, developed and distributed by Symantec since 1990 as part of its Norton family of computer security products. It uses signatures and heuristics to identify viruses. Other features included in it are e-mail spam filtering and phishing protection.

<span class="mw-page-title-main">Windows Live OneCare</span> Discontinued Microsoft security software

Windows Live OneCare was a computer security and performance enhancement service developed by Microsoft for Windows. A core technology of OneCare was the multi-platform RAV, which Microsoft purchased from GeCAD Software Srl in 2003, but subsequently discontinued. The software was available as an annual paid subscription, which could be used on up to three computers.

CARO is an organization that was established in 1990 to research and study malware.

Rogue security software is a form of malicious software and internet fraud that misleads users into believing there is a virus on their computer and aims to convince them to pay for a fake malware removal tool that actually installs malware on their computer. It is a form of scareware that manipulates users through fear, and a form of ransomware. Rogue security software has been a serious security threat in desktop computing since 2008. An early example that gained infamy was SpySheriff and its clones, such as Nava Shield.

<span class="mw-page-title-main">Kaspersky Anti-Virus</span> Antivirus solution

Kaspersky Anti-Virus is a proprietary antivirus program developed by Kaspersky Lab. It is designed to protect users from malware and is primarily designed for computers running Microsoft Windows and macOS, although a version for Linux is available for business consumers.

<span class="mw-page-title-main">Sourcefire</span> American computer security company

Sourcefire, Inc was a technology company that developed network security hardware and software. The company's Firepower network security appliances were based on Snort, an open-source intrusion detection system (IDS). Sourcefire was acquired by Cisco for $2.7 billion in July 2013.

<span class="mw-page-title-main">Internet Explorer 9</span> Web browser for Windows released in 2011

Internet Explorer 9 or IE9 is the ninth version of the Internet Explorer web browser for Windows. It was released by Microsoft on March 14, 2011, as the ninth version of Internet Explorer and the successor to Internet Explorer 8. Microsoft released Internet Explorer 9 as a major out-of-band version that was not tied to the release schedule of any particular version of Windows, unlike previous versions. It is the first version of Internet Explorer not to be bundled with a Windows operating system, although some OEMs have installed it with Windows 7 on their PCs. Internet Explorer 9 is the last version that is called Windows Internet Explorer. The software was rebranded simply as Internet Explorer starting in 2012 with the release of Internet Explorer 10.

<span class="mw-page-title-main">Microsoft Security Essentials</span> Discontinued antivirus product for Microsoft Windows

Microsoft Security Essentials (MSE) is an antivirus software (AV) product that provides protection against different types of malicious software, such as computer viruses, spyware, rootkits, and Trojan horses. Prior to version 4.5, MSE ran on Windows XP, Windows Vista, and Windows 7, but not on Windows 8 and later versions, which have built-in AV components known as Windows Defender. MSE 4.5 and later versions do not run on Windows XP. The license agreement allows home users and small businesses to install and use the product free of charge. It replaces Windows Live OneCare, a discontinued commercial subscription-based AV service, and the free Windows Defender, which only protected users from spyware until Windows 8.

VirusBuster Ltd. was a Hungarian IT security software vendor. The fully Hungarian owned company developed software under the brand name "VirusBuster" for the Hungarian and international market to protect users' computers from malware programs and other IT security threats. In August 2012, VirusBuster Ltd. announced the discontinuation of its antivirus products.

<span class="mw-page-title-main">Kaspersky Lab</span> Russian multinational cybersecurity and anti-virus provider

Kaspersky Lab is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky, and Alexey De-Monderik; Eugene Kaspersky is currently the CEO. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services.

<span class="mw-page-title-main">Trend Micro Internet Security</span>

Trend Micro Internet Security is an antivirus and online security program developed by Trend Micro for the consumer market. According to NSS Lab comparative analysis of software products for this market in 2014, Trend Micro Internet Security was fastest in responding to new internet threats.

Eddy Willems, is a Belgian computer security expert and author of security blogs and books, active in international computer security organizations and as a speaker at information security-related events.

AV-Comparatives is an Austrian independent organization that tests and assesses antivirus software, regularly releasing charts and reports that are freely available to the public and the media. Antivirus vendors have to meet various requirements regarding trustworthiness and reliability in order to take part in the tests.

SmartScreen is a cloud-based anti-phishing and anti-malware component included in several Microsoft products, including operating systems Windows 8 and later, the applications Internet Explorer, Microsoft Edge. SmartScreen intelligence is also used in the backend of Microsoft's online services such as the web app Outlook.com and Microsoft Bing search engine.

AV-TEST is an independent organization which evaluates and rates antivirus and security suite software for Microsoft Windows, MacOS and Android operating systems, according to a variety of criteria. The organisation is based in Magdeburg, Germany.

Nyotron is an information-security company. It was established in 2009 by brothers Nir and Ofer Gaist. Nir Gaist is the CTO, and Sagit Manor became the CEO in 2017. The company is based in Santa Clara, CA, with an R&D office in Herzliya, Israel.

References

  1. "Anti-Malware Testing Standards Organization – Risk Management with Stuart King and Duncan Hart". www.computerweekly.com.
  2. "AMTSO - About Us". Archived from the original on 2011-07-02. Retrieved 2011-06-27.
  3. "AMTSO Membership Page".
  4. "AMTSO Membership List".
  5. "AMTSO". www.amtso.org.
  6. "Members". Archived from the original on 2011-07-05. Retrieved 2011-06-27.
  7. "Pr-20101025 - AMTSO Widens the Conversation of Anti-Malware Testing with New Subscription Option". Archived from the original on 2011-07-22. Retrieved 2011-06-27.
  8. "AMTSO - Subscription - Terms and Conditions". Archived from the original on 2011-07-02. Retrieved 2011-06-27.
  9. "Joining AMTSO » AMTSO". amtso.org.
  10. "Microsoft Virus Initiative".
  11. "Anti-Malware Testing - Industry Insight | SecurityWeek.Com". Archived from the original on 2011-12-17. Retrieved 2011-06-27.
  12. "AMTSO: a serious attempt to clean up anti-malware testing; or just a great big con?". 15 June 2010.
  13. "Ruling Dismisses Antitrust Claims Against AMTSO".
  14. "NSS Labs ceases operations amid financial turmoil".
  15. "Related Resources". Archived from the original on 2011-07-02. Retrieved 2011-06-27.
  16. "AMTSO - Documents". Archived from the original on 2011-06-12. Retrieved 2011-06-27.
  17. Halfacre, John (15 March 2016). "Anti-Malware Testing Standards Organization". RemoveMalware.net. Retrieved 9 August 2016.