The Anti-Malware Testing Standards Organization (AMTSO) announced last month that they will no longer be focussing on ‘simplistic detection rates’ but rather they will now be focussing on the capabilities (all the core modules i.e. behavior-based detection/heuristics etc) of a ‘full product suite’. This news has been greeted with a loud cheer by antivirus vendors who have felt for some time that AV testing doesn’t provide a ‘comprehensive’ analysis of anti-virus software.
AMSTO have therefore announced specific standards and guidelines which most if not all the antivirus testing companies i.e. AV-Test.org and Virus Bulletin to name two have said they will now follow. Currently (and in the past) most tests considered only ‘on-demand scans’ which do not provide the ‘comprehensive’ analysis of anti-virus software. The benchmarking methodologies have come into criticism in the past few years as well, but with the new standards and guidelines, AMSTO hopes that AV vendors will feel more assured their products are now being fully tested.
The change in testing standards and guidelines should now also assist behavior-based anti-malware technology testing as well, especially if this technology is integrated (SDK) into an existing security suite. AMTSO members are currently working on several more guidance documents, and extending its co-operative links with other organizations.
Safe surfing folks!