Anti-Malware Testing Standards Organization Publishes Testing Guidelines
Security Product Testers, Vendors and the Media Join Forces to
Strengthen the Quality of Security Software Testing
OXFORD, England--(BUSINESS WIRE)--Nov. 10, 2008--Members of the Anti-Malware Testing Standards Organization (AMTSO) have published guidelines that, for the first time, set recognized standards for testing security software. The standards have been developed and agreed to by more than 40 security experts, product testers and members of the media from around the world. The creation and publication of these standards is a critical first step in fulfilling AMTSO's mission to improve the testing of anti-malware products.
Members of AMTSO have also produced a comprehensive set of best practices for dynamic testing of security software. This document will help software testers create more accurate and reliable tests. Both documents ("The Fundamental Principles of Testing", and "Best Practices for Dynamic Testing") are available to download from www.amtso.org.
The approval of these standards and guidelines is a significant step for the security industry as a whole, since it now has a common reference for high quality standards of testing. Members of AMTSO believe that the new, unified approach will ultimately benefit computer users who use product reviews and other test results to help choose internet security software. Adoption of the standards by testers and publications will be voluntary, and AMTSO plans to eventually provide public feedback on the level of compliance with such standards, and to help assess the quality of published product reviews.
AMTSO is an industry-wide, international collaboration of leading vendors of security software, software testers and media representatives. Its formation has been driven by concern about the increasing mismatch between what anti-malware technologies do to protect users and the ways in which product tests measure this protection.
As anti-malware solutions become more complex, many existing tests are unable to evaluate product effectiveness properly, resulting in product reviews that are sometimes incomplete, inaccurate and misleading. The adoption of standards and guidelines is the first stage in an initiative in which members of the industry are collaborating with testers, reviewers and the media in the production of advice that will help customers make better-informed buying decisions.
About the Anti-Malware Testing Standards Organization (AMTSO)
AMTSO is dedicated to helping improve the objectivity, quality and relevance of anti-malware technology testing. AMTSO membership is open to industry-wide academics, reviewers, testers and vendors.
Additional information regarding the organization, including charter documents, membership and educational materials are available on the AMTSO website at www.amtso.org.
----------------------------------------------------------------------
AV-Comparatives
We believe the documents recently adopted by AMTSO, the
"Fundamental Principles of Testing" and "Best Practices for
Dynamic Testing," represent a significant step toward
providing more meaningful tests and therefore better
information for computer users and professionals. As a
security software testing organization, we are willing to work
within these AMTSO standards and will continue our work with
AMTSO to help strength the security industry.
-- Andreas Clementi, AV-Comparatives
----------------------------------------------------------------------
AV-Test.org
As a member of AMTSO, we believe that this new, unified
approach will ultimately benefit computer users who use
product reviews and other test results to help choose internet
security software.
-- Andreas Marx, AV-Test.org
----------------------------------------------------------------------
AVG Technologies
I welcome wholeheartedly the creation and publication of these
global testing standards documents. With industry-wide
agreement and media support for these standards, we can all
move forward with a common set of goals and objectives,
focused firmly on the needs of users. Whether individuals or
CSOs of major corporations, consumers of anti-malware
solutions can only benefit from being able to recognize
instantly whether or not a test has been conducted using
universally-accepted standards and make their purchasing
decisions accordingly.
-- Karel Obluk, Chief Technology Officer, AVG Technologies
----------------------------------------------------------------------
Avira GmbH
By agreeing and publishing the two documents "Fundamental
Principles of Testing" and "Best Practice for Dynamic
Testing," AMTSO made a significant step forward for anti-
malware testing. The "Fundamental Principles of Testing"
reflects the basic principles for testing anti-malware
products and will help to increase the quality of any future
testing. This step also means the general public will have
access to the quality information that members of AMTSO decide
is the industry standard for the dynamic testing of anti-
malware products, a testing methodology that becomes more
important every day. Tests structured on these standards may
allow the end user to make a more informed decision about the
capabilities of the products being tested.
-- Philipp Wolf, Avira GmbH
----------------------------------------------------------------------
Bit9
These documents are a great step forward in bridging gaps
between Security Vendors and the Public. We strive to provide
the best protection possible. We have a need and the desire to
make our work verifiable and accessible to the World that is
our customer.
-- Mario Vuksan, Director of Research, Bit9
----------------------------------------------------------------------
Dennis Publishing
The really exciting thing about these guidelines is that,
ultimately, they will lead to people making better informed
choices when they come to buy or renew their anti-virus
software.
-- Simon Edwards, Dennis Publishing
----------------------------------------------------------------------
ESET
I believe AMTSO's "Fundamental Principles of Testing" and "Best
Practices for Dynamic Testing" to represent an important
milestone in the maturation of the anti-malware industry.
Historically, the industry has tended to be purely and
negatively reactive in terms of tests it didn't like. Testers
have sometimes felt, not unsurprisingly, that we were always
ready to criticize, but reluctant to offer real help.
These documents represent a real step forward: they offer
genuine high-level guidance on what we mean by good testing
practice. The next step will, I hope, be to widen the range of
informational and educational resources the organization will
offer not only to testers, but to the general public.
-- David Harley CISSP FBCS CITP, Director of Malware
Intelligence, ESET LLC
----------------------------------------------------------------------
F-Secure
We believe that the documents now provided by AMTSO will help
secure a good level of testing which in turn will allow
consumers to choose the security solution best suited for
their needs. We are especially pleased that the "Best
Practices for Dynamic Testing" guideline is now available.
Dynamic testing is challenging and for that reason has not
been carried out as much as it deserves to be.
-- Patrik Runald, Chief Security Advisor, F-Secure
----------------------------------------------------------------------
International Business Machines Corporation (IBM)
We believe these documents, which provide guidance and best
practices for testing and comparing today's often complex
harmful code protection technologies, are an important
breakthrough for the vendors, buyers, testers and users of
Anti Malware products.
-- Henk K. Diemer, CISSP, CISM, Security & Compliance /Harmful
Code Protection, IBM Integrated Technology Delivery for
Benelux
----------------------------------------------------------------------
Kaspersky Lab
The creation of two sets of guidelines on testing standards and
best practice in dynamic testing is a significant milestone
for both the anti-malware industry, and for everyone involved
in anti-malware testing. The documents are expressly designed
to help new and current testers to create better tests.
Ultimately, better tests will benefit everyone by providing
more accurate information to industry professionals and
consumers alike.
-- Roel Schouwenberg, Senior Anti-Virus Researcher, Kaspersky
Lab
----------------------------------------------------------------------
McAfee, Inc.
While there have been many great security software reviews in
the past, many poor reviews have confused or misled people. We
are glad to see that the Anti-Malware Testing Standards
Organization has taken this problem by the horns and
formalized the principles of fair testing. This is a
significant milestone that should skew the balance towards
fair and scientific testing, providing users with a true
viewpoint on the security protection vendors provide.
-- Jeff Green, senior vice president, McAfee Avert Labs
----------------------------------------------------------------------
Norman ASA
Having the first collective AMTSO results, being the "Best
Practices for Dynamic Testing" and "Fundamental Principles of
Testing" documents, is an important step forward. As the
documents have been created as a combined effort between the
industry and the testers, it will bring more clarity in test-
methodologies used and the results of the tests, not only for
the anti-virus industry, and the testers, but also for the
consumers of these tests. Knowing that a test has been
conducted following the AMTSO recommendations, guidelines and
principles will ensure a balanced test-result for them.
-- Righard J. Zwienenberg, Chief Research Officer, Norman and
President of AMTSO
----------------------------------------------------------------------
Panda Security
After almost a year of hard work by the Anti-Malware Testing
Standards Organization finally anti-malware testers,
researchers, magazine reviewers and media worldwide can count
on a unified, industry recognized and agreed upon set of
testing methodologies to perform the highest quality anti-
malware tests possible.
-- Pedro Bustamante, Senior Research Advisor, Panda Security
----------------------------------------------------------------------
Sophos Plc
Sophos is really pleased to have hosted this AMTSO conference
and for it to have been so successful. The documents produced
are foundations for a greater understanding and respect
between testers and vendors. At last there is something that
all parties can point to and say they are following industry
best practices.
-- Stuart Taylor, SophosLabs Manager, Sophos Plc
----------------------------------------------------------------------
Symantec Corporation
These documents represent a significant step forward in the
improvement of anti-malware technology testing. It is our hope
that reaching a broad consensus in these important areas of
testing will result in improved tests that are fair to the
products tested and that produce truly meaningful results for
the general public who rely on them to guide their decisions.
-- Mark Kennedy, Distinguished Engineer, Symantec Corporation
----------------------------------------------------------------------
Trend Micro
Trend Micro wholeheartedly supports the industry-wide effort to
promote more effective and ethical testing standards for anti-
malware and computer security products. This is entirely for
the benefit of and to protect the end user; to give the end
user better choices on the desktop, at the corporate gateway,
and in the cloud.
-- Alice Decker, senior researcher, Trend Micro's Advanced
Threats Research.
----------------------------------------------------------------------
Virus Bulletin
It's great that these documents have been finalized and made
public - anti-malware testing is a complex and demanding
business, and testers will benefit greatly from the support
and advice of a community like AMTSO. It's very encouraging to
see such cooperation between industry experts and testing
bodies, and hopefully AMTSO will continue to promote trust,
respect and sharing of information and resources. This can
only lead to better designed and better implemented testing,
which should in turn encourage increased quality in products
and the protection they provide - a huge benefit to computer
users everywhere.
-- John Hawes, Technical Consultant, Virus Bulletin
----------------------------------------------------------------------
Webroot Software
Truly a giant step for the security industry in making sure
that customers, and the people that advise them, are provided
with fair and credible data and insights about security
solutions.
-- Jong Purisima, Security Product Manager, Webroot Software
CONTACT: The Red Consultancy
Mindy Whittington, +1-415-618-8811 (Media)
mindy.whittington@redconsultancy.com
SOURCE: McAfee, Inc.
Statements in our press releases regarding McAfee's business which are not historical facts are "forward-looking statements" that involve risks and uncertainties. All forward-looking statements are based on information available to us on the date hereof. These statements involve known and unknown risks, uncertainties and other factors, which may cause our actual results to differ materially from those implied by the forward-looking statements. Although we believe that the expectations reflected in the forward-looking statements are reasonable, we cannot guarantee future results, levels of activity, performance or achievements. Therefore, actual results may differ materially and adversely from those expressed in any forward-looking statements. Neither we nor any other person can assume responsibility for the accuracy and completeness of forward-looking statements. Important factors that may cause actual results to differ from expectations include, but are not limited to, those discussed in the "Forward Looking Statements" section of the Company's most current earnings release" and in the Risk Factors" section of the Company's Quarterly Report or Form 10-Q for the most recently ended fiscal quarter.
Back