Happy Birthday, AMTSO!

Last week, the Anti-Malware Testing Standards Organization, or AMTSO, held its second members’ meeting this year that took place in Budapest, Hungary as an extension to the CARO Workshop. AMTSO released new papers at their website, adding to their roster of documents regarding the organization’s principles and guidelines on testing.
Trend Micro has been constantly and actively present since the meetings began. This month, AMTSO is celebrating its first year anniversary, and as a small treat for our readers, I would like to highlight one of the organization’s motivations.
Compared to today’s threat landscape, I like to assume that prior to 2005, the antivirus industry has a “relaxed” life. Signatures for malware were meticulously developed and updated on a regular basis while heuristics and generic detections were considered an engine’s technical high point. Antivirus testers are sometimes individuals but more likely companies or global computer magazines, such as PC World, that proof and evaluate programs or suites designed to protect against malware. Their life prior to the “Threat Big-Bang” can also be considered as relatively relaxed. This is because tests are done using one core module: the virus scanner. Evaluation is easy, and it was normally based on the scan results mostly triggered on-demand.
Cyber evolution and the Internet’s lack of regulations facilitated the “Threat Big-Bang” where, (1) (continue reading...)