AMTSO releases draft guidelines for public comment

Posted by   Virus Bulletin on   Aug 26, 2008

First major publication emerges from testing standards body.

The Anti-Malware Testing Standards Organization, the global body set up to improve and support the testing of security software, has made available a draft of its first document, a set of general guidelines intended to encourage greater accuracy, reliability and trustworthiness in testing.

The document provides guidance on numerous aspects of testing, including strictures on ensuring the safe handling of malicious code and the running of fair, useful and accountable tests, and advice on openness and statistical validity in testing.

The document, the product of meetings held by the organisation since its foundation early this year and the formation of several committees and working groups, is now being made available for public appraisal, with a comment period running until October 17th. Final discussion and a vote on ratification of the proposed set of principles will take place at the next meeting, expected to take place in London at the end of October.

A link to the document, and details of how to submit comments, can be found on the official AMTSO blog, here. Full details on AMTSO are on their website here.

Posted on 26 August 2008 by Virus Bulletin

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

Test your technical and mental limits in the VB2017 foosball tournament

As has become tradition, VB2017 will once again see a security industry table football tournament. Register your team now for some great fun and adrenaline-filled matches in between sessions in Madrid!

The case against running Windows XP is more subtle than we think it is

Greater Manchester Police is one of many organizations still running Windows XP on some of its systems. This is bad practice, but the case against running XP is far more subtle than we often pretend it is.

Hot FinSpy research completes VB2017 programme

Researchers from ESET have found a new way in which the FinSpy/FinFisher 'government spyware' can infect users, details of which they will present at VB2017 in Madrid.

Transparency is essential when monitoring your users' activities

Activity monitoring by security products in general, and HTTPS traffic inspection in particular, are sensitive issues in the security community. There is a time and a place for them, VB's Martijn Grooten argues, but only when they are done right.

VB2017 preview: Android reverse engineering tools: not the usual suspects

We preview the VB2017 paper by Fortinet researcher Axelle Apvrille, in which she looks at some less obvious tools for reverse engineering Android malware.