Friday 16 October 14:00 - 14:30, Red room
Righard Zwienenberg (ESET) & Luis Corrons (Gen)
At the 2016 Virus Bulletin Conference in Denver, USA, we presented "Anti-malware testing undercover", arguing that anti-malware testing had long been controversial, and was likely to remain so. A decade later, this paper revisits that premise but in a testing landscape that is broader, more complex, and more commercially consequential.
Anti-malware testing continues to grow in complexity as new defensive technologies emerge, involving numerous stakeholders with differing objectives and often significant financial interests. While the technical challenges of testing are well understood and frequently discussed, this paper intentionally shifts focus to less explored dimensions of the testing landscape. Instead of focusing on modern testing techniques, we examine the less discussed forces that shape testing outcomes: incentives, influence, and transparency.
Independent testing is intended to be impartial, but how independent is it in practice? In practice, "independent" testing often operates inside a web of financial dependencies and competing objectives, where vendors fund evaluations, influence test scope and methodology, and use results for competitive and marketing purposes. These dynamics create predictable pressure points, even when all parties act in good faith.
Concerns about bias are both inevitable and consequential and we will map where bias most commonly enters the process, including (1) who selects what gets tested, (2) how methodologies evolve and how changes are disclosed, (3) what is simplified or omitted in public reporting, and (4) how results are packaged and amplified. We will also examine vendor-side behaviours that can distort testing, and propose guardrails that apply to vendors, testing organizations, and sponsors.
Ultimately, this paper critically evaluates whether current transparency practices are sufficient to foster trust among consumers, media, and regulators, or whether the industry must raise its standards to maintain credibility in an increasingly scrutinized ecosystem.
 |
Righard Zwienenberg Zwienenberg began his work with computer viruses in 1988 after encountering his first virus issues at the Technical University of Delft. This experience sparked his interest in virus behaviour, leading him to study and present solutions and detection methods ever since. Over nearly four decades he has worked for various companies, including CSE Ltd, ThunderBYTE, Norman, and ESET. He has also held or continues to hold positions in several industry organizations, such as AMTSO, AVAR, the WildList, IEEE ICSG, and serves on the Advisory Board for Europol’s European Cyber Crime Center (EC3) and Virus Bulletin. He also runs his own computer security consultancy company (RIZSC).
|
 |
Luis Corrons Luis Corrons is a cybersecurity expert with more than 25 years of experience analysing threats and helping people protect their digital lives. He works at Gen, the global company behind Norton, Avast, AVG, and Avira, where he serves as Security Evangelist and is one of the company's main spokespersons on threat-related topics. Throughout his career, Luis has specialized in tracking malware and scam trends, building awareness of emerging threats, and explaining complex issues in a way that connects with both technical and non-technical audiences. He has been an active voice in the cybersecurity community since 1999, regularly speaking at international conferences such as Virus Bulletin, CARO Workshop, AVAR, APWG, and more. Beyond his role at Gen, Luis serves as Chairman of the Board at the Anti-Malware Testing Standards Organization (AMTSO) and sits on the board of MUTE, contributing to industry-wide collaboration on testing, standards, and transparency. He is a frequent media contributor on TV, radio, and major news outlets, where he helps raise public awareness about online security and cybercrime. |
Back to VB2026 conference page
Register your interest for VB2026