I just came got back from Oxford (that’s the one in the UK, by the way), where the Anti-Malware Testing Standards Organization held its latest two-day meeting. I’m not usually considered to be a glass-half full person, especially when it comes to issues around testing, but I’m feeling genuinely enthusiastic about the progress that was made. I do, as it happens, honestly believe that the anti-malware industry contains some very, very talented people, and a lot of them were at this meeting. However, we’re probably not best known for being diffident yes-persons with no opinions of our own.
I may have mentioned before that we’ve been working on two major documents (the first of many, I hope): one on "The Fundamental Principles of Testing" and one on "Best Practices for Dynamic Testing." Both are topics of major importance in the world of anti-malware testing, and some of us have put in many hours of work and discussion in meetings and on mailing lists, inside and outside AMTSO. So I can’t begin to tell you what a pleasure it was to have the final versions of both documents unanimously approved on the last day of the conference (after a lot more discussion, some of it very late on Thursday night – hope you managed to get some sleep, Matt…).
While neither document is going to turn every bad tester into a good tester, or even give the aspiring tester all the knowledge he needs to start testing or certifying products competently, they do represent a major rite-of-passage for the anti-malware industry. Historically, we’ve been highly critical of what we’ve considered to be bad testing, but not so good at offering help to people genuinely interested in offering good testing. While there is good information on the subject available, this is a vital first step towards making available a comprehensive central, vendor-agnostic informational resource. And that has to be worth a few hearty cheers. But save some breath for the other resources that we started to work on in Oxford: there’s lots more to come!
David Harley CISSP FBCS CITP
Director of Malware Intelligence
Author David Harley, We Live Security