AMTSO, the Anti-Malware Testing Standards Organization, have just issue a press release about the guidelines documents just published on their web site after ratification by everyone present at the AMTSO meeting in Oxford at the end of October.
You may have noticed that we’re quite optimistic about the beneficial future impact of AMTSO on testing practices worldwide, and in fact, I was quoted in the press release as saying:
"I believe AMTSO’s "Fundamental Principles of Testing" and "Best Practices for Dynamic Testing" to represent an important milestone in the maturation of the anti-malware industry. Historically, the industry has tended to be purely and negatively reactive in terms of tests it didn’t like. Testers have sometimes felt, not unsurprisingly, that we were always ready to criticize, but reluctant to offer real help."
"These documents represent a real step forward: they offer genuine high-level guidance on what we mean by good testing practice. The next step will, I hope, be to widen the range of informational and educational resources the organization will offer not only to testers, but to the general public."
David Harley CISSP FBCS CITP
Director of Malware Intelligence
Author David Harley, ESET