I'm in Washington right now, at the CSI conference. It won't surprise regular readers to know I'm here to talk about testing anti-malware products (again!) So it may not surprise you to know also that I'm particularly interested to see an article [link no longer available - DH 2017] by Larry Seltzer that looks at the documents just approved by AMTSO (the Anti-Malware Testing Standards Organization) in some detail.
Larry has a fair amount of experience of the anti-malware industry and has conducted quite a few tests. He's certainly a guy who thinks for himself, and isn't necessarily the biggest fan of the anti-malware industry. So the fact that he's so positive about the "Fundamental Principles of Testing" and "Best Practices for Dynamic Testing" documents seems to me to be very good news. Not only is his commentary thoughtful and insightful , it opens up areas for discussion in which the documents might be improved.
As he rightly suggests, these documents are not going to change the overall state of testing overnight: what commentary like Larry's demonstrates, though, is that critical thinking doesn't have to be destructive, and that the anti-malware industry, the testing industry, and the community in general have a lot to gain from unprejudiced discussion.
David Harley
Director of Malware Intelligence
