FPs: everybody's doing it, doing it...

FPs: everybody’s doing it, doing it…

At the last AMTSO workshop in Munich, a guidelines document on False Positive (FP) testing was approved, and is now available on the AMTSO documents page.

At the last AMTSO workshop in Munich, a guidelines document on False Positive (FP) testing was approved, and is now available on the AMTSO documents page.

False positives, that is. As I've made clear here before, ESET does not subscribe to the "Let's crow about another company's false positive problem" model of marketing.  That doesn't mean we're not aware of the importance of the issue, or that we don't work pretty hard to minimize its impact on our customers, but we're painfully aware that there's no absolute methodology for preventing them, and no company is immune to them.

So I'm not going to talk directly about a couple of high profile FP incidents in the last week or so with very heavy impact on affected users of the products in question. However, given that impact – one of the incidents involved, apparently, the misdiagnosis of up to 25,000 files – it's not surprising that there's interest in assessing the susceptibility of anti-malware products to the problem through testing.

At the last AMTSO workshop in Munich, a guidelines document on False Positive (FP) testing was approved, and is now available on the AMTSO documents page. More information on the AMTSO blog here: Guidelines for False Positive Testing.

David Harley CITP FBCS CISSP
ESET Senior Research Fellow

Discussion