AMTSO News 2024-04-26

Welcome to our regular roundup of events and activities in and around AMTSO. 

Meetings and Events

Calendar invites were issued this week for our online member meeting on May 15th. This event will feature updates on everything that’s been going on AMTSO recently and upcoming plans, as well as our annual Board election hustings, giving candidates a chance to address the membership and argue their cases for election, with questions to follow. Details of the candidates standing in the election are below.

The next in-person member meeting will be held in September ahead of the VB conference in Dublin. Our next public event will be a Testing Town Hall call on July 3rd, featuring a guest presentation on Android security from Google as well as a talk on XDR testing from SE Labs. Non-members can sign up to attend our events here: https://www.amtso.org/amtso-event-registration/

Board and Management

Our annual election of directors to our Board will be held next month, and the lists of candidates have been confirmed. Standing to be elected by our non-tester members are Alexander Vukcevic of Avira, Evgeny Vovk of Kaspersky, and Jamz Yaneza of Trend Micro, while the tester side of the membership will be represented by Jesse Song of SKD Labs and Stefan Dumitrascu of SE Labs. Voting details will be circulated on May 8th when voting opens, and the final deadline for vote submissions will be on June 3rd. There will be a chance to hear from candidates on our May 15th member meeting call.

RTTL and ThreatList

Our RTTL working group met last week to review the status of the system. Several operational issues were noted, including plans to install fresh certificates in the system and fixes for some minor access issues, as well as discussion of ongoing plans to reduce the backlog of aged sample data retained long-term. Similar plans for the new ThreatList system were also proposed and will be reviewed by the project’s oversight board before progressing. Plans to further promote the system to more contributors and provide further assistance to signed-up contributors yet to fully operationalize their feeds were also discussed.

XDR Testing Criteria

The XDR working group held a call this week, further reviewing data-gathering forms and the implementation of the results to be gathered from them; tester members have been asked to provide sample responses alongside any further feedback, which will be provided to vendors of examples of the tester input at the same time as vendors are asked for their own descriptions of their offerings. Issues with rolling in further input from vendors providing only sub-components of full XDR suites were also covered in the discussion.

Other Working Group plans

We plan to finally launch our new working group on sandbox evaluation very shortly, and also expect to be opening a new VPN project for participation in the next few weeks. Members can sign up for these projects by contacting AMTSO, details will be posted to the member website and sign-up forms for our groups will also be made available shortly as part of the ongoing site refresh. Several more proposals for new projects are also under review and we plan to cover all of these and gather any more ideas at the upcoming member meeting.

AMTSO Standard and Test Calendar

Recent additions to our Test Calendar include the latest round of certifications under the VB100 scheme from Virus Bulletin, Q1 data from SE Labs’ main endpoint test series, an update from AVLab Cybersecurity Foundation, and the first set of 2024 consumer data from AV-Comparatives. Here’s a summary of activities from our Standard compliance team:

  • An AMTSO Compliance Confirmation Report covering the Testing Ground Labs (TGL) February 2024 Consumer Android Malware Test Report (AMTSO Test ID: AMTSO-LS1-TP110) was issued on Wednesday, April 9th, 2024.
  • An AMTSO Compliance Confirmation Report covering the SecureIQLabs Test Reports from their Q4’23-Q1’24 Cloud-WAF CyberRisk Tests (AMTSO Test ID: AMTSO-LS1-TP097) was issued on Thursday, April 11th, 2024.
  • Compliance Confirmation Reports covering both the AV-TEST Windows Business (AMTSO Test ID: AMTSO-LS1-TP106) and Windows Consumer (AMTSO Test ID: AMTSO-LS1-TP107) for the January/February 2024 test cycle were issued on Thursday, April 11th, 2024.
  • A Public Test Notification was issued on behalf of SE Labs for their Q2 2024 Endpoint Protection Test (AMTSO Test ID: AMTSO-LS1-TP113) on Friday, April 12th, 2024.  The subsequent Phase 1 Commentary period was opened on Friday, April 19th, 2024 and will run through Friday, April 26th, 2024.
  • Phase 1 Commentary Collection for the Virus Bulletin March/April/May 2024 test cycle of the Virus Bulletin VB100 2024 Test Series (AMTSO Test ID: AMTSO-LS1-TP095) was launched on Friday, April 19th, 2024 and will run through Friday, April 26th, 2024.
  • Public Test Notifications were issued on behalf of Testing Ground Labs (TGL) covering their April 2024 Consumer Android Malware Detection Test (AMTSO Test ID: AMTSO-LS1-TP114) and April 2024 Business Android Malware Detection Test (AMTSO Test ID: AMTSO-LS1-TP115) on Friday, April 19th, 2024.  Phase 1 Commentary Collection was started on Monday, April 22nd, 2024 for both tests and will remain open through Tuesday, April 30th, 2024.
  • A Public Test Notification was issued on behalf of the AV Lab Cybersecurity Foundation for their upcoming May 2024 Advanced In-the-Wild Malware Test (AMTSO Test ID: AMTSO-LS1-TP116) on Tuesday, April 23rd, 2024.
  • Results for the SE Labs Q1 2024 Endpoint Protection Test (AMTSO Test ID: AMTSO-LS1-TP109) were released this week and Phase 2 Commentary Collection is expected to launch early next week, with final compliance review to follow.

Information on all published and upcoming tests being tracked by AMTSO can be found in our test calendar.

Member website

The final main stages in our member site revamp should go live next week, alongside some last technical changes including the adoption of new MFA provision tools, and feedback from members will be gathered alongside the voting process for our Board elections.

Membership

We welcome our newest members Fortect, who joined us a few weeks ago, and Nord Security, who joined this week and who we hope will help drive expansion of our testing guidance to cover VPNs and other areas of security provision. Existing members are reminded that membership renewal for the upcoming 2024-25 membership year will commence shortly, with invoices for membership fees expected to be circulated in the next few weeks and featuring new pricing structures introduced in July 2023.

ABOUT THIS NEWSLETTER

We send this newsletter to all AMTSO member representatives, as well as non-members who have engaged with AMTSO recently and have an interest in what’s going on in the AMTSO community. If you have any friends or colleagues who would like to be kept informed of developments in the testing world, they can sign up here. If you’d like to know more about joining the AMTSO community, there’s information and an application form here.