Report from Munich AMTSO Meeting

Last week, 21st and 22nd of October another meeting of the Anti-Malware Testing Standards Organization (AMTSO) took place in Munich, Germany.

Usually three times a year the members of AMTSO are coming together to a meeting, which is hosted by different member companies. This time, Avira was proud to organize and host the conference.

The Anti-Malware Testing Standards Organization, founded in May 2008, focuses on the addressing the global need for improvement in the objectivity, quality and relevance of anti-malware testing methodologies. Despite the fact that among the members of AMTSO there are many AV-Vendors that are naturally competitors, there is one common goal that all vendors of anti-malware software have in common: make tests of the products better, more meaningful and more user-relevant. To do this, the members of AMTSO in the past already worked hard on documents and principles (they can be viewed on the AMTSO website, http://www.amtso.org/documents.html). Although there are already quite some resources available, there are still issues that had not been addressed so far – hence the meetings in which new documents and standards are created together will all members. By the way, not only AV-vendors belong to AMTSO, there are also journalists, independent members, members from universities and nevertheless also the famous testing organisations like av-test, av-comparatives or virus bulletin, to name just a few. Avira also is a member right from the beginning, and I am usually representing Avira at the AMTSO meetings.

In the Munich meeting last week the members again addressed new topics regarding the testing of anti-malware products, one of them is a document that describes the guidelines for testing the false positive rate for an antivirus program, an important topic in every test. A false positive occurs when an anti malware program indentifies a clean program as being malicious.

Also, the members realized that the current subscription model might be fine for bigger organisations like an av-company or a testing organisation, but the annual membership fee of 2.000 Euros might scare away people that are acting as individuals and might not want to pay that amount of money for their participation. Those people could be academics, end-users or IT-experts and the AMTSO really wants them to actively take part in the discussions. Therefore the members decided on a new low-fee subscription model (http://www.amtso.org/pr-20101025-amtso-widens-the-conversation-of-anti-malware-testing-with-new-subscription-option.html) that serves exactly this purpose. Subscribers will be able to take part in the debates, attend AMTSO meetings and contribute their opinion in the creation of new documents and standards. I sincerely hope that this subscription model will bring in new people into AMTSO that then will help us to create even better guidelines about anti malware testing.

Philipp Wolf
Director Virus Labs