The Anti-Malware Testing Standards Organization (AMTSO) is an international non-profit association that focuses on addressing the global need for improvement in the objectivity, quality and relevance of anti-malware testing methodologies.
AMTSO is a member-driven organization, and all our activities are directed and steered by our members.
Members contribute to AMTSO through participation in discussions at our regular in-person meetings, and on our member mailing list and member website. Our Board of Directors is elected by and from the membership, and the Executive Team comprises mainly member volunteers.
AMTSO’s executive team drives the day-to-day operation of the organization. Comprised mainly of volunteers, the team is supported by paid contractors.
PRESIDENT AND CEO
Dennis Batchelder is president at AppEsteem. He spent eight years at Microsoft, leading their antimalware efforts and strategy through products, services, and partnerships. Before Microsoft, Dennis ran the threat and security information management product lines as an SVP of Computer Associates, which he joined after founding, running, and selling them a network security product company.
He’s got a business and computer science degree, and he’s the author of the Soul Identity series of novels. He took on the role of AMTSO President in 2016.
Brad has been a security professional for over 20 years with experience leading and managing teams focused on protecting people and systems from malicious behavior.
During his nearly 15 years at Microsoft, Brad helped change the direction of security inside the company as it dealt with the realization it was on the forefront of the emerging threat landscape through his work on the cross company Security Taskforce, MSN Security Operations, Windows Defender, and Office Security.
He left Microsoft to help create CrowdStrike in its mission to defend against the emerging threat of well-funded adversaries and nation states attacking the US economy. Brad became AMTSO’s CTO in 2016, and joined the Board of Directors in 2018.
COO and Company Secretary
John Hawes has been involved with anti-malware testing since 2000, first spending over five years in the QA lab at Sophos before joining Virus Bulletin in 2006. For more than ten years he ran VB’s testing operations, including overseeing the VB100 award scheme, producing over 60 comparative reports, and for three years took joint responsibility for running the company.
During that time he joined the Board of Directors of the Anti-Malware Testing Standards Organization (AMTSO), serving as Chair in 2015-16.
In 2017 he left VB to become a director and consultant at Tick Tock Social ltd. He currently contracts for AMTSO, serving as both COO and Company Secretary. Outside of testing, John writes and blogs on security-related matters, including spells as a regular contributor to Naked Security, Payment Source and other outlets.
Scott Jeffreys has been a business and technology leader in Financial Services, Cybersecurity, and Educational sectors during the last three decades. Mr. Jeffreys is an Executive Team Member of the Antimalware Testing Standards Organization (AMTSO) actively developing and deploying Standards for fair and equitable antimalware and security software testing and reporting.
As Chief Technology Officer for Total Defense, Incorporated, Mr. Jeffreys led the push into cloud defined security products including cloud scanning technologies deployed for Consumer and Mobile (IoT) users.During his tenure as Vice President, Research and Development, with Computer Associates, he led the development of new protection and firewall technologies leading to the growth of a $120 million annual security sector.
During a twenty-year career with Reuters Information Technology, Mr. Jeffreys led the definition, development, and delivery of industry leading technologies for Real-Time Data Distribution, Equity and Forex Trading Platforms, and Financial Workstations.
Mr. Jeffreys joined the Computer Science faculty at New York’s Hofstra University in 2015 as an Associate Professor (adjunct) teaching courses in Software Engineering, Project Management, Computational Finance, and Discrete Structures. He received his Bachelor’s Degree from Hofstra University (1982) with a major in Mathematics and dual minor degrees in Computer Science and Economics. His Master’s Degree in Mathematics was conferred by Adelphi University (1984). Mr. Jeffreys was a member of the Hofstra Collect Liberal Arts and Sciences Dean’s Advisory Board from 2010-2015. His research interests include Enterprise Architecture, Security Software and Protection Techniques, Computational Finance, and Mathematical Problems in Computer Science. His most recent publication, “Betting on Security”, examined the emerging fantasy sports betting world and the value of Big Data analysis which was not available to the general public.
Luis Corrons has been working in the security industry since 1999, specifically in the anti-malware field. In 2018 he signed up with Avast as their Security Evangelist. Previously he was the Technical Director at PandaLabs, the malware research lab at Panda Security.
Luis has been always involved in malware investigations, such as the shutdown of the Mariposa botnet or the Operation Oil Tanker.
Luis is a top rated industry speaker, speaking at events like HackInTheBox, APWG, AVAR, Virus Bulletin, and Security BSides. In addition to being Avast’s Security Evangelist, Luis is a WildList reporter, member of the Board of Directors at AMTSO (Anti-Malware Testing Standards Organization) and member of the Board of Directors at MUTE (Malicious URLs Tracking and Exchange).
An IT journalist between 1995 and 2010, Simon worked on the UK’s biggest computer magazine titles. At Dennis Publishing these included titles such as Computer Shopper, PC Pro, Computer Active, Web User, Mac User and IT Pro.
Simon’s areas of expertise is anti-malware testing and he was, until the end of 2015, Technical Director of Dennis Technology Labs, an independent security testing business that was part of the Dennis Publishing media company. He then founded SE Labs, which specialises in advanced security testing. He also provides technical advice to a number of specialist security companies.
A founder member of the Anti Malware Testing Standards Organization (AMTSO), Simon was chairman of its Board of Directors between 2012 and 2015. He rejoined the Board in 2016, and resumed his role as chairman later the same year.
Onur is the veteran voice of 3rd party testing within Sophos, providing insight and guidance to SophosLabs, Engineering, Marketing, and the Senior Management Team thanks to his 12 years of experience at Sophos.
Starting on the front-lines, in Spam Analysis within SophosLabs for two years, followed by 6 years as a researcher on emergent web threats, Onur has led the 3rd Party Testing team for the past 4 years. Onur’s deep comprehension of not only testing but also the true risks and threats organizations and individuals face today is essential for valuable collaboration with 3rd parties.
Maik Morgenstern is a CEO and the Technical Director of AV-TEST GmbH. He has a diploma degree in Engineering and is responsible for the planning and implementation of test operations in the Institute, in addition to managing the development of new test scenarios. He is also responsible for the software engineering activities at AV-TEST including both test automation as well as malware analysis tools that are developed solely in house. One notable public service developed by AV-TEST is the threat intelligence platform AV-ATLAS launched in 2019. In 2013 he has introduced research on and testing of IoT security to AV-TEST.
During his over 15 years at AV-TEST he has presented at several industry conferences including AVAR Conference, Black Hat Conference, CARO Workshop and Virus Bulletin Conference.
After graduating university Chris began a successful carer providing IT certification programs and wider related services primarily focusing on large institutions in the city of London.
Chris had often found existing solutions to problems to be illogical and less than ideal. Having had an interest in security, he examined existing markets and approaches and decided to sidestep these as he had a real interest in the consequences of data theft and the ultimate long term impact this may have on individuals and businesses.
Chris devised his first comparative assessment of technologies designed to prevent data capture / exfiltration and published it on a website he owned. Within days Chris was contacted by the CEO of an Israeli company to discuss the test that had include their product. This would be the first business deal for Chris’ new company.
Chris focused on very specific verticals to get the company well recognised and eventually every vendor who had or was developing secure browser technologies was working with Chris.
Testing became more and more sophisticated and by the very nature of data exfiltration, he soon hired the most gifted and talented engineers he could find to move beyond the boundaries of that which had been done and then do what needed to be done to meet the demands of clients – reverse engineering ITW financial malware and creating POC simulators etc.
MRG now covers the full spectrum of tests types and has a particular focus working with vendors along the route to IPO, assessing the viabilities of technologies prior to acquisition by other digital security businesses and partnering with the VC market to help assess which technologies may have the best return on investment.
MRG Effitas has its main focuses on innovation, thought leadership, but Chris is most proud of his team of world class engineers that have won the company the respect of the leading analysts and security vendors.
Jesse Song is the CEO of SKD Labs, an ISO/IEC 17025 accredited testing lab, which specializes in advanced information security testing. SKD Labs is the organizer of Annual China Cyber Security Conference and Exhibit, the organizer of AVAR Conference 2017 and the host of AMTSO 2017 Member Meeting.
Jesse has had more than 20 years of working experience in various positions in the fields of information security testing labs, information security industry, and academic institutions. He has been serving on the AVAR board since 2012.
In his role as director for the Protection Labs teams in Avira, Alexander Vukcevic is focused for the development on new detection technologies and strategies. With his experience, Alex is leading and managing teams with the responsibility on the protection of millions of users against latest malware threats and attack.
Alex started his career in 2000 at Avira as a researcher, build up an international team of Threat Researchers and helping to enhance Avira own in-house protection technology. For the past 6 years, Alex has been managing the external testing processes at Avira, is closely working with the testers in regards for all Avira endpoint protection products and supports OEM partners in their integration scenarios.
He has also taken the opportunities for public speaking in conferences, workshops and press interviews. Alex is the Avira representative within AMTSO and is actively involved in the RTTL and USC working groups over past years
Glaucia Faria Young is an engineering director at Microsoft, focused on Windows and Azure security, data and intelligence. She has been working in the security industry since 2011 with experience leading and managing teams focused on protecting people and systems from malicious behavior and digital threats
Glaucia has worked for more than 21 years in the technology industry, holding various roles in testing/QA, software engineering, data engineering & science, and management in Microsoft US. She has been a member of the Board of Directors at AMTSO (Anti-Malware Testing Standards Organization) for the last 3 years. She also serves in the CleanApps Advisory Board. In general, she wants to provide users and companies safe and productive computing experiences, and protect billions of people from malware, fraud, and privacy breaches.
A native of Brazil, Glaucia has a Bachelor’s degree in Computer Science from Universidade Federal de Goiás (UFG) and a Master’s degree from Universidade de Campinas (UNICAMP – São Paulo).
The AMTSO Advisory Board brings together experts from across security, testing and other relevant fields to provide AMTSO with advice, guidance and direction. The following people currently sit on the AMTSO Advisory Board:
Alex is a 30-year technology veteran with a broad range of experience in technology leadership and development. Currently the COO of automotive tech leader AutoLoop, he was previously founder and CEO of Meros (acquired by DXC); president of GFI Security and CEO of Sunbelt Software (now ThreatTrack Security). He has also had stints with Borland International, Quarterdeck Corporation (now Symantec), and Kroll Ontrack. Alex also spent several years working in private equity at Bulldog Capital Management (now part of Monitor Deloitte), where he invested in a wide range of technology companies.
Alex is a board member of Malwarebytes; a board member of Knowbe4; executive chairman of Runaware Holdings AB; and is a past board member of the Google/Harvard joint venture, StopBadware; and a past board member of BlueStripe Software, now part of Microsoft.
Tjark Auerbach’s bio coming soon.
What is AMTSO?
AMTSO is a community of over 60 member organizations, comprising security vendors and expert test labs from around the world.
Active since 2008, AMTSO aims to drive improvement in all forms of testing of anti-malware and related security solutions.
We achieve this through regular member meetings and active online collaboration, bringing testers and vendors together to share their experiences and ideas.
What does AMTSO do?
AMTSO brings together its members to discuss important issues facing testers and vendors alike. In-person meetings and active online discussion forums help our members learn from each other.
AMTSO builds and hosts tools for both expert testers and everyday consumers.
What services are provided by AMTSO?
We also develop and publish detailed guidelines and best practices documents covering various important issues in testing.
We operate free tools for users to check their security products are properly configured – the AMTSO Security Features Check (SFC).
Who runs AMTSO?
AMTSO’s activities are overseen by a volunteer Board of Directors, elected by and from the AMTSO membership. An Executive Team combining volunteers and paid professionals carries out the day-to-day running of the organization.
Major issues are frequently referred to the membership for approval by vote. AMTSO also has an Advisory Board of trusted industry experts.
You can find more details about the team behind AMTSO above.
What is AMTSO membership?
AMTSO currently has over 60 members from across the security and testing industries.
We hold regular meetings in locations around the globe to debate the latest issues facing both testers and developers of security products. We host a members-only website, and run mailing lists and several active working groups where ongoing projects and breaking topics are discussed.
We also maintain the Real Time Threat List (RTTL), a live feed of the latest and most prevalent malware samples with attached telemetry data to allow for focused testing.
How can I become an AMTSO member?
How can I check if my vendor is an AMTSO member?
What sort of organization is AMTSO?
AMTSO is a mutual benefit non-profit organization, incorporated in California as a 501(c)(6) class corporation.
AMTSO was founded in 2008 to improve the business conditions related to the development, use, testing and rating of anti-malware products and solutions. Any individual or entity that is genuinely dedicated to the purposes of AMTSO is welcome to join the organization.
What is AMTSO's charter and mission?
AMTSO’s charter focuses on the following four areas:
- Providing a forum for discussions related to the testing of anti-malware and related products.
- Developing and publicizing objective standards and best practices for testing of anti-malware and related products.
- Promoting education and awareness of issues related to the testing of anti-malware and related products.
- Providing tools and resources to aid standards-based testing methodologies.