A look back on AMTSO’s 2023 

As the year is coming to an end, we like to review the events and activities of the year. Looking back at 2023, it’s great to see so much happened, including productive member meetings, sharing of malware samples, discussion of testing criteria in new fields, and of course many, many tests tracked and monitored, all with the objective to create transparency and fairness in cybersecurity testing. These achievements have only been possible thanks to the collaboration across our community, with many individuals contributing their time and knowledge to our projects.  

AMTSO community events 

We were delighted to see great participation in the in-person member meetings we held this year, in May in Budapest and in October in London. We also held several Testing Town Hall events, which are open for members and non-members to attend. Speakers from MITRE, AVLab Cybersecurity Foundation, SecureIQLab, Massive Computing, GASA/ScamAdviser, and ECSO shared their stories and kept us up to speed on the latest in cybersecurity and testing.  

Member meeting in Budapest with on-site and virtual member participation 

These events are an important platform for our community and guests to discuss developments in the cybersecurity industry and the needs for testing standards in new areas, considering the requirements of all parties involved: vendors, testers, CISOs and consumer users. 

New industry initiatives 

When we all get together at these events, new projects frequently develop. This year, we have initiated a new working group focused on creating testing criteria for XDR security solutions. We also developed our plans for a CISO advisory panel, to help us understand how we as a community can support enterprise security buyers and implementors and fill the gaps in the flow of information, with new events being planned for 2024. We have also started work on a sandbox assessment project, aiming to provide guidance and tools for measuring the efficacy of sandbox technologies. We have been looking into creating testing guidelines in the fields of data protection and anti-phishing technologies. We hope to see all of these projects produce useful resources to support better testing in 2024. 

Threat intelligence sharing via AMTSO 

AMTSO also supports threat intelligence sharing in the industry with its Real Time Threat List (RTTL), and our new ThreatList system, which we introduced this year.  

RTTL provides a source of high-quality, prevalent, real-world samples, mainly intended for testing purposes but also an invaluable resource for cybersecurity vendors. The system also serves as a single point of contact for CERTs and other bodies to share new threats they uncover with the wider security industry. This year, 15 companies contributed their threat intelligence, and eight test labs downloaded samples from the RTTL system, some on a daily basis and some for specific uses. Overall in 2023, over 1 million samples were contributed, averaging over 3,000 samples every day.

The newly-launched ThreatList is a sample and threat-intelligence sharing system, hosted by AMTSO, and available to approved participants both within and outside the AMTSO membership. We created the ThreatList to fill the gap left by the termination of the WildList, a long-standing cross-industry collaboration project used by many test labs in certification testing and more. Previous WildList reporters were invited to participate in ThreatList at its foundation, and the system is now open to new contributors

New Board with new and old members 

Besides the many contributions of our members, we’re pleased to have our Board of Directors advising the AMTSO team, discussing and sharing input for new ideas and the direction of our organization. This year, elected by tester members, Jeffrey Wu of Testing Ground Labs joined the AMTSO board of directors, and tester members re-elected SecureIQLab’s David Ellis as a board member. On the vendor side, members re-confirmed Luis Corrons of Avast, part of GenTM, and Vlad Iliushin of ELLIO Technology as board members. 

Cybersecurity tests and certifications 

As an essential core activity of AMTSO, we were excited to see that this year we published data on 56 cybersecurity tests run under our Testing Protocol Standard, including Virus Bulletin running their venerable VB100 certifications under our Standard for the first time; we also hope to issue the first AMTSO Standard entries from AV-Test before the year is out. Our Standard has now issued over 100 unique test IDs since its inception in 2018, many of them covering regular year-long test series. With these Standard-compliant tests, cybersecurity customers at both enterprise and consumer levels can see at a glance that the test results they rely on have been created in a fair and trustworthy way, confirmed by us as an independent third party. Our Test Calendar also lists other notable security product tests and reviews, providing easy access to the most relevant and useful test data. 

We’re looking forward to the next year with many new tests, new testing guidelines, new standards and best practices, and productive intelligence sharing across the industry. Our thanks go to all the members of the AMTSO community, whose time and expertise support all our activities, and to the many non-members whose input and feedback is also invaluable.