AMTSO News 2023-05-17

Welcome to our regular roundup of events and activities in and around AMTSO. To receive these updates via email (sent out approximately every two weeks), please sign up here.

Meetings and Events

For AMTSO members, our member meeting in Budapest will take place next week. We expect to see over 30 member representatives from at least 17 member companies gather to discuss the latest developments in testing and security. The first day will focus on AMTSO activities, including discussion of our RTTL and ThreatList projects, and an update on plans to organize events bringing together the testing and CSO communities. On day 2 we will hear from members on a wide range of topics, including tester members SE Labs on transparency in testing, MRG Effitas on their “Tempus” project, and SecureIQLab on evaluating next generation cloud cybersecurity solutions. The afternoon will feature our annual Board election hustings, where candidates for our Board can address the membership and field questions on why they should be elected.

Further ahead, our next Testing Town Hall event is scheduled for July 5th. As usual, this will feature a range of presentations on testing matters, from AMTSO members and guest speakers. Details coming soon, watch this space!

AMTSO Standard and Test Calendar

Our test calendar currently features details of 9 separate tests released in the past month, with a raft of new updates added in the last few days. Upcoming tests include an email security test from SE Labs, regular reports from AppEsteem, MRG Effitas and Testing Ground Labs, and a new ransomware test from Testing Ground Labs, all running under the AMTSO Testing Protocol Standard. Further ahead we have the first Standard-based test from AVLab Cybersecurity Foundation due in late June, as well as a test of advanced cloud firewalls from SecureIQLab expected in July. Significant recent activities for our Standard compliance team include:

  • A Public Test Notification was issued for the TGL (Testing Ground Labs) May 2023 Consumer Windows Ransomware Detection Test (AMTSO Test ID: AMTSO-LS1-TP077).  Phase 1 Commentary opened on Monday, May 15th, 2023 and will continue through Tuesday, May 23rd, 2023.
  • An incremental Phase 2 Commentary Collection covering the AppEsteem 2023 Test Series (AMTSO Test ID: AMTSO-LS1-TP064) opened on Monday, May 8th, 2023 and continued through Tuesday, May 16th, 2023.  The incremental Compliance Report Check is underway.
  • Phase 2 Commentary covering the SE Labs Q1’2023 Enterprise, Small Business, and Consumer Endpoint Test Reports (AMTSO Test ID: AMTSO-LS1-TP067) closes on Wednesday, May 17th, 2023.  A Compliance report will be issued in short order.

Information on all published and upcoming tests being tracked by AMTSO can be found in our test calendar.


Our RTTL team is in the final stages of implementing a new sandbox feature, currently running in the acceptance environment and expected to go fully live as soon as final testing is complete. This new feature comes with a new enhanced API (version 4.0). The sandbox feature is fully GDPR-compliant, and supports in-parallel kernel and user mode analysis from which results are summarized in a single report. Once the new features are released, the RTTL interface will also get an update providing access to more metadata information such as extracted URL, file information, identified MITRE tactics, etc. There will be new API documentation and example Python clients, and a full JSON report can be downloaded for any sample executed through the sandbox. The new API version is backwards compatible with the old v3.x version. The RTTL team will hold their regular meeting today to discuss and push forward with these improvements.

Our ThreatList project also continues, with work to recruit an oversight board nearing completion. Once this team is in place, work to finalize details of the sample submission and review processes will wrap up and the system will be able to open fully for contributions. Full details of progress on this project and expectations for the future will be shared with AMTSO members at the upcoming Budapest meeting, and with non-member ThreatList participants shortly afterwards.

Promotion and Outreach

Our marketing team has been busy preparing for the Budapest event, getting ready to share current projects and discuss future plans with the AMTSO board and membership. We have several more entries in our interview series in the pipeline and hope to sign up more people eager to share their views and experiences during in-person discussion.

CSO/CISO conference plans

We continue to liaise with AVAR on the possibility of holding a CSO-focused event or session during or alongside their annual conference, due to be held in Dubai in late November/early December. We anticipate this being the first in a regular series of events aimed at bringing the CSO community into better contact with testers, fostering a two-way discussion to share pain points, areas short of reliable information, and future plans. Further planning for this event will be discussed with AMTSO members in Budapest next week.

AMTSO Board elections

Our annual election of directors is now under way, with voting information circulated to members earlier this week. Half of our Board is elected each year, with two posts voted for by Tester members and two by non-tester members to maintain balance between the major groups within our membership. Voting will close on June 5th and the new Board will take up their positions on July 1st. Candidates will introduce themselves to members and field questions during the Budapest member meeting.

About this newsletter

We send this newsletter to all AMTSO member representatives, as well as non-members who have engaged with AMTSO recently and have an interest in what’s going on in the AMTSO community. If you have any friends or colleagues who would like to be kept informed of developments in the testing world, they can sign up here. If you’d like to know more about joining the AMTSO community, there’s information and an application form here.