AMTSO News 2023-11-10

Welcome to our regular roundup of events and activities in and around AMTSO. 

Meetings and Events

The latest Testing Town Hall event was held this week, featuring some excellent guest presentations from GASA/ScamAdviser and ECSO. A recording of the event and slide decks have been made available to AMTSO members via the member website and Sharepoint portal, and edited recordings will be posted to our public site next week. Our next Testing Town Hall will be held in February 2024, non-members can sign up to attend these events here.

RTTL and ThreatList

Another call for the RTTL team was held last week, we welcomed the trial of new contribution feeds from AMTSO members Varist and Webroot/Opentext and hope to see several more members added to the list of contributors in the next few months. All systems for the new ThreatList are now in place and we anticipate opening the system to sign-ups next week.

XDR Testing Criteria

This week’s scheduled call for the XDR project team was postponed due to the Testing Town Hall event, work continues on our taxonomy system and gathering of configuration guidance from major vendors in the XDR space. The project team will meet again in two weeks’ time.

Sandbox Testing Guidelines and Tools

We held an initial call last week to discuss proposals for AMTSO to develop a set of guidelines, and potentially also test tools, to facilitate the testing, rating, and comparison of sandbox solutions, measuring their capabilities and efficacy with a focus on penetration of obfuscation and evasion techniques. A preliminary outline for a set of guidance is being put together and we plan to form a working group to help complete this project. Any members with expertise in this area are welcome to sign up for the working group via the usual channels, and we plan to also consult non-member specialists in the field for their input as the project develops.

New Frontiers group

With a new regular call slot in our members’ calendars, the group working on outreach to enterprise users/purchasers held a call last week, looking at timings and locations for events in 2024; some details of these were shared on the Town Hall event this week. Work is under way to gather feedback from AMTSO members’ own internal security teams, to help us form an advisory panel of CISOs and others involved in product evaluation. Preliminary planning work is also ongoing to hold some in-person meetings alongside the RSA conference in May 2024 and to schedule a larger event next to our member meeting later in the year, we plan to start initial promotion of these events next week.

AMTSO Standard and Test Calendar

Our test calendar has had the usual set of updates to cover recent tests, including Q3 data from SELabs’ Endpoint Protection test; upcoming tests through November include Q3 reports from MRG Effitas as well as the first set of data from Virus Bulletin’s VB100 certification under the AMTSO Standard. Here’s a summary of activities from our Standard compliance team:

  • Phase 2 Commentary covering SecureIQLab’s ACFW Test (AMTSO Test ID: AMTSO-LS1-TP070) launched on Wednesday, October 25th, 2023.  Due to geopolitical issues involving some of the companies involved in this test, the dispute phase has been extended through the end of November 2023.  AMTSO’s Phase 2 Commentary period will be correspondingly extended.  The AMTSO Compliance Report is now expected to be issued early-December, 2023.
  • The AMTSO Compliance Report covering the SE Labs Q3’2023 Endpoint Test (AMTSO Test ID: AMTSO-LS1-TP083) was issued on Thursday, November 2nd, 2023 as planned.
  • A Public Test Notification was issued covering the AVLab Cybersecurity Foundation’s November 2023 Advanced In-the-Wild Malware Test (AMTSO Test ID: AMTSO-LS1-TP096) on Friday, November 3rd, 2023.  Phase 1 Commentary will launch shortly.
  • An AMTSO Compliance Confirmation Report was issued covering the AVLab Cybersecurity Foundation’s September 2023 Advanced In-the-Wild Malware Test (AMTSO Test ID: AMTSO-LS1-TP086) on Wednesday, November 8th, 2023.

Information on all published and upcoming tests being tracked by AMTSO can be found in our test calendar.


We look forward to welcoming our latest new member, Antiy, expected to complete the sign-up process next week. Several more potential new members are in talks to join our community, we welcome prospective new members to find out more information and submit an application to join via our joining page.


We send this newsletter to all AMTSO member representatives, as well as non-members who have engaged with AMTSO recently and have an interest in what’s going on in the AMTSO community. If you have any friends or colleagues who would like to be kept informed of developments in the testing world, they can sign up here. If you’d like to know more about joining the AMTSO community, there’s information and an application form here.