AMTSO News 2024-02-09

Welcome to our regular roundup of events and activities in and around AMTSO. 

Meetings and Events

We have our next Testing Town Hall event coming up next week, on Wednesday February 14th. Talks from SE Labs and SecureIQLab feature on the agenda. Non-members can sign up to attend our events here:

We will be publishing a schedule of future Town Halls shortly, and some initial info on plans for our next member meeting, due in September/October, will be circulated to members soon.

Board and Management

This week we welcomed a new member to our Advisory Board – Jeffrey Linenfelser, currently Senior Principal at MITRE-Engenuity, will be joining the small team providing advice and guidance to our organization.

Initial preparations have begun for our annual elections to our Board of Directors, as usual four individuals will be voted into 2-year positions by our members with half elected by tester members and half by non-tester members. Voting will take place in May and a timeline for candidates will be circulated to members in the next few weeks. Any member representative interested in finding out more about running for a Board position, or wanting to stand as a candidate, is invited to contact us via the usual channels.

RTTL and ThreatList

Several more reporters have been added to the ThreatList system, with work continuing to recruit a wider network of sources; the reporters already enrolled have been working on getting their feeds up and running and we hope to see a steady quantity of quality samples feeding in very shortly. Several more test labs have signed up to make use of the feeds and we expect to see the first tests and certifications making use of the sample feeds in the very near future. Potential reporters can find more information and apply to join using this form:

Our RTTL working group held a call this week to review progress, looking into some minor interface issues and testing out changes made to accommodate the new ThreatList system.

XDR Testing Criteria

We held another call for our working group on XDR Testing Criteria last week, further refining our outline taxonomy for XDR components. Work is now under way to convert this into a simple checklist which can be used by testers to indicate which areas their testing covers, as well as by vendors to give an at-a-glance view of their offerings; we plan to test out this system with participating members over the next few weeks. Initial prototypes should be ready for review by the working group on the next group call.

New Frontiers group

Work on our project to connect with CISOs and others in the enterprise purchaser/user communities continues, with a further round of individual interviews planned over the next few weeks as we build out our network of interested parties.

AMTSO Standard and Test Calendar

Recent additions to our Test Calendar include the last batch of AV-Test reports (on Windows 10) not to follow the AMTSO Standard; the first under the standard are expected in the next few weeks. We also saw the first publication of data for 2024 from the VB100 certification program, with this year’s monthly releases all covered by a single AMTSO test ID and compliance confirmations being run periodically. Here’s a summary of activities from our Standard compliance team:

  • AMTSO Compliance Confirmation Reports were issued for the Testing Ground Labs December 2023 Consumer Android Malware Test Report (AMTSO Test ID: AMTSO-LS1-TP100) and December 2023 Enterprise Android Malware Test Report (AMTSO Test ID: AMTSO-LS1-TP101) on Monday, January 29th, 2024.
  • Phase 1 Commentary Collection covering the AVLab Cybersecurity Foundation’s January 2024 Advanced In-the-Wild Malware Test (AMTSO Test ID: AMTSO-LS1-TP102) closed on Monday, February 5th, 2024.
  • Phase 1 Commentary Collection for AppEsteem’s 2024 Unwanted Software (UwS) Handling Certification Test Series (AMTSO Test ID: AMTSO-LS1-TP108) closed on Tuesday, February 6th, 2024 with 25 companies invited to participate.
  • Phase 1 Commentary Collection for SE Labs Q1’2024 Endpoint Protection Test Plan (AMTSO Test ID: AMTSO-LS1-TP109) closed on Tuesday, February 6th, 2024.

Information on all published and upcoming tests being tracked by AMTSO can be found in our test calendar.


We send this newsletter to all AMTSO member representatives, as well as non-members who have engaged with AMTSO recently and have an interest in what’s going on in the AMTSO community. If you have any friends or colleagues who would like to be kept informed of developments in the testing world, they can sign up here. If you’d like to know more about joining the AMTSO community, there’s information and an application form here.