Real Time Threat List (RTTL)

Frequently Asked Questions

What is the RTTL?

The Real-Time Threat List (RTTL) is a repository of malware samples collected by experts from around the world. The repository is managed, maintained and secured by the Anti-Malware Testing Standards Organization (AMTSO).

Who submits samples to the RTTL?

Anti-malware companies and anti-malware experts from around the world submit identified and validated samples to the RTTL, which include prevalence data that includes the distribution and source of the malware.

How can I access the RTTL?

Currently RTTL access is restricted to AMTSO members only. To find out more about the benefits of membership, check out our joining page. In some circumstances limited access may be granted to academics carrying out relevant research – to find out more about getting access, please contact [email protected].

Why is there a need for the RTTL?

As malware now travels the globe in real-time with the majority of infections happening through websites then a real-time system was needed to provide testers of Anti-Malware solution a repository of malware they can use to validate that anti-malware products are working in real-time to protect users. The end result of this being that published test results allows business and consumer to make informed decisions on what anti-malware solution best meets their requirements.

Who uses the samples from RTTL?

Testers looking at the efficacy of anti-malware products use the samples to validate their own collected samples that they test with to check for prevalence to ensure that what they are testing with are real world examples that threaten users and businesses. Academics researching or analyzing trends in the anti-malware industry can also use the RTTL to allow them to have a rich data source to work from.