Testing times – they are a changing

Several posts over the last few months [1][2] have talked about quality of virus detection. Whenever testing of anti-virus products is mentioned there are always arguments over the independence of the tests, the validity of the methodology and also over the completeness of the tests. The threat is constantly changing and those of us involved in protection spend our time between providing protection for threats that are out there now and providing protection for threats that are likely to emerge.

As a consequence of the changing threat there is constant innovation in our detection techniques. This covers both improvements in our behavioral genotype detection as well as new technologies such as HIPS and suspicious detection.

The next consequence of this changing threat is that the testing of such products must evolve to ensure their results have continued relevance to today’s customers. One of the initiatives, instigated by av-test.org, that is taking place currently is the Anti-Malware Testing Taskforce which is a consortium of testing organisations and AV companies. This group will be meeting on Jan 21-22 2008 in Bilbao to progress the initiative. I will be representing Sophos at these discussions and I look forwards to updating you on the outcome of the meetings.