The Anti-Malware Testing Standards Organization (usually referred to as the AMTSO) is a non-profit organization that was founded in 2008. As the name implies, the goal of the organization is to help develop more standardized and objective anti-malware tests. In addition to encouraging general public discussion on the testing of anti-malware products, the organization promotes anti-malware testing education, and publishes standards, best practices, and tools to aid in anti-malware product testing. One of the biggest topics has been WordPress malware removal. That platform has many vulnerabilities especially for sites that are not kept up to date.
The organization was formed by security vendors and security product testing organizations, and initially was administered by an unpaid, elected board of directors, though an executive team was added in 2012. Much of its membership was and still is comprised of security vendors and individual testing organizations, which has been a source of controversy over the organization’s credibility in the past. More recently (particularly after the shift in the organization’s management structure) there has been a rise in the membership of other organizations and even individuals. These include academic and media related organizations, and some individual security experts.
Since its inception, the organization has created and published a number of resources that are available to the public to aid in the testing of anti-malware products. One of the most useful that is readily available to end users is their security features check, which is published via the organization’s website. Both an Android and a desktop variant are available; each of these checks attempts to download a file to the device being tested. If it is configured correctly and properly conforms to the industry anti-malware standards set forth by the AMTSO, the file will be caught and flagged by the anti-malware product on the tested device. Thus the test serves as both a simple check for end users to verify whether their configuration for a known and reputable anti-malware product is correct, and as a way to test whether other products conform to industry standards.
Although the primary function of the AMTSO is the testing of anti-malware solutions, the organization also maintains a list of real-time malware threat samples, which is available to registered users only. This list allows testers to verify that their test samples and methodology are relevant to real world threats.
King, Stuart. “Anti-Malware Testing Standards Organization.” ComputerWeekly. N.p., 10 Feb. 2008. Web. 28 July 2016. <http://www.computerweekly.com/blog/Risk-Management-with-Stuart-King-and-Duncan-Hart/Anti-Malware-Testing-Standards-Organization>.
“Real Time Threat List (RTTL).” AMTSO. N.p., n.d. Web. 28 July 2016. <http://www.amtso.org/rttl/>.