Each major antivirus vendor has their own malware researchers, antivirus signatures, heuristics, and proprietary malware detection technologies. Malware is now a greater problem than ever before—for enterprises, consumers, and organizations large and small. When it comes to detecting known malware and increasingly sophisticated zero-day attacks, each vendor tries to stay ahead of the game. The rise of file-less malware has, of course, made this the challenge even greater. The people, institutions, and businesses who depend on having the best possible antivirus products and services deserve to have the guidance of third-party testers and independent standards when choosing a vendor. Unfortunately, some of these efforts have resulted in a legal challenge.
The Anti-Malware Testing Standards Organization (AMTSO) was recently founded with the intent of applying objective and independent standards to the antivirus industry. This May, they announced their first Testing Protocol Standard: “The Standard was developed by a working group within AMTSO, comprised of 20 cybersecurity vendors and testers, and adopted by the AMTSO membership and Board of Directors on May 22, 2018. AMTSO believes the use of the Standard by anti-malware testers will help assure consumers that compliant tests were conducted in good faith, without bias, and with full transparency of engagement between testers and vendors.”
AMTSO President Dennis Batchelder added, “We’re using a Standards-as-a-Service approach. That will keep the Standard relevant and valuable to all our members.” Not everyone believes AMTSO’s Testing Protocol Standard is good for objectively evaluating antivirus products. On September 19th, security product testing firm NSS Labs filed an antitrust lawsuit against AMTSO, and vendors Symantec, ESET, and CloudStrike. They’re being accused of unfairly allowing their products to be tested only by AMTSO Testing Protocol Standard-compliant organizations. NSS Labs may suspect AMTSO of being the means for an antivirus industry oligopoly.
Here’s how Investopedia defines the term: “Oligopolies are prevalent throughout the world and appear to be increasing ever so rapidly. Unlike a monopoly, where one corporation dominates a certain market, an oligopoly consists of a select few companies having significant influence over an industry. Oligopolies are noticeable in a multitude of markets. While these companies are considered competitors within the specific market, they tend to cooperate with each other to benefit as a whole, which can lead to higher prices for consumers.”
NSS Labs CTO Jason Brvenik said, “It’s driven by vendors to create a picture of capabilities that are not true. The standard is more like guidelines to interact with than a standard, and it doesn’t make things better for products.”
CrowdStrike, one of the companies of which NSS Labs is suing, released their own statement: “NSS is a for-profit, pay-to-play testing organization that obtains products through fraudulent means and is desperate to defend its business model from open and transparent testing. We believe their lawsuit is baseless.”
Clearly, each party believes they’re the ones being fair and objective, and it’s the opposing party who’s being dishonest and unjust. Organizations in the process of choosing an AV vendor may see this situation the way a mother sees her bickering children. “He started it!” “No, she started it!” But it will be interesting to see what happens with this antitrust lawsuit.