SweX 871 Posted January 18, 2016 Share Posted January 18, 2016 (edited) AMTSO -> Anti-Malware Testing Standards Organization. Website: hxxp://www.amtso.org/ "The AMTSO web site now hosts a number of easy to use tools to ensure that endpoint security products are configured to protect you from viruses, drive-by-downloads, potentially unwanted applications (PUA), archived malware and phishing and cloud attacks. Because the usage growth of tablets and smartphones, endpoint security nowadays embodies more than just a desktop solution. Besides the Security Features Check for Desktop Solutions, AMTSO hosts similar checks for Android based devices. In the future, the AMTSO Security Features Checks will be extended to cover more features and expanded to cover more Operating Systems." Note: After clicking on any of the links below remember to check "Vendors supporting this feature" by scrolling down and look for your vendors logo/name. (Since this is the ESET forum I can mention that ESET supports all of the tests below) Feature Settings Check for Desktop Solutions. 1. Test if your protection against the manual download of malware (EICAR.COM) is enabled. hxxp://www.amtso.org/feature-settings-check-download-of-malware/ 2. Test if your protection against a drive-by download (EICAR.COM) is enabled. hxxp://www.amtso.org/feature-settings-check-drive-by-download/ 3. Test if your protection against the download of compressed malware is enabled. hxxp://www.amtso.org/feature-settings-check-download-of-compressed-malware/ 4. Test if your protection against the download of a Potentially Unwanted Application (PUA) is enabled. hxxp://www.amtso.org/feature-settings-check-potentially-unwanted-applications/ 5. Test if your protection against accessing a Phishing Page is enabled. hxxp://www.amtso.org/feature-settings-check-phishing-page/ 6. Test if your cloud protection is enabled. hxxp://www.amtso.org/feature-settings-check-cloud-lookups/ Feature Settings Check for Android based Solutions. 1. Test if your protection against the manual download of malware is enabled. hxxp://www.amtso.org/feature-settings-check-download-of-malware-for-android-based-solutions/ 2. Test if your protection against a drive-by download is enabled. hxxp://www.amtso.org/feature-settings-check-drive-by-download-for-android-based-solutions/ 3. Test if your protection against the download of a Potentially Unwanted Application (PUA) is enabled. hxxp://www.amtso.org/feature-settings-check-potentially-unwanted-applications-for-android-based-solutions/ 4. Test if your protection against accessing a Phishing Page is enabled. hxxp://www.amtso.org/feature-settings-check-phishing-page-for-android-based-solutions/ I will try to remember to edit this post if/when more tests are published on the AMTSO website and add them to the list above. Edited January 18, 2016 by SweX Link to comment Share on other sites More sharing options...
TomFace 539 Posted January 18, 2016 Share Posted January 18, 2016 (edited) Thanks SweX...very helpful. One of the Mods needs to pin this post. Edited January 18, 2016 by TomFace Link to comment Share on other sites More sharing options...
jadinolf 131 Posted January 18, 2016 Share Posted January 18, 2016 Well, ESET stopped them all. Looks like I got my money's worth. Link to comment Share on other sites More sharing options...
itman 1,538 Posted January 18, 2016 Share Posted January 18, 2016 (edited) Kudos for posting those links. It should be pointed out however that what these tests do is to verify the functionality of the noted security feature; not the effectiveness of same. Each of the participating security vendors has included within their signature database a signature corresponding the AMTSO test malware. Passing these tests do not guaranty that you can not be infected by some unknown 0-day malware. Edited January 18, 2016 by itman Link to comment Share on other sites More sharing options...
SweX 871 Posted January 18, 2016 Author Share Posted January 18, 2016 Kudos for posting those links. It should be pointed out however that what these tests do is to verify the functionality of the noted security feature; not the effectiveness of same. Each of the participating security vendors has included within their signature database a signature corresponding the AMTSO test malware. Passing these tests do not guaranty that you can not be infected by some unknown 0-day malware. Yes, it's good you point this out as it may not be 100% clear for everyone. But I take for granted that people actually take time to read (after clicking on one of the links) a little bit about what the test/check is meant for. E.g "By clicking on the CloudCar Testfile link below, your system will attempt to download the CloudCar Testfile. This file is NOT malicious, but by an industry wide agreement this file is detected as being malicious when Cloud Lookups are enabled so that people may verify that their Anti-Malware product’s cloud detection capability is configured correctly." Link to comment Share on other sites More sharing options...
Recommended Posts