SOURCE Boston 2010 Anti-Virus Product Testing Sessions
|
Measuring Security: Making Sure We Measure The Actual Security Anti-Virus Products Provide Customers
Traditional measures of security product performance rely on isolating known threats and attempting to infect test AV products in controlled laboratory settings. This approach has been rendered hopelessly inadequate as cybercriminals have learned to overwhelm AV products with tens of thousands of new threats and variants each day. As recently as 2005, less than 50 new threat variants per hour were being observed by industry researchers. Today, over 2000 new threats per hour are being observed.  Historically, the standard metric of AV product security performance has been the detection rate (# of threats detected / # of threats exposed). As AV product vendors have altered their security strategies and product architectures in response to cybercriminal innovation, new metrics have emerged that are more indicative of the actual security provided to customers in today's threat environment. Among these are: (1) ability to detect threats based on their source (URL or IP address) rather than by analysis of malware code; (2) the time from when a security vendor first sees a new threat to when the vendor is providing customers active protection against it (the so-called, “time-to-protect”). Moreover, AV product testing conditions themselves have been called into question. To accurately predict actual product performance, some sort of software equivalent to clinical trials for pharmaceuticals is required to assure that products are tested under conditions relevant to customers. GOALS: Allow representatives of the leading independent testing labs to explain how they have adapted their security product testing metrics in response to cybercriminal innovations and security vendor responses - with the goal of making the results of independent lab testing more accessible and valuable to security product recommenders and purchasing decision makers. TAKEAWAYS: 1. Learn why traditional security product testing methods do not adequately measure the actual security provided to customers by security products. 2. Learn how cybercriminal innovation has forced the security industry to alter both security product architectures and the methods for measuring their performance. 3. Learn what new metrics are being adopted to measure the actual security performance in today's threat environment. 4. Learn how to interpret the metrics and product rankings in security benchmarking tests conducted by independent laboratories. TARGET ATTENDEE: Security product recommenders and purchasing decision makers. PRESENTERS: AV-Comparatives
Peter Stelzhammer CheckVir Labs Ferenc Leitold Dennis Technology Labs Simon Edwards NSS Labs Vik Phatak PC Security Labs Jeffrey Wu West Coast Labs Scott Markle  Peter Stelzhammer AV-Comparatives Austria AV-Comparatives is an Austrian non-profit organization providing independent Anti-Virus software tests free to the public. AV-Comparatives tests measure on-demand, retrospective, false positive, and malware removal protection offered by various security solutions. In 2010, AV-Comparatives is introducing its Whole Product Dynamic Test which test security solutions under real-world conditions.  Ferenc Leitold CheckVir Labs Hungary CheckVir tests anti-virus products and solutions independently from developers, helping users and anti-virus companies as well. On-demand and on-access scanning methods of anti-virus products are tested monthly on various platforms against in-the-wild threats. CheckVir Labs provides information free on its web site for installing anti-virus policy and/or choosing anti-virus solutions.  Simon Edwards Dennis Technology Labs UK Dennis Technology Labs is an independent testing facility that evaluates personal and business technology, including hardware and software, specialising in security testing, using a world-class anti-malware testing framework. Dennis Technology Labs work with businesses, technology vendors and magazines to provide accurate and realistic test results that are useful to consumers and vendors' internal teams.  Vik Phatak NSS Labs USA NSS Labs is an independent product analysis lab helping organizations worldwide make empirically informed decisions about how to purchase and maintain complex information security defenses. NSS Labs provides subscription-based information services and consulting. testing and reports that offer unique insights into product functionality, security efficacy, performance and manageability. NSS Labs operates the largest security & performance lab in the world. NSS Labs is independent, and does not have a parent company that competes with product vendors or that sells advertising.  Jeffrey Wu PC Security Labs China PC Security Labs (PCSL), is an independent research organization focusing on security software test and test standard development based on the principle of “scientific, precise and independent”. PCSL has established an efficient antivirus test system with over 30 security vendors participating in their bi-monthly “PCSL Total Protection Test” that combines static scan testing, dynamic testing , and both static and dynamic false positive test into a single comparative test.  Scott Markle West Coast Labs UK West Coast Labs specializes in functionality testing, performance validation and the Checkmark Certification of information security products and services. The company has a global client base of Fortune 500/1000 companies, government agencies and leading technology developers, providing a wide range of product testing and technical consultancy services. Sessions will be moderated by Andy Jaquith  |
Upcoming Events
SOURCE Barcelona 2010
September 21-22, 2010
Museu Nacional D’art de Catalunya, Barcelona, Spain
CFP Status: Closed
SOURCE Boston 2011
April 20-22, 2011
Seaport Hotel, Boston, MA
CFP Status: Opens Oct 15
SOURCE Seattle 2011
June 16-17, 2011
Maritime Event Center
CFP Status: Opens Dec 1