Presentations‎ > ‎

Testing protections against web based threats



Lightning Talk


Anti-malware protection is continuously changing.  25 years ago security products were able to be tested against all known existing threats.  Protection solutions changed only a few times a year. At that time, all protection benchmark tests were repeatable. Nowadays both the threats and the solutions are changing continuously. In this paper the possible solutions for how to execute a protection test in this situation will be presented.  For reliable testing what can a tester do to provide comparative results? The following problems exist:
  • During the test the protection requires a cloud connection to function properly. But the tester has to protect the public from the tested threat while potentially infected test computers are on the net.
  • Attack samples have to be presented to all tested products at the same time. Otherwise an  advantage might occur for one of the products being compared in the test. 
  • Malicious content (even if it comes from the net using a malicious URL) must be the same for all products. Thus the malicious content has to be cached and provided to the testing clients.