McAfee, Symantec, Trend Micro, ICSA Labs and Thompson Cyber Security Labs have announced an agreement to create identification and testing methodologies for spyware mitigation technologies. They claim that as a result of the collaboration, enterprise and consumer customers will be able to make better informed anti-spyware technology decisions, with product tests based on standardised third-party evaluation criteria and with common standard samples used in detection and testing environments.
Spyware is one of the fastest growing risks to IT consumers and organisations, increasing at an estimated rate of 50 to 100% year over year, according to some security experts.
When publishing results and product recommendations, few product testers currently document their test samples or methodology, and many use very small sample sets in their testing environments. As a result, there is no distinguishable benchmark for comparison of anti-spyware product vendors, leaving customers unclear as to the most effective products and solutions for their environments, according to the newly formed group of vendors.
"There is an enormous amount of confusion in the marketplace about the origins of spyware and the effectiveness of the tools designed to fight it,' said Larry Bridwell of ICSA Labs, an independent division of Cybertrust. 'This agreement is an important first step in maturing the industry to the point where it can effectively combat the proliferation of spyware on behalf of customers, providing a safer and more efficient online environment for everyone."
Future initiatives of the group of spyware experts will leverage the participating members' experience in anti-virus research cooperation for threat naming conventions, intelligence-sharing best practices, and emergency information distribution guidelines. The group will use the definitions created by the Anti-Spyware Coalition (ASC) and work closely with the ASC in its effort to develop guidelines for research tools. Many members of the group are active leaders in the ASC.
The group's anti-spyware testing methodology and best practices can be viewed at www.spywaretesting.org.