The Anti-Spyware Coalition, National Cyber Security Alliance, and StopBadware.org have clubbed together to form the Chain of Trust initiative, which will look together at security vendors, researchers, internet service providers, and government agencies. The three organizations hope that the initiative will help to establish a united front against the malware threat.
The initiative hopes to map the vulnerable points between different entities, because it is these gaps that provide the loopholes for malware writers to exploit. "Only by identifying all the vulnerable links in understanding how they connect to one another can malware fighters get a handle on the problem and begin to develop consensus of solutions," the trio in a statement.
Having mapped the network of different organizations and individuals that play a part in creating and distributing legitimate software and services, the group will identify critical ways in which they can work together. It expects to produce a paper with the results of this mapping project by the end of the year.
In related news, the anti-malware community also united in an attempt to compare independent anti-malware reviewers to its own reviewing standards. The Anti-Malware Testing Standards Organization announced this week that it will begin to analyze anti-malware reviews, in a bid to ensure that independent tests of anti-malware products conform to its own standards. It published guidelines on what constitutes a valid sample to be used in tests. It also produced an overview of the challenges involved in testing cloud-based security products, which are not installed locally.
"AMTSO wants to promote great testing that is meaningful, accurate, and, above all, useful to customers," said board member Stuart Taylor, of Sophos. "Sadly, many published texts range from misguided to misleading. Just the anti-malware companies hunt out and eliminate rogue anti-malware software, so AMTSO needs to hunt out and eliminate rogue tests and reviews."
Independent testing laboratories that compare malware products include ICSA Labs, and AV-Comparatives.org, both of whom are members of AMTSO, and who will likely have contributed to its testing guidelines.