Transparency of changes to the testing system and website

March 2023

New: Since the May edition of the test, we have added an individual summary view for each Vendor at their request and that of the community. Better marketing perception.

New: We have started the procedure to join the group of experts from AMTSO (Anti-Malware Testing Standard Organisation).

January 2023

New: Added so-called Remediation Time feature to comparison.

New: Joining to a new cybersecurity expert group, so-called as Cyber Transparency Forum to develop new standards on transparency and endpoint cyber security.

Improved: Added Yara rule do the testing app to detecting and classifing malicious activity.

Improved: Added some rule to the testing app to detect malicious activity on Windows.

Improved: Added some new Antivirus Indicators Rules to the testing app.

Improved: Addition of new rules for better detection of malicious activity on Windows by Sysmon software.

November 2022

New: Development of the so-called Threat Landscape from the test:

  • Numbers of tested solutions.
  • Numbers of used unique samples.
  • Numbers of malware hosted over HTTP and HTTPS.
  • Total and average malicious changes made to Windows during dynamic analysis of the malware sample.
  • Industry average pre-launch level protection.
  • Industry average post-launch level protection.
  • Industry average blocked malware from the test of edition.
  • Hijacked servers location.
  • TLD compromised domains.
  • Domain with malicious files.
  • IP addresses with malicious files.


New: Replaced the old SHA-HTML table, where we assigned a malware sample to a product and a result. Instead, we simply provide a CSV file for everyone to download and view for better transparency.

September 2022

New: At the request of the community and Vendors, we have abandoned hosting malware for testing using a local DNS server and HTTPS server. We have replaced these with URLs in the wild downloaded in the browser.

New: We have changed the graphical presentation of the results.

May 2022

New: At the request of the community, we have simplified the differentiated levels of malware blocking Level 1, Level 2 at PRE-Launch and Level 3 at POST-Lanuch.

January 2022

New: Implementation of a graphical admin panel for faster and better management of test telemetry data on the backend infrastructure.

Whole Year 2021 and before

New: Changing the Process Monitor software for logging changes in Windows to the Sysmon tool with custom configuration.

New: Adding of Yara rules to pre-classify malware samples and reject invalid samples.

Improved: Replacement of old NPM package for DNS server with new package.

Improved: time zones in the database and files shared with Vendors as feedback from the test.

Improved: Change of log storage structure by test application on disk for backend infrastructure.