Setting Up an Anti-Malware Testing Environment

Testing anti-malware products can be performed in a safe and secure manner if the tester follows best practices. Testing in a virtual machine (VM) that is isolated from the host device, as well as isolated from the production network, ensures that a security analyst can execute malware safely and in a manner that yields the most accurate test results.

In practice, accurate results are a product of recreating production environments as accurately as possible. It follows that accurate reproduction of a production environment warrants the accurate reproduction of attacks against that environment. This outcome can be achieved with software that virtualizes a physical machine.

“Testing anti-malware products can be performed in a safe and secure manner if the tester follows best practices. Always test on a network that is separated from production,” says Chad Skipper, VP of Industry Relations & Product Testing.

“Accurate test results allow security professionals to properly vet available solutions for their networks and devices, and it is therefore imperative that these tests reflect the environment that the tested products will eventually protect.”

Once the virtual environment has been established, install the anti-malware product of your choice for testing and ensure it has been configured and updated with the policies you intend to run within your environment. Check to ensure the anti-malware product is up to date and running the policy of choice. Virtualization software, such as VMware, should also be updated to the most recent version.

Now, where can you get malware? There are many legitimate sources for obtaining malware samples. If you don’t have a “zoo” (your own library of malware), then visit TestMyAV: a website with a single purpose – to enable people to test anti-malware solutions for themselves.

Rather than trusting vendors, testing companies, and salespeople at their word, TestMyAV knows (Read more...)

This is a Security Bloggers Network syndicated blog post authored by The Cylance Team. Read the original post at: Cylance Blog