An industry approach for unwanted software criteria and clean requirements

Presented at VB2018, Oct. 4, 2018, 11 a.m. (90 minutes).

Applications that use aggressive, evasive and unfair methods to deceive and exploit users for monetary gain have become one of the biggest threats to the anti-virus industry.

Unfortunately, the industry has not done enough to prevent this opportunity to exploit end-users: anti-malware vendors, testers, certifiers, and the monetization industry each have their own approach to installing and operating applications, making the detection of potentially unwanted software challenging.

An industry-wide approach is needed to align our approaches and define clear criteria for both installer and application behaviour. The goal is to create an independent organization, driven by the security industry, to deliver consistency and transparency of guidelines to the software and monetizer industries. An organization that maintains a collective set of requirements and policies, helps to align language on similar criteria, and connect everyone involved in the working group or through an advisory board. Simply put, an organization that builds an environment that everyone can use to keep users safe.

During this Small Talk the latest draft will be presented, followed by an active discussion of our industry approach to define, collect, track and align on criteria for both (potentially) unwanted and clean software.

Presenters:

• Alexander Vukcevic - Avira
  Alexander VukcevicAlexander Vukcevic heads the Protection Labs team at Avira and is passionate about all things which are related to keeping users protected from digital threats. He joined Avira as a malware researcher in 2000 and has more than 18 years of experience in the anti-malware industry. He embraces all responsibilities related to classification, detection and remediation used by the Avira technology core and is in charge of the collaboration with testing organizations. When he has free time, he enjoys video games, hiking, photography, and music. @prollex
• Jiri Sejtko - Avast
  Jiri SejtkoJiri Sejtko is Threat Labs Operations Director at Avast. He joined Avast as a malware analyst 12 years ago and since then he has presented at CARO, RSA, Virus Bulletin and other security events. Jiri is active in industry-focused groups such as AMTSO. In his free time, Jiri is an avid LEGO fan.

Links:

• https://www.virusbulletin.com/conference/vb2018/abstracts/industry-approach-unwanted-software-criteria-and-clean-requirements
• https://www.virusbulletin.com/uploads/pdf/conference_slides/2018/VukcevicSejtko-VB2018-USCAndCleanRequirements.pdf

Similar Presentations:

• AppSec USA 2017 / Leveraging the ASVS in the Secure SDLC
• VB2015 / The Clean Software Alliance, security, and the future of unwanted behaviours