ICSA Labs Launches “Endpoint Security Consortium” to Test Enterprise Endpoint Security Products

New Endpoint Security Product Developers’ Consortium to Improve Critical Class of Security Products

ICSA Labs, the vendor-neutral IT security testing and certification of division of Verizon Business, announced it has founded the “Endpoint Security Consortium” to help improve enterprise endpoint security products industrywide.

The group’s mission is to create publicly vetted, objective and credible criteria to test and certify endpoint security products against, as well as educate end users about endpoint products. Additionally, consortium plans to evaluate endpoint security products (including anti-malware, personal firewall and host intrusion prevention and detection) as components of integrated Internet security programs, something traditionally done on an individual basis.

“With such a broad range of products touching endpoint security, it is important that the industry pulls together to create consistency among these products to form an effective barrier against this class of threat,” said Andrew Hayter, anti-malcode program manager of ICSA Labs. “The creation of objective testing criteria will create a bar against which endpoint security products will be measured. As part of its charter, the consortium will also advance knowledge and best practices for endpoint security.”

The consortium’s charter members include AVG, McAfee and Microsoft Corp.

“McAfee looks forward to participating in the new ICSA Labs Endpoint Security Consortium and collaborating with the testing lab to drive endpoint security standards,” said Suresh Subramanian, senior product manager at McAfee. “As a leading security provider, McAfee is pleased to see the industry work together to develop more real-life-type testing and evaluation standards that help customers choose the right products for their unique environments.”

The consortium is currently working on the draft criteria that ICSA Labs is proposing to use for endpoint security product certification testing. Once the criteria are accepted by the consortium members, ICSA Labs will begin accepting products into endpoint security certification testing.

Earlier this month, Verizon’s RISK Team and ICSA Labs announced the “VERIS community Web site,” a crowd-sourced collection of data breach incidents. Using the site, organizations and individuals can share their data by using an online application for collecting, classifying, analyzing and comparing security incident information.

More information on ICSA Labs’ Endpoint Security Consortium is available at: http://www.icsalabs.com