AMTSO Launches the ThreatList to Strengthen Industry-Wide Threat Intelligence Sharing

Goal is to provide a platform for reporters to exchange malware seen in the wild and to give independent test organizations and other partners access to a curated list of known threats
AMTSO Logo

AMTSO, the cybersecurity industry’s testing standard community, today announced it is introducing the ThreatList, a new platform allowing cybersecurity companies and researchers to exchange critical malware samples they see in the wild. The objective of the ThreatList is to foster the collaborative exchange of threat intelligence in the industry among cybersecurity firms, researchers, CERTs, and independent test organizations. 

“The elimination of Verizon’s ICSA WildList left a gap in the cybersecurity industry, which we are looking to fill with the AMTSO ThreatList. The goal is to provide a platform for next-generation threat intelligence sharing, based on a steady stream of malware samples allowing security companies and researchers to improve detection of cyber threats, and to give access to this threat intelligence for testers, supporting cybersecurity product testing based on the latest in-the-wild malware,” said Alexander Vukcevic, CTO at AMTSO. 

AMTSO will leverage the infrastructure of its existing AMTSO Real Time Threat List (RTTL) to host the ThreatList. The ThreatList backend is designed to provide a steady stream of samples of first and second-stage malware, and malware hosts (URLs). To provide a high-quality of samples, threat reporters are encouraged to submit only their most prevalent samples, and zero days seen in the wild. Samples submitted need to be free from any personally identifiable information (PII). 

To ensure legitimate use of the ThreatList, access for non-reporters such as testers is limited and requires approval by the oversight board established by AMTSO. The oversight board is responsible for setting up and updating rules for threat reporting and access, voting on the admission of new reporters, and granting and removing access to threat samples.  

Malware researchers and test labs interested in participating in the ThreatList project free of charge will find more details at: https://www.amtso.org/threatlist/ 
 

About AMTSO: 
AMTSO is the cybersecurity industry’s testing standard community, consisting of over 60 security and testing member companies from around the world. The organization offers a platform for knowledge-sharing and collaboration on objective standards and best practices for anti-malware testing and assessment of other cybersecurity products. The AMTSO standard raises the bar for cybersecurity tests, contributing to more fairness in the industry, and creating transparency for consumers and businesses looking for the best digital protection. www.amtso.org 

Source: AMTSO