Back in 2001, our chief scientist for security, Joe Wells, wrote a seminal piece on antivirus testing. It’s called Pragmatic Anti-Virus Testing and if you’re involved in testing security products, it’s well worth a read. Joe has an extensive experience in antivirus research and testing, having been involved in this field for almost 20 years at IBM Thomas Watson Labs, Symantec, Trend and other companies. He also founded the Wildlist.
We can talk to technical managers in large corporations who deal with AV problems every day. (Now, there’s a novel idea: ask users what they want to see tested.) This means it’s time to admit
that these people know their jobs and know what they need. In the past, some AV ‘experts’ have interpreted user requests as ‘wants’ as opposed to ‘needs’. (‘We know better than the users. We’ll
give them what they really need.’) This ideology is wrong. We do not know the users’ situation and environment better than they do. When they say they need something, they genuinely do need
it. We must listen to them – recognizing them as the professionals they are. Taking their requests and suggestions into consideration will help us fulfill their needs.
There are resources available to us within our own industry. A testing organization can ask an AV company how their product should be tested: QA staff should be asked what they test and how
they do it, and technical support staff should be asked what ‘really’ needs to be tested in a product, based on their experience of the problems they have encountered.
I’ve posted the entire piece here.
On a side note, Joe was recently interviewed by a magazine. They wanted some pictures of him, and of course, he sent pics of himself in his usual ultra-casual clothing.
Well, they wanted him looking more “corporate”. So this morning, Joe comes in for the photo shoot dressed in a suit and tie. But take a look at the tie.
Always the renegade…