Testing Characteristics

Below are five of the key characteristics in standard ICSA Labs Advanced Threat Defense Certification Testing:

  1. New Malicious Threats - In its standard ATD Testing, ICSA Labs uses only new and little-known malicious threats that traditional security products miss;
  2. DBIR Threat Vectors - ICSA Labs delivers malicious threats in standard ATD testing via several of the top threat vectors leading to enterprise breaches, according to Verizon's industry-standard Data Breach Investigations Report (DBIR);
  3. Recurring Testing - On a quarterly basis, ICSA Labs tests vendor solutions registered for testing.  Standard ATD Testing is performed continuously for  a minimum of three and as many as five weeks during each quarterly test cycle;
  4. Hundreds of Malicious Threats Per Test Cycle - During each quarterly test cycle, ICSA Labs delivers 100s of malicious threats.  The exact number of malicious samples varies during each quarterly test cycle.  For example, there were over 600 malicious samples used in the initial test cycle.  ICSA Labs also incorporates innocuous applications and legitimate application behavior to test for false positives;
  5. Improving Security Vendor Solutions - Following each week of testing, ICSA Labs provides customers with data related to any misses and false positives including the threat itself, pcaps, product logs, and before/after screenshots.  With this data, vendors can both dispute the results and use the findings to improve their product's detection capabilities.