Understanding the benefits of ICSA Labs certification
Knowing the benefits of certification is important for security product vendors and enterprises to understand. The first step is to understand what certification is and what it is not.
Anti-malware products and services tested and certified by ICSA Labs are able to prevent end users from becoming infected by in-the-wild and other malware known to exist. To attain or retain certification, ICSA Labs tests products against its Anti-Malware Certification Testing Criteria. The requirements are geared toward products and services that can detect malware prior to causing an infection. Though it has had various forms over the years and while there have been a number of iterations, ICSA Labs' industry-vetted anti-malware certification testing criteria documents are testing standards that have been in place for over a quarter of a century!
The set of testing requirements in the ICSA Labs Endpoint Anti-Malware Certification Testing Criteria is applicable to both business and home user endpoint anti-malware products used in defending desktops, laptops, and servers from malicious code infection.
The set of testing requirements in the ICSA Labs Network Anti-Malware Certification Testing Criteria is applicable to network-based products and families of related network-based products designed to defend a business or home against malware at a network edge. Such network-based products are designed to detect in-transit malware typically delivered via threat vectors that often lead to breaches including but are not limited to web drive-by’s and web downloads.
In this optional testing, ICSA Labs tests how well endpoint anti-malware products remove known malware from infected files on an endpoint (when such removal is possible). Such anti-malware products and service offerings are able to remove the malicious components without adversely affecting the data or functionality that existed prior to becoming infected.
In this optional testing, ICSA Labs tests how well anti-malware products detect and prevent infection from malicious URLs or drive-by download. Such product and service offerings are able to block malicious code being delivered via a malicious URL.