The company claims that developers conspire to bypass product testing
NSS Labs has ignited the controversy in the ever-challenging and obscure world of security product testing, such as antivirus, as the company has decided to sue several providers of these services and an organization of industry standards, as reported by specialists in ethical hacking from the International Institute of Cyber Security. The lawsuit was filed in the California court over the course of this week.
In the lawsuit against CrowdStrike, Symantec, ESET and the Anti-Malware Testing Organization (AMTSO), NSS Labs claims there is a conspiracy forged by these organizations to cover the serious deficiencies in the security tools they develop.
NSS Lab accuses these organizations of forging a pact to collectively boycott NSS, an independent testing lab, because if all manufacturers refuse to be analyzed, there is not much that independent labs can do. “These companies know about the flaws in their codes and do not act on it, they also actively conspire to avoid that analysis of independent ethical hacking experts that could reveal the deficiencies of their products”, says a NSS Labs statement.
“This is a very serious matter; the manufacturers designed a scheme to avoid testing on their products and thus not to invest in repairs, regardless of the consequences for the bad results. In addition, the AMTSO, which should promote the best practices of cybersecurity and ethical hacking, is colluding with these companies”, continues the statement of the claimant company.
This is not the first controversy between NSS Labs and CrowdStrike; Last year, CrowdStrike filed a request against NSS Labs to prevent the publication of the test results made to one of its developments. Litigation continues to this day.
In a statement published later, CrowdStrike denied the allegations of NSS Labs, mentioning that the lawsuit is baseless:
“NSS seeks to profit at the expense of software analysis by obtaining developments by fraudulent means; the organization is desperate to maintain its business model. We believe this demand is baseless”.
ESET, for its part, stated for several media: “We are aware of the accusations made by NSS Labs. However, as legal proceedings have just begun, we cannot say more besides the fact that we categorically deny the accusations. Our customers must be sure that ESET products have been rigorously tested by many independent reviewers around the world, have received numerous awards for their level of protection for end users for many years and are widely recommended by specialists in ethical hacking”.
In face of these statements, NSS Labs maintains its position and affirms that the legal process against the aforementioned companies will continue.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.