-- Vendor-Independent Anti-Virus Information and Education Site --
By Bill Grogg
One of the most important features to look for when selecting an anti-virus package is ICSA Certification. The ICSA, or International Computer Security Association, is an independent organization offering information on computer security issues and certification of security products. Their anti-virus product certification is generally accepted as the seal-of-approval for products that are effective in detecting all viruses known to be circulating in the wild. Viruses in the wild are the real world threat.
For a product to receive certification, it must pass a number of rigorous tests. Version 3.1.0 of the certification test criteria states that the "ON DEMAND" module must detect ALL of the viruses known to be in the wild as listed in Joe Wells' Wild List (See Viruses In-the-Wild), 100% of the ISCA Labs Common Infectors Test Suite, 100% of the ICSA Labs Polymorphic Test Suite and 90% or more of the ICSA's Virus Collection (sometimes referred to as the "zoo") of between 10,000 and 20,000 viruses without causing any false alarms.
In order for an "ON-ACCESS" or real-time scanning module to be certified, it must, like the "ON DEMAND" module, detect 100% of the viruses listed as 'in the wild'. Additionally, it must detect 90% of the macro viruses in the ICSA Labs Virus Collection and not cause any false alarms.
For details on the certification testing process, see the Anti-Virus Scanner Criteria document on the ICSA web site.
Currently the ICSA Certified anti-virus products are (last two column show "ON DEMAND" and "ON-ACCESS" certifications):
Return to the Timberwolf Anti-Virus Information Center table of contents