• Home »
  • Big stories »
  • Cybersecurity firms in antitrust spat over product testing practices

28 September 2018 at 07:40 BST

Cybersecurity firms in antitrust spat over product testing practices

In an escalating dispute over product testing reports, NSS Labs launches lawsuit against major vendors and standards organization.


NSS Labs, an independent US cybersecurity testing company, has filed an antitrust suit against CrowdStrike, Symantec, ESET and the Anti-Malware Testing Standards Organization (AMTSO) accusing the anti-malware vendors and AMTSO of conspiring to ‘restrict competition in the testing of cybersecurity products’ by boycotting NSS Labs.

Other co-conspirators

The lawsuit claims the vendors have used end-user license agreements that restrict comparative or competitive testing of their products by independent organizations like NSS Labs, which is currently a member of AMTSO. NSS Labs has also indicated the suit could include additional parties in the future. The firm has selected what they see as the main vendors, along AMTSO, as leaders of the conspiracy. They state ‘other unnamed co-conspirators’ are involved and  caught be caught up in the case. CrowdStrike issued a statement confronting NSS Labs, saying ‘NSS is a for-profit, pay-to-play testing organization that obtains products through fraudulent means and is desperate to defend its business model from open and transparent testing. CrowdStrike asserted, ‘we believe their lawsuit is baseless.’

Gone sour

A dispute has been ongoing between CrowdStrike and NSS Labs since 2017, after a private agreement when sour leading to the vendor filing a lawsuit against the NSS Labs for publishing unfavourable test results for CrowdStrike's Falcon endpoint protection platform. A temporary restraining order and preliminary injunction against NSS Labs was sought to prevent a report on advanced endpoint protection product tests being published. CrowdStrike accused NSS labs of faulty testing and argued that publishing the test results constituted a misappropriation of trade secrets and posed ‘irreparable harm.’ A US district court judge denied CrowdStrike's request for a temporary restraining order or preliminary injunction, and the report was subsequently published causing the dispute to escalate. In the meantime, AMTSO issued a statement responding to the lawsuit denying all claims made against the organization. AMTSO president Dennis Batchelder defended the organisation in a blog post ‘we were disappointed that one of our members chose to file an antitrust lawsuit against us and other AMTSO members. We were even more surprised at their allegation that our organization is only vendor-driven, which just isn't true.’


Also read...

Confusion over big four Indian law change

Report says big four accounting firms may soon be able to practice law in India after all.