NSS Labs Admits Its Test of CrowdStrike Falcon Was Inaccurate

  /     /     /  
Publicated : 23/11/2024   Category : security


NSS Labs Admits Its Test of CrowdStrike Falcon Was Inaccurate


CrowdStrike, NSS Labs reach confidential settlement over 2017 endpoint product testing dispute.



[This article was updated on 5/25/2019 with updated and corrected information on the status of NSS Labs lawsuit over the AMTSO testing protocol]
NSS Labs has retracted its 2017 publicly reported and disputed test results of CrowdStrikes Falcon endpoint security product as part of a confidential settlement reached with the security vendor over a pair of lawsuits.
The February 2017 advanced endpoint protection test report, which graded Falcon poorly, was challenged in court by CrowdStrike in a lawsuit, which alleged that the testing was incomplete and conducted using illegally obtained Falcon software, and defied CrowdStrikes request for NSS Labs to halt the testing.
In a statement posted on its website this week, NSS Labs said that its 2017 test results of CrowdStrike Falcon were inaccurate and had been retracted.
NSSs testing of the CrowdStrike Falcon platform was incomplete and the product was not properly configured with prevention capabilities enabled. In addition to the results having already been acknowledged as partially incomplete, we now acknowledge they are not accurate and confirm that they do not meet our standards for publication, NSS Labs said in the statement, which also included an apology to CrowdStrike for the inaccurate test results.
NSS Labs released the full AEP test report, including the flawed results of Falcon, during the 2017 RSA Conference. CrowdStrike had requested a temporary restraining order and preliminary injunction against NSS Labs to halt the reports publication, but the court dismissed that request and the report went out.
George Kurtz, president and CEO of CrowdStrike,
at that time said
the tests were run using incomplete and incorrect information, and run improperly. CrowdStrike had hired NSS Labs in 2016 to perform private testing of Falcon, but later dropped the testing deal after the concerns over the quality of tests, which detected legitimate applications like Adobe and Skype as malicious, for example.
NSS Labs, however, continued to perform public tests on Falcon using software it acquired via a reseller.
The testing organization has been no stranger to controversy and conflict with security vendors. Its currently embroiled in another lawsuit: in September of 2018, NSS Labs filed an antitrust lawsuit against CrowdStrike, ESET, and Symantec as well as the Anti-Malware Testing Standards Organization (AMTSO), over a vendor-backed testing protocol. The nonprofit AMTSO adopted a
testing protocol standard
that its members had voted for and plan to adopt.
With the recent settlement between NSS Labs and CrowdStrike, CrowdStrike is no longer a party in that case. 
NSS Labs
accused AMTSO
and the three security vendors of unfairly allowing their products to be tested only by organizations that comply with the AMTSO. CrowdStrike at the time dismissed the suit as groundless, stating: NSS is a for-profit, pay-to-play testing organization that obtains products through fraudulent means and is desperate to defend its business model from open and transparent testing.
Related Content:
What You Need to Know About Zero Trust Security
MITRE Changes the Game in Security Product Testing
 
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
CrowdStrike Fails In Bid To Stop NSS Labs From Publishing Test Results At RSA

Last News

▸ Making use of a homemade Android army ◂
Discovered: 23/12/2024
Category: security

▸ CryptoWall is more widespread but less lucrative than CryptoLocker. ◂
Discovered: 23/12/2024
Category: security

▸ Feds probe cyber breaches at JPMorgan, other banks. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
NSS Labs Admits Its Test of CrowdStrike Falcon Was Inaccurate