NSS Labs sues Symantec, CrowdStrike and ESET

banner_220x220Cybersecurity testing firm NSS Labs has filed a lawsuit against Symantec, CrowdStrike and ESET, accusing the vendors of failing to reveal flaws in their products.

In the antitrust suit, NSS claims that the vendors have conspired to prevent the independent testing of their products. Antitrust legislation is designed to prevent monopolies on a given market and promote fair competition.

All three vendors are members of the Anti-Malware Testing Standards Organisation (AMTSO), which has a mandate to standardise testing methods. But  NSS CEO Vikram Phatak claims AMTSO members are instead “actively conspiring to prevent independent testing that uncovers product deficiencies to prevent consumers from finding out about them”.

He said: “Further, vendors are openly exerting control and collectively boycotting testing organisations that don’t comply with their AMTSO standards – even going so far as to block the independent purchase and testing of their products. Vendors such as CrowdStrike have conspired to prevent testing of their products by placing clauses in their end-user licensing agreements that make testing of their products subject to their permission. This unethical and deceptive behaviour hampers transparency and hinders consumers in their ability to assess whether a product delivers on its promises.”

NSS Labs said that, in the past, vendors that refused to take part in product testing would see their reputation damaged and sales hit.

With this in mind, vendors have now decided to boycott testing en masse, seeking to protect their reputations as a group, it claimed.

The vendors have not commented, so far.