Anti-virus certification and ELAM
A route to accessing Windows Early Launch Antimalware (ELAM).
Anti-malware products monitor Microsoft Windows for malware. They try to notice when new, unwanted software runs, but some malware can be extra sneaky and hide. To get ahead of the game anti-malware products can start monitoring the system early, before other software applications start. The security software then watches as the various programs load during the Windows boot-up process.
Early Launch AntiMalware
While it is possible to run anti-malware software before other programs, it requires access to a special feature built into Windows. This is called Early Launch AntiMalware (ELAM).
Security vendors can create ELAM drivers that load earlier than many other applications. This gives them an early view on the system and they could potentially prevent malicious drivers and other malware from loading when Windows starts up.
As Microsoft puts it, “AM drivers are initialized first and allowed to control the initialization of subsequent boot drivers, potentially not initializing unknown boot drivers.”
How to get in early
Vendors can’t just write a special driver and wedge it into the early stages of the Windows boot process, though. It has to meet various requirements. These include:
- Being a member of the Microsoft Virus Initiative (MVI)
- Submitting the driver to Microsoft’s Windows Hardware Quality Lab (WHQL)
SE Labs works with Microsoft to help security vendors gain access to this important feature. While we can’t help companies to write their drivers, we can help with MVI membership. Each MVI member must have its security solution certified annually by a recognised testing organisation. SE Labs is one such test lab.
For example, a product that achieves at least an ‘A’ rating in an SE Labs enterprise, small business or home user endpoint protection tests subsequently fulfills Microsoft’s certification requirement.
SE Labs anti-virus certification can help security vendors access ELAM. If you are a security vendor and need certification please contact us now.
Sign up to our monthly business and personal security newsletters.
Find out more
Our latest reports, for enterprise, small business and home users are now available for free. Please download them and follow us on Twitter and/or LinkedIn to receive news, comment, updates and future reports.
Sign up to our monthly business and personal security newsletters.
See all blog posts relating to test results.
The post Anti-virus certification and ELAM appeared first on SE Labs Blog.
*** This is a Security Bloggers Network syndicated blog from SE Labs Blog authored by SE Labs Team. Read the original post at: https://blog.selabs.uk/2022/07/anti-virus-certification-and-elam/
