Some security software vendors employ reputation systems in order to detect a malicious Website, which usually involves checking a database of blacklisted Websites. Those systems, however, are not widely used and are immature, NSS Labs said. Overall, it took vendors an average of 45.8 hours to block a site, if it was blocked at all, according to the report.
If a software suite did not block a bad Website the first time, they continued to test the site against the software every eight hours to see how long it took a vendor to add protection. Times ranged from 4.62 hours for the best performing vendor to 71.01 hours for AVG and 92.48 hours for Panda.
Block rates varied depending on how long the malicious Website has been active. The researchers have a "zero-hour" criteria where it checks whether the software can stop newly found sites. The results aren't great. The best vendor was able to block new sites only 60.6 percent of the time. At the bottom end, AVG, Panda and Eset's software could do that less than 44 percent of time.
Moy said security companies could make vast improvements in their ability to detect brand-new malware. For consumers and enterprises, buying the brand that takes out the largest ad space doesn't necessarily equate to better security, he said.
Up to one-third of security software contracts change hands every year. "Enterprises are definitely dissatisfied with the protection," Moy said. "They're looking around."
Send news tips and comments to firstname.lastname@example.org