If a software suite did not block a bad Web site the first time, they continued to test the site against the software every eight hours to see how long it took a vendor to add protection. Times ranged from 4.62 hours for the best performing vendor to 71.01 hours for AVG and 92.48 hours for Panda.
Block rates varied depending on how long the malicious Web site has been active. The researchers have a "zero-hour" criteria where it checks whether the software can stop newly found sites. The results aren't great. The best vendor was able to block new sites only 60.6 per cent of the time. At the bottom end, AVG, Panda and Eset's software could do that less than 44 per cent of time.
Moy said security companies could make vast improvements in their ability to detect brand-new malware. For consumers and enterprises, buying the brand that takes out the largest ad space doesn't necessarily equate to better security, he said.
Up to one-third of security software contracts change hands every year. "Enterprises are definitely dissatisfied with the protection," Moy said. "They're looking around."
Sign up for Computerworld eNewsletters.