Independent tests have shown that software companies churning out new security software often miss new malware, which is hitting the Web faster and in greater numbers than preventive programmers can cope with.

Results of the tests by NSS Labs showed that security software vendors take an average of two days to block a malicious Web site containing potentially damaging code that attacks any computer visiting it.

Research further confirmed the difficulties security software companies are having keeping up with an explosion in malicious software programs on the Internet, said Jeremy Kirk of International Data Group.

NSS Labs tested security software suites against fresh malware released on the Internet.

The report said, "The magnitude of these findings should be nothing short of an alarming wake-up call for the security industry."

According to the NSS Labs, its independent security software testing produces more accurate results than other organizations that conduct tests after accepting money on behalf of vendors.

One of the NSS tests mimics how average people browse the Web, finding potentially malicious Web sites and then visiting them with a Web browser. They then record how and when, or if at all, security software blocks the threats. The latest test was run 24 hours a day for nine days.

NSS President Rick Moy said in Kirk's report, "We've done testing like the bad guys do. If you're not testing like the bad guys, what's the point? We go out to the live Internet and find out what is circulating on malicious campaigns in real time."

Enterprises are most at threat from fresh customized malware. Securitycompanies share malware samples but, if no company sees or detects the malware, it could quietly circulate and potentially infect machines, stealing data, Moy has said.

(With Inputs from Agencies)