Magento Security Scan has received a series of enhancements as part of Adobe’s strategy to help Magento Commerce and Magento Open Source merchants increase security for storefronts. The Magento Security Scan tool is free to use for any Magento Commerce customer, including developers and agencies. Merchants can register websites to use the tool, accessed by logging into their Magento accounts and choosing Security Scan.
Partnership with Sansec
Adobe has partnered with Sansec to help facilitate these enhancements. Sansec research is focused exclusively on ecommerce fraud, and is usually weeks ahead in detecting the latest sources of vulnerabilities, attack vectors and IOCs (47% of Sansec threat data has not been discovered by other security firms).
By partnering with Sansec, Adobe will be adding about 9,000 malware and vulnerability signatures to Magento Security Scan, all of which have undergone a multistage testing and validation process before being added to the scan tool. This data is continuously fed as threat signatures into the enhanced Magento Security Scan tool, leading to approximately 300 new signatures added monthly.
Magento Hosting Security
Magento Security Scan helps merchants identify:
- Potential malware and vulnerabilities
- Out-of-date security patches
- Potentially vulnerable extensions
- Digital skimming injections
- Security misconfigurations
The new tool enhancements:
- Real-time insights into the security status of the Magento store
- Suggested best practices to assist in fixing issues
- Over 17,000 security tests to help identify potential malware
- Access to historical security reports of a merchant’s Magento sites to track progress
- Access to the scan report that shows successful and failed checks