Introducing the New Magento Security Scan Tool

October 25, 2017

By: John Steer,
Author Title: 
Chief of Product Security
, Magento Commerce

Magento has rolled out a new security scan tool that enables Magento merchants to regularly monitor their sites and receive updates regarding known security risks, malware, and unauthorized access. Security Scan is a free service of Magento and can be run on any version of Magento Commerce (formerly Enterprise Edition) and Magento Open Source (formerly Community Edition).

Merchants will benefit from:

  • Insight into the real-time security status of their Magento store and how to fix potential vulnerabilities

  • Over 30 security tests to identify potential vulnerabilities, such as missing Magento patches, configuration issues, and failure to follow security best practices

  • Historical security reports of their Magento sites, so that they can track and monitor their progress over time

  • Scan result reports that clearly show which checks the site passed and failed and whether further action is required

  • Scheduling of scans for specific, recurring dates/times, and/or on-demand

  • Suggested remediation steps for each failed security test

Merchants and their teams, including authorized developers, can access the new tool directly within their Magento Account. And it is very easy to set up. 

In the future, we’ll provide regular updates to the scanning tool as new Magento patches are made available. The scan is only available for our commerce products today, but we’re looking to extend security tools to additional Magento products later.

Our goal is to help merchants deliver the highest level of security for their Magento sites. Their customers expect it.