Magento has rolled out a new security scan tool that enables
Magento merchants to regularly monitor their sites and receive
updates regarding known security risks, malware, and
unauthorized access. Security Scan is a free service of Magento
and can be run on any version of Magento Commerce (formerly
Enterprise Edition) and Magento Open Source (formerly Community
Edition).

Merchants will benefit from:

  • Insight into the real-time security status of their Magento
    store and how to fix potential vulnerabilities

  • Over 30 security tests to identify potential
    vulnerabilities, such as missing Magento patches,
    configuration issues, and failure to follow security best
    practices

  • Historical security reports of their Magento sites, so that
    they can track and monitor their progress over time

  • Scan result reports that clearly show which checks the site
    passed and failed and whether further action is required

  • Scheduling of scans for specific, recurring dates/times,
    and/or on-demand

  • Suggested remediation steps for each failed security test

Merchants and their teams, including authorized developers, can
access the new tool directly within their Magento Account. And
it is very easy to set up. 

In the future, we’ll provide regular updates to the scanning
tool as new Magento patches are made available. The scan is
only available for our commerce products today, but we’re
looking to extend security tools to additional Magento
products later.

Our goal is to help merchants deliver the highest level of
security for their Magento sites. They’re customers expect it.