Get started in 5 minutes!

Sansec eComscan
will save you
(time and money)!

With eComscan, eCommerce stores save 8 to 20 hours during the critical incident response stage of a hack.

Your company is under attack. Customers have reported blocked credit cards. Google has blocked your advertisements. You have found suspicious code in the checkout. What else has been tampered with? And how did they get in?

Use our flagship product eComscan to quickly examine a store for malware, vulnerabilities and unauthorized accounts. eComscan supports all popular platforms (like Magento) and will scan files, databases and 3rd party components. On average, eComscan saves a technical team 8 to 20 hours of work during the critical incident response stage.

Pricing & specs

How does it work?

eComscan is fed 24/7 with threat intelligence from multiple sources. Because our research focuses exclusively on eCommerce fraud, we are usually weeks ahead in detecting the latest attack vectors.

How it works

Features include

Powerful threat intelligence

Our research team analyses 200 to 300 eCommerce hacks per week. This produces a valuable stream of attack vectors and IOCs, which is continuously fed into eComscan.

47% of our threat intel has not been discovered by other security firms, which is why many forensic investigators use our data.

Server-side monitoring

Merchants use eComscan to monitor their full store surface: from files & database triggers to rogue admin accounts and platform components.

Flexible reporting & integration

eComscan can alert you via multiple channels and formats. Email, Slack, phone, CSV, JSON. Integration with your existing monitoring solution is a breeze.

Vulnerability tracking & detection

A popular eCommerce attack vector are 3rd party extensions, which are costly to keep up to date. eComscan will alert you to those with 0day bugs. Discover weak spots in your defense, before others do.

Sansec report
Sansec report

eComscan reporting

Typically, eComscan is run in monitoring mode and will only alert you to relevant changes. When issues are found, it will log relevant meta data such as modification timestamps. And provide you with next-step instructions. See a sample report here.

Sansec report

Activate your team via Slack

As most technical workflow is heavily integrated with Slack, you can easily hook eComscan up to your dev Slack channel and alert the right people without delay.

Sansec report

How Sansec eComscan tracks latest threats

Forensic analysis

Our experts are often “first at the scene”, hired by high profile victims for digital forensics and incident response. This uncovers new methodologies and fraud networks on a weekly basis. Our investigators were the first to publish about eCommerce skimming back in 2015.

Static Analysis

More than two hundred thousands stores are analyzed for malicious content and activity around the clock. This produces valuable insight in new threats.

Honeypot network

We run a network of honeypot (“bait”) webshops that produce valuable insight in the attacker TTPs (tactics, techniques and procedures). The latest signatures are distributed in real time to all of our clients.

Behavioral analysis

We work with ISPs, banks, Magento agencies and law enforcement to quickly disseminate attack methods when they are first spotted.

Security community

We receive many (anonymous) tips from fellow security companies or developers.

Historical analysis

We crawl and store historical copies of stores around the world. The data is then used for delta analysis to identify suspicious additions.

Extensions

Our open source initiative MageVulnDB is the authoritative source on third party vulnerabilities in Magento extensions. Developers and merchants across the globe maintain this database, which registers whether a Magento extension is safe to use.

Heuristic engine

Automated behavioral analysis of stores (“simulating real customers”) often yields new attack methods.

Secure your store.
Install eComscan in 5 minutes.

Pricing and specification