Recently our security experts have been busy overhauling our free external scanning tool. Having done some fine tuning, added a plethora of new scanning capabilities and given it a lick of new paint, it's now ready for the public!
Those of you familiar with our older scanning tool will notice a big difference. The traffic light risk system has been expanded to include a score as well as a new graph so that you can track your results over time (or, have one of our security team email results to you weekly, at no cost). Our scanner is now able to present even more information about Magento based websites, making it - we believe - the most comprehensive Magento malware scanner available. It also checks for valid SSL certificates; if a website isn't 'https' it's flagged as unsafe.
Alongside changes to the initial results, we've also added some handy tabs underneath the results so that you can gain a deeper insight into any potential vulnerabilities the scanner may flag up.
As industry leaders in cybersecurity, we take an active interest in the threat landscape. In a bid to learn more about what the current state of play was for Magento, we put our new scanner to good use. We ran it against 217,946 Magento websites and found that 5% were hacked and harbouring credit card harvesting malware, subsequently leaking cardholder data to third party attackers.