Platform

One platform. Four detection layers. Zero noise.

EcomScan is structured around the four points of compromise that actually matter in ecommerce: the script graph, the filesystem, the checkout flow, and the people responding to alerts. Each layer feeds the next.

Realtime detection

Continuous, not scheduled.

Most scanners run nightly. By the time you read the report, the skimmer has been live for 11 hours. EcomScan watches every script load, every DOM mutation on checkout, and every login — and routes the first signal in seconds.

  • Edge tap collects script-graph events from real customer sessions
  • Synthetic checkout probe runs every 60s from five regions
  • Behavioral classifiers run inline · median detect < 5s
  • Grouped into incidents (one incident · many events · one analyst)
detection.pipelinestreaming
// 04:18:09Z — event accepted from edge tap ingest { source: "edge.tap.eu-west", store: "acmegear.com", route: "/checkout", scripts.diff: { added: 1, hash_changed: 0 } } // 04:18:09.612Z — classify classify { family: "KeepUp.v3", confidence: 0.97 } // 04:18:10.041Z — correlate IOCs across fleet correlate { hits: 2, stores: ["acmegear.com", "northpeak.co"] } // 04:18:10.380Z — incident opened incident { id: "INC-2391", severity: "critical", route: pagerduty }
Incident lifecycle

From signal to remediated, in five steps.

1

Detect

Edge tap + synthetic + integrity diff — three independent signals every minute.

2

Correlate

Events across stores, IPs, scripts and timelines merge into a single incident.

3

Score

Severity, blast radius, customer impact, PCI implication — one number on the timeline.

4

Remediate

Apply a CSP, block an origin, quarantine a file — directly from the incident view.

5

Forensics

Replay the attack timeline, exfil graph, and analyst write-up for retro & audit.

Coverage

Works where your store actually runs.

Adobe Commerce

2.4.x · cloud + on-prem

Magento Open Source

2.3+ · LTS bridge

WooCommerce

8.x · WordPress 6.5+

Shopware

6.5 · 6.6

Shopify

checkout extensions + storefront

BigCommerce

stencil + headless

Headless

Next · Nuxt · Remix · Hydrogen

Custom

server agent + integrity checks
14-day trial · no card

Point us at your storefront. We'll do the rest.

Install the server-side agent or connect a platform connector. Baseline in <5 minutes.

Start free scanTalk to security