Sansec vs Sucuri
by Team Sansec
Published in Guides
Learn about the differences between Sansec and Sucuri. Both are solid security products, but serve a different audience.
Target audience
Sucuri offers a generic scanner that runs on any platform, while Sansec eComscan is a specialized security monitor for medium to large eCommerce stores. Because eComscan is platform aware, it will alert you to platform-specific vulnerabilities and malware that a generic scanner would miss. Sansec is Adobe partner and Magento security specialist since 2015. Sansec is usually the first to identify a new risk or threat that concerns the Magento platform.
Alerting speed & cluster support
Sansec eComscan runs continously on your store servers, alerting right away in case of an intrusion. The Sucuri scanner is launched periodically from the Sucuri servers, with a scanning interval between 1 to 3 days. Because Sucuri launches the scanner with a request to your front-end, you do not control which server in your auto-scaling cluster is actually getting scanned. In the worst case, some of your servers may not get scanned at all. In addition, because the Sucuri scan runs within the limits of a single HTTP request, it can only scan for 30 seconds which is not enough to cover a whole server. Sansec supports specific and full scanning of file, database, web and application servers.
Signature updates
Sansec discovers new threats around the clock and publishes new threat signatures on a daily basis. Sucuri publishes new signatures one or two times per month.
Vendor security
While Sansec uses cryptographic signing (using hardware keys) to verify legitimate updates. Sucuri pushes unsigned code to your servers.
Scanning depth
Sucuri scans files & database records. Sansec eComscan also monitors background processes, scheduled tasks, eCommerce extensions, database triggers and functions.
Sansec | Sucuri | |
---|---|---|
Audience | ecommerce only | generic |
Application aware | ✔ | ✗ |
Cluster & autoscaling support | ✔ | ✗ |
Vulnerability scanning | ✔ | ✗ |
Extension scanning | ✔ | ✗ |
Process scanning | ✔ | ✗ |
New signatures | daily | bi-weekly |
Alert speed | < hour | < 3 days |
Adobe partner | ✔ | ✗ |
Pricing | Starts at EUR 99/month | Starts at $199/year |
In this article
Easy CSP for your store?
Try Sansec Watch! Free, simple and fully integrated. Get PCI compliant alerting with minimal effort.
Sansec Watch