See the general instructions for running ecomscan for the first time.
Magento Cloud has read-only storage, which is good practice from a security perspective. However, since eComscan uses auto-update to always have the latest detection capabilities, eComscan needs to be installed on a writable partition of your server.
For Magento Cloud, there is a writable section under /mnt/shared/. You can use this to install eComscan:
mkdir -p /mnt/shared/$USER/sansec
curl -sL https://mageintel.com/ecomscan/ecomscan-linux_amd64.gz |gzip -d> /mnt/shared/$USER/sansec/ecomscan
chmod 755 /mnt/shared/$USER/sansec/ecomscan
To set up continuous monitoring, you should request special CRON access with Magento here: https://cloud.magento.com/project/<id>/setup/project_details

Once that is enabled, you can install a cron in your repository, as described here:
https://devdocs.magento.com/guides/v2.3/cloud/configure/setup-cron-jobs.html
Magento Cloud monitoring recommendations
We recommend to:
- Install ecomscan on the first node of your production environment.
- Run a daily scan for all files (path:
/app/$USER
). For a large store, this scan may take up to an hour. - Run an hourly scan for your database assets (path:
/app/$USER/app/etc/env.php
). Because only selected tables are scanned, this scan is completely unobtrusive.
This page was last updated at Oct 2nd, 2020