Learn about the differences between Sansec and Sucuri. Both are solid security products, but serve a different audience.
Target audience
Sucuri offers a generic scanner that runs on any platform, while Sansec eComscan is a specialized security monitor for medium to large eCommerce stores. Because eComscan is platform aware, it will alert you to platform-specific vulnerabilities and malware that a generic scanner would miss. Sansec is Adobe partner and Magento security specialist since 2015. Sansec is usually the first to identify a new risk or threat that concerns the Magento platform.
Alerting speed & cluster support
Sansec eComscan runs continously on your store servers, alerting right away in case of an intrusion. The Sucuri scanner is launched periodically from the Sucuri servers, with a scanning interval of up to 3 days. Because Sucuri launches the scanner with a request to your front-end, you do not control which server in your auto-scaling cluster is actually getting scanned. In the worst case, some of your servers may not get scanned at all. Sansec supports specific scanning of file, database, web and application servers.
Vendor security
Both solutions are frequently updated to accommodate new threats. Sansec uses cryptographic signing to verify legitimate updates. Sucuri pushes unsigned code to your servers.
Scanning depth
Sucuri scans files & database records. Sansec eComscan also monitors background processes, scheduled tasks, eCommerce extensions, database triggers and functions.
| Sansec | Sucuri | |
|---|---|---|
| Audience | ecommerce only | generic |
| Application aware | ✔ | ✗ |
| Cluster & autoscaling support | ✔ | ✗ |
| Vulnerability scanning | ✔ | ✗ |
| Extension scanning | ✔ | ✗ |
| Process scanning | ✔ | ✗ |
| Alert speed | < hour | < 3 days |
| Adobe partner | ✔ | ✗ |
| Pricing | Starts at EUR 99/month | Starts at $199/year |
This page was last updated at Feb 23rd, 2022