The Mage Security Council promotes and facilitates secure Magento stores globally.


The Council's primary objective is to increase Magento's market share. The best way to do that is to improve the experience merchants have with Magento. Attacks on e-commerce have become more numerous and sophisticated in recent years, and so the complexity of counter measures has increased. This requires collaborative effort.


The Council is a joint effort of specialized Magento hosting providers, who recognized the growing security needs of Magento merchants and agencies. The Council is a non-profit iniative and welcomes new members who actively contribute to the Magento brand and the improved security of the ecosystem.


Members of the Council collaborate on mitigation research and produce practical security tools for the benefit of the community. Specific tasks include:

  • Educate the community on the relevance of security and best practices.
  • Empower merchants to improve the security of their store, by providing tools for front and back-end scanning
  • Maintain up to date malware signatures. Once new malware is conceived, it can be eradicated promptly.
  • Maintain a normalized list of security vulnerabilities. This allows site maintainers to quickly gauge whether they are running outdated extensions.
  • Resolve compromised sites globally by contacting authorities, network and system administrators.
Follow us on twitter @mage_sec for the latest Magento security news. Contribute to the magesec.org website on github magesec/magesec.