Magebean Logo Magebean

Magento Security Services:
Baseline Assessment & Weekly Drift Monitoring

Start with a baseline assessment (fixed scope), then move into weekly monitoring (subscription).

Magebean-CLI is open-source and free to use. If you want more than “a scan result” — if you want a reliable security lane that stays consistent over time — these services turn baseline outputs into decisions, automation, and continuity.

Pricing shown per store.
One-off

Baseline Assessment (Continuity)

A “known good” reference point that shows what’s out of alignment today, what matters most, and what to fix first — with clear verification criteria.

$499
  • A structured findings report (HTML + JSON artifacts available).
  • A prioritized action plan (Critical / High / Medium / Low).
  • Ticket-ready remediation items with verification criteria.
  • A baseline snapshot you can compare against in the future.
Turnaround
3–5 business days (depending on access readiness).
Subscription

Weekly Drift Monitoring (Continuity)

Weekly monitoring keeps your system in order by detecting meaningful changes early — before they become incidents.

$399/mo
  • A drift report: what changed since last run.
  • Severity-based highlights: what needs attention now vs later.
  • A short recommended action list (clear next steps).
  • Optional monthly summary (trend + recurring issues).
Critical alert policy
Critical items are flagged during business hours. Monitoring does not include 24/7 SOC coverage.
One-time Add-on

Implementation Setup (Automation)

Turn example workflows into a reliable, working automation in your pipeline. This is the bridge between “free tool” and “operational baseline”.

  • CI/CD gate (PR / Release): store artifacts and fail builds on policy thresholds.
  • Weekly scheduled run: automated cadence with notifications.
  • Traceability & maintenance: runbook, upgrades, and least-privilege guidance.
View Implementation Workflows

What we assess & monitor

We assess your Magento store across Magebean’s 12 Controls. This is a fixed-scope baseline designed to establish posture, surface the hottest risks, and produce a prioritized action plan.

Download the Baseline v1 Assessment (PDF)
MB-C01 — File & Folder Permissions

Sensitive file exposure, ownership/mode hygiene, and risky write paths.

MB-C02 — Admin Hardening

2FA, admin path hygiene, account/role review, and attack surface reduction.

MB-C03 — Secure Coding Practices

High-risk custom code patterns: input handling, authz, and unsafe execution paths.

MB-C04 — HTTPS & TLS Enforcement

TLS configuration baseline, redirects, mixed content, and admin/session transport.

MB-C05 — Production Mode & Deployment Hygiene

Production settings, secret handling, deploy artifacts, and configuration drift risks.

MB-C06 — Cache & Indexing Health

Cache/index states that can mask issues, break flows, or increase operational risk.

MB-C07 — Logging & Monitoring

Auditability baseline: logs, retention, alertable events, and anomaly signals.

MB-C08 — Cron Job Reliability

Cron execution health, missed-job indicators, and silent failure patterns.

MB-C09 — Extension Vulnerability Management

Module versions, vendor support status, and known advisory exposure (when available).

MB-C10 — Abandoned Extensions Removal

Identify dead/unused modules that expand attack surface and block upgrades.

MB-C11 — Composer Dependency Hygiene

Dependency risk signals, patch posture, and high-risk libraries (composer-based stores).

MB-C12 — Third-party Config Security

Integrations and external services: keys, permissions, and configuration hygiene.

We summarize the posture, highlight the hottest risks, and provide a ticket-ready action plan with verification criteria.

Sample Health Check Report Sample Weekly Report

Annual plan

Prepay for 12 months and get the baseline included. Best for teams that want steady drift monitoring with a clear continuity starting point.

Weekly Drift Monitoring (Annual Prepay)

Baseline-driven monitoring delivered weekly: what changed, what matters, and what to do next.

  • Baseline Assessment (Continuity) included at no extra cost (normally $499)
  • Baseline completed within the first 30 days
  • One store / one production environment
$4,788
($399 × 12 months)
Notes
  • Annual plans are prepaid and typically non-refundable.
  • Remediation work and incident response are not included (available as a separate sprint).

For Magento agencies

White-label delivery is available for agencies.

  • White-label HTML/PDF report delivery
  • Agency bundles for multiple stores
Contact: support@magebean.com

We’ll confirm scope and share a read-only access checklist. After payment, we’ll request credentials via a secure channel.