Menu
Feedback
Start here
Tutorials
Developer portal

Known Issues
Support Rules
Troubleshooting

Frequently Asked Questions
Announcements
News
Announcements
New process for security testing
Photo of the author
PedroAntunesCosta
Published on 9/5/2023
Last update on 9/5/2023

VTEX periodically performs vulnerability checks through recurring scanning and penetration tests (pen tests). These procedures allow us to evaluate the level of security maturity of our platform.

If necessary, you can run a penetration test on your own — provided you are authorized by VTEX — and report any vulnerabilities found. To assist with this, the VTEX Security team has updated the procedure merchants should follow to perform a penetration test in their store environment.

What has changed?

In summary, the new process for running penetration tests consists of:

  1. Submit a request to schedule a test through VTEX Support.
  2. Review and sign the confidentiality agreement before running any tests.
  3. Once the test is complete, share the results with the VTEX Security team.

For more detailed information on this procedure, see the Penetration tests and vulnerability notifications guide.

Why did we make this change?

We have updated the penetration testing procedure to ensure the platform is secure and checks are run securely, preventing unauthorized procedures and actions that could harm our customers.

Was this helpful?
Yes
No
Suggest Edits (GitHub)
On this page
Still got questions?
Ask the community
Find solutions and share ideas in the VTEX community.
Join our community
Request support from VTEX
For personalized assistance, contact our experts.
Open a support ticket
GithubDeveloper portalCommunityFeedback