Back

CAEV-SIM

Script Integrity Monitor

Automates PCI DSS v4.0.1 compliance. Protects your payment pages against Magecart.

PCI DSS v4.0.1 Req 6.4.3 Req 11.6.1 82 Tests Score 95/100

What does CAEV-SIM do?

CAEV-SIM automatically monitors all scripts loaded on your payment pages. It uses Playwright (Chromium) to scan your URLs like a real visitor, captures each script, calculates its SHA-384 fingerprint, and alerts you in real-time if anything changes or an unauthorized script appears.

This is exactly what PCI DSS v4.0.1 requirements 6.4.3 and 11.6.1 demand. Without CAEV-SIM, you would have to do it manually: review every script, document every change, and generate evidence for the auditor. With CAEV-SIM, everything is automatic.

Monitored sites4 (demo)
Detected scripts209 in 90s
PCI Score98%
SRI Coverage95%
Malware patterns20
API Endpoints72
Install time5 minutes
Tests82 automated

Features

SHA-384 Inventory

Unique cryptographic fingerprint per script. Filtering, searching, individual authorization with PCI justification.

Security Headers

CSP, HSTS, X-Frame-Options with score 0-100 per site. PCI 11.6.1 compliance.

Isolated Sandbox

Docker without network, limited memory, read-only. 20 anti-malware patterns.

Intelligence

VirusTotal, Shodan, CISA KEV, APT Groups. All free, correlated with your data.

QSA Reports

Formal document for auditor in 1 click. PDF Executive 360 for management.

Alerts

Email, Slack, Discord, Teams. Workflow: detect, investigate, resolve.

History

Every script change recorded with old hash, new hash, timestamp. Full traceability.

PCI Authorizations

Documented justification per script. Complies with 6.4.3: inventory with owner and purpose.

Daily Backup

Automatic 02:00 UTC. 7-day rotation. No manual intervention.

Benefits

Agentless

Nothing to install on your sites. Scanning is external, like a visitor.

Local data

Everything in your infrastructure. No payment data sent to third parties.

5 minutes

Installation. Docker or VM, your choice. SaaS available.

Documented compliance

QSA report ready for your auditor. Evidence per script.

Anti-Magecart 24/7

Isolated sandbox detects skimming before fraud occurs.

Multi-tenant

One dashboard for all your companies. Selector and whitelist per tenant.

Scalable

Workers horizontally. From 5 to 5000 sites without changes.

Full API

72 documented REST endpoints. Integrates with your ecosystem.

Don't need to comply with PCI DSS?

CAEV-SIM is also for you. Your scripts security shouldn't depend on a regulation.

🛡
Anti-Magecart protection

Digital skimming doesn't care if you have PCI or not. If you process payments, you are a target.

👁
Full visibility

Do you know how many scripts your pages load? Most don't. CAEV-SIM shows you every single one.

🔔
Change alerts

A CDN updates, a script changes without notice. You find out instantly.

📋
Automatic inventory

Log of all scripts on your sites. For development, security, and compliance.

💰
Prevents losses

Magecart costs millions. CAEV-SIM costs less than a single incident.

🚀
Future-ready

If you ever need PCI, you already have months of evidence. Get ahead.

How is it installed?

Docker (ZIP)

300 KB download. ./install.sh. 4 questions. 3 minutes.

VM (OVA)

Import into VirtualBox. Power on. License and credentials. 5 minutes.

New

SaaS (Cloud)

Register, pay with card, access instantly. Nothing to install.

Tech Stack

Python 3.11 FastAPI PostgreSQL 15 Redis 7 Celery Playwright Docker JWT VirusTotal Shodan CISA KEV

Ready to protect your payment pages?

Try Free Demo

Sign up for free, no credit card required