Phoenix Security is now Phoenix Security a transformative Contextual Vulnerability management platform from code to cloud
Phoenix Security’s context-based vulnerability management platform helps clients focus on the 10% of vulnerabilities that matters, from code to cloud.
LONDON, LONDON, ENGLAND, EINPresswire.com/ — LONDON, England (January 10, 2023) – Phoenix Security is excited to announce that it has rebranded from Phoenix Security, reflecting the evolution of its smart software security platform.
Initially launched in September 2022 as a solution for appsec and cloudsec, Phoenix Security has since evolved into a complete endpoint management platform that identifies vulnerabilities from code to cloud and prioritizes them for resolution. The platform also provides traceability for user fixing, helping clients optimize their use of security professionals and streamline their vulnerability management process.
Phoenix Security is on a mission to prevent burnout, contextualize vulnerabilities, and help security professionals and developers act on the risks and vulnerabilities that matter most. The company was established to provide an effective all-in-one security solution for application developers and businesses, and its platform connects to repositories, scanners, and the cloud to provide a prioritized list of vulnerabilities that need to be addressed first. The rebranding to Phoenix Security reflects the expanded capabilities of the platform and aligns with the company’s philosophy of cyber risk quantification, risk-driven action, and vulnerability prioritization.
I’ve chosen phoenix as a name and a symbol of reborn, the choice was right as we evolve from application security, and cloud contextualization in full stack vulnerability prioritizing platform”
Francesco Cipollone
The decision to rebrand was made as the company approaches the end of its second year and prepares for the launch of V3, which introduces new features that enhance team visibility and streamline vulnerability management even further. “We initially chose the phoenix as a symbol of renewal and rebirth, and as our platform has evolved, we felt it was appropriate to evolve the name as well,”
Said Francesco Cipollone, the founder of Phoenix Security. “We believe in the power of community, so we asked our supporters to help us choose a new name that reflects the capabilities of our platform. The overwhelming response was in favour of Phoenix Security, and we are thrilled to adopt this new identity.” Discover how Phoenix Security helps CISOs and developers remove friction and maximize the use of DevSecOps professionals at Phoenix Security
Get in control of your Application Security posture and Vulnerability management
Phoenix Security risk based vulnerability management for application and cloud security
Phoenix Security was established to provide an effective all-in-one security solution for application developers and businesses. Phoenix helps start-ups and enterprises solve complex software security supply chain visibility by averaging the power of Correlation and contextualisation. Phoenix Platform connects to your repositories, scanners, and cloud correlates all the information and provides you with a prioritised list of vulnerability that needs to be addressed first. Discover how Phoenix Security helps CISOs and developers remove friction and maximise the use of DevSecOps professionals at https://phoenix.security Phoenix Security, Correlate, contextualise and act on risk with one click.
Francesco is an internationally renowned public speaker, with multiple interviews in high-profile publications (eg. Forbes), and an author of numerous books and articles, who utilises his platform to evangelize the importance of Cloud security and cutting-edge technologies on a global scale.
Francesco is an internationally renowned public speaker, with multiple interviews in high-profile publications (eg. Forbes), and an author of numerous books and articles, who utilises his platform to evangelize the importance of Cloud security and cutting-edge technologies on a global scale.
The journey of securing an organization’s application landscape varies dramatically, depending on where a company stands in its maturity. Early-stage startups with small security teams face challenges not only with vulnerabilities but also with scaling their security processes in line with their growth. On the flip side, established enterprises struggle with managing complex environments, prioritizing remediation, and dealing with vast amounts of vulnerabilities while staying ahead of sophisticated threats.
For startups, the focus is clear—establish visibility and ensure core security practices are in place. Application Security Posture Management (ASPM) tools provide a straightforward, automated approach to detecting vulnerabilities and enforcing policies. These solutions help reduce risk quickly without overburdening small security teams.
Mature organizations, on the other hand, are tackling a different set of problems. With the sheer number of vulnerabilities and an increasingly complicated threat landscape, enterprises need to fine-tune their approach. The goal shifts toward intelligent remediation, leveraging real-time threat intelligence and advanced risk prioritization. ASPM tools at this stage do more than just detect vulnerabilities—they provide context, enable proactive decision-making, and streamline the entire remediation process.
The emergence of AI-assisted code generation has further complicated security in both environments. These tools, while speeding up development, are often responsible for introducing new vulnerabilities into applications at a faster pace than traditional methods. The challenge is clear: AI-generated code can hide flaws that are difficult to catch in the rush of innovation. Both startups and enterprises need to adjust their security posture to account for these new risks. ASPM platforms, like Phoenix Security, provide automated scanning of code before it hits production, ensuring that flaws don’t make it past the first line of defense.
Meanwhile, organizations are also grappling with the backlog crisis in the National Vulnerability Database (NVD). A staggering number of CVEs remain unprocessed, leaving many businesses with limited data on which to base their patching decisions. While these delays leave companies vulnerable, Phoenix Security steps in by cross-referencing CVE data with known exploits and live threat intelligence, helping organizations stay ahead despite the lag in official vulnerability reporting.
Whether just starting their security program or managing a complex infrastructure, organizations need a toolset that adapts with them. Phoenix Security enables businesses of any size to prioritize vulnerabilities based on actual risk, not just theoretical impact, helping security teams navigate the evolving threat landscape with speed and accuracy.
The cybersecurity world is reeling as MITRE’s funding for the CVE and NVD systems expires, disrupting the backbone of global vulnerability management. As traditional sources like the National Vulnerability Database collapse under funding cuts and submission backlogs, security teams face delays, incomplete data, and loss of automation in remediation pipelines. This isn’t just a data problem—it’s a structural crisis for application security and vulnerability correlation.
In this landscape of uncertainty, Phoenix Security’s ASPM platform steps up with a code-to-cloud correlation engine that doesn’t depend on outdated data workflows. By connecting code-level insights (including tools like Semgrep) to runtime and cloud environments, Phoenix enables faster, context-aware vulnerability remediation—even as NVD and CVE pipelines deteriorate. This article dives into the implications of the CVE shutdown and how Phoenix Security is helping security and development teams transition to a resilient, correlation-first approach to cybersecurity.
Learn how to predict ransomware risks and vulnerability exploitation using a threat-centric approach. Explore data-driven insights, verified exploit trends, and methods for assessing the likelihood of attacks with key references to CISA KEV, EPSS, and Phoenix Security’s 4D Risk Formula.
Remote Code Execution flaws continue to undermine Kubernetes ingress integrity. IngressNightmare (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974) showcases severe threat vectors in NGINX-based proxies, leading to cluster-wide exposure. ASPM, robust remediation tactics, and strong application security solutions—like Phoenix Security—mitigate these vulnerabilities before ransomware groups exploit them.
Remote Code Execution flaws continue to undermine Kubernetes ingress integrity. IngressNightmare (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974) showcases severe threat vectors in NGINX-based proxies, leading to cluster-wide exposure. ASPM, robust remediation tactics, and strong application security solutions—like Phoenix Security—mitigate these vulnerabilities before ransomware groups exploit them.
The recent Google acquisition of Wiz for $32 billion has sent shockwaves through the cybersecurity industry, particularly in the realm of Application Security Posture Management (ASPM). This monumental deal highlights the critical importance of cloud security and the growing demand for robust ASPM solutions. While the acquisition promises potential benefits for Google Cloud users, it also raises concerns about vendor lock-in and the future of cloud-agnostic security. Explore the implications of this acquisition and discover how neutral ASPM solutions like Phoenix Security can bridge the gap in multi-cloud environments, ensuring continuous, collaborative, and comprehensive security from code to cloud.”
– Find Assets/Vulns by Scanner
– Detailed findings Location information
Risk-based Posture Management
– Risk and Risk Magnitude for Assets
– Filter assets and vulnerabilities by source scanner
Integrations
– BurpSuite XML Import
– Assessment Import API
Other Improvements
– Improved multi-selection in filters
– New CVSS Score column in Vulnerabilities
