AppSec Phoenix Selected for Prestigious Cyber Runway Grow Programme

The cybersecurity start-up is one of a few UK companies selected for its unique cyber offerings and business promise and is the only company in risk and vulnerability management

LONDON, England (17 November 2021)—AppSec Phoenix, an innovative risk-based vulnerability management software, has announced its selection into the Cyber Runway Grow innovation programme offered by Plexal. AppSec Phoenix has been selected as one of the fewer than ten cyber innovators to participate in this prestigious opportunity.

Plexal is the innovation company that supports cyber startups through programmes like NCSC For Startups and LORCA: an accelerator that helped 72 startups raise over £200m and earn over £37m in revenue. 

Plexal runs the Cyber Runway innovation programme for which AppSec Phoenix was selected. The programme is funded by the Department for Digital, Culture, Media and Sport (DCMS) and supported by Deloitte, CyLon and the Centre for Secure Information Technologies.

Recipients are chosen through a highly competitive application process. Cyber companies must be able to demonstrate how their solutions are different from competitors, the sustainability of their business model, the capacity for their teams to grow, their ability to be coached to success, and a commitment to diversity.

Fewer than ten up-and-coming cyber firms were selected to participate in the Cyber Runway Grow programme. As a participant, AppSec Phoenix will benefit from collaborations and guidance from the cyber industry and governmental experts who will help the company tackle barriers to growth, increase investment, and access vital support to scale its businesses to the next level.

According to the DCMS, groups that participate in growth accelerators like Cyber Runway triple their revenues on average.

AppSec Phoenix partners with several notable organizations and companies to protect them against security threats. In alignment with the National Cyber Security Centre’s (NCSC)

efforts, the cybersecurity start-up is helping to make the UK a safer place to live and work online.

“AppSec Phoenix is doing exciting work when it comes to helping companies detect and remove application vulnerabilities in the software supply chain,” said Saj Huq, director of innovation at Plexal. “With every organisation big and small embracing digital transformation, software security and cloud security are priorities. We’re looking forward to working with the team and helping them scale the business”

“We are honoured to be selected as part of this exclusive cohort featuring tech’s most exciting start-ups,” sad Francesco Cipollone, CEO and founder of AppSec Phoenix. “We are proud to represent British innovation and protect businesses worldwide. We are aiding NCSC by protecting businesses and enabling them to act fast on their vulnerabilities. Our motto is “fix today the vulnerabilities that will be exploited tomorrow,” and we live and breathe by that.”

To learn more about AppSec Phoenix, visit https://www.phoenix.security/.

About AppSec Phoenix

AppSec Phoenix was established to provide an effective all-in-one security solution for application developers and businesses. With our easy-use platform, we’ve simplified a notoriously complex problem faced by many companies, small and large, working in the finance field and beyond. Learn more by visiting https://www.phoenix.security/.

Francesco is an internationally renowned public speaker, with multiple interviews in high-profile publications (eg. Forbes), and an author of numerous books and articles, who utilises his platform to evangelize the importance of Cloud security and cutting-edge technologies on a global scale.

Discuss this blog with our community on Slack

Join our AppSec Phoenix community on Slack to discuss this blog and other news with our professional security team

From our Blog

Are never-ending critical alerts leaving you scrambling? Explore how reachability analysis identifies vulnerabilities that truly matter, saving your teams from needless patch frenzies. This session, hosted by the OWASP NYC Chapter, uncovers the latest insights in ASPM, remediation techniques, and application security best practices. Attendees learn how to streamline vulnerability management through practical examples, advanced risk scoring, and live demonstrations of container-based architectures. Expect lively discussions, real-world success stories, and expert tips on targeting only the exploitable weaknesses—rather than chasing every single alert in your backlog.
Francesco Cipollone
The cybersecurity landscape is evolving rapidly, demanding a threat-centric, risk-based approach to vulnerability management. With the U.S. favoring voluntary guidelines and Europe enforcing stricter regulations, organizations must navigate compliance while focusing on real exploitability over CVE volume. This blog delves into ASPM, cloud security, and regulatory intelligence, exploring how businesses can move beyond the traditional patch-and-pray model to address root cause vulnerabilities before they become critical risks.
Francesco Cipollone
Enhance your vulnerability management with Application Security Posture Management (ASPM) and reachability analysis. Discover how ASPM helps prioritize exploitable vulnerabilities, reduce security noise, and improve risk management. Learn about advanced techniques like code and container reachability, contextual deduplication, and Phoenix Security’s cutting-edge solutions for smarter, more effective application security.
Francesco Cipollone
The 2024 CWE Top 25 is out, and it’s no casual stroll through the vulnerability garden—especially when ransomware operators are busy planting path traversal exploits, while bug bounty hunters dig up endless injection flaws. In this blog, we examine the biggest risers, the most surprising dips, and the divergence between real-world exploit data and official CWE rankings. We’ll also reveal how AI-driven ASPM (Application Security Posture Management) and Phoenix Security’s contextual risk-based approach unite to help you focus on your most pressing threats. After all, not all flaws are created equal—some are simply more mischievous than others.
Francesco Cipollone
The 2024 CWE Top 25 list highlights the most dangerous software weaknesses. This article explores the methodology behind the list and how AI is improving threat detection. Discover how Application Security Posture Management (ASPM) and unified vulnerability management can help organizations address these critical threats.
Francesco Cipollone
Phoenix Security kicks off 2025 with recognition from Gartner Digital Markets through GetApp, solidifying its position as a leader in Application Security Posture Management (ASPM). Recognised for best customer success and support in ASPM, Phoenix Security empowers organisations with comprehensive, contextual vulnerability management and actionable cybersecurity solutions. With a user-friendly interface, robust real-time monitoring, and seamless risk prioritisation, the platform reduces alert fatigue while delivering precise remediation. As a cloud security leader, Phoenix Security continues to innovate, partnering with enterprises like LastPass and ClearBank to tackle the modern cybersecurity landscape head-on.
Francesco Cipollone
Derek

Derek Fisher

Head of product security at a global fintech

Derek Fisher – Head of product security at a global fintech. Speaker, instructor, and author in application security.

Derek is an award winning author of a children’s book series in cybersecurity as well as the author of “The Application Security Handbook.” He is a university instructor at Temple University where he teaches software development security to undergraduate and graduate students. He is a speaker on topics in the cybersecurity space and has led teams, large and small, at organizations in the healthcare and financial industries. He has built and matured information security teams as well as implemented organizational information security strategies to reduce the organizations risk.

Derek got his start in the hardware engineering space where he learned about designing circuits and building assemblies for commercial and military applications. He later pursued a computer science degree in order to advance a career in software development. This is where Derek was introduced to cybersecurity and soon caught the bug. He found a mentor to help him grow in cybersecurity and then pursued a graduate degree in the subject.

Since then Derek has worked in the product security space as an architect and leader. He has led teams to deliver more secure software in organizations from multiple industries. His focus has been to raise the security awareness of the engineering organization while maintaining a practice of secure code development, delivery, and operations.

In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.

Jeevan Singh

Jeevan Singh

Founder of Manicode Security

Jeevan Singh is the Director of Security Engineering at Rippling, with a background spanning various Engineering and Security leadership roles over the course of his career. He’s dedicated to the integration of security practices into software development, working to create a security-aware culture within organizations and imparting security best practices to the team.
In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.

James

James Berthoty

Founder of Latio Tech

James Berthoty has over ten years of experience across product and security domains. He founded Latio Tech to help companies find the right security tools for their needs without vendor bias.

christophe

Christophe Parisel

Senior Cloud Security Architect

Senior Cloud Security Architect

Chris

Chris Romeo

Co-Founder
Security Journey

Chris Romeo is a leading voice and thinker in application security, threat modeling, and security champions and the CEO of Devici and General Partner at Kerr Ventures. Chris hosts the award-winning “Application Security Podcast,” “The Security Table,” and “The Threat Modeling Podcast” and is a highly rated industry speaker and trainer, featured at the RSA Conference, the AppSec Village @ DefCon, OWASP Global AppSec, ISC2 Security Congress, InfoSec World and All Day DevOps. Chris founded Security Journey, a security education company, leading to an exit in 2022. Chris was the Chief Security Advocate at Cisco, spreading security knowledge through education and champion programs. Chris has twenty-six years of security experience, holding positions across the gamut, including application security, security engineering, incident response, and various Executive roles. Chris holds the CISSP and CSSLP certifications.

jim

Jim Manico

Founder of Manicode Security

Jim Manico is the founder of Manicode Security, where he trains software developers on secure coding and security engineering. Jim is also the founder of Brakeman Security, Inc. and an investor/advisor for Signal Sciences. He is the author of Iron-Clad Java: Building Secure Web Applications (McGraw-Hill), a frequent speaker on secure software practices, and a member of the JavaOne Rockstar speaker community. Jim is also a volunteer for and former board member of the OWASP foundation.

Join our Mailing list!

Get all the latest news, exclusive deals, and feature updates.

The IKIGAI concept
x  Powerful Protection for WordPress, from Shield Security
This Site Is Protected By
ShieldPRO