Phoenix Security Launches Phoenix Purple: Security That Lives Inside Your Coding Agent, Before the Pull Request

Phoenix Purple launch cover: a glowing knowledge graph structure on a dark navy background, illustrating graph-native AI agent security

LONDON, England (July 7, 2026) — Phoenix Security today launched Phoenix Purple, an engineering-first application security platform. It connects directly to AI coding agents, cuts scanning token cost by 10 to 33 times through graph-native code intelligence, and delivers fixes as pull requests instead of tickets. There’s no CI wiring or onboarding project to set up. Phoenix Purple extends Phoenix Orange, the ASPM platform already running prioritization, deduplication, and code-to-cloud vulnerability management in production at ClearBank, Bazaarvoice, and Ad-Tech Leader.

Agents now write more code than any engineer, or any security engineer, can review. They open pull requests by the minute and pull in dependencies nobody reads. By the time a finding reaches a pull request it’s already too late, and the tooling around it was built for a slower world: file-by-file scanners paying frontier-model rates to read millions of clean lines, then dropping results into tickets that may never reach the developer who can act.

Phoenix Purple starts somewhere else. The knowledge graph does the work, not the frontier model. Because the graph already knows what’s reachable and where untrusted input flows, the model only gets asked the questions worth paying for. That one decision is what moves the cost, the speed, and what security can actually hand back to engineering.

A founder’s note

“Phoenix Purple has been my dream for years. Back when I was leading security engineering, this is the workflow I wanted for my team and couldn’t build: catch the real vulnerability inside the agent, before the pull request, and hand the engineer a fix instead of a ticket. Agents and LLMs finally make it possible. We take millions of findings down to the handful that are true and exploitable, and fix them before a line merges. That’s the dream of every security professional, and it’s what we shipped.”

— Francesco Cipollone, CEO & Co-Founder, Phoenix Security

Engineering-first: security that lives where developers work

The Purplephx integration ships for Cursor, VS Code, Claude Code, and Windsurf. A GitHub App handles pipelineless pull-request scanning: install it, and the next PR gets scanned, with findings surfaced as inline comments that already explain what’s wrong, why it matters, and what the fix is. MCP server integration makes the knowledge graph queryable straight from the coding agent, so it reaches the right answer faster and on far fewer tokens. The same graph that makes scanning cheap makes the agent cheaper to run.

Graph-native scanning: 10–33× lower token cost

A file-by-file harness scans everything. Phoenix scans what matters. The graph gets built once, parsing seven languages and mapping call graphs, taint traces, entry points, and reachable paths. After that, every scan navigates the graph with intent and updates it on each change. On a modeled 1,000-repo fleet at 250,000 lines each, scanned monthly, graph-native scanning ran at $3.60 per confirmed vulnerability against $64.30 for a file-by-file harness on the same frontier model, roughly 87% lower for the same findings. The gap grows as codebases grow: file-by-file cost climbs with every line, while graph-native cost stays tied to real findings. Model your own fleet at ai-scan-cost.phoenix.security.

Pipelineless PR scanning and multi-repo intelligence

Every PR diff is scanned against the graph, including the call-graph neighbors a change touches but doesn’t directly edit. Change a utility function that’s called from an auth path, and it gets evaluated in the context of that auth path. That’s what N+1 contextual pull-request analysis means. Multi-repo intelligence takes it across the estate: a flaw in a shared library gets attributed to every repo that imports it, with reachability judged per repo and findings routed to the team that owns them. One backlog, one burn rate, full attribution.

Fix delivery: remediation as a pull request

Once findings are ranked by real risk (reachability, EPSS, CISA KEV status, weaponization, business context), Phoenix Green writes the fix as a pull request with the threat context already in the description. The engineer approves or requests changes. They don’t investigate, replicate, or write the fix. Risk tiering sets the path: safe changes move fast, moderate ones carry a review flag, and anything breaking or dangerous needs explicit human approval before it can merge. Nothing auto-merges without the right signal, and a person always decides what ships.

One graph, both halves, one program

Phoenix Orange answers what to fix and in what order. It aggregates every scanner into a single queue, strips out unreachable noise, attributes findings to the right team, and connects code-level findings to the cloud service where they run. In production that’s meant a 98% reduction in container vulnerabilities at ClearBank, $6.3M in developer time saved at Bazaarvoice, and a 78% reduction in active container vulnerabilities plus $1.95M saved at IAS. Phoenix Purple covers the other half: keep new vulnerabilities out of the code, then close the loop by shipping the fix. Between them they run the full Agentic SDLC Security program (control the agent, close the tap, burn the backlog), with the knowledge graph as the layer that ties it together.

Availability

Phoenix Purple is available now in general availability.

Details: phoenix.security/phoenix-purple-ai-sast-sca-ai-generated-code.

Control framework: phoenix.security/agentic-sdlc-security-control-framework-three-pillars.

Cost calculator: ai-scan-cost.phoenix.security.

Open-source agent-scaffolding skills: github.com/Security-Phoenix-demo/security-skills-claude-code.

Demo: phoenix.security/request-a-demo.

About Phoenix Security

Phoenix Security is an Actionable ASPM platform that correlates vulnerabilities from code to cloud, turning fragmented findings into a single, prioritized remediation flow. Through reachability analysis, contextual deduplication, and risk-based prioritization, Phoenix helps security and engineering teams cut the noise, fix what counts, and scale without scaling headcount.

Francesco is an internationally renowned public speaker, with multiple interviews in high-profile publications (eg. Forbes), and an author of numerous books and articles, who utilises his platform to evangelize the importance of Cloud security and cutting-edge technologies on a global scale.

Discuss this blog with our community on Slack

Join our AppSec Phoenix community on Slack to discuss this blog and other news with our professional security team

From our Blog

Miasma/Hades variant compromised 23 LeoPlatform npm packages. A planted binding.gyp runs an obfuscated credential stealer under Bun to evade Node tooling. Zero CVE. Rotate now.
Francesco Cipollone
A typosquatted npm dependency called easy-day-js — an exact metadata clone of the legitimate dayjs library — was injected across 144 @mastra packages in an 88-minute automated publishing window, reaching over 1.1 million weekly downloads. The second-stage payload is a cross-platform RAT that installs OS-level persistence on Windows, macOS, and Linux and targets LLM API keys, cloud credentials, and 166 cryptocurrency wallet extensions. No CVE was assigned; every CVE-based scanner was blind during active exploitation.
Sarah Mitchell
Phoenix Security has launched Blue Shield, a behavioural supply chain firewall that blocks malicious packages and AI agent skills at the point of install — across the developer workstation, CI/CD pipeline, and agent session. Built on the Phoenix Blue intelligence backbone, which has tracked 59 campaigns and 657 malicious package versions since June 2024 with zero CVEs assigned during active exploitation, Blue Shield’s free core tier is open today at phxintel.security
Francesco Cipollone
TeamPCP (UNC6780) released Miasma in June 2026: a self-spreading worm that injects itself into the SessionStart hooks of 13 AI coding tools including Claude Code, GitHub Copilot, and Gemini CLI. It forges SLSA provenance signatures to pass npm audit checks, uses GitHub itself as a command-and-control channel, and carries a DEADMAN_SWITCH that wipes developer machines if tokens are revoked before network isolation. Zero CVEs assigned. Every standard scanner returns clean.
Francesco Cipollone
Contents
Derek

Derek Fisher

Head of product security at a global fintech

Derek Fisher – Head of product security at a global fintech. Speaker, instructor, and author in application security.

Derek is an award winning author of a children’s book series in cybersecurity as well as the author of “The Application Security Handbook.” He is a university instructor at Temple University where he teaches software development security to undergraduate and graduate students. He is a speaker on topics in the cybersecurity space and has led teams, large and small, at organizations in the healthcare and financial industries. He has built and matured information security teams as well as implemented organizational information security strategies to reduce the organizations risk.

Derek got his start in the hardware engineering space where he learned about designing circuits and building assemblies for commercial and military applications. He later pursued a computer science degree in order to advance a career in software development. This is where Derek was introduced to cybersecurity and soon caught the bug. He found a mentor to help him grow in cybersecurity and then pursued a graduate degree in the subject.

Since then Derek has worked in the product security space as an architect and leader. He has led teams to deliver more secure software in organizations from multiple industries. His focus has been to raise the security awareness of the engineering organization while maintaining a practice of secure code development, delivery, and operations.

In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.

Jeevan Singh

Jeevan Singh

Founder of Manicode Security

Jeevan Singh is the Director of Security Engineering at Rippling, with a background spanning various Engineering and Security leadership roles over the course of his career. He’s dedicated to the integration of security practices into software development, working to create a security-aware culture within organizations and imparting security best practices to the team.
In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.

James

James Berthoty

Founder of Latio Tech

James Berthoty has over ten years of experience across product and security domains. He founded Latio Tech to help companies find the right security tools for their needs without vendor bias.

christophe

Christophe Parisel

Senior Cloud Security Architect

Senior Cloud Security Architect

Chris

Chris Romeo

Co-Founder
Security Journey

Chris Romeo is a leading voice and thinker in application security, threat modeling, and security champions and the CEO of Devici and General Partner at Kerr Ventures. Chris hosts the award-winning “Application Security Podcast,” “The Security Table,” and “The Threat Modeling Podcast” and is a highly rated industry speaker and trainer, featured at the RSA Conference, the AppSec Village @ DefCon, OWASP Global AppSec, ISC2 Security Congress, InfoSec World and All Day DevOps. Chris founded Security Journey, a security education company, leading to an exit in 2022. Chris was the Chief Security Advocate at Cisco, spreading security knowledge through education and champion programs. Chris has twenty-six years of security experience, holding positions across the gamut, including application security, security engineering, incident response, and various Executive roles. Chris holds the CISSP and CSSLP certifications.

jim

Jim Manico

Founder of Manicode Security

Jim Manico is the founder of Manicode Security, where he trains software developers on secure coding and security engineering. Jim is also the founder of Brakeman Security, Inc. and an investor/advisor for Signal Sciences. He is the author of Iron-Clad Java: Building Secure Web Applications (McGraw-Hill), a frequent speaker on secure software practices, and a member of the JavaOne Rockstar speaker community. Jim is also a volunteer for and former board member of the OWASP foundation.

Join our Mailing list!

Get all the latest news, exclusive deals, and feature updates.

The IKIGAI concept
Protected By
Shield Security PRO