Release Note: Azure Integration Defender, Endpoint Devops

Version: 3.0.0

Release Date: 1 November

Knowledge Base: API Integration Phoenix Security

---

🌟 Why This Is a Game-Changer:
We’re ecstatic to announce that Phoenix Security now supports 150+ integrations in our latest release! This milestone empowers organizations to ingest vulnerability reports from virtually everywhere—be it open-source or commercial scanners.

🔐 Enterprise-Grade Reporting with Open Source Flexibility:
Leverage Phoenix Security’s advanced integrations and threat intelligence to transform even open-source scanner data into enterprise-grade vulnerability management reports.

🛡️ Threat Intelligence-Driven Vulnerability Management:
Our platform uses cutting-edge threat intelligence to prioritize and manage vulnerabilities effectively, ensuring your application security is always a step ahead.

---

🌟 Key Highlights:

🔹 Universal Ingestion:

• Ingest vulnerability reports from any scanner, open-source or commercial.

🔹 Threat Intelligence:

• Leverage real-time threat intelligence from Phoenix Security for smarter vulnerability management.

🔹 Application Security:

• Ensure the security of your applications through our comprehensive integrations.

🔹 Enterprise-Grade Platform:

• Benefit from robust reporting and analytics, irrespective of the scanner used open source or not

KB:

• Rest API Overview

• Rest API Authentication

• Importing Vulnerability with rest API

---

🔍 Top 25 Most Popular Scanners Supported:

1. Rapid7
2. Aqua
3. Thrive
4. ZAP
5. Checkmarx
6. Acunetix 360 Scanner
7. Anchore Enterprise Policy Check
8. AppSpider (Rapid7)
9. Arachni Scanner
10. AuditJS (OSSIndex)
11. AWS Prowler Scanner
12. AWS Security Hub
13. Azure Security Center Recommendations Scan
14. Bandit
15. Blackduck Hub
16. Brakeman Scan
17. Bugcrowd
18. Bundler-Audit
19. Burp Enterprise Scan
20. Burp GraphQL
21. Burp REST API
22. CargoAudit Scan
23. Checkov Report
24. Clair Klar Scan
25. Cloudsploit (AquaSecurity)

---

🔗 Learn More:
For a complete list of our 150+ integrations and how to make the most of them, visit our Knowledge Base.

---

📞 Support:
Need assistance? Contact our support team at support at phoenix.security.

---

Full List of Integration:

Web Application Scanners

Acunetix 360 Scanner (API + Native Integration)

Acunetix Scanner (API + Native Integration)

AppSpider (Rapid7) – (API + Native Integration)

Arachni Scanner

Burp Enterprise Scan

Burp GraphQL (API + Native Integration)

Burp REST API (API + Native Integration)

Burp XML (API + Native Integration)

Netsparker

Nikto

Wapiti Scan

Zed Attack Proxy (API + Native Integration + Orchestration)

Static Application Security Testing (SAST)

Brakeman Scan

Checkmarx (API + Native Integration)

Codechecker Report native

CodeQL (API + Native Integration)

Coverity API

DawnScanner

ESLint

Fortify (API + Native Integration)

GitLab SAST Report

PMD Scan

Rubocop Scan

SonarQube (API + Native Integration)

Semgrep JSON Report

Visual Code Grepper (VCG)

Xanitizer

SARIF

Veracode (API + Native Integration)

Software Composition Analysis (SCA)

Anchore Enterprise Policy Check

Anchore Grype

Anchore-Engine

AnchoreCTL Policies Report

AnchoreCTL Vuln Report

AuditJS (OSSIndex)

Blackduck Component Risk

Blackduck Hub

Bundler-Audit

CargoAudit Scan

Dependency Check

Dependency Track

Ggshield

Github Vulnerability

GitLab Dependency Scanning Report

npm Audit

OSSIndex Devaudit

Retire.js

Snyk (API + Native Integration)

Sonatype (API + Native Integration)

Whitesource Scan (API + Native Integration)

Yarn Audit

Mend (API + Native Integration)

JFrog Xray API Summary Artifact Scan

JFrog XRay Unified

JFrogXRay

WhiteHat Sentinel (API + Native Integration)

Dynamic Application Security Testing (DAST)

IBM AppScan DAST

Microfocus Webinspect Scanner

Netsparker (DAST)

Qualys Webapp Scan (API + Native Integration)

StackHawk HawkScan

Wpscan Scanner (API and Native integration plus native scanner)

Container and Orchestration Security

AnchoreCTL Vuln Report

Aqua

Bandit

Clair Klar Scan

Clair Scan

Dockle Report

docker-bench-security Scanner

GitLab Container Scan

Hadolint

Harbor Vulnerability

KICS Scanner

kube-bench Scanner

kubeHunter Scanner

NeuVector (compliance)

NeuVector (REST)

Trivy

Trivy Operator

Twistlock

Contrast Scanner

Cloud Security

AWS Prowler Scanner

AWS Prowler V3

AWS Security Finding Format (ASFF)

AWS Security Hub – (API + Native Integration)

Azure Security Center Recommendations Scan

Checkov Report

Cloudsploit (AquaSecurity)

ScoutSuite

Infrastructure and Network Scanners

Nmap

Nuclei (API + Native Integration + Orchestration)

OpenVAS CSV

Qualys Infrastructure Scan (WebGUI XML)

SSL Labs

Sslscan

Sslyze Scan

Testssl Scan

Code Quality and Security Scanners

CredScan Report

ESLint

PHP Security Audit v2

PHP Symfony Security Checker

Rubocop Scan

Threat Intelligence and Vulnerability Management

Bugcrowd

Cobalt.io Scan

HackerOne Cases

Immuniweb Scan

IntSights Report

Risk Recon API Importer

Compliance and Policy Scanners

Crashtest Security

CycloneDX

DrHeader

DSOP Scan

Edgescan

Govulncheck

Meterian Scanner

MobSF Scanner

Mobsfscan

Mozilla Observatory Scanner

Talisman

Terrascan

Trufflehog

Trufflehog3

Wazuh Scanner

Secret Scanning

Gitleaks

Detect-secrets

Others

Crashtest Security

Gosec Scanner

HuskyCI Report

Hydra

Kiuwan Scanner

MobSF Scanner

Mobsfscan

NeuVector (REST)

ORT evaluated model Importer

Outpost24 Scan

PWN Security Automation Framework

Scantist Scan

SKF Scan

Solar Appscreener Scan

SpotBugs

Trustwave

Trustwave Fusion API Scan

Veracode SourceClear

Wfuzz JSON importer