At Phoenix we are pushing the boundaries of exploitation prioritisation, this release prepares the ground for the next major version release.
Highlights of the Release:
- External Dependencies at Your Fingertips: Our new menu entry for Libraries and Products brings third-party dependencies to the forefront, offering key insights and streamlined management of SBOMs.
- Risk Exceptions Engine: Automate your workflows with our powerful new rules engine, which makes false positives and risk mitigation easier and more efficient than ever.
- Admin (Read-only) Role: This role ensures full visibility for key roles without the risk of unintentional changes, enhancing oversight across your organisation.
- Granular Exploitability Factor: Gain a more detailed understanding of vulnerability risks with our refined exploitability assessments, which are now more specific than ever.
- Seamless Integrations: Enjoy enhanced support for Jira Data Center and multi-vulnerability tickets for both ServiceNow and Jira Data Center, streamlining your incident management processes.
Join us in revolutionising cybersecurity management with these innovative features, designed to make your life easier and your organisation more secure. Dive into the new Phoenix Security Platform and experience the future of cybersecurity today.
Application Security Posture Management
External Dependencies (Libraries and Products)
At Phoenix Security, we’ve always paid special attention to third-party dependencies (e.g., the SBOM tab in Software assets), and this focus will continue in this and future releases.
This time, we are bringing third-party dependencies to the forefront of our UI with our new “External Dependencies” menu entry for Libraries and Products.
These new pages display the list of software dependencies and installed software in the organisation, as well as some key insights into the magnitude of their vulnerabilities’ impact.
These screens represent the first step in their evolution, so they are marked as “Beta”. We have exciting plans for third-party dependencies and how we can help organisations focus on the higher-risk areas and manage their SBOMs.
Risk Exceptions Engine
Actionability has always been a strong point in Phoenix. Now, we’ve started to take it one step further by enabling automated workflows that allow our users to manage their assets and vulnerabilities automatically and at scale.
In this release, the new Exception Engine joins our existing Context Engine to provide rule-based false positive and risk mitigation automation.
By using our simple but powerful rules engine, users can automatically mark findings and false positive or risk mitigated, as they get reported by their scanners.
As always, with great power comes great responsibility, and we are removing the surprise factor from our rules engine by allowing users to take advantage of our “Test Rule” functionality before they commit and activate a new rule.
Full-access Read-only Role
In many organisations there are roles that require full visibility over their asset and vulnerability landscape, but don’t participate in the day-to-day management of activities.
To provide this full-access, read-only access to those roles, we’ve introduced the “Admin (read-only)” user role into Phoenix Security. This will allow full visibility without fear of unintentional changes, where required.
Asset and Vulnerability Management
Exploitability
Our vulnerability Exploitability factor has become more granular and specific. Now Explotatiliby is expressed as one o out of five possible values:
- Weaponized
- Potentially Weaponized
- Exploitable
- Proof of Concept
- None
The exact value for each vulnerability is based on a number of factors, including EPSS and CTI (see entry in this article).
CTI: VulnCheck KEV, Metasploit, Nuclei
Phoenix security now provides a large set of evidence of exploitation, and for a more sophisticated approach we have introduced weaponized vulnerability detection. Those vulnerabilities are automatable and can be leveraged in tools like Nuclei and Metasploit.
The cyber threat intelligence is combined with VulnCheck KEV, Cisa KEV and PoC evidence to deliver precision in vulnerability prioritisation.
Not only are these details available in the findings details screen, but they inform the exploitability value for each vulnerability.
Display Risk Magnitude in Top 10 tables
Phoenix Security is standardising the way aggregated findings risk is calculated and displayed: Risk Magnitude.
In this release we are bringing Risk Magnitude to the “Top 10” tables displayed in Security and Teams dashboards.
Integrations
Jira Data Center integration
In order to support our clients with on-prem Jira, Phoenix Security now offers a Jira Data Center compatible integration option.
Allow multi-vuln tickets for ServiceNow and Jira Data Center
Expanding on the multi-vulnerability ticket capability introduced for Jira in the previous release, now users of ServiceNow and Jira Data Center can take advantage of this functionality as well.
Allow bulk deletion of missing scanner targets
Sometimes scanner targets undergo significant changes, which results in a number of “missing” targets reported in the scanner’s integration screen. This is a normal situation and is gracefully managed by Phoenix.
When the missing targets are known to have gone definitely, users were able to manually remove them from the scanner’s list. With this release there is an additional option that allows users to remove ALL missing scanners in a single action.