Pushing the Boundaries of Vulnerability Management with Phoenix Security’s Latest ASPM UpdatePhoenix Security ASPM – Release 3.26


At Phoenix Security, we’re redefining the landscape of vulnerability management and application security with our latest release. Packed with innovative features and robust integrations, this update lays the foundation for the future of Application Security Posture Management (ASPM). These enhancements make managing security risks faster, smarter, and more effective for modern teams.

Key Highlights of the Release

This update delivers industry-leading features to streamline vulnerability management and improve application security workflows. Here’s what’s new:

Reachability Analysis with Contextual Deduplication (Code to Containers)

Container Throttling and Version Monitoring

Asset-Centric Actions and Lifecycle Management

Enhanced Findings and Asset Details

Flexible Ticketing Across Projects/Backlogs

New Integrations: Sysdig, BlackDuck, and Improved Lacework Integration

These upgrades empower organizations to prioritize vulnerabilities, reduce noise, and align security efforts with business goals.

Join us in revolutionizing cybersecurity management with these innovative features, designed to make your life easier and your organization more secure. Dive into the new Phoenix Security Platform and experience the future of cybersecurity today.

Phoenix Security, Release 3.26, ASPM, Vulnerability Management, Application Security, ASPM


Advancements in ASPM: Contextual Deduplication and Reachability Analysis


Phoenix Security introduces Contextual Deduplication, a game-changer in ASPM and Application Security. This feature enhances Vulnerability management and links vulnerabilities in source code with runtime assets like containers, enabling security teams to focus on fixing the root cause of issues.

How It Works:

• Correlates SCA findings in source code with containers in runtime environments.

• Example: If a pom.xml file introduces a CVE (e.g., CVE-1234-1234) into a container, the platform identifies the source file as the origin of the vulnerability.

Benefits:

• Highlights the root cause to prioritize fixes.

• Increases effective risk scores for source vulnerabilities due to container exposure.

• Avoids redundant fixes in runtime environments by addressing the core issue.

A feature focus is available here

Reachability analysis, Phoenix Security, Contextual Deduplication
Reachability analysis, Phoenix Security, Contextual Deduplication

This is another step forward in empowering security and engineering teams to focus on the most relevant vulnerabilities. In this case, the goal is to highlight the “source code” findings that originate from other findings in runtime assets, in particular in containers.

Now, the platform will automatically identify SCA findings in source code deployed in specific containers and enhance Vulnerability management. This process involves several steps and techniques, but the result is that Phoenix identifies source code artifacts that strongly correlate with the contents of a container and then maps individual finding pairs on both sides.

Phoenix Security, Release 3.26, ASPM, Vulnerability Management, Application Security, ASPM, Contextual deduplication, reachability  analysis

For example, if a build file (e.g. pom.xml) is deployed on a container and both have CVE-1234-1234, then those findings will be matched. This means that the CVE in the container has been introduced through the build file. Typically, one single source artifact is deployed in multiple containers, so the relationship is one-to-many.

This allows the platform to:

  • Highlight the source finding as the originator of the findings in the containers, allowing teams to focus on the root cause.
  • Increase the effective risk of finding the source based on the additional exposure created by the containers.
  • Stop selecting those container findings for fixing since the actual fix needs to be implemented in the source finding.
Phoenix Security, Release 3.26, ASPM, Vulnerability Management, Application Security, ASPM, Contextual deduplication, reachability  analysis

Container Throttling and Single-version management for ASPM


Any security team faces the challenge of managing hundreds of container versions. Phoenix Security’s new container throttling feature tracks only active versions in registries, reducing unnecessary noise and simplifying vulnerability management.

Phoenix Security, Release 3.26, ASPM, Vulnerability Management, Application Security, ASPM, Contextual deduplication, reachability  analysis

This feature enabled us to drastically reduce up to 91% of the container vulnerabilities on one of our clients, keeping track of the latest image version. We are currently working on improving the tracking of vulnerabilities for each container. Together with container reachability analysis we managed to reduce drastically the Open source vulnerabilities /SCA and Container vulnerabilities by 50% and 91% respectively.

A feature focus is available here

Phoenix Security, Release 3.26, ASPM, Vulnerability Management, Application Security, ASPM, Contextual deduplication, reachability  analysis

Lifecycle Management in ASPM by Asset/Vuln Type


Phoenix Security ASPM enhances control over the lifecycle of findings and assets by allowing users to set customized grace periods for each type of vulnerability or asset. This flexibility ensures that all findings are handled effectively within their specific risk contexts.

The feature is particularly key for Vulnerability management teams that manage different types of assets that have different lifecycles, e.g., a laptop might be on and off for months while a container vulnerability might be present and disappearing hundreds of times a da.y

Asset and Vulnerability Management in ASPM

One of Phoenix Security’s ASPM main goals is to make everyday tasks as simple and efficient as possible. That’s why bulk operations on findings and assets have been part of the platform for a long time. This feature allows users to select multiple findings and perform a range of different actions on them, from creating issue tickets to adding comments.

With this release, we bring further enhancements to this area by allowing users to select one or multiple assets or vulnerabilities and perform bulk actions based on the findings contained within them. This allows users to perform those bulk actions without leaving the screen they are working on.

Select Any Project/Backlog to Create Tickets 

The Phoenix Security ASPM platform has always provided a flexible way to configure projects (backlogs) within integrated ticketing systems to enhance the Application security team’s workflow and Vulnerability management. Its two-level configuration model provides enough granularity to associate entire applications and environments with a particular project and to configure exceptions to the top-level setting down to the component level.

This mechanism ensures that new tickets (even when created automatically by the platform) go to the right team’s backlog.

But sometimes users need to deal with exceptional cases or those where the ticketing system’s side is more fragmented. To cover these cases and provide extra flexibility, users can create new tickets on any integration and project already defined in the platform, even if it’s not the one preconfigured for the App or Component.

ASPM from Assets to Improved Findings Details

New column for Libraries

A new column now displays library and version information for each entry in the list. This makes it easier to identify libraries and versions without expanding individual finding entries.

New Due Date / Closed Date column for ASPM

A new dual-purpose column now displays the due date for the findings (based on SLA) or the date when the finding was closed for those that have already been closed.

To avoid confusion, the column’s header displays Due Date for the open findings view, while it displays Closed Date for the closed findings view. If the “All” view is selected the title shows both options, and the date displayed depends on whether the finding is open or closed.

Updated SLA columns

The existing SLA columns have been revamped to enhance Vulnerability management and display more relevant information. Now, the number shown reflects the days left until SLA expiry (in green) or the days the findings are overdue (in red). Moving the mouse over the number will display the SLA applied in each case.

Improved Asset Details in the ASPM lifecycle

Similarly to the findings improvements, this release sports some enhancements released to asset information display.

Display additional asset information.

An important evolution of asset information in Phoenix Security ASPM has revolved around expanding and consolidating asset details. This means more details for all types of assets, including contextual details like cloud information for containers or repositories.

With this release, all asset details, not just those related to the asset type, are included in the Details section.

Additional asset filters

In line with the attribute consolidation mentioned above, now users can filter different types of assets using conditions that are not directly related to the asset type. For example, filtering container assets using “contextual” attributes, like cloud details. Obviously, some of those details will only be present if the container is actually running in a cloud context.

ASPM Integrations

Sysdig Scanner Integration

A new addition to the Cloud scanner lineup included in this release is Sysdig.

Customers using Sysdig as part of their security scanning would be able to integrate with their account using Phoenix’s native API-based integration.

BlackDuck Scanner Integration

In addition to Sysdig, this release includes integration with BlackDuck in the SCA area.

Customers using Sysdig as part of their security scanning would be able to integrate with their account using Phoenix’s native API-based integration.


Get in control of your Application Security posture and Vulnerability management

Alfonso brings experience running international teams for multi-million dollar, technologically advanced projects for Telefónica, IBM and Vodafone. Alfonso joins with two decades of experience working for tech leaders, including at Dell EMC, Yahoo! and Intershop.

Discuss this blog with our community on Slack

Join our AppSec Phoenix community on Slack to discuss this blog and other news with our professional security team

From our Blog

The 2024 CWE Top 25 is out, and it’s no casual stroll through the vulnerability garden—especially when ransomware operators are busy planting path traversal exploits, while bug bounty hunters dig up endless injection flaws. In this blog, we examine the biggest risers, the most surprising dips, and the divergence between real-world exploit data and official CWE rankings. We’ll also reveal how AI-driven ASPM (Application Security Posture Management) and Phoenix Security’s contextual risk-based approach unite to help you focus on your most pressing threats. After all, not all flaws are created equal—some are simply more mischievous than others.
Francesco Cipollone
The 2024 CWE Top 25 list highlights the most dangerous software weaknesses. This article explores the methodology behind the list and how AI is improving threat detection. Discover how Application Security Posture Management (ASPM) and unified vulnerability management can help organizations address these critical threats.
Francesco Cipollone
Phoenix Security kicks off 2025 with recognition from Gartner Digital Markets through GetApp, solidifying its position as a leader in Application Security Posture Management (ASPM). Recognised for best customer success and support in ASPM, Phoenix Security empowers organisations with comprehensive, contextual vulnerability management and actionable cybersecurity solutions. With a user-friendly interface, robust real-time monitoring, and seamless risk prioritisation, the platform reduces alert fatigue while delivering precise remediation. As a cloud security leader, Phoenix Security continues to innovate, partnering with enterprises like LastPass and ClearBank to tackle the modern cybersecurity landscape head-on.
Francesco Cipollone
Discover how Phoenix Security is revolutionizing vulnerability management with its latest advancements in Application Security Posture Management (ASPM). From contextual deduplication to container version monitoring, this update empowers teams to prioritize vulnerabilities, streamline workflows, and strengthen application security. Dive into new integrations, enhanced asset details, and smarter risk management tools designed for modern security challenges.
Alfonso Eusebio
Phoenix Security’s Application Security Posture Management (ASPM) introduces Reachability Analysis and Contextual Deduplication to revolutionize vulnerability management. These features help security teams prioritize risks by correlating vulnerabilities from code to runtime, focusing on what’s exploitable. With contextual deduplication, Phoenix reduces vulnerability noise by up to 95%, ensuring only real threats are addressed. Stay ahead with 4D Risk Quantification, combining business criticality, network, and runtime reachability for smarter, more effective security.- Associate assets with multiple Applications and Environments – Mapping of vulnerabilities to Installed Software – Find Assets/Vulns by Scanner – Detailed findings Location information Risk-based Posture Management – Risk and Risk Magnitude for Assets – Filter assets and vulnerabilities by source scanner Integrations – BurpSuite XML Import – Assessment Import API Other Improvements – Improved multi-selection in filters – New CVSS Score column in Vulnerabilities
Alfonso Eusebio
Derek

Derek Fisher

Head of product security at a global fintech

Derek Fisher – Head of product security at a global fintech. Speaker, instructor, and author in application security.

Derek is an award winning author of a children’s book series in cybersecurity as well as the author of “The Application Security Handbook.” He is a university instructor at Temple University where he teaches software development security to undergraduate and graduate students. He is a speaker on topics in the cybersecurity space and has led teams, large and small, at organizations in the healthcare and financial industries. He has built and matured information security teams as well as implemented organizational information security strategies to reduce the organizations risk.

Derek got his start in the hardware engineering space where he learned about designing circuits and building assemblies for commercial and military applications. He later pursued a computer science degree in order to advance a career in software development. This is where Derek was introduced to cybersecurity and soon caught the bug. He found a mentor to help him grow in cybersecurity and then pursued a graduate degree in the subject.

Since then Derek has worked in the product security space as an architect and leader. He has led teams to deliver more secure software in organizations from multiple industries. His focus has been to raise the security awareness of the engineering organization while maintaining a practice of secure code development, delivery, and operations.

In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.

Jeevan Singh

Jeevan Singh

Founder of Manicode Security

Jeevan Singh is the Director of Security Engineering at Rippling, with a background spanning various Engineering and Security leadership roles over the course of his career. He’s dedicated to the integration of security practices into software development, working to create a security-aware culture within organizations and imparting security best practices to the team.
In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.

James

James Berthoty

Founder of Latio Tech

James Berthoty has over ten years of experience across product and security domains. He founded Latio Tech to help companies find the right security tools for their needs without vendor bias.

christophe

Christophe Parisel

Senior Cloud Security Architect

Senior Cloud Security Architect

Chris

Chris Romeo

Co-Founder
Security Journey

Chris Romeo is a leading voice and thinker in application security, threat modeling, and security champions and the CEO of Devici and General Partner at Kerr Ventures. Chris hosts the award-winning “Application Security Podcast,” “The Security Table,” and “The Threat Modeling Podcast” and is a highly rated industry speaker and trainer, featured at the RSA Conference, the AppSec Village @ DefCon, OWASP Global AppSec, ISC2 Security Congress, InfoSec World and All Day DevOps. Chris founded Security Journey, a security education company, leading to an exit in 2022. Chris was the Chief Security Advocate at Cisco, spreading security knowledge through education and champion programs. Chris has twenty-six years of security experience, holding positions across the gamut, including application security, security engineering, incident response, and various Executive roles. Chris holds the CISSP and CSSLP certifications.

jim

Jim Manico

Founder of Manicode Security

Jim Manico is the founder of Manicode Security, where he trains software developers on secure coding and security engineering. Jim is also the founder of Brakeman Security, Inc. and an investor/advisor for Signal Sciences. He is the author of Iron-Clad Java: Building Secure Web Applications (McGraw-Hill), a frequent speaker on secure software practices, and a member of the JavaOne Rockstar speaker community. Jim is also a volunteer for and former board member of the OWASP foundation.

Join our Mailing list!

Get all the latest news, exclusive deals, and feature updates.

The IKIGAI concept
x  Powerful Protection for WordPress, from Shield Security
This Site Is Protected By
ShieldPRO