Contextualize Prioritize and ACT ON RISK
Login
Get Access
Demo

Tag: ASPM

ASPM. IRoN BcIRON CLAD, Brass Knuckle Se
  • 1st June 2025

Brass Knuckle Security: Why ASPM Alone Isn’t Enough: Introducing IronClad™, a New Operating Model for Secure Enterprise Software Development

We don’t need more tools. We need a new way of thinking. Application Security Posture Management (ASPM) promises the world, but most teams crumble under tool sprawl, silos, and endless ticket queues. That’s why I built IronClad™ — a brutally simple, brutally effective operating model that fuses ASPM with decentralized ownership and ruthless clarity. This isn’t theory. It’s how security teams can actually win: small empowered squads, zero ambiguity, and mission-first remediation. If you’re tired of drowning in dashboards and ready to rethink how your teams build, secure, and scale, this is the blueprint. 👉 Read how ASPM + IronClad™ flips the script on vulnerability management.
Phil Moroni
  • 9th March 2025

A Threat-Centric Approach to Vulnerability Management ASPM and Appsec: Lessons from Log4j (CVE-2021-44228) and QNAP (CVE-2021-28799)

Tired of scrambling every time a new zero-day hits the headlines? Discover a threat-centric approach to vulnerability management that tackles root causes head-on. Dive into real-world examples—like the notorious Log4j (CVE-2021-44228)—and learn how ASPM application security, cybersecurity best practices, and frameworks (CVE → CWE → CAPEC → MITRE ATT&CK) can streamline remediation. Whether it’s ransomware or unauthorized access attempts on QNAP devices, see how focusing on broad threat categories and root cause analysis can supercharge your defense strategy and minimize patch fatigue.
Francesco Cipollone
  • 5th March 2025

Customer Guest Blog – Driving down the Criticals – Clear Bank & Phoenix Security ASPM

ClearBank broke a 250-year banking tradition by becoming the UK’s first new clearing bank in centuries—a bold move that extends to their approach to cybersecurity. In partnership with Phoenix Security, ClearBank has pioneered advanced Application Security Posture Management (ASPM) techniques that go beyond merely identifying vulnerabilities. By focusing on root causes, defense in depth, and real-world context—like which services are mission-critical or shielded by a WAF—their teams prioritize what truly matters. Neil Reed, Principal AppSec Engineer, underscores the importance of targeted remediation, using Phoenix’s exception engine to intelligently downgrade or reclassify findings that pose minimal risk. This risk-based strategy is a game-changer in scaling security without overburdening engineering teams. By running structured remediation campaigns and cutting container noise by up to 91%, ClearBank’s DevSecOps workflow has evolved to be both agile and robust. Their forward-thinking stance shows how the right blend of technology, context, and collaboration can fortify an organization, keeping pace with shifting regulations and emerging threats.
Neil Reed
Chris Hughes, Reachability Analysis, Devsecops, ASPM
  • 3rd February 2025

Modern AppSec Webinar Recap: Tackling Vulnerabilities, Regulatory Shifts, and Root Cause Analysis an ASPM perspective

The cybersecurity landscape is evolving rapidly, demanding a threat-centric, risk-based approach to vulnerability management. With the U.S. favoring voluntary guidelines and Europe enforcing stricter regulations, organizations must navigate compliance while focusing on real exploitability over CVE volume. This blog delves into ASPM, cloud security, and regulatory intelligence, exploring how businesses can move beyond the traditional patch-and-pray model to address root cause vulnerabilities before they become critical risks.
Francesco Cipollone
  • 24th January 2025

The Ultimate Guide to Reachability Analysis Which reachability is good for you: Enhancing Code, Library, and Container Security with ASPM

Enhance your vulnerability management with Application Security Posture Management (ASPM) and reachability analysis. Discover how ASPM helps prioritize exploitable vulnerabilities, reduce security noise, and improve risk management. Learn about advanced techniques like code and container reachability, contextual deduplication, and Phoenix Security’s cutting-edge solutions for smarter, more effective application security.
Francesco Cipollone
ASPM Gartner Technology Peer Insight Phoenix Security
  • 18th January 2025

Kicking off 2025 ASPM: Phoenix Security Wraps Up 2024 With Prestigious Double Awards Recognition from Gartner Digital Markets

Phoenix Security kicks off 2025 with recognition from Gartner Digital Markets through GetApp, solidifying its position as a leader in Application Security Posture Management (ASPM). Recognised for best customer success and support in ASPM, Phoenix Security empowers organisations with comprehensive, contextual vulnerability management and actionable cybersecurity solutions. With a user-friendly interface, robust real-time monitoring, and seamless risk prioritisation, the platform reduces alert fatigue while delivering precise remediation. As a cloud security leader, Phoenix Security continues to innovate, partnering with enterprises like LastPass and ClearBank to tackle the modern cybersecurity landscape head-on.
Francesco Cipollone
ASPM Reachability Analysis James Berthoty
  • 6th January 2025

Understanding Reachability Analysis in Application Security and ASPM: Methods, Impact, and Real-World Applications a webinar with James Berthoty

Enhance your vulnerability management with Application Security Posture Management (ASPM) and reachability analysis. Discover how ASPM helps prioritize exploitable vulnerabilities, reduce security noise, and improve risk management. Learn about advanced techniques like code and container reachability, contextual deduplication, and Phoenix Security’s cutting-edge solutions for smarter, more effective application security.
Francesco Cipollone
future of ASPM
  • 14th October 2024

Understanding Application Security Posture Management (ASPM)

What the heck is ASPM and how modern ASPM address new challenges? In this article we explore Application Security Posture Management (ASPM) and how it has become essential for organizations looking to safeguard their applications throughout the software development lifecycle (SDLC). But what truly defines a modern ASPM solution? In this article, we delve into the typical ASPM vendors, explore edge cases, and outline the fundamental pillars that unite them. At Phoenix Security, we recognize the challenges posed by diverse organizational structures, making ASPM as much about data and culture as it is about vulnerability management. That’s why we’ve introduced our ONE BACKLOG feature, which merges security champion initiatives with vulnerability workflows into a single, actionable dashboard. This integration empowers security teams to maintain a comprehensive view of vulnerabilities across code, cloud, and other artifacts, streamlining prioritization and remediation efforts. ASPM is more than just a framework; it’s a proactive strategy that fosters collaboration between development, security, and operations teams. With benefits like unified visibility, risk-based prioritization, and continuous monitoring, organizations can effectively identify and address vulnerabilities, ensuring a robust security posture. Join us as we explore the future of ASPM, focusing on code-to-cloud native solutions, maximizing existing tools, and nurturing a culture of security that transcends traditional barriers. Learn how ASPM can revolutionize your approach to application security and enhance your organization’s resilience in an ever-evolving threat landscape.
Francesco Cipollone
Join us as we dive into the future of Application Security (AppSec) and Vulnerability Management with James Berthoty. Discover insights on the evolution of AppSec, challenges in managing software vulnerabilities, and the role of Application Security Posture Management (ASPM) in today’s API-driven cloud environment. Listen now for expert analysis and practical solutions in cybersecurity.
  • 28th July 2024

CSCP S4EP19 – James Berthoty – What The heck is ASPM and the evolution of Product Security

Join us as we dive into the future of Application Security (AppSec) and Vulnerability Management with James Berthoty. Discover insights on the evolution of AppSec, challenges in managing software vulnerabilities, and the role of Application Security Posture Management (ASPM) in today’s API-driven cloud environment. Listen now for expert analysis and practical solutions in cybersecurity.
Francesco Cipollone
CSCP S4EP18 - Marius Poskus
  • 7th July 2024

CSCP S4EP18 – Marius Poskus – Who mention about non-technical CISO – ASPM and Running application security programs from a CISO perspective

Explore the evolving landscape of application security and ASPM with Marius Poskus, VP at Glow Financial Services. Discover insights on the adoption of open-source code and AI, cultural shifts for DevSecOps, and challenges in maintaining consistent security programs. Sponsored by Phoenix Security, leaders in vulnerability management. Listen now for strategic approaches to managing application security and prioritizing critical issues to align with business goals. #Cybersecurity #AppSec #ProductSecurity #ASPM
Francesco Cipollone

Resources

Listen to the latest Phoenix Security  podcast

Listen to the latest AppSec Phoenix podcast

Read More

Get Started with AppSec Phoenix

Read More
News

Read the latest AppSec Phoenix news

Read More
Blog

Read the latest Blogs

Read More
Events

Discover our events

Read More
Talks

Explore the talks

Read More
Whitepapers

Discover Whitepapers

Read More
News

Read the latest News

Read More
Videos

Discover video resources

Learn More

Welcome to Peace of Mind

Trusted by more than 1000 users and 380 organizations

ACT Now
Request a demo
Dashboard
x Powerful Protection for WordPress, from Shield Security
This Site Is Protected By
ShieldPRO