Login
Get Access
Demo

blog

AppSec Phoenix + OWASP

AppSec Phoenix OWASP Partnership
AppSec Phoenix OWASP Partnership
AppSec Phoenix OWASP Partnership

AppSec Phoenix is Happy to announce the Partnership With Owasp. At Appsec Phoenix we believe everyone can kickstart their journey through data-driven appsec and cloudsec with postrue management and a measured approach

AppSec Phoenix Announces Partnership with OWASP

The cloud and application security platform will offer OWASP members access to its community edition and scanners.  

LONDON, England (Feb 15, 2022)—AppSec Phoenix, an innovative risk-based vulnerability management software, has announced its collaboration with OWASP, a non-profit foundation that works to improve software security. AppSec Phoenix will make accessing open-source security tools and running application security programmes easier for many more organizations through the partnership.

OWASP is a community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. As a non-profit, the organization provides tools and resources, community and networking, and education and training. Working together for nearly 20 years, OWASP leadership and its community have sought to improve software security.

AppSec Phoenix is a SMART Application and cloud posture management platform for Small and Medium Enterprises (SMEs) and Large Enterprises. In developing the programme, founder Francesco Cipollone and his team created it to identify what to solve first in the sea of problems that could be tackled by security and developers. Bringing the executive along application and cloud security programmes enabling them to set strategic direction on risk dramatically increased the success rate. AppSec Phoenix’s approach saves its partners time and money by giving them a quick and easy way to identify which security problem to tackle first in line with executive expectations.

AppSec Phoenix will offer a free product community license to OWASP members, for free, forever. This partnership will give member organizations access to AppSec’s scanning technology, quantification and measurement. The partnership also exemplifies AppSec’s shared vision with OWASP as the two organizations embrace innovative, open collaboration and make the software more secure.

“We are proud to partner up with OWASP and give back to the community,” said Cipollone. “As an individual member and long friend of OWASP, I’m pleased to be able to help organizations gain access to an application and cloud security open-source project to create a simpler application security programme. By offering AppSec Phoenix to all OWASP members, we hope that more people will get started on the application security journey with a simple integration that makes open-source scanning technologies available for everyone.”

“I’m thrilled by this collaboration with AppSec Phoenix, and I look forward to moving it ahead,” said Andrew van der Stock, Executive Director of OWASP. “Appsec Phoenix brings additional value to the OWASP subscription and OWASP’s members and aligns with the core value of open collaboration and making all software more secure. In celebration of the 20th anniversary of OWASP, we are looking forward to this exciting collaboration.”

To get your free licence check out https://phoenix.security/resources/ or register directly with your OWASP account: https://appsecphoenix.cloud/signup/owasp. Alternatively, in case of issue check https://kb.phoenix.security/owasp or REQUEST OWASP COMMUNITY LICENSE SUPPORT

About AppSec Phoenix

AppSec Phoenix was established to provide an effective all-in-one security solution for application and cloud security and running programmes at scale. We enabled executives to set meaningful targets that developers and security get with our easy-use platform. At the same time, developers received a clean to-do list of what to fix in line with executive expectations and focused on what’s more exploitable in the eye of attackers. Application and cloud security are ramping up problems for companies, small and large. Learn how you can align security with the speed of business https://www.phoenix.security/.

###

Francesco Cipollone

Francesco Cipollone

Francesco is an internationally renowned public speaker, with multiple interviews in high-profile publications (eg. Forbes), and an author of numerous books and articles, who utilises his platform to evangelize the importance of Cloud security and cutting-edge technologies on a global scale.
14th February 2022
Francesco is an internationally renowned public speaker, with multiple interviews in high-profile publications (eg. Forbes), and an author of numerous books and articles, who utilises his platform to evangelize the importance of Cloud security and cutting-edge technologies on a global scale.

Discuss this blog with our community on Slack

Join our AppSec Phoenix community on Slack to discuss this blog and other news with our professional security team

Join Slack community
Linkedin-in Youtube Facebook-f Twitter Instagram

From our Blog

OWASP Top 10 Common Weakness Enumeration Web application security risks Software vulnerabilities Cybersecurity best practices Real-world cyberattacks Mitigating security risks
  • 25th September 2023

OWASP Top 10 across the years: what are the exploited vulnerabilities

Owasp top 10 has been a pillar over the years; sister to CWE – Common Weakness Enumeration we provide an overview of the top software vulnerabilities and web application security risks with a data-driven approach focused on helping identify what risk to fix first.
Francesco Cipollone
  • 18th September 2023

Phoenix Security Features – August/September 2023 – Risk-based formula, Magnitude, Application Security & Vulnerability Management Improvement

The Cloud Security and AppSec teams at Phoenix Security are pleased to bring you another set of new Phoenix Security features and improvements for vulnerability management across application and cloud security engines. This release builds on top of previous releases with key additions and progress across multiple areas of the platform. Asset and Vulnerability Management – Associate assets with multiple Applications and Environments – Mapping of vulnerabilities to Installed Software – Find Assets/Vulns by Scanner – Detailed findings Location information Risk-based Posture Management – Risk and Risk Magnitude for Assets – Filter assets and vulnerabilities by source scanner Integrations – BurpSuite XML Import – Assessment Import API Other Improvements – Improved multi-selection in filters – New CVSS Score column in Vulnerabilities
Alfonso Eusebio
Top Exploited vulnerability, Github top exploits, Vulnerability management, Risk-based prioritization, Likelihood of exploitation, Exploit prediction scoring system (EPSS), EPSS, Common weakness enumeration (CWE), CWE, Common weakness scoring system (CWSS), CVSS scores, Verified exploits, Exploits in the wild, Cyber threat intelligence, Vulnerability assessment, Vulnerability exploitability, Cyber risk management, Patch management, Zero day exploits, Software vulnerabilities, Cybersecurity threats, CISA, CISA KEV, Exploitation,
  • 20th August 2023

Understanding Vulnerability Exploitability: Focusing on What Matters Most in Cybersecurity, CISA KEV Exploit DB, Zero Day and more

With cyber threats growing in sophistication, understanding exploitability has become crucial for security teams to prioritize vulnerabilities effectively. This article explores the key factors that influence the likelihood of exploits in the wild, including attack vectors, complexity levels, privileges required, and more. You’ll learn how predictive scoring systems like EPSS are bringing added dimensions to vulnerability analysis, going beyond static scores. We discuss the importance of monitoring verified threat feeds and exploiting trends from reliable sources, instead of getting distracted by unverified claims and noise. Adopting a risk-based approach to prioritization is emphasized, where critical vulnerabilities are addressed not just based on CVSS severity, but also their likelihood of being exploited and potential business impact. Recent major exploits like Log4Shell are highlighted to stress the need for proactive security. Equipped with the insights from this guide, you’ll be able to implement a strategic, data-backed approach to focusing on the most pertinent risks over the barrage of vulnerabilities.
Francesco Cipollone
  • 12th August 2023

Phoenix Security Features – July 2023 – Application Security & Vulnerability Management Improvement

The Cloud Security and AppSec teams at Phoenix Security are pleased to bring you another set of new Phoenix Security features and improvements for vulnerability management across application and cloud security engines. This release builds on top of previous releases with key additions and progress across multiple areas of the platform. Improved Management your Vulnerabilities and Assets Display “Closed” vulnerabilities list page Display vulnerability stats in Asset screens Override asset exposure for whole Apps/Envs Filter on-screen dynamic statistical and insights Risk-based Posture Management Update risk formula structure Update Vuln risk formula factors Integrations Configure “vulnerability types” fetched from SonarCloud/SonarQube Users can manually trigger a “scanner refresh” Update Jira tickets when the associated vulnerability is closed Other Improvements Handle large number of items in Treemap chart Improved scanner flow: don’t fetch targets until needed Improved performance of MTTR queries
Alfonso Eusebio

Join our Mailing list!

Get all the latest news, exclusive deals, and feature updates.

x Logo: ShieldPRO
This Site Is Protected By
ShieldPRO