Phoenix Security Unveils AI to Automatically Fix Software Flaws
London, Tuesday, 10 March 2026.
Launched today, Phoenix Security’s new artificial intelligence engine instantly resolves coding flaws, remarkably slashing false alarms by 91 percent to save businesses countless hours of manual work.
Tracing the Lineage of Software Vulnerabilities
Traditional security tools often trap engineering teams in a frustrating loop: scanners generate findings, which are dumped into a ticket backlog, ultimately requiring tedious manual triage [2]. In modern cloud environments, this standard workflow can produce hundreds of container vulnerabilities for a single application, frequently stemming from a shared base image or dependency layer [2]. Phoenix Security, an Application Security Posture Management (ASPM) provider, circumvents this bottleneck by mapping the entire lineage of a vulnerability before proposing a solution [2]. The platform’s newly launched engine traces flaws backward from the running container, through the registry and base images, directly to the originating build file [2].
Automating the Fix and Eliminating Noise
The operational efficiency gained through this targeted approach is substantial. By pinpointing the exact layer and file responsible for a vulnerability, the engine achieves up to a 91 percent reduction in Software Composition Analysis (SCA) container noise [1][2]. Instead of merely alerting security teams to a problem, the system generates precise remediation actions that engineers can execute immediately [2]. The engine features one-click GitHub pull request generation with precise version upgrades, alongside Jira integration and Remediation Campaign workflows, all included at no additional tier for customers [1][2].
A New Paradigm for Exposure Management
The release of this AI remediation engine, made available to all Phoenix Security customers starting March 9, 2026, and officially launched today, signals a necessary evolution in cybersecurity operations [1]. The platform operates as an Actionable Attack Surface Management (ASM) tool, closely aligning with Continuous Threat Exposure Management (CTEM) methodologies [1][2]. As Francesco Cipollone, CEO and Co-Founder of Phoenix Security, noted, engineers lack the bandwidth to manually review hundreds of vulnerabilities [1]. “They have time to look at one remedy,” Cipollone stated, emphasizing that the era of security teams merely pushing vulnerability lists to developers is ending [1].