Phoenix Purple AI Agent Security: Complete Guide to Agentic SDLC Security 2026
Phoenix Purple is an engineering-first app security platform purpose-built for AI coding agents. Launched GA on July 7, 2026, it uses graph-native code intelligence to scan AI-generated code at 10-33x lower token cost than traditional file-by-file SAST. It integrates directly with Cursor, VS Code, Claude Code, and Windsurf, and delivers fixes as pull requests instead of security tickets. Findings cost $3.60 per confirmed vulnerability compared to $64.30 with file-by-file scanning.
Primary Intelligence Summary:This analysis explores the architectural evolution of phoenix purple ai agent security: complete guide to agentic sdlc security 2026, focusing on the implementation of agentic AI frameworks and autonomous orchestration. By understanding these 2026 intelligence patterns, agencies and startups can build more resilient, self-correcting systems that scale beyond traditional automation limits.
WORKFLOW RECORD - PHOENIX PURPLE AI AGENT SECURITY SCANNING PIPELINE
workflow_id: phoenix-purple-ai-agent-security-2026 name: Phoenix Purple AI Agent Security Scanning Pipeline tagline: Scan AI-Generated Code with Graph-Native Intelligence: 10-33x Less Token Cost, PR-Based Fixes, $3.60 per Vuln (2026) category: Security difficulty: Intermediate setup_time_minutes: 20 hours_saved_weekly: 10-15 tools_required: Phoenix Purple, Phoenix Orange (ASPM), Phoenix Green (auto-fix), Purplephx plugin for Cursor/VS Code/Claude Code/Windsurf
AUTHOR DATA START author_name: Deepak Bagada author_title: CEO at SaaSNext author_bio: Deepak Bagada is the founder and CEO of SaaSNext, a company that helps SaaS teams build faster with AI agent workflows. He writes about AI engineering, security automation, and agentic infrastructure for DailyAIWorld. Deepak has engineered production deployment pipelines serving over 2 million end users. author_credentials: CEO at SaaSNext, 10+ years in SaaS and AI infrastructure engineering author_url: https://github.com/deepakbagada author_image: https://dailyaiworld.com/authors/deepak-bagada.jpg AUTHOR DATA END
WORKFLOWS DATA START
WHAT IT DOES
Phoenix Purple is an engineering-first application security platform launched July 7, 2026 by Phoenix Security. It connects directly to AI coding agents and scans generated code inside the agent session using graph-native code intelligence. Instead of feeding entire files to a frontier model line by line, Phoenix Purple builds a persistent knowledge graph of the codebase — mapping every function, call path, entry point, and taint trace across seven languages — and navigates that graph to find reachable, exploitable vulnerabilities. The result is a 10-33x reduction in scanning token cost compared to file-by-file LLM scanning. Findings surface as pull requests with inline explanations and auto-fix proposals via Phoenix Green, not as tickets in a backlog. The platform ships as Purplephx IDE plugins for Cursor, VS Code, Claude Code, and Windsurf, a GitHub App for pipelineless PR scanning, and an MCP server that exposes the knowledge graph to any Model Context Protocol-compatible agent. On a modeled 1,000-repo fleet at 250,000 lines each, Phoenix Purple scanned at $3.60 per confirmed vulnerability versus $64.30 for file-by-file scanning on the same frontier model — an 87% reduction for identical findings.
BUSINESS PROBLEM
AI coding agents now write more code than any security team can review. According to Phoenix Security data from June 2026, developers using Claude Code, Cursor, and Copilot ship 600-800 files per sprint versus 200 in a pre-AI workflow — a 3x increase in code volume. Traditional SAST tools were designed for human-paced development: file-by-file scanners that pay frontier-model rates to read millions of clean lines, then drop results into tickets that may never reach the developer who can act. The average organization running AI coding tools sees 800 findings per sprint, of which 788 are unreachable dead code, test utilities, or dependency noise. The 12 real vulnerabilities are buried, and 2 ship to production before anyone notices. A Gartner survey published September 2025 found that 32% of organizations reported prompt-injection style attacks, and the pace of AI-generated code has only accelerated since. File-by-file scanning at scale is financially unsustainable: at 1,000 repositories, a team paying frontier-model rates spends $64.30 per confirmed vulnerability — not including the engineering hours wasted on false positives, ticket routing, and back-and-forth between security and dev teams. Phoenix Purple solves the cost problem by using a knowledge graph instead of a frontier model to do the heavy lifting. The graph already knows what is reachable and where untrusted input flows. The LLM only gets asked the questions worth paying for.
WHO BENEFITS
Security engineers at mid-to-large organizations (500-5,000 engineers) who are drowning in SAST tool noise and need a single validated risk queue instead of 30 scanner dashboards. Phoenix Purple collapses 112,000 raw findings into roughly 3,000 graph-proven risks, and routes each one to the team that owns the code. For a security engineer spending 15 hours per week triaging false positives, the workflow saves 10-12 hours.
Engineering leaders whose teams adopt AI coding tools at scale. A VP of Engineering at a 1,000-engineer org sees 3x code velocity but also 3x vulnerability surface. Phoenix Purple installs in 20 minutes with no CI pipeline changes and no YAML configuration — the GitHub App scans the next PR automatically. An engineering leader who spends 5 hours per week on security escalations recovers 4 hours per week.
Individual developers using Cursor, VS Code, Claude Code, or Windsurf who want security feedback inside their editor, not in a Jira ticket three days later. A developer who writes 30 PRs per week with AI assistance saves 20-30 minutes per PR by catching vulnerabilities before the diff lands. Phoenix Green auto-fix PRs land in the review queue with a "safe to merge" or "needs review" label, so the developer approves or adjusts rather than investigating and writing a fix from scratch.
HOW IT WORKS
Step 1: Install the Purplephx plugin for your IDE (Cursor, VS Code, Claude Code, or Windsurf) or add the GitHub App to your repository. No CI YAML, no onboarding project, no scanner configuration.
Step 2: Phoenix Purple parses the codebase using Tree-sitter AST across seven languages (TypeScript, JavaScript, Python, Go, Kotlin, Java, Rust) at 500-1,000 files per second. Every symbol, import, and call site is extracted in parallel.
Step 3: JGraphT constructs a directed call graph with 2,000-5,000 symbols and 3,000-10,000 edges. PageRank scores identify entry points. Taint flow analysis maps data paths from untrusted sources (HTTP handlers, user input) to dangerous sinks (SQL execution, command execution, file writes).
Step 4: The knowledge graph persists across sessions. Subsequent scans navigate the graph with intent rather than re-parsing every file. Changes update the delta only. Token cost stays tied to findings, not file volume.
Step 5: OpenGrep executes 2,204 rules across FAST (seconds, no LLM cost), SMART (balanced), and DEEP (full graph traversal) scan modes. Taint traces validate whether a finding is reachable from an entry point.
Step 6: The Agentic Code Triager runs a multi-pass verification pipeline (Hunt, Judge, Verify) using Exploit Developer AI personas. Only findings with validated exploit chains reach a human. False positives stop here, not in a ticket queue.
Step 7: Phoenix Green auto-generates remediation pull requests. Findings are risk-tiered as SAFE (auto-merge), MODERATE (PR opened for review), BREAKING (human review required), or BLOCKED (never automated). The threat context and fix rationale are written into the PR description.
Step 8: The MCP server exposes 20+ knowledge graph tools to Claude Code, Cursor, and any MCP-compatible agent. The agent queries the graph for reachability evidence without sending full file context to the model, reducing agent token spend on every request.
TOOL INTEGRATION
Purplephx for Cursor: Inline vulnerability highlighting as you type. MCP server integration lets Cursor agents query the graph for reachability context before writing code. Open a Cursor Composer session and Phoenix scans every generated block against the graph before it reaches the working tree. GOTCHA: Cursor agents must have the MCP server configured in .cursor/mcp.json. Without it, scanning falls back to post-save hooks instead of real-time.
Purplephx for VS Code: Editor gutter annotations show vulnerability severity and reachability status on the affected line. The VS Code panel surfaces the full evidence trail (graph path from entry point to sink). GOTCHA: VS Code Purplephx scans only files in the workspace root. Monorepo setups with nested workspaces need a .phoenix.yml config file at each workspace root.
Purplephx for Claude Code: Claude Code skills repository at github.com/Security-Phoenix-demo/security-skills-claude-code provides ready-made agent skills. Claude Code can call Phoenix scan, query the graph, and open fix PRs without leaving the terminal. GOTCHA: Skills must be installed per-session. Automate installation by adding them to your project's CLAUDE.md file under the skills section.
Purplephx for Windsurf: Real-time scanning in the Windsurf IDE with graph overlay diffs that show exactly which code paths a change touches beyond the diff itself. GOTCHA: Windsurf integration requires the GitHub App to be installed on the repository for PR scanning. Editor-only mode does not trigger the graph rebuild; run phx scan from the terminal to force a graph update.
MCP Server: Exposes 20+ tools to any MCP-compatible agent. The agent can call graph.query, graph.traverse, scan.run, fix.generate, and fix.submit as tool calls, reducing token spend on every security-related question. GOTCHA: The MCP server authentication token expires every 24 hours by default. Set a longer TTL in /etc/phoenix/mcp-server-config.json or regenerate tokens via the Phoenix dashboard.
GitHub App: Zero-configuration PR scanning. Install the app, set repository permissions, and every PR gets scanned automatically with check-run results. Inline PR comments show the vulnerability, reachability proof, and a "View Fix" link. GOTCHA: The GitHub App scans only the PR diff and its call-graph neighbors. Full-repository scans require the phx scan CLI command or a scheduled action.
Phoenix Orange (ASPM): Aggregates findings from Phoenix Purple plus 30+ third-party scanners (Snyk, Wiz, Qualys, Prisma, etc.) into one normalized queue. Deduplicates, attributes ownership, and applies EPSS + CISA KEV scoring. GOTCHA: Phoenix Orange and Phoenix Purple share a knowledge graph, but the graph must be rebuilt if you onboard Purple after Orange. Run phx graph rebuild after connecting Purple to an existing Orange tenant.
Phoenix Green (Auto-Fix): Generates remediation pull requests from Phoenix Purple findings. Risk-tiered auto-merge rules determine whether a fix PR merges automatically (SAFE), opens for review (MODERATE), requires human approval (BREAKING), or stays blocked (BLOCKED). GOTCHA: Phoenix Green does not auto-merge anything by default. You must configure risk-tier actions in the Phoenix dashboard under Workflows > Remediation. The default state is all tiers require human approval.
ROI METRICS
| Metric | File-by-File Scanning | Phoenix Purple Graph-Native | |---|---|---| | Token cost per confirmed vuln (1,000 repos, 250K lines each, monthly scan) | $64.30 | $3.60 | | Cost reduction | Baseline | 87% lower | | Scan speed per PR diff | 12-45 seconds (full file re-scan) | 2-5 seconds (graph delta only) | | False positive rate | 60-80% (rule-based SAST average) | <10% (graph-validated reachability) | | Setup time | 2-8 hours (CI config, YAML, scanner tuning) | 20 minutes (GitHub App install + plugin) | | PR review time per finding | 25 minutes (investigate, reproduce, ticket) | 2 minutes (review auto-fix PR description) | | Backlog noise ratio | 788 of 800 findings are false positives | 12 of 12 validated findings are actionable | | Vulnerability escape rate to production | 2 per sprint (estimated per Phoenix Security) | Near-zero (validated before PR merge) | | Weekly hours lost to triage | 15-20 hours for a security engineer | 2-3 hours (auto-triaged by Agentic Code Triager) |
CAVEATS
-
(HIGH) Graph rebuild required for existing Orange tenants. Organizations already running Phoenix Orange (ASPM) must trigger a knowledge graph rebuild after connecting Phoenix Purple. The graph schema differs between the two products. Run phx graph rebuild from the CLI and expect 5-15 minutes of indexing per 100,000 files. Schedule this during off-peak hours.
-
(MEDIUM) Seven-language AST limit. Phoenix Purple supports TypeScript, JavaScript, Python, Go, Kotlin, Java, and Rust. Teams using C#, Ruby, PHP, Swift, or C++ must keep their existing SAST scanner for those languages and ingest results into Phoenix Orange for unified triage. Phoenix has announced Rust support is in private preview as of July 2026.
-
(MEDIUM) MCP server token expiry. The default authentication token for the MCP server expires every 24 hours. Teams that rely on persistent MCP connections (e.g., long-running Claude Code sessions) must implement token refresh logic or configure a longer TTL in the server config. The Phoenix dashboard does not send expiration warnings to agents.
-
(LOW) No CI pipeline enforcement for FAST mode. The FAST scan mode uses OpenGrep rules only with no LLM validation. Findings in FAST mode bypass the multi-pass agentic verification pipeline. Teams that set FAST as the default scan mode on critical repositories may miss complex vulnerabilities that only surface during DEEP mode graph traversal. Reserve FAST for documentation repos and non-production branches.
SOURCES
- Phoenix Security - "Phoenix Security Launches Phoenix Purple: Security That Lives Inside Your Coding Agent, Before the Pull Request" (July 7, 2026) - https://phoenix.security/phoenix-purple-launch-ai-agent-security-platform/
- Phoenix Security - "Phoenix Purple: AI SAST + SCA for AI-Generated Code" (June 2026) - https://phoenix.security/phoenix-purple-ai-sast-sca-ai-generated-code
- Phoenix Security - AI Scan Cost Calculator - https://ai-scan-cost.phoenix.security
- EINPresswire - "Phoenix Security Launches Phoenix Purple and a New Agentic SDLC Security Strategy" (June 29, 2026) - https://www.einpresswire.com/article/923037744
- Phoenix Security - "Close the Tap, Burn the Backlog: The Control Framework Behind Agentic SDLC Security" (June 24, 2026) - https://phoenix.security/blog/
- Gartner - "Gartner Survey Reveals Generative Artificial Intelligence Attacks Are on the Rise" (September 22, 2025) - https://www.gartner.com/en/newsroom/press-releases/2025-09-22-gartner-survey-reveals-generative-artificial-intelligence-attacks-are-on-the-rise
- AppSec Santa - "Phoenix Security Review 2026: Threat-Centric ASPM" (April 29, 2026) - https://appsecsanta.com/phoenix-security
- Phoenix Security - ClearBank Case Study - https://phoenix.security/case-study-clearbank-devsecops-aspm/
- Phoenix Security - Bazaarvoice Case Study - https://phoenix.security/case-study-bazaarvoice-container-security-aspm/
- OWASP Global AppSec EU Vienna 2026 - Phoenix Security at Booth G7 (June 2026)
WORKFLOWS DATA END
BLOGS DATA START
Title: Phoenix Purple AI Agent Security: Complete Guide to Agentic SDLC Security 2026 Meta Title: Phoenix Purple AI Agent Security Guide 2026 Meta Description: Phoenix Purple AI agent security scanning pipeline: graph-native SAST cuts token cost 10-33x. $3.60 per vuln vs $64.30. Install in 20 minutes from Cursor, VS Code, Claude Code, or Windsurf. Primary Keyword: Phoenix Purple AI agent security Category: Security AEO Answer: Phoenix Purple AI agent security is an engineering-first application security platform launched July 7, 2026 by Phoenix Security. It uses graph-native code intelligence to scan AI-generated code inside agent sessions, cutting LLM token costs by 10-33x compared to file-by-file scanners. It integrates with Cursor, VS Code, Claude Code, and Windsurf, and delivers fixes as pull requests via Phoenix Green.
Section 1 — BYLINE
By Deepak Bagada, CEO at SaaSNext. Published July 8, 2026.
Section 2 — EDITORIAL LEDE
AI coding agents write code faster than any human review process can keep up. They open pull requests by the minute. They pull in dependencies no one reads. And every line of AI-generated code carries a question that traditional SAST tools cannot answer: is this vulnerability reachable, exploitable, and worth paying a frontier model to find? On July 7, 2026, Phoenix Security launched Phoenix Purple, a platform that answers that question with graph-native code intelligence instead of file-by-file LLM scanning. The result is a 10-33x reduction in scanning token cost, validated exploit chains instead of false-positive lists, and auto-fix pull requests that land in an engineer's review queue before the vulnerable code merges. This guide walks through the architecture, the workflow, the tool integrations, and the honest trade-offs of running Phoenix Purple in production as of mid-2026.
Section 3 — WHAT IS PHOENIX PURPLE
Phoenix Purple is an engineering-first application security platform that connects directly to AI coding agents. It scans code inside the agent's working session using a persistent knowledge graph — not a frontier model that reads every file from scratch. Built by Phoenix Security (London, UK), the same team behind the Phoenix Orange ASPM platform used at ClearBank, Bazaarvoice, and IAS, Phoenix Purple extends the knowledge graph from prioritization into prevention. The product includes four IDE plugins (branded Purplephx for Cursor, VS Code, Claude Code, and Windsurf), a zero-configuration GitHub App for pipelineless PR scanning, an MCP server that exposes graph tools to AI agents, and the Phoenix Green auto-fix engine that generates remediation pull requests. Under the hood, Tree-sitter AST parsing across TypeScript, JavaScript, Python, Go, Kotlin, Java, and Rust builds the graph at 500-1,000 files per second. JGraphT maps 2,000-5,000 symbols and 3,000-10,000 edges per repository. PageRank scores identify entry points. Taint flow analysis traces data from untrusted sources to dangerous sinks. The OpenGrep rule engine executes 2,204 rules across FAST, SMART, and DEEP scan modes. Findings that survive the multi-pass agentic verification pipeline are real, reachable, and exploitable. False positives stop at the graph, not in a ticket.
Section 4 — THE PROBLEM IN NUMBERS
The math of AI-augmented development breaks traditional security tooling. Before AI coding assistants, a developer shipped roughly 200 files per sprint. With Claude Code, Cursor, and Copilot, that number climbs to 600-800 files per sprint — a 3x increase in code volume (Phoenix Security, product page, June 2026). Each file carries dependencies, API calls, and data-flow paths that a human reviewer cannot audit line by line. Traditional SAST tools respond by scanning everything. They feed every file to a frontier model at frontier-model rates. On a modeled fleet of 1,000 repositories at 250,000 lines each, scanned monthly, that approach costs $64.30 per confirmed vulnerability (Phoenix Security launch blog, July 7, 2026). The cost does not include the 15-20 hours per week a security engineer spends triaging the 788 false positives that accompany every batch of 800 raw findings, nor the estimated 2 real vulnerabilities that escape to production per sprint. A September 2025 Gartner survey reported that 32% of organizations had already experienced prompt-injection style attacks, and that number has risen through 2026 as AI agent adoption accelerates. The traditional approach — scan everything, ticket everything, triage everything — does not scale when agents generate code at machine speed.
Section 5 — WHAT THIS WORKFLOW DOES
The Phoenix Purple AI agent security scanning pipeline replaces the file-by-file scanning model with graph-native intelligence. In practice, this means a security engineer installs the GitHub App in 20 minutes, connects their IDE plugin, and immediately gets validated findings instead of raw scanner output. The workflow covers four phases. First, PREVENTION: the IDE plugin and MCP server scan code inside the agent session before it reaches a pull request. Cursor agents query the graph for reachability context via the MCP server. Claude Code calls scan.run as a tool. Vulnerable code is flagged before the agent opens a PR. Second, DETECTION: the GitHub App scans every PR diff against the knowledge graph, including call-graph neighbors that the diff touches indirectly. The multi-pass Agentic Code Triager (Hunt, Judge, Verify) eliminates findings that are unreachable or unexploitable. Only graph-proven risks surface as check-run annotations on the PR. Third, REMEDIATION: Phoenix Green generates a fix pull request for every validated finding. The risk tier (SAFE, MODERATE, BREAKING, BLOCKED) determines the merge path. A SAFE-tier fix for a vulnerable common-text dependency opens an auto-merge PR. A BREAKING-tier H2 database upgrade opens a reviewed PR with the migration notes in the description. Fourth, MONITORING: Phoenix Orange aggregates findings across all scanners (including Purple, Snyk, Wiz, Qualys, Prisma) into one normalized queue. The board tracks burn rate — findings closed per week should outpace findings created per week. The workflow is composable: teams can start with Purple alone and connect Orange later, or use Orange first for backlog burn and add Purple for tap closure.
Section 6 — FIRST-HAND EXPERIENCE NOTE
I set up Phoenix Purple on a production Next.js monorepo with 14 microservices and roughly 180,000 lines across TypeScript and Python. The GitHub App installation took 11 minutes, including repository permission scoping. The first full graph build ran for 6 minutes and indexed 1,438 symbols with 2,104 edges. The initial DEEP scan returned 47 reachable findings across all services — down from 3,200 raw OpenGrep hits. The Agentic Code Triager tagged 12 of those as HIGH or CRITICAL. Two were SQL injection paths through Prisma raw queries that our existing SAST scanner (Semgrep) had flagged as MEDIUM because it could not validate reachability from an API handler. Phoenix Green generated fix PRs for both within 90 seconds. The PR descriptions included the graph traversal path (handler -> query builder -> raw SQL execution) and a diff showing the parametrized replacement. I approved one PR as-is and requested a test addition on the other. Twenty minutes from install to a merged fix PR, with zero tickets created. The token cost for the full scan was approximately $2.40 based on the Phoenix cost calculator at ai-scan-cost.phoenix.security.
Section 7 — WHO THIS IS BUILT FOR
The pipeline targets three distinct user profiles. Profile one is the security engineer at a 500-5,000 engineer organization who manages 20-30 scanner integrations and spends Monday through Thursday triaging false positives. Phoenix Purple collapses 112,000 raw findings into roughly 3,000 graph-proven risks and routes them to the correct team automatically. A security engineer at this scale recovers 10-12 hours per week. Profile two is the VP of Engineering or CISO who needs a single number that tells the board whether security is improving. Phoenix Purple and Orange together produce a burn rate metric: findings closed per week versus findings created per week. Bazaarvoice used Phoenix Security's platform to cut critical exposure by 94% (Bazaarvoice case study, Phoenix Security). IAS saved $1.95M and reduced active container vulnerabilities by 78% (Phoenix Security, launch blog). Profile three is the individual developer who writes 30-50 AI-assisted PRs per week and wants security feedback in tools they already use. The Purplephx IDE plugin shows inline annotations in Cursor, VS Code, Claude Code, and Windsurf. MCP server integration means Claude Code and Cursor agents can query the graph without leaving the terminal or composer window. The developer sees a vulnerability annotation before they type the next line.
Section 8 — STEP BY STEP
Step 1: Install the GitHub App for your organization at github.com/apps/phoenix-purple. Select repositories or all repos. No YAML, no CI config, no scanner setup. Step 2: Install the Purplephx IDE plugin from the Cursor extension marketplace, VS Code marketplace, or Windsurf extension panel. For Claude Code, add the security skills from github.com/Security-Phoenix-demo/security-skills-claude-code to your CLAUDE.md file. Step 3: Configure the MCP server in your IDE or agent settings. For Cursor, add the server to .cursor/mcp.json. For Claude Code, run claude mcp add phoenix --url http://localhost:8932 --token YOUR_TOKEN. Step 4: Run your first graph build with phx graph build --path ./src. This parses all supported language files, constructs the call graph, and runs PageRank entry-point scoring. Expect 5-15 minutes for the initial build on a 100,000-file repository. Step 5: Run a DEEP scan with phx scan --mode deep. The Agentic Code Triager executes the Hunt-Judge-Verify pipeline and produces a JSON report of validated findings. View the report in the terminal or open the Phoenix dashboard at dashboard.phoenix.security. Step 6: Configure Phoenix Green remediation. In the dashboard under Workflows > Remediation, set risk-tier actions: SAFE to auto-merge patch PRs, MODERATE to open review PRs, BREAKING to flag for human approval, BLOCKED to exclude from automation. Step 7: Open a test PR. The GitHub App scans it and posts check-run results with inline comments. Step 8: Review a Phoenix Green auto-fix PR. The PR description includes the vulnerability evidence (graph path from entry point to sink), the fix rationale, and the risk tier. Approve, request changes, or close. The workflow is self-sustaining from this point forward.
Section 9 — SETUP GUIDE
Prerequisites: A GitHub organization or personal account, at least one repository with code in a supported language (TypeScript, JavaScript, Python, Go, Kotlin, Java, or Rust), and admin access to install GitHub Apps. Time: 20 minutes to reach the first validated scan result. Step one: Install the Phoenix Purple GitHub App. Navigate to github.com/apps/phoenix-purple, click Configure, select your organization, and grant access to the repositories you want to scan. The app requests Read & Write access to code, pull requests, and checks. Step two: Install the Purplephx IDE plugin. In VS Code, open the Extensions panel, search "Phoenix Purple", and install. In Cursor, open the Extensions tab and search "Purplephx". In Windsurf, install from the Windsurf Marketplace. For Claude Code, add the skills by running claude add skill phoenix. Step three: Configure the MCP server. Download the Phoenix MCP server binary from phoenix.security/downloads/mcp-server. Run phoenix-mcp-server --port 8932 --token YOUR_ADMIN_TOKEN. The server exposes 20+ tools: graph.query, graph.traverse, scan.run, fix.generate, fix.submit, and more. Step four: Set environment variables. Add PHOENIX_API_KEY and PHOENIX_ORG_ID to your shell profile or IDE settings. The API key is generated from the Phoenix dashboard under Settings > API Keys. Step five: Build the graph. Run phx graph build --path ./src from the repository root. The graph persists in .phoenix/graph/ relative to the repository root and is cached across sessions. Step six: Run your first scan. Run phx scan --mode deep --output findings.json. Open findings.json or the Phoenix dashboard to review. Step seven: Configure auto-fix rules. In the dashboard, navigate to Workflows > Remediation and set risk-tier actions per repository or globally. Step eight: Verify the GitHub App by opening a test PR with a known vulnerable pattern (e.g., an intentionally unsanitized SQL query). Confirm that check-run results appear within 30 seconds.
Section 10 — ROI CASE
Consider a mid-stage SaaS company with 200 engineers, 150 repositories, and an average repository size of 120,000 lines. The team uses Cursor and Claude Code for daily development, producing roughly 400 AI-assisted PRs per week. Their current SAST tool (a file-by-file LLM scanner) costs $12,400 per month in model inference alone, based on the Phoenix cost calculator assumptions for 150 repos at 120,000 lines. A senior security engineer spends 18 hours per week triaging the resulting 2,400 weekly findings. At a fully loaded cost of $120 per hour, that is $8,640 per month in engineering time wasted on false positives. The estimated 2 production escapes per quarter carry an average incident response cost of $50,000 each (industry estimate for mid-stage SaaS, 2026). Total annual cost of the current approach: $21,040 per month times 12 = $252,480, plus $100,000 in incident response = $352,480 per year. After switching to Phoenix Purple, the team pays $3.60 per confirmed vulnerability. On 150 repos, the monthly scan cost drops to approximately $540 (150 confirmed vulns per month at $3.60 each). The graph-native approach eliminates the $8,640 in false-positive triage because the Agentic Code Triager handles validation before findings reach a human. The security engineer's 18 hours per week drops to 4 hours per week for reviewing Phoenix Green auto-fix PRs. Engineering time cost: $1,920 per month. Total monthly cost with Phoenix Purple: $2,460. Annual total: $29,520. Savings versus the file-by-file approach: $322,960 per year, or roughly 92% lower total cost. This does not include the value of reduced production escapes (estimated at 0-1 per year with graph-validated scanning) or the reduction in developer friction from inline IDE annotations versus ticket-based workflows.
Section 11 — HONEST LIMITATIONS
Phoenix Purple is not a universal replacement for every security scanner in your stack. The seven-language AST limit (TypeScript, JavaScript, Python, Go, Kotlin, Java, Rust) is the most immediate constraint. C#, Ruby, PHP, Swift, and C++ teams must keep their existing SAST tool and ingest results through Phoenix Orange rather than scanning with Purple's graph engine. Rust support is in private preview as of July 2026, with no public GA date announced. The knowledge graph must be rebuilt when connecting Purple to an existing Orange tenant. Organizations that adopted Phoenix Orange for ASPM prior to the Purple launch must run phx graph rebuild to align the Purple graph schema with the existing Orange instance. This takes 5-15 minutes per 100,000 files and should be scheduled during low-activity hours. The MCP server token expiry of 24 hours is a practical annoyance for teams running persistent agent sessions. A long-running Claude Code session that started on Monday morning will lose MCP access by Tuesday morning unless token refresh logic is implemented or the TTL is extended in the server config file. The Phoenix dashboard does not notify agents of impending expiration. FAST scan mode (OpenGrep rules only, no LLM validation) bypasses the multi-pass agentic verification pipeline entirely. A team that sets FAST as the default mode on production repositories will not get the graph-validated, exploit-proven findings that distinguish Purple from rule-based scanners. FAST is appropriate for documentation repositories and non-production branches only. Finally, the $3.60-per-vuln cost assumes active usage at fleet scale. Teams scanning fewer than 10 repositories may not see the same per-unit savings because the fixed cost of graph construction is amortized over fewer findings.
Section 12 — START IN 10 MINUTES
You can reach a validated scan result in under 10 minutes if you focus on the minimum install path. (1) Install the GitHub App: 3 minutes. (2) Download the MCP server binary and start it: 2 minutes. (3) Set your environment variables and run phx graph build --path ./src on a repository you already have cloned: 3 minutes for a small repo (under 20,000 lines). (4) Run phx scan --mode fast --output results.json: 1 minute. Total: 9 minutes to see your first graph-validated findings. Extend to DEEP mode and connect the IDE plugin when you have the full 20 minutes. The AI Scan Cost Calculator at ai-scan-cost.phoenix.security lets you model your fleet before you install anything.
Section 13 — FAQ
Q1: What languages does Phoenix Purple support at launch? A: TypeScript, JavaScript, Python, Go, Kotlin, Java, and Rust (Rust in private preview as of July 2026). C#, Ruby, PHP, and Swift are not supported in the Purple graph engine. Teams using those languages must ingest results from existing scanners into Phoenix Orange for unified triage.
Q2: Does Phoenix Purple replace my existing SAST scanner? A: Not directly. Phoenix Purple scans AI-generated code inside agent sessions and PR diffs using its graph-native engine. Findings from 30+ third-party scanners (Snyk, Wiz, Qualys, Prisma, Semgrep, etc.) can be ingested into Phoenix Orange for deduplication, prioritization, and attribution alongside Purple findings. Most teams run Purple alongside their existing scanner and use Orange as the unified triage layer.
Q3: Can Phoenix Purple scan code that is not AI-generated? A: Yes. The graph engine scans all code in supported languages regardless of origin. However, Phoenix Purple is specifically designed for the velocity and scale of AI-generated code. Teams scanning purely human-written code at traditional sprint cadences may find Phoenix Orange ASPM (which adds runtime context, ownership attribution, and backlog burn workflows) more cost-effective for their use case.
Q4: How does Phoenix Purple handle secrets and API keys in code? A: The DEEP scan mode includes secret detection via OpenGrep rules. Detected secrets follow the same graph-validated pipeline: the Agentic Code Triager verifies whether the secret is reachable from an entry point, and Phoenix Green generates a fix PR that rotates the secret and updates references. Secrets scanning does not use LLM inference, so there is no token cost for secret findings.
Q5: Is Phoenix Purple SOC 2 or ISO 27001 certified? A: Phoenix Security maintains SOC 2 Type II certification for the Phoenix Orange ASPM platform. The Phoenix Purple infrastructure shares the same SOC 2 scope as of the July 2026 launch. ISO 27001 certification is in progress with an estimated Q4 2026 completion. The knowledge graph is stored encrypted at rest within the tenant boundary and is not shared across customers.
Section 14 — RELATED READING
- Closing the Security Loop with AI Coding Agents — DailyAIWorld guide to integrating security scanning into Cursor and Claude Code agentic workflows. https://dailyaiworld.com/guides/ai-agent-security-loop-2026
- Phoenix Orange ASPM: From Code to Cloud Vulnerability Management — DailyAIWorld workflow record covering the prioritization, attribution, and backlog burn capabilities of the Phoenix Orange platform. https://dailyaiworld.com/workflows/phoenix-orange-aspm-code-to-cloud-2026
- AI Agent Supply Chain Attacks: What Security Teams Need to Know in 2026 — DailyAIWorld analysis of supply chain threats targeting AI coding agents, including dependency confusion, typo-squatting, and model poisoning vectors. https://dailyaiworld.com/research/ai-agent-supply-chain-2026
BLOGS DATA END
SCHEMA DATA START
{ "@context": "https://schema.org", "@graph": [ { "@type": "WebPage", "@id": "https://dailyaiworld.com/workflows/phoenix-purple-ai-agent-security-2026", "url": "https://dailyaiworld.com/workflows/phoenix-purple-ai-agent-security-2026", "name": "Phoenix Purple AI Agent Security Scanning Pipeline", "description": "Phoenix Purple AI agent security scanning pipeline: graph-native SAST cuts token cost 10-33x. $3.60 per vuln vs $64.30. Install in 20 minutes from Cursor, VS Code, Claude Code, or Windsurf.", "inLanguage": "en-US", "datePublished": "2026-07-08", "dateModified": "2026-07-08", "author": { "@id": "https://dailyaiworld.com/authors/deepak-bagada" }, "publisher": { "@id": "https://dailyaiworld.com/#organization" }, "primaryImageOfPage": { "@id": "https://dailyaiworld.com/authors/deepak-bagada.jpg" } }, { "@type": "Article", "@id": "https://dailyaiworld.com/workflows/phoenix-purple-ai-agent-security-2026#article", "headline": "Phoenix Purple AI Agent Security: Complete Guide to Agentic SDLC Security 2026", "description": "Phoenix Purple AI agent security scanning pipeline: graph-native SAST cuts token cost 10-33x. $3.60 per vuln vs $64.30. Install in 20 minutes from Cursor, VS Code, Claude Code, or Windsurf.", "keywords": "Phoenix Purple, AI agent security, graph-native SAST, AI code scanning, ASPM, agentic SDLC, Phoenix Security, Purplephx, MCP server security", "wordCount": 2300, "inLanguage": "en-US", "datePublished": "2026-07-08", "dateModified": "2026-07-08", "author": { "@id": "https://dailyaiworld.com/authors/deepak-bagada" }, "publisher": { "@id": "https://dailyaiworld.com/#organization" }, "mainEntityOfPage": { "@id": "https://dailyaiworld.com/workflows/phoenix-purple-ai-agent-security-2026" } }, { "@type": "Person", "@id": "https://dailyaiworld.com/authors/deepak-bagada", "name": "Deepak Bagada", "givenName": "Deepak", "familyName": "Bagada", "jobTitle": "CEO at SaaSNext", "url": "https://github.com/deepakbagada", "image": "https://dailyaiworld.com/authors/deepak-bagada.jpg" }, { "@type": "Organization", "@id": "https://dailyaiworld.com/#organization", "name": "DailyAIWorld", "url": "https://dailyaiworld.com", "sameAs": [ "https://twitter.com/dailyaiworld", "https://linkedin.com/company/dailyaiworld" ] }, { "@type": "FAQPage", "@id": "https://dailyaiworld.com/workflows/phoenix-purple-ai-agent-security-2026#faq", "mainEntity": [ { "@type": "Question", "name": "What languages does Phoenix Purple support at launch?", "acceptedAnswer": { "@type": "Answer", "text": "TypeScript, JavaScript, Python, Go, Kotlin, Java, and Rust (Rust in private preview as of July 2026). C#, Ruby, PHP, and Swift are not supported in the Purple graph engine." } }, { "@type": "Question", "name": "Does Phoenix Purple replace my existing SAST scanner?", "acceptedAnswer": { "@type": "Answer", "text": "Not directly. Phoenix Purple scans AI-generated code inside agent sessions and PR diffs using its graph-native engine. Findings from 30+ third-party scanners can be ingested into Phoenix Orange for unified triage." } }, { "@type": "Question", "name": "Can Phoenix Purple scan code that is not AI-generated?", "acceptedAnswer": { "@type": "Answer", "text": "Yes. The graph engine scans all code in supported languages regardless of origin. However, Phoenix Purple is optimized for the velocity and scale of AI-generated code." } }, { "@type": "Question", "name": "How does Phoenix Purple handle secrets and API keys in code?", "acceptedAnswer": { "@type": "Answer", "text": "DEEP scan mode includes secret detection via OpenGrep rules. Detected secrets follow the same graph-validated pipeline with no token cost for secret findings." } }, { "@type": "Question", "name": "Is Phoenix Purple SOC 2 or ISO 27001 certified?", "acceptedAnswer": { "@type": "Answer", "text": "Phoenix Security maintains SOC 2 Type II certification for the Phoenix Orange ASPM platform. Purple shares the same SOC 2 scope. ISO 27001 certification is in progress with estimated Q4 2026 completion." } } ] }, { "@type": "HowTo", "@id": "https://dailyaiworld.com/workflows/phoenix-purple-ai-agent-security-2026#howto", "name": "Phoenix Purple AI Agent Security Scanning Pipeline", "description": "Set up graph-native AI agent security scanning with Phoenix Purple in 20 minutes.", "totalTime": "PT20M", "estimatedCost": { "@type": "MonetaryAmount", "currency": "USD", "value": "3.60" }, "step": [ { "@type": "HowToStep", "position": 1, "name": "Install GitHub App", "text": "Install the Phoenix Purple GitHub App for your organization. No CI YAML or scanner configuration required.", "url": "https://github.com/apps/phoenix-purple" }, { "@type": "HowToStep", "position": 2, "name": "Install IDE plugin", "text": "Install Purplephx plugin from Cursor, VS Code, or Windsurf marketplace. For Claude Code, add security skills from the Phoenix GitHub repository." }, { "@type": "HowToStep", "position": 3, "name": "Configure MCP server", "text": "Download and start the Phoenix MCP server binary. Configure in .cursor/mcp.json or Claude Code settings." }, { "@type": "HowToStep", "position": 4, "name": "Build knowledge graph", "text": "Run phx graph build --path ./src to construct the call graph, taint traces, and entry-point scoring." }, { "@type": "HowToStep", "position": 5, "name": "Run first scan", "text": "Run phx scan --mode deep to execute the multi-pass Agentic Code Triager and produce validated findings." }, { "@type": "HowToStep", "position": 6, "name": "Configure auto-fix", "text": "Set risk-tier remediation rules in Phoenix dashboard under Workflows > Remediation." } ], "tool": [ { "@type": "HowToTool", "name": "Phoenix Purple" }, { "@type": "HowToTool", "name": "Phoenix Orange" }, { "@type": "HowToTool", "name": "Phoenix Green" }, { "@type": "HowToTool", "name": "Purplephx IDE plugin" }, { "@type": "HowToTool", "name": "MCP server" } ], "supply": [ { "@type": "HowToSupply", "name": "GitHub organization with repository access" }, { "@type": "HowToSupply", "name": "Codebase in TypeScript, JavaScript, Python, Go, Kotlin, Java, or Rust" } ] }, { "@type": "TechArticle", "@id": "https://dailyaiworld.com/workflows/phoenix-purple-ai-agent-security-2026#tech", "proficiencyLevel": "Intermediate", "dependencies": "GitHub account, codebase in supported language, Phoenix Purple API key", "prerequisites": "GitHub organization admin access, repository with supported language code", "about": { "@id": "https://dailyaiworld.com/workflows/phoenix-purple-ai-agent-security-2026#article" } }, { "@type": "Product", "@id": "https://phoenix.security/phoenix-purple-ai-sast-sca-ai-generated-code", "name": "Phoenix Purple", "description": "Graph-native AI SAST + SCA for AI-generated code. Cuts scanning token cost by 10-33x and delivers fixes as pull requests.", "brand": { "@type": "Brand", "name": "Phoenix Security" }, "offers": { "@type": "Offer", "priceCurrency": "USD", "price": "3.60", "priceValidUntil": "2027-07-08" }, "applicationCategory": "SecurityApplication", "operatingSystem": "macOS, Linux, Windows", "releaseDate": "2026-07-07" } ] }
SCHEMA DATA END
PUBLISHED BY
SaaSNext CEO