top of page

Outpost24 Raises the Bar for Adaptive Application Security with Next-Gen CyberFlex

  • Writer: Kelsie Papenhausen
    Kelsie Papenhausen
  • 6 minutes ago
  • 3 min read

Enhanced platform brings continuous attack surface visibility, expert-led testing, flexible budget control and improved reporting into one risk-led AppSec program


STOCKHOLM, Sweden, 6 July 2026 - Outpost24, a leading provider of cyber risk management solutions, today announced the next generation of CyberFlex, its flexible, advisory-led application security program designed to help organizations keep pace with dynamic digital environments. The launch comes as AI accelerates both digital innovation and attacker activity, increasing the need for application security approaches built for continuous risk management.


Most application security programs are still planned around annual cycles, even as the environments they protect change daily. New digital services, cloud migrations, AI initiatives, acquisitions and third-party integrations can introduce new assets and exposures long after testing scopes and budgets have been agreed. As a result, security teams are often left working from plans that no longer reflect their real-world risk.


CyberFlex helps organizations move from fixed-scope, point-in-time testing to a more continuous, adaptive and risk-driven approach. By combining external attack surface visibility, expert-led penetration testing, advisory support and flexible budget allocation, the program enables security teams to identify exposures, validate impact, prioritize remediation and shift investment as priorities evolve, all within a single program and contract.


"Security teams are being asked to defend dynamic environments, while many AppSec programs are still planned around fixed scopes and annual cycles," said Omri Kletter, Chief Product Officer at Outpost24. "CyberFlex is designed to close that gap and set a new standard for modern application security. It gives organizations the visibility to understand what has changed, the expert validation to understand what matters, and the flexibility to shift investment as risk evolves."


The next generation of CyberFlex introduces a more unified and adaptive way to manage application security across fast-changing environments. A unified platform and workflow connect discovery, automated scanning, risk prioritization, expert-led testing and validation in one place. Continuous attack surface visibility and AI-driven risk insights span known, unknown and shadow IT assets, helping teams understand how their external exposure expands over time.


Flexible budget visibility and allocation give organizations better control over how investment is used across testing, validation and advisory services. Structured tiers align to different levels of maturity, scope and operational need, and improved reporting and dashboards help teams demonstrate risk reduction, remediation progress and program value to executives, boards and auditors.


For existing CyberFlex customers, the new release builds on a proven program model for more continuous, risk-led application security. RS Group is among the customers planning to adopt the latest CyberFlex capabilities.


"CyberFlex has made it much easier to connect testing activity to real business risk," said Rebecca Wensley, Head of Security Operations, RS Group. "We get clearer visibility into our attack surface, expert validation where it matters most, and a more practical way to prioritize remediation and demonstrate measurable security progress to stakeholders."


CyberFlex is now available in structured tiers, allowing organizations to select the level of expert guidance, testing and advisory support that suits their needs today, and adapt over time as their program matures. Its flexible budget model allows investment to be reallocated across testing, validation and advisory services as risk priorities shift, without renegotiating the overall contract each time. Testing and advisory services are delivered by EU-based, CREST-certified penetration testers.


ABOUT OUTPOST24

Outpost24 is a leading global provider of cybersecurity solutions, encompassing two specialized divisions to deliver comprehensive exposure and access management. The company helps thousands of organizations worldwide proactively identify, manage, and reduce cyber risk across their entire digital and human attack surface. This is achieved through the combined expertise of Outpost24, the Attack Surface Management division focused on holistic Exposure Management, and Specops, the Identity and Access Management provider specializing in world-class Identity and Password Security and Zero Trust solutions. Founded in 2001 and headquartered in Sweden, Outpost24 operates globally with 14 offices worldwide, including in the US, UK, France, Belgium, Spain, and Israel. Learn more about Outpost24 at outpost24.com.

 
 
bottom of page