Aikido Security
Aikido SecurityExternal reviews
139 reviews
from
External reviews are not included in the AWS star rating for the product.
Game changing tool for shift left security mindset
What do you like best about the product?
First off, I rarely write reviews, but Aikido absolutely deserves praise.
This tool has been really reliable for MoveInSync's code security pipeline. It's clear that a lot of thought, effort, and love has gone into creating a product that genuinely finds reliable security findings with clear instruction on fixing the issues making shift left mindset seemless.
What I love most about Aikido is its simplicity and false positive filter capability, where you don’t have to jump through hoops of irrelevant findings.
It seamlessly integrates into our DevSecOps pipeline.
The UI is intuitive, the performance is lightning-fast, and the slack support team? Absolutely top-notch.
They’re quick to respond, actively listen to feedback, and are constantly releasing thoughtful improvements.
Having All-in-one: SAST, SCA, Secret Scanning, DAST (still in early stage), CSPM, and api asset monitoring tool in a single tool is really helpful and now I can’t imagine working without it.
This is exactly the kind of innovative tool that reminds me why I love tech in the first place.
Highly recommend.
This tool has been really reliable for MoveInSync's code security pipeline. It's clear that a lot of thought, effort, and love has gone into creating a product that genuinely finds reliable security findings with clear instruction on fixing the issues making shift left mindset seemless.
What I love most about Aikido is its simplicity and false positive filter capability, where you don’t have to jump through hoops of irrelevant findings.
It seamlessly integrates into our DevSecOps pipeline.
The UI is intuitive, the performance is lightning-fast, and the slack support team? Absolutely top-notch.
They’re quick to respond, actively listen to feedback, and are constantly releasing thoughtful improvements.
Having All-in-one: SAST, SCA, Secret Scanning, DAST (still in early stage), CSPM, and api asset monitoring tool in a single tool is really helpful and now I can’t imagine working without it.
This is exactly the kind of innovative tool that reminds me why I love tech in the first place.
Highly recommend.
What do you dislike about the product?
Aikido does provide a local CLI scanner, which we prefer for our DevSecOps workflow, but the experience has been awkward for branch-based development.
We have to run scans locally and manually set the branch each time. In our usage, the CLI treated each branch scan as a separate “repo,” which quickly eats into the repo quota on our plan (e.g., 200 repos), whereas the cloud-connected scanner lets us switch branches on the same repository and re-run without consuming additional repo slots .
For teams with lots of short‑lived branches, that repo-counting behavior makes the local option a little hard to adopt.
Also the PR annotations are cloud-only. Inline PR comments/checks work via the cloud-integrated service (e.g., GitHub/GitLab/Bitbucket).
Local CLI scans do not post PR annotations.
We have to run scans locally and manually set the branch each time. In our usage, the CLI treated each branch scan as a separate “repo,” which quickly eats into the repo quota on our plan (e.g., 200 repos), whereas the cloud-connected scanner lets us switch branches on the same repository and re-run without consuming additional repo slots .
For teams with lots of short‑lived branches, that repo-counting behavior makes the local option a little hard to adopt.
Also the PR annotations are cloud-only. Inline PR comments/checks work via the cloud-integrated service (e.g., GitHub/GitLab/Bitbucket).
Local CLI scans do not post PR annotations.
What problems is the product solving and how is that benefiting you?
Aikido has been really reliable for MoveInSync's code security pipeline.
Having All-in-one: SAST, SCA, Secret Scanning, DAST (still in early stage), CSPM, and api asset monitoring tool in a single tool is really helpful and now I can’t imagine working without it.
Having All-in-one: SAST, SCA, Secret Scanning, DAST (still in early stage), CSPM, and api asset monitoring tool in a single tool is really helpful and now I can’t imagine working without it.
An all-round vulnerability management system that is affordable for small to mid-sized businesses
What do you like best about the product?
In the 9 months we have been using Aikido, we have been very impressed with the offering. They have a significant number of tools available (SAST, SCA, attack surface scanning, etc.) and they are adding something new every month or two that makes me go "ooh, that's nice". The user interface is a bit of a learning curve, but ultimately it is servicable.
The scans themselves are fast and don't impact the performance of our systems in any noticeable way. They run automatically once a day and update the list of known issues. It doesn't do anything that any of the big competitors (Tenable, Qualys, etc.) don't, but a big difference is the pricing. It is a fraction of the price those other products ask, and the limits on the paid plans are very reasonable (we've only had to upgrade a limit once, and that costed a few euro's a month extra).
The products doesn't allow as much customizability as for instance Tenable allows, but as a tradeoff, setting up was extremely easy; configure your integrations (Gitlab, Github, AWS, etc.) with standards tokens, wait a few minutes and everything begins populating with your projects.
We've had to reach out to product support a few times, and every time they were very quick, friendly and helpful.
The scans themselves are fast and don't impact the performance of our systems in any noticeable way. They run automatically once a day and update the list of known issues. It doesn't do anything that any of the big competitors (Tenable, Qualys, etc.) don't, but a big difference is the pricing. It is a fraction of the price those other products ask, and the limits on the paid plans are very reasonable (we've only had to upgrade a limit once, and that costed a few euro's a month extra).
The products doesn't allow as much customizability as for instance Tenable allows, but as a tradeoff, setting up was extremely easy; configure your integrations (Gitlab, Github, AWS, etc.) with standards tokens, wait a few minutes and everything begins populating with your projects.
We've had to reach out to product support a few times, and every time they were very quick, friendly and helpful.
What do you dislike about the product?
There aren't any major issues with Aikido, but there a few things that I feel Aikido could do different, namely:
- The UI and scans themselves aren't very configurable. Don't expect a system that allows you to tweak every minor details of every minor scan
- The findings are divided into a number of categories (VMs, Code, Cloud Scanner). You cannot group items together to get one easy overview. For instance, if you want to group the code of a specific repository, the sBOM of the built code and the scan of the VM the code is running on, you can't. You have to navigate back and forth to match findings from different categories.
- The UI could use a bit of care to improve UX. For instance, we had issues where we couldn't delete an old asset that we used for testing purposes.
- The UI and scans themselves aren't very configurable. Don't expect a system that allows you to tweak every minor details of every minor scan
- The findings are divided into a number of categories (VMs, Code, Cloud Scanner). You cannot group items together to get one easy overview. For instance, if you want to group the code of a specific repository, the sBOM of the built code and the scan of the VM the code is running on, you can't. You have to navigate back and forth to match findings from different categories.
- The UI could use a bit of care to improve UX. For instance, we had issues where we couldn't delete an old asset that we used for testing purposes.
What problems is the product solving and how is that benefiting you?
We use Aikido as our first line of vulnerability detection. It's various scans cover the broad strokes of what we want to do to detect any security issues, all from the same dashboard.
So now Aikido scans all our source code, any built artefacts, container images, software packages once every day. We use it to get a clean dashboard of all our (potential) security issues and can prioritize which issue should be resolved first. We also allow our developers access to the findings, so they can give feedback on items they feel were scored too high, or too low so the communication regarding these issues is also improved. Furthermore, it is a great motivator to see that from one release to the next, the number of relevant security issues went down, so it has helped us motivate the developers to fix these issues.
So now Aikido scans all our source code, any built artefacts, container images, software packages once every day. We use it to get a clean dashboard of all our (potential) security issues and can prioritize which issue should be resolved first. We also allow our developers access to the findings, so they can give feedback on items they feel were scored too high, or too low so the communication regarding these issues is also improved. Furthermore, it is a great motivator to see that from one release to the next, the number of relevant security issues went down, so it has helped us motivate the developers to fix these issues.
Security Posture Review: Aikido Security Platform
What do you like best about the product?
Aikido consolidates multiple scanners into one platform, including SAST (source code), SCA (dependencies), Container Scanning, and IaC (Infrastructure as Code) scanning. This accurately reflects its "all-in-one" approach. Its ease of use and integration is top notch. Customer support is exceptional in case you need help.
What do you dislike about the product?
Aikido lacks ability to build and enforce complex, multi-layered security policies across the entire orginzation.
What problems is the product solving and how is that benefiting you?
It solves the security in development lifecycle. By automatically triaging alerts and showing only the "reachable" vulnerabilities that matter and eliminates noise. Integrates directly into their existing tools like GitHub/GitLab. Empower team to context they need to fix security issues themselves, quickly and confidently, without needing to wait for a security expert.
Amazing Product
What do you like best about the product?
The fact that it is an all in one security platform which combines SAST, SCA, etc and removes the fact that multiple vendors are needed is amazing.
What do you dislike about the product?
It has a limited cloud provider support but it has been progressing positively and i think it won't be an issue in the near future.
What problems is the product solving and how is that benefiting you?
having to deal with multiple security platforms while aikido is helping me deal with all the needed tools in one place
It is easy to use
What do you like best about the product?
The easy way to use and the report that make easy the fix the problem that were discovered.
What do you dislike about the product?
at the moment there is nothing that I dislike
What problems is the product solving and how is that benefiting you?
code error
Very good and easy to use
What do you like best about the product?
It's very easy to use, the interface is clear, the problems are easy to spot and the explanations are good.
What do you dislike about the product?
They should have a more granular pricing: going from a free tier to paying 299 €/month is a very big step.
What problems is the product solving and how is that benefiting you?
Aikido is spotting a lot of security problems in our source code, so that we can fix it in a timely manner.
User friendly
What do you like best about the product?
Save you time and super easy to scan the code. May requires some effort to test API
What do you dislike about the product?
Not cheap so only few people can afford it
What problems is the product solving and how is that benefiting you?
Allow us to define weakness in our code which gave us the chance to plan our security controls
Great insight to security and vulnerability
What do you like best about the product?
I like the reports I did not know much about security but with the reports it was so great that you know that much data about your product.
The second thing is the email alerts when you being warned that this new vernability have been patched or fixed and this is how much remaining this is give you a little push to continue improving your code.
The second thing is the email alerts when you being warned that this new vernability have been patched or fixed and this is how much remaining this is give you a little push to continue improving your code.
What do you dislike about the product?
It does not provide or help when it's coming regarding two things the first one is does not provide a report about PDPL Personal Data Protection Law.
The second thing is compliance for a small company that's only make so little money we don't know we cannot afford the compliance we want to show our client that we care for them and if this product to get help us in the future to do that with a small subscription that will be great.
The second thing is compliance for a small company that's only make so little money we don't know we cannot afford the compliance we want to show our client that we care for them and if this product to get help us in the future to do that with a small subscription that will be great.
What problems is the product solving and how is that benefiting you?
There is sometimes a lot of fuzz about packages some code I'm with a lot of requests from the customers you have to build some features and when you use those packages or use other people's code you find out that there is a lot of vulnerabilities but if you don't have the tool to to scan it you're not catch it this is where Aikido can do come in.
Ease of use
What do you like best about the product?
The technical support is excellent, they attend with professionalism.
What do you dislike about the product?
The issues table should show the age of detection even though it can be seen in the activity tab.
What problems is the product solving and how is that benefiting you?
Aikido offers visibility into the security of applications and the platform.
Does what it needs to do
What do you like best about the product?
We’ve been using it for almost half a year now. It works exactly as we expected. We’ve needed support twice, and both times we received a quick and helpful response. Integration with our GitHub organization was very easy.
What do you dislike about the product?
The pricing is quite high for a startup, which is the main reason we’re using the free tier — and for now, it’s enough for us.
What problems is the product solving and how is that benefiting you?
It is easier to manage everything security related
showing 31 - 40