Integrated security checks have streamlined our pipelines and have reduced manual review effort
What is our primary use case?
I have been using Aikido Security for a little over a year now, mainly as a part of our DevSecOps pipeline. It fits in smoothly with our existing Git workflow, which made adoption easier for the team. What stood out early on was how quickly it started surfacing real vulnerabilities without overwhelming us with noise. Over time, it has become a core part of how we approach secure development.
Our main use case for Aikido Security is continuous code and dependency scanning across multiple repos. We rely on it to catch vulnerabilities early in the development lifecycle, especially in open-source dependencies. It also helps us maintain compliance standards without needing a separate security team for every project. Essentially, it acts as a guardrail during development. A specific example that stands out is when Aikido Security flagged a vulnerable version of a logging library we were using in our microservices. It highlighted a known CVE with a clear severity rating and even suggested a safer version upgrade. We were able to patch that within a few hours, avoiding what could have been a serious exploitation path. Before this, similar issues would sometimes slip through tests.
When Aikido Security flagged that vulnerability, the alert came directly into our pull request, so the developer who introduced the dependency saw it immediately. Instead of escalating it to a separate security review, the developer patched it on the spot using the suggested version upgrade. We verified the fix in the same pipeline run and merged it within a few hours. It was a much faster turnaround compared to our old process, which would take a couple of days.
Beyond basic scanning, we also use Aikido Security for container security and infrastructure as code checks. It integrates nicely with CI/CD pipelines, so every pull request gets scanned automatically. We have also customized some rules to align with our internal policies. It has been quite flexible in adapting to our workflow.
What is most valuable?
The best feature in my opinion is its low false-positive rate compared to other tools we have used. Aikido Security gives actionable insights rather than flooding us with alerts. The unified dashboard is another highlight. It consolidates code, dependency, and container vulnerability in one place. That saves a lot of context-switching time.
The dashboard in Aikido Security is something our team interacts with pretty much every day. It gives us a single view of vulnerabilities across code dependencies, containers, and even infrastructure as code, so we are not jumping between multiple tools anymore. For example, during our daily stand-ups, we quickly review any new high-severity issues and assign them right away, which keeps things moving. It also helps that the issues are prioritized well, so we are not wasting time chasing low-impact alerts.
What I appreciate is the automatic fix suggestion. It does not just point out an issue; it often suggests exact version upgrades or patches. The GitHub integration is also very smooth, making it easy to track and resolve issues within PRs. That level of automation really boosts productivity.
What needs improvement?
Deeper customization in reporting would improve it a little bit. While the default reports are good, more flexibility in tailoring them for different stakeholders would help. Also, support for more niche programming languages would be useful. It is not a deal-breaker, but something to improve.
Monitoring and logging could be enhanced with more granular insight. For example, having better historical trend analysis of vulnerabilities would be valuable. Right now, it is good, but not very deep. More integration with observability tools would also help.
What do I think about the stability of the solution?
Stability has been solid so far. We have not experienced any major downtime or disruption. Scans run consistently as part of our pipeline. That reliability is important for us.
What do I think about the scalability of the solution?
Scalability is another strong point. As our number of repos grew, Aikido Security handled the increase without any noticeable performance drop. It scales well with the team size and project complexity. That has been reassuring.
How are customer service and support?
Customer support has been responsive and helpful. We have reached out a few times for integration questions, and they usually respond within a day. The guidance has been practical, not just generic feedback. That has made a huge difference.
Which solution did I use previously and why did I switch?
Before Aikido Security, we were using a combination of open-source tools and manual checks. The setup was fragmented and often missed critical issues. We switched because we needed a more unified and reliable solution. Aikido Security filled that gap very well.
How was the initial setup?
Pricing was straightforward and relatively transparent. Setup took less than a day for our core repo. Compared to other tools, the onboarding experience was quite smooth. It did not require heavy configuration upfront.
What was our ROI?
In terms of ROI, we have seen clear gains. We saved roughly 25% in time spent on manual security reviews. Incident response costs dropped as well, probably by around 15% to 20%. Overall, it has been a worthwhile investment.
Which other solutions did I evaluate?
We evaluated tools like Dependabot during our selection process. While they were strong in certain areas, Aikido Security offered a more comprehensive and less noisy experience. That all-in-one approach was a key deciding factor. It felt more streamlined.
What other advice do I have?
Aikido Security is reliable, easy to use, and genuinely improves security workflow. The few gaps in customization and advanced reporting keep it from being a full 10. But overall, it is a strong product. I give this product a rating of 8 out of 10.
Integrate Aikido Security early in your development lifecycle. Do not treat it as an afterthought once your lifecycle is complete. Also, spend some time tuning the alerts to match your workflow. That helps get the most value out of it.
Overall, I think Aikido Security is a solid choice for teams looking to improve their security posture without adding complexity. It strikes a good balance between automation and usability. While there is room for improvement, it delivers strong value. I would definitely recommend it.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Fast, Easy Security Scanning Across Repos and IDEs with Great Aikido Support
What do you like best about the product?
Good gives security vulnearabilities latest from all code repos and platfroms java python and checks with latest maven centrals,
UI is good and easy go thorugh
easy to integrate wth multiple IDES
its quick and scan fast
have good support from aikido team via slack channels etc
have AI intelligent scaninng support and reports vulerablities and susgegstions
What do you dislike about the product?
not much everything going good but some times scans take older vulernaribilities and EOL issues can be ignored
What problems is the product solving and how is that benefiting you?
Code scannings and repositories with zero ulneraibiities and identifying critical high meidum low etc and able to give proper suggestions for vulnrabity fiexes
Highly Effective with Minor Tweaks Needed
What do you like best about the product?
I like having all the issues in a single dashboard that a non-developer can manage for the development team, acting as an additional pair of eyes. It's very easy to run the initial integration with GitHub to pull and parse the repos. Aikido Security allows developers and non-developers to index our multiple repositories, pulling together a list of human-readable actions that are easily followed.
What do you dislike about the product?
I would like to see improvements around dependency mapping and the autofix function, which has the potential to be incredibly useful.
What problems is the product solving and how is that benefiting you?
I use Aikido Security to scan multiple repositories for security issues. It provides a dashboard for managing these issues easily, even for non-developers, acting as an additional pair of eyes for the development team.
Effortless Security with Exceptional Usability
What do you like best about the product?
I like that Aikido Security is very easy to use, with straightforward information and nice reports. It's great to have an easy-to-use interface and the data I need right at my fingertips. This addition to the software is something I really look forward to using.
What do you dislike about the product?
none
What problems is the product solving and how is that benefiting you?
Aikido Security keeps our software secure for our customers, providing vulnerability scanners and securing client data files. It ensures our systems are always up to date to protect data and offers straightforward information with nice reports.
Effective Vulnerability Detection, Needs Enhanced Support
What do you like best about the product?
I like that Aikido Security gives a nice overview and quick fixes through automated reviews. It runs weekly scans that highlight what we need to change in a clear overview, which is really helpful. The app provides quick ways to solve vulnerabilities, making it valuable for reviewing our codebase and app security.
What do you dislike about the product?
I would like to see improvements in a few areas: The code review in Cursor is good, but it doesn't always manage to solve simple vulnerabilities like SQL injection. Better info in the issue description for Cursor could help. The price of pentesting is very high and makes it difficult to sell to clients as real pentesting; the price should be lower in my opinion. Additionally, support could be improved for more complicated issues, like providing step-by-step instructions for removing old secrets in a repo.
What problems is the product solving and how is that benefiting you?
I use Aikido Security to identify vulnerabilities, with a nice overview and quick fixes. Automated reviews highlight needed changes weekly, providing clear solutions for vulnerabilities.
Quick and Reliable to Secure Open Source Projects
What do you like best about the product?
I love the speed and efficiency of Aikido Security in delivering results, with rarely any false positives, which makes it very reliable. Additionally, the initial setup was very quick and simple, you just had to create an account.
What do you dislike about the product?
everything is excellent
What problems is the product solving and how is that benefiting you?
I use Aikido Security to secure my open-source projects. It solves many hidden security issues that I don't easily detect, like SSRG and CORS. I appreciate the speed, efficiency, and reliability of the results, with few false positives.
Proven battle tool in the appsec landscape
What do you like best about the product?
Developer oriented approach, great for small teams.
What do you dislike about the product?
Problematic use with large enterprises, private repository storage and fragmented dev/sec/ops teams.
What problems is the product solving and how is that benefiting you?
Prioritization of security fixes across small teams.
Intuitive Security Testing
What do you like best about the product?
I like that Aikido Security provides actions and tasks that are specific, actionable, and clear to understand. It's easy to integrate into existing workflow tooling, and the initial setup was very easy.
What do you dislike about the product?
Pricing is high for a startup/small company to leverage some of the better features
What problems is the product solving and how is that benefiting you?
I use Aikido Security for code analysis, managing dependency risks, and ensuring implementation of security best practices.
AI-Powered Insights That Save Time—Even the Free Version Delivers
What do you like best about the product?
It gives a lot of insights into issues and the AI takes care of an initial review saving a lot of time while providing evidence and in a lot of cases a fix.
Even the free version provides a lot of functionality while developing the app
What do you dislike about the product?
I've not been able to connect to a GitHub org account, but haven't reached out yet on that
What problems is the product solving and how is that benefiting you?
We don't have to guess if there are security issues, we can see it very quickly and plan accordingly depending on severity.
Intuitive UI with Generous Free Plan
What do you like best about the product?
I find Aikido Security to have a very intuitive UI with good context around the issues, making navigation and prioritization easy. The generous free plan is helpful for getting a feel of the product before committing to a purchase. I also appreciate its neat UI/UX design. Additionally, assessing vulnerabilities in dependencies is a modern feature I value highly. The initial setup was easy for my team.
What do you dislike about the product?
I think maybe the free plan doesn't show all the issues. It blurs out some of the lower tail issues, which could be improved.
What problems is the product solving and how is that benefiting you?
I use Aikido Security for scanning dependencies and assessing vulnerabilities. It has an intuitive UI, good context around issues, and makes navigation and prioritization easy.
