Aikido Security

Pros: Aikido was clearly designed by people who understand what developers actually need. It strikes the right balance between being feature-rich and genuinely intuitive. Setting up integrations is straightforward, and they work exactly as expected. The platform excels at prioritizing vulnerabilities, breaking down root causes, and providing actionable remediation guidance. The CI/CD gatekeeping has been a game-changer for catching issues before they hit production, and the autofix feature has made tackling our backlog far less daunting. When we were preparing for ISO 27001, we were staring down a mountain of work; without Aikido's auto-ignore, I'm sure we'd still be drowning in false positives...

Cons: Honestly haven't found any real downsides so far..

Overall: Highly recommend. We've genuinely enjoyed using Aikido, which isn't something we typically say about security tools. The platform keeps improving, and compared to alternatives we've evaluated, it's refreshingly straightforward.

Pros: Fantastic support and onboarding process - can speak to someone quickly
Very easy to set-up
Very easy to use and integrate into existing dev cycle
and benefits seen in minutes

Cons: Nothing so far. Ideally would like to see more bands in pricing as the team grows

Overall: Very useful application to improve security and compliance, including ISO27001 and others. Good value for money with high engagement from the whole engineering team

Pros: Instant insights into vulnerabilities
CI/CD ensures vulnerabilities get noticed before merging to production
Autofix is very accurate and saves time
Being able to manage SLA’s
Vanta integration for compliance is easy of mind

Cons: I wish Aikido would solve security issues before I review them. But I’m sure they will cover this in future updates

Overall: Aikido is a no-brainer for any company running business critical software

It keeps you and your business safe, enables developers to be aware of security concerns and is often turned into a learning opportunity

Pros: Aikido is a security tool for engineers, built by engineers. It's comprehensive but simple to use. The integrations are easy to set up and are very effective. Aikido does a great job categorizing the severity of issues, explaining the cause of the issue, and how to fix it. The CICD gates are incredibly helpful and effective at preventing new issues from being introduced, while the autofix tool has been useful for cleaning up existing issues.

Cons: The autofix tool is great, but it doesn't update the changelog or the app version so it does require someone to follow up with an additional commit, but it's still incredibly helpful!

Overall: Aikido's platform is fantastic and continues to get better every day. Usually, working with security tools is a painful experience but we have been happy with everything so far and found it much easier to use than other tools we've tried in the past. On the rare occasion that we run into issues, they have been quick to help troubleshoot and even push out updates and fixes. Thank you!

Pros: Really easy integration, nice and clean UI, developer-friendly, low false positives, strong GitHub support.

Cons: None so far, still evaluating and testing other functionalities.

Overall: Aikido is a lightweight, effective security tool that prioritizes real risks and fits perfectly into modern dev workflows.

Pros: The ease of use.
The filtered overview that makes you focus on the issues that matter.
Integration with Github Actions.
The all-in-one aspect of it (Aikido offers a lot of different features).
Autofix functionality (automatically creating PRs containing security fixes).
Insights into actual security issues within the platform (background information on CVE, best practices, or actual misconfiguration).

Cons: There were not many things, but from the overview pages (like the overview of containers or the home feed), it was sometimes hard to tell what was scanned in terms of branches, container versions, etc. (at least in the beginning). This, however, was just a matter of diving into the actual scan result, and you could easily see what was exactly scanned (which branch, container version). You'll quickly learn that default branches and most recent container tags are often the scanned objects.

Overall: Once upon a time, in a Galaxy far, far away (Belgium), a company decided that security should be much easier for every company available. Where there was a struggle of different open-source tools to achieve different security goals, Aikido decided to unify them all into what can only be described as an easy-to-use and all-in-one security platform.

All kidding aside, our overall experience with Aikido has been great. Where we used to have open-source tools being managed by ourselves and kind of put together using all kinds of different tools (mostly CI/CD pipelines) or even spent time to manual generate reports, we now have an easy-to-use platform that every user can access and get insights into what security issues are plaguing our repositories, or what newly discovered CVE's popped up in one of our dependencies. The Aikido team is always ready to help you with their top-notch support.

It doesn't matter if you're a startup, governmental organisation, or a large enterprise, security should be a top priority. We chose Aikido to simplify our current setup at the time and are happy that we did so, as it has already saved us time and effort.