Aikido Security
Aikido SecurityReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
80 reviews
from
External reviews are not included in the AWS star rating for the product.
Finally, a Security Tool That Cuts Through the Noise
What do you like best about the product?
Aikido has been a great fit for our needs, with broad coverage across use cases and excellent support whenever we’ve needed it. Compared to other tools we’ve tried, it does a much better job at reducing noise and surfacing what actually matters, which saves our team a lot of time.
What do you dislike about the product?
Enterprise ready, broad set of features and amazing support team!
What problems is the product solving and how is that benefiting you?
Aikido helps us manage security across a wide range of codebases and dependencies without drowning in false positives. The platform consolidates what we need into one place, reduces noise compared to other tools, and gives our team clear, actionable insights. This saves time, improves focus, and helps us address real risks faster.
Rapid setup (minutes), human support (no bots) and a fantastic solution.
What do you like best about the product?
The combination of SAST/DAST/CSPM/SBOM/RASP (and other capabilities) is astoundingly useful. All-in-one security scanning and configuration validation may seem mythical and impossible, but it demonstrably is not. It's just that nobody was doing it well.
What do you dislike about the product?
For a young company, you can forgive the fact that there are not as many enterprise capabilities in the platform just yet, but that is definitely something they are aware of and working on as evidenced by the ability to enroll the entire AWS Organization instead of having to enroll each tenant account separately for the cloud security posture management scanning.
What problems is the product solving and how is that benefiting you?
Because the solution provides code and cloud modules, it is possible to link a repo scan (inside risk) with an API or web application scan (outside risk) for an integrated view of real exposure of vulnerabilities. But one of the features that is most valuable in my experience is taking on legacy code risk using the Zen Firewall as a RASP capability. This "in-app" firewall brings swift mitigation of common failings for inherited APIs and other apps whose authors have usually left the company and who never implemented rate limiting or blocking rules/logic.
An all-round vulnerability management system that is affordable for small to mid-sized businesses
What do you like best about the product?
In the 9 months we have been using Aikido, we have been very impressed with the offering. They have a significant number of tools available (SAST, SCA, attack surface scanning, etc.) and they are adding something new every month or two that makes me go "ooh, that's nice". The user interface is a bit of a learning curve, but ultimately it is servicable.
The scans themselves are fast and don't impact the performance of our systems in any noticeable way. They run automatically once a day and update the list of known issues. It doesn't do anything that any of the big competitors (Tenable, Qualys, etc.) don't, but a big difference is the pricing. It is a fraction of the price those other products ask, and the limits on the paid plans are very reasonable (we've only had to upgrade a limit once, and that costed a few euro's a month extra).
The products doesn't allow as much customizability as for instance Tenable allows, but as a tradeoff, setting up was extremely easy; configure your integrations (Gitlab, Github, AWS, etc.) with standards tokens, wait a few minutes and everything begins populating with your projects.
We've had to reach out to product support a few times, and every time they were very quick, friendly and helpful.
The scans themselves are fast and don't impact the performance of our systems in any noticeable way. They run automatically once a day and update the list of known issues. It doesn't do anything that any of the big competitors (Tenable, Qualys, etc.) don't, but a big difference is the pricing. It is a fraction of the price those other products ask, and the limits on the paid plans are very reasonable (we've only had to upgrade a limit once, and that costed a few euro's a month extra).
The products doesn't allow as much customizability as for instance Tenable allows, but as a tradeoff, setting up was extremely easy; configure your integrations (Gitlab, Github, AWS, etc.) with standards tokens, wait a few minutes and everything begins populating with your projects.
We've had to reach out to product support a few times, and every time they were very quick, friendly and helpful.
What do you dislike about the product?
There aren't any major issues with Aikido, but there a few things that I feel Aikido could do different, namely:
- The UI and scans themselves aren't very configurable. Don't expect a system that allows you to tweak every minor details of every minor scan
- The findings are divided into a number of categories (VMs, Code, Cloud Scanner). You cannot group items together to get one easy overview. For instance, if you want to group the code of a specific repository, the sBOM of the built code and the scan of the VM the code is running on, you can't. You have to navigate back and forth to match findings from different categories.
- The UI could use a bit of care to improve UX. For instance, we had issues where we couldn't delete an old asset that we used for testing purposes.
- The UI and scans themselves aren't very configurable. Don't expect a system that allows you to tweak every minor details of every minor scan
- The findings are divided into a number of categories (VMs, Code, Cloud Scanner). You cannot group items together to get one easy overview. For instance, if you want to group the code of a specific repository, the sBOM of the built code and the scan of the VM the code is running on, you can't. You have to navigate back and forth to match findings from different categories.
- The UI could use a bit of care to improve UX. For instance, we had issues where we couldn't delete an old asset that we used for testing purposes.
What problems is the product solving and how is that benefiting you?
We use Aikido as our first line of vulnerability detection. It's various scans cover the broad strokes of what we want to do to detect any security issues, all from the same dashboard.
So now Aikido scans all our source code, any built artefacts, container images, software packages once every day. We use it to get a clean dashboard of all our (potential) security issues and can prioritize which issue should be resolved first. We also allow our developers access to the findings, so they can give feedback on items they feel were scored too high, or too low so the communication regarding these issues is also improved. Furthermore, it is a great motivator to see that from one release to the next, the number of relevant security issues went down, so it has helped us motivate the developers to fix these issues.
So now Aikido scans all our source code, any built artefacts, container images, software packages once every day. We use it to get a clean dashboard of all our (potential) security issues and can prioritize which issue should be resolved first. We also allow our developers access to the findings, so they can give feedback on items they feel were scored too high, or too low so the communication regarding these issues is also improved. Furthermore, it is a great motivator to see that from one release to the next, the number of relevant security issues went down, so it has helped us motivate the developers to fix these issues.
Great all-in-one security product
What do you like best about the product?
Aikido is a great all-in-one security product that makes my life easier as an early stage startup founder. The UI/UX is simple and the coverage is broad. Customer support was also good.
What do you dislike about the product?
Issues and suggested remediations are at times ambiguous.
What problems is the product solving and how is that benefiting you?
Aikido helps me fulfill my SOC 2 and gives me security piece of mind that our infrastructure is hardened.
Great experience
What do you like best about the product?
Unlike some security tools that overwhelm with false positives, Aikido emphasizes actionable alerts. It filters out the noise and highlights only what truly matters, saving time and reducing alert fatigue.
What do you dislike about the product?
Power users may find that Aikido lacks deep customization for advanced scanning rules or configurations compared to tools like Snyk or SonarQube.
What problems is the product solving and how is that benefiting you?
Teams often juggle multiple tools for code scanning, dependency scanning, cloud misconfigurations, etc., leading to disjointed insights and confusion.
Fantastic application that gives me peace of mind, very quick onboarding process
What do you like best about the product?
I get a weekly rundown of any issues for my application using their code analysis tools. Very easy to use application - just connect to github and you're set. The team are super responsive when you reach out to them too.
What do you dislike about the product?
When manually ignored, I'd like to see the name of the user in the table - but it's a nitpick - it's fastastic
What problems is the product solving and how is that benefiting you?
It's keeping us up to date with the most recent vulnerabilities.
Security Posture Review: Aikido Security Platform
What do you like best about the product?
Aikido consolidates multiple scanners into one platform, including SAST (source code), SCA (dependencies), Container Scanning, and IaC (Infrastructure as Code) scanning. This accurately reflects its "all-in-one" approach. Its ease of use and integration is top notch. Customer support is exceptional in case you need help.
What do you dislike about the product?
Aikido lacks ability to build and enforce complex, multi-layered security policies across the entire orginzation.
What problems is the product solving and how is that benefiting you?
It solves the security in development lifecycle. By automatically triaging alerts and showing only the "reachable" vulnerabilities that matter and eliminates noise. Integrates directly into their existing tools like GitHub/GitLab. Empower team to context they need to fix security issues themselves, quickly and confidently, without needing to wait for a security expert.
No BS and straight forward security monitoring to implement and setup
What do you like best about the product?
I have used a few providers in this space but Aikido was the simplest to use and setup. The product has great UX and an intuitive way to navigate around compared to the competitors in this space. The most useful feature by far is the security feed. Aikido filters out a lot of noise so you only see issues which are actually useful and worth your time to investigate and resolve. Other tools I’ve used tend to overwhelm with irrelevant alerts and noise, but Aikido helps to keep things focused. Customer support is top notch too, sometimes I wonder whether the team sleeps.
What do you dislike about the product?
At this point, nothing. When I first started using them, VM scanning wasn’t available, but they added that functionality just a couple of months later. From a security monitoring perspective, they now cover everything I need.
What problems is the product solving and how is that benefiting you?
Aikido helps with our security posture. They also provide a number of reports which are invaluable for our sales team to use when dealing with prospects.
Amazing Product
What do you like best about the product?
The fact that it is an all in one security platform which combines SAST, SCA, etc and removes the fact that multiple vendors are needed is amazing.
What do you dislike about the product?
It has a limited cloud provider support but it has been progressing positively and i think it won't be an issue in the near future.
What problems is the product solving and how is that benefiting you?
having to deal with multiple security platforms while aikido is helping me deal with all the needed tools in one place
As a startup with limited resources, Aikido is an essential tool in our development workflow
What do you like best about the product?
Aikido has been a game-changer for our startup. With limited engineering resources, we rely on it to continuously monitor our GitHub repos for vulnerabilities and code issues. The automatic AI-generated PR fixes have saved us countless hours and helped us stay secure without slowing down development.
What we really value is how Aikido points our dev team directly to the problems that matter most. It keeps us focused, proactive, and in control. Plus, the clear, client-ready reports make it easy to communicate our security posture to stakeholders. For any startup looking to scale securely, Aikido is an invaluable tool.
What we really value is how Aikido points our dev team directly to the problems that matter most. It keeps us focused, proactive, and in control. Plus, the clear, client-ready reports make it easy to communicate our security posture to stakeholders. For any startup looking to scale securely, Aikido is an invaluable tool.
What do you dislike about the product?
If there's one challenge we've faced with Aikido, it's that the platform offers so many powerful features—vulnerability scanning, compliance support (ISO, SOC 2, Cyber Essentials), SBOM generation, and more—that it can sometimes be difficult to communicate the full value in a simple, unified way to non-technical stakeholders.
Because of how comprehensive Aikido is, there's occasionally a perception that multiple tools are still needed for different compliance needs. It takes some effort to convince decision-makers that Aikido truly consolidates all these capabilities into a single product. A more streamlined way of presenting its all-in-one nature could go a long way in helping both technical and non-technical users fully appreciate its breadth.
Because of how comprehensive Aikido is, there's occasionally a perception that multiple tools are still needed for different compliance needs. It takes some effort to convince decision-makers that Aikido truly consolidates all these capabilities into a single product. A more streamlined way of presenting its all-in-one nature could go a long way in helping both technical and non-technical users fully appreciate its breadth.
What problems is the product solving and how is that benefiting you?
Aikido Security is solving several critical challenges for our team:
Limited engineering resources: As a startup, we don't have the luxury of a dedicated security or DevSecOps team. Aikido acts as a force multiplier by automatically scanning our GitHub repos for vulnerabilities, misconfigurations, and other risks—without requiring manual oversight.
Fixing issues efficiently: The AI-generated PR fixes are incredibly valuable. Instead of just telling us what's broken, Aikido helps us fix it fast, which has dramatically reduced our time-to-remediation.
Prioritisation and noise reduction: Aikido surfaces the most relevant and actionable issues, helping our dev team focus on what really matters. This is key for keeping up velocity without compromising on security.
Client and stakeholder reporting: Aikido makes it easy to demonstrate our security posture to stakeholders, auditors, and clients. Whether it's showing SBOMs, compliance progress for frameworks like ISO or SOC 2, or vulnerability trends, the reporting is clear, credible, and easy to share.
Limited engineering resources: As a startup, we don't have the luxury of a dedicated security or DevSecOps team. Aikido acts as a force multiplier by automatically scanning our GitHub repos for vulnerabilities, misconfigurations, and other risks—without requiring manual oversight.
Fixing issues efficiently: The AI-generated PR fixes are incredibly valuable. Instead of just telling us what's broken, Aikido helps us fix it fast, which has dramatically reduced our time-to-remediation.
Prioritisation and noise reduction: Aikido surfaces the most relevant and actionable issues, helping our dev team focus on what really matters. This is key for keeping up velocity without compromising on security.
Client and stakeholder reporting: Aikido makes it easy to demonstrate our security posture to stakeholders, auditors, and clients. Whether it's showing SBOMs, compliance progress for frameworks like ISO or SOC 2, or vulnerability trends, the reporting is clear, credible, and easy to share.
showing 1 - 10