Automated scans have streamlined vulnerability workflows and now provide clear daily risk reports
What is our primary use case?
My main use case for Aikido Security is to utilize it as part of our vulnerability management program, where we also scan our images, codes, and manage our SBOM.
A specific example of how I use Aikido Security in our vulnerability management program occurs every time new code is pushed into our repositories. Aikido scans for this new code and raises new vulnerabilities within these new codes. Then, with our automations, a Jira ticket gets created, our engineering team takes a look at it, and adjusts security if needed, resolving it within a few days.
Additionally, we use Aikido Security to generate a current status of our software, and I have created an automation that daily exports all of the vulnerabilities our software has, groups them by severity, and generates a report that can be shared with our customers.
What is most valuable?
In my experience, the best feature Aikido Security offers is its ease of use, as it was really easy to onboard our engineers into adopting Aikido Security in their day-to-day lives.
The reason onboarding my engineers with Aikido Security was so easy is the user interface. The first thing our engineers see when they log in is a feed of vulnerabilities that their own repositories are affected by, which helps them focus only on their work at hand.
I would also like to add that the integrations part is really useful, as all of the integrations we have added so far, mainly Jira, IDE, and API integrations, are really easy to use because they are backed by strong documentation that they maintain daily. This is a commendation to them.
Aikido Security has positively impacted our organization by helping us reduce the complexity in managing our vulnerabilities. We now have a single source of truth with Aikido Security, allowing us to get rid of manually maintained automations that we previously had.
What needs improvement?
I think Aikido Security could be improved by addressing its Jira integration, which I feel needs a bit of work. For my preferences, it is a bit too rigid. They recently added the capability of having custom fields, but before that, they did not have it.
Additionally, I would love to see a Terraform module for Aikido Security, although I know this might be a bit much to ask.
For how long have I used the solution?
I have been using Aikido Security for seven months.
What do I think about the stability of the solution?
Aikido Security is stable, very much so.
What do I think about the scalability of the solution?
I do not have data on Aikido Security's scalability since we do not have it deployed within our infrastructure. We make use of their SaaS solution.
How are customer service and support?
Customer support for Aikido Security is incredibly efficient. I can get an answer to a question within two or three minutes.
I chose a rating of ten because after reviewing several other products, Aikido Security was the easiest to use, the easiest to onboard, and the one with the most active customer support. I have a Slack channel with them where I can ask whatever I need and they will respond within minutes, which really helps us.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We previously used community Trivy, and we switched mainly because we did not want a solution that needed maintenance. Community Trivy was run within our automations, and we wanted something that would run without our intervention.
How was the initial setup?
My experience with the pricing, setup cost, and licensing was very easy, as all information is already public. They have their pricing tiers publicly available to everyone. We also had help from our customer success manager who was with us the whole way.
What was our ROI?
While I cannot talk about money saved because I do not manage any financial decisions or have access to financial information, I can say that we have saved a lot of time. We no longer need our internal automations that were running in our internal Lambda deployments, which were quite slow and needed a lot of maintenance from our engineers. Since we got rid of that, our productivity has increased, I believe, by thirty-two percent.
Which other solutions did I evaluate?
Before choosing Aikido Security, we evaluated Aqua Security and Ox Security.
What other advice do I have?
Since switching to Aikido Security, I have noticed a positive impact on my team's productivity with measurable results, as we now have measurements. Before, we did not even know how many vulnerabilities were raised per new functionality. We lacked a lot of visibility because reporting of vulnerabilities was not automated. New vulnerabilities were being raised by our automations, but tickets were not created automatically. We have gained a lot of productivity by not having to review the vulnerability reports themselves, but only needing to review the Jira tickets, which makes it much easier for our engineers.
My advice for others looking into using Aikido Security is to invest time in reading their documentation, as Aikido Security functionality can be exploited very much. I would rate this review a ten overall.
User-Friendly Platform That Helps Us Fix Vulnerabilities Faster
What do you like best about the product?
Aikido Security is very user-friendly and easy to navigate, even for team members who are not deeply specialized in security. It helps us quickly identify and manage vulnerabilities in one place, which saves time and makes our workflow much more efficient. The platform is intuitive, and it’s easy to get value from it quickly.
What do you dislike about the product?
Overall, the experience has been very positive.
What problems is the product solving and how is that benefiting you?
Aikido Security helps us centralize vulnerability detection and remediation, so we don’t have to rely on multiple tools or manual checks. It makes it easier to track issues, prioritize what needs attention, and ensure vulnerabilities get resolved faster. This improves our security posture while saving time for the team.
Outstanding Free Tier Value with Clear, Actionable Security Findings
What do you like best about the product?
What I like most is the real value Aikido delivers in the free tier. Most security tools offer very limited testing on free plans, but Aikido provides meaningful features and tooling that are genuinely usable in day-to-day engineering workflows. Integration was straightforward, reporting is standardized and consistent, and dashboard access is clear with developer-friendly, actionable results. The strength of the free tier is exactly why I’m highly interested in evaluating the Pro version next.
What do you dislike about the product?
No major product-level downsides in our free-tier experience so far. The free tier already delivers substantial practical value. Our move to Pro is less about fixing gaps and more about applying a stricter evaluation standard, as expected, across advanced depth, scalability, and enterprise-grade controls.”
What problems is the product solving and how is that benefiting you?
Aikido helps us catch security issues earlier, standardize security checks in engineering workflows, and reduce manual review overhead. This improves release confidence, shortens remediation time, and gives us a more systematic, repeatable AppSec process. It has been especially helpful for an early-stage startup like ours, where a lean team still needs strong security coverage without adding heavy process overhead.”
Highly Effective with Minor Tweaks Needed
What do you like best about the product?
I like having all the issues in a single dashboard that a non-developer can manage for the development team, acting as an additional pair of eyes. It's very easy to run the initial integration with GitHub to pull and parse the repos. Aikido Security allows developers and non-developers to index our multiple repositories, pulling together a list of human-readable actions that are easily followed.
What do you dislike about the product?
I would like to see improvements around dependency mapping and the autofix function, which has the potential to be incredibly useful.
What problems is the product solving and how is that benefiting you?
I use Aikido Security to scan multiple repositories for security issues. It provides a dashboard for managing these issues easily, even for non-developers, acting as an additional pair of eyes for the development team.
Effortless Security with Exceptional Usability
What do you like best about the product?
I like that Aikido Security is very easy to use, with straightforward information and nice reports. It's great to have an easy-to-use interface and the data I need right at my fingertips. This addition to the software is something I really look forward to using.
What do you dislike about the product?
none
What problems is the product solving and how is that benefiting you?
Aikido Security keeps our software secure for our customers, providing vulnerability scanners and securing client data files. It ensures our systems are always up to date to protect data and offers straightforward information with nice reports.
Effective Vulnerability Detection, Needs Enhanced Support
What do you like best about the product?
I like that Aikido Security gives a nice overview and quick fixes through automated reviews. It runs weekly scans that highlight what we need to change in a clear overview, which is really helpful. The app provides quick ways to solve vulnerabilities, making it valuable for reviewing our codebase and app security.
What do you dislike about the product?
I would like to see improvements in a few areas: The code review in Cursor is good, but it doesn't always manage to solve simple vulnerabilities like SQL injection. Better info in the issue description for Cursor could help. The price of pentesting is very high and makes it difficult to sell to clients as real pentesting; the price should be lower in my opinion. Additionally, support could be improved for more complicated issues, like providing step-by-step instructions for removing old secrets in a repo.
What problems is the product solving and how is that benefiting you?
I use Aikido Security to identify vulnerabilities, with a nice overview and quick fixes. Automated reviews highlight needed changes weekly, providing clear solutions for vulnerabilities.
Quick and Reliable to Secure Open Source Projects
What do you like best about the product?
I love the speed and efficiency of Aikido Security in delivering results, with rarely any false positives, which makes it very reliable. Additionally, the initial setup was very quick and simple, you just had to create an account.
What do you dislike about the product?
everything is excellent
What problems is the product solving and how is that benefiting you?
I use Aikido Security to secure my open-source projects. It solves many hidden security issues that I don't easily detect, like SSRG and CORS. I appreciate the speed, efficiency, and reliability of the results, with few false positives.
Proven battle tool in the appsec landscape
What do you like best about the product?
Developer oriented approach, great for small teams.
What do you dislike about the product?
Problematic use with large enterprises, private repository storage and fragmented dev/sec/ops teams.
What problems is the product solving and how is that benefiting you?
Prioritization of security fixes across small teams.
Intuitive Security Testing
What do you like best about the product?
I like that Aikido Security provides actions and tasks that are specific, actionable, and clear to understand. It's easy to integrate into existing workflow tooling, and the initial setup was very easy.
What do you dislike about the product?
Pricing is high for a startup/small company to leverage some of the better features
What problems is the product solving and how is that benefiting you?
I use Aikido Security for code analysis, managing dependency risks, and ensuring implementation of security best practices.
AI-Powered Insights That Save Time—Even the Free Version Delivers
What do you like best about the product?
It gives a lot of insights into issues and the AI takes care of an initial review saving a lot of time while providing evidence and in a lot of cases a fix.
Even the free version provides a lot of functionality while developing the app
What do you dislike about the product?
I've not been able to connect to a GitHub org account, but haven't reached out yet on that
What problems is the product solving and how is that benefiting you?
We don't have to guess if there are security issues, we can see it very quickly and plan accordingly depending on severity.
