What do you like best about the product?

I really like the unintrusiveness of their service. It's a webapp where you register your code, container, IaC,... repositories and they scan them regularly pointing out the issues they found via statical analysis. There's integration to easily/automatically create follow up actions (tickets) aso. The app is great, you get up and running quite quickly.

Sometimes you need support, and that's great too (even if it's really technical).

What do you dislike about the product?

- Aikido Security also provides an estimate of how much work (fe "about 1h") it takes to fix a particular issue. I don't know where they got them, but they might as well don't do this as these estimates are completely unreliable.
- The automated triage (severity) follows CVE closely, which is rather detached from reality.

- The automatic ignore kicks in if there's no fix available. I'm not sure that's what you want.

What problems is the product solving and how is that benefiting you?

As a company, you cannot just tell a customer: "Trust me, our code/setup/... is secure, we know what we're doing". It doesn't matter if it's actually secure or not; you need an external source that can corroborate your statement.
Aikido provides this service