Aikido Security
Aikido SecurityExternal reviews
139 reviews
from
External reviews are not included in the AWS star rating for the product.
Easy setup and integration. Also the support it exceptional good.
What do you like best about the product?
It integrates with all of our used services and scans for security problems and best practicies flawlesly. Also the provided rescources on how to fix the issue are really helpful. We also integrated Aikido in our Slack so we get notified immediatly when new issues pop up.
Setting everything up was very easy and the provided guides are up to date. Support is super fast and was able to answer all my questions in a few minutes.
Setting everything up was very easy and the provided guides are up to date. Support is super fast and was able to answer all my questions in a few minutes.
What do you dislike about the product?
I honestly can not say anything negative about the service. You could discuss about the pricing but the functionality that is provided and the ease of use is totally worth it.
What problems is the product solving and how is that benefiting you?
As a startup you don't have the rescources and time to look at every aspect of security when building your software. Aikido helps us to identify sucurity issues before we would deploy them and consanty monitors for new threads that might arise.
Great app to detect security issues
What do you like best about the product?
The setup was really quick and the app immediately delivered usefull insight.
What do you dislike about the product?
The price could be a deal breaker for small companies.
What problems is the product solving and how is that benefiting you?
Immediate detection of security issues that could be leaked by dev.
Simple security scanning that just works
What do you like best about the product?
Aikido integrates various open source security tools like Trivy and zaproxy in one simple to use dashboard where false positives and duplicates are removed. The team responds quickly on inquiries and explains clearly why certain findings are not shown. We are very happy that we do not have to integrate all these tools ourselves, that security experts do that work for us.
What do you dislike about the product?
The UI is sometimes a bit wobbly (if you click a checkbox sometimes the page jumps and some UX flows could improve), but I expect this to improve once Aikido becomes more established.
What problems is the product solving and how is that benefiting you?
Adhering to the security standards of ISO-27001. Knowing where vulnerabilities are and how we can fix them.
A wonderful security tool loved by engineers and developers
What do you like best about the product?
Aikido allowed us to implement a security by design process smoothly and quickly. My team loves the integration with Jira and how it feels a tool tailored on their needs of engineers (not security experts), no less and no more. Working with Aikido's team has been great, both in supporting us in the selection process and receiving our feedback - many times resulting is a rapid development of new features!
Given the affordable price for me it's a not brainer for any small-medium sized company
Given the affordable price for me it's a not brainer for any small-medium sized company
What do you dislike about the product?
My experience with Aikido has been positive for the most part.
There are few UX/UI tweaks that we had to overcome, but nothing major or that made us rethink of our choice.
There are few UX/UI tweaks that we had to overcome, but nothing major or that made us rethink of our choice.
What problems is the product solving and how is that benefiting you?
We needed a tool to easily identify vulnerabilities in our repositories; Aikido is not only doing it, but it has also become a key component of our secuirty by design process.
A promising new AppSec tool
What do you like best about the product?
Our organization implemented Aikido as our main Application Security app to take care of SCA, SAST, Container/Secret Scanning within our code base. Overall, we are very happy with Aikido's performance and ease of use. The deployment was quick and easy thanks to the Bitbucket Cloud integration.
I think the game changing features of Aikido is the auto-ignore capability and the reachability analysis. It helps our development team save time triaging false positives as well as prioritising issues that need to be addressed quickly.
The support we have received from the Aikido team has been top notch.
I think the game changing features of Aikido is the auto-ignore capability and the reachability analysis. It helps our development team save time triaging false positives as well as prioritising issues that need to be addressed quickly.
The support we have received from the Aikido team has been top notch.
What do you dislike about the product?
While Aikido has proven to be a valuable tool for us, there are some features that are missing or could be improved. Since we are a small security team, we rely a lot on automation via REST API. For example, the REST API is missing some functionalities where it is not possible at the moment to ignore/snooze/adjust severity of an issue.
The output from the REST/CI API when retrieving details about an issue could have more information (line of code vulnerable, description of the issue, teams responsible, etc...).
However, despite those minor functionalities missing, the team at Aikido has been amazing at implementing new features in record time when we have identified gaps.
The output from the REST/CI API when retrieving details about an issue could have more information (line of code vulnerable, description of the issue, teams responsible, etc...).
However, despite those minor functionalities missing, the team at Aikido has been amazing at implementing new features in record time when we have identified gaps.
What problems is the product solving and how is that benefiting you?
Aikido is helping us with our application security program by assisting our developers found vulnerabilities in our code base and remediate them. The true power of Aikido lies in its ability to auto ignore false positives and therefore save us time to focus on the real issues.
Aikido - Perfect security fit for any IT platform
What do you like best about the product?
The standout feature of Aikido Security for me is its ease of use. The platform's wide variety of compatibilities enables seamless integration into our technology stack with minimal effort, especially when compared to configuring multiple separate open-source solutions. I would also like to commend the exceptional support and guidance from their team. They truly understand our needs and we have seamlessly integrated their improvements into our agile workflow. Our weekly sprints have become more robust with their input, ensuring that our platform remains secure. Furthermore, Aikido encourages the adoption of security best practices, transforming it from merely a tool to a partner in our security strategy.
What do you dislike about the product?
My experience with Aikido Security has been predominantly positive.
What problems is the product solving and how is that benefiting you?
Aikido is key in refining our security management. It sharpens our focus on actual security threats, enabling us to tackle genuine vulnerabilities with precision. Furthermore, Aikido provides critical support as we navigate the complexities of achieving compliance with ISO 27001 and SOC 2, laying a solid foundation for robust information security practices.
Useful testing tool
What do you like best about the product?
Comprehensive tool! it scans code repositories and clouds which allow you to gain insights of your application as a whole. The reports are very usefull for less technical people as well.
What do you dislike about the product?
There are still some false positives and I am missing a regex based file filter to exculde tests for example.
What problems is the product solving and how is that benefiting you?
monitor the security of our applications
Accessible & affordable security
What do you like best about the product?
Their transparancy, ease of use, they're improving their tool all the time.
Affordable price with stellar results. Typical competitors have steep pricing that scales with the number of repo's / number of instances running.
Aikido helps us stay ahead of the curve. It educates us about possible liabilities, and it engages the whole engineering team.
Affordable price with stellar results. Typical competitors have steep pricing that scales with the number of repo's / number of instances running.
Aikido helps us stay ahead of the curve. It educates us about possible liabilities, and it engages the whole engineering team.
What do you dislike about the product?
Nothing really, there can be minor UX quirks from time to time but nothing that deminishes it's value.
Big fan and encourage any company (especially start-ups) to get this tool. It's a no-brainer to me
Big fan and encourage any company (especially start-ups) to get this tool. It's a no-brainer to me
What problems is the product solving and how is that benefiting you?
Staying ahead of security liabilities instead of reactive.
It also educates us (the whole engineering team) so in a way they're making us better engineers as well
It also educates us (the whole engineering team) so in a way they're making us better engineers as well
You don't know you needed it, till you use it
What do you like best about the product?
As your team, and the complexity of your app scales and changes, you find yourself not able to maintain oversight into all the different security aspects of your codebase. Tools that you get from Cloud providers and Github (bots) are powerful, but provide yet another signal of noise, are all distributed and all only are relevant to a specific aspect of your application security. Other DiY tools to monitor specific aspects all take time to setup and maintain. Aikido is quickly setup and nicely packages up this information in a cohesive way, providing this and the tools to comb through them.
It's nice that it can also be run in CI, so that you can catch things early and integrates nicely with Vanta to help in the efforts related to compliancy.
There's a lot to like, the platform is still young, but Aikido is pushing out new features quite rapidly.
It's nice that it can also be run in CI, so that you can catch things early and integrates nicely with Vanta to help in the efforts related to compliancy.
There's a lot to like, the platform is still young, but Aikido is pushing out new features quite rapidly.
What do you dislike about the product?
It's already able to provide information and report on a lot of the more common security aspects, as well as IaC, CSPM, DAST,... analysis. But it certainly does not give a complete overview yet. To get a more cohesive plaform, it would be nice to also get more information into the security aspect of an active deployment rather than just the codebase and the images. The recently released DAST scans are already a good addition to that.
What problems is the product solving and how is that benefiting you?
Aikido helps us to stay on top of our security issues while eliminating some of the overhead of false positives. It also helps us and made it easy for us in order to become ISO ISO27001 compliant.
easy setup, usefull notifications
What do you like best about the product?
Aikido provides the easiest setup of any of such tools that I have tested so far. I was using it with the Gitlab integration and it recognized all of our repositories. The security warnings it provides are almost always correct and invalid warnings can easily be muted and it learns from this. It even found issues that our previous software could not find.
What do you dislike about the product?
A few times it falsly reported test data as leaked credentials. To be fair though, the data indeed looked like that.
What problems is the product solving and how is that benefiting you?
Aikido ensures that our software is delivered with latest security fixes and as free of potential security issues as possible. Hence, our developers need to spend less time working on tracking vulnerabilities in external (and internal) dependencies.
showing 121 - 130