.svg)
Review
“Extremely easy to set up, connection to your cloud components and repositories was done in a couple of minutes and super straightforward thanks to their great UX”
Fabrice G
Managing director at Kadonation
Cloud Security Posture Management (CSPM)
Cloud posture management
Detect cloud infrastructure risks across major cloud providers.
- Scan container images for known CVEs
- Scan your cloud for misconfigurations and overly permissive user roles / access
- Automate security policies & compliance checks for SOC2, ISO27001, CIS & NIS2
Clouds covered
AWS
Azure
GCP
DigitalOcean
Why Aikido?
Swift CSPM Setup
We don’t use agents. We’re fully API based, so setup takes mere minutes
Minimal Read Only Access
Aikido requires the minimum rights necessary to do it’s misconfiguration checks. We have no access to databases or S3 bucket content. On top of that, we don’t use invasive - and risky - agent-based scanners.
Note: If you’d like you can run the CloudSploit scans yourself and send them to us for analysis.
Automates Compliance Reporting
Cloud configuration checks are mapped straight to compliance controls. If you're working on SOC2 or ISO27001 compliance, you'll be able to see which configurations make you non-compliant.
Feed data straight to your Compliance Platform: Vanta, Drata (Future: Thoropass, Secureframe…)
See Integrations
Aikido Features
CSPM Features
1
Rescores Vulnerability Severity Scores
Staging or production clouds vulnerabilities have very different risk profiles. Aikido recalculates the severity scores of vulnerabilities based on the purpose of your cloud. If you link your containers to their clouds, those vulnerabilities’ severity will also be recalculated.
2
Virtual machine scanning
Aikido scans your AWS EC2 instances for vulnerabilities. 100% coverage, from code to cloud, without any agents.
3
Outdated Runtimes
Aikido goes beyond just CVE monitoring. Aikido monitors for outdated runtimes, no matter if they are in containers, lambdas, elastic beanstalk (AWS) or kubernetes…
4
Container image scanning
Aikido also scans your containers and will deduplicate and filter out all Docker/Container CVE findings from, for example, AWS inspector.
5
Scans Pre-deployment
Aikido does Infrastucture as Code (IaC) scans, to make sure your code is scanned before it’s deployed. We even go one step further and integrate into your CI so we can stop risky code from being deployed.
Aikido's other scanners
One security platform, covering you from code to cloud.
Cloud
Cloud posture management (CSPM)
Detects cloud infrastructure risks across major cloud providers.
Code & Containers
Open source dependency scanning (SCA)
Continuously monitors your code for known vulnerabilities, CVEs and other risks.
Code
Secret Detection
Checks your code for leaked and exposed API keys, passwords, certificates, encryption keys, etc...
Code
Static code analysis (SAST)
Scans your source code for security risks before an issue can be merged.
Code
Infrastructure as code
Scans Terraform, CloudFormation & Kubernetes infrastructure-as-code for misconfigurations.
Containers
Container image scanning
Scans your container OS for packages with security issues.
Domain
Surface monitoring (DAST)
Dynamically tests your web app’s front-end to find vulnerabilities through simulated attacks. Built on ZAP & Nuclei.
Code & Containers
Open source license scanning
Monitors your licenses for risks such as dual licensing, restrictive terms, bad reputation, etc..
Code
Malware detection in dependencies
Prevents malicious packages from infiltrating your software supply chain. Powered by Phylum.
Code & Containers
Outdated Software
Checks if any frameworks & runtimes you are using are no longer maintained.
Custom
Connect your own scanner
Imports and auto-triages findings from your current scanner stack.
FAQ
More to explore
Is Aikido's software pentested?
Yes. We run a yearly pentest on our platform and also have an ongoing bug bounty program to ensure the security of Zen is continuously tested by a wide range of security experts.
Can I also generate an SBOM?
You can create a CycloneDX SBOM or csv export with one click. Just go to the Licenses & SBOM report where you'll get a full overview of all the packages & licenses you're using.
What do you do with my source code?
Aikido does not store your code after analysis has taken place. Some of the analysis jobs such as SAST or Secrets Detection require a git clone operation. More detailed information can be found on docs.aikido.dev.
Do I need to give access to my repos to test out the product?
When you log in with your VCS we don’t get access to any of your repositories. You can manually give access to the repositories you’d like to scan. It’s also possible to test out the platform using sample repositories.
I don’t want to connect my repository. Can I try it with a test account?
Of course! When you sign up with your git, don’t give access to any repo & select the demo repo instead!
Does Aikido make changes to my codebase?
We can’t & won’t, this is guaranteed by read-only access.
More to explore
Trusted by development teams around the world
.svg){kind=icon}
Get started for free
No credit card required.
