Aikido Security Pros and Cons

The intuïtive interface and the very fast support Review collected by and hosted on G2.com.

I notice a lot of features still in flux, but definitely moving in the right direction Review collected by and hosted on G2.com.

The UI/UX of Aikido Security is amazing, making it one of the very few tools on the market that does not require a lot of reading to integrate and use! Review collected by and hosted on G2.com.

I think sometimes the pricing model could be confusing but they are improving. Review collected by and hosted on G2.com.

The ease of use and the fact that we don't need to scan on our side, third party libraries in to ensure that the project is secure Review collected by and hosted on G2.com.

Sometimes the issues does not have a clear description of what the problem can cause in the project Review collected by and hosted on G2.com.

Clear actionable list of items you need to address right now. And options for planning later. Review collected by and hosted on G2.com.

Once you go beyond the actions you might need a lot clicks to find what you want. It's getting better every month. Review collected by and hosted on G2.com.

It's simple to connect, it gives meaningful alerts and integrate well with our tools. Review collected by and hosted on G2.com.

We miss more in-depth analysis for some standards like SOC or PCI-DSS, IaaC review and more IDE integration Review collected by and hosted on G2.com.

The setup was really quick and the app immediately delivered usefull insight. Review collected by and hosted on G2.com.

The price could be a deal breaker for small companies. Review collected by and hosted on G2.com.

Aikido allowed us to implement a security by design process smoothly and quickly. My team loves the integration with Jira and how it feels a tool tailored on their needs of engineers (not security experts), no less and no more. Working with Aikido's team has been great, both in supporting us in the selection process and receiving our feedback - many times resulting is a rapid development of new features!

Given the affordable price for me it's a not brainer for any small-medium sized company Review collected by and hosted on G2.com.

My experience with Aikido has been positive for the most part.

There are few UX/UI tweaks that we had to overcome, but nothing major or that made us rethink of our choice. Review collected by and hosted on G2.com.

Aikido Security is very easy to setup and delivers its first results in mere minutes. It combines all the essential security scanning such as repo scanning, cloud security, credential leakage, ... in one package that's easy to use by any development team. Review collected by and hosted on G2.com.

Initially we were missing some features and support for code languages. But since this is a product that is rapidely evolving these we're quickly added and since then we haven't had any real dislikes. Review collected by and hosted on G2.com.

Aikido is primarily based on already available tools, making it feasible to replicate the basic technical functionalities it offers. This means they aren't introducing any novel security scanning features. They're also very open about this by providing some references to how and with which tool a certain finding was found.

For our specific use case, I believe Aikido's strength lies in other areas, mostly addressing false positives and providing an easy to use platform to have a full understanding of your security situation.

Addressing false positives is accomplished by considering factors such as the environment (dev/prod) and whether the vulnerable function or feature is present in your code base. If we were to develop our own security tools using CI/CD pipelines or something comparable, we'd be stuck with numerous false alerts each week, necessitating manual review.

As previously mentioned, replicating the basic technical features Aikido provides is possible. While it would be a resource-intensive and tedious task, it's certainly achievable (which we started doing at some point before we started using Aikido). However, one challenging aspect to replicate is the capability to integrate various security tools into a single platform/interface, catered to both management and technical personnel. Review collected by and hosted on G2.com.

We've only been using the tool for a couple of months so our experience is very limited but I do find myself going through the suppressed findings more often than I would like to admit to ensure it's not suppressing anything it shouldn't. So far, my findings here were limited.

Also, we run a heavy Java backend and the support there is still very limited. The team has let me know that they are already working on it so I'm curious how that will turn out.

We've also had some issues with their Github Action (timeouts mostly) and the team was very helpful in fixing these issues within a business day most of the time. Review collected by and hosted on G2.com.

In an age where security vulnerabilities are rampant, it's crucial to equip your software development lifecycle with a comprehensive set of tools that can cover every aspect of security. Recently, I had the opportunity to try Aikido, which brings together a multitude of features under one roof.

As a user of this security tool, I've found the Open Source Dependency Scanning (SCA), Static Code Analysis, Open Source License Scanning, and Malware Detection in Dependencies to be an integral part of my development workflow. The SCA keeps me worry-free about vulnerabilities, and I love how the Static Code Analysis catches issues before they even reach the main code. The license scanning has saved me a lot of headaches, letting me know if there are any hidden dangers in the licenses I'm using. And the Malware Detection? It’s like having a silent guardian watching over my code, ensuring nothing malicious sneaks in.

All these features feel well-thought-out and designed with a developer like me in mind. It's not just about security; it's about peace of mind, knowing that my work is safe and sound. It's been a great experience, and I wouldn't want to code without these tools by my side. Review collected by and hosted on G2.com.

It's clear that the tool is on a promising trajectory, and I'm genuinely excited about what's to come. The information provided about detected issues is precise and insightful, making me feel secure in those areas. However, I sometimes wonder if there might be hidden issues not yet brought to light. Despite this concern, I have confidence in the team behind the tool, and I firmly believe that any potential gaps will be addressed in future updates. I'm keeping a close eye on its progress and remain optimistic that this tool will continue to evolve into an even more essential part of my security toolkit. Review collected by and hosted on G2.com.