1
Willem, our CTO had to manage (application) security at many of his previous startups, and honestly, hated it. Most security tools we had to use made us feel dumb. They were super complex and riddled with false positives. Their platform was behind the book a demo button. They had intransparent pricing models and honestly charged us way too much.
We think most of these platforms are built for the buyer at corporate companies, the CISO, not for the user, the developer. The people that actually need to use it.
So we built a platform that brings all the security scanners you need to secure your app, into one. We’ve built the app to be tech agnostic, it connects to your code (GitHub, GitLab, Azure Devops, Bitbucket,…), cloud (AWS, Azure, GCP, DigitalOcean), docker images (over 15 different types) & domains (any domain ofcourse) and scans them for many different types of security issues and vulnerabilities. E.g. open source dependencies, cloud misconfigurations, secrets, static code issues, IaC misconfigurations, surface monitoring issues, license risks, malware, outdated software,…
We’ve been able to do this by leveraging lots of cool open source projects. Great scanners made by awesome communities. (Syft, Gitleaks, Trivy, Grype, Zap, Nuclei, CloudSploit, Checkov, Semgrep, Gosec, Bandit,…) We built on top of those & fixed any gaps, (E.g. Bun lockfile support, Transiitive dependencies for .NET) to make sure we have full coverage. Recently, we also started own open source runtime security solution to give back to the community: https://github.com/AikidoSec/runtime-node
We’ve got about 300 paying customers right now. And over 3000 companies using us. Transparant, flat free pricing. Simple free plan for anyone to try. It takes 3 minutes to onboard to Aikido: https://app.aikido.dev/login Or you can just try it out with a demo account.
Would love to know your thoughts and questions in the comments!
TC article: https://techcrunch.com/2024/05/01/belgiums-aikido-lands-17m-...