Aikido Security is a unified application security platform that groups its scanners into four product pillars, Aikido Code, Aikido Cloud, Aikido Attack, and Aikido Protect. Those pillars span source code, cloud infrastructure, and runtime.
The lineup folds in SAST, SCA, secrets, IaC, container and cloud scanning, DAST, AI pentesting, and a runtime firewall. One login covers code to production (aikido.dev, as of July 2026).
That is the marketing version. The rest of this piece walks each module with the scope notes and plan gates pulled straight from Aikido’s own pages.

TL;DR: Aikido’s strength is breadth. It consolidates roughly a dozen scanners across code, cloud, and runtime into one platform, with noise-reduction claims and agentless cloud connection that hold up on its docs.
The trade-offs are also documented. Several headline features (VM scanning, attack-surface monitoring, malware detection) sit behind the Pro tier, the pentest bills per assessment, and there is no engineering-metrics module.
If you are weighing that breadth against developer-workflow depth, CodeAnt AI is a defensive and offensive security platform that unifies AI code review, SAST, and agentic pen testing, and it is the anchor this piece compares against.
Aikido Security Features at a Glance
Here is every core module, what it does, where it runs, and the one limit or plan gate worth knowing before you commit. Each row is sourced to an Aikido page and checked July 2026.
Module | What it does | Where it runs | Notable limit or plan gate |
|---|---|---|---|
SAST + AI SAST | Static analysis for vulnerabilities in source | Repo, CI, IDE | Free tier, 20+ languages |
Dependency scanning (SCA) | Flags CVEs in packages, ranks by reachability | Repo, CI | Reachability filtering on all tiers |
Secrets detection | Finds exposed keys, checks if still live | Repo | Does not revoke, history scan is opt-in |
IaC scanning | Misconfigurations in Terraform, K8s, Dockerfiles | Repo, CI | Pulumi marked “coming soon” |
Container scanning | CVEs across 14+ registries, base-image fixes | Registry, CI | Needs registry credentials or CI |
Cloud posture (CSPM) | Agentless misconfiguration audit | Cloud accounts | AWS, Azure, GCP, “select others” |
VM scanning | Snapshot-based package scan | Cloud accounts | Pro plan and up |
Surface monitoring (DAST) | Authenticated ZAP-based web and API scans | Live app | Non-destructive, endpoints need OpenAPI |
AI Pentest | Autonomous agents that validate exploits | Live app plus code | Bills per assessment, from $4,000 |
Code Audit | AI reasons over source for logic flaws | Repo | Paid via Aikido credits |
Malware detection | Aikido Intel feed plus Safe Chain | Dependencies, device | Pro plan and up |
Zen runtime protection | In-app firewall, open source | Runtime | Free and open source |
Device Protection | Blocks bad packages and extensions on laptops | Dev devices | Basic+, Linux due early Q3 2026 |
Code Quality | AI review and PR comments | Repo, PR | Basic plan and up |
Takeaway: the free tier gets you the code and cloud scanners, and the differentiators (VM, surface monitoring, malware, device) start at Basic or Pro.
What Features Does Aikido Security Actually Include?
Aikido organizes everything under four pillars, and the dashboard mirrors that split. A single findings feed pulls results from every scanner into one list, sorted by severity and estimated fix time.

Here is each module the way you meet it after connecting a repo, starting with the code scanners.
SAST and AI SAST
Aikido’s SAST feature reads the source code without running it and flags security and quality issues, then routes fixes to your IDE, inline PR comments, or an AI-generated pull request (aikido.dev/code/static-code-analysis-sast, July 2026). Coverage spans 20-plus languages, from JavaScript and Python to Java, C#, Go, Rust, and Kotlin.
An AI reachability engine triages findings, and Aikido states the rule-set is “optimised to reduce false-positives by 90%.” Harder fixes go to an agentic AI and simpler ones use deterministic workflows, each tagged with a confidence level.

Open-source dependency scanning (SCA)
The software composition analysis scanner checks the libraries you pull in and flags known CVEs, license risks, and other supply-chain issues. Its reachability analysis traces call chains from your code into third-party packages, which Aikido claims cuts 94% of the noise.
SBOM export covers SPDX, VEX, CycloneDX, and CSV, and you can import external SBOMs. AutoFix opens PRs with non-breaking version bumps, with an auto-merge option for critical CVEs.
Secrets detection
Secrets scanning looks for API keys, tokens, private keys, and database credentials across code, YAML, JSON, .env files, Terraform, and commit messages. Detection uses pattern matching, entropy analysis, and validation logic (aikido.dev/code/secrets-detection, July 2026).
Live Secret Detection checks whether an exposed secret is still active and adjusts the severity to match. Two limits are worth knowing before you lean on it.
The tool flags an exposed secret and guides you to rotate it, but it does not revoke the secret for you. Scanning git history is an opt-in setting rather than the default.
Infrastructure as code (IaC) scanning
IaC scanning inspects infrastructure definitions before deployment and catches public buckets, 0.0.0.0/0 security groups, unencrypted databases, and over-broad IAM. Supported formats include Terraform, CloudFormation, Kubernetes manifests, Helm, ARM/Bicep, and Dockerfiles (aikido.dev/cloud/infrastructure-as-a-code-iac, July 2026).
LLM-based autofix suggests and generates the remediation. One gap to note from the docs, Pulumi support is listed as “coming soon” rather than shipped.
Container image scanning
Container scanning detects CVEs in OS packages, end-of-life software, malware, and license risks across base images and Dockerfiles. It reaches 14-plus registries including ECR, Docker Hub, GCP, Azure, GitHub, GitLab, Quay, JFrog, and Harbor, and AutoFix can suggest a patched base image and open the fix PR (aikido.dev/code/container-image-scanning, July 2026).
Two limits are documented. The scanner needs registry credentials or a CI integration to reach your images, and embedded secrets or misconfigurations get handled by the separate scanners rather than this one.
Cloud posture (CSPM) and VM scanning
CSPM continuously audits cloud configuration for public buckets, permissive IAM, open ports, and missing encryption. It runs fully agentless over read-only API access, spanning AWS, Azure, GCP, and “select others like DigitalOcean” (aikido.dev/cloud/cloud-posture-management-cspm, July 2026).
Virtual machine scanning is snapshot-based, so Aikido creates a temporary VM snapshot, scans it for vulnerable packages and runtimes, then deletes it, with data staying in the same cloud region. VM scanning sits on the Pro tier and up, per the pricing page.

Surface monitoring (DAST)
Surface Monitoring is Aikido’s DAST, built on “a subset of safe OWASP ZAP scans” plus its own de-noising, running daily against your live apps and APIs. Authenticated DAST logs in as a real user to reach deeper flows and check JWT handling (aikido.dev/attack/surface-monitoring-dast, July 2026).
Aikido documents the scope plainly. The scans avoid destructive tests, need OpenAPI specs or manual config to find API endpoints, skip frontend-specific scans, and are positioned as monitoring rather than a replacement for a real pentest.
AI Pentest and Aikido Infinite
Aikido Attack runs hundreds of autonomous agents through Discovery, Exploitation, and Validation, and connecting your repos makes the test code-aware so agents understand roles and data flows. Every finding is validated before it reaches the report, and the system pauses before deeper escalation with an opt-in “Exploit Further” action (aikido.dev/attack/aipentest, July 2026).

Reports export in four formats, from a management summary to a SOC 2 or ISO 27001-ready auditor PDF. Aikido Infinite extends this to continuous testing, triggering a scoped pentest on each deploy by analyzing the diff, billed at $16 per agent with agents running one to two hours.
Code Audit
Code Audit is the AI layer that reasons over source code rather than a running app, aimed at the flaws that pattern-based SAST tends to miss. It hunts IDORs, broken access control, race conditions, subscription-tier bypasses, and multi-step attack chains (aikido.dev/code/code-audit, July 2026).
Aikido positions it as a complement to SAST that catches deeper logic bugs. Access is paid through Aikido credits priced on repo size, and the docs note it needs source access and cannot test live deployed apps, where AI Pentest takes over.

Malware detection and Safe Chain
Malware detection cross-references your dependencies against Aikido Intel, a live feed of malicious packages, and claims to flag threats days ahead of public databases. Safe Chain hooks into package managers to block a malicious dependency at install time across npm, PyPI, NuGet, Maven, and RubyGems (aikido.dev/protect/malware-detection-in-dependencies, July 2026).
One placement detail matters for planning. Malware Detection is a Pro-tier feature on the pricing page, so the free and Basic plans do not include it.
Zen runtime protection
Zen is Aikido’s in-app firewall, embedded in the application to block SQL and NoSQL injection, command injection, path traversal, and bot traffic at runtime, with user-aware rate limiting. Agents exist for Node.js, Python 3, PHP, Java, .NET, Ruby, and Go across named frameworks (aikido.dev/protect/zen, July 2026).

Zen is open source and free to install, and you pay only when you upgrade the wider subscription. Bot Protection as a managed feature starts at the Basic tier per pricing.
Device Protection and Code Quality
Device Protection blocks malicious packages, IDE extensions, browser extensions, and AI-tool integrations at the developer’s machine, deploying through MDMs like Jamf or Fleet (aikido.dev/protect/device-protection, July 2026). Windows shipped, and the docs note Linux support arriving “by early Q3 2026.”
Code Quality adds AI PR review with inline comments, one-click fixes, summaries, and custom rules that learn from your team’s past PRs. It is language-agnostic across the same broad language list and lands on the Basic tier and up.
What’s Good About Aikido’s Feature Set?
The breadth is the strongest part. You get SAST, SCA, secrets, cloud posture, and a runtime firewall behind one findings feed with shared triage, so a single login replaces a stack of separate tools.

Noise reduction holds up on the docs. Reachability analysis on SCA and AI triage on SAST both demote findings that are not exploitable, and Aikido publishes specific filtering numbers instead of vague ones.
Cloud connection stays agentless over read-only APIs, VM scanning uses disposable snapshots that stay in-region, and Zen ships as open source. Runtime protection then carries no license cost until you upgrade the wider plan.
AutoTriage groups duplicate alerts, and AutoFix ships fixes as reviewable pull requests across SAST, SCA, IaC, container, and pentest findings, covering 100-plus issue types (aikido.dev/code/autofix, July 2026).
Where Are the Limits?
None of this is a knock on the product. Each item is the documented reality of what costs extra and what sits out of scope, and the pattern is that the marquee features sit above the free line.
Here is how the plan gates fall, straight from the pricing page as of July 2026.
Capability | Free (Developer) | Basic ($350/mo) | Pro ($700/mo) | Advanced ($1,050/mo) |
|---|---|---|---|---|
SAST, SCA, secrets, IaC, cloud | Included | Included | Included | Included |
AI AutoFixes | 10 per month | Unlimited | Unlimited | Unlimited |
PR Security Review, Code Quality, Device Protection | No | Yes | Yes | Yes |
SSO (SAML) | No | Yes | Yes | Yes |
VM scanning, API fuzzing, attack-surface monitoring, malware detection | No | No | Yes | Yes |
Broker for internal apps, private registry proxy, FIPS images | No | No | No | Yes |
Takeaway: the free plan is a real scanning tier, but VM scanning, malware detection, and surface monitoring need Pro, and single-sign-on needs at least Basic.
A few scope notes matter as much as the price gates. The AI pentest bills separately from the platform, starting at $4,000 per standard assessment (with a “no High or Critical finding, don’t pay” guarantee), and Code Audit runs on a separate credit balance.
Feature availability has edges too. DAST needs OpenAPI specs to enumerate API endpoints and skips destructive tests, IaC has no Pulumi support yet, and Device Protection is Windows-first with Linux still pending.
One structural gap matters for engineering leaders. Aikido’s module list carries no engineering-metrics or DORA product, so throughput, cycle time, and delivery analytics are not part of the platform (checked across aikido.dev/platform and the pricing page, July 2026).
How Do Aikido’s Features Compare to CodeAnt AI?
CodeAnt AI is a defensive and offensive security platform that unifies AI code review, SAST, and agentic pen testing, and it overlaps Aikido on the shared security scanners while going deeper on the developer workflow. The two share SAST, SCA, secrets, IaC, cloud posture, container scanning, and code-aware AI pentesting.
The split shows up at the edges of each platform. Aikido reaches further into production assets, and CodeAnt AI reaches further into how code gets written, reviewed, and measured.
Capability area | CodeAnt AI | Aikido Security |
|---|---|---|
Shared scanners (SAST, SCA, secrets, IaC, CSPM, containers) | Yes | Yes |
AI code review as a first-class pillar | Yes, unlimited reviews, PR chat, custom rules | Code Quality module (Basic+) |
Engineering and DORA metrics | Yes, dedicated pillar | Not offered |
Code-aware AI pentest | Yes, white-box reads full codebase, free first scan | Yes, bills per assessment from $4,000 |
VM and host scanning | Not offered | Yes (Pro+) |
Runtime firewall and device protection | Not offered | Zen and Device Protection |
Pricing shape | Modular per pillar, pentest pays on findings | All-in-one tiers, pentest per assessment |
Takeaway: pick Aikido for the widest asset coverage including VMs, domains, and a runtime firewall. Lead with CodeAnt AI when AI code review, code quality, and delivery metrics should live beside security in the developer workflow.
The full head-to-head lives in the CodeAnt AI vs Aikido Security breakdown.
Where This Leaves You
Aikido’s feature set is a wide, well-consolidated security platform, strongest when you are collapsing many tools into one and want coverage from code through cloud to runtime. The honest caveats are the Pro-tier gates on VM, malware, and surface monitoring, the separately billed pentest, and the absence of engineering metrics.
If developer-workflow depth and delivery metrics weigh as heavily as breadth for you, put CodeAnt AI on the same shortlist and read the CodeAnt AI vs Aikido Security comparison before you decide.
FAQs
What does Aikido Security do?
Is Aikido Security free?
What is Aikido Attack?
Is Aikido Security SOC 2 and ISO 27001 compliant?
Which languages does Aikido's SAST support?











