Changelog

New Features

🚀  Agentless Virtual Machine scanning in AWS (docs)
Aikido can now scan your AWS EC2 instances for vulnerabilities. We're stoked to be launching this new feature! Some competitors call this cloud workload protection (CWP), some "sidescanning",... We decided to call it by what it is & actually does: Agentless Virtual Machine scanning. Get 100% coverage, from code to cloud, without any agents. Contact us if you'd like to have access to this feature.

🚀  Aikido is now integrated into Vanta’s Vulnerability Page (vanta’s docs)
Vanta now pulls in Aikido’s vulnerabilities directly into their vulnerability page. This allows you to manage your SLAs for multiple security tools directly in Vanta. The page in Vanta provides a high-level overview of all the detected, remediated, or ignored vulnerabilities on all your servers and containers.

Improvements & bug fixes

• Virtual Machine scanning: You can now set the purpose of the environment, so Aikido can better process results.

• Firewall: You can now configure an IP allowlist on routes, this helps to ensure admin APIs are only accessible from your office or company VPN.

• CI/CD Integration: We now display the CI scan history in the UI, so you can see which scans passed or failed & explore the details. (go to app)

• Local Scanner: We now support image PR gating

• Reporting: You can now check how you do on PCI compliance (check the report)

• SAML: Aikido now auto-creates teams when there’s no teams configured yet

• Autofix: We now support private nuget/NPM registries (docs)

• You can now set your preferred scanning frequency (if you’re on a paid plan)

Vulnerability Database

Our research team has discovered over 20 new vulnerabilities over the last two weeks! (vulnerability database)