#48 - AI Code Audit, Aikido MCP and ServiceNow Integration

Features

• AI Code Audit - Pentest-grade reasoning on your source code. Catch logic flaws and other vulnerabilities that other scanners miss, just connect a repo.

• Aikido MCP - Search and fetch your Aikido issues straight from your AI coding assistant. Ask for critical findings, leaked secrets, or open vulnerabilities in any repo and act on them with your favorite AI.

• ServiceNow Integration - Connect ServiceNow as a task tracker and Aikido turns security findings into tickets automatically, routing them into the workflow your teams already use.

Aikido Intel - Malware & Vulnerability Database

Our research team has discovered over #365 new vulnerabilities over the last month!

Among them: Google API keys keep working after you delete them. Our testing found a deleted key can keep authenticating for up to 23 minutes, long enough for an attacker with a leaked key to reach your data and APIs, including Gemini.

Improvements

• General - Ask Aikido about CVE’s through chat

• Code - Release gating: SLA Mode

• Cloud

  • Added support for Oracle Cloud with +50 rules

  • Onboard Entire Alibaba organization

  • VM Scanning - Added GCP support

• Pentest

  • Pause Pentest

  • Monorepo support

• Device Protection

  • Get Inbox notifications in Slack or Microsoft Teams

  • Added Golang ecosystem support

  • macOS silent install for MDM

• Zen Firewall

  • Agent releases for Dotnet, Java, PHP, Ruby, Golang and Node

  • New view to check why an IP is getting blocked

• IDE - New releases for VSCode, Jetbrains and Visual Studio

  • Added support for IaC scanning in Jetbrains

• API - List Licenses

• API - List Malware

• API - Get IDE/MCP usage statistics