#38 - Kubernetes misconfiguration scanning, PR feedback in Code Quality & Bun support for Safe Chain

Features

• Kubernetes Misconfiguration: Aikido now supports full Kubernetes cluster scanning, giving you visibility into misconfigurations, exposed secrets, and vulnerable workloads across your entire cluster. Quickly spot and fix security risks before they impact your cloud.

• Code Quality: Add code context directly from your GitHub PR by commenting to @AikidoSec, making it easier to improve future code reviews.

• Safe-chain 1.1.0 adds Bun support - Safe Chain now supports all node major package managers through a local proxy, adds Bun support, and scans child dependencies for complete supply chain coverage.

Aikido Intel - Malware & Vulnerability Database

Our research team has discovered over #54 new vulnerabilities over the last two weeks!

Improvements

• Code - Support for Unity's packages-lock.json with malware and outdated libraries detection

• Code - Ignore by path can now be viewed and configured on repository settings page

• Clouds - Additional advanced 47 rules for AWS and 30 additional for GCP

• Teams - Automatically sync Github Teams and link repositories, containers, clouds, and more.

• IDE - New releases for VSCode

• Zen Firewall - Agent releases for Java, Python, and PHP

• VM - Local scanner v1.2.1

  • SBOM filtering

  • Passing configuration as CLI parameters

  • Specifying a different hostname than the current one on the machine

• API - Fetch a Zen event

• API - Add a new GCP cloud

• API - Fetch container detail

• API - Link and unlink Zen Apps to Teams

• API Webhook - Zen attack, outbound domain and attack wave detection

• API Webhook - Issues that go out of SLA