Secrets liveness detection, GitHub access control checks & Sprinto integration
Secrets liveness detection, GitHub access control checks & Sprinto integration
New Features
🚀 Secrets liveness detection (docs)
Aikido now checks if exposed secrets are still active and assesses their potential risks. Issue's severity is adapted based on this information. (Think of GitHub Access Tokens, Sendgrid tokens, Stripe tokens, slack tokens,…) Aikido filters the noise in detected secrets even better than before!
🚀 GitHub access control checks (docs)
Aikido can now check for critical access control issues. (Think of multi-factor authentication, restricting default access rights, requiring mandatory code reviews,...) This way, you can ensure that only authorized and verified changes are made to your codebase.
Improvements & bug fixes
SLAs: Aikido can now automatically create tasks for issues that go out of SLA (ask us for access to this feature via in-app chat)
Firewall:
We added blocking/nonblocking mode in the UI
SSRF protection: blocks SSRF attacks by intercepting and validating requests to internal services.
Dependency scanning: Support for deno.lock (for JS) (check lockfile support in docs)
Feed: When you hover over the toggles you now get a detailed view on how Aikido has refined the findings.
SAML: We now support SAML via Google Workspace! (docs)
Jira integration: You’re now able to map severities to their correlating priorities in Jira
Vulnerability Database
Our research team has discovered over 31 new vulnerabilities over the last two weeks! (check out our vulnerability database)