Aikido
APIAikido login
  • Docs
  • Changelog
  • Aikido Docs Overview
  • Getting Started
    • Overview
    • Setting Up Your Account
      • Connect Your Repositories
      • Account Setup with Multiple Gits
      • Merge multiple login types
      • Change Email for Notifications
    • User Management
      • Inviting Users to Aikido
      • Invite Users to Aikido Without a Git Account
      • Setting Roles and Permissions
      • Automated User Management
        • GitHub Integration: Authentication and User Management
        • Azure DevOps: Authentication and User Management
        • Bitbucket Cloud Integration: Authentication and User Management
        • GitLab Integration: Authentication and User Management
        • GitLab Self-Managed Integration: Authentication and User Management
      • SAML Login
        • SAML user rights: Access Profiles (Recommended)
        • SAML user rights: Custom Attributes (Advanced)
        • Okta: Login with SAML
        • JumpCloud: Login with SAML
        • Google Workspaces: Login with SAML
        • Microsoft Azure: Login with SAML/ Entra ID
        • Microsoft Azure: Custom attributes with SAML /Entra ID
    • Manage Teams & Applications
      • Managing User Access with Teams
      • Manage and View your Apps and Projects via our Teams Feature
      • Assign Team Responsibilities by Specific Path in Repo
    • Manage Findings
      • Main Feed
      • Manually Adjust Issue Severity
      • Ignore Issues to Remove Issues from Main Feed
      • Snooze Issues for Later
      • Display License Issues in Feed
      • Enable SLAs in Aikido
      • Why Was an Issue Marked as Solved
  • Task Management Tools
    • All Supported Task Trackers
      • Jira Cloud
      • Jira Data Center
      • Linear
      • ClickUp
      • Azure DevOps Boards
      • GitHub Issues
      • GitLab Issues
      • GitLab Issues Self-Managed
      • JetBrains YouTrack
      • Asana
      • Monday.com
      • Shortcut
    • Advanced Functionalities
      • Link Existing Tasks
      • Smart Issue Routing: Map Repositories to Projects in your Task Manager
      • Auto-Close Linear Tasks When Aikido Issues Are Resolved
      • Auto-Close Jira Tasks When Aikido Issues Are Resolved
    • Troubleshoot Jira Task Creation: Set up Default Issue Types
    • Allowing IP addresses for Issue/Task Tracker integrations
  • Chat & Alerts
    • Slack notifications
    • Send alerts to multiple Slack channels
    • MS Teams notifications
  • Scanning Configurations
    • Aikido Security Checks
    • SAST by Aikido: supported languages and security focus
    • Scanning Frequencies
    • Reachability engine to remove false positives
    • Improve risk scoring for repositories and containers
    • Generate SBOM based on open-source packages
    • Add Custom SAST & IaC Rules
    • Access Control Checks
    • Running a successful POC with Aikido
    • Aikido never stores your code
    • Limit Aikido access to specific IPs
  • Code Scanning
    • Code Scanning Overview
    • Connect Your Source Code
      • Connect GitHub Organization
      • Connect Azure DevOps Projects
      • Connect Bitbucket Account
      • Connect GitLab Account
      • Connect GitLab Self Managed Server
      • How to scan a personal GitLab project
    • Local Code Scanning
      • Account Creation for Local Scanning
      • CLI options for Local Scanner
      • PR and release gating for code using Local Scanner
      • Performing Nightly Scans using Local Scanner
      • Local Scanning in existing SCM-Integrated Workspaces
      • GitLab Self Managed Setup for Local Code Scanning
      • Azure DevOps Server Setup for Local Code Scanning
      • Bitbucket Pipeline Setup for Local Code Scanning
      • CircleCI Setup for Local Code Scanning
      • GitHub Action Setup for Local Code Scanning
      • Jenkins Setup for Local Code Scanning
      • Linux Setup for Local Code Scanning
      • Mac Setup for Local Code Scanning
      • Windows Setup for Local Code Scanning
      • Bamboo Setup for Local Code Scanning
      • TeamCity Pipeline Setup for Local Code Scanning
    • Scanning Best Practices
      • Support for dependency scanning by language (SCA)
      • C/C++ Lockfile-less Scanning
      • Java/Scala/Kotlin projects using Gradle: Security scanning best practices
      • NET Projects: Security scanning best practices
      • Scala: Dependency Management and Scanning for build.sbt
      • Vulnerability scanning on private packages - Maven
      • Scanning Dev Dependencies for CVEs
      • Malware detection in open-source dependencies
      • Live Secret Detection
      • Ignoring secrets via code comments
      • Ignore via code with .aikido files
      • Excluding SAST findings using comments
    • Repository Configurations
      • Allowing IP addresses for code & container scanning
      • Ensuring Aikido Scans New Repositories
      • Scanned Branches in Aikido
      • Support for Multi-Branch Scanning
      • Support for Specific Branch Scanning
      • Split Your Monorepo Per Path
      • Use EPSS values to further reduce noise
      • Why does Aikido not find a specific vulnerability or CVE inside a dependency
  • Cloud Scanning
    • Cloud Scanning Overview
    • Connect Your Cloud
      • AWS Cloud Scanning
        • Connect AWS account to Aikido
      • Azure Cloud Scanning
        • Connect Azure Cloud account
        • Get required values + set up configuration to connect Azure cloud via public API
      • GCP Cloud Sanning
        • Connect GCP account
      • Digital Ocean Cloud Scanning
        • Connect DigitalOcean account
    • Cloud Search: Search asset inventory
    • Custom CSPM Rules
  • Container Image Scanning
    • Container Image Scanning Overview
    • Cloud Provider Registries
      • AWS ECR
      • GCP Artifact Registry
      • GCP Scanner for GCP Artifact Registry
      • GCP legacy Container Registry
      • Azure Container Registry
      • DigitalOcean Container Registry
    • Standalone Registries
      • Cloudsmith Container Registry
      • Docker Hub images
      • GitHub Container Registry
      • Gitlab Container Registry
      • Gitlab Self Managed Container Registry
      • Harbor Container Registry
      • Image scanning for Sonatype Nexus Repository
      • JFrog Artifactory
      • Quay.io Cloud Registry
      • Scaleway Container Registry
    • Local Image Scanning
      • Setting up image scanning with Local Scanner
      • Setting up kaniko image scanning with Local Scanner
      • PR and release gating using Local Image Scanner
      • BitBucket Pipeline setup for Local Image Scanning
      • CircleCI Setup for Local Image Scanning
      • GitHub Action Setup for Local Image Scanning
      • GitLab Setup for Local Image Scanning
      • Jenkins setup for Local Image Scanning
  • Virtual Machine Scanning
    • VM Scanning Overview
    • AWS Virtual Machine Scanning
      • AWS EC2 Virtual Machine Scanning Setup
      • AWS EC2 KMS (Key Management Service) support
    • Azure Virtual Machine Scanning
      • Setup VM Configuration in Azure
      • Azure Virtual Machine Scanning Setup
      • Setup Custom Role in Azure
    • Local VM Scanning
      • Setting up the Local VM Scanner
    • Miscellaneous
      • Denoise VM results by configuring your environments
  • Configuration
    • Link containers to code repositories in bulk via tags (AWS ECR only)
    • Limit image scanning to images with specific tags
    • Detecting outdated runtimes using Aikido
    • Export RAW SBOM of your containers
    • Link Repository to Container
  • DAST / Surface Monitoring
    • DAST Overview
    • Front-end scanning
      • Scan Front-End App domains with Aikido
      • Authenticated Scanning for Front-End Apps
    • API Scanning
      • REST API & Web App Scanning
      • GraphQL API Scanning
      • Authenticated API Scanning for REST/GraphQL
      • Understanding and Detecting IDOR Vulnerabilities
  • Hosted 3rd party Apps & Services
    • Scan Hosted 3rd party Apps & Services with Aikido
  • Allowing IP addresses for Domains & API's
  • PR & Release Gating
    • PR & Release Gating Overview
    • Overall Functionality
      • Aikido CI Gating Functionality
      • CI Scan History Overview
      • AutoFix suggestions and Inline Commenting for PR Checks
    • GitHub PR Gating
      • GitHub CI PR Gating via Aikido Dashboard
      • GitHub CI PR Gating via GitHub Actions in code
      • GitHub PR Gating: Automatic Configuration for Newly Added Repos
    • Azure PR Gating
      • Azure Pipelines CI: PR Gating via Aikido Dashboard
      • Azure Pipelines: Automatic Configuration for Newly Added Repos
      • Azure Pipelines CI: PR Gating via Aikido Dashboard with a Personal Access Token
      • Azure Pipelines: Setting up gating for pull requests via code
    • GitLab MR Gating
      • GitLab CI MR Gating via Aikido Dashboard
      • Gitlab CI: Automatic Configuration for Newly Added Repos
      • Gitlab (Server) CI: MR Gating via Aikido Dashboard with a Personal Access Token (PAT)
      • GitLab CI: Setting up gating for merge requests via GitLab CI actions in code
    • Bitbucket PR Gating
      • Bitbucket CI: PR Gating via Aikido Dashboard
      • Bitbucket Pipes: Setting up gating for pull requests via Code
  • CLI for PR & Release Gating
    • Aikido CLI: Release and PR Gating
    • Aikido CI API
    • GitHub Action Setup for Aikido CLI: Release Gating
    • GitLab Pipeline Setup for Aikido CLI: Release Gating
  • Aikido AutoFix
    • Overview Aikido AutoFix
    • AutoFix for Open Source Dependencies
    • AutoFix for SAST and IaC Issues
    • AutoFix for Containers
    • Automatic Creation of Pull Requests
    • AutoFix Configuration
      • AutoFix for GitHub, Bitbucket and GitLab Cloud
      • AutoFix for Azure DevOps
      • AutoFix for Azure DevOps with Personal Access Token
      • AutoFix for GitLab Self Managed
      • AutoFix for Gitlab Cloud with Personal Access Token
      • Required permissions for Aikido AutoFix Github App
    • Connect Private Packages
      • AWS CodeArtifact - Private packages
      • Bundle - Private gems
      • PIP - Private packages
      • Composer - Private packages
      • Custom config - Private packages
      • GitHub Registry - Private packages
      • GitLab Registry - Private packages
      • Go - Private Packages
      • Google Artifact Registry - Private packages
      • NPM - Private Packages
      • NuGet - Private packages
      • Poetry - Private packages
  • IDE Plugins
    • IDE Plugins Overview
    • Visual Studio Plugin
    • VS Code Plugin
    • JetBrains Plugins
    • Cursor IDE
    • Windsurf IDE
    • Features
      • Aikido Malware Scanning
    • Troubleshooting
      • JetBrains Plugin - Access token not stored
  • Zen Firewall
    • Getting Started with Zen Firewall
    • Zen Installation instructions
      • Configuration via environment variables
      • Creating an Aikido Zen Firewall Token
      • Proxy & Load balancer settings
      • Setup and Installation of Zen Firewall for Dotnet
      • Setup and Installation of Zen Firewall for Java
      • Setup and Installation of Zen Firewall for Kotlin
      • Setup and Installation of Zen Firewall for Node.js (JavaScript & TypeScript)
      • Setup and Installation of Zen Firewall for PHP
      • Setup and Installation of Zen Firewall for Python
    • Zen Features
      • Blocking Bot traffic with Zen Firewall
      • Blocking Tor traffic with Zen Firewall
      • Blocking Users with Zen Firewall
      • Blocking known threat actors with Zen Firewall
      • Blocking traffic by country with Zen Firewall
      • Blocking vs Detection Mode in Zen Firewall
      • Monitor Outbound Domains
      • Setting Up Rate Limiting for Endpoints
      • Understanding Your Zen Statistics
      • Tracking AI / LLM usage with Zen Firewall
  • Miscellaneous Zen
    • Bot Protection Details
    • How Zen Works: Performance & Reliability
  • ISO 27001 and SOC 2 Compliance
    • Compliance Integrations Overview
    • Drata Integration
    • Sprinto Integration
    • Thoropass Integration
    • Vanta Integration
  • Miscellaneous Integrations
    • Integrations Overview
    • SonarQube Integration
      • How to connect your Sonarcloud account to Aikido
      • Show extra SonarCloud issues in feed by enabling unmapped rules
      • SonarQube Self-Managed
    • Other Integrations
      • Forge Integration: Troubleshooting
      • Aikido Webhooks
  • Workflows & Guides
    • Overview
    • Linear and Slack
    • Jira Cloud and Slack
  1. Code Scanning

Local Code Scanning

Account Creation for Local ScanningCLI options for Local ScannerPR and release gating for code using Local ScannerPerforming Nightly Scans using Local ScannerLocal Scanning in existing SCM-Integrated WorkspacesGitLab Self Managed Setup for Local Code ScanningAzure DevOps Server Setup for Local Code ScanningBitbucket Pipeline Setup for Local Code ScanningCircleCI Setup for Local Code ScanningGitHub Action Setup for Local Code ScanningJenkins Setup for Local Code ScanningLinux Setup for Local Code ScanningMac Setup for Local Code ScanningWindows Setup for Local Code ScanningBamboo Setup for Local Code ScanningTeamCity Pipeline Setup for Local Code Scanning

Last updated 15 days ago

Was this helpful?