Aikido: Is a Single DevSecOps Tool Possible?

Or watch the video version on YouTube. Bret is joined by Willem Delbare and Roeland Delrue to discuss Aikido, a security tool consolidation platform designed specifically for smaller teams and solo DevOps practitioners.
The discussion explores how Aikido addresses the growing challenges of software supply chain security by bringing together various security tools - from CVE scanning to cloud API analysis - under a single, manageable portal. Unlike enterprise-focused solutions, Aikido targets the needs of smaller teams and individual DevOps engineers who often juggle multiple responsibilities. During the episode, they demonstrate Aikido's capabilities using Bret's sample GitHub organization, and show how teams can implement comprehensive security measures without managing multiple separate tools.

There's also a video version on YouTube.

★Topics★
Aikido website
Aikido on Bluesky
Aikido on LinkedIn

Creators & Guests

Cristi Cotovan - Editor Beth Fisher - Producer Bret Fisher - Host Willem Delbare - Guest Roeland Delrue - Guest

• (00:00) - Intro

(06:20) - Aikido Origin Story (10:32) - What Does AutoFix Mean? (13:18) - Security Automation and Developers (21:32) - Lessons from Onboarding Customers (23:10) - Reducing Noise and Alert Fatigue with Aikido (27:30) - Aikido in the CI/CD Process (31:26) - AI Security Integration (32:24) - GitHub Actions and Dependencies as Attack Vector (39:20) - Dependencies in Programming Languages (41:30) - Infrastructure as Code and Cloud Security (48:17) - Runtime Protection with Aikido Zen (54:25) - Agent Involvement in Scanning (57:54) - Tools to Use Alongside Aikido (01:01:16) - Getting Started with Aikido

You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!

Grab the best coupons for my Docker and Kubernetes courses.
Join my cloud native DevOps community on Discord.
Grab some merch at Bret's Loot Box
Homepage bretfisher.com