New Aikido Security Features: August 2023
Felix Garriau
Posted on September 27, 2023
In the last few weeks, we’ve released lots of new features and expanded support for different tool stacks. Most notably we’ve added support for scanning many container registries! Besides that:
- We’ve added lots of new AWS rules
- Autofix now also supports Python
- We’ve improved our exploit reachability analysis to support PNPM
Expanding container registry support
Many containers run web-facing software such as Apache, Nginx, Python, Node.js or other runtimes. Keep them secure with docker container scanning! Next to Docker Hub, Azure Container Registry, GCP Artifact Registry & AWS Elastic Container Registry we’re now also supporting the following registries:
GitLab container registry (Cloud & self-managed)
We now support GitLab’s Container Registry for Cloud & Self-Managed. As a GitLab Technology Alliance partner for Security, we couldn’t miss out on these features!
Read the docs to set up:
- Container scanning for Gitlab Container Registry
- Container scanning for Gitlab Self-Managed Container Registry
Digital Ocean container registry
DigitalOcean is a solid cloud solution that we couldn’t wait to support. We’re happy to say we now do so for containers!
Read the docs on how to set it up
Scaleway container registry
We’re proud to also do exploit scanning for Scaleway’s Container Registry, one of the few real European clouds!
Read the docs on how to set it up
Exploit reachability analysis improved
We've rolled out reachability analysis for PNPM lockfiles. To accomplish this at our standard of quality, we've made sure to cover many typical edge cases (aliasing, special version notation, etc.). This means our auto-triage engine gets rid of many false positives that others simply don’t.
If you’re using PNPM and using Aikido, you’re in luck! You’re using one of the only products in the industry with this level of noise reduction capabilities! 🎉
AWS rules expansion
We’ve upgraded our AWS ruleset to include more relevant rules. We want to make sure you’re notified about issues that really matter. Some new rules include:
- Checking for unused IAM Credentials
- SSL certificates that won't auto-renew
- ECR repositories that do not auto-delete old images.
Make sure to connect your AWS cloud to Aikido to check if you’ve got new findings.
Expanding autofix coverage: Python
With Aikido’s Autofix feature, you can create pull requests to fix vulnerabilities with just one click. We now also support Python! (Currently, this only applies to environments using requirements.txt, but not yet for poetry.lock files.) There’s nothing extra to configure. Just browse to a Python issue and find the Autofix button!
Read more on Autofix in our docs.
Try these out today
Log into your Aikido account to test these new features. Alternatively, you can request a demo from our team.
We would love to get your feedback on them. If any ideas pop to mind, please don’t hold back - just let us know! We’re always available via the in-app chat. 😉
Posted on September 27, 2023
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.