Aikido: Is a Single DevSecOps Tool Possible?
Download MP3Or watch the video version on YouTube. Bret is joined by Willem Delbare and Roeland Delrue to discuss Aikido, a security tool consolidation platform designed specifically for smaller teams and solo DevOps practitioners.
The discussion explores how Aikido addresses the growing challenges of software supply chain security by bringing together various security tools - from CVE scanning to cloud API analysis - under a single, manageable portal. Unlike enterprise-focused solutions, Aikido targets the needs of smaller teams and individual DevOps engineers who often juggle multiple responsibilities. During the episode, they demonstrate Aikido's capabilities using Bret's sample GitHub organization, and show how teams can implement comprehensive security measures without managing multiple separate tools.
There's also a video version on YouTube.
★Topics★
Aikido website
Aikido on Bluesky
Aikido on LinkedIn
The discussion explores how Aikido addresses the growing challenges of software supply chain security by bringing together various security tools - from CVE scanning to cloud API analysis - under a single, manageable portal. Unlike enterprise-focused solutions, Aikido targets the needs of smaller teams and individual DevOps engineers who often juggle multiple responsibilities. During the episode, they demonstrate Aikido's capabilities using Bret's sample GitHub organization, and show how teams can implement comprehensive security measures without managing multiple separate tools.
There's also a video version on YouTube.
★Topics★
Aikido website
Aikido on Bluesky
Aikido on LinkedIn
- (00:00) - Intro
- (06:20) - Aikido Origin Story
- (10:32) - What Does AutoFix Mean?
- (13:18) - Security Automation and Developers
- (21:32) - Lessons from Onboarding Customers
- (23:10) - Reducing Noise and Alert Fatigue with Aikido
- (27:30) - Aikido in the CI/CD Process
- (31:26) - AI Security Integration
- (32:24) - GitHub Actions and Dependencies as Attack Vector
- (39:20) - Dependencies in Programming Languages
- (41:30) - Infrastructure as Code and Cloud Security
- (48:17) - Runtime Protection with Aikido Zen
- (54:25) - Agent Involvement in Scanning
- (57:54) - Tools to Use Alongside Aikido
- (01:01:16) - Getting Started with Aikido
You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!
Grab the best coupons for my Docker and Kubernetes courses.
Join my cloud native DevOps community on Discord.
Grab some merch at Bret's Loot Box
Homepage bretfisher.com
Grab the best coupons for my Docker and Kubernetes courses.
Join my cloud native DevOps community on Discord.
Grab some merch at Bret's Loot Box
Homepage bretfisher.com
Creators and Guests
Host
Bret Fisher
Cloud native DevOps Dude. Course creator, YouTuber, Podcaster. Docker Captain and CNCF Ambassador. People person who spends too much time in front of a computer.
Producer
Beth Fisher
Producer of DevOps and Docker Talk podcast since 2019. Assistant producer on Bret Fisher Live show on YouTube. Business and proposal writer by trade.
