We partnered with OWASP to give every OWASP individual member 200 free Aikido credits to run Code Audit. In this blog article we explain who qualifies, how to claim the credits, and how to use them for a Code Audit
What the benefit gives you
Every OWASP individual member gets 200 Aikido credits to run Code Audit on their own codebase. The benefit went live on 18 June 2026 and runs for six months.
Who can claim
The benefit is open to OWASP individual members. You can only claim it with your @owasp.org email address, so make sure to have that ready before you start.
How to claim your credits
You claim the credits in two steps:
- Sign up to Aikido on https://app.aikido.dev/login using your @owasp.org email address.
- Once you are in, send the message AIKIDO💜OWASP26 in the in-app chat. Our team will manually add the 200 credits to your account.
If you already signed up with a different email, sign up again with your @owasp.org address so we can match you to the benefit.
What Code Audit does
Code Audit reads your source code and reasons through it the way an attacker would, following references across files and modules to find the multi-step, logic-layer issues where no single line is the vulnerability. It catches things like IDOR, broken access control, and business logic flaws.
What you can run with the credits
Because Code Audit works on your codebase, you do not need a live application or auth credentials to start. Connect a repository and start an audit. The set-up takes a few minutes, and code audits run in a couple of minuutes, depending on the codebase size and its complexity.
Cost per audit depends on the size and complexity of the repositories you select, and Aikido estimates the credit total before each audit begins.
