Story
7 min read

How Mediquest Secures Patient Data with Aikido

"If you have to manage security for 50 applications, you’re constantly coding and updating. Aikido took that burden off our shoulders, with its all-in-one solution."

Erwin Rooijakkers
Software Engineer
Table Of Contents
TOC Item
Website
https://www.mediquest.nl
Founded
2005
Industry
HealthTech
Funding Raised
Headquarters
Utrecht, The Netherlands
Development Team Size
9 (covering 50+ services on Google Cloud and Solvinity Cloud)

About the company

Mediquest transforms data into clear information to make the best healthcare decisions. They take data about patients and turn it into useful information for both patients and healthcare providers. For example, one of Mediquest's solutions matches patients with the right specialist based on factors such as wait time, proximity and quality. On the caregiver side, Mediquest has developed a portal comprising multiple applications (like dashboards, questionnaires, data analytics, and more) for healthcare providers to monitor the well-being of their patients. Mediquest serves several thousands of customers across the Netherlands. 

The challenge: keeping healthcare data secure

Handling patient data comes with a big challenge: security. In the healthcare industry, privacy and data security are critical. Mediquest, like many companies in the sector, must ensure that patient data is kept safe, confidential, and compliant with industry regulations. They have undergone rigorous security audits since 2015, obtaining ISO9001, ISO 27001 and NEN 7510 certifications, the latter being a standard for organizations in the Netherlands that deal with patient health data. Despite this, they realized that keeping up with ever-evolving security standards, especially with their 100+ cloud-based services, was an ongoing and complex task. Not only for the company itself, but mostly for being able to better serve customers and patients. Mediquest needed a reliable, streamlined solution to manage and continuously improve its security without draining resources. In its quest to anticipate ongoing expectations around the robustness of its security posture, Erwin Rooijakkers, Software Engineer at Mediquest, and the team wanted to introduce a tool that helped with continuous monitoring and pentesting.

The Aikido solution: one platform for all security needs 

After shelving the idea to build a tool on their own leveraging Trivy and ZAP (due to conflicting priorities and needing further investments to acquire the right expertise), Mediquest’s DevOps team explored various security tools. However, many of these solutions were either overly complex or prohibitively expensive, frequently resulting in too many false positives and lacking essential functionalities. That’s when the team came across Aikido, a comprehensive and cost-effective platform that integrates multiple open-source security tools into one intuitive interface.

“While searching for security tools, we stumbled upon Aikido through a recommendation on Reddit. Someone shared their positive experience, and that led us to give it a try. It turned out to be exactly what we needed—affordable, comprehensive, and packed with more features than other tools we looked at,” recalls Erwin Rooijakkers, Software Engineer at Mediquest.

Aikido provided the perfect solution, addressing Mediquest’s challenge with a unified dashboard that covers several of their key priorities:

Aikido turned out to be exactly what we needed – affordable, comprehensive, and packed with more features than other tools we looked at. The platform helped us focus on the most critical vulnerabilities first, which was critical to keeping our applications secure.

Aikido gave Mediquest a complete view of its security posture. The platform allowed the team to prioritize vulnerabilities and improve their systems without having to build their own security checks. "With Aikido, we no longer had to build all our security checks from scratch," says Rooijakkers. "The platform helped us focus on the most critical vulnerabilities first, which was critical to keeping our applications secure."

“Aikido does everything that I was trying to set up myself manually,” Rooijakkers continues. “If you have to manage security for 50 applications, you’re constantly coding and updating. We simply lacked the time and expertise to maintain sufficient security checkpoints. Aikido took that burden off our shoulders, with its all-in-one solution.”
The real-time support was essential for us. With Aikido, I get answers within an hour, sometimes even within minutes. It gave me confidence knowing that their support team could justify why a potential vulnerability was - or was not - flagged as a risk.

What made Aikido really stand out, is the quality of its customer support. “The real-time support was essential for us. With Aikido, I get answers within an hour, sometimes even within minutes. It gave me confidence knowing that their support team could justify why a potential vulnerability was - or was not - flagged as a risk,” says Rooijakkers.

Additionally, Aikido’s ability to incorporate feedback quickly was a key advantage. “I gave feedback on certain issues that weren’t being flagged but should have been. Within days, Aikido made adjustments—not just for us, but for all customers. This showed me they take customer feedback seriously and use it to improve their product,” Rooijakkers adds.

When you look at the hourly rate of developers and how much time Aikido saves us, the decision to add Aikido to our tool stack was a no-brainer

The result: improved security, reduced workload

With Aikido, Mediquest no longer faces the overwhelming task of manually managing security across multiple applications. Instead, they benefit from an integrated solution that combines various security tools, simplifying the process while increasing effectiveness. One of the standout moments for Rooijakkers was when Aikido enabled him to perform a penetration test behind a login wall— something he had previously spent days trying to manage himself without success.

“Having that simply work through Aikido was the icing on the cake,” says Rooijakkers, referring to the ability to successfully pentest behind a login wall. “All the pieces of the security puzzle suddenly fell into place. We now have more control and a complete picture of what can be improved. During future audits (and when talking about our security posture in general) we can confidently demonstrate we have everything under control.”

The efficiency gained by using Aikido has been a game changer for Mediquest, allowing the development team to focus on more pressing issues and making the cost-benefit calculation a clear and easy decision.

“When you look at the hourly rate of developers and how much time Aikido saves us, the decision to add Aikido to our tool stack was a no-brainer,” Rooijakker emphasizes.
Download Case As pDF

Other great stories told by our customers

PE & Group Companies
Delivering SCA and beyond to 6,000+ developers.
View story
Visma
FinTech
Minimizing false-positives, while keepig GitHub as the single source of truth.
View story
Bound
HealthTech
Birdie's fastest time to resolution? 30 seconds.
View story
Birdie
Software Development
Marvelution weaves security into it's one-word business plan: "fun".
View story
Marvelution
HealthTech
Realizing efficiency gains, from one intuitive interface to pentests behind the login wall.
View story
Mediquest