Hey there! What’s your role, and your responsibilities?

I’m Otto Sulin, Security Lead at Supermetrics, responsible for all things security: from application security to compliance.

What makes Supermetrics stand out in your industry?

Our mission is to make data analysis simpler and more connected for marketers. Supermetrics’ no-code marketing data tools make it easy to edit, blend, enrich, activate, and store data from multiple sources. We serve over 200,000 customers, from small shops to the largest global enterprises.

What purpose should security serve in your industry?

Our customers trust us with their critical customer data. They authorize us to retrieve and store their marketing data, and that access comes with high expectations of security and privacy.

What kind of pressure do customers put on your security and compliance programs?

Very broad, to put it shortly. We’re expected to have a comprehensive security program with external audits, third-party penetration testing, and clearly defined SDLC security controls. Customers are more aware and demanding than ever when it comes to software security.

Was there a moment that triggered a more strategic focus on security?

Definitely. As we expanded into large enterprise space, those customers brought higher expectations. That growth drove our increased investment in security maturity.

How did the decision to look for Aikido fit into your wider strategy?

The decision to select Aikido was part of a broader initiative to improve our secure software development lifecycle. It included additional training, a security champions program, and much more.

Before Aikido, we used a collection of open-source tools alongside some commercial products. We wanted to simplify things, and to find a solution that would make security easier and more consistent across the SDLC.

“Aikido’s developer-friendliness and noise reduction features stood out immediately.”

What stood out about Aikido during evaluation?

Developer-friendliness and features that help reduce noise. Our goal was to empower product teams, and Aikido’s many features that help reduce unnecessary noise from findings combined with a UI that makes it simple to navigate and work with findings was what really stood out to us.

How easy was Aikido’s integration into your developer workflows?

Integrating Aikido into our existing tooling was a breeze. It supported all our platforms out of the box, and setup took just minutes. Zero friction.

What has your experience been like working with the Aikido team?

Fast response and transparency. Whenever we’ve encountered an issue, we’ve received a same-day response; and more than once, they’ve shipped a fix the same day.

What’s your favorite feature?

Noise reduction, without a doubt. My goal is to minimize the time our engineers spend managing vulnerabilities, and Aikido helps us do exactly that. We’ve seen a 75% reduction in noise using Aikido so far.

“We’ve seen a 75% reduction in noise using Aikido.”

Can you tell us a bit more about how Aikido’s embedded in your SDLC?

Aikido integrates directly into our CI/CD, Jira, and Slack. For confirmed issues we can quickly create Jira tickets, and Slack alerts notify the right teams based on repositories. It’s simple, visible, and keeps everyone aligned.

How has Aikido changed the way Supermetrics approaches security and vulnerability management?

It’s helped us centralize and automate key security workflows. Engineers can focus on building while we maintain full visibility and control across our repositories and images.

Any moments where Aikido saved your team time or reduced risk?

Open-source malware monitoring has been a huge time-saver. Before Aikido, we manually searched through reports to find risky packages and then searched through our repos if we were affected. Now it’s completely automated and far less error-prone.

How does Aikido support regulatory and data protection demands?

Aikido’s broad feature set ensures all scanning is enabled and policy compliance is easy to verify. It gives us the confidence that we’re always ready for audits and that we’re keeping the promises we make to customers.

How would you summarize Aikido’s impact?

Aikido’s ease of use, breadth of features, and noise-reduction capabilities make scaling a product security program a breeze.

The Summary

Supermetrics now runs a developer-first AppSec workflow that’s faster, cleaner, and easier to manage. With 75% less noise, instant integrations, and automation across Jira, Slack, and CI/CD, security now scales as smoothly as their data operations.