Aikido
Start for Free
No CC required

Sooraj Shah

Content Marketing Lead
Sooraj Shah is Content Marketing Lead at Aikido Security. He has a background as a journalist for publications such as the BBC, the FT, Infosecurity Magazine and SC Magazine, and as a content marketer for B2B tech companies and start-ups.
Pypi
Aikido Zen
IDOR vulnerabilities
IDE Security
Announcements
European Cyber Security
Continuous Pentesting
AI Safety
Self-securing Software
SSDLC
VS Code
AI Penetration Testing
Threat Modeling
Cyber Resilience Act
Triaging
AutoTriage
Pentesting
Bazel
Code Quality
OWASP
NIS2
Legaltech
fintech
RASP
End of Life
SQL Injections
DAST
cnapp
cspm
aspm
Infrastructure as a Code IaC
Network Security Monitoring
License Scanners
SBOM
Container Scanning
AppSec
Vulnerabilities
Software Supply Chain Security
API
Dependencies
Continuous Security Monitoring
DevSecOps
Vibe Coding
AI
NPM
autofix
Malware
Article
open-source
SCA
intel
SOC 2
usecase
Tools
SAST
Compliance
CircleCI
Codeship
IMDSv2
Cloud
IMDSv1
SSRF
AWS

Blog posts by Sooraj Shah

March 19, 2026
Guides & Best Practices

Security testing is validating software that no longer exists

Modern teams ship faster than pentesting can keep up. Explore the growing speed gap in security testing—and why traditional approaches are falling behind.

Tags/

#AI Penetration Testing

#Continuous Pentesting

#Pentesting

March 6, 2026
Guides & Best Practices

What continuous pentesting actually requires

Continuous pentesting promises real-time security validation, but most implementations fall short. Here’s what continuous pentesting actually requires—from change-aware testing to exploit validation and remediation loops.

Tags/
No items found.
February 24, 2026
Product & Company Updates

How Aikido secures AI pentesting agents by design

Learn how Aikido secures AI pentesting agents with architectural isolation, runtime scope enforcement, and network-level controls to prevent production drift and data leakage.

Tags/

#AI Penetration Testing

#AI Safety

#AI

February 17, 2026
News

Aikido recognized as Platform Leader in Latio Tech's 2026 Application Security Report

Aikido Security recognized as Platform Leader, AI Pentesting Innovator, and Supply Chain Innovator in Latio Tech’s 2026 AppSec Report.

Tags/

#Self-securing Software

#AppSec

February 13, 2026
Product & Company Updates

Introducing Upgrade Impact Analysis: When breaking changes actually matter to your code

Aikido automatically detects breaking changes in dependency upgrades and analyzes your codebase to show real impact, so teams can merge security fixes safely.

Tags/
No items found.
February 11, 2026
News

Claude Opus 4.6 found 500 vulnerabilities. What does this change for software security?

Anthropic claims Claude Opus 4.6 uncovered 500+ high-severity vulnerabilities in open source. Here’s what that means for vulnerability discovery, exploitability validation, and production security workflows.

Tags/

#AI

February 3, 2026
Guides & Best Practices

AI Pentesting: Minimum Safety Requirements for Security Testing

AI pentesting systems act autonomously against live environments. Learn when AI pentesting is safe to use, the minimum technical safeguards required, and how to evaluate AI security testing tools responsibly.

Tags/

#AI Penetration Testing

#AI

#DAST

January 16, 2026
Guides & Best Practices

The CISO Vibe Coding Checklist for Security

A practical security checklist for CISOs managing AI and vibe-coded applications. Covers technical guardrails, AI controls, and organizational policies.

Tags/

#Vibe Coding

January 8, 2026
Vulnerabilities & Threats

Critical n8n Vulnerability Allows Unauthenticated Remote Code Execution (CVE-2026-21858)

A critical vulnerability in n8n (CVE-2026-21858) allows unauthenticated remote code execution on self-hosted instances. Learn who is affected and how to remediate.

Tags/

#Vulnerabilities

January 5, 2026
Compliance

How Engineering and Security Teams Can Meet DORA’s Technical Requirements

Understand DORA’s technical requirements for engineering and security teams, including resilience testing, risk management, and audit-ready evidence.

Tags/

#Compliance

#AppSec

January 2, 2026
Vulnerabilities & Threats

IDOR Vulnerabilities Explained: Why They Persist in Modern Applications

Learn what an IDOR vulnerability is, why insecure direct object references persist in modern APIs, and why traditional testing tools struggle to detect real authorization failures.

Tags/

#AI

#AI Penetration Testing

#DAST

#SAST

#Vulnerabilities

December 26, 2025
Vulnerabilities & Threats

MongoBleed: MongoDB Zlib Vulnerability (CVE-2025-14847) and How to Fix It

MongoBleed, tracked as CVE-2025-14847, allows unauthenticated memory disclosure in MongoDB via zlib compression. See impact and remediation.

Tags/

#Vulnerabilities

Get secure now

Secure your code, cloud, and runtime in one central system.
Find and fix vulnerabilities fast automatically.

Start Scanning
No CC required
Book a demo
No credit card required | Scan results in 32secs.