.avif)
Sooraj Shah
Blog posts by Sooraj Shah
What continuous pentesting actually requires
Continuous pentesting promises real-time security validation, but most implementations fall short. Here’s what continuous pentesting actually requires—from change-aware testing to exploit validation and remediation loops.
How Aikido secures AI pentesting agents by design
Learn how Aikido secures AI pentesting agents with architectural isolation, runtime scope enforcement, and network-level controls to prevent production drift and data leakage.
Aikido recognized as Platform Leader in Latio Tech's 2026 Application Security Report
Aikido Security recognized as Platform Leader, AI Pentesting Innovator, and Supply Chain Innovator in Latio Tech’s 2026 AppSec Report.
Introducing Upgrade Impact Analysis: When breaking changes actually matter to your code
Aikido automatically detects breaking changes in dependency upgrades and analyzes your codebase to show real impact, so teams can merge security fixes safely.
Claude Opus 4.6 found 500 vulnerabilities. What does this change for software security?
Anthropic claims Claude Opus 4.6 uncovered 500+ high-severity vulnerabilities in open source. Here’s what that means for vulnerability discovery, exploitability validation, and production security workflows.
AI Pentesting: Minimum Safety Requirements for Security Testing
AI pentesting systems act autonomously against live environments. Learn when AI pentesting is safe to use, the minimum technical safeguards required, and how to evaluate AI security testing tools responsibly.
The CISO Vibe Coding Checklist for Security
A practical security checklist for CISOs managing AI and vibe-coded applications. Covers technical guardrails, AI controls, and organizational policies.
Critical n8n Vulnerability Allows Unauthenticated Remote Code Execution (CVE-2026-21858)
A critical vulnerability in n8n (CVE-2026-21858) allows unauthenticated remote code execution on self-hosted instances. Learn who is affected and how to remediate.
How Engineering and Security Teams Can Meet DORA’s Technical Requirements
Understand DORA’s technical requirements for engineering and security teams, including resilience testing, risk management, and audit-ready evidence.
IDOR Vulnerabilities Explained: Why They Persist in Modern Applications
Learn what an IDOR vulnerability is, why insecure direct object references persist in modern APIs, and why traditional testing tools struggle to detect real authorization failures.
Get secure now
Secure your code, cloud, and runtime in one central system.
Find and fix vulnerabilities fast automatically.
