Sooraj Shah

Content Marketing Lead

Sooraj Shah is Content Marketing Lead at Aikido Security. He has a background as a journalist for publications such as the BBC, the FT, Infosecurity Magazine and SC Magazine, and as a content marketer for B2B tech companies and start-ups.

Blog posts by Sooraj Shah

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

February 3, 2026

•

Guides & Best Practices

AI Pentesting: Minimum Safety Requirements for Security Testing

AI pentesting systems act autonomously against live environments. Learn when AI pentesting is safe to use, the minimum technical safeguards required, and how to evaluate AI security testing tools responsibly.

Tags/

#AI Penetration Testing

#AI

#DAST

January 16, 2026

•

Guides & Best Practices

The CISO Vibe Coding Checklist for Security

A practical security checklist for CISOs managing AI and vibe-coded applications. Covers technical guardrails, AI controls, and organizational policies.

Tags/

#Vibe Coding

January 8, 2026

•

Vulnerabilities & Threats

Critical n8n Vulnerability Allows Unauthenticated Remote Code Execution (CVE-2026-21858)

A critical vulnerability in n8n (CVE-2026-21858) allows unauthenticated remote code execution on self-hosted instances. Learn who is affected and how to remediate.

Tags/

#Vulnerabilities

January 5, 2026

•

Compliance

How Engineering and Security Teams Can Meet DORA’s Technical Requirements

Understand DORA’s technical requirements for engineering and security teams, including resilience testing, risk management, and audit-ready evidence.

Tags/

#Compliance

#AppSec

January 2, 2026

•

Vulnerabilities & Threats

IDOR Vulnerabilities Explained: Why They Persist in Modern Applications

Learn what an IDOR vulnerability is, why insecure direct object references persist in modern APIs, and why traditional testing tools struggle to detect real authorization failures.

Tags/

#AI

#AI Penetration Testing

#DAST

#SAST

#Vulnerabilities

December 26, 2025

•

Vulnerabilities & Threats

MongoBleed: MongoDB Zlib Vulnerability (CVE-2025-14847) and How to Fix It

MongoBleed, tracked as CVE-2025-14847, allows unauthenticated memory disclosure in MongoDB via zlib compression. See impact and remediation.

Tags/

#Vulnerabilities

December 10, 2025

•

Guides & Best Practices

OWASP Top 10 for Agentic Applications (2026): What Developers and Security Teams Need to Know

Learn the OWASP Top 10 for Agentic Applications. Understand the top AI agent security risks, real-world examples, and how to harden your environment.

Tags/

#OWASP

December 3, 2025

•

Vulnerabilities & Threats

Critical React & Next.js RCE Vulnerability (CVE-2025-55182): What You Need to Fix Now

Learn how CVE-2025-55182 and the related Next.js RCE affect React Server Components. See impact, affected versions, and how to fix. Aikido now detects both issues.

Tags/

#Vulnerabilities

November 6, 2025

•

Guides & Best Practices

OWASP Top 10 2025: Official List, Changes, and What Developers Need to Know

Discover what’s new in the OWASP Top 10 2025, including software supply chain failures and error handling risks, and how to strengthen your AppSec program.

Tags/

#OWASP

September 19, 2025

•

Guides & Best Practices

How Aikido Makes Threat Modeling Practical for Developers

Aikido transforms threat modeling into a developer-first, holistic, automated process with continuous monitoring across code and cloud environments

Tags/

#Threat Modeling

September 16, 2025

•

Compliance

Why European Companies Choose Aikido as Their Cybersecurity Partner

European companies trust Aikido Security to secure code, cloud, and runtime with GDPR, NIS2 & Cyber Resilience Act compliance and EU data sovereignty.

Tags/

#Cyber Resilience Act

#NIS2

September 15, 2025

•

Compliance

Complying with the Cyber Resilience Act (CRA) using Aikido Security

Learn how to comply with the EU Cyber Resilience Act (CRA). Aikido Security helps developers and security teams meet CRA requirements with automated scanning, SBOM, and runtime protection

Tags/

#NIS2

#Compliance

#SOC 2

#Cyber Resilience Act

Get secure now

Secure your code, cloud, and runtime in one central system.
Find and fix vulnerabilities fast automatically.

Start Scanning

No CC required

Book a demo

No credit card required | Scan results in 32secs.