Review
“The license scanning has saved me a lot of headaches, letting me know if there are any hidden dangers in the licenses I'm using.”
Jonathan V
Software Engineer at XEOS
.png)
Software Bill of Materials
Create SBOMs easily.
Generate SBOMs in 1-click. Get full visibility into your software, eliminate hidden risks, and meet compliance requirements - without slowing down development.
Get full inventory of software- Identify & avoid license risk
- Audit-ready SBOMs
.avif)
"With Aikido, we can fix an issue in just 30 seconds – click a button, merge the PR, and it’s done."
"Aikido's auto-remediation feature is a huge time-saver for our teams. It cuts through the noise, so our developers can focus on what really matters."
“With Aikido, security is just part of the way we work now. It’s fast, integrated, and actually helpful for developers.”
How it works
1. Connect your repositories
Connect your git and give access to the repositories you'd like to analyse.
2. Triage Licenses
Get a full overview of the licenses you’re using & the risk associated with them. Analyse the risk level.
3. Export SBOM
Export a CycloneDX, SPDX or CSV SBOM with one click.
Features
License scanning & SBOM creation
Create SBOMs
Security audits typically require providing an SBOM. Aikido makes it easy to analyze this list in advance & generate it whenever required. Export in CycloneDX, SPDX or CSV.
1{
2 "name": "react",
3 "version": "18.2.0",
4 "licenses": [{ "license": { "id": "MIT" } }],
5 "purl": "pkg:npm/react@18.2.0",
6 "copyright":
7 "Copyright (c) Facebook, Inc. and its affiliates."
8}Clear Copyright Attribution
Automatically includes accurate copyright info for every component—so legal teams can review, verify, and comply without digging through source files.
Adjust & Triage License Risk
Aikido scans licenses. You can analyze and adapt the license risk scoring model to create accurate reporting. Mark licenses as "internal" to filter them out of the list.
Scans Containers
Many SBOM scanners will only scan for licenses inside of your repos. Aikido gives you full coverage by scanning your containers too.
Cover Compliance
Regulatory bodies worldwide are increasing their focus on software transparency. An SBOM (Software Bill of Materials) helps you meet key compliance requirements:
- USA: SBOMs are required by the FDA and Executive Order 14028.
- Europe: Comply with NIS2 and the Cyber Resilience Act.
Full Coverage in One Platform
Replace your scattered toolstack with one platform that does it all—and shows you what matters.
FAQ
More to explore
Has Aikido itself been security tested?
Yes — we run yearly third-party pentests and maintain a continuous bug bounty program to catch issues early.
Can I also generate an SBOM?
Yes - you can export a full SBOM in CycloneDX, SPDX, or CSV format with one click. Just open the Licenses & SBOM report to see all your packages and licenses.
What do you do with my source code?
Aikido does not store your code after analysis has taken place. Some of the analysis jobs such as SAST or Secrets Detection require a git clone operation. More detailed information can be found on docs.aikido.dev.
Can I try Aikido without giving access to my own code?
Yes - you can connect a real repo (read-only access), or use our public demo project to explore the platform. All scans are read-only and Aikido never makes changes to your code. Fixes are proposed via pull requests you review and merge.
I don’t want to connect my repository. Can I try it with a test account?
Of course! When you sign up with your git, don’t give access to any repo & select the demo repo instead!
Does Aikido make changes to my codebase?
We can’t & won’t, this is guaranteed by read-only access.
More to explore
Get secure for free
Secure your code, cloud, and runtime in one central system.
Find and fix vulnerabilities fast automatically.
.avif)
