In the competitive world of (cloud) security, Aikido distinguishes itself with tools tailored for developers. The Ghent-based company is emerging as a Belgian standard-bearer in the global security industry.
Aikido is a Japanese martial art that came into existence at the beginning of the twentieth century. In aikido, the philosophical aspect is much more central than the physical. Practitioners therefore do not see it as a combat sport, but rather as a convergence of mind and body.
What does this have to do with cybersecurity, you’re probably wondering now? The Ghent-based company Aikido brings the basic principles of the Japanese martial art to IT environments. Not only because the company focuses on defense, but also because it brings together the worlds of digital security and software development to allow developers to be in harmony with their environment.
For and by developers
The company’s slogan is straightforward: “No bullsh*it security”. Johan De Keulenaer and Berg Severens tell us how Aikido tries to eliminate the ‘nonsense’ from security. “Many of our competitors focus primarily on CISOs with expensive products. As a result, the tools are rarely tailored for developers, who have to work with them. Aikido helps developers write secure code.”
Personal experiences are often the best motivation to start a company. “Our founder Willem (Delbare, ed.) has founded multiple start-ups, including Teamleader. He has felt the pain of building a security stack for SMEs. That explains our original focus on SMEs with mainly developers on staff. We combine advanced code scanning with artificial intelligence to reduce false positives by up to 85% to filter out what is not relevant,” says De Keulenaer.
The realization that the cloud is not a secure bunker, as initially thought, is growing within the security world. We ask Severens to put his finger on the sore spot, although according to him, you’d run out of fingers. “There is not one typical mistake that is often made. But SQL injection, for example, has been around for a long time. This often goes hand in hand with patterns that you can trace back to the code.”
Analyzing code
Aikido tries to bridge the gap between security and development with security tools that speak the language of developers. Severens: “Our platform combines multiple functionalities, including static code analysis. With this, we look at the source code to find patterns of vulnerabilities. However, this can give many false positives. That’s why we also use AI to look at the context of the code to filter out those false positives as much as possible and make the code more securely targeted.”
“This way, we prevent developers from losing focus on which security issues are really important,” De Keulenaer adds. “No developer is happy when they turn on their PC in the morning and see hundreds of red alerts on their screen. We have already been able to reduce those notifications by up to 85%. We are a security ally for developers.”
That we meet De Keulenaer and Severens at an AWS event in Amsterdam is rather coincidental. “A part of our customers is on AWS infrastructure, but we have always been cloud-agnostic. Every provider has its specificity. Recently, we are also available through their marketplace, so companies can quickly activate Aikido independently and experience our no-nonsense security within seconds,” says De Keulenaer. Through integrations, companies can connect Aikido to all common cloud and development environments, as well as more general applications like Teams.
Developers get hundreds of irrelevant security alerts thrown at them. Security should not slow developers down, but push them forward.
Johan De Keulenaer, Head of Partnerships Aikido
Shifting left
Aikido itself uses AI to make code security more efficient, but Severens is aware that AI can be a double-edged sword for developers. “Today, it is harder to say whether code is written by AI or by human developers. The cost of development decreases, for us but certainly also for attackers. Both defenders and attackers will use AI, which can lead to more attacks. The market is growing rapidly due to AI.”
“We offer the tools to bring AI into a development environment safely,” Severens continues. “Developers need to waste less time on alerts, but we can also generate automatic suggestions to resolve vulnerabilities and work off technical ‘debt’. We use the tools to reduce hallucinations compared to ‘off-the-shelf’ LLMs.”
De Keulenaer agrees with his colleague. “It’s a neck-and-neck race. We are evolving from manual to automated security. A good example is the integration with Cursor AI, with which we can secure code at the moment it is written. Aikido functions as an invisible engine that flags when something goes wrong. The circle is thus complete. We have grown from the SME market, but large companies are also becoming convinced.”
“We want to solve potential problems in code as early as possible in the development process,” says Severens. “But that is not always practically feasible, and that’s why we also offer a kind of firewall on the other end of the spectrum to secure your application. We are quite unique in that. We, so to speak, put a dome over your code. That is interesting to reduce the risk of vulnerabilities.”
Apple in a Linux World
Aikido’s ambitions are global, but the company hasn’t forgotten its origins. In a rapidly changing world, Aikido, as a Belgian player, may have an advantage in competing in an industry dominated by American companies. “For many companies, it will become a conscious choice whether they want an American, Israeli, or European solution,” says De Keulenaer.
read also
Made in Belgium: quality label for security?
De Keulenaer is firmly convinced that Aikido hasn’t reached its ceiling yet. “Things are moving incredibly fast for us. We only launched in 2023. Through investment rounds, we’ve raised 25 million euros to support international growth. Now we want to grow into a global player. A direct competitor was just recently acquired for 23 billion dollars,” says De Keulenaer, referring to the acquisition of Wiz by Google.
“The fact that we’re a Belgian and European company can be a selling point,” Severens also concludes. “The market is very fragmented, and we believe we’ve found the gap in the market by offering an all-in-one solution that is user-friendly and doesn’t require a PhD. In a Linux world, we are the Apple.”
In a Linux world, we are the Apple.
Berg Severens, AI Engineer Aikido