Artificial intelligence is rapidly transforming enterprise software development. Frost & Sullivan’s 2025 Voice of the Enterprise Security Customer Survey revealed that 98% of organizations are already using AI tools to assist application development, yet fewer than half have implemented dedicated security controls for AI-assisted applications. As development velocity accelerates, security teams are increasingly challenged to secure more dynamic environments without slowing innovation.
At the same time, enterprises are rethinking how application security should operate, shifting away from fragmented point solutions to unified platforms that reduce operational complexity, prioritize real risk, and integrate directly into developer workflows.
Against this backdrop, Frost & Sullivan recognizes Aikido Security for its strong customer value proposition in the ASPM market, driven by its unified platform strategy, continuous AI-powered validation capabilities, and developer-first remediation approach.
The Shift Toward Unified Security Operations
For years, enterprises addressed application security challenges by deploying separate tools across code scanning, cloud security, runtime monitoring, software supply chain analysis, and compliance management. This often resulted in fragmented visibility, disconnected workflows, duplicated findings, and remediation fatigue.
As application environments become more complex and release cycles continue accelerating, enterprises are prioritizing platform consolidation to simplify security operations and improve remediation efficiency.
Although this shift is global, it is most acute in regulated industries, particularly financial services and insurance, where globally distributed enterprises such as Barclays, Nordea, and Generali operate complex, multi-team software environments under overlapping frameworks: the EU’s Digital Operational Resilience Act (DORA), which applies to more than 22,000 financial entities across the EU; the SEC’s cybersecurity disclosure rules in the U.S.; and a growing patchwork of national operational-resilience regimes. With only half of EU financial institutions on track for full DORA compliance by year-end 2025, unified security is becoming central to closing the gap between development velocity and regulatory accountability.
Aikido Security addresses this challenge through a unified security platform that provides code security, dependency analysis, cloud security, runtime protection, and secrets detection. Rather than requiring security teams to buy different tools for their SCA, SAST, and cloud security, Aikido finds and helps remediate issues across attack surfaces.
A unified approach helps organizations reduce operational overhead while improving prioritization across code, cloud, and runtime environments. A capability that is becoming important as application environments grow more distributed and development cycles accelerate.
Continuous AI Pentesting Is Redefining Security Validation
Traditional penetration testing models were designed for slower software delivery environments. Today, however, development teams deploy production changes continuously, creating gaps between application releases and security validation processes.
Research highlighted by Aikido Security reflects this challenge:
- 76% of organizations deploy significant production changes weekly or faster
- 48% report that pentesting findings are outdated by the time final reports are delivered
- 79% are concerned about missing vulnerabilities introduced between scheduled testing cycles
To address this challenge, Aikido introduced Aikido Infinite, an AI-powered, continuous pentesting capability designed to validate every release, test exploitability through direct exploitation, generate remediation guidance, and automatically retest fixes. It reflects a broader industry movement to continuous security validation models that align with modern CI/CD pipelines and rapid software delivery practices. Rather than relying solely on periodic assessments, enterprises seek security platforms capable of continuously validating risk as applications evolve.
Developer-First Remediation Is Reducing Security Noise
Aikido Security’s customer value proposition extends beyond visibility and detection. The company emphasizes remediation efficiency, developer adoption, and operational simplicity, which are becoming more important as security teams struggle with alert volumes and remediation backlogs.
Its AI AutoTriage capability evaluates real exploitability before surfacing findings, reducing unnecessary alerts by as much as 95% and allowing engineering teams to focus on vulnerabilities that materially impact risk. AutoFix further streamlines remediation by generating fixes directly as pull requests in developer workflows. The developer-first operating model is designed to help organizations operationalize security without introducing additional friction into software delivery processes.
Customers Are Reporting Measurable Improvements in Security Operations
Aikido Security’s developer-centric operating model has translated into measurable operational improvements across enterprise environments. Customers have highlighted reduced alert fatigue, faster remediation workflows, improved developer adoption, and more confidence in continuous security operations.
At n8n, Aikido helped centralize vulnerability management and reduce security noise across the company’s growing engineering environment. By filtering non-actionable findings and integrating security workflows directly into development processes, the platform enabled engineering teams to focus remediation efforts on vulnerabilities that materially impacted risk while improving visibility, SLA tracking, and audit readiness.
“The 92% noise reduction is a game changer. It allows us to focus on the 8% that actually matter. That alone is gold. It’s a massive productivity and sanity boost.”
— Cornelius, VP of Engineering at n8n
GEA Digital leveraged Aikido to onboard security workflows across more than 150 developers with just 45 minutes of internal training. By integrating directly into existing CI/CD workflows, the platform helped streamline vulnerability management, reduce false positives, and accelerate remediation without introducing additional friction into developer workflows.
“We actually think of Aikido as a third team in our DevOps structure. Developers focus on building, operations handle infrastructure, and Aikido takes care of security in the background.”
— Salvatore Cuccurullo, Senior DevOps Manager at GEA Group
With software supply chain attack costs projected to reach $81 billion globally by 2026 and the average financial-sector breach now exceeding $5.5 million, timely visibility during active incidents has become a board-level concern. The September 2025 “Shai-Hulud” npm worm; the first self-propagating malware in the JavaScript package ecosystem, with successive strains tracked and disclosed by Aikido security researcher Charlie Eriksen; backdoored hundreds of legitimate packages with billions of weekly downloads, exposing how quickly upstream compromises can ripple into thousands of downstream applications.
Bonterra pointed to Aikido’s responsiveness and platform reliability during fast-moving software supply chain incidents, reinforcing the importance of timely visibility and operational support during active threat scenarios.
“During the 2025 NPM supply chain attacks, Aikido’s rapid response reinforced our trust and proved the reliability we expect from an enterprise partner.”
— Dan Seals, CISO at Bonterra
Frost & Sullivan Perspective
Frost & Sullivan believes the ASPM market is entering a new phase shaped by AI-assisted software development, accelerated release cycles, and enterprise demand for operational simplicity.
Organizations are prioritizing platforms that can reduce operational complexity, continuously validate real risk, and deliver actionable remediation directly in developer workflows. As a result, customer value is no longer measured solely by detection volume, but also through remediation efficiency, workflow integration, backlog reduction, and developer adoption. This shift is especially pronounced in banking and capital markets, where 89% of senior bank executives now name security and fraud prevention their top investment priority over the next 12 months.
Through its unified platform, continuous AI pentesting capabilities, and developer-first remediation approach, Aikido Security is helping enterprises move beyond fragmented application security operations to more continuous, operationalized, and developer-aligned security programs. As organizations prioritize remediation efficiency, security validation, and operational simplicity, Frost & Sullivan believes Aikido is well positioned to support the next phase of modern application security transformation.
