The story of cyberscale-up Aikido tells us a lot about how IT departments, and their CI(S)Os in particular, should view security and software today. Because in just a few years, the world has changed completely in that regard.
The fact that a Belgian cyber scale-up has reached a valuation of $1 billion, making it the fastest European unicorn ever, is exceptional in itself. The company offers a platform to secure software and cloud infrastructure.
The Ghent-based company is growing rapidly in a market traditionally dominated by non-European players, and is doing so with its own distinct vision of software security. What explains this growth, and how does Aikido really make a difference to your software and security approach?
Security shifts to the developer
A first key lies in its clear positioning: Aikido resolutely opts for a developer-first approach, positioning developers as the primary users and decision-makers. “Traditional security tools focus on the CISO or the security team,” said Johan De Keulenaer, head of partnerships, earlier. “They choose a solution, and then the poor developer has to use it. We turn that around: for us, the developer is both the user and the buyer.”
For IT teams, this is not a minor detail. Security is no longer a separate phase after development, but a continuous part of the process. Tools that do not fit into developers’ daily workflow are ignored or circumvented. Aikido addresses this by integrating with popular development environments such as Visual Studio Code and PyCharm, where vulnerabilities become visible the moment code is written, not weeks later in a report.
Need for less noise
A second important differentiator is the focus on relevance. In security, what Aikido itself describes as the “cry wolf effect” is notorious: tools that give too many warnings, often for problems that pose little risk in practice. Developers learn to ignore these notifications, with all the consequences that entail.
Aikido tries to avoid this structurally by focusing strongly on reducing false positives. “If a developer receives false alerts too often, he will also ignore real problems. That is not only annoying, but downright dangerous,” says De Keulenaer.
All-in-one instead of fragmentation
Whereas many organizations today work with a patchwork of separate security tools – for dependency scanning, cloud configurations, licenses, and static code analysis – application security is also a matter of consolidation. Their Aikido platform brings code, cloud, and runtime security together in one place. This all-in-one approach aligns with a broader trend in IT: fewer tools, more overview.
This is crucial for companies without a large security team, particularly SMEs and scale-ups. They rarely have the capacity to manage and integrate multiple specialized solutions. Aikido’s platform should significantly lower that threshold.
Read also: Five Belgian hospitals affected by data breach
Security as an engineering problem
Another fundamentally different approach lies in how you handle security within an organization or IT department. Not as a compliance obligation or a necessary evil, but as an engineering problem that you can optimize. This is closely aligned with how developers themselves view their work.
This philosophy also explains why Aikido focuses on automatic remediation and, more recently, on autonomous security. Instead of long backlogs of unresolved issues, Aikido aims to detect, validate, and—where possible—automatically resolve security problems. Think of continuous, autonomous testing and repair processes that are built into every software release. “Continuous, adaptive, and autonomous,” is how Willem Delbare, co-founder and CEO of Aikido, sums it up.
Software is being built and rolled out faster than ever, increasingly with the help of AI-generated code and automated pipelines. At the same time, however, many security processes remain based on manual reviews and slow workflows. IT teams feel this tension every day. By making security continuous and as autonomous as possible, the company is trying to break through the classic trade-off between time-to-market and risk.
The trend toward sovereignty
The trend toward sovereignty also plays a role here. The Ghent-based company grew rapidly in a market traditionally dominated by American and Israeli players.
In that market, Aikido emphatically profiles itself as the European counterpart. This is not merely symbolic. For some organizations, data residency, regulations, and strategic autonomy are increasingly important factors in tool choices.
The fact that even Emmanuel Macron personally selected Aikido as one of the European start-ups he wanted to meet at the VivaTech tech fair underlines this dimension.
At the same time, the company has remained anything but local. “We have truly become an international team,” says De Keulenaer. With foreign offices in London and San Francisco, and customers worldwide.
Willem Delbare, co-founder and CEO of Aikido