惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

大猫的无限游戏
大猫的无限游戏
博客园 - 【当耐特】
Cloudbric
Cloudbric
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Attack and Defense Labs
Attack and Defense Labs
爱范儿
爱范儿
The Cloudflare Blog
腾讯CDC
Security Archives - TechRepublic
Security Archives - TechRepublic
TaoSecurity Blog
TaoSecurity Blog
云风的 BLOG
云风的 BLOG
Recent Announcements
Recent Announcements
C
Check Point Blog
Schneier on Security
Schneier on Security
S
Schneier on Security
J
Java Code Geeks
B
Blog RSS Feed
Cisco Talos Blog
Cisco Talos Blog
Vercel News
Vercel News
Stack Overflow Blog
Stack Overflow Blog
博客园_首页
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
A
About on SuperTechFans
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Google DeepMind News
Google DeepMind News
阮一峰的网络日志
阮一峰的网络日志
罗磊的独立博客
A
Arctic Wolf
S
Secure Thoughts
P
Palo Alto Networks Blog
The Last Watchdog
The Last Watchdog
SecWiki News
SecWiki News
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
博客园 - 三生石上(FineUI控件)
D
Darknet – Hacking Tools, Hacker News & Cyber Security
量子位
U
Unit 42
I
InfoQ
D
DataBreaches.Net
P
Privacy International News Feed
T
Troy Hunt's Blog
博客园 - 叶小钗
T
Threatpost
博客园 - Franky
K
Kaspersky official blog
Hugging Face - Blog
Hugging Face - Blog
IT之家
IT之家
www.infosecurity-magazine.com
www.infosecurity-magazine.com
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
C
Cisco Blogs

OWASP

Community update regarding Richard Greenberg | OWASP Foundation OWASP Dependency-Track 5.0 Is Now Generally Available | OWASP Foundation Juice Shop v20.0.0 — a fresh squeeze of features, now with AI | OWASP Foundation Welcome to the Google Summer of Code 2026! | OWASP Foundation OWASP Foundation Unveils Its Strategic Plan for a World Without Insecure Software | OWASP Foundation The OWASP Foundation appoints Missie Lindsey as Director of Corporate Relations | OWASP Foundation Bridging the Gap in Product Lifecycle Management: How OpenEoX and CLE Work Together | OWASP Foundation Announcing the Retirement of OWASP Meetup Platform | OWASP Foundation The OWASP Foundation appoints Stacey Ebbs as Communications & Marketing Manager | OWASP Foundation OWASP Certified Secure Software Developer | OWASP Foundation GSoC 2025 Recap | OWASP Foundation OWASP Top 10 Community Survey | OWASP Foundation OWASP Elections 2025 - Become a member today! | OWASP Foundation Help Support Sherif Mansour by donating blood today! | OWASP Foundation cdxgen and CycloneDX .NET Join GitHub Secure Open Source Fund | OWASP Foundation InfoSecMap x OWASP Collaboration | OWASP Foundation OWASP x Google Summer of Code 2025 - Enabling 15 opportunities for impact | OWASP Foundation OWASP Enables AI Regulation That Works with OWASP AI Exchange | OWASP Foundation OWASP Calls to Build a Unified Framework for Global Vulnerability Intelligence | OWASP Foundation ASVS 5.0 RC1 is ready for your review! | OWASP Foundation OWASP Education and Training Committee update | OWASP Foundation Committees Advisory on Software Bill of Materials and Real-time Vulnerability Monitoring for Open-Source Software and Third-Party Dependencies | OWASP Foundation OWASP Juice Shop leadership changes & contributor recognition | OWASP Foundation Lifecycle events are part of the secure supply chain | OWASP Foundation More than a Password Day 2024 | OWASP Foundation A workaround for OWASP Foundation emails being blocked by Microsoft Office 365 | OWASP Foundation Securing React Native Mobile Apps with OWASP MAS | OWASP Foundation
Aikido and OWASP bring agentic Code Audit to the global AppSec community | OWASP Foundation
Andrew van der Stock · 2026-06-18 · via OWASP
image

Thursday, June 18, 2026

Aikido Security and OWASP launch a new individual member benefit: pentester-grade code audits, powered by AI reasoning.


Gent, Belgium [June 18th, 2026] Aikido Security, the all-in-one developer security platform, today announced a new individual member benefit in partnership with the Open Worldwide Application Security Project (OWASP). The program gives every OWASP individual member 200 free Aikido credits to run Code Audit; a new class of static code analysis that uses reasoning models to find the kinds of vulnerabilities that have, until now, required a human pentester to dig up.

OWASP is an online community that produces freely available articles, methodologies, documentation, tools, and technologies in the fields of IoT, system software and application security.

AI Code Audit reads source directly and reasons about intent across a codebase the way a senior security engineer would. Rather than matching syntactic patterns, the agents follow references across files and modules to surface the issues that need an attacker’s perspective: insecure direct object references (IDORs), broken access controls, multi-step exploit chains, business logic flaws, authentication bypasses, and privilege escalation. Reviews aren’t limited to web applications. The agents work across mainstream languages, configuration, and infrastructure-as-code, and they treat the whole repository as in scope, including monorepos with multiple services or packages, mobile apps, smart contracts, and desktop applications.

In the joint collaboration with OWASP, Aikido has made AI Code Audit credits available to all OWASP individual members for 6 months starting today (June 18th, 2026). Members redeem their credits in Aikido, connect a repository, and start an audit. No live environment, staging URL, or auth setup required.


Where AI Code Audit Sits Between SAST and Pentest

Static scanners flag patterns: a tainted parameter, a risky API call, a missing check. They’re fast and deterministic, and they catch a well-understood class of vulnerability: SQL injection, XSS, command injection, hardcoded secrets, insecure deserialization. But pattern matching is structurally blind to the vulnerabilities that require business and code context to identify, like an IDOR across the order, payment, and user services, or a rate-limit bypass that depends on multi-step state.

AI Code Audit is a different engine for that different class of vulnerability. Think of it as a light AI pentest, run against your source code rather than a live target. It complements SAST rather than replacing it: SAST runs on every commit and catches what rules can describe; AI Code Audit goes deeper where rules fall short, catching IDORs, privilege escalation, cross-service logic flaws, and authentication bypasses in multi-step flows.

Because AI Code Audit reads source directly, there’s no crawl phase, no traffic replay, and no live environment to point at. End users can run it on whatever codebase they care about, including projects without a stable staging or QA target. For teams that also want runtime validation, AI Code Audit pairs naturally with Aikido Pentest, which confirms exploitability against the running application.


What Aikido and OWASP Are Saying

“We built AI Code Audit to give developers the kind of deep, contextual code reasoning that used to require an experienced human pentester. OWASP members are exactly the people we want putting it through its paces: they push the field forward and they hold us to a high bar. Making this benefit available to every individual member is our way of saying thanks for the work the community does,” said Willem Delbare, CEO and co-founder of Aikido Security.

“The OWASP mission is to make the best application security resources available to the community building the world’s software. We’re pleased to work with Aikido Security to put a new class of reasoning-based code audit in the hands of our individual members, helping them find logic-layer issues that traditional tooling misses,” said Andrew van der Stock, Executive Director of OWASP.

“IDORs, broken access control, and business logic flaws are some of the hardest issues to catch in code, and they show up in nearly every codebase we look at,” said Maarten De Schuymer, Head of Product at Aikido Security. “Giving OWASP members credits to run AI Code Audit on the projects they care about is a small way to help the community ship safer software.”


How OWASP Members Can Claim the Benefit

OWASP individual members can claim their credits and run their first AI Code Audit at https://www.aikido.dev/code/code-audit. The program runs for 6 months starting today (June 18th, 2026). Cost per audit depends on the size and complexity of the repositories selected; the exact credit total is shown in Aikido before the audit begins.


About OWASP

The OWASP Foundation is a nonprofit organization that works to improve the security of software. Through community-led open source software projects, over 260 local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web. For nearly two decades, corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. To learn more or to become a member, visit owasp.org.