Improving Laravel Application Security with Aikido

Jul, 8 2024#forge #partnerships #news

As your Laravel application grows, managing security objectives becomes more challenging, especially for small teams or solo developers. Today, Laravel has teamed up with Aikido to provide a seamless solution for securing your Laravel application. With Aikido, Laravel developers using Forge can effortlessly scan for and identify potential security vulnerabilities, all in less than 1 minute.

Why Aikido?

Aikido scans your application for potential vulnerabilities and security flags, and surfaces relevant security findings directly within Forge to allow you to more quickly secure your application.

Laravel Forge Aikido Integration

Laravel Forge Aikido Integration

We’ve had the pleasure of getting to know the team at Aikido as they’ve scaled their security platform to over 3,000 organizations and 6,000 developers in the US and EU. Their developer-first approach to security scanning and vulnerability flagging is already resonating in our community with 30% of their user base already leveraging Laravel. Furthermore, we appreciate how Aikido themselves are a company built and fostered on PHP. Aikido built their platform on PHP, and previously built multiple SaaS companies including Teamleader, Officient and Futureproofed, all in PHP. The team is committed to helping to build and secure the next generation of incredible companies built on Laravel and PHP.

Who should use Aikido?

No matter how big or small your Laravel application is, security matters to anyone hoping to scale their products to tens, hundreds, thousands, or millions of users. With increasing regulations and compliance standards such as SOC2, ISO 27001, HIPAA, and more, security requirements are now necessary for companies of all sizes to consider. However, we understand that developers (especially on smaller teams) can feel bogged down by managing their security. Between expensive and complex tools, tons of false positives, and developer fatigue, no one wants to have to check security anymore. Aikido alleviates these burdens by bringing together code and cloud security scanners directly to Forge. We see the partnership with Aikido as valuable to any and all developers using Forge, and will bring Forge further along its journey as the best place to manage your Laravel applications.

Integration with Laravel Forge

We’ve made adding Aikido’s security scanning to your Laravel application as simple as possible, by allowing you to connect your application to Aikido within Forge. By adding Aikido to your application through Forge, you enable Aikido to fetch and display security issues. Developers will see results in Forge in <1 minute, can set real alerts, and have a step by step guide to fixing any issues. You can add Aikido by following these steps in Forge:

  1. Log in to Laravel Forge.
  2. Navigate to "Account Settings", where you can then find the new Aikido integration.
  3. Follow the prompts to link your Aikido workspace and make sure to give it access to the repositories you want scanned.
  4. Navigate to a Forge site and check out the security findings in the new Aikido integration tab.

You can see this in action here:

And of course, you can use our documentation to guide you through the process of leveraging the incredible platform Aikido has to offer.

Read Forge's Aikido documentation here.

Let us know what you think!

We’re excited to find new partners to help you get the most out of the Laravel Ecosystem and Laravel Forge. We see security as an essential for Laravel developers hoping to grow their application’s business, and through Aikido with Forge are making it easier than ever to manage your application’s security. Let us know what you think and we can’t wait to hear what integrations, features, and requests we can add in future updates!

You can read Aikido's announcement post here.

By James Brooks

Engineering Team Lead at Laravel, building Forge, Vapor & Envoyer.

Find me on Twitter, GitHub or my blog.

Follow the RSS Feed.