Aikido Infrastructure as Code (IaC) is a security scanning tool that analyzes infrastructure definition scripts for misconfigurations before cloud resources are provisioned. The scanner supports Terraform, CloudFormation, and Helm templates. The tool integrates into CI/CD pipelines to identify IaC misconfigurations before code merges to the main branch. It focuses on security-relevant misconfigurations and filters out false positives automatically to reduce alert noise. The scanner also analyzes Dockerfiles to detect security issues such as IMDSv1 instances that are vulnerable to SSRF attacks in AWS environments. It can identify manually installed software that other tools may miss. Aikido IaC includes an AI-based autofix feature that generates proposed solutions for identified issues. Users can preview the suggested fixes and create pull requests with a single click. The tool is part of a broader application security platform that includes dependency scanning, secrets detection, SAST, CSPM, DAST, container image scanning, and other security capabilities. The IaC scanner operates on code pre-deployment, while the CSPM scanner addresses production environment security. The platform provides a unified view of security issues across multiple scanning types, allowing teams to manage infrastructure security alongside application security findings.