DryRun Security is an AI-powered tool designed to support developers by providing automated in-line security checks during the coding process. Aimed at implementing a 'security buddy' in your coding workflow, it reinspects every code change as a pull request taking place, enabling developers to work faster and more safely.
Its core focus is in providing a 'security context' to the developers, assisting them in understanding the impact of the code changes they're making, right as a pull request is opened.
DryRun Security uses a mechanism called 'Contextual Security Analysis' to examine each pull request, which assists in reducing the frustrations often caused by repetitive alerts or inaccurate results in many other security testing applications.
The tool is designed to support a variety of languages and frameworks including Rails, Express, Golang, Python, Node.js, Next.js and Javascript, with more to be added.
The security features examined include Authentication and Authorization, Sensitive Codepaths, Sensitive Functions, Authorship and Intent, and Code Brittleness.
The tool provides quick installation as a GitHub App and fast security reviews for code changes to enable faster merging. Furthermore, it offers a protection layer for every source code repository in your organization, helps to increase the velocity of the development pipeline, and thus enhances developer productivity.
