DryRun Security's most recent disclosed funding round was an $8.7M seed round announced on January 22, 2025. The round was led by LiveOak Ventures and Work-Bench, with participation from Cannage Capital. No post-money valuation was publicly disclosed.

The seed proceeds were earmarked for engineering hires and go-to-market expansion. Total funding raised, based on the most recent available information, stands at $8.7M.

DryRun Security is an application security platform that runs inside GitHub and GitLab pull request workflows. Each time a developer opens a pull request, DryRun analyzes the code change and posts a security review directly in the PR—findings, risk level, affected files, and plain-language remediation guidance—before the code is merged.

Installation starts by adding the DryRun GitHub App or connecting GitLab via OAuth. Once repositories are connected in the DryRun dashboard, teams configure which repos use which policy set, whether PR comments and checks are active, and what risk level triggers a blocking check versus a silent notification.

The analysis engine is contextual rather than purely pattern-matching. DryRun evaluates data flow, architecture, change history, and developer intent alongside the code diff, which it says helps surface logic-heavy findings—missing authorization on new endpoints, IDOR, business logic flaws, prompt injection in LLM-enabled code—that rule-based scanners tend to miss or bury in noise. Developers typically see results in under a minute.

The Custom Policy Agent is the most distinctive feature. Security or platform teams describe a policy in plain English—such as "flag any new API endpoint that doesn't have an authorization check" or "block dependencies with non-approved licenses"—and DryRun enforces that policy automatically on every PR across every language and framework, without requiring regex or a DSL rule.

Beyond PR review, DeepScan Agent runs on-demand or scheduled full-repository assessments. Where the PR agent catches issues as they're introduced, DeepScan scans an entire codebase and returns prioritized findings in hours, organized by exploitability rather than raw rule severity. It's designed for onboarding a new repo, preparing for a release, or running a security audit without a multi-week manual engagement.

Risk Register is the organizational layer on top. It aggregates findings from both the Code Review Agent and DeepScan into a single view, normalizes severity across agents, and lets security leaders filter by date range, severity, status, and source. That turns DryRun from a PR bot into a prioritization layer across the engineering org.

Codebase Intelligence, delivered via an MCP server, lets teams query DryRun's analysis through AI coding tools like Claude Code, Cursor, and Codex. A developer or security engineer can ask natural-language questions about PR vulnerabilities, file history, or repo-specific risk trends directly inside their coding environment.

The platform covers Python, Ruby, TypeScript, JavaScript, Java, Go, C#, C++, PHP, Elixir, Kotlin, Swift, and Scala, with IaC support for Terraform and Kubernetes. Vulnerability categories span auth bypass, IDOR, SQLi, SSRF, XSS, XXE, secrets exposure, vulnerable dependencies, and eight of the OWASP Top 10 for LLM Applications—including prompt injection and LLM tool misuse.

DryRun sells B2B SaaS on a recurring subscription model priced by engineering and security team footprint rather than by scan volume or repository count. The pricing captures value from three user types: developers who interact with PR findings day to day, AppSec and platform engineers who author and manage policies, and engineering or security leaders who use Risk Register and Codebase Intelligence for org-wide visibility.

The go-to-market motion is hybrid product-led and sales-assisted. DryRun has a free plan on the GitHub Marketplace that creates a self-serve entry path, while larger deployments convert through a demo and onboarding flow that includes a 15-minute AppSec consult and expert-assisted account activation. This free-install entry point, paired with a sales motion for expansion, is standard for developer tools that start at the repo level and grow into team- or org-wide contracts.

The land-and-expand dynamic is embedded in the product. A team starts with PR code review, then adds Custom Policies, blocking checks, and notifications as security requirements mature. DeepScan, Risk Register, and Codebase Intelligence each create an upsell path that brings in new stakeholders—AppSec leaders, engineering managers, and compliance owners—who were not part of the initial deployment. More stakeholders typically mean more seats and a higher ACV at renewal.

The cost structure is software-heavy but includes meaningful variable compute costs. DryRun runs analysis through a private LLM and ephemeral, serverless microservices rather than a public AI system, a trust and compliance choice that also implies higher per-analysis infrastructure cost than a rule-engine-based scanner. That architecture supports enterprise pricing and procurement but compresses gross margins relative to a pure-software SaaS product.

The trust architecture is also a commercial differentiator. SOC 2 Type II attestation, quarterly third-party audits, private-LLM processing, and the ability to generate compliance artifacts for SOC 2, ISO 27001, PCI, and HIPAA reduce procurement friction in regulated industries and support security-budget deals with stronger retention and pricing power than developer-tool experiments.

The operational pitch to buyers is labor leverage: DryRun positions DeepScan as compressing multi-week manual repo reviews into hours, and PR analysis as near-real-time coverage that scales without adding AppSec headcount. That framing lets DryRun compete on ROI rather than feature comparison alone, which matters when the alternative is hiring another security engineer.

The application security tooling market is crowded at every layer, from legacy SAST vendors to developer-first platforms to SCM-native bundles. DryRun's wedge—contextual PR security review plus natural-language policy enforcement—puts it in direct competition with several product categories.

Semgrep is the clearest direct competitor for teams buying fast, developer-friendly pre-production AppSec. It offers SAST, PR and MR comments, cross-file analysis, custom rules, and policy modes that can block PRs, with an AI Assistant that adds remediation guidance, autofix, and noise filtering. Semgrep's pricing is highly transparent—Teams starts at $40 per contributor per month for code scanning—and its large open-source distribution engine gives it strong bottoms-up adoption that DryRun currently lacks.

The philosophical difference is meaningful: Semgrep is rule-centric, with security teams managing and tuning rules in the Semgrep Editor, while DryRun's pitch is the opposite—no rule maintenance, with policies written in plain English and enforced automatically. That makes Semgrep stronger for teams that want deterministic rule control and open-source-led adoption, while DryRun is stronger where the buyer wants contextual reasoning over code rather than pattern matching.

Snyk competes more as a platform than a point tool, but it overlaps heavily in buyer budget. Snyk Code scans in IDEs and pull requests, provides AI-generated fix examples, and sits inside a broader platform spanning SAST, SCA, IaC, containers, and DAST. Snyk's advantage is consolidation: when a buyer wants one vendor for code, dependencies, containers, and IaC, Snyk wins even if its PR review experience is not the primary decision factor. Snyk also publishes data residency options and FedRAMP support, which matters in regulated enterprise procurement where DryRun is still building its compliance story.

Endor Labs is the most direct narrative competitor on the AI-native axis. Its AI Security Code Review analyzes pull requests using a trio of AI agents designed to reason like a developer, architect, and security engineer, and it surfaces security architecture changes and risk summaries in PRs.

Endor came up through software supply chain and dependency security, and its pricing still centers SCA, CI/CD, and binary scanning as core modules, with SAST as an add-on—giving it a stronger consolidation story for supply chain and SBOM-heavy buyers than DryRun.

Qwiet AI competes on the context-aware, low-noise static analysis axis using a patented Code Property Graph that models data flow, control flow, and syntax to prioritize attackable issues.

Its integration into the Harness platform gives it a distribution and channel advantage that DryRun does not currently have. Where Qwiet leans into unified scanning breadth and attack-path analysis, DryRun leans more heavily into PR-native contextual review and conversational policy authoring.

GitHub Advanced Security is a major direct threat for GitHub-centric organizations. It combines CodeQL-based static analysis, dependency scanning, vulnerability management, and Copilot Autofix inside native GitHub workflows at $30 per active committer per month.

GitHub's advantage is not product differentiation—it's distribution and workflow ownership. Security inside the repo platform developers already use does not require a new procurement motion, a new integration, or a new UI. DryRun's counter-position is better contextual reasoning, natural-language policies, and support for both GitHub and GitLab.

GitLab Ultimate bundles Advanced SAST with cross-file taint analysis, merge-request approval policies, scan execution policies, and self-managed deployment into a full DevSecOps platform. For enterprises that want SCM, CI/CD, and compliance in one procurement motion, GitLab can win accounts before DryRun is evaluated. SonarQube approaches from the code-quality side, with a free tier that allows private-repo scanning and PR analysis, creating a wide distribution funnel that can later expand into security budgets.

Aikido and Jit represent the mid-market simplification threat. Aikido combines AutoTriage, AutoFix PRs, PR gating, and unified scanning across code, dependencies, cloud, containers, and IaC at transparent flat pricing—free for two users, $300/month for ten.

Jit offers a flat $50 per developer per month with unlimited repos and a unified PR check. Neither matches DryRun on contextual code reasoning, but both can undercut it on simplicity and packaging when the buyer is a lean security team rather than a sophisticated AppSec organization.

The fastest-growing expansion surface for DryRun is security for AI-generated and agent-authored code. DryRun already markets its platform to both human developers and AI coding agents, integrates with Claude Code, Codex, and Cursor via an MCP server, and covers eight of the OWASP Top 10 for LLM Applications, including prompt injection and LLM tool misuse.

As GitHub pushes agent mode and autonomous coding workflows into production, the volume of code written without direct human authorship is growing, and the security review problem becomes harder for tools built around human-readable diffs. DryRun's contextual analysis architecture is better suited to reviewing AI-generated code than rule-based scanners, because logic flaws and missing authorization checks in agent-authored PRs do not follow the patterns that legacy SAST was trained to catch.

Packaging this into a distinct AI-native secure development offering—bundling Code Review Agent, Custom Policy Agent, DeepScan, LLM-risk coverage, and Insights MCP—would let DryRun compete for AI platform and product security budgets that do not currently sit in the SAST line item.

DryRun's Risk Register and Codebase Intelligence products represent a bet on becoming the system of record for AppSec prioritization, not just a findings generator. If DryRun owns the layer where security leaders decide what to fix, why it matters, and how risk is trending across repositories, it can sell into security leadership budgets and justify larger platform contracts than a PR-level scanner supports.

The expansion logic is stakeholder breadth. Each new module—Risk Register for leaders, Codebase Intelligence for AI-assisted querying, Custom Policies for platform teams—pulls in a new buyer persona who was not part of the initial developer-facing deployment. More personas typically means more seats, higher ACV, and stickier renewals, because the product becomes embedded in multiple workflows rather than one.

The competitive gap DryRun is trying to fill is the space between noisy scanner outputs and the prioritization work that AppSec teams still do manually in spreadsheets or ticketing systems. Owning that prioritization layer is how Apiiro and Ox Security have tried to expand beyond point scanning into broader AppSec posture management, and it is a credible path for DryRun to grow ACV without needing to match Snyk or GitHub on raw feature breadth.

DryRun currently supports GitHub Enterprise Cloud and GitLab SaaS as its two SCM targets. Adding self-managed SCM support and more restrictive deployment options—private deployment, regional data controls, on-premises or VPC-isolated analysis—would open the enterprise segment that currently cannot buy a SaaS-delivered code analysis product due to data residency or air-gap requirements.

A parallel expansion path runs through consultancies, MSSPs, and software-acquisition diligence workflows. DeepScan is already positioned for onboarding audits, release reviews, and due diligence assessments, and at least one customer testimonial describes DryRun as useful for Fortune 50 client delivery. A formal channel program targeting security service providers and outsourced engineering firms would create leveraged distribution in segments that need fast, explainable repository risk output at scale and currently have no good automated alternative to multi-week manual reviews.

Platform absorption: The most structural risk DryRun faces is contextual PR security review being absorbed into the platforms developers already use. GitHub is shipping Copilot Autofix inside Code Security, Semgrep is adding an AI Assistant and MCP server, and GitLab is deepening Advanced SAST with cross-file taint analysis. As AI-assisted code review becomes a standard feature of SCM platforms rather than a standalone product, the premium for an independent contextual analysis tool compresses, and DryRun must show it is materially better—not incrementally better—at logic-heavy findings to justify separate procurement.

Distribution concentration: DryRun's go-to-market depends heavily on GitHub and GitLab as distribution channels and integration surfaces, and its AI-assistant integrations with Claude, Codex, and Cursor are built on MCP infrastructure that is still evolving and partly in preview. If major platforms tighten partner access, improve native security to a good-enough threshold, or change integration models in ways that increase DryRun's maintenance burden, the company takes on recurring integration churn and loses the low-friction install path that makes its PLG motion work.

Trust failure in a security product: DryRun's commercial positioning depends on customers trusting a private-LLM analysis pipeline with sensitive source code. The company's SOC 2 Type II attestation, ephemeral microservices architecture, and quarterly third-party audits are meant to support that trust, but a material detection miss, a privacy incident, or a sandbox isolation failure would damage brand credibility disproportionately for a security vendor—and could stall upmarket adoption just as DryRun is trying to move from mid-market to enterprise accounts.