DryRun
DryRun Security is a GitHub application that performs contextual security analysis of code changes during pull requests. The tool analyzes code changes in real-time within GitHub repositories, focusing on security context for developers. It examines authentication, authorization, sensitive codepaths, functions, authorship, intent, and code brittleness. The analyzer supports multiple programming languages including Python, Java, JavaScript/TypeScript, C++, C#, Golang, Rust, Swift, PHP, Ruby, Kotlin, Scala, and COBOL. It integrates directly into the GitHub workflow, providing security feedback before code merges into the main codebase. The tool utilizes AI-powered analysis to evaluate pull requests and provide security context directly within the GitHub interface.
FEATURES
SIMILAR TOOLS
Black Duck is an application security platform that provides software composition analysis and supply chain security capabilities to identify vulnerabilities, ensure license compliance, and manage SBOMs throughout the software development lifecycle.
An API security platform that combines discovery, compliance monitoring, and protection capabilities to defend against API attacks, automated threats, and data exposure.
A static code analysis tool for parsing common data formats to detect hardcoded credentials and dangerous functions.
Checkmarx One SAST is a static application security testing tool that combines speed and security to improve developer experience.
A set of 48 practical programming exercises in cryptography and application security
An API security and monitoring platform that automatically discovers, validates, and protects API endpoints while providing comprehensive management and analytics capabilities.
An API security solution that provides continuous discovery, classification, and protection of APIs across environments while integrating with existing security infrastructure to prevent attacks and business logic abuse.
SafeLine WAF is an open-source web application firewall that protects web services by filtering malicious HTTP traffic through intelligent semantic analysis and machine learning-based detection.
A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.