DryRun Logo

DryRun

0
Commercial
Visit Website

DryRun Security is a GitHub application that performs contextual security analysis of code changes during pull requests. The tool analyzes code changes in real-time within GitHub repositories, focusing on security context for developers. It examines authentication, authorization, sensitive codepaths, functions, authorship, intent, and code brittleness. The analyzer supports multiple programming languages including Python, Java, JavaScript/TypeScript, C++, C#, Golang, Rust, Swift, PHP, Ruby, Kotlin, Scala, and COBOL. It integrates directly into the GitHub workflow, providing security feedback before code merges into the main codebase. The tool utilizes AI-powered analysis to evaluate pull requests and provide security context directly within the GitHub interface.

FEATURES

ALTERNATIVES

A lightweight web security auditing toolkit that simplifies security tasks and enhances productivity.

Tool to inform about potential risks in project dependencies list.

Real-time, eBPF-based Security Observability and Runtime Enforcement component

Mitigate security concerns of Dependency Confusion supply chain security risks.

FingerprintJS is a client-side browser fingerprinting library that provides a unique visitor identifier unaffected by incognito mode.

Black Duck is an application security platform that provides software composition analysis and supply chain security capabilities to identify vulnerabilities, ensure license compliance, and manage SBOMs throughout the software development lifecycle.

A Dynamic Application Security Testing (DAST) platform that provides automated security testing for web applications, APIs, and LLM-powered applications throughout the software development lifecycle.

Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.