Documentation
DryRun Security is an AI-native application security platform that reviews every pull request for vulnerabilities in real time. These docs cover setup, scanning configuration, code security intelligence, platform administration, and integrations.
Get Started
I'm a Developer
Connect your repo, enable PR scanning, and get security findings inline with your pull requests.
I'm in AppSec
Discover vulnerabilities across repositories, review findings, configure policies, and track compliance.
I'm an Admin
Set up integrations, manage team permissions, configure scanning settings, and generate API tokens.
Scanning Products
PR Scanning
Automatic security review on every pull request with contextual analysis and inline comments.
Repository Scanning (DeepScan)
Full repository analysis for comprehensive vulnerability detection beyond individual PRs.
Secrets Scanning
Detect leaked credentials, API keys, and tokens before they reach production.
IaC Scanning
Scan Terraform configurations for security misconfigurations and insecure defaults.
SCA
Software composition analysis for known vulnerabilities in open-source dependencies.
Auto Fix
Automated remediation suggestions with one-click fix verification.
Code Security Intelligence
Platform & Integrations
PR Blocking
Block pull requests based on security finding severity and policy rules.
Custom Code Policies
Create custom security rules in plain English to enforce your standards.
Compliance & GRC
Compliance reporting, audit trails, and governance readiness.
Slack Integration
Receive real-time security alerts and findings in your Slack channels.
Webhook Integration
Send DryRun Security events to any webhook endpoint for custom workflows.
MCP
Model Context Protocol integration for AI-powered development tools.