AI Assistance for Insights

AI Assistance for Insights

AI Assistance is an admin only chat experience inside the Insights page in the DryRun Security dashboard. It lets you ask natural language questions about your repos, pull requests, vulnerabilities, and analyzer findings, then pulls answers from your organization’s Insights data using built in tools.

What it’s for

Use AI Assistance when you want fast, plain English answers to questions like:

  • “What changed this week?”
  • “Which PR introduced the risky dependency?”
  • “What are the top risks across my repos right now?”

AI Assistance works by querying Insights data through tool calls such as searching insights, summarizing findings, drilling into a PR, or pulling file level history.

Key points

  • Admin only access: Only admin users can use AI Assistance.
  • Built for AppSec and developers: Ask about risks, PRs, vulnerabilities, integrations, and code changes.
  • 30 day window per query: Each tool call supports up to a 30-day time range. Use repeated calls for longer spans.
  • Parallel lookups: Some workflows can call multiple tools at once.

Ways to use Insights AI Assistance

Search across Insights

Purpose
Answer questions across wide-ranging security insights such as vulnerabilities, integrations, key risks, pull requests, and changes.

Best for
Broad searches across repositories when you’re exploring what is happening or what changed.

Example questions

  • “Tell me the top risks in this week’s deployments.”
  • “Any new payment processing code added recently?”
  • “Have there been any API endpoint changes in the last month?”

Summarize Insights for a time range

Purpose
Pull together a summary of critical security insights for a given time range and organization.

Best for
Big-picture views before you drill into specifics.

Example questions

  • “What were the biggest findings in my repositories last week?”
  • “Overview of vulnerabilities identified this month across all projects.”

Pull request deep dive

Purpose
Dive into the details of a specific pull request.

Best for
Investigating what happened in a PR, why it was flagged, and what to fix.

Example questions

  • “What security issues were raised in PR #135?”
  • “Was PR #104 flagged for any credential exposures?”

Analyzer stats and trends

Purpose
Fetch stats from analyzers detecting security threats like SQL injection, insecure dependencies, IDOR attacks, and more.

Best for
Metrics and trends by analyzer, repo, org, or timeframe.

Example questions

  • “How many vulnerabilities were detected by the X analyzer last week?”
  • “Show stats for threats in repository ‘dryrun-api’ for December.”

File level security data and history

Purpose
Inspect security-relevant data and history for an individual file.

Best for
File-level investigation when you already suspect a file is risky or changing often.

Example questions

  • “Give me security data for src/login.js.”
  • “What’s the history of vulnerabilities linked to src/config.yml?”

Organization access and ownership

Purpose
List the organizations you have access to, so the assistant can target the right org’s Insights.

Best for
Multi-org users, or when you need to confirm where a repo belongs.

Example questions

  • “What orgs can I explore data for?”
  • “Who owns this repository?”

Bonus: Parallel requests

Purpose
Call multiple tools in parallel when tasks can run at the same time.

Best for
Faster workflows when you want a summary plus supporting drill-down data.

Example questions

  • “Search for insights and get summaries for the last 2 months at the same time.”
  • “Pull analyzer stats and list top risky PRs for the same window.”

Common workflows

Workflow 1: Weekly risk review

  1. Run a summary for the last 7 days.
  2. Use a broad search to expand on the top risks.
  3. Drill into suspicious PRs with a pull request deep dive.

Workflow 2: “What changed?” investigation

  1. Start with a broad search for the last 30 days using keywords like auth, payments, token, endpoint, or permissions.
  2. Identify relevant PRs.
  3. Use a pull request deep dive to confirm what changed and what was flagged.

Workflow 3: Trend reporting

  1. Pull analyzer stats for the last 30 days.
  2. Repeat for prior windows (for example, previous month).
  3. Compare trends and summarize changes.

Workflow 4: File-focused root cause analysis

  1. Pull file level data for the suspected file.
  2. Identify related PRs or recurring vulnerability history.
  3. Use a pull request deep dive on the key PRs to confirm cause and fix path.
Set up NotificationsGeneric Starter Pack NLCPs