DryRun Security Raises $8.7M, Innovates with Natural Language Code Policies for Improved AppSec
In a notable development in the field of application security, DryRun Security has successfully raised $8.7 million in a seed funding round. This investment was led by LiveOak Ventures and Work-Bench, with additional support from Cannage Capital. The funding comes as the company unveils its latest innovation: Natural Language Code Policies (NLCP).
NLCP is a transformative feature designed to streamline the application security (AppSec) process. Traditionally, teams have spent excessive amounts of time managing scripted policy rules, but NLCP allows for the definition of security policies using intuitive, conversational language. This simplification drastically reduces the burdens of custom rule writing, providing teams with the ability to cover all code bases without getting bogged down by specific programming languages or frameworks.
As organizations grapple with increasingly complex codebases and rapid development cycles, the role of AppSec professionals has become more challenging. The growth of security issue backlogs highlights the need for more effective tools. Developers often encounter difficulties interpreting results from conventional code scanning tools, leading to potential security oversights. DryRun Security addresses this gap by integrating advanced AI and Language Learning Models to enhance their security protocols.
The company's new Contextual Security Analysis (CSA) is at the forefront of this innovation. By considering static context, change context, and application context, CSA efficiently identifies security risks and facilitates their mitigation directly within the developers' workflows. This method caters specifically to modern application architectures and encourages seamless integration into DevOps practices. As a result, developers can prioritize security without feeling overwhelmed by additional tool-related pressures.
Creighton Hicks, a partner at LiveOak Ventures, praised DryRun Security’s approach, stating that it offers a significant advance in application security by allowing teams to recognize risks not just based on syntax, but within the broader context of the code. This provides a crucial understanding of how security risks are intertwined with development processes.
With the introduction of NLCP, AppSec professionals can effectively assess code changes using natural language, drastically improving the identification of risky edits. James Wickett, co-founder and CEO of DryRun Security, expressed that the goal was to help teams avoid missing risky code changes without disrupting their workflow. The company has already garnered positive feedback from trial customers, who report enhanced security posture and efficiency due to the new system.
For instance, Gary Gonzalez, CTO of PlanetArt, noted that DryRun Security’s integration with GitHub equips developers with immediate feedback on security threats, enabling rapid resolution of issues. This proactive approach fosters a heightened security awareness among development teams, showcasing the importance of a collaborative security culture.
Kelley Mak, General Partner at Work-Bench, underscored the significance of DryRun Security’s solutions for enterprises seeking to embed security practices within their software development life cycle (SDLC). In a landscape where security-related challenges are continually evolving, DryRun Security's focus on harnessing the latest AI technology positions it to redefine how organizations manage and mitigate application vulnerabilities.
Founded by James Wickett and Ken Johnson in 2023, DryRun Security aims to revolutionize the way developers approach application security. The recent funding will be pivotal in bolstering their engineering efforts and refining their go-to-market strategies. As they continue to grow, the emergence of tools like NLCP will undoubtedly pave the way for more secure coding environments, benefitting both developers and organizations at large.
For further details on DryRun Security and their innovative tools for application security, visit their blog at www.dryrun.security/blog/announcing-natural-language-code-policies.
NLCP is a transformative feature designed to streamline the application security (AppSec) process. Traditionally, teams have spent excessive amounts of time managing scripted policy rules, but NLCP allows for the definition of security policies using intuitive, conversational language. This simplification drastically reduces the burdens of custom rule writing, providing teams with the ability to cover all code bases without getting bogged down by specific programming languages or frameworks.
As organizations grapple with increasingly complex codebases and rapid development cycles, the role of AppSec professionals has become more challenging. The growth of security issue backlogs highlights the need for more effective tools. Developers often encounter difficulties interpreting results from conventional code scanning tools, leading to potential security oversights. DryRun Security addresses this gap by integrating advanced AI and Language Learning Models to enhance their security protocols.
The company's new Contextual Security Analysis (CSA) is at the forefront of this innovation. By considering static context, change context, and application context, CSA efficiently identifies security risks and facilitates their mitigation directly within the developers' workflows. This method caters specifically to modern application architectures and encourages seamless integration into DevOps practices. As a result, developers can prioritize security without feeling overwhelmed by additional tool-related pressures.
Creighton Hicks, a partner at LiveOak Ventures, praised DryRun Security’s approach, stating that it offers a significant advance in application security by allowing teams to recognize risks not just based on syntax, but within the broader context of the code. This provides a crucial understanding of how security risks are intertwined with development processes.
With the introduction of NLCP, AppSec professionals can effectively assess code changes using natural language, drastically improving the identification of risky edits. James Wickett, co-founder and CEO of DryRun Security, expressed that the goal was to help teams avoid missing risky code changes without disrupting their workflow. The company has already garnered positive feedback from trial customers, who report enhanced security posture and efficiency due to the new system.
For instance, Gary Gonzalez, CTO of PlanetArt, noted that DryRun Security’s integration with GitHub equips developers with immediate feedback on security threats, enabling rapid resolution of issues. This proactive approach fosters a heightened security awareness among development teams, showcasing the importance of a collaborative security culture.
Kelley Mak, General Partner at Work-Bench, underscored the significance of DryRun Security’s solutions for enterprises seeking to embed security practices within their software development life cycle (SDLC). In a landscape where security-related challenges are continually evolving, DryRun Security's focus on harnessing the latest AI technology positions it to redefine how organizations manage and mitigate application vulnerabilities.
Founded by James Wickett and Ken Johnson in 2023, DryRun Security aims to revolutionize the way developers approach application security. The recent funding will be pivotal in bolstering their engineering efforts and refining their go-to-market strategies. As they continue to grow, the emergence of tools like NLCP will undoubtedly pave the way for more secure coding environments, benefitting both developers and organizations at large.
For further details on DryRun Security and their innovative tools for application security, visit their blog at www.dryrun.security/blog/announcing-natural-language-code-policies.
Topics Consumer Technology)
【About Using Articles】
You can freely use the title and article content by linking to the page where the article is posted.
※ Images cannot be used.
【About Links】
Links are free to use.