SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Ai funded autonomous coding security glowing shield office scene
#
DevOps
#
Application Security
#
DevSecOps

DryRun raises USD $8.7m to secure AI-driven coding

Tue, 13th Jan 2026
Author image
By Joseph Gabriel Lagonsin, News Editor

DryRun Security has reported a seed funding round of USD $8.7 million, rising usage of its code review product, and new research claims about security gaps in applications built with large language models.

The Austin-based company said it has completed its first year out of stealth. It reported more than 250,000 code reviews run each month by customers. The company also outlined a set of product updates aimed at development teams using autonomous coding agents and LLM-driven workflows.

DryRun Security positions its product around what it calls contextual analysis of code. It said it focuses on code behaviour and execution context, alongside developer workflow integration.

"Modern software development has evolved dramatically, with autonomous agents and vibe coding quickly taking shape across the industry," said James Wickett, CEO and Co-Founder, DryRun Security. "The momentum we achieved in our first year out of stealth is a reflection of the broader shift in how software is built. As AI agents take on more responsibility in coding workflows, security must become contextual, proactive and embedded directly into the development process. DryRun Security has built the foundation for that future."

Funding and usage

DryRun Security said the USD $8.7 million seed round financed product development and commercial expansion. It also cited customer adoption across enterprise and mid-market organisations.

The company said its customers run more than 250,000 code reviews every month with DryRun Security. It described this as higher than other AI-native code security intelligence providers.

Product changes

DryRun Security said it has expanded its product set during the past year. It described its core technology as an AI-native Contextual Security Analysis engine. The company said the engine targets agentic development environments and LLM-driven coding workflows.

One product addition is Natural Language Code Policies. DryRun Security said security teams can use it to define secure coding requirements in plain English. It said the feature replaces rule-based configuration. It also said policies appear in every pull request.

Another addition is a Custom Policy Agent. The company said it enforces natural language policies in developer workflows. It said the agent scans pull requests and provides inline feedback.

The company also introduced Code Insights MCP. It said the feature connects its Code Insights product to MCP-compatible AI assistants. It said this allows natural language search, summaries and trend reporting across pull requests and repositories.

Accuracy claims

DryRun Security also highlighted its results in a SAST Accuracy Report. It said DryRun detected 88% of seeded vulnerabilities out of the box. It said the report compared DryRun with five leading static analysis tools. It said the results were strongest on complex logic and authorisation flaws.

The company also presented research on security testing for LLM-enabled applications. It said traditional static analysis tools missed more than 80% of vulnerabilities in those applications, based on its "Building Secure AI Applications" report.

DryRun Security linked the findings to shifting development patterns. It said execution paths become more dynamic in agentic systems. It also said autonomous agents increasingly generate or modify code. It argued that these factors expose limits in legacy application security approaches.

Invisible Technologies is a customer of DryRun Security. The company described its own environment as increasingly reliant on AI-generated code and customised delivery.

"As we lean harder into AI-generated code and highly customized delivery environments for our customers, we need more than a traditional code scanner. DryRun Security lets us continuously understand and explain the security posture of what we're building, internally and for Fortune 50 clients, in a way that actually maps to how modern engineering teams work," said Patrick McKinney, Vice President Security, Invisible Technologies. "The combination of real-time, context-aware analysis and MCP capabilities gives us a path to turn raw findings into customer-ready artifacts and ongoing assurance. For us, DryRun Security is less 'AI code review' and more a core piece of how we're building an AI-first security program going into 2026 and beyond."

DryRun Security said it expects more software development teams to adopt autonomous agents. It said security tools will need to address dynamic execution paths and code changes made by humans and AI systems.

Related stories
Dark web ‘fraud superstore’ struggles with AI checks
DroneShield names Michael Powell new chief operating officer
Rockwell opens Singapore SOC to secure Asia Pacific OT
Why the all-AI social network looks more fad than legacy
Hexnode embeds upgraded Genie AI to run UEM actions

Top stories

Google boosts AI research, skills & safety in Singapore
Fireblocks & Thales deepen bank crypto key control
SentinelOne debuts lifecycle platform for AI security
CelcomDigi survey to tackle AI-driven scams at unis
Synology gains ISO 27001:2022 for security management