Artificial intelligence-native application security startup DryRun Security Co. announced today that it has raised $8.7 million in new funding to grow its go-to-market operations.

Founded in 2023, DryRun specializes in AI-driven AppSec that empowers development and security teams to identify and address risks in their code. The company’s Contextual Security Analysis combines static, change and application context to provide real-time insights into vulnerabilities, making security actionable and reducing technical debt.

The DryRun Security CSA allows teams to execute GitHub native security analysis in seconds to gain awareness across both development and security teams. The company’s approach to application security goes beyond traditional scanning tools by leveraging AI to deliver contextually aware insights in real time. The platform integrates into existing workflows, allowing teams to quickly identify and address risks without compromising development speed, it claims.

Through embedding security checks directly into tools like GitHub, DryRun additionally ensures that developers receive immediate feedback and can fix issues before they escalate, reducing vulnerabilities early in the software lifecycle.

Alongside the funding announcement, DryRun also introduced a Natural Language Code Policies feature set, a tool that enables development teams to define and enforce security policies using plain, conversational language.

The idea with NLCP is that by allowing teams to write security rules in plain, conversational language, it eliminates the need for custom scripting and ensures comprehensive coverage across various codebases, regardless of language or framework. The service accelerates the software development lifecycle and also fosters a security-first culture among developers by integrating compliance and policy checks directly into their tools, such as GitHub.

“We know how frustrating it is when risky code slips in unnoticed – especially for AppSec teams who want to stay on top of every critical change,” said co-founder and Chief Executive James Wickett. “That’s why we built DryRun to find the ‘needle in the haystack’ of code changes, so teams can spot unknown risks before they start — without slowing developers down.”

The seed funding round was led by LiveOak Venture Partners and Work-Bench, with Cannage Capital also participating.

Image: DryRun Security