DryRun Security Named a High Performer in SAST in Spring 2026 G2 Reports
Recognition underscores a broader shift in how security teams evaluate AppSec in the new era of AI-generated code
AUSTIN, Texas, April 07, 2026 (GLOBE NEWSWIRE) -- DryRun Security, the industry’s first AI-native, code security intelligence company, today announced it has been recognized as a High Performer in the Static Application Security Testing (SAST) category in G2’s Spring 2026 reports, earning an overall rating of 4.9 out of 5 stars based on verified customer reviews.
“Most SAST tools were built to match patterns in code that humans wrote slowly,” said James Wickett, CEO of DryRun Security. “That’s not how software is built anymore. When code is generated, modified, and shipped at this pace, the problem isn’t finding more issues; it’s understanding what the code actually does and whether it introduces real risk. What we’re seeing from customers is a move away from alert volume and toward systems that can reason about behavior, trust boundaries, and impact. That’s where this category is going.”
Across G2 reviews, customers consistently point to the limitations of traditional, rule-based SAST tools, particularly in identifying vulnerabilities tied to authorization logic, business workflows, and application behavior in context. While legacy scanners remain effective at detecting known patterns, they often miss the logic-driven issues behind real-world exploits.
DryRun Security addresses this gap by analyzing code changes in context and evaluating how new code interacts with identity systems, data flows, and trust boundaries. Findings are surfaced directly in pull requests, giving developers clear, actionable visibility into the security impact of changes as they are introduced.
Reviewers also highlight DryRun’s signal quality as a key differentiator. In high-volume development environments, excessive false positives erode trust and slow teams down. Customers consistently cite DryRun’s ability to deliver high-confidence findings without adding noise, allowing teams to focus on issues that matter.
In addition, users highlighted how seamlessly DryRun fits into modern development workflows. The platform installs once, automatically scans new repositories, and integrates directly into existing pipelines, providing near real-time feedback within the tools developers already use.
As one customer, a lead AppSec engineer from a mid-market company, praised,“[It’s] very easy to set up and take in GitHub permissions, making me worry less about access. This SAST tool is cutting-edge and uses AI in a proper way, allowing us to plug it into our repos and get consistent findings across the ones we care about. Across both the security and dev teams, it’s clear it provides value other SAST tools haven’t, without the noise, and with high accuracy that helps us find critical bugs that were missed in the past.”
The recognition reflects a broader shift in the SAST category. As codebases grow and AI-generated code becomes standard, security teams are reevaluating tools that rely solely on pattern matching. Increasingly, organizations are prioritizing solutions that provide contextual understanding of how code behaves and where risk is introduced.
About DryRun Security
DryRun Security is the industry’s first AI-native, agentic code security intelligence solution. Powered by its proprietary Contextual Security Analysis engine, DryRun Security helps security and developer teams reduce noise, surface real risk, and secure modern software built by both humans and autonomous agents. DryRun Security saves organizations thousands of hours otherwise spent on false positives, manual triage, and reactive reviews, while enabling security to scale with the speed and complexity of AI-driven development. For more information, please visit: https://www.dryrun.security/.
CONTACT: Media Contact Nina Korfias for DryRun Security nina@aspironinfluence.com
Legal Disclaimer:
EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
