Since its agentic and doesn't depend on rules, theres good coverage across any language, framework, or tool out of the box. It's been particularly helpful providing feedback to engineers on changes to infra level concerns like terraform or helm.

DryRun is better than any static code analyzer we’ve used. It consistently surfaces real security concerns in PRs, provides helpful context, and makes the findings actionable.

Very easy to set up and has takes in Github permissions making me worry less about what people have permission on. This SAST tool is a cutting edge and utilizes AI in a proper way allowing us to plug and play the tool into repo and get findings on it consistently across the repos we worry about. Chatting with the sec team + dev team we can see it provides value that other SAST tools haven't provided but also isn't noisy and high accurate letting find very critical bugs that have been missed in the past.