Categories

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Latest Posts

News
News

November 15, 2024

3

minute read

Harden-Runner Detects Anomalous Traffic to api.ipify.org Across Multiple Customers

Starting November 8, 2024, 6:32 PM UTC, StepSecurity Harden-Runner detected unusual outbound network traffic to an unknown domain from multiple GitHub Actions workflow runs across several customers. This systemic incident underscores the importance of real-time monitoring and network visibility for CI/CD runners, showcasing Harden-Runner's effectiveness in identifying and addressing security anomalies.

News
News

November 7, 2024

1

minute read

StepSecurity Harden-Runner Featured in the GitHub Action in Action Book

GitHub Actions in Action highlights Harden-Runner as a solution for monitoring and limiting network access from GitHub runners.

News
News

November 7, 2024

2

minute read

StepSecurity Harden-Runner Now Secures Over 4,500 Open Source Repositories

From startups to government agencies, more than 4,500 repositories now rely on Harden-Runner for CI/CD security. Here’s a look at our latest milestone, some exciting new adoptions, and how you can leverage Harden-Runner to harden your runners.

Resources
Resources

October 29, 2024

20

minute read

Migrating From Jenkins to GitHub Actions: A Step-by-Step Guide

Learn the step-by-step process for migrating from Jenkins to GitHub Actions. This guide covers key differences, best practices, and solutions to common challenges, helping DevOps teams streamline CI/CD workflows efficiently.

Resources
Resources

September 23, 2024

8

minute read

GITHUB_TOKEN: How It Works and How to Secure Automatic GitHub Action Tokens

Explore the ins and outs of GitHub token- from using it securely, risks involved, and setting the right token permissions to keep your workflows secure.

Product
Product

September 19, 2024

5

minute read

Implementing an Internal GitHub Actions Marketplace with StepSecurity

Third-party GitHub Actions accelerate CI/CD pipeline development but pose significant supply chain risks for enterprises. Implementing an internal GitHub Actions marketplace with StepSecurity allows organizations to securely vet, approve, and maintain these Actions, balancing developer productivity with robust security standards.

News
News

September 11, 2024

5

minute read

StepSecurity Harden-Runner Now Secures Over 4,000 Open Source Repositories

From startups to tech giants, over 4,000 repositories now rely on Harden-Runner for CI/CD security. Learn about our journey and how you can leverage Harden-Runner to protect your software supply chain.

Resources
Resources

September 5, 2024

4

minute read

Security Breach in Stripe Repo: A Deep Dive into the "Pwn Request" Vulnerability

The Vulnerability in Stripe’s GitHub Actions Workflow Shows Why Securing CI/CD Pipelines Is Essential

Useful Links
HomeWhy StepSecurityDocsPricingContact UsBook a DemoPrivacy PolicyTerms
Community