StepSecurity Blog - GitHub Actions Security Insights

Latest Posts

February 20, 2024

•

minute read

Harden-Runner Now Supports Monitoring Outbound HTTPS Requests From GitHub Actions Runners

StepSecurity Harden-Runner can now monitor the HTTP method and path of outbound HTTPS requests using eBPF to detect potential exfiltration attempts and recommend GITHUB_TOKEN permissions!

Product

February 5, 2024

•

minute read

Unified Network Egress View: Centralize GitHub Actions Network Destinations for Your Enterprise

Discover how Harden-Runner's latest release empowers security and DevOps engineers with a unified view of GitHub Actions network egress. Effectively manage outbound endpoints for both GitHub organizations and ARC clusters.

Resources

January 31, 2024

•

minute read

Confidently Manage Risks of Third-Party GitHub Actions in Your CI/CD: Insights from StepSecurity Webinar

Unlock the secrets to securing CI/CD pipelines with expert insights on managing third-party GitHub Actions risks, featuring practical security strategies and governance solutions for enterprise environments

Product

January 24, 2024

•

minute read

Streamline Your GitHub Actions Workflows with StepSecurity’s Latest Feature

Discover StepSecurity’s latest workflow orchestration feature that is designed to resolve the challenge of standardizing workflows across repositories.

Product

January 16, 2024

•

minute read

Announcing GitHub Actions Advisor and StepSecurity Maintained Actions

Revolutionizing GitHub Actions Security: Introducing StepSecurity GitHub Actions Advisor and Maintained Actions for Safer, More Efficient DevOps.

Resources

January 10, 2024

•

minute read

8 GitHub Actions Secrets Management Best Practices to Follow

Explore how to use GitHub Actions secrets securely by restricting organizational secrets, using secrets exclusively for sensitive data, and implementing least privileged access.

Resources

December 20, 2023

•

minute read

Top 2024 Predictions for CI/CD Security

Explore comprehensive insights into emerging CI/CD security trends, challenges, and strategies for 2024

News

December 6, 2023

•

minute read

Celebrating 2,000+ GitHub Repositories Secured with Harden-Runner

StepSecurity Harden-Runner now secures 2,000+ open-source projects on GitHub including those of CISA, Google, Microsoft, Datadog, and more

Categories

Latest Posts

Harden-Runner Now Supports Monitoring Outbound HTTPS Requests From GitHub Actions Runners

Unified Network Egress View: Centralize GitHub Actions Network Destinations for Your Enterprise

Confidently Manage Risks of Third-Party GitHub Actions in Your CI/CD: Insights from StepSecurity Webinar

Streamline Your GitHub Actions Workflows with StepSecurity’s Latest Feature

Announcing GitHub Actions Advisor and StepSecurity Maintained Actions

8 GitHub Actions Secrets Management Best Practices to Follow

Top 2024 Predictions for CI/CD Security

Celebrating 2,000+ GitHub Repositories Secured with Harden-Runner

Useful Links

Community

Categories

Latest Posts

Harden-Runner Now Supports Monitoring Outbound HTTPS Requests From GitHub Actions Runners

Unified Network Egress View: Centralize GitHub Actions Network Destinations for Your Enterprise

Confidently Manage Risks of Third-Party GitHub Actions in Your CI/CD: Insights from StepSecurity Webinar

Streamline Your GitHub Actions Workflows with StepSecurity’s Latest Feature

Announcing GitHub Actions Advisor and StepSecurity Maintained Actions

8 GitHub Actions Secrets Management Best Practices to Follow

Top 2024 Predictions for CI/CD Security

Celebrating 2,000+ GitHub Repositories Secured with Harden-Runner

Useful Links

Community

Get on the Newsletter