This case study talks about how Google leverages StepSecurity’s GitHub Actions security platform to harden their GitHub-hosted runners and automate various GitHub Actions security best practices in several of their open-source projects.

StepSecurity enables InovIntell to gain more visibility and confidence in their CI/CD workflows thereby reducing risk from supply chain attacks.

StepSecurity enabled Kapiche to gain more visibility and confidence in their CI/CD pipelines.

Arcjet is a startup with a mission to help developers protect their applications against various security risks. Their approach involves installing an SDK that inspects every request and offers security features, such as spam and fraud prevention, bot blocking, and API abuse protection.

This case study shows how Bazel maintainers proactively invested in fortifying their GitHub Actions workflows against CI/CD supply chain attacks.

This case study talks about how CISA leverages StepSecurity to monitor network egress traffic and harden GitHub-hosted runners in over 175 of their public GitHub repositories.