A Healthcare Company Revolutionizes its GitHub Actions Security with StepSecurity

Learn how this enterprise staffed with 700 engineers harnesses StepSecurity platform in their enterprise GitHub Actions environment

A Unicorn Crypto Blockchain Platform Company Transforms GitHub Actions Security with StepSecurity

Discover how this blockchain platform company with 120 developers revolutionized their GitHub Actions security with StepSecurity

CISA Monitors Network Egress Traffic and Hardens their GitHub-hosted Runners

This case study talks about how CISA leverages StepSecurity to monitor network egress traffic and harden GitHub-hosted runners in over 175 of their public GitHub repositories.

StepSecurity Detects CI/CD Supply Chain Attack in Google’s Open-Source Project Flank in Real-Time

‍
This case study discusses how StepSecurity Harden-Runner detected a CI/CD supply chain attack in real-time in Google’s open-source project Flank.

‍

Microsoft Leverages StepSecurity to Secure CI/CD for their Open-Source Projects

Microsoft is the largest open-source contributor, with over 5,000 active contributors on GitHub. This case study will bring to light how Microsoft has implemented GitHub Actions security best practices at scale by leveraging StepSecurity GitHub Actions Security Platform.

Google Automates GitHub Actions Security for their Open-Source Projects with StepSecurity

This case study talks about how Google leverages StepSecurity’s GitHub Actions security platform to harden their GitHub-hosted runners and automate various GitHub Actions security best practices in several of their open-source projects.

"StepSecurity’s products are filling an ever-growing security gap by targeting one of the most widely used CI/CD pipeline products - GitHub Actions"

Szymon Maszke
CTO, InovIntell

"Since enabling StepSecurity Harden-Runner in our projects, we have much higher confidence and observability into what our build process is doing"

Cam Parry
Staff Site Reliability Engineer, Kapiche

"StepSecurity has helped us protect our GitHub Actions workflows from exfiltration-style attacks by providing network observability for the runtime environment"

David Mytton
CEO of Arcjet and Co-founder of Console.dev

Bazel Defends Against a CI/CD Supply Chain Vulnerability with StepSecurity

‍
This case study shows how Bazel maintainers proactively invested in fortifying their GitHub Actions workflows against CI/CD supply chain attacks.