Showing 0 Items
StepSecurity now supports dark mode for a more comfortable security investigation experience. Reduce eye strain and stay focused during long CI/CD analysis sessions
Modern supply chain attacks target developer machines and AI coding agents. Learn how StepSecurity Dev Machine Guard stops credential theft early
From 5,000 to 10,000 in just one year: How Harden-Runner doubled its reach and became the standard for CI/CD runtime security
How StepSecurity achieved 5X ARR growth for the second year in a row while securing over 10,000 open-source repositories in 2025
GitHub's new custom runner images let you embed Harden-Runner directly into your infrastructure, providing automatic runtime protection across all workflows without modifying a single workflow file
The StepSecurity App is now available on Azure Marketplace—simplifying procurement, deployment, and CI/CD security in one place.
Security researchers have uncovered severe unauthenticated remote code execution vulnerabilities in React Server Components and Next.js App Router that achieve near 100% exploitation success rates. With 39% of cloud environments running vulnerable versions and 44% having publicly exposed Next.js instances, immediate patching is critical. Organizations should upgrade to patched versions and use StepSecurity's npm package search and Threat Center to identify and monitor affected dependencies.
A case study on detecting npm supply chain attacks through runtime monitoring and baseline anomaly detection
