Categories

Subscribe to Feed

Latest Posts

Showing 0 Items

Secure Repo Just Got Better: New Features for GitHub Actions Security Best Practices

The updates include support for pinning GitHub’s New Immutable Actions, exemptions for pinning specific GitHub Actions, and configuring preferences to use across multiple repositories.

Why Compliance Auditors Are Looking at Your CI/CD Runners - And How to Prepare

Despite the sensitive roles CI/CD runners play (accessing source code, secrets, and deployment systems), compliance requirements often don’t explicitly call them out. As a result, security teams may focus on traditional servers and endpoints, while build runners go unmonitored. This blog will explain why that is changing.

Harden-Runner Flags Anomalous Outbound Call, Leading to Docker Documentation Update

Harden-Runner detected an unexpected outbound call from Docker across multiple customer environments. Surprisingly, it wasn’t listed in Docker’s allow list, and no EDR tool flagged it. Here’s how we identified it, reported it, and got it added to Docker’s documentation.

StepSecurity Harden-Runner Now Secures GitHub Actions Workflows for Over 5,000 Open Source Projects

We're excited to announce that StepSecurity's Harden-Runner GitHub Action has reached a significant milestone, now securing GitHub Actions workflows for over 5,000 open source projects. This milestone comes at a crucial time when CI/CD security is more important than ever, as evidenced by recent security incidents and our growing impact across the open source ecosystem.

2024 in Review: The Evolution of CI/CD Security & What's Next

How StepSecurity achieved 5X ARR growth while securing over 5,000 open-source repositories in 2024

Prevent Ultralytics Style CI/CD Security Attacks with Network Security Controls

Critical lessons in securing CI/CD pipelines from the Ultralytics GitHub Actions attack

There are no blog posts matching your criteria at this time.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.