Categories

Subscribe to Feed

Latest Posts

Showing 0 Items

Introducing StepSecurity Artifact Monitor: Detect Unauthorized Software Releases in minutes, not months

StepSecurity Artifact Monitoring continuously watches your artifact registries to verify every release follows your approved CI/CD process. When attackers bypass your secure pipeline using compromised credentials, you'll know within minutes instead of months

Introducing Workflow Run Policies: Guardrails for Blocking Non-Compliant GitHub Actions Runs

Workflow Run Policies enable you to block non-compliant GitHub Actions workflow runs, helping security and platform teams stop risky workflows before they execute

Harden-Runner Detects New Traffic to release-assets.githubusercontent.com Across Multiple Customers

StepSecurity's Harden-Runner detected unexpected traffic to release-assets.githubusercontent.com across multiple GitHub Actions workflows, prompting a swift investigation. Learn how baseline monitoring caught this change, why it matters for CI/CD security, and how to stay protected.

StepSecurity Harden-Runner Now Secures GitHub Actions Workflows for Over 6,000 Open Source Projects

StepSecurity’s Harden-Runner now secures over 6,000 open source GitHub Actions workflows—detecting supply chain threats like CVE-2025-30066, improving Docker transparency, and adding new features like S3 export, GitHub Checks, and lockdown mode.

Grafana GitHub Actions Security Incident

This blog post will be updated as more details emerge. On Saturday, April 26, 2025, Grafana Labs disclosed that an unauthorized user leveraged a vulnerability in a GitHub Actions workflow within a public Grafana Labs repository.

Export Harden-Runner Security Insights and Detections to Amazon S3

Send Harden-Runner insights and detections to Amazon S3 for centralized analysis, long-term storage, and seamless integration with your security tools

Evolving Harden-Runner’s disable-sudo Policy for Improved Runner Security

This post details a vulnerability to bypass Harden-Runner’s disable-sudo policy, the assigned CVE, and the steps we’ve taken to mitigate and detect it.

Announcing Policy-Driven Automated Pull Requests for CI/CD Misconfiguration Remediation

Strengthen CI/CD security with policy-driven automated pull requests. Automatically remediate misconfigurations in your GitHub Action workflows.

There are no blog posts matching your criteria at this time.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.