Categories

Subscribe to Feed

Latest Posts

Showing 0 Items

Calculate Your CI/CD Security ROI with StepSecurity's New ROI Calculator

We're excited to announce the launch of our new ROI Calculator—a powerful tool that helps organizations assess their current CI/CD security posture and calculate the tangible time-savings and risk-avoidance benefits of implementing StepSecurity's CI/CD Security platform.

7,000 Open-Source Projects Now Secured by Harden-Runner

StepSecurity’s Harden-Runner now protects over 7,000 GitHub repositories with real-time CI/CD runtime monitoring, threat detection, and supply chain security enforcement—backed by features like impostor commit alerts, process-based detections, and GitLab support.

The GitHub Warning Everyone Ignores: 'This Commit Does Not Belong to Any Branch'

Several popular GitHub Actions have release processes where the release commit does not belong to any branch on the action repository.

Replace Third-Party Actions with StepSecurity Maintained Actions via Automated Pull Requests

Policy Driven PRs now upgrade third-party Actions to StepSecurity Maintained versions across your entire organization

StepSecurity Is Now Available on AWS Marketplace

The StepSecurity App is now available on AWS Marketplace—simplifying procurement, deployment, and CI/CD security in one place

Introducing StepSecurity Artifact Monitor: Detect Unauthorized Software Releases in minutes, not months

StepSecurity Artifact Monitoring continuously watches your artifact registries to verify every release follows your approved CI/CD process. When attackers bypass your secure pipeline using compromised credentials, you'll know within minutes instead of months

Introducing Workflow Run Policies: Guardrails for Blocking Non-Compliant GitHub Actions Runs

Workflow Run Policies enable you to block non-compliant GitHub Actions workflow runs, helping security and platform teams stop risky workflows before they execute

Harden-Runner Detects New Traffic to release-assets.githubusercontent.com Across Multiple Customers

StepSecurity's Harden-Runner detected unexpected traffic to release-assets.githubusercontent.com across multiple GitHub Actions workflows, prompting a swift investigation. Learn how baseline monitoring caught this change, why it matters for CI/CD security, and how to stay protected.

There are no blog posts matching your criteria at this time.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.