Cloneable elements and templates
Design files, UI kits and iconography
Code snippets for your web projects
April 17, 2024
•
4
minute read
StepSecurity is now a member of the Open Source Security Foundation, a global cross-industry initiative focussing on securing open source software (OSS).
April 1, 2024
6
We analyzed the XZ Utils build process using StepSecurity Harden-Runner and observed the injection of the backdoor. This analysis shows the importance of runtime security monitoring during the build process and how it can help detect such supply chain attacks.
March 21, 2024
8
Explore the ins and outs of GITHUB_TOKEN- from using it securely, risks involved, and setting the right token permissions to keep your workflows secure.
March 20, 2024
16
Your guide to implementing GitHub Actions security best practices- from secret management, third-party actions governance, workflow change management, and more
March 11, 2024
3
Learn about the critical vulnerability in tj-actions/changed-files GitHub Action and how StepSecurity's solution fortifies your CI/CD pipelines against potential exploits.
February 28, 2024
2
We're celebrating 2500+ public repositories secured with Harden-Runner! Read this blog to explore how there is a rising need for CI/CD infrastructure security, the impact of Harden-Runner, its new features and how it has become a part of developers' vocabulary.
February 21, 2024
Optimize GitHub Actions security with a comprehensive approach to third-party governance and proactively manage their risks. Discover effective strategies to secure your CI/CD pipelines and enhance the overall system reliability of the third-party GitHub Actions being used.
February 20, 2024
5
StepSecurity Harden-Runner can now monitor the HTTP method and path of outbound HTTPS requests using eBPF to detect potential exfiltration attempts and recommend GITHUB_TOKEN permissions!