StepSecurity's Harden-Runner tool now secures over 5,000 open-source GitHub Actions workflows. The tool monitors network activity and controls egress on CI/CD runners to detect supply chain attacks. A notable case study involving Microsoft's Azure Karpenter Provider shows a real-time attack detection within an hour, earning MSRC acknowledgment. New features include GitHub Checks UI integration that surfaces security status directly in pull requests, and an improved insights page showing outbound network calls, process/file events, and recommended security policies per workflow step.
Table of contents
Recent Security Incidents Highlight the Need for CI/CD ProtectionMicrosoft Case Study: Real-World Attack DetectionEnhanced Security with GitHub Checks IntegrationImproved Harden-Runner Insights PageLooking ForwardSort: