StepSecurity has released a Unified Network Egress View for Harden-Runner, enabling enterprises to centralize and monitor all outbound network connections from GitHub Actions workflows across an entire GitHub organization or Actions Runner Controller (ARC) cluster. The feature provides an 'All Observed Endpoints' dashboard, lets engineers trace suspicious endpoints back to specific workflow runs, and supports deploying a cluster-wide default network egress policy for ARC clusters without modifying individual workflow files. A demo shows DNS data exfiltration and calls to malicious domains being blocked automatically by the default policy.
Table of contents
IntroductionPain PointsHarden-Runner Unified Network Egress View to the RescueUnified Network Egress Management for ARC clustersDefault Network Egress Filtering for ARC ClustersHow do these features work?Try It Out!Sort: