Cloneable elements and templates
Design files, UI kits and iconography
Code snippets for your web projects
May 1, 2024
•
6
minute read
Building on our solid foundation, we're thrilled to enter the next phase of growth to empower the open-source community and enterprises to secure their CI/CD pipelines
April 25, 2024
5
We're celebrating 3000+ public repositories secured with Harden-Runner! Read this blog to explore how we analyzed the XZ build process using Harden-Runner, how Harden-Runner detected a real CI/CD supply chain attack in a Google open-source project, and more.
April 17, 2024
4
StepSecurity is now a member of the Open Source Security Foundation, a global cross-industry initiative focussing on securing open source software (OSS).
April 1, 2024
We analyzed the XZ Utils build process using StepSecurity Harden-Runner and observed the injection of the backdoor. This analysis shows the importance of runtime security monitoring during the build process and how it can help detect such supply chain attacks.
March 21, 2024
8
Explore the ins and outs of GITHUB_TOKEN- from using it securely, risks involved, and setting the right token permissions to keep your workflows secure.
March 20, 2024
16
Your guide to implementing GitHub Actions security best practices- from secret management, third-party actions governance, workflow change management, and more
March 11, 2024
3
Learn about the critical vulnerability in tj-actions/changed-files GitHub Action and how StepSecurity's solution fortifies your CI/CD pipelines against potential exploits.
February 28, 2024
2
We're celebrating 2500+ public repositories secured with Harden-Runner! Read this blog to explore how there is a rising need for CI/CD infrastructure security, the impact of Harden-Runner, its new features and how it has become a part of developers' vocabulary.