StepSecurity Logo

StepSecurity

1
Commercial
1 reviews
Updated 11 March 2025
Application Security
Ci Cd
Github
Devsecops
Security Automation
Cloud Security
Vulnerability Management
Visit Website

StepSecurity is a platform designed to enhance the security of GitHub Actions CI/CD pipelines. It offers several key features: 1. Harden Runner: Implements network egress control and infrastructure security for GitHub Actions runners, helping prevent supply chain attacks. 2. Risk Discovery: Identifies CI/CD risks and GitHub Actions security misconfigurations. 3. Action Replacement: Substitutes potentially risky third-party Actions with StepSecurity Maintained Actions, reducing the need for forking and maintenance. 4. Orchestration: Automates the implementation of GitHub Actions security best practices through pull requests. 5. Network Egress Filtering: Provides runtime security by blocking egress traffic with an allowlist, compatible with various runner types. 6. Action Risk Assessment: Discovers and evaluates the risk of GitHub Actions used across an organization. 7. Standardization: Helps integrate AppSec tools and security best practices into GitHub Actions workflow files.

FEATURES

EXPLORE BY TAGS

Ci Cd

Github

Devsecops

Security Automation

Cloud Security

Vulnerability Management

SIMILAR TOOLS

Redirecting Logo
Redirecting

A tool for redirecting HTTP and HTTPS requests to other URLs.

Free
Application Security
django-admin-honeypot Logo
django-admin-honeypot

A fake Django admin login screen to detect and notify admins of attempted unauthorized access

Free
Application Security
CFRipper Logo
CFRipper

CFRipper is a Library and CLI security analyzer for AWS CloudFormation templates.

Free
Application Security
Black Duck Logo
Black Duck

Black Duck is an application security platform that provides software composition analysis and supply chain security capabilities to identify vulnerabilities, ensure license compliance, and manage SBOMs throughout the software development lifecycle.

Commercial
Application Security
Dependencies Logo
Dependencies

An open-source modern Dependency Walker for Windows developers.

Free
Application Security
ffufai Logo
ffufai

ffufai is an AI-enhanced wrapper for ffuf that automatically suggests file extensions for web fuzzing based on the target URL and headers.

Free
Application Security
CAPA Logo
CAPA

A tool for detecting capabilities in executable files, providing insights into a program's behavior and potential malicious activities.

Free
Application Security
AppSweep Logo
AppSweep

An open-source tool for detecting and analyzing Android apps' vulnerabilities and security issues.

Free
Application Security
jsunpack-n Logo
jsunpack-n

Emulates browser functionality to detect exploits targeting browser vulnerabilities.

Free
Application Security

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy