StepSecurity is a platform designed to enhance the security of GitHub Actions CI/CD pipelines. It offers several key features: 1. Harden Runner: Implements network egress control and infrastructure security for GitHub Actions runners, helping prevent supply chain attacks. 2. Risk Discovery: Identifies CI/CD risks and GitHub Actions security misconfigurations. 3. Action Replacement: Substitutes potentially risky third-party Actions with StepSecurity Maintained Actions, reducing the need for forking and maintenance. 4. Orchestration: Automates the implementation of GitHub Actions security best practices through pull requests. 5. Network Egress Filtering: Provides runtime security by blocking egress traffic with an allowlist, compatible with various runner types. 6. Action Risk Assessment: Discovers and evaluates the risk of GitHub Actions used across an organization. 7. Standardization: Helps integrate AppSec tools and security best practices into GitHub Actions workflow files.
FEATURES
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
ALTERNATIVES
An open-source modern Dependency Walker for Windows developers.
A security feature to prevent unexpected manipulation of fetched resources.
cwe_checker is a suite of checks to detect common bug classes in ELF binaries using Ghidra for firmware analysis.
Tool to inform about potential risks in project dependencies list.
ConDroid performs concolic execution of Android apps to observe 'interesting' behavior in dynamic analysis.
AWS Web Application Firewall (WAF) for protecting web applications from common exploits.