Varun SharmainInfoSec Write-upsGitHub Actions Security for Actions Runner Controller (ARC) and GitHub-Hosted RunnersProtect Against CI/CD Attacks that Poison GitHub Actions Workflows to Exfiltrate Credentials or Tamper Release Builds5 min read·Jul 26, 2023----
Varun SharmainInfoSec Write-upsGitHub Actions Goat — a Deliberately Vulnerable GitHub Actions CI/CD EnvironmentDelve into the intricacies of GitHub Actions Security by forking the GitHub Actions Goat project and learning by doing. All you need to…2 min read·Jul 21, 2023----
Varun SharmainStepSecurityOrchestrating Security: StepSecurity’s Impact on 400+ Repositories and Future PlansStepSecurity’s pull request feature has helped over 400 public repositories orchestrate application security tools and harden CI/CD…4 min read·Jun 8, 2023----
Varun SharmainStepSecurityIntroducing the Runtime Detections UI for StepSecurity Harden RunnerConsolidated view of past CI/CD runtime detections across GitHub Actions workflows in your organization2 min read·Jun 6, 2023----
Varun SharmainStepSecurityStepSecurity Harden Runner Now Supports Wildcard Domains in Block ModeAllow egress traffic to all subdomains with a single rule, simplifying the process of managing and configuring egress policies.3 min read·May 25, 2023----
Varun SharmainStepSecurityCelebrating 1000 Repositories Secured with Harden Runner: A Journey of Growth and CollaborationHarden Runner has secured a total of 1,236,972 CI/ CD pipeline executions, a testament to its robust performance and scalability4 min read·May 22, 2023----
Varun SharmainStepSecurity🎉🔐 Introducing the game-changing Org-Wide Dashboard for Secure Software Development!Empowering Organizations with Comprehensive Security Insights: Unveiling the Secure Software Development Scorecard (SSDS)2 min read·Apr 21, 2023----
Varun SharmainStepSecurityStepSecurity’s Catalog of FixesTransforming the Way Developers Approach Security Best Practices4 min read·Apr 10, 2023----
Varun SharmainStepSecuritySecure Software Development: StepSecurity’s Role in Increasing OpenSSF Scorecard ScoresStepSecurity’s pull request feature has helped over 300 repositories adopt secure development practices.4 min read·Apr 6, 2023----
Varun SharmainStepSecurityIntroducing Harden Runner Policy StoreEasily set and manage your policies without altering the workflow file!2 min read·Apr 4, 2023----