Skip to content

step-security/harden-runner

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Repository files navigation

Step Security Logo

Harden Runner

This GitHub Action deploys the Step Security Agent, which is a purpose-built security agent for hosted runners.

To pilot this GitHub Action, add the following code to your GitHub Actions workflow file as the first step. This is the only step needed.

steps:
    - uses: step-security/harden-runner@main

In the workflow logs, you should see a link to security insights and recommendations.

It is being piloted on this repository. Check out the workflow files and workflow runs.

About

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in real-time.

www.stepsecurity.io

Topics

actions hardening security-hardening egress-filtering network-security runners runtime-security github-actions supply-chain-security

Resources

Readme

License

Apache-2.0 license

Security policy

Security policy
Activity
Custom properties

Stars

982 stars

Watchers

11 watching

Forks

84 forks
Report repository

Releases 58

v2.15.1 Latest
Mar 5, 2026
+ 57 releases

Packages

 
 
 

Used by 11.4k

  • @base
  • @hedera-dev
  • @OpenSource-For-Freedom
  • @Open-CMSIS-Pack
  • @ODOO-C3
  • @gander-tools
  • @modeseven-lfreleng-actions
  • @DoodleScheduling
+ 11,398

Contributors 13

Languages