StepSecurity App
GitHub App
StepSecurity App
GitHub App
StepSecurity App
StepSecurity App is a solution for GitHub Security Posture Management and CI/ CD protection that finds weak spots across your organization's GitHub repositories, helps strengthen the overall security posture of your environment, and protects GitHub Actions CI/ CD pipelines from evolving threats.
- Assess and strengthen the security configuration of your GitHub repositories and GitHub Actions workflows
- Manage compliance against critical industry and regulatory standards
- Enable threat protection for builds running on GitHub Actions hosted runners
One-click automated remediations using pull requests
StepSecurity App uses our open source Secure Workflows project to:
- Automatically set minimum GITHUB_TOKEN permissions
- Pin Actions to a full length commit SHA
- Add Harden-Runner GitHub Action to each job
- Add Dependabot configuration to match the languages used in your GitHub repository
- Get suggestions and add Static Application Security Testing (SAST) tools to your workflows
Pricing
- The beta release will be free for everyone
- Pricing model for enterprise customers will be decided when App is generally available (GA)
Developer
StepSecurity App is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.
Report abuse