

















We’re excited to announce our integration with RunsOn, the modern way to self-host GitHub Actions runners at scale on AWS, with incredible cost savings and advanced features. With this partnership, StepSecurity Harden-Runner now seamlessly integrates with RunsOn, providing enhanced security and visibility for CI/CD pipelines.
As software supply chain attacks continue to rise, securing your CI/CD environment is more critical than ever. Harden-Runner protects against supply chain threats by restricting outbound network calls, monitoring runtime activity, and providing actionable insights—all without disrupting developer workflows. By integrating with RunsOn, teams can now benefit from these security enhancements while leveraging RunsOn’s optimized, scalable, and cost-efficient CI/CD runners.
This integration eliminates all deployment friction with Harden-Runner as it comes preinstalled in RunsOn StepSecurity images, ensuring you achieve 100% coverage from day one.
RunsOn offers a powerful alternative to GitHub-hosted runners, delivering:
- Comprehensive CI/CD Security: Harden-Runner ensures that every build running on RunsOn adheres to strict security controls, preventing unauthorized outbound network calls and detecting suspicious behaviors in real time.
- Seamless Deployment: RunsOn customers can use out of the box StepSecurity-provided images with their RunsOn deployment. This allows them to use the latest Harden-Runner agent without manually baking it into their CI/CD images and without the hassle of updating the agent when a new version becomes available.
- Minimal Setup: Just use the Runs-On StepSecurity images and start benefiting from security insights without additional manual configuration.
To use StepSecurity Harden-Runner with RunsOn, simply update your runner configuration to use a StepSecurity image. Here's an example GitHub Actions workflow:
jobs:
build:
runs-on:
- runs-on=${{ github.run_id }}
- runner=2cpu-linux-x64
- image=ubuntu24-stepsecurity-x64 This setup ensures that you are always using the latest Harden-Runner agent without manually baking it into your image or handling updates yourself.
Enabling StepSecurity’s Harden-Runner on RunsOn is simple. Follow our integration guide to set up Harden-Runner within your RunsOn-powered workflows. Once integrated, you’ll have complete visibility into network and runtime activity while maintaining full control over your build security.
At StepSecurity, we’re committed to making CI/CD security accessible, effective, and developer-friendly. Our partnership with RunsOn is another step toward ensuring that organizations can secure their software supply chains without compromising agility or performance.
Try out the integration today and let us know your feedback! If you have any questions, contact us.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。