Case Study: a leading cryptocurrency company secures GitHub Actions with StepSecurity

A Unicorn Crypto Blockchain Platform Company Transforms GitHub Actions Security with StepSecurity

A leading cryptocurrency company that develops a blockchain platform urgently needed to secure its self-hosted GitHub Actions runners on Kubernetes. The highly sensitive nature of its operations made its CI/CD pipelines a prime target, and existing cloud vendor security controls were ineffective. They turned to StepSecurity to address the unique vulnerabilities in their GitHub Actions workflows, particularly the risk from numerous third-party actions.

StepSecurity implemented its Kubernetes-aware Harden-Runner solution for the company's Actions Runner Controller (ARC) clusters, providing network egress filtering and runtime security. The StepSecurity platform also enabled the team to analyze and replace risky third-party actions. This solution secured over 500 workflows across 100 repositories, significantly enhancing runtime security, mitigating third-party risks, and bolstering the company's position as a secure leader in the blockchain market.