Case Study: CISA hardens GitHub-hosted runners and monitors network egress with StepSecurity

CISA Monitors Network Egress Traffic and Hardens their GitHub-hosted Runners

The Cybersecurity and Infrastructure Security Agency (CISA) needed to secure its CI/CD pipelines across hundreds of public GitHub repositories. The agency required a way to implement traffic filtering and endpoint detection in its ephemeral GitHub-hosted runner environments, as traditional security tools were ineffective. To address this challenge, CISA turned to StepSecurity and its Harden-Runner solution.

StepSecurity implemented its Harden-Runner GitHub Action, which was easily added as a first step in CISA's workflows. The solution provided granular monitoring of network egress traffic and file activity, creating baselines to detect anomalies and potential compromises. This enabled CISA to harden its CI/CD pipelines across 175 public repositories, effectively providing the network security and endpoint detection capabilities it needed to protect against threats.

Cybersecurity and Infrastructure Security Agency