HardenRunner
source link: https://console.dev/tools/harden-runner
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
GitHub Actions runtime security.
Our review
What we like
Protects runner workflows from exfiltration-style attacks by providing network observability for the runtime environment. Monitors files, process & network activity. Can block egress traffic (with allowlists), detect source code tampering, and compromised dependencies. Runs on GitHub hosted, self hosted, and VM runners.
What we don't like
Analysis and security recommendations are provided via a link to a web UI in the workflow output rather than natively as part of the output logs.
Reviewed: 2023-10-05
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK