# Introduction **Welcome to the StepSecurity Documentation hub!** Here, you'll find all the information you need to get started with StepSecurity, implement its powerful features, and manage your security operations efficiently. Our documentation is designed to help you navigate the platform effortlessly and maximize your use of StepSecurity's tools. ## What is StepSecurity? StepSecurity detects, prevents, and responds to software supply chain attacks across three critical surfaces: developer environments, code repositories, and CI/CD pipelines. It works by deploying lightweight agents and automated checks at each stage of your development lifecycle: **On CI/CD runners**, the Harden-Runner agent uses eBPF to monitor every outbound network call, file write, and process execution, correlating each event to the specific workflow step that triggered it. **On code repositories**, automated checks block compromised npm packages and enforce security best practices through pull requests. **On developer machines**, a lightweight script inventories AI coding agents, IDE extensions, and local packages to catch threats before they reach your pipelines. ## **Documentation by Product Area** **CI/CD Security** (this site) — Harden-Runner runtime protection, GitHub Checks, automated remediation, Actions governance, and workflow run policies for GitHub Actions pipelines. * [GitHub Actions](https://docs.stepsecurity.io/getting-started) * [GitLab CI](https://app.gitbook.com/o/Hhu8NwchzrRxmxplqEVj/s/YFxETuN91qNPkGoCUqeM/) * [Azure DevOps](https://app.gitbook.com/o/Hhu8NwchzrRxmxplqEVj/s/dMU7uDytQwFdSykTeAVU/) [**NPM Supply Chain Security →**](https://app.gitbook.com/o/Hhu8NwchzrRxmxplqEVj/s/nWcOGIMQQsclkjX6nz4Z/) — Cooldown policies, compromised package detection, enterprise-wide package search, threat intelligence, and incident response for npm dependencies. [**Dev Machine Guard →**](https://app.gitbook.com/o/Hhu8NwchzrRxmxplqEVj/s/Twdhew5C2AOSJZhpI0uC/) — Device inventory, IDE extension governance, local dependency monitoring, and AI coding agent visibility for developer machines. ## Trusted by Leading Open-Source Projects & Enterprises Harden-Runner, one of StepSecurity's core solutions is trusted by **13,000+** open-source projects and enterprises, including industry giants like Microsoft, Google, Kubernetes, and more. ### Recent supply chain attacks detected by Harden-Runner * [tj-actions/changed-files compromise](https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised) ([CVE-2025-30066](https://github.com/advisories/GHSA-mrrh-fwg8-r2c3)) * [axios npm compromise: the largest npm supply chain attack by download count](https://www.stepsecurity.io/blog/behind-the-scenes-how-stepsecurity-detected-and-helped-remediate-the-largest-npm-supply-chain-attack) * [Bitwarden CLI hijacked on npm: credential stealer targets developers, GitHub Actions, and AI tools](https://www.stepsecurity.io/blog/bitwarden-cli-hijacked-on-npm-bun-staged-credential-stealer-targets-developers-github-actions-and-ai-tools) * [Sha1-Hulud Supply Chain Attack in CNCF's Backstage Repository](https://www.stepsecurity.io/blog/how-harden-runner-detected-the-sha1-hulud-supply-chain-attack-in-cncfs-backstage-repository) * [NX Build System compromise](https://www.stepsecurity.io/blog/supply-chain-security-alert-popular-nx-build-system-package-compromised-with-data-stealing-malware) * [xygeni-action GitHub Action backdoored via tag poisoning](https://www.stepsecurity.io/blog/xygeni-action-compromised-c2-reverse-shell-backdoor-injected-via-tag-poisoning) ### Customer case studies * [How Coveo Strengthened GitHub Actions Security with StepSecurity](https://www.stepsecurity.io/case-studies/coveo) * [Hashgraph Achieves Comprehensive CI/CD Security Without Compromising Development Speed](https://www.stepsecurity.io/case-studies/hashgraph) * [How Harden-Runner Caught a Supply Chain Attack in Google's Flank Project](https://www.stepsecurity.io/case-studies/flank) * [How Harden-Runner Caught a Supply Chain Attack in Microsoft's Azure Karpenter Provider](https://www.stepsecurity.io/case-studies/azure-karpenter-provider) **See every incident StepSecurity has caught in the wild:** [View All Incidents →](https://www.stepsecurity.io/incidents) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.stepsecurity.io/readme.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.