Threat Center

The Threat Center in StepSecurity is your central view into all supply chain compromises detected by StepSecurity. It provides a real-time feed of active incidents alongside historical records, making it easier to track, investigate, and respond.

For background on the intelligence powering the Threat Center, see our blog post.

Accessing the Threat Center

Step 1: Open the StepSecurity Dashboard

From the left-hand menu, click Threat Center under Artifact Security.

You can also open the Threat Center directly by clicking the 🔔 New Threat notification in the dashboard header

Step 2: View Threats

The page displays a list of both active threats (marked with a red Active badge) and historical incidents with start and close times.

Step 3: Expand Threat Details

Click Show Details on any incident to see:
- A description of the compromise
- Affected packages or Actions
- Recommended remediation steps you can take directly within StepSecurity

Notifications and Integrations

Every new entry in the Threat Center automatically triggers notifications through your existing StepSecurity channels:

Slack
Email
AWS S3
Webhook

This ensures your team is informed immediately.

Because alerts are integrated with your existing systems, you can automate the response process. For example, you can configure your SIEM so that when a new Threat Center event is raised, an on-call engineer is automatically paged.

See an example detection event here

PreviousArtifact Security NextArtifact Monitor

Last updated 1 hour ago

Was this helpful?