Detections

Harden-Runner can monitor outbound runtime detections to help you stay informed about security risks in your pipelines. You can review all past runtime detections on the Detections page under the Harden-Runner menu.

The Detections page covers four critical areas:

1. Outbound Calls Blocked

2. Anomalous Outbound Network Calls

3. Suspicious Process Events

4. Source Code Overwritten

Each detection is linked to the relevant project and includes direct links to the run and the insights URL that indicates where the detection happened.

1. Outbound Calls Blocked: Shows network requests that were blocked to prevent security risks.

1. Anomalous Outbound Network Calls: Lists unusual or unexpected external network requests.

1. Suspicious Process Events: Lists process events that are flagged as suspicious.

1. Source Code Overwritten: Tracks files modified during workflows to detect unauthorized changes.