# Detections Harden-Runner can monitor outbound runtime detections to help you stay informed about security risks in your pipelines. You can review all past runtime detections on the **Detections** page under the **Harden-Runner** menu. The **Detections** page covers four critical areas: 1. Outbound Calls Blocked 2. Anomalous Outbound Network Calls 3. Suspicious Process Events 4. Source Code Overwritten Each detection is linked to the relevant project and includes direct links to the run and the insights URL that indicates where the detection happened. 1. **Outbound Calls Blocked**: Shows network requests that were blocked to prevent security risks.

2. **Anomalous Outbound Network Calls**: Lists unusual or unexpected external network requests.

3. **Suspicious Process Events:** Lists process events that are flagged as suspicious.

4. **Source Code Overwritten**: Tracks files modified during workflows to detect unauthorized changes.

--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.stepsecurity.io/azure-devops/harden-runner/detections.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.