Developer Experience

StepSecurity integrates directly into your existing GitHub workflows to help you secure your CI/CD pipelines—without getting in your way.

As a developer, you don’t need to change how you work. StepSecurity brings visibility, automation, and guardrails into your repositories through features like Harden-Runner, StepSecurity Maintained Actions, GitHub Checks, and automated pull requests. These tools help detect anomalies, enforce policies, and suggest safer alternatives to risky actions.

On this page, you’ll learn how to:

• Review and merge security-related pull requests created by StepSecurity

• Understand and act on GitHub Checks triggered by Harden-Runner

• Interact with StepSecurity insights directly from your PRs and workflow runs