# Getting Started with Harden Runner This guide walks you through the steps to set up and use [Harden-Runner](https://docs.stepsecurity.io/harden-runner) in your CI/CD workflows. {% hint style="info" %} **Note**: You can automatically add Harden-Runner using [Secure Workflow](https://docs.stepsecurity.io/getting-started/quickstart-community-tier/getting-started-with-secure-workflow) {% endhint %} #### **Step 1: Add Harden-Runner to Your Workflow** To integrate Harden-Runner, follow these steps: * Open your GitHub Actions workflow file (e.g., `.github/workflows/.yml`). * Add the following code as the first step in each job: ```yaml steps: - uses: step-security/harden-runner@v2 # v2.10.3 with: egress-policy: audit ``` #### **Step 2: Access Security Insights** Run your workflow. Once completed: * Review the **workflow logs** and the **job markdown summary**. * Look for a link to **security insights and recommendations**.

Screenshot of a GitHub Actions build log showing the successful execution of a StepSecurity Harden Runner job. The build process includes three completed steps: ✔ Set up job ✔ Pre Harden Runner ✔ Harden Runner The log shows the command “Run step-security/harden-runner” with a specific commit SHA (@2e205a28d0e1da00c5f53b161f4067b052c61f34). Below, a highlighted message in green text directs the user to “View security insights and recommended policy” with a link to StepSecurity’s application dashboard (https://app.stepsecurity.io/...). The URL is enclosed in a red oval highlight — Github Actions build log

Click on the provided link (e.g.,[ example link](https://app.stepsecurity.io/github/step-security/github-actions-goat/actions/runs/7704454287?jobid=20996777560\&tab=network-events)) to access the **Process Monitor View**, which displays: * **Network events**: Outbound network calls correlated with each step. * **File events**: File writes tracked during the job.