Skip to main content

Email/Slack Notifications

With the StepSecurity Actions Security GitHub App installed, you can set up Slack and email notifications for runtime security detections. The app prevents alert fatigue by showing each notification once. Remember, these notification settings will apply to all repositories within your GitHub organization.

How to check if the App is installed?

To quickly verify if the Harden-Runner GitHub App is installed, visit the notifications settings page by clicking the Notification icon near the Recommended Policy heading on the Insights page.

Harden Runner Notification Settings

If the app isn't installed, you'll see a specific message prompting you to install it, with instructions provided on the page.

Harden Runner App Not Installed

If the app is already installed, you'll see the notification settings.

Email Notifications

On the notifications settings page, enter your monitoring email address in the Email textbox to receive notifications. Select the relevant events from the Notification Events section, then click Save.

Email Notification Setup

After updating the email notification settings, you'll start receiving alerts from bot@stepsecurity.io. Here's an example of such an email: Sample Notification Email

Slack Notifications

Similar to email notifications, you can setup Slack notifications on the notification settings page by providing a Slack Webhook. Please follow these instructions to create a Slack Webhook. Once you have a webhook, update appropriate notification settings. Slack Notification Setup

Here is a sample Slack notification: Sample Notification Slack