Enable Runtime Security (GitHub-Hosted Runner)
To enable Runtime Security for GitHub-Hosted Runner (Ubuntu VM), add the step-security/harden-runner GitHub Action to each job of your workflows.
name: Harden Runner
Harden-Runner GitHub Action downloads and installs the open-source Harden-Runner Agent which monitors file, process, and network activity during the job run.
In the workflow logs, you will see a link to security insights and recommendations. Click on the link. You will see a process monitor view of file and network activities correlated with each step of the job.
For a demo of a workflow with Runtime Security enabled, please refer to following links:
Example workflow run: https://github.com/DataDog/stratus-red-team/actions/runs/5529644862