Step Security

Cybersecurity startup to thwart software supply chain attacks

---

All organizations release software using CI/ CD pipelines. Pipelines are defined in pipeline-as-code files. These are typically YAML files that are checked-in to source control.

Step Security improves the security of CI/ CD pipelines by automatically enabling security features in pipeline-as-code files.

Get Started

1. Have a look at changes made to some real pipeline-as-code files below.
2. Try the Step Security GitHub App on Supply Chain Goat.
3. Install the Step Security GitHub App on your organization or repository.

Pipeline-as-code files secured

Pull requests that show changes made to GitHub workflows in real repositories:

1. https://github.com/actions/starter-workflows/pull/1072/files

2. https://github.com/wagoid/commitlint-github-action/pull/231/files

3. https://github.com/cedrickring/golang-action/pull/36/files