Integrate Harden Runner App in Slack
with Axolo

Harden Runner is a GitHub application that provides supply chain security and prevents breaches like SolarWinds and Codecov. The service is designed to detect and prevent the exfiltration of credentials from GitHub Actions workflows, detect tampering of source code during the build process, and identify malicious tools and dependencies.

With Harden Runner, users can get a unified view of process, file, and network activity correlated with each step of the CI/CD pipeline. The service provides policy recommendations that enable users to secure each workflow based on what it does. For instance, users can set allowed endpoints based on outbound calls made in the previous workflow runs to prevent exfiltration of credentials.

Harden Runner also detects overwrite of source code during the build process. Users get details of the file overwritten, and the process that overwrote the file. The service provides email and Slack alerts to notify users when outbound calls are blocked or source code is overwritten.

The best part is that the application needs minimal permissions as it only requires actions: read permissions on your repositories. Users can install it on selected repositories or all repositories in their organization. With Harden Runner, users can rest assured that their supply chain is secure and that they are protected against potential breaches.

- Prevents exfiltration of credentials from GitHub Actions workflows
- Detects tampering of source code during the build process
- Detects malicious tools and dependencies
- Provides security insights
- Offers a unified view of process, file, and network activity correlated with each step of the CI/CD pipeline
- Provides policy recommendations
- Helps secure each workflow based on what it does
- Sets allowed endpoints based on outbound calls made in the previous workflow runs
- Prevents exfiltration of credentials
- Blocks DNS exfiltration and outbound network calls using an allowed list
- Detects overwrite of source code during build
- Provides details of the file overwritten and the process that overwrote the file
- Sends email and Slack alerts when outbound calls are blocked or source code is overwritten
- Requires minimal permissions, only needing actions: read permissions on your repositories
- Can be installed on selected repositories or all repositories in your organization.

The pricing for Harden Runner Community for personal accounts and organizations is $0.

Integrating Harden Runner App in Slack with Axolo is beneficial because it strengthens supply chain security and prevents breaches like SolarWinds and Codecov by detecting tampering of source code during the build process, preventing exfiltration of credentials from GitHub Actions workflows, and detecting malicious tools and dependencies. Additionally, with security insights and policy recommendations, you can get a unified view of process, file, and network activity correlated with each step of the CI/CD pipeline and secure each workflow based on what it does. With email and Slack alerts, you can get notifications when outbound calls are blocked, or source code is overwritten, ensuring that your code review process is secure and efficient.