Stepsecurity

Stepsecurity company information, Employees & Contact Information

Explore related pages

Stepsecurity email format Stepsecurity management contacts

Related company profiles:

StepSecurity secures CI/CD at scale by enforcing runner-level network egress controls, providing secure, drop-in replacements for third-party actions, and ensuring only policy-compliant workflows run. Over 6000 open-source projects, including those from Cybersecurity and Infrastructure Security Agency (CISA), Google, Microsoft, Datadog, Kubernetes, Node, and Ruby, use StepSecurity to harden their CI/CD pipelines. Our enterprise tier is currently deployed at customers in the crypto, healthcare, and cybersecurity industries.

Company Details

Employees
20
Founded
-
Address
Seattle, Washington, Us
Industry
Computer And Network Security
Website
https://www.stepsecurity.io
Keywords
(AWS) disclosed a critical issue (Bulletin ID: AWS-2025-016) in its CodeBuild service. Security researchers demonstrated that a malicious contributor could submit a pull request (PR) which.
HQ
Seattle, Washington
Competitors
Step In Security, RunReveal, Cutshort, Sematext Group, Inc., Hashgraph, Unolo, AccuKnox, Plaid, Uptycs, Averlon.
Looking for a particular Stepsecurity employee's phone or email?

Stepsecurity Questions

News

Shai-Hulud: Self-Replicating Worm Compromises 500+ NPM Packages - StepSecurity

Shai-Hulud: Self-Replicating Worm Compromises 500+ NPM Packages StepSecurity

s1ngularity: Popular Nx Build System Package Compromised with Data-Stealing Malware - StepSecurity

s1ngularity: Popular Nx Build System Package Compromised with Data-Stealing Malware StepSecurity

GhostAction Campaign: Over 3,000 Secrets Stolen Through Malicious GitHub Workflows - StepSecurity

GhostAction Campaign: Over 3,000 Secrets Stolen Through Malicious GitHub Workflows StepSecurity

When AI Meets CI/CD: Coding Agents in GitHub Actions Pose Hidden Security Risks - StepSecurity

When AI Meets CI/CD: Coding Agents in GitHub Actions Pose Hidden Security Risks StepSecurity

Supply Chain Security Alert: num2words PyPI Package Shows Signs of Compromise - StepSecurity

Supply Chain Security Alert: num2words PyPI Package Shows Signs of Compromise StepSecurity

Suspicious Tag Movement in AWS’s GitHub Action: What Happened and Why It Matters - StepSecurity

Suspicious Tag Movement in AWS’s GitHub Action: What Happened and Why It Matters StepSecurity

Supply Chain Security Alert: eslint-config-prettier Package Shows Signs of Compromise - StepSecurity

Supply Chain Security Alert: eslint-config-prettier Package Shows Signs of Compromise StepSecurity

Introducing StepSecurity Threat Intelligence: Real-Time Supply Chain Attack Alerts for Your SIEM - StepSecurity

Introducing StepSecurity Threat Intelligence: Real-Time Supply Chain Attack Alerts for Your SIEM StepSecurity

Introducing the NPM Package Cooldown Check - StepSecurity

Introducing the NPM Package Cooldown Check StepSecurity

Another npm Supply Chain Attack: The 'is' Package Compromise - StepSecurity

Another npm Supply Chain Attack: The 'is' Package Compromise StepSecurity

When 'Changed Files' Changed Everything: Our Black Hat 2025 Presentation on the tj-actions Supply Chain Breach - StepSecurity

When 'Changed Files' Changed Everything: Our Black Hat 2025 Presentation on the tj-actions Supply Chain Breach StepSecurity

Lessons from AWS CodeBuild’s Memory-Dump Incident (CVE-2025-8217) - StepSecurity

Lessons from AWS CodeBuild’s Memory-Dump Incident (CVE-2025-8217) StepSecurity

Introducing Workflow Run Policies: Guardrails for Blocking Non-Compliant GitHub Actions Runs - StepSecurity

Introducing Workflow Run Policies: Guardrails for Blocking Non-Compliant GitHub Actions Runs StepSecurity

Evolving Harden-Runner’s disable-sudo Policy for Improved Runner Security - StepSecurity

Evolving Harden-Runner’s disable-sudo Policy for Improved Runner Security StepSecurity

Chainguard Secures GitHub Actions with StepSecurity - StepSecurity

Chainguard Secures GitHub Actions with StepSecurity StepSecurity

Introducing StepSecurity Artifact Monitor: Detect Unauthorized Software Releases in minutes, not months - StepSecurity

Introducing StepSecurity Artifact Monitor: Detect Unauthorized Software Releases in minutes, not months StepSecurity

Harden-Runner Detects New Traffic to release-assets.githubusercontent.com Across Multiple Customers - StepSecurity

Harden-Runner Detects New Traffic to release-assets.githubusercontent.com Across Multiple Customers StepSecurity

s1ngularity: supply chain attack leaks secrets on GitHub: everything you need to know - wiz.io

s1ngularity: supply chain attack leaks secrets on GitHub: everything you need to know wiz.io

StepSecurity Detects CI/CD Supply Chain Attack in Microsoft’s Open-Source Project Azure Karpenter Provider in Real-Time - StepSecurity

StepSecurity Detects CI/CD Supply Chain Attack in Microsoft’s Open-Source Project Azure Karpenter Provider in Real-Time StepSecurity

GitHub Action tj-actions/changed-files supply chain attack: everything you need to know - wiz.io

GitHub Action tj-actions/changed-files supply chain attack: everything you need to know wiz.io

Implementing an Internal GitHub Actions Marketplace with StepSecurity - StepSecurity

Implementing an Internal GitHub Actions Marketplace with StepSecurity StepSecurity

Confidently Manage Risks of Third-Party GitHub Actions in Your CI/CD: Insights from StepSecurity Webinar - StepSecurity

Confidently Manage Risks of Third-Party GitHub Actions in Your CI/CD: Insights from StepSecurity Webinar StepSecurity

Publish from GitHub Actions using multi-factor authentication - StepSecurity

Publish from GitHub Actions using multi-factor authentication StepSecurity

Attackers breach the NPM ecosystem by weaponizing ctrl tinycolor and infecting more than 40 packages with two million weekly downloads - Cyber Press

Attackers breach the NPM ecosystem by weaponizing ctrl tinycolor and infecting more than 40 packages with two million weekly downloads Cyber Press

Former Microsoft engineers raise $3M for cybersecurity startup StepSecurity - GeekWire

Former Microsoft engineers raise $3M for cybersecurity startup StepSecurity GeekWire

GitHub supply-chain attack signals possibility of more code chaos - IT Brew

GitHub supply-chain attack signals possibility of more code chaos IT Brew

The popular @ctrl/tinycolor package, downloaded over 2 million times per week, has been compromised along with over 40 other NPM packages in a sophisticated supply chain attack called 'Shai-Hulud.' - GIGAZINE

The popular @ctrl/tinycolor package, downloaded over 2 million times per week, has been compromised along with over 40 other NPM packages in a sophisticated supply chain attack called 'Shai-Hulud.' GIGAZINE

Companies like Stepsecurity

AccuKnox logo - Similar company to Stepsecurity

Accuknox

156
Step In Security logo - Similar company to Stepsecurity

Step In Security

NA
Cutshort logo - Similar company to Stepsecurity

Cutshort

51
Sematext Group, Inc. logo - Similar company to Stepsecurity

Sematext Group, Inc.

17
Averlon logo - Similar company to Stepsecurity

Averlon

21
Plaid logo - Similar company to Stepsecurity

Plaid

1.20K
Uptycs logo - Similar company to Stepsecurity

Uptycs

146
RunReveal logo - Similar company to Stepsecurity

Runreveal

14
Hashgraph logo - Similar company to Stepsecurity

Hashgraph

132
Unolo logo - Similar company to Stepsecurity

Unolo

40

Top Stepsecurity Employees

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant