From e93f996c29744875c515017db905c02640a7f234 Mon Sep 17 00:00:00 2001
From: Varun Sharma <varunsh@stepsecurity.io>
Date: Fri, 10 Dec 2021 12:26:08 -0800
Subject: [PATCH 1/3] Update README.md

---
 README.md | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index 331cbdd..2b9345f 100644
--- a/README.md
+++ b/README.md
@@ -2,26 +2,26 @@
   <img src="https://step-security-images.s3.us-west-2.amazonaws.com/Final-Logo-06.png" alt="Step Security Logo" width="340">
 </p>
 
-# Harden Runner
+# Policy-based Runtime Security for GitHub Actions
 
-First-of-its-kind technology that automatically discovers and correlates outbound traffic with each step of a GitHub Actions workflow.
+First-of-its-kind patent-pending technology that automatically discovers and correlates outbound traffic with each step of a GitHub Actions workflow.
 
-To use this GitHub Action, add the following code to your GitHub Actions workflow file as the first step. 
+1. Add this code to your GitHub Actions workflow file as the first step. 
 
 ```
 steps:
-    - uses: step-security/harden-runner@v1
-      with:
-        egress-policy: audit
+  - uses: step-security/harden-runner@v1
+    with:
+      egress-policy: audit
 ```
 
-In the workflow logs, you should see a link to security insights and recommendations.  
+2. In the workflow logs, you will see a link to security insights and recommendations.  
 
 <p align="left">
   <img src="https://step-security-images.s3.us-west-2.amazonaws.com/build_log_link.png" alt="Link in build log" >
 </p>
 
-Click on the link ([example link](https://app.stepsecurity.io/github/nvm-sh/nvm/actions/runs/1547131792)) to view security insights and recommended egress policy (example below). 
+3. Click on the link ([example link](https://app.stepsecurity.io/github/nvm-sh/nvm/actions/runs/1547131792)) to view security insights and recommended egress policy (example below). 
 
 <p align="left">
   <img src="https://step-security-images.s3.us-west-2.amazonaws.com/insights.png" alt="Step Security Logo" >
@@ -30,4 +30,4 @@ Click on the link ([example link](https://app.stepsecurity.io/github/nvm-sh/nvm/
   <img src="https://step-security-images.s3.us-west-2.amazonaws.com/policy.png" alt="Step Security Logo" >
 </p>
 
-You can then add the correlated outbound endpoints to your workflow file, and only traffic to these endpoints will be allowed, thereby reducing risk from software supply chain attacks.
+4. Add the recommended outbound endpoints to your workflow file, and only traffic to these endpoints will be allowed.

From 335a07fd38928cf4aa99ce0d6653cfb6daa52e3c Mon Sep 17 00:00:00 2001
From: Varun Sharma <varunsh@stepsecurity.io>
Date: Fri, 10 Dec 2021 12:28:57 -0800
Subject: [PATCH 2/3] Update README.md

---
 README.md | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 2b9345f..9e1b658 100644
--- a/README.md
+++ b/README.md
@@ -11,8 +11,9 @@ First-of-its-kind patent-pending technology that automatically discovers and cor
 ```
 steps:
   - uses: step-security/harden-runner@v1
-    with:
-      egress-policy: audit
+      with:
+        egress-policy: audit
+  - uses: actions/checkout@v2
 ```
 
 2. In the workflow logs, you will see a link to security insights and recommendations.  
@@ -31,3 +32,14 @@ steps:
 </p>
 
 4. Add the recommended outbound endpoints to your workflow file, and only traffic to these endpoints will be allowed.
+
+```
+steps:
+      - uses: step-security/harden-runner@v1
+        with:
+          allowed-endpoints:
+            github.com:443
+            nodejs.org:443
+            registry.npmjs.org:443
+      - uses: actions/checkout@v2
+```
\ No newline at end of file

From 97cc62aa0599c230273c1aa9f80129f81f835ecc Mon Sep 17 00:00:00 2001
From: Varun Sharma <varunsh@stepsecurity.io>
Date: Fri, 10 Dec 2021 12:31:06 -0800
Subject: [PATCH 3/3] Update README.md

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 9e1b658..2066fbe 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@
 
 # Policy-based Runtime Security for GitHub Actions
 
-First-of-its-kind patent-pending technology that automatically discovers and correlates outbound traffic with each step of a GitHub Actions workflow.
+First-of-its-kind patent-pending technology that automatically correlates outbound traffic with each step of a workflow.
 
 1. Add this code to your GitHub Actions workflow file as the first step. 
 
@@ -22,7 +22,7 @@ steps:
   <img src="https://step-security-images.s3.us-west-2.amazonaws.com/build_log_link.png" alt="Link in build log" >
 </p>
 
-3. Click on the link ([example link](https://app.stepsecurity.io/github/nvm-sh/nvm/actions/runs/1547131792)) to view security insights and recommended egress policy (example below). 
+3. Click on the link ([example link](https://app.stepsecurity.io/github/nvm-sh/nvm/actions/runs/1547131792)). 
 
 <p align="left">
   <img src="https://step-security-images.s3.us-west-2.amazonaws.com/insights.png" alt="Step Security Logo" >