From 5121d63034baf7345d0083e647ed8d786112c52b Mon Sep 17 00:00:00 2001
From: Varun Sharma <varunsh@stepsecurity.io>
Date: Tue, 28 Dec 2021 16:31:24 -0800
Subject: [PATCH] Update README.md

---
 README.md | 42 +++++++++++++++++++++++++++---------------
 1 file changed, 27 insertions(+), 15 deletions(-)

diff --git a/README.md b/README.md
index 2066fbe..3fb621e 100644
--- a/README.md
+++ b/README.md
@@ -2,19 +2,22 @@
   <img src="https://step-security-images.s3.us-west-2.amazonaws.com/Final-Logo-06.png" alt="Step Security Logo" width="340">
 </p>
 
-# Policy-based Runtime Security for GitHub Actions
+# Runtime Security for GitHub Actions
 
+Harden the Ubuntu VM on which GitHub Actions runs your workflows.
+
+## Prevent DNS exfiltration and exfiltration of credentials
 First-of-its-kind patent-pending technology that automatically correlates outbound traffic with each step of a workflow.
 
-1. Add this code to your GitHub Actions workflow file as the first step. 
+1. Add `step-security/harden-runner@v1` to your GitHub Actions workflow file as the first step. 
 
-```
-steps:
-  - uses: step-security/harden-runner@v1
-      with:
-        egress-policy: audit
-  - uses: actions/checkout@v2
-```
+    ```
+    steps:
+      - uses: step-security/harden-runner@v1
+          with:
+            egress-policy: audit
+      - uses: actions/checkout@v2
+    ```
 
 2. In the workflow logs, you will see a link to security insights and recommendations.  
 
@@ -22,19 +25,19 @@ steps:
   <img src="https://step-security-images.s3.us-west-2.amazonaws.com/build_log_link.png" alt="Link in build log" >
 </p>
 
-3. Click on the link ([example link](https://app.stepsecurity.io/github/nvm-sh/nvm/actions/runs/1547131792)). 
+3. Click on the link ([example link](https://app.stepsecurity.io/github/nvm-sh/nvm/actions/runs/1547131792)). You will see outbound traffic made by each step.
 
 <p align="left">
-  <img src="https://step-security-images.s3.us-west-2.amazonaws.com/insights.png" alt="Step Security Logo" >
+  <img src="https://step-security-images.s3.us-west-2.amazonaws.com/insights1.png" alt="Insights from harden-runner" >
 </p>
 <p align="left">
-  <img src="https://step-security-images.s3.us-west-2.amazonaws.com/policy.png" alt="Step Security Logo" >
+  <img src="https://step-security-images.s3.us-west-2.amazonaws.com/policy.png" alt="Policy recommended by harden-runner" >
 </p>
 
 4. Add the recommended outbound endpoints to your workflow file, and only traffic to these endpoints will be allowed.
 
-```
-steps:
+   ```
+    steps:
       - uses: step-security/harden-runner@v1
         with:
           allowed-endpoints:
@@ -42,4 +45,13 @@ steps:
             nodejs.org:443
             registry.npmjs.org:443
       - uses: actions/checkout@v2
-```
\ No newline at end of file
+    ```
+
+## Workflows using harden-runner
+
+1. https://github.com/nvm-sh/nvm/tree/master/.github/workflows
+2. https://github.com/shivammathur/setup-php/blob/master/.github/workflows/node-release.yml
+
+## Try it out
+
+[Hands-on tutorials](https://github.com/step-security/supply-chain-goat) to learn how `harden-runner` prevents software supply chain attacks.