From bdd4bdd2832c110953f4d0018f1e848a8d3d7948 Mon Sep 17 00:00:00 2001
From: Varun Sharma <varunsh@stepsecurity.io>
Date: Thu, 10 Mar 2022 09:36:49 -0800
Subject: [PATCH] Update README.md

---
 README.md | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index b45c56e..df44c42 100644
--- a/README.md
+++ b/README.md
@@ -1,10 +1,6 @@
-<p align="left">
-  <img src="https://step-security-images.s3.us-west-2.amazonaws.com/Final-Logo-06.png" alt="Step Security Logo" width="340">
-</p>
+# Security agent for Github-hosted runner
 
-# Software Supply Chain Security
-
-This GitHub Action can be used to visualize process, file, and network activity from your GitHub Actions workflows in a web UI. It can also be used to restrict outbound traffic to allowed endpoints.  
+Harden-Runner GitHub Action installs a security agent on the Github-hosted runner to prevent exfiltration of credentials, monitor the build process, and detect compromised dependencies.  
 
 ## Problem
 Hijacked dependencies and compromised build tools typically make outbound requests during the build process to exfiltrate data or credentials. This was the case in the [Codecov breach](https://www.bleepingcomputer.com/news/security/popular-codecov-code-coverage-tool-hacked-to-steal-dev-credentials/), in the [dependency confusion attacks](https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610), and the recent [npm package hijacks](https://github.com/faisalman/ua-parser-js/issues/536).