From c9c5f3273c74d0365949a3aa120e85977f51d1ef Mon Sep 17 00:00:00 2001 From: eromosele-stepsecurity Date: Tue, 14 Jan 2025 20:15:06 +0100 Subject: [PATCH] Handle Ashish reviews --- docs/how-it-works.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/how-it-works.md b/docs/how-it-works.md index 10aacec..06af8bc 100644 --- a/docs/how-it-works.md +++ b/docs/how-it-works.md @@ -5,16 +5,17 @@ For GitHub-hosted runners, Harden-Runner GitHub Action downloads and installs the StepSecurity Agent. - The code to monitor file, process, and network activity is in the Agent. -- The agent is written in Go and is open source at https://github.com/step-security/agent +- The agent is written in Go and can be found [here](https://github.com/step-security/agent) - The agent's build is reproducible. You can view the steps to reproduce the build [here](http://app.stepsecurity.io/github/step-security/agent/releases/latest) ### Self-Hosted Actions Runner Controller (ARC) Runners - ARC Harden Runner daemonset uses eBPF -- You can find more details in this blog post: https://www.stepsecurity.io/blog/introducing-harden-runner-for-kubernetes-based-self-hosted-actions-runners +- You can find more details in this [blog post](https://www.stepsecurity.io/blog/introducing-harden-runner-for-kubernetes-based-self-hosted-actions-runners) - ARC Harden Runner is NOT open source. ### Self-Hosted VM Runners (e.g. on EC2) - For self-hosted VMs, you add the Harden-Runner agent into your runner image (e.g. AMI). +- You can find more details in this [blog post](https://www.stepsecurity.io/blog/ci-cd-security-for-self-hosted-vm-runners) - Agent for self-hosted VMs is NOT open source. \ No newline at end of file