listen.dev Documentation

Quick start

Get up and running in under a minute by following the linked guide

What is listen.dev?

listen.dev provides proactive security monitoring natively within GitHub Actions. It tracks network, file, and process behaviors during CI/CD workflows, flagging any anomalous or malicious activities to ensure the integrity of your software releases.

It allows for:

• Runtime Monitoring: Observe network, file, and process activities in your pipeline at every change

• Threat detection: Identify suspicious activities, such as unauthorized IP connections or code overwrites, as well as pre-built detections against common supply chain attack vectors.

• In-Line Context: Get actionable insights directly within your existing code reviews and workflows with the context you need to resolve issues.

How can i use listen.dev in my workflows?

Integrating listen.dev into your workflows is a simple and quick process.

1. Integrate using GitHub Actions: Add listen.dev as a step in your GitHub Actions workflow file through native integration to start monitoring every step.

2. Alerting & Feedback: See runtime context for each workflow run and step, and pipe events into your tools via webhooks.