diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 76b4dd5..ba45079 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -30,7 +30,7 @@ jobs:
 
     steps:
       - name: 'Harden Runner'
-        uses: 'step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176' # v2.17.0
+        uses: 'step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df' # v2.18.0
         with:
           egress-policy: 'audit'
 
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index 565015f..8cf7404 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: 'ubuntu-latest'
     steps:
       - name: 'Harden Runner'
-        uses: 'step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176' # v2.17.0
+        uses: 'step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df' # v2.18.0
         with:
           egress-policy: 'audit'
 
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 68d5a9b..062acf5 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -18,7 +18,7 @@ jobs:
 
     steps:
       - name: 'Harden Runner'
-        uses: 'step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176' # v2.17.0
+        uses: 'step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df' # v2.18.0
         with:
           egress-policy: 'audit'