diff --git a/.github/workflows/android.yml b/.github/workflows/android.yml
index fd1f0925..2553fee1 100644
--- a/.github/workflows/android.yml
+++ b/.github/workflows/android.yml
@@ -187,7 +187,7 @@ jobs:
       pull-requests: "read"
     steps:
       - name: "Setup: Harden Runner"
-        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
         with:
           egress-policy: ${{ inputs.network || 'audit' }}
       - name: "Setup: Checkout"
diff --git a/.github/workflows/bazel.hardened.yml b/.github/workflows/bazel.hardened.yml
index 0cd1210e..c1095a6a 100644
--- a/.github/workflows/bazel.hardened.yml
+++ b/.github/workflows/bazel.hardened.yml
@@ -155,7 +155,7 @@ jobs:
       hashes: ${{ steps.hash.outputs.hashes }}
     steps:
       - name: "Setup: Harden Runner"
-        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
         with:
           egress-policy: ${{ inputs.network || 'audit' }}
       - name: "Setup: Checkout"
diff --git a/.github/workflows/bazel.yml b/.github/workflows/bazel.yml
index d0ace733..82dd0085 100644
--- a/.github/workflows/bazel.yml
+++ b/.github/workflows/bazel.yml
@@ -134,7 +134,7 @@ jobs:
       hashes: ${{ steps.hash.outputs.hashes }}
     steps:
       - name: "Setup: Harden Runner"
-        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
         with:
           egress-policy: ${{ inputs.network || 'audit' }}
       - name: "Setup: Checkout"
diff --git a/.github/workflows/check.actions-lint.ci.yml b/.github/workflows/check.actions-lint.ci.yml
index db6cd8b2..d1949dcb 100644
--- a/.github/workflows/check.actions-lint.ci.yml
+++ b/.github/workflows/check.actions-lint.ci.yml
@@ -66,7 +66,7 @@ jobs:
         pull-requests: "read"
     steps:
         - name: "Setup: Harden Runner"
-          uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+          uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
           with:
             egress-policy: ${{ inputs.network || 'audit' }}
         - name: "Setup: Checkout"
diff --git a/.github/workflows/check.dependency-review.yml b/.github/workflows/check.dependency-review.yml
index 8b47a127..804fa66d 100644
--- a/.github/workflows/check.dependency-review.yml
+++ b/.github/workflows/check.dependency-review.yml
@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Setup: Harden Runner"
-        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
         with:
           egress-policy: ${{ inputs.network || 'audit' }}
       - name: "Setup: Checkout Repository"
diff --git a/.github/workflows/check.scorecards.yml b/.github/workflows/check.scorecards.yml
index 1ea8e9b5..a0c50afa 100644
--- a/.github/workflows/check.scorecards.yml
+++ b/.github/workflows/check.scorecards.yml
@@ -27,7 +27,7 @@ jobs:
       actions: read
     steps:
       - name: "Setup: Harden Runner"
-        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
         with:
           egress-policy: ${{ inputs.network || 'audit' }}
       - name: "Setup: Checkout"
diff --git a/.github/workflows/check.yaml-lint.ci.yml b/.github/workflows/check.yaml-lint.ci.yml
index 09a7fc33..c3a54820 100644
--- a/.github/workflows/check.yaml-lint.ci.yml
+++ b/.github/workflows/check.yaml-lint.ci.yml
@@ -62,7 +62,7 @@ jobs:
         pull-requests: "read"
     steps:
         - name: "Setup: Harden Runner"
-          uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+          uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
           with:
             egress-policy: ${{ inputs.network || 'audit' }}
         - name: "Setup: Checkout"
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
index 792ce450..ea270e4f 100644
--- a/.github/workflows/container.yml
+++ b/.github/workflows/container.yml
@@ -163,7 +163,7 @@ jobs:
       labels: ${{ steps.meta.outputs.labels }}
     steps:
         - name: "Setup: Harden Runner"
-          uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+          uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
           with:
             egress-policy: ${{ inputs.network || 'audit' }}
         - name: "Setup: Checkout"
diff --git a/.github/workflows/jvm.gradle.yml b/.github/workflows/jvm.gradle.yml
index f61b5f05..cffd0549 100644
--- a/.github/workflows/jvm.gradle.yml
+++ b/.github/workflows/jvm.gradle.yml
@@ -234,7 +234,7 @@ jobs:
       pull-requests: "read"
     steps:
       - name: "Setup: Harden Runner"
-        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
         with:
           egress-policy: ${{ inputs.network || 'audit' }}
       - name: "Setup: Checkout"
diff --git a/.github/workflows/jvm.maven.yml b/.github/workflows/jvm.maven.yml
index 587d169f..d2aad4a1 100644
--- a/.github/workflows/jvm.maven.yml
+++ b/.github/workflows/jvm.maven.yml
@@ -146,7 +146,7 @@ jobs:
       pull-requests: "read"
     steps:
       - name: "Setup: Harden Runner"
-        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
         with:
           egress-policy: ${{ inputs.network || 'audit' }}
       - name: "Setup: Checkout"
diff --git a/.github/workflows/lint.action.yml b/.github/workflows/lint.action.yml
index 1af30828..c49d7039 100644
--- a/.github/workflows/lint.action.yml
+++ b/.github/workflows/lint.action.yml
@@ -28,7 +28,7 @@ jobs:
         pull-requests: "read"
     steps:
         - name: "Setup: Harden Runner"
-          uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+          uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
           with:
             egress-policy: ${{ inputs.network || 'audit' }}
         - name: "Setup: Checkout"
diff --git a/.github/workflows/stub.yml b/.github/workflows/stub.yml
index 8d1edc97..aba4c6a1 100644
--- a/.github/workflows/stub.yml
+++ b/.github/workflows/stub.yml
@@ -13,7 +13,7 @@ jobs:
         runs-on: ubuntu-latest
         steps:
           - name: "Setup: Harden Runner"
-            uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+            uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
             with:
               egress-policy: audit
           - name: "Emit Message"