Overview
Explore Content-Security-Policy (CSP) reporting and aggregation in this conference talk from OWASP AppSec California 2015. Dive into the background of CSP and violation reports, and discover Caspr, a free and open-source tool for collecting, aggregating, and analyzing CSP violation reports. Learn how to use Caspr effectively and explore other tools surrounding CSP violation reports, including Enforcer, a Chrome extension for forcing CSP on websites, and csp-tools, a suite of command-line tools for managing CSP reports. Gain insights into the importance of CSP in eliminating potential XSS vulnerabilities and understand how violation reports can help gauge the effectiveness of your security policies. Presented by Stuart Larsen, this 51-minute talk offers valuable knowledge for web developers and security professionals looking to enhance their website's security through Content-Security-Policy implementation and analysis.
Syllabus
Caspr and Friends - Stuart Larsen - OWASP AppSec California 2015
Taught by
OWASP Foundation