Scaling Content Security Policy: Enterprise Compliance and Third-Party Resource Management

Explore the critical aspects of scaling Content Security Policy (CSP) and managing third-party resources in enterprise environments through this informative 43-minute conference talk from the OWASP Foundation. Delve into the rising threat of supply chain attacks and learn how to effectively implement CSP to enhance web application security. Discover practical strategies for automating CSP implementation across hundreds of applications, generating actionable insights for development teams, and addressing the challenges of javascript inventory management. Gain valuable knowledge on meeting evolving PCI requirements for payment page security and javascript monitoring. Benefit from the speakers' extensive experience in application security, perimeter defenses, and client-side security to understand and overcome the complexities of scaling frontend supply chain security solutions in large organizations.