Building a Content Security Policy

Tuesday, 19 Aug 2014 1:00PM EDT (19 Aug 2014 17:00 UTC)
Speaker: Eric Johnson

Content Security Policy is gaining traction as a strong client side mitigating control for preventing Cross-Site Scripting attacks. However, because it is a relatively new security feature with inconsistent browser support, we are seeing very few CSP implementations in production environments. In this talk, we will explore the features available in CSP 1.0, what is coming in CSP 1.1, and how you can go about building a CSP in your web applications. We will also cover a few CSP tools that are available, and how they can help automate the process.

Login to Register

Related Content

CLD_-_Aviata_Cloud_Solo_Flight_Challenge_-_General_-_Workshop_340_x_340.jpg

Aviata Cloud Solo Flight Challenge

Master cloud security by tackling this free series of workshops.

SANS Cloud Security

Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, Artificial Intelligence (AI)

A Visual Summary of SANS New2Cyber Summit 2024

Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024

CLD_-_Blog_-_Prevent_Cloud_Incidents_from_Becoming_Cloud_Breaches_340_x_340.jpg

Prevent Cloud Incidents from Becoming Cloud Breaches

Explore the mission of the newly renamed SEC510: Cloud Security Controls and Mitigations.