CSP Tester 2.0 released
Today I'm announcing the release of CSP Tester 2.0. This brings with it a few new features as well as bug fixes. The main focus »
CSP violation report aggregation using Nginx only
There is a powerful feature of Content Security Policy called Reporting. Web application owner can specify special URI via report-uri directive to which the user agent »
X-Frame-Options or CSP frame-ancestors?
If you don't know about ClickJacking (UI Redressing) attack you can read the relevant article on OWASP website. There are two main ways to prevent ClickJacking: »
OWASP Russia MeetUp #4 tomorrow!
The first OWASP Russia MeetUp in 2016 will take place in Yandex office (Moscow) tomorrow, the 17th of March. The event will focus on mobile security. »
Highlight your CSP policy
It is common scenario when you need to show Content Security Policy example to the developers. If you use Highlight.js (syntax highlighter written in JavaScript) »