Posted on 08 October 2017 in misc • Tagged with owasp, events, yandex
This Monday I had participated in OWASP Poland Day 2017 which took place in Krakow. It was one day mini conference with 2 tracks! Guys from OWASP Poland chapter had made a good job and had orginized it wery well. Especially for the first time! Hope that here in Russia …
Posted on 12 June 2017 in misc • Tagged with csp, csp-tester, firefox
Last versions of Firefox use new add-on format called WebExtensions. It is good news because this format is mostly compatible with the extension API supported by Chromium based browsers. So porting of CSP Tester
to WebExtensions format was trivial (only some lines in manifest.json). Glad to announce that CSP …
Posted on 12 November 2016 in misc • Tagged with events, owasp, zn, yandex
November, 2016 is rich for security events.
There are will two in the same time! The first one is ZeroNights will take place in Russia, Moscow. I like it because it is focused on practical aspects of information security. This time there will be 3+ talks from our Yandex security …
Posted on 09 May 2016 in misc • Tagged with csp, csp-tester, release
Today I'm announcing the release of CSP Tester 2.0. This brings with it a few new features as well as bug fixes. The main focus of this release was Content Security Policy Level 2 support.
In addition to CSP2 support, the following changes have been made:
There is a powerful feature of Content Security Policy called Reporting. Web application owner can specify special URI via report-uri directive to which the user agent will send reports about policy violation. In testing environment it helps to find missed resource inclusions so with enforced policy your web application will …