May 19, 2022
Content Security Policy (CSP) is a W3C standard that helps defend web applications against cross-site scripting (XSS), clickjacking, and other code injection attacks by blocking web browsers from loading potentially dangerous resources (i.e., malicious script injections) when they do not comply with your policy. CSP reporting provides critical visibility into CSP violations, allowing you to build effective policies and ensure that they are configured correctly.
In this Datadog on session, Andrew Krug, Lead Security Evangelist, will chat with Jean-Baptiste Aviat, Staff Engineer, and Ayaz Badouraly, Site Reliability Engineer. They will explore how Datadog engineers collect CSP reports and use them to detect and analyze violations. They'll also walk through how Datadog’s built-in security rules can automatically notify about noteworthy trends in CSP violations, which may be triggered by problematic deployments or misconfigurations.