Free Post CSP Overriding HTTP Response Headers in Chrome Dev Tools There's a new feature in Chrome Dev Tools that's going to make it easier than ever to get started with Security Headers like Content Security Policy! Let's take a look...
Free Post Report URI Report URI: Major new features, Threat Intelligence and more! As Report URI has continued to grow, we're constantly hearing about new things that our users want. Alongside maintaining the site, fixing bugs and constantly scaling, we're always listening to...
Free Post CSP Top 1 Million Analysis - June 2022 Thanks to the sponsorship provided by Venafi for this post, we have another Top 1 Million Analysis just 6 months after the last one in November 2021! Let's take a...
Free Post Report URI Increasing entropy in our CSP nonces I've talked many times about CSP and CSP nonces, the easy way to control JavaScript on your page, but someone recently pointed out an area we could improve. Report URI...
Free Post CSP PCI DSS 4.0; It's time to get serious on Magecart The latest version of PCI DSS just dropped and it's really awesome to see that one of the most notorious threats that we face online when it comes to payment...
Free Post Crawler Report Top 1 Million Analysis - November 2021 Wow! It's been quite a while since I've had time to do my regular analysis of security in the Top 1 Million site, but it's happening again! As it's been...
Free Post Report URI Report URI is now using CSP nonces in an enforced policy Hurrah! Sometimes it takes a little while for projects to make it through your backlog and into production, but the nonce-based policy for CSP on Report URI can now be...
Free Post CSP I turned on CSP and all I got was this crappy lawsuit! Yes, you did read that right. It turns out that enabling CSP on your website, specifically CSP nonces, is enough for you to get threatening letters about patent infringement! I've...
Free Post Report URI Report URI Penetration Test In line with our constant desire to improve and offer the best service we can, Report URI recently went through an independent penetration test as many other companies and organisations...
Free Post Security Headers Top 1 Million Analysis - March 2020 It's time for another 6 month update on the state of security online that's a little late! This is the second report using the new data source that was announced...
Follow