Explore the comprehensive guide to Content Security Policy (CSP) in this recorded talk from NDC Security in Oslo, Norway. Learn why this trending response header has become a PCI DSS requirement and how it unlocks powerful browser security features. Navigate through all CSP directives, enforcement modes, deprecations, fallbacks, and browser implementation variations with expert guidance. Discover efficient policy-building techniques, important considerations during implementation, and effective methods for handling user violation reports. Presented by Halvor Sakshaug, one of Stack Overflow's top answerers for Content Security Policy questions, this one-hour session provides valuable insights for both beginners and advanced practitioners to implement CSP correctly without risking website functionality.
Content Security Policy: From Newbie to Advanced
Overview
Syllabus
Content Security Policy: From newbie to advanced - Halvor Sakshaug - NDC Security 2025
Taught by
NDC Conferences
Related Courses
-
Defeating Cross-site Scripting with Content Security Policy 2
-
Web Hacking Expert - Full-Stack Exploitation Mastery
-
Fixing XSS with Content Security Policy
-
Scaling Content Security Policy: Enterprise Compliance and Third-Party Resource Management
-
Content Security Policy Reporting and Aggregation with Caspr - OWASP AppSec California 2015
-
Roadblocks for Content Security Policy (CSP) Implementation - Developer Challenges and Solutions
