Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Do you really want to delete this prezi?
Neither you, nor the coeditors you shared it with will be able to recover it again.
Make your likes visible on Facebook?
You can change this under Settings & Account at any time.
Content Security Policy
Transcript of Content Security Policy
Subresource Integrity (SRI)
Content Security Policy (CSP)
Cross-Origin Resource Sharing (CORS)
CSP and malware
CSP and MITM
Upgrade Insecure Requests
Strict Transport Security
Public Key Pins
Do use CSP, STS, PKP etc
Start with report-only mode
Develop CSP in steps
Use combined report-uri & console alerts
CSP fits well into agile & devops
Use as many CSP headers as needed
Avoid 'unsafe-' origins
Use sha256- origins instead
CSP standards are developing fast!
Entry Point Regulation
OWASP Russia 2015