Website

Ultimate protection
against supply chain attacks

Ensure all eligible JavaScript on your website is being loaded with the protection of SRI

Get Started Documentation

Powerful Features

Leveraging cutting-edge capabilities in modern web browsers opens up a whole new realm of possibilities:

  • Protect against compromise in your JavaScript Supply Chain
  • Prevent any malicious changes to 3rd-party and 4th-party dependencies
  • Subresource Integrity (SRI) is supported by all modern browser
  • Spot any JavaScript assets that are being loaded without protection
  • Load the JavaScript and alert, or block the script, you decide
  • Enhanced Threat Intelligence capabilities to enrich data

What is Integrity Policy?

Integrity Policy allows you to monitor and even require the use of a powerful feature on your website called Subresource Integrity, or SRI. By using SRI, you can load JavaScript with 100% confidence that is has not been tampered with or modified in any way.

View our dedicated JavaScript Integrity Monitoring solution page for more detailed information.

JavaScript Integrity Monitoring

Monitor your dependencies

It's now easy to monitor changes in your JavaScript dependencies and receive an alert as soon as they happen. You can immediately investigate if new dependencies are expected, or possibly the first sign of an attack.

Our Script Watch product allows you to have monitoring setup in minutes, even if you haven't created a Content Security Policy yet!

Script Watch

The CSP Wizard

We often find that creating a CSP is the first difficult step that organisations face. Having a complete list of all resource dependencies across your entire site like images, scripts or styles, from both 1st-party and 3rd-party locations, is tough to achieve.

The CSP Wizard was created to solve this problem, and in seven days or less, it can you give a complete list of all resources used across your entire site.

With the list of all resources you use on your site, and our easy to use tool, creating a viable Content Security Policy is easier than ever with just a few clicks.

Documentation

The CSP Builder

All Content Security Policies will need to be tweaked at some point. New resources may be added to the site or old resources removed, and the policy needs to be updated to reflect those changes and kept up to date.

You can import your existing policy into the CSP Builder and use our fully featured tool to make any changes that you require right there in the UI. When you're done, hit Generate, and the CSP Builder will provide you with your new, updated policy.

CSP Builder

Related Features

We use Content Security Policy to power many of our features, here are some that you may be interested in reading more about.

Script Watch

Real-time alerting to changes in your JavaScript dependencies.

Script Watch
Data Watch

Track changes to where your website is sending data in real-time.

Data Watch
PCI DSS Compliance

Meet your obligations under PCI DSS 4.0 with CSP and our service.

PCI DSS Compliance
Threat Intelligence

Detect Indicators of Compromise to know if your site is breached.

Threat Intelligence