Report Collector

Content Security Policy report-uri endpoint. Classification, aggregation, analysis, alerting and more.

Start Free TrialView pricing

csper report dashboard
background waves

Features

Advance features to help you deploy and monitor CSP in minutes.

Report Grouping
content security policy report grouping

Similar reports are automatically grouped together — no more sifting through thousands or millions of individual violation reports.

Report Classifier
content security policy report classification

The report classifier allows you to filter out the reports that don't matter, such as extensions and bots.

Realtime
content security policy report-uri realtime

View your reports as they are happening. Sub-second realtime events allow you to act faster.

Alerts
content security policy alert

Get alerted on suspicious violation reports or when there's a spike of reports.

Policy Evaluator
content security policy evaluation security

Get security recommendations and insights on your policies to stay up to date with the latest best practices.

Automatic Policy Generator
automatic content security policy builder

Csper automatically generates secure policies based on previously seen reports.

background waves

How It Works

Content Security Policy has a feature called report-uri. When report-uri is enabled, browsers will send a JSON payload to a specified web endpoint whenever there's a violation. Csper collects these JSON payloads and performs analysis on them.

Getting started with report-uri is as simple as adding a url to your existing content-security-policy. If your website doesn't use content security policy, then it's as simple as setting an HTTP header. Csper helps website owners get started either way.

Product Overview

  • Realtime: A dashboard showing incoming reports as they are received.
  • Reports: Search through reports by classification, directive, policy and more.
  • Policy: View a list of all seen policies and their respective report counts.
  • Policy Builder: Automatically build new policies based of existing reports.
  • Inline Reports: View a list of all inline elements to be moved to their own file.
  • Policy Evaluator: Receive security recommendations for your policy.
  • Alert Settings: Setup alerts for detecting in realtime attempted XSS's and alert spikes.
  • Custom Domain: Setup custom endpoint URLs for receiving reports.
  • User Management: Invite multiple people to a project to inspect reports.
background waves

Ready to get Started?

Start Free TrialView pricing

Product Demo