Protect Your Site
Content Security Policy (CSP) Manager

Keep your site safe from credit card skimming and browser
hijacking by building and managing your CSP all in one place.

A CSP can protect your site from

Credit Card Skimming &
Cross-Site Scripting (XSS)

If malicious code is injected on your checkout pages, a CSP automatically blocks the code from sending payment information to the hacker’s domain.

Browser Hijacking
& Ad Injection

Computer malware causes unwanted (and often competitive) ads to appear on your site. A CSP prevents these ads from even loading on your customers’ browsers.

Piggyback Tags

One third-party tag could be loading tags from vendors you have not authorized. A CSP eliminates this security and GDPR/CCPA risk.

…and would have prevented these recent attacks


drop in stock price

October 2019


credit cards stolen

(and $230M in fines)

Aug 21, 2018 – Sep 5, 2018


credit cards stolen

Aug 14, 2018 – Sep 18, 2018

New to Content Security Policy?


How the Blue Triangle CSP Manager works


Inventory your site’s first and third-party domains

We start off by identifying what first and third-party domains are loading on your site. See who owns the domains, what pages they’re loading on, and what files they’re loading. This is powered by our Real User and Synthetic Monitoring.


Determine what domains to whitelist.

Now that you know what domains are loading on your site, quickly create a whitelist of approved domains, as well as what type of files they are allowed to load.


Auto-generate your Content Security Policy (CSP).

Once you approve the whitelist, Blue Triangle automatically generates a comprehensive CSP header and meta-tag that you can deploy in seconds.


Deploy CSP and stay secure.

Your CSP blocks any unknown or malicious domains from accessing your site. We’ll alert you as soon as a domain you have not whitelisted tries to access your site.

Not ready to block? Then stay in report-only mode as you fine-tune your CSP.

Key Features

Rapid CSP Implementation

We automate the process of creating and managing your CSP so you can implement it in minutes, not days.

Real-Time Alerting

Be notified as soon as there is a CSP violation.

Page-Level CSPs

Easily create page-level CSPs so you can create robust policies on your checkout pages, and more relaxed policies elsewhere.

Live Tracking

Track the performance of all your tags, files, and domains to ensure they aren’t impacting performance, revenue, or security.

Trusted by Samsung, Lenovo and PUMA.