Previously Matthias and I worked together at a cyber security firm where we saw many vulnerability reports. After spending some time running engineering at another startup we realized there is a big need for a security solution that can easily be understood and deployed. Something that helps software teams protect what they are building. We reached out to friends and strangers at other software startups to see how they handle the security of their applications. Surprisingly to us, not many teams felt like they did a good job in that area, mostly due to lack of tools available to them.
With the advent of browser support for Content Security Policies, there are new ways to protect against these attacks. Setting a CSP header is a great way to mitigate XSS attacks, but managing changes to the policy and having a reporting endpoint that gives you insights into what is being violated is still difficult. Templarbit helps with this. Our reporting dashboard can help you discover and fix violations in real-time and shows you in most cases exactly where in your app the issue exists.