Introduction to Semgrep Semgrep is an open-source static analysis tool that helps catch security vulnerabilities, misconfiguration, and deviations from standard practices. It’s a powerful tool that can be leveraged to write rules to detect specific or generic security and non-security-related issues and loopholes. It supports more than 20+ languages and is used by many top …

Content security policies help web applications defend against cross-site scripting and Clickjacking attacks. It’s a defense-in-depth approach towards preventing client side injection attacks – especially XSS. It is basically a policy that limits the types of resources loaded in an application. The policy is set through an HTTP response header or meta tag, which the …