How to use CSP to stop XSS
KENNETH LEE PRODUCT SECURITY ENGINEER, ETSY INC.
Kenneth Lee (@Kennysan) is a product security engineer at Etsy.com working on everything from HTTP security headers to shattering the site with new vulnerabilities. Previously, Kenneth worked at FactSet Research Systems preventing The Hackers from stealing financial data. He went to Columbia and got an MS in computer science focusing on computer security. Between sweet hacks, Kenneth enjoys drinking tea and force feeding Etsy's operations team with Japanese chocolates.
Tools released for this presentation available on github here: https://github.com/Kennysan/CSPTools