Hi everyone! I am Bjoern, the co-founder of Templarbit. We're excited to be on Product Hunt today launching Templarbit! Templarbit protects web applications from XSS attacks and other malicious activity. Previously Matthias and I worked together at a cyber security firm where we saw many vulnerability reports. After spending some time running engineering at another startup we realized there is a big need for a security solution that can easily be understood and deployed. Something that helps software teams protect what they are building. We reached out to friends and strangers at other software startups to see how they handle the security of their applications. Surprisingly to us, not many teams felt like they did a good job in that area, mostly due to lack of tools available to them. With the advent of browser support for Content Security Policies, there are new ways to protect against these attacks. Setting a CSP header is a great way to mitigate XSS attacks, but managing changes to the policy and having a reporting endpoint that gives you insights into what is being violated is still difficult. Templarbit helps with this. Our reporting dashboard can help you discover and fix violations in real-time and shows you in most cases exactly where in your app the issue exists. We'd love to hear your thoughts about what we’re building, so please feel free to comment or email: bjoern@templarbit.com

Congrats @zinssmeister!!

Not sure I understand the use case here. This problem is already solved by setting CSP headers in web server config (NGINX for instance). Same goes for REST apis that travel over https connections. Set same rules for those locations that serve data to app endpoints. And view the NGINX logs (/var/log/nginx) no? What else am I missing?

Looks super slick with the bright red. The documentation/resources page also looks sweet.

+1!