Test and monitor your Content Security Policy in real-time.

Website report

CSP is essential for all websites

Content Security Policy is a web security feature allowing to detect and mitigate various types of attacks such as Cross-site scripting (XSS) and data injections. These attacks are used to steal data, deface websites and distribute malwares.

But using CSP is not easy. Policies are hard to write, hard to test, and hard to monitor. We want to change that.

Reporting made easy

CSPWatch uses the CSP reporting mechanism to monitor your websites in real-time. It collects and aggregates reports, then alerts you about violations.

You can now check in realtime what elements on your website are being blocked, and adapt your rules to allow legitimate actions while being aware of potential risks.

CSPWatch groups similar reports: once you have marked a group as handled, you will only be notified about new, different reports.

Website reports

Manage your policies and avoid dangerous mistakes

Policies are complex to write, and mistakes can lead to unexpected security issues. Use our editor to create and update your policies and avoid many errors.

Use the policy analyzer in the editor or with the scanner to detect common mistakes.

Policy analyzer

Get CSPWatch

CSPWatch is currently available in beta. Sign-up for free right now, or log in if you already have an account.


Want to know more? Subscribe to the Exograd newsletter! Expect a couple messages a month about new releases and feature previews. You will also be notified immediately if we find a serious bug or a security issue.