Stay Secure
Content Security Policy (CSP) Manager

Build and manage your Content Security Policy (CSP) in one place
to keep your site safe from data breaches and unauthorized ad injection.

A CSP can protect your site from

Formjacking &
Cross-Site Scripting (XSS)

If a hacker injects code into your checkout pages, a CSP automatically blocks the code from sending your customer’s payment information to the hacker’s domain.

Browser Hijacking
& Ad Injection

Computer malware causes unwanted (and sometimes competitive) ads to appear on your users’ browsers. A CSP prevents these ads from even loading on your website.

Piggyback Tags

One tag could be loading multiple tags from vendors you have not authorized. A CSP eliminates this security and GDPR risk.

…and would have prevented these Magecart attacks


credit cards stolen

Sep 2017 – Jun 21, 2018


credit cards stolen

(and $230M in fines)

Aug 21, 2018 – Sep 5, 2018


credit cards stolen

Aug 14, 2018 – Sep 18, 2018

How the Blue Triangle CSP Manager works

See what domains are loading on your site.

We start off by identifying what first and third-party domains are loading on your site. See who owns the domains and what pages they’re loading on.

Determine what domains are allowed.

Now that you know what domains are loading on your site, quickly create a whitelist of approved domains, as well as what type of files they are allowed to call.

Auto generate Content Security Policy (CSP).

Once you approve the whitelist, Blue Triangle automatically generates a comprehensive CSP that you can deploy in seconds.

Deploy CSP and stay secure.

Your CSP blocks any unknown or malicious domains from accessing your site. We’ll even notify you as soon as there are any violations to your CSP.

Not ready to block? Then stay in alert-only mode.

Trusted by Marriott, Office Depot and The Home Depot.

Get a Demo

Key Features

Live Tracking

Track the performance of all your tags, files, and domains to ensure they aren’t impacting performance, revenue, or security.

Faster Implementation

We automate the process of creating and managing your CSP so you can implement it in seconds.

Real-Time Alerting

Be notified as soon as there is a CSP violation.

Page-Level CSPs

Create global and page-level CSPs so you can ensure your entire site is locked down.