Features
The CSP workflow from first scan to monitored enforcement.
Consepo combines policy generation, violation reporting, script inventory, alerting, and real-time monitoring so teams can ship a strict Content Security Policy from evidence instead of guesses.
Rollout model
Scan, report, monitor
Step 1
Generate from browser evidence
Start with a rendered crawl so directives reflect what the site actually loads.
Step 2
Validate with Report-Only
Use violation reporting and monitoring to see what the draft policy would block.
Step 3
Maintain as the site changes
Track scripts, alerts, and production violations so the policy stays current.
Product surface
Choose the feature that matches the CSP work in front of you.
Some teams start with the generator. Others need reporting or monitoring first. Each feature links into the same policy lifecycle.
CSP Violation Reporting
Monitor and analyze Content-Security-Policy violations in real-time across all your domains.
- Real-time violation streams
- Grouped & deduplicated reports
- Severity classification
- Historical trend analysis
CSP Policy Generator
Automatically generate a tight Content-Security-Policy based on your website's actual content.
- Scan-based policy creation
- Nonce & hash support
- Incremental tightening
- One-click deploy snippets
Alerting & Notifications
Get alerted on your favorite channels when a specific security event occurs.
- Slack, email & webhook alerts
- Custom threshold rules
- Anomaly detection
- Digest & real-time modes
Script Inventory
Monitor all scripts loaded on your website, their integrity hashes, and known CVEs.
- Automatic script discovery
- SRI hash tracking
- CVE vulnerability matching
- Change detection alerts
Real-Time Monitoring
Catch violations from checkout flows, login pages, and every route your scanner can't reach.
- Coverage beyond the crawler
- Live production violation reports
- Digest & webhook delivery
- Scanner + monitoring = full picture