Templarbit

Protects your applications from XSS attacks

get it

Reviews

Discussion

You need to become a Contributor to join the discussion - Find out how.
Bjoern ZinssmeisterMakerHiring@zinssmeister · Co-founder of Templarbit
Hi everyone! I am Bjoern, the co-founder of Templarbit. We're excited to be on Product Hunt today launching Templarbit! Templarbit protects web applications from XSS attacks and other malicious activity. Previously Matthias and I worked together at a cyber security firm where we saw many vulnerability reports. After spending some time running engineering at another startup we realized there is a big need for a security solution that can easily be understood and deployed. Something that helps software teams protect what they are building. We reached out to friends and strangers at other software startups to see how they handle the security of their applications. Surprisingly to us, not many teams felt like they did a good job in that area, mostly due to lack of tools available to them. With the advent of browser support for Content Security Policies, there are new ways to protect against these attacks. Setting a CSP header is a great way to mitigate XSS attacks, but managing changes to the policy and having a reporting endpoint that gives you insights into what is being violated is still difficult. Templarbit helps with this. Our reporting dashboard can help you discover and fix violations in real-time and shows you in most cases exactly where in your app the issue exists. We'd love to hear your thoughts about what we’re building, so please feel free to comment or email: bjoern@templarbit.com
David Head@david_head · Co-founder @ Sixty
+1!
Tregg@treggify · Designer
Looks super slick with the bright red. The documentation/resources page also looks sweet.
Bjoern ZinssmeisterMakerHiring@zinssmeister · Co-founder of Templarbit
@treggify Thank you Tregg!
_J_C_@jamescampbell · CTO, DGI
Not sure I understand the use case here. This problem is already solved by setting CSP headers in web server config (NGINX for instance). Same goes for REST apis that travel over https connections. Set same rules for those locations that serve data to app endpoints. And view the NGINX logs (/var/log/nginx) no? What else am I missing?
_J_C_@jamescampbell · CTO, DGI
@jamescampbell if this is to solve the issue of setting up the configs then begs question of why you are building app and dont know how to secure it in the first place.
Bjoern ZinssmeisterMakerHiring@zinssmeister · Co-founder of Templarbit
@jamescampbell Hi James, you are right, you can setup a CSP header manually but covering all the rules and providing a reporting endpoint that reacts to violation reports is not as trivial. We are an out of the box solution to those problems and make it easy to deploy and continuously manage and monitor your content security policies.
Kris Puckett@krispuckett · InVision
Congrats @zinssmeister!!