Primarily, CSP is a set of rules to tell the browser to whitelist all asset sources that are alloswed.
This will reduce the number of Cross-Site Scripting (XSS) vectors by, for example, allowing only scripts from your domain or disallowing inline scripts
More about that in the next talk Security Tip #2