Cross-Site Scripting (XSS) is currently number 7 on the well known OWASP Top 10 Application Security Risks. In this talk we will look at XSS in 3 parts: (1) What is it? (2) How do we detect it? (3) How do we prevent it? By the end of the talk you should understand the basics of XSS, some of the ways to detect it, and methods you can use to prevent it.