Learn about defending against cross-site scripting (XSS) attacks in this 59-minute conference talk by Jason Montgomery. Explore the challenges faced by software developers in securing applications, including market forces and knowledge gaps. Understand different types of XSS attacks, injection points, and vulnerabilities through real-world examples like Twitter. Discover practical mitigation strategies such as encoding, whitelisting, and using Anti-XSS libraries. Gain insights into browser protection mechanisms and security maturity models. Watch a demonstration using Metasploit and Aurora, and leave with actionable takeaways to improve your application's security against XSS threats.