We’re very excited here at Veracode to announce the availability of our new FREE service to detect cross-site scripting (XSS) in your web application. This is a significant milestone for our company and for the security industry, and we encourage everyone from small ISVs to major enterprises to give us a try. Hopefully this will be one of the first steps in the long road to eliminating XSS; after all, one of the first steps to recovery is admitting you have a problem!

Questions? Comment on this blog post, or try @veracode, @chriseng, or @weldpond …

On April 22, 2011 Sony announced their network had been breached, but released limited details regarding the attack vector. This announcement was a precursor to a series of new attacks against other Sony online properties and ultimately the shutdown of the PlayStation Network. On May 13th, Veracode Researcher, Chris Lytle, published his blog post on the anatomy of the PSN attack. We’ve taken his analysis and turned it into the infographic featured below: