New types of attack - cross site request forgery or malicious AJAX code execution, for example, are analyzed in our lab. Due to our flexible web application security framework a corresponding defence product module can quickly be created.