Today's Web 2.0 world sparks opportunities for Internet interactivity and community-building, but at the same time, leaves many Web sites and online users vulnerable to open security attacks. Underscoring the importance of security in Web 2.0 environments, executives from Radware will offer valuable security insights as session participants at the upcoming Black Hat USA 2008 Briefings, August 4-7, 2008 in Las Vegas. The Black Hat Briefings are a series of highly technical information security conferences that bring together thought leaders from all facets of the information security world.

Itzik Kotler, Security Operation Center (SOC) team leader and Jonathan Rom, security researcher at Radware, will drive the session, "Jinx - Malware 2.0," and will examine how the shift in browser technologies to compete more aggressively with operating systems (OS) have led toward the rapid development of Web 2.0 malware that is OS and architecture independent.

"Web 2.0 is pushing the boundaries of what today's interactive web sites can do, however in the rush to add features, security often becomes an afterthought," stated Kotler. "During our presentation at Black Hat, we will demonstrate and share the source code of Jinx, a fully implemented JavaScript malware, which is the creation of our research that unlocks a number of interesting vulnerabilities within many Web 2.0 operating environments, including the popular Mozilla product line."

Radware's appearance at Black Hat comes on the heels of the company's launch of its APSolute Immunity security initiative, a new strategic approach that maintains business continuity by protecting the applications infrastructure against existing and emerging network-based threats that cannot be detected by traditional intrusion prevention systems (IPS) such as: application misuse threats, SSL attacks and VoIP service misuse. Coupled with Radware's award-winning DefensePro security solution, this umbrella security strategy allows organizations to move beyond static IPS by mitigating attacks that use legitimate application services for malicious activity.