FLEX is a popular choice for the brave new world of web 2.0 applications. While the game may have appeared to change, rich Internet applications (RIA) still allow for the same vulnerabilities and design mistakes to be made. This presentation will cover methods for testing Adobe FLEX applications including the new version 4 and will look at such issues as cross--site flashing, remote calls and fuzzing. Additionally, there will be coverage of tools to test FLEX and other Flash applications including their addition to the OWASP WTE (Web Testing Environment). Finally, some design issues which may hamper FLEX development will be discussed in a brief case study.