>EVENTVALIDATION is (was?) a novel security measure implemented in 2006 by the ASP.NET team to "prevents unauthorized requests sent by potentially malicious users from the client [..] to ensure that each and every postback and callback event originates from the expected user interface elements, the page adds an extra layer of validation on events".

The attack it prevents is called XSRF, and this security measure wasn't novel in 2006.