Infrastructure Security Application Security Training Consulting Services Labs

Penetration Testing Vulnerability Assessments Configuration Reviews Infrastructure Remediation

Black Box Security Testing Source-Driven Security Testing Vulnerability Remediation Secure Development Services

Application Testing & Hacking Secure Application Development Custom Application Security Training

Risk Management and Compliance Security Project Management Audit Assistance Custom Consulting Services

Blog Tools

News

August 11, 2010

Matt Bartoldus will be presenting at the Source Barcelona Conference on September 21, 2010. The session, entitled "Security in the SDLC: It Doesn't Have to be Painful!", will discuss what works and what doesn't when integrating security into a corporate SDLC. »

July 13, 2010

Marcin Wielgoszewski will be presenting "Constricting the Web: Offensive Python for Web Hackers" at BlackHat USA 2010 on July 29, and DEFCON 18 on August 1 »

June 15, 2010

Adam Muntner quoted by Dark Reading in the article "New Crypto-Cracking Tool To Target Databases". In the article, Adam points out the importance of secure development activities and defense-in-depth in preventing the same old attack patterns. »

June 14, 2010

Marcin Wielgoszewski presenting Fracking Flex at Summercon 2010 in New York City, where he will introduce new methods for penetrating server-side environments utilizing Adobe Flex services. »

June 1, 2010

GDS Co-Founder Justin Clarke is to present a webcast as part of the BrightTALK Application Security Summit on the topic of "Emergent Standards in Secure Software Development" at 9am GMT on June 3, 2010 »

April 20, 2010

GDS Co-Founder Justin Clarke was interviewed recently for a Wall Street Journal article on the importance of correct management information in the success of a business »

April 14, 2010

GDS Engineer Marcin Wielgoszewski presented "Pentesting Adobe Flex Applications" at the April OWASP NY NJ Chapter meeting. »

March 14, 2010

GDS will be presenting at the 2010 Source Boston Conference on April 23, 2010. Brian Holyfield will demonstrate techniques used to attack Web Services built on the Microsoft .NET Windows Communication Foundation (WCF) Framework. »

February 13, 2010

Brian Holyfield will be presenting at the 2010 RSA Conference on March 5, 2010 at the Moscone Center in San Francisco. The session will discuss techniques used to attack Web Services built on the Microsoft .NET Windows Communication Foundation (WCF) Framework. »

January 21, 2010

GDS Co-Founder Brian Holyfield will be presenting at the Annual ShmooCon Security Conference in Washington DC on February 7, 2010. The presentation, titled "Cracking the Foundation: Attacking WCF Web Services", will discuss techniques for attacking services built on the Microsoft Windows Communication Foundation (WCF) platform. »

January 14, 2010

GDS Co-Founder Justin Clarke was interviewed for the Eurotrash Security Podcast on the topic of SQL Injection, software security in general, and about his recent book "SQL Injection Attacks and Defense" »

November 17, 2009

GDS Co-Founder Justin Clarke will be speaking at the Iberic Web Application Security Conference in Madrid, Spain on 10th-11th December. Justin will be presenting on "SQL Injection: How far does the rabbit hole go?" »

October 27, 2009

GDS Co-Founder Justin Clarke was interviewed at BruCON by Risky Business on the topic of "SQL Injection - how far does the rabbit hole go?". The podcast contains two interviews - Justin's interview can be found approximately 9 minutes into the podcast »

October 12, 2009

GDS Co-Founder Brian Holyfield is scheduled to present "Attacking Windows Communication Foundation" at the OWASP AppSec 2009 DC Conference. The event will be held November 12th-13th at the Walter E. Washington Convention Center in Washington DC. »

August 25, 2009

GDS Co-Founder Justin Clarke is scheduled to present on "SQL Injection - how far does the rabbit hole go?" at OWASP Ireland AppSec 2009 in Dublin, Ireland on September 10th, and at BruCON 2009 in Brussels, Belgium on September 18th »

August 4, 2009

GDS Co-Founder Matt Bartoldus is scheduled to present on Software Assurance Maturity at the 2009 Source Barcelona Conference. The conference will be held September 21st-22nd at the Museu Nacional D’art de Catalunya, Barcelona, Spain »

July 8, 2009

Gotham Digital Science was included in the Application Security Consulting category of the recent Forrester "TechRadar^TM For SRM Professionals: Application Security, Q3 2009" report »

July 1, 2009

GDS Co-Founder Justin Clarke was interviewed May 20th for OWASP Podcast #029 by Jim Manico on the topic of SQL Injection. The interview is now available for download »

June 25, 2009

GDS Co-Founder Justin Clarke spoke at the June meeting of the London ISACA chapter on "Emerging Standards in Software Security Assurance". Justin discussed both OpenSAMM and BSI-MM, use cases for these models, and how these are relevant to an assurance audience. A webcast of this presentation will be available shortly on the ISACA London page for members »

May 15, 2009

"SQL Injection Attacks and Defense" is now available. GDS Co-Founders Justin Clarke and Joe Hemler were contributing authors to the book, with Justin also acting as the technical editor »

April 29, 2009

GDS Co-Founder Matt Bartoldus' article "Software Assurance with SAMM" has been published in the British Computing Society's Spring 2009 issue of ISNOW. In this article, Matt introduces the core activities of the Software Assurance Maturity Model (SAMM) and how it can be used as a framework for secure software development »

April 22, 2009

GDS Co-Founder Justin Clarke will have his article "Resilience under attack: Techniques for continuing online business in the face of security compromise" published in the forthcoming Volume 3 Number 3 of the Journal of Business Continuity & Emergency Planning. In this article, Justin makes a business case for pre-emplacement of Web Application Firewalls as part of an organization's business continuity effort for use when responding to a security incident »

April 2, 2009

GDS Co-Founder Justin Clarke was quoted in SC Magazine UK's April edition in the article "Striking out as an independent security consultant is risky, especially in the current economic climate". In the article, Justin contrasts the GDS team-based approach to being an independent consultant »

March 31, 2009

GDS Co-Founder Matt Bartoldus is quoted in DarkReading on the release of OpenSAMM, a Software Assurance Maturity Model (SAMM) released to help organisations formulate and implement a strategy for software security that is tailored to the specific risks facing the organisation »

March 5, 2009

GDS Co-Founder Brian Holyfield was interviewed by Dan Kaplan of SC Magazine for the March 2009 cover story "Security during layoffs: Inside out". The article focuses on IT security considerations for employers forced to cut headcount during tough economic times »

February 18, 2009

Brian Holyfield is scheduled to present on Protecting Vulnerable Web Applications with IIS7 at the 2009 Source Boston Conference. The conference will be held March 11-13, 2009 at the Seaport Hotel in Boston, MA »

February 5, 2009

GDS Co-Founder Brian Holyfield debates the pros and cons of Web Application Firewalls with Marcin Wielgoszewski and Andre Gironda on the latest OWASP Podcast Roundtable »

January 15, 2009

GDS Co-Founder Justin Clarke has taken over the leadership of the London, United Kingdom chapter of OWASP. RSVP now for the next meeting, scheduled for March 12 »

December 29, 2008

SQL Injection Attacks and Defense (to published by Syngress) is currently in the writing process, and should hit the shelves around the start of May 2009. GDS Co-Founder Justin Clarke is the lead author and technical editor on the book, with fellow GDS Co-Founder Joe Hemler also heavily involved, and an all star team of SQL injection researchers and tool developers as contributing authors »

December 11, 2008

GDS Co-Founders Brian Holyfield and Matt Bartoldus are quoted in DarkReading sharing tips on how to protect against security attacks by disgruntled or former employees »

December 4, 2008

Gotham Digital Science co-founder Joe Hemler is presenting "Tampering-Proofing Web Applications" at the NY/NJ OWASP chapter meeting »

November 26, 2008

Gotham Digital Science co-founders Justin Clarke, Andrew Nairn and Brian Holyfield invited to present at upcoming OWASP chapter meetings in Boston and London. The presentations covered techniques for protecting vulnerable web applications at runtime and SQL Injection Worms »

October 22, 2008

Gotham Digital Science partners with Intense School to deliver "Key Principles in Writing Secure Code" webinar. The presentation targets application development folks looking for an introduction to application security »

August 27, 2008

Gotham Digital Science co-founder Justin Clarke will be presenting at ISACA United Arab Emirates' second annual iSAFE conference in Dubai, to be held October 29-30 2008. Justin will be presenting "Advanced SQL Injection exploitation techniques and examples" »

August 11, 2008

Gary McGraw mentions Gotham Digital Science in his wrapup of the 2007 industry numbers, "Software [In]security: Software Security Demand Rising" »

August 5, 2008

GDS co-founder Justin Clarke's bio for Black Hat in Las Vegas is mentioned in Network World - "What's so funny about security? Black Hat bios show a humorous side" »

May 12, 2008

Gotham Digital Science co-founders Brian Holyfield and Justin Clarke have been accepted as speakers at Blackhat USA, August 6-7 2008. Brian will be presenting "Protecting Vulnerable Applications with IIS7", and Justin will be presenting "SQL Injection Worms for Fun and Profit" »

February 27, 2008

Gotham Digital Science will be presenting on "Threat Modeling for Web Applications" at the IBM Rational Software Development Conference 2008, which will be held at the Walt Disney World Swan and Dolphin Resort in Orlando, Florida June 1-5, 2008 »

January 25, 2008

Gotham Digital Science co-founder Brian Holyfield was quoted in Byte and Switch while participating in the experts panel at the New York screening of "The New Face of Cybercrime" »

January 16, 2008

Co-founder Justin Clarke spoke at the January education event of the North London branch of the British Computer Society. The event, co-sponsored by Gotham Digital Science, ISACA, The International Institute of Information technology, and the Institute of Chartered Accountants of England and Wales was a success with a capacity audience attending. Slides are available here »

January 9, 2008

Gotham Digital Science will be featured in the upcoming documentary "The New Face of CyberCrime". Checkout a trailer for this event here . GDS co-founder Brian Holyfield will be featured in the executive discussion following the New York City premier event on January 24, 2008. »

December 13, 2007

Co-founder Justin Clarke will be presenting at the January education event of the North London branch of the British Computer Society on January 16 »

October 17-19, 2007

Gotham Digital Science presents on application security at Rackspace Customer Conference 2007 »

September 26, 2007

Co-founders Joe Hemler and Brian Holyfield team up with Fortify Software in webinar "How to Outsmart a Hacker, Understanding Their Techniques & Finding the Tools to Stop Them" »

July 31, 2007

Version 1.0 of SQLBrute has been released. SQLBrute is a blind SQL Injection tool that supports time and error based exploitation. Download it here »

June 28, 2007

Co-founder Justin Clarke speaks at the SANS Secure Europe 2007 conference Community Night. Check out his presentation here »

May 9, 2007

Co-founder Brian Holyfield featured in eWeek Channel Insider Interview: "Grow Your Offering and Attack Opportunity" »

November 2, 2006

Co-founder Brian Holyfield quoted in Network World »

October 23, 2006

Co-founder Andrew Nairn quoted as part of the initial Fortify Tracer release »

Company Information