GDS Source Code Review assessments uncover security vulnerabilities and their development root causes in the source code of mission-critical business applications.

Approach

The GDS methodology combines manual code review techniques, proprietary application security directives (ASDs), and the use of premier proprietary and commercial source code analysis tools in a consistent and repeatable process.

The full-disclosure of source code and design documents allows for the quick identification of common application security vulnerabilities. GDS engineers then focus on identifying the more obscure and high risk vulnerabilities unique to the targeted application and its business logic.

Deliverables

GDS delivers a detailed and comprehensive report at the conclusion of each security assessment. All GDS reports are highly customizable depending on requested reporting requirements and typically include an executive summary, detailed technical findings and recommendations, and illustrative walkthroughs of all exploitation steps performed.

Related Services

At the end of each Source Code Review assessment, GDS can offer the following related services:

• Regression testing of all items identified during the assessment
• Vulnerability Remediation Assistance and Project Management
• Custom Secure Application Development Training

Strategic Partners

Fortify Software

If you would like to learn more information about conducting a Source Code Review assessment against an application, please email us for more information, or call your nearest GDS office.