Security Testing

GDS security engineers assess many of the largest enterprise financial and banking applications in commercial use today. These complex applications store and provide access to highly sensitive financial data and are used by millions of customers on a daily basis.

GDS provides a number of services for assessing and providing assurance over both applications and network/server infrastructure. GDS specializes in performing security code review and black box testing of both custom-built applications as well as third party "off-the-shelf" software products. Alternatively, choose from one of our infrastructure security offerings to find out how GDS can help keep unwanted intruders out of your network. Please select one of the GDS application or infrastructure testing services to learn more.

Black Box Application Testing

The GDS Black-Box security testing methodology leverages both manual and automated testing techniques to assess the security of a live instance of the targeted application. The objective is to gauge the threat of both unauthorized outsiders and legitimate users compromising application security controls.

Source Code Review

GDS Source Code Reviews uncover security vulnerabilities and their development root causes in the source code of mission-critical business applications. The GDS methodology combines manual code review techniques, proprietary application security directives (ASDs), and the use of premier proprietary and commercial source code analysis tools in a consistent and repeatable process.

Penetration Testing

Infrastructure penetration testing is one of the most realistic ways of determining the likelihood of a network security breach. We offer a variety of customizable testing options to meet your specific goals.

Red Team Testing

Red Team testing services challenge an organization's resilience to targeted and sophisticated attacks. GDS can emulate persistent, motivated, and heavily resourced attackers by using advanced tactics, techniques, and procedures (TTPs) to infiltrate the organization and achieve realistic scenario goals.

Embedded Security Testing

The GDS embedded security testing methodology is designed to provide a comprehensive evaluation of all facets of an embedded system, ranging from high-level architecture review and firmware analysis to in-depth hardware security testing. These activities are intended to simulate those of a motivated attacker with physical access to the system and access to the required equipment to conduct low-level hardware attacks.

Vulnerability Remediation

Minimizing the time required to correctly address high risk application or network infrastructure security vulnerabilities is the goal of the GDS Vulnerability Remediation service line. GDS works directly with company management, developers and/or system administrators to provide a prioritized and detailed game plan that addresses each security flaw in the context of the company's application or network environment.

Social Engineering

Social Engineering testing allows us to identify weaknesses in the human perimeter of an organization. This type of review allows us to gauge an organization's exposure to real-world Social Engineering attack scenarios.

CESG (CHECK) IT Health Checks

GDS is a member of the United Kingdom government's CESG CHECK IT Health Check scheme, allowing GDS to provide security assurance services on UK Government and CNI systems processing data that is protectively marked, up to and including CONFIDENTIAL.


GDS is a CREST Member organization able to deliver CBEST/CREST STAR intelligence-led penetration testing for Financial Services organizations regulated by the Bank of England in the United Kingdom.

Cyber Essentials Certification

GDS is a Certification Company for the United Kingdom Government Cyber Essentials scheme, allowing organizations to demonstrate that they practice effective cyber security.