How Can Enterprise App Development Help Your Business Growth.pptx
Just Eat Codebashing Case Study
1. JUST EAT is first and foremost a technology company with an impressive
in-house team of developers that own the entire process of technology
including the JUST EAT website, consumer app and the mobile/fixed devices
located in every restaurant it works with. The JUST EAT fixed devices provide
restaurants with a system to efficiently manage their orders by minimising
the time spent on processing and by reducing communication errors that can
occur over the phone.
The Challenge
JUST EAT builds and maintains back-end tools for its technology. This helps
it to manage orders in real time using the API’s that sit behind the tools to
rapidly grow and change these products remotely. JUST EAT has a large
development team spread over multiple locations, which makes secure code
training difficult to maintain without taking valuable resources away from
development.
As a responsible company, JUST EAT wanted to employ a more consistent
approach to secure code training internally by replacing its current secure
code development training with a more interactive system that would
encourage engagement and adoption of key application security principles.
Having reviewed the marketplace and the current training programmes
available, JUST EAT decided to work with security training specialists
NCC Group.
JUST EAT operates an online and mobile
marketplace for food delivery, providing consumers
with an easy and secure way to order and pay
for food from local restaurants. With over 66,000
restaurants using the platform across 13 markets
worldwide, JUST EAT now handles millions of orders
a year and has revolutionised the process of food
ordering for more than 15 million customers.
The game-like
approach to AppSec
training has made it
easier for our developers
to consume and ensures
that they are able to
implement a wide range
of application security
principles as we continue
to grow the business.
Chris Dare
Senior Application Security Specialist
JUST EAT
JUST EAT
2. Solution
To provide JUST EAT with the right solution NCC Group partnered with
Codebashing, an educational technology business that provides game-like
AppSec training through a cloud based e-learning platform. Codebashing’s
e-learning application security training platform equips developers with
the techniques needed to ensure code is free from the most common
vulnerabilities.
Codebashing’s training programme was delivered in a modular, interactive
manner and allowed the internal development teams at JUST EAT to play with
live vulnerable applications and examine every aspect of what the application
was doing. Users are provided with access to information covering the entire
stack from the browser to the backend logs and code, and they are then
taken through a programme that tells them how to break and then fix the
application(s).
Results
NCC Group and Codebashing provided JUST EAT with a comprehensive
solution that addressed a wide range of security concerns, including the
OWASP top ten vulnerabilities, and allowed JUST EAT to track its developer’s
progress through a selfmanaged training portal.
The Codebashing solution enabled JUST EAT to meet its goal of embedding
key application security principles within its internal development teams, while
the gamified approach facilitated a training experience that the JUST EAT
developers were excited to take part in.
Chris Dare, Senior Application Security Specialist at JUST EAT, commented:
“NCC Group and Codebashing have provided us with an innovative and
scalable training solution which has given our developers exposure to security
vulnerabilities through the entire stack, all from within the individual users
browser. The game-like approach to AppSec training has made it easier for our
developers to consume and ensures that they are able to implement a wide
range of application security principles as we continue to grow the business.”
NCC Group and
Codebashing have
provided us with an
innovative and scalable
training solution which
has given our developers
exposure to security
vulnerabilities through
the entire stack, all from
within the individual
users browser.
Chris Dare
Senior Applicatin Security Specialist
JUST EAT
About NCC Group
NCC Group is a global expert in cyber
security and risk mitigation, working
with businesses to protect their brand,
value and reputation against the
ever-evolving threat landscape.
With our knowledge, experience and
global footprint, we are best placed to
help businesses identify, assess,
mitigate & respond to the risks they
face.
We are passionate about making the
Internet safer and revolutionising the
way in which organisations think about
cyber security.
+44 (0) 161 209 5200 response@nccgroup.trust www.nccgroup.trust
For more information from NCC Group, please contact:
NCCGSCJECSV10616