Download PDF
Zoopla's Application Security Enhancement with Rapid7 InsightAppSec
Technology Category
- Application Infrastructure & Middleware - Event-Driven Application
- Cybersecurity & Privacy - Application Security
Applicable Industries
- Buildings
- National Security & Defense
Applicable Functions
- Product Research & Development
- Quality Assurance
Use Cases
- Experimentation Automation
- Tamper Detection
Services
- Testing & Certification
- Training
The Challenge
Zoopla, a London-based real estate portal, faced a significant challenge in maintaining the security of its applications. With over 60 million visits a month to its flagship property website and application, the company had to ensure the utmost security for its users. The company's security team, led by Application Security Engineer Alikhan Uzakov, was responsible for guiding hundreds of Zoopla developers through the application security testing process. This included conducting training and helping developers embed security tooling into their processes to ensure the security testing of new features and products before their release. However, with only three staff members, the security team found it challenging to support the vast number of developers.
About The Customer
Zoopla is a leading real estate portal based in London, England. The company serves property buyers, sellers, and renters, offering property research and sales and rental listings to help its users make informed decisions. Zoopla lists over a million properties in the United Kingdom and the Netherlands and registers more than 60 million visits a month to its flagship property website and application. The company works with several hundred application developers, helping real estate agents kick start their businesses by creating their own websites and offering them training. Zoopla is more than just a website; it is a comprehensive business that supports a wide range of real estate professionals.
The Solution
To address this challenge, Zoopla turned to Rapid7 InsightAppSec, a tool that provides Dynamic Application Security Testing (DAST). Uzakov had previous experience with this tool, but he put it through a trial to ensure it met Zoopla’s specific requirements. After testing, evaluating, and comparing several appsec tools based on price, functionality, and the level of support vendors provided, they chose InsightAppSec. The tool allowed Zoopla to automate security testing as part of the development process, assess modern web apps and APIs with fewer false positives and missed vulnerabilities, fast-track fixes with rich reporting and integrations, and scale easily by assessing the security of an application portfolio, regardless of its size. InsightAppSec also enabled them to scan web applications to identify vulnerabilities like SQL Injection, XSS, and CSRF.
Operational Impact
Quantitative Benefit
Related Case Studies.
Case Study
Energy Saving & Power Monitoring System
Recently a university in Taiwan was experiencing dramatic power usage increases due to its growing number of campus buildings and students. Aiming to analyze their power consumption and increase their power efficiency across 52 buildings, the university wanted to build a power management system utilizing web-based hardware and software. With these goals in mind, they contacted Advantech to help them develop their system and provide them with the means to save energy in the years to come.
Case Study
Intelligent Building Automation System and Energy Saving Solution
One of the most difficult problems facing the world is conserving energy in buildings. However, it is not easy to have a cost-effective solution to reduce energy usage in a building. One solution for saving energy is to implement an intelligent building automation system (BAS) which can be controlled according to its schedule. In Indonesia a large university with a five floor building and 22 classrooms wanted to save the amount of energy being used.
Case Study
Powering Smart Home Automation solutions with IoT for Energy conservation
Many industry leaders that offer Smart Energy Management products & solutions face challenges including:How to build a scalable platform that can automatically scale-up to on-board ‘n’ number of Smart home devicesData security, solution availability, and reliability are the other critical factors to deal withHow to create a robust common IoT platform that handles any kind of smart devicesHow to enable data management capabilities that would help in intelligent decision-making
Case Study
Commercial Building Automation Boosts Energy Efficiency
One of the challenges to building automation is the multitude of non-interoperable communications protocols that have evolved over the years. Buildings have several islands of automation. Bridging the islands of different automation without losing the considerable investment in each specialized control network is the main focus in this solution.
Case Study
Protecting a Stadium from Hazardous Materials Using IoT2cell's Mobility Platform
There was a need for higher security at the AT&T Stadium during the NFL draft. There was a need to ensure that nuclear radiation material was not smuggled inside the stadium. Hazmat materials could often be missed in a standard checkpoint when gaining entry into a stadium.