NOWSECURE ANNOUNCED AS AN APP DEFENSE ALLIANCE (ADA) AUTHORIZED LAB TO PERFORM INDEPENDENT SECURITY REVIEWS

Now Android developers can publicly show users they safeguard trust through standards-based independent security validation in their Google Play Data safety section.

NOWSECURE ANNOUNCED AS AN APP DEFENSE ALLIANCE (ADA) AUTHORIZED LAB TO PERFORM INDEPENDENT SECURITY REVIEWS NOWSECURE ANNOUNCED AS AN APP DEFENSE ALLIANCE (ADA) AUTHORIZED LAB TO PERFORM INDEPENDENT SECURITY REVIEWS Show More
magnifying glass icon

Case Study: Caribou Coffee Fuels Mobile DevSecOps with NowSecure

Posted by

Amy Schurr

Content Marketing Director
Amy Schurr is content marketing director for NowSecure. A former B2B journalist, she has spent her career covering technology and how it enables organizations.
Caribou Coffee logo

Millions of Caribou Coffee fans rely on the company’s mobile app to order ahead, pay and rack up loyalty points. The ability to quickly develop and release new features such as curbside pickup and rewards redemption helps keep customers and store employees safe during the pandemic.

“The ability to launch new features quickly has become essential to our organization growth,” says Eric Caron, senior director of IT solutions for Caribou Coffee. “Anything we can do to make more things contactless is a win for everybody.”

In addition, safeguarding customer data and privacy also ranks as a top priority for the specialty quick-serve restaurant. Replacing a slow and cumbersome multi-month manual mobile application security review with the NowSecure automated mobile application security testing solution enabled Caribou Coffee to collapse that to mere minutes. In addition, the company gains peace of mind that its mobile apps are secure and PCI compliant.

We know that we are using a trusted solution that allows us to monitor our mobile app builds in a straightforward and automated way.

“We know that we are using a trusted solution that allows us to monitor our mobile app builds in a straightforward and automated way,” says Heather Brinkhaus, senior organization analyst for customer apps at Caribou Coffee.

 

Mobile Application Security Testing Eases Audits

Prior to integrating NowSecure Platform into its DevSecOps toolchain, Caron says that Caribou Coffee previously contracted with a third party to conduct a manual application security review. Not only did it take that company months to complete the work, but Caribou Coffee was then left with a massive report to digest and then figure out which security findings and bugs were most critical.

Today, Caribou Coffee uses the NowSecure Platform to continuously monitor security risks by automatically testing its Android and iOS mobile app binaries at QA and pre-production. “Performing this review at two places in our development cycle allows us to catch issues early, promptly address them and confirm that we are putting out a safe and secure product,” says Brinkhaus.

In addition, the solution’s clear reporting makes it easy for developers to digest the findings and quickly fix bugs. “One of the best things about moving to NowSecure is not having to fan through a 110-page security audit to figure out what bugs and security issues you need to address,” says Caron.

 

The DevSecOps testing tool from NowSecure helps Caribou Coffee achieve the company the following benefits:

  • Speed release frequency 3x by accelerating from quarterly to monthly
  • Shrink the mobile appsec testing process from several months to a mere 30 minutes
  • Ensure PCI compliance and peace of mind that apps are secure

Discover more about all the ways Caribou Coffee reduces risk with NowSecure automated mobile application security testing in this case study. In addition, you can for yourself the depth of testing of the NowSecure solution by obtaining a free mobile app security and privacy risk report for your app.