Park ‘N Fly finds “auto magic” with Invicti DAST in their CI/CD workflow
I call Invicti “auto magic” in what I’m doing because it just saves time. It saves effort – even if I have a twenty-person team, a five-person team, or a fifty-person team, it doesn’t matter. You should always look at ways to optimize your team’s time so that they can focus on the things that are important. Logging in and doing manual arduous tasks is unimportant. Invicti solves that for us through automation.– Ken Schirrmacher, CTO and Senior Director of IT, Park ‘N Fly, Inc.
Although first marketed to business travelers when founded in 1967, Park ‘N Fly has evolved over the years to make airport travel easier for all. Today, Park ‘N Fly’s selection of services includes airport parking, drive through car washes at select locations, luxury pet boarding, and more – all from 12 different airport locations across the United States.
Serving over 1 million travelers across the country every year means that the Park ‘N Fly team must have a security strategy with automated tools to cover their various digital assets, all while keeping sensitive customer information secure.
Seeking security tools that meet sky-high demand
When they set out to find the right option for their business and technical needs, the team at Park ‘N Fly was on the hunt for a dynamic application security testing (DAST) solution. With about 10 internal and on-prem apps, a kiosk application at each location, and facility management system software for pricing and rates, maintaining adequate and consistent security coverage was key.
We have a pretty diverse environment that we look after and want to make sure that all of our applications and everything we’re accessing not only are secure, but also that they’re tested to be secure.
To safeguard such a large swath of solutions without interrupting business for their customers, Park ‘N Fly knew they needed a tool that would integrate easily into their software development lifecycle (SDLC) so that they could secure applications well before they reached production.
Securing digital assets from the ground up
Park ‘N Fly first investigated Invicti DAST as a web application scanner, and then discovered how quickly and effortlessly they could integrate the tool within their environment. After embedding Invicti DAST into their CI/CD workflow, their speed and efficiency in the DevSecOps process improved. Now, they have seamless Jira integration and Azure DevOps capabilities so that they can scan and fix new applications before they reach production, with the option of additional add-ons to further improve their workflows. Through automation, Invicti immediately flags items that their developers need to prioritize so they can manage critical issues faster.
The best part is that my project manager doesn’t need to be bogged down with anything like testing or validation. And the details for the specific items are in the Jira ticket so my developers don’t have to bump around in the dark trying to figure out how to resolve an issue. Invicti gives them the roadmap for how to resolve it.
With a clearer understanding of what they need to fix and when, Park ‘N Fly has managed to significantly cut down on manual work that would otherwise amount to a full-time role. Now, their team of about 20 people doesn’t have to stop and wait for a decision about prioritization or dig for more information about a critical vulnerability. Invicti helps provide a fuller picture of their security environment so that they can move forward with confidence knowing everything is tested and validated.
Invicti saves at least one full-time employee on our team. In the past we’ve had people that have manually done scans and had to create the Jira items, then assigned it to the developers, and then the developer pushed it up after they committed their code changes. With Invicti, you can work on other stuff instead of waiting.
Cultivating an automated future with Invicti
With Invicti embedded as part of their development workflow, the Park ‘N Fly team now sees daily benefits from automated security. They no longer need to log in to their systems and manually fix issues when they make large environmental changes. Invicti was easy to set up and integrate; now it simply runs in the background and saves time, bringing that reliable and accurate “auto magic” they were missing before.
For the level of automation that you get with Invicti, it really makes sense to have it integrated into your CI/CD flow. It’s an overall really good scanning tool, but the detail of the vulnerability and remediation steps also will save you time. Engage a sales rep for a 20 or 30 day trial, start integrating it into your process, and you’ll be surprised at how much time it saves you and how much “auto magic” it brings to your entire development pipeline.
A versatile and adaptable security solution is critical for Park ‘N Fly, especially with customer data to protect. By integrating Invicti directly into their CI/CD workflow and adopting Invicti DAST for automated security scanning, they have a smoother runway for secure business innovation now and in the future.