Case Study

ACV Auctions | Erik Bataller

Download Case Study


HubSpot Video




ACV Auctions


B2B E-Comm.

Featured Customer:

Erik Bataller

VP of Information Security

Download Case Study


ACV Auctions is out to “fundamentally change the wholesale automotive industry by providing a level of trust and transparency that was once unimaginable.” Becoming the industry’s premier wholesale automobile auction site requires rapid innovation and software development lifecycles (SDLC) with continuous integration/continuous delivery (CI/CD) pipelines. The ACV information security team is tasked with protecting the software factory that drives their business, and they use Legit Security to help create and maintain a secure and sustainable process for developing new and innovative software.



ACV Auctions was struggling to analyze, secure, and track changes across each stage of the SDLC. They needed an inventory of the SDLC systems and infrastructure in place, a deep awareness of operational security controls, an understanding of which regulatory requirements are being adhered to, and which may be drifting out of compliance.​

ACV Auctions Needed

  • Observability into their SDLC and CI/CD processes
  • Relevant context to prioritize AppSec activities
  • Visibility into security controls and compliance drift
  • Automation of repetitive, lower-skill work 

ACV Auctions Storefront_w

The Legit Solution

ACV Auctions selected Legit Security after a platform evaluation demonstrated their requirements for observability and security of their SDLC pipelines, systems and infrastructure along with real-time auditing and monitoring. Legit was able to immediately provide a range of capabilities that delivered what the ASM team needed—at a fraction of the cost that adding staff would have required. 

Box Package Icon - Purple

Solution Requirements

  • Integration with ACV Auctions’ existing tech stack
  • Easy implementation and operation
  • Continuous evaluation of application security posture
  • Auditing for policy violations and compliance drift
  • Automated communication and remediation 
Benefits of A Secure SDLC Foundation

Legit provides a powerful tool for the security team(s) who leverage it for application security as well as SDLC oversight to provide an informed advisory perspective to other teams.

Gear Increase Collaboration Icon - Purple

More collaborative application security with developer teams leveraging the platform’s risk scoring and deeper contextual information.

Flagged Branching Icon

Smarter vulnerability management supported by observability and context across the SDLC to effectively prioritize security issues.

Team Gear Collaboration Icon

Continuous assurance and risk mgmt by identifying, prioritizing and remediating vulnerabilities that protect the business and meet compliance requirements.

Time Cost Icon

Costs savings and productivity gains through automation and operational efficiencies that enable highly trained SMEs to focus on more strategic tasks.


Download the case study for details on how Legit Security helped ACV Auctions address their secure application delivery challenges.

Download Case Study