Announcing New Legit Prevention Capabilities!  Click to read more -->

Blog Contact Us Sign In
Platform
Platform - ASPM Iconx
Application Security Posture Management (ASPM)
Platform - Secrets Detection & Prevention
Secrets Detection & Prevention
Platform - Continuous Compliance and SBOM Icon
Continuous Compliance and SBOM
Platform - Software Supply Chain Security SSCS Icon
Software Supply Chain Security (SSCS)
Platform - AI Security Posture Management (AI-SPM) Icon
AI Security Posture Management (AI-SPM)
Platform - AppSec Vulnerability Management Icon
AppSec Vulnerability Management
Integrations
Why Legit
Why Legit - Customers Icon
Customers
Resources
header mobile nav icon
Resources
Resources - Blog Icon
Blog
Resources - Resource Library Icon
Resource Library
Resources - Open Source with Legitify Icon
Open Source w/ Legitify
Resources - Events Icon
Events
Company - About Legit Icon 2
ASPM Knowledge Base
Company
Company - Partners Icon
Partners
Company - About Legit Icon 2
About Legit
Company - Press Releases Icon 1
Press Releases
Company - In the News Icon
In the News
Company - Careers Icon
Careers

Introduction

ACV Auctions is out to “fundamentally change the wholesale automotive industry by providing a level of trust and transparency that was once unimaginable.” Becoming the industry’s premier wholesale automobile auction site requires rapid innovation and software development lifecycles (SDLC) with continuous integration/continuous delivery (CI/CD) pipelines. The ACV information security team is tasked with protecting the software factory that drives their business, and they use Legit Security to help create and maintain a secure and sustainable process for developing new and innovative software.

 

Challenge

ACV Auctions was struggling to analyze, secure, and track changes across each stage of the SDLC. They needed an inventory of the SDLC systems and infrastructure in place, a deep awareness of operational security controls, an understanding of which regulatory requirements are being adhered to, and which may be drifting out of compliance.

 

ACV Auctions Needed

  • Observability into their SDLC and CI/CD processes
  • Relevant context to prioritize AppSec activities
  • Visibility into security controls and compliance drift
  • Automation of repetitive, lower-skill work

ACV Auctions Storefront_w

The Legit Solution

ACV Auctions selected Legit Security after a platform evaluation demonstrated their requirements for observability and security of their SDLC pipelines, systems and infrastructure along with real-time auditing and monitoring. Legit was able to immediately provide a range of capabilities that delivered what the ASM team needed—at a fraction of the cost that adding staff would have required.

 

Solution Requirements

  • Integration with ACV Auctions’ existing tech stack
  • Easy implementation and operation
  • Continuous evaluation of application security posture
  • Auditing for policy violations and compliance drift
  • Automated communication and remediation
Benefits of a Secure SDLC Foundation
Legit provides a powerful tool for the security team(s) who leverage it for application security as well as SDLC oversight to provide an informed advisory perspective to other teams.
settings

More collaborative application security with developer teams leveraging the platform’s risk scoring and deeper contextual information.

shield

Smarter vulnerability management supported by observability and context across the SDLC to effectively prioritize security issues.

lock

Continuous assurance and risk mgmt by identifying, prioritizing and remediating vulnerabilities that protect the business and meet compliance requirements.

clock

Costs savings and productivity gains through automation and operational efficiencies that enable highly trained SMEs to focus on more strategic tasks.

Eyebrow

Get the Full Story

Download the case study for details on how Legit Security helped ACV Auctions address their secure application delivery challenges.

Download Case Study