How It Works
A credentialing pathway your clients can verify.
Legacy Core™ runs a framework-aligned credentialing pathway — intake, guided readiness content, review, and issuance into a Public Business Trust Registry your clients can check in seconds.
Trust Audit = free diagnostic. Credentials are issued after pathway review — not automatic compliance.
At a glance
Four parts of the journey — clearly separated
Assessment, credential pathway, live verification, and ongoing badge status.
- AssessmentNot a credential
Trust Audit
Free · diagnostic only · not a credential
- Credential pathway
Bronze → Silver → Gold
Awareness, action, and maintain tiers on the credentialing pathway
- Verification
Trust Badge + registry
Live /verify page anyone can check
- Maintenance
Ongoing trust
Renewal, monitoring, and tier progression
Overview
The credentialing pathway in one sentence.
Begin at Bronze, complete the guided pathway content, pass review, and get issued a Trust Badge that lives in a verifiable public registry.
Three things to know about the pathway
A pathway, not a class
The credentialing pathway is structured around the readiness signals professional services clients quietly look for, then translated into the artifacts a credential review can evaluate.
Framework-informed
The Bronze rubric is informed by recognized readiness frameworks (including NIST CSF 2.0 and CIS Controls). Aligned with — not a substitute for — those frameworks or legal compliance.
Reviewed, then issued
Every credential is reviewed by Legacy Core before issuance. Self-attestation is never sufficient. The result is a Trust Badge clients can verify.
The pathway
The credentialing pathway, step by step
A clear, framework-aligned path from intake to issued credential and registry listing.
- Step 1
Begin the credentialing pathway
Choose Bronze and begin the credentialing pathway. The intake captures the business profile that will appear in the Public Business Trust Registry once the credential is issued.
- Step 2
Complete the guided pathway content
Work through the credentialing pathway content at your own pace. The pathway orients to recognized small business cybersecurity readiness frameworks (NIST CSF, CIS Controls) and produces the artifacts needed for review.
- Step 3
Quality and eligibility review
Legacy Core reviews the readiness artifacts against the Bronze rubric. If gaps are identified, you receive specific feedback and a path to address them before issuance. Self-attestation is never sufficient.
- Step 4
Trust Badge issuance and registry listing
Once the review is approved, Legacy Core issues the Bronze Trust Badge, generates the verification URL, and lists the business in the Public Business Trust Registry.
- Step 5
Verification, renewal, and Silver/Gold progression
Clients verify the credential from the badge or registry listing. Bronze renews annually. Silver and Gold are earned over time through Alliance Partner attestation with evidence, or through independent third-party verification.
The Legacy Core ecosystem
Credentialing is step two. Implementation is where partners help.
After the Trust Audit and credential review, vetted Alliance Partners help businesses implement the services that close remaining gaps.
- Step 1
Understand your risks
Start with the non-technical Trust Audit. See where your business stands across passwords, phishing, devices, data protection, and incident preparedness — before you buy anything.
Start the Free Trust Audit - Step 2
Earn a verifiable credential
Complete the credentialing pathway, pass Legacy Core review, and receive a Trust Badge listed in the Public Business Trust Registry — something clients can verify in seconds.
Get credentialed - Step 3
Choose a vetted Alliance Partner
Select from the Alliance Partner Directory: established MSSPs, cyber insurance advisers, CPAs, and service providers vetted by Legacy Core — not a random vendor list.
See partners - Step 4
Implement the right services
Because the assessment and credential made the gaps visible, implementation conversations start with context — not fear-based upselling. Partners deliver MSSP, insurance, and advisory work that matches real readiness needs.
- Step 5
Grow the ecosystem together
Alliance Partners earn referral compensation for businesses they introduce and support. Businesses progress toward Silver and Gold with partner attestation when evidence exists — building community trust infrastructure, not one-off transactions.
Partner with us
Vetted Alliance Partners
Established businesses that implement — not generic lead lists.
Legacy Core is a credentialing authority, not an MSP. After credentialing, businesses work with partners who already serve professional services firms — with referral compensation for partners who introduce and support credentialed clients.
Partners are reviewed before directory listing. Attestation without evidence is never accepted. Self-attestation by businesses is never accepted.
- MSSPs & managed security providers
- Cyber insurance & commercial risk advisers
- CPAs, bookkeepers & business advisers
- Chambers & professional associations
Frequently asked questions
Do I need the Trust Audit first?
You can pursue Bronze credentialing directly, but the Trust Audit is the recommended starting point. It helps a business understand everyday cybersecurity gaps before Trust Badge review — and before working with an Alliance Partner on implementation.
What happens after I earn Bronze?
Credentialed businesses appear in the Public Business Trust Registry and may choose a vetted Alliance Partner from the directory for MSSP, cyber insurance, or advisory support. Partners help implement services with shared context from the assessment and credential pathway.
How long does the credentialing pathway take?
Many businesses complete the pathway and pass review in two to six weeks, depending on how quickly they can provide the readiness artifacts needed for review. There is no fixed deadline — work through it at your own pace.
What happens if my readiness review needs more work?
Legacy Core returns specific feedback on gaps and suggested steps to address them. You revise and resubmit. There is no penalty for needing a second pass.
How is this different from a class?
Legacy Core is a credentialing pathway. The pathway content is structured around what a credential review actually evaluates — readiness artifacts, documented practices, and verifiable signals — rather than around lessons or modules to complete before earning the credential.
How do I earn Silver or Gold?
Silver and Gold are earned outcomes — never sold direct. There are two paths to either tier: free with an Alliance Partner attestation backed by supporting evidence, or via independent third-party verification by a CISSP-credentialed reviewer or qualified MSSP.
What appears in the public registry?
Only public-safe fields: business name, tier, credential status, area served, issue date and renewal date (if approved for public display), and the verification slug. Owner contact information, payment data, internal notes, and review history are never displayed publicly.
What if I let my credential lapse?
A lapsed credential shifts to "Expired" status in the registry. Verification pages continue to load, but the badge is no longer valid. You can resume the credentialing pathway and renew the credential to return to good standing.
See the pathway from the inside.
Start with a free Trust Audit, then follow the pathway to a credential your clients can verify.