How It Works
A credentialing pathway your clients can verify.
Legacy Core™ runs a framework-aligned credentialing pathway — intake, guided readiness content, review, and issuance into a Public Business Trust Registry your clients can check in seconds.
Start here
Understand your risks before you pursue the badge.
The Readiness Assessment is a short, non-technical baseline across everyday cybersecurity practices — passwords, phishing, devices, data protection, and incident preparedness.
Overview
The credentialing pathway in one sentence.
Begin at Bronze, complete the guided pathway content, pass review, get issued a Trust Badge that lives in a verifiable public registry.
A pathway, not a class
The credentialing pathway is structured around the readiness signals professional services clients quietly look for, then translated into the artifacts a credential review can evaluate.
Framework-aligned
The Bronze rubric orients to recognized small business cybersecurity readiness frameworks (NIST CSF, CIS Controls). Aligned with — not pretending to be.
Reviewed, then issued
Every credential is reviewed by Legacy Core before issuance. Self-attestation is never sufficient. The result is a Trust Badge clients can verify.
The pathway
The credentialing pathway, step by step
A clear, framework-aligned path from intake to issued credential and registry listing.
- Step 1
Begin the credentialing pathway
Choose Bronze and begin the credentialing pathway. The intake captures the business profile that will appear in the Public Business Trust Registry once the credential is issued.
- Step 2
Complete the guided pathway content
Work through the credentialing pathway content at your own pace. The pathway orients to recognized small business cybersecurity readiness frameworks (NIST CSF, CIS Controls) and produces the artifacts needed for review.
- Step 3
Quality and eligibility review
Legacy Core reviews the readiness artifacts against the Bronze rubric. If gaps are identified, you receive specific feedback and a path to address them before issuance. Self-attestation is never sufficient.
- Step 4
Trust Badge issuance and registry listing
Once the review is approved, Legacy Core issues the Bronze Trust Badge, generates the verification URL, and lists the business in the Public Business Trust Registry.
- Step 5
Verification, renewal, and Silver/Gold progression
Clients verify the credential from the badge or registry listing. Bronze renews annually. Silver and Gold are earned over time through Alliance Partner attestation with evidence, or through independent third-party verification.
The Legacy Core ecosystem
Credentialing is step two. Implementation is where partners help.
After the Readiness Assessment and Trust Badge review, vetted Alliance Partners help businesses implement the services that close remaining gaps.
- Step 1
Understand your risks
Start with the non-technical Readiness Assessment. See where your business stands across passwords, phishing, devices, data protection, and incident preparedness — before you buy anything.
Take the assessment - Step 2
Earn a verifiable credential
Complete the credentialing pathway, pass Legacy Core review, and receive a Trust Badge listed in the Public Business Trust Registry — something clients can verify in seconds.
Get credentialed - Step 3
Choose a vetted Alliance Partner
Select from the Alliance Partner Directory: established MSSPs, cyber insurance advisers, CPAs, and service providers vetted by Legacy Core — not a random vendor list.
See partners - Step 4
Implement the right services
Because the assessment and credential made the gaps visible, implementation conversations start with context — not fear-based upselling. Partners deliver MSSP, insurance, and advisory work that matches real readiness needs.
- Step 5
Grow the ecosystem together
Alliance Partners earn referral compensation for businesses they introduce and support. Businesses progress toward Silver and Gold with partner attestation when evidence exists — building community trust infrastructure, not one-off transactions.
Partner with us
Vetted Alliance Partners
Established businesses that implement — not generic lead lists.
Legacy Core is a credentialing platform, not an MSP. After credentialing, businesses work with partners who already serve professional services firms — with referral compensation for partners who introduce and support credentialed clients.
Partners are reviewed before directory listing. Attestation without evidence is never accepted. Self-attestation by businesses is never accepted.
- MSSPs & managed security providers
- Cyber insurance & commercial risk advisers
- CPAs, bookkeepers & business advisers
- Chambers & professional associations
Frequently asked questions
Do I need the Readiness Assessment first?
You can pursue Bronze credentialing directly, but the Readiness Assessment is the recommended starting point. It helps a business understand everyday cybersecurity gaps before Trust Badge review — and before working with an Alliance Partner on implementation.
What happens after I earn Bronze?
Credentialed businesses appear in the Public Business Trust Registry and may choose a vetted Alliance Partner from the directory for MSSP, cyber insurance, or advisory support. Partners help implement services with shared context from the assessment and credential pathway.
How long does the credentialing pathway take?
Most businesses complete the pathway and pass review in two to six weeks, depending on how quickly the business can produce the required readiness artifacts. There is no fixed deadline — work through it at your own pace.
What happens if my readiness review needs more work?
Legacy Core returns specific feedback on the gaps and the steps required to close them. You revise and resubmit. There is no penalty for needing a second pass.
How is this different from a class?
Legacy Core is a credentialing pathway. The pathway content is structured around what a credential review actually evaluates — readiness artifacts, documented practices, and verifiable signals — rather than around lessons or modules to complete before earning the credential.
How do I earn Silver or Gold?
Silver and Gold are earned outcomes — never sold direct. There are two paths to either tier: free with an Alliance Partner attestation backed by supporting evidence, or via independent third-party verification by a CISSP-credentialed reviewer or qualified MSSP.
What appears in the public registry?
Only public-safe fields: business name, tier, credential status, area served, issue date and renewal date (if approved for public display), and the verification slug. Owner contact information, payment data, internal notes, and review history are never displayed publicly.
What if I let my credential lapse?
A lapsed credential shifts to "Expired" status in the registry. Verification pages continue to load, but the badge is no longer valid. You can resume the credentialing pathway and renew the credential to return to good standing.
See the pathway from the inside.
Start with Bronze and earn the credential your clients can verify. Renew annually as you mature toward Silver and Gold.