SAAS Security
Module B — SaaS / Multi-Tenant Platform Security Certification
“ISO/IEC 17065-accredited third-party certification for multi-tenant SaaS platforms — where multiple customer organisations share one application instance and tenant isolation is the assurance question your buyers are asking. Module B extends the OWASP ASVS evaluation of Module A and adds tenant-aware evaluation of identity federation, data segregation, key management, audit log integrity, subscription lifecycle and platform operations.”
What Module B Is For
Built for the SaaS Tenant-Isolation Question
Module B of Guardian SecureApp™ is the right module when your product is a multi-tenant SaaS platform — a single application instance that serves multiple customer organisations, with logical isolation between their data, identities, configurations and workloads. The certification is granted under ISO/IEC 17065:2012 and is issued by Guardian Assessment Pvt. Ltd., a Conformity Assessment Body accredited by United Accreditation Foundation (UAF) under accreditation number 52605385601 (IAF Scope Code 33, valid until 05 May 2030).
Module B exists because the assurance question for a SaaS platform is fundamentally different from the assurance question for a single-tenant web application. A traditional web app asks: is the application itself secure? A multi-tenant SaaS platform asks two questions in parallel: is the application itself secure (the Module A question), and — critically — can one tenant’s actions, accidentally or maliciously, reach, modify, observe or aggregate another tenant’s data, identities or workloads? The second question is what Module B is built to answer with documentary, accredited evidence.
This question is no longer optional in B2B SaaS. Enterprise buyers, regulated entities and increasingly even mid-market customers now embed tenant-isolation evidence requirements directly into their procurement processes. SOC 2 Type 2 reports speak partially to it through some Trust Services Criteria; ISO/IEC 27001 speaks to organisational management of information security; neither is a product-level attestation that the multi-tenant platform itself has been independently evaluated for tenant isolation against a published certification scheme. Module B fills that gap. The certificate is issued for a named SaaS product, at a named version, and is publicly verifiable in the directory at /directory.
Core Question
Can One Tenant Affect Another?
Strip away the technical sophistication and the Module B assurance question is plain: can one tenant of this platform — accidentally or by deliberate adversarial action — reach, modify, observe, aggregate or otherwise affect another tenant’s data, identities, configuration or workloads, beyond the platform’s documented design? An accredited Module B certificate is the body of independent evidence that the answer, against defined certification criteria, is no — at the named assurance level.
Why this matters in practice: every customer organisation onboarding a multi-tenant SaaS product is implicitly trusting the provider that other customers — including, in worst-case threat models, sophisticated adversaries who happen to be paying customers — cannot escape their own tenancy boundary and reach into the customer’s data. That trust is well-placed in mature platforms; but until the trust is independently verified by a third-party certification, it is asserted by the vendor and accepted by the buyer. Module B converts the assertion into independently-verifiable evidence.
Threats Module B explicitly evaluates against include: cross-tenant Insecure Direct Object Reference (IDOR) and Broken Object Level Authorisation (BOLA) attacks; horizontal and vertical privilege escalation across tenant boundaries; tenant-aware injection attacks; identity confusion at federated login; misconfigured row-level security or schema-per-tenant boundary failures; key-material reuse across tenants where customer-managed keys are claimed; audit log tampering or cross-tenant log leakage; and subscription-lifecycle gaps that leave residual access after offboarding. The full evaluation set is documented in GSA-PR-01.
Evaluation
Module B = Module A + Tenant-Aware Evaluation
Module B is not a replacement for Module A — it extends it. Every multi-tenant SaaS platform is, at its base, a web application; the OWASP ASVS controls evaluated under Module A apply equally to a SaaS platform. What Module B adds is a second evaluation layer specifically engineered around the multi-tenant architecture, applied on top of the Module A baseline. In practice, a Module B engagement encompasses a Module A evaluation plus the tenant-aware evaluation areas listed in Section 3.4 below.
This composition is reflected in scoping and pricing. A Module B certificate covers the underlying web application of the platform (the Module A scope) plus the tenant-isolation and platform-level controls. Where an applicant has separate certifiable products — a customer-facing SaaS web app and a public partner-integration API, for example — Module B may combine with Module C on a single certificate. Module C separately addresses API surface; if your SaaS exposes both a web UI and APIs, Modules B and C together produce the complete certified surface.
| Aspect | Module A Web App | Module B SaaS / Multi-Tenant |
|---|---|---|
| Product type | Web application, single tenant or non-shared. | Multi-tenant SaaS platform serving multiple customer organisations. |
| Primary technical standard | OWASP ASVS + OWASP Top 10. | OWASP ASVS + OWASP Top 10 + tenant-aware evaluation set. |
| Tenant isolation evaluation | Not in scope. | Central, with six dedicated evaluation areas. |
| Identity federation evaluation | Single-org IdP integration. | Multi-org IdP integration with cross-tenant boundary verification. |
| Data segregation evaluation | Application-level data protection. | Tenant-level segregation including database, storage, cache, and queues. |
| Key management evaluation | Application-wide keys. | Per-tenant keys, BYOK / customer-managed keys, and HSM integration. |
| Subscription lifecycle evaluation | Not typically applicable. | Onboarding, suspension, downgrade, offboarding, and data deletion. |
The Six Tenant
The Six Areas Module B Adds On Top of OWASP ASVS
The tenant-aware evaluation that Module B adds on top of Module A is organised into six areas. Each area maps to a defined set of controls in GSA-PR-01, with depth scaling by assurance level. The list is not exhaustive — the scheme document is — but it captures every dimension that buyer due diligence and regulator scrutiny commonly reach for.
Area 1 — Tenant Identity and Authorisation Boundary
Evaluation of how the platform identifies tenants and enforces the tenant boundary on every authorisation decision. Includes: tenant context propagation from authentication through every backend service; defence against tenant-id manipulation in URLs, request bodies, headers and tokens (tenant-aware BOLA and IDOR); session and token isolation; multi-org SSO / federated identity; SCIM provisioning hygiene; service-principal and machine-identity isolation. At Level 3, includes adversarial testing of cross-tenant authorisation paths, including misconfigured shared services that may bypass the tenant boundary.
Area 2 — Data Segregation Across Tenants
Evaluation of how tenant data is segregated at every storage layer. Includes: database segregation strategy (database-per-tenant, schema-per-tenant, shared-schema-with-row-level-security) and verification that the chosen strategy is correctly enforced in code, ORM usage, migrations and ad-hoc queries; object storage path segregation; cache key segregation (a leading source of cross-tenant leakage); message queue and event stream segregation; backup segregation; analytics and reporting data-mart segregation. At Level 3, includes targeted testing of data segregation under unusual conditions — failover, disaster recovery, restore-from-backup, multi-region replication.
Area 3 — Key Management and Cryptography
Evaluation of key management at the tenant granularity. Includes: per-tenant key derivation or per-tenant KMS keys; customer-managed keys (BYOK) integration where claimed by the platform, including the integrity of the key-revocation pathway; HSM integration where claimed; key-rotation discipline; secrets management isolation between tenants; signing-key isolation for tenant-issued tokens. At Level 3, includes cryptographic agility review and verification that key-material reuse cannot occur across tenants.
Area 4 — Audit Log Integrity and Cross-Tenant Logging
Evaluation of audit logging at the tenant granularity. Includes: tenant-aware audit log generation for security-relevant events; isolation of one tenant’s audit logs from another’s view; integrity controls preventing tampering, deletion or backdating; export controls so a tenant cannot exfiltrate another tenant’s audit data through the audit-export feature; SIEM integration hygiene; retention and archival per tenant policy. At Level 3, includes verification that the platform’s own operational logging does not leak tenant-correlated data to operators in ways that bypass documented operational privacy controls.
Area 5 — Subscription Lifecycle and Tenant Onboarding / Offboarding
Evaluation of the security of subscription-lifecycle transitions. Includes: tenant-onboarding security (initial provisioning, default permissions, default integrations); subscription downgrade or feature-removal effects on access controls; tenant suspension semantics (does suspended-tenant data remain isolated and inaccessible?); tenant offboarding and data deletion (does the contractual data-deletion clock actually run, and is the deletion verifiable?); residual-access prevention (orphan API keys, OAuth grants, integrations after offboarding). At Level 3, includes targeted testing of edge cases — partial offboarding, billing-failure offboarding, regulatory-compelled offboarding.
Area 6 — Platform Operations and Operator Access
Evaluation of how platform operators (the SaaS provider’s own engineering and support teams) access the platform, and the boundary between operator access and tenant data. Includes: privileged-access management for platform operators; just-in-time access workflows; break-glass procedures; operator-action audit logging; customer-impersonation features (and their auditability where they exist); production access discipline; CI/CD access boundaries. This area is increasingly scrutinised by enterprise buyers concerned about insider risk and supply-chain compromise of the SaaS provider.
Responsibility
Where Your Responsibility Ends and the Cloud Provider’s Begins
Cloud-native SaaS platforms operate under the shared responsibility model: some security controls are the responsibility of the cloud provider (AWS, Azure, GCP, or any other IaaS / PaaS host), and some are the responsibility of the SaaS provider operating on top. Module B is engineered around this model. The evaluation focuses on what the SaaS provider is responsible for; the cloud provider’s underlying controls are out of scope and are governed by the cloud provider’s own attestations, which we reference but do not re-evaluate.
| Cloud Provider Responsibility Out of Scope | SaaS Provider Responsibility In Module B Scope |
|---|---|
Physical security of data centres, hardware, and hypervisor. | Configuration of cloud services, including IAM, networking, and encryption settings. |
Underlying network infrastructure of the cloud platform. | Tenant-aware application logic and authorisation. |
Cloud-provider-managed services’ inherent security, such as the security of the database engine itself where a managed database is used. | How those managed services are used, including database access controls, schema design, query patterns, and encryption configuration. |
KMS / HSM service availability and primitive integrity. | Key management strategy, per-tenant keys, BYOK integration logic. |
Container runtime / serverless platform security primitives. | Container image hygiene, namespace isolation, network policies, and service-mesh configuration. |
Module B does not — and cannot — replace the cloud provider’s own attestations. What it does is independently evaluate the SaaS provider’s controls within the boundary the cloud provider’s attestation defines. Buyer due diligence that requires both layers of assurance is satisfied by combining the cloud provider’s attestation (e.g., AWS SOC 2) with a Module B certificate.
Levels
Level Selection for Module B
All three Guardian SecureApp™ levels are available under Module B. Level selection follows the same logic as Module A — match evaluation depth to risk — but the typical level distribution is shifted upward: most B2B SaaS platforms serving regulated buyers default to Level 2 or Level 3, because the buyers themselves expect that depth as the cost of entry. Level 1 Module B engagements are typically internal-only multi-tenant platforms or low-criticality external products.
| Aspect | Level 1 Basic | Level 2 Advanced | Level 3 High-Risk / Critical |
|---|---|---|---|
Tenant boundary evaluation | Configuration review + targeted testing. | Comprehensive testing across all six areas. | Adversarial / threat-led across all six areas. |
Cross-tenant attack scenarios | Limited. | Standard set. | Extensive, including abuse-case and chained-attack scenarios. |
Source code review | Not mandatory. | Sample-based on tenant-context propagation. | Comprehensive. |
Identity federation testing | Single-IdP scenario. | Multi-IdP scenarios + SCIM. | Multi-IdP + edge cases, including lazy provisioning and IdP-to-IdP migrations. |
Operator access review | Documented. | Documented + verified. | Verified through observation + logs. |
Indicative Starting Fee* | USD 2,000 onwards | USD 4,000 onwards | USD 7,000 onwards |
Typical Timeline | 4–7 weeks. | 8–12 weeks. | 12–18 weeks. |
*Indicative starting fees apply to small organisations certifying a single, low-complexity SaaS product on a single technology stack in a single environment, under Module B only. Final fees depend on tenant-architecture complexity, codebase size, evaluation man-days and complexity. Fees do not influence the certification decision (ISO/IEC 17065 Clause 4.2 — impartiality requirement).
Detailed Level pages: /levels/level-1-basic, /levels/level-2-advanced, /levels/level-3-critical.
Evaluation
How We Evaluate a Multi-Tenant Platform
Module B evaluation is documented in GSA-PR-01 and applied uniformly across applicants at the same level. The methodology blends documentation review (Stage 1) with technical evaluation (Stage 2). Below is the structure of evaluation activities under Module B; everything in Module A’s methodology applies, plus tenant-aware additions.
Documentation Review
Stage 1 tenant-aware additions: in addition to the Module A Stage 1 review, Stage 1 for Module B reviews the multi-tenant architecture diagram with explicit tenant boundary annotation; tenant-isolation strategy documentation, including database segregation strategy, key management strategy, and identity model; shared responsibility documentation between Guardian’s applicant and the underlying cloud provider; tenant lifecycle documentation covering onboarding, offboarding, data deletion, and suspension; and operator access policies and procedures.
Technical Evaluation
In addition to the Module A technical evaluation, Stage 2 for Module B includes:
- Tenant-context propagation testing – verifying that tenant context flows from authentication through every backend service consistently.
- Cross-tenant authorisation testing – including IDOR, BOLA, and tenant-id manipulation across the API and UI surface.
- Data-segregation testing – direct verification that tenant A cannot retrieve tenant B’s records through ORM queries, raw SQL queries where applicable, object-storage paths, cache keys, or message queues.
- Identity-federation testing – multi-IdP scenarios, SAML / OIDC implementation hygiene, SCIM provisioning behaviour, and lazy provisioning edge cases.
- Subscription-lifecycle testing – onboarding, suspension, downgrade, offboarding, and data-deletion verification.
- Operator-access review – privileged access management, just-in-time workflows, break-glass procedures, and operator-action audit logging.
- Customer-managed keys verification – where BYOK is claimed, verification of actual integration with the customer’s KMS, key revocation pathway integrity, and key rotation discipline.
Scope
The Boundary of a Module B Certificate
As with Module A, the boundary of a Module B certificate is precise and documented in the Scope Statement. The default scope is broader than Module A — it includes the multi-tenant architecture and platform-level controls — but it is bounded by the same principle: anything inside the boundary has been evaluated, anything outside has not.
| In Scope Typically | Out of Scope Unless Explicitly Added |
|---|---|
The multi-tenant SaaS application code, including front-end and application-tier backend. | Underlying cloud platform controls such as AWS, Azure, or GCP, governed by the provider’s own attestations. |
Tenant-isolation logic at every layer, including application, database, storage, cache, and queue. | Customer end-user devices and customer corporate networks, outside the SaaS boundary. |
Identity federation, including SAML, OIDC, SCIM implementation, and multi-IdP configuration. | Third-party Identity Providers themselves, such as Okta, Auth0, or Cognito, governed by their own certifications. |
Key management strategy and per-tenant key implementation. | Customer-side key management infrastructure for BYOK customers, outside the platform boundary. |
Subscription lifecycle, including onboarding, downgrade, offboarding, and data deletion. | Customer-controlled integrations and webhooks consumed by the platform, except as the platform processes their input. |
Operator access controls and audit logging at the platform level. | HR, vetting, and physical-security controls of the SaaS provider organisation. These are management-system concerns, such as ISO/IEC 27001, not Module B. |
Public API surface where it is part of the platform’s customer-facing product. | Standalone API products with their own pricing, customer base, and lifecycle. Module C applies separately. |
Deliverables
What You Receive at the End of a Module B Engagement
On successful completion of a Module B engagement, the following outputs are issued. The structure mirrors Module A; the content reflects the tenant-aware evaluation depth. Each deliverable has a defined audience and retention treatment.
Certificate of Conformity (Public)
Signed, dated, numbered certificate confirming Module B certification of the named SaaS platform at the named version, against the named assurance level. Publicly listed at /directory. Display rights per the Use of Mark Policy.
Scope Statement (Public Summary)
Names the boundary: tenant-isolation strategy in scope, identity federation evaluated, modules and integrations covered, environment evaluated, and any explicit exclusions. The summary is referenced from the public directory; the full Scope Statement sits in the certification record.
Evaluation Report (Confidential — Applicant Only)
Detailed technical report covering scope, methodology, evaluation activities (Module A baseline plus all six tenant-aware areas), findings (with severity, ASVS reference where applicable, GSA-PR-01 control reference), corrective actions taken, and the conclusion. The report is confidential and not disclosed beyond the applicant and Guardian’s certification file.
Findings Report (Issued during Stage 2; Confidential)
Detailed findings with severity, technical detail and references to the relevant control. Findings describe the issue and the relevant control; how the applicant addresses each finding is the applicant’s responsibility, with their own resources or any third party they engage.
Listing in Public Directory
Certificate facts added to /directory immediately on issuance. Status updates (suspension, withdrawal, renewal) reflected in real time.
Mark Usage License
Documented license to use the Guardian SecureApp™ certification mark in respect of the certified product, version and scope, in accordance with UAF-GEN-CAB-02 and the Use of Mark Policy at /marks-policy.
Timeline & Cost
How Long, How Much
Module B engagements are typically longer than Module A engagements at the same level, because the tenant-aware evaluation adds material scope on top of the Module A baseline. The figures below reflect that; they are indicative for small organisations and are scoped at quotation.
Level 1
Basic
$2,000
onwards
Indicative Starting Fee *
Typical Timeline
4–7 weeks
For Internal multi-tenant tools, low-criticality B2B SaaS
Level 2
Advanced
$4,000
onwards
Indicative Starting Fee *
Typical Timeline
8–12 weeks
For B2B SaaS serving enterprise customers, regulated buyers
Level 3
High-Risk / Critical
$7,000
onwards
Indicative Starting Fee *
Typical Timeline
12–18 weeks
For Banking SaaS, healthcare SaaS, identity platforms, payment platforms
*Indicative starting fees apply to small organisations certifying a single, low-complexity SaaS product on a single technology stack in a single environment, under Module B only. Final fees depend on tenant-architecture complexity, codebase size, evaluation man-days and engagement specifics. Quotation on request, valid for 30 days. Fees do not influence the certification decision (ISO/IEC 17065 Clause 4.2 — impartiality requirement).
Comparison
Where Module B Fits Alongside SOC 2 and ISO 27001
B2B SaaS providers serving enterprise customers are routinely asked for SOC 2 reports, ISO/IEC 27001 certificates, and increasingly accredited product-level certifications. These three instruments do different things; mature buyers ask for combinations of them rather than substitutions between them. The framing below clarifies what each one provides, so SaaS providers can position Module B correctly in their sales and procurement conversations.
| Aspect | Module B Guardian SecureApp™ | SOC 2 Type 2 | ISO/IEC 27001 |
|---|---|---|---|
Object of attestation | Specific SaaS product, named and versioned. | Service organisation’s controls relevant to user entities. | Organisation’s Information Security Management System (ISMS). |
Issuing body | ISO/IEC 17065 accredited Product Certification Body. | Licensed CPA firm under AICPA. | ISO/IEC 17021-1 accredited Management System Certification Body. |
Tenant-isolation evaluation | Central, with six dedicated areas. | Partial, through specific Trust Services Criteria. | Indirect, through control objectives. |
Public verifiability | Public directory entry, with certificate number searchable. | Report typically NDA-bound and not publicly listed. | Public registry entry per accreditation body. |
Surveillance | Annual or semi-annual, plus change-driven review. | Annual report period, with a new report each year. | Annual surveillance and 3-year recertification. |
Underlying methodology | OWASP ASVS plus tenant-aware evaluation per GSA-PR-01. | AICPA Trust Services Criteria. | ISO/IEC 27001 Annex A controls. |
Most enterprise SaaS providers ultimately maintain combinations: Module B + SOC 2, Module B + ISO/IEC 27001, or all three. The right combination depends on the buyer base. Banking and healthcare buyers tend to weight tenant-isolation product-level evidence (Module B) most heavily; broad enterprise buyers often want the breadth of SOC 2 in addition; international buyers often want ISO/IEC 27001 organisational assurance as well. Scoping discussion at /quote helps map your buyer base to the appropriate combination.
Frequently Asked Questions
Common Questions, Answered
Module B includes Module A. A Module B engagement evaluates the underlying web application (Module A scope) plus the tenant-aware evaluation areas. If your product is a multi-tenant SaaS platform, you do not need a separate Module A engagement — Module B alone covers both layers and produces a single certificate.
Combine Module B and Module C on a single certificate. Module B covers the multi-tenant platform and customer-facing UI; Module C separately addresses the API surface anchored in the OWASP API Security Top 10. Both modules evaluated together produce a unified certificate covering the full product surface, scoped explicitly in the Scope Statement.
SOC 2 is a Trust Services Criteria-based attestation issued by a CPA firm, addressing the controls of a service organisation. Module B is an ISO/IEC 17065-accredited product certification, evaluating a specific multi-tenant SaaS product against OWASP ASVS plus tenant-aware criteria. SOC 2 is broader in operational scope; Module B is deeper on tenant isolation and is publicly verifiable in a directory. Mature buyers commonly ask for both.
Guardian’s evaluator pool has experience across all common multi-tenant patterns: database-per-tenant, schema-per-tenant, shared-schema-with-row-level-security, container-per-tenant and namespace-per-tenant Kubernetes architectures, sidecar-pattern and shared-service architectures, serverless-with-tenant-context architectures. Module B is architecturally agnostic — what matters is that the chosen strategy is correctly and consistently enforced.
Source code review is sample-based at Level 2 (focused on tenant-context propagation, authorisation enforcement, key management) and comprehensive at Level 3 (covering the in-scope codebase). Level 1 does not require source code access. Code review is conducted via secure remote access in your environment wherever feasible; source code is not retained by Guardian.
No. Cloud provider controls are out of scope under Module B and are governed by the cloud provider’s own attestations (e.g., AWS / Azure / GCP SOC 2 reports). What is in scope is your application’s controls and your configuration of the cloud platform: identity, access control, network configuration of your tenant boundary, data segregation, key management, secrets handling, build and deployment hygiene.
Where the platform claims BYOK, Module B specifically evaluates: the actual integration with the customer’s KMS (not just the documentation); the key-revocation pathway (and what happens to encrypted data when revocation occurs); key-rotation discipline; isolation between BYOK keys of different customers; and behaviour under failure modes (KMS unavailable, key rotation in flight). At Level 3, this includes targeted testing of edge cases that buyer due diligence often probes.
Shared-schema with row-level security (RLS) is one of the harder architectures to enforce correctly, because every query must consistently apply the tenant filter and any escape (raw SQL, ORM bypass, reporting view) is a potential cross-tenant leakage path. We evaluate the discipline directly — code review for query patterns, runtime testing for filter consistency, edge-case testing for corner queries. We do not refuse to certify shared-schema architectures; we do raise the bar on enforcement evidence.
Typical timelines: Level 1 — 4–7 weeks; Level 2 — 8–12 weeks; Level 3 — 12–18 weeks. The largest variable is applicant responsiveness during findings closure. Engagements with prepared documentation, well-architected tenant boundaries and rapid remediation cycles complete faster.
Single-tenant deployments are technically a different product surface — there is no tenant-isolation question to evaluate. They fall more naturally under Module A. If you operate both a multi-tenant SaaS and a single-tenant on-premises / private-cloud edition of the same product, the multi-tenant edition is certified under Module B and the single-tenant edition under Module A — separate certificates with separate Scope Statements.
Yes — within the tenant-aware evaluation. Subscription-lifecycle security (Area 5) covers onboarding, suspension, downgrade, offboarding and data deletion. Billing integrity itself (the correctness of invoicing) is not an application security question and is outside the technical security scope; what we do evaluate is how subscription-state changes propagate through the platform’s authorisation model.
Module B is engineered to address the questions enterprise buyers actually ask in vendor due diligence — particularly around tenant isolation, identity federation and operator access. A publicly-verifiable certificate that maps to those questions reduces back-and-forth in security reviews. Whether it reduces overall procurement cycle time depends on the buyer’s process; in our experience, presenting a Module B certificate at the start of a security review materially shortens the review.
Material changes to tenant-isolation strategy (a re-architecture from shared-schema to schema-per-tenant, for example) require notification to Guardian and may trigger re-evaluation activities outside the routine surveillance cycle. The Certification Agreement requires this notification. Recertification re-evaluates the platform against the current scheme criteria and, where the architecture has changed, the new strategy is re-tested in full.
Yes. Module B engagements are typically conducted remotely under IAF MD 4:2025, particularly at Levels 1 and 2. Some Level 3 engagements may benefit from limited on-site presence (for example, observation of operator workflows in a controlled environment), but the default is remote. The decision is risk-based and is made at scoping.
Where AI / ML features are part of the certified product surface, the evaluation addresses: tenant-isolation of training data and inference data; prevention of cross-tenant model contamination; prompt-injection and data-leakage paths through model inference; access controls on model training and update pipelines. AI / ML evaluation under Module B is part of the broader tenant-aware evaluation; we do not currently issue a separate AI-specific certification, though scheme evolution in this area is on our roadmap.
Critical findings on the tenant boundary must be addressed for certification to be granted. Guardian issues the finding with technical detail and the relevant GSA-PR-01 / OWASP ASVS reference. Remediation is the applicant’s responsibility — Guardian does not provide consulting or fix-support. Guardian re-verifies corrective actions; one round of re-verification is included in the engagement, additional rounds are billed separately. If the platform cannot meet the criteria, the certification is not issued, and there is no record of the failed application in the public directory.
Ready to Get Started?
Apply for Certification
Submit a formal application. Initial response within 5 working days.
Apply NowRequest a Quote
Tell us about your product. Indicative quote within 3 to 5 working days.
Get a QuoteTalk to Our Team
Specific question or regulatory driver to discuss?
Contact Us