Coalfire Certificates: Proof of a Job Well Done

Program Overview

Security professionals work behind the scenes to keep systems and data protected from harm. And most of us don't like to boast about our good work; we prefer to spend our time staying vigilant and getting better every day.

That's why we created the Coalfire Certificate program. You've done the hard work of setting up your controls, and you've engaged Coalfire to test, assess or validate your program. Now, you can let the nation's largest, independent IT governance, risk and compliance (IT GRC) firm speak on your behalf, reassuring the public that the job has been done right.

Which Certificate is Right for You?

Your Coalfire Certificate is a dated and verifiable record of our work together, and you can confidently share it online or in printed form. There are three different certificates:


Declares that you have maintained 'clean' external vulnerability scans using our CoalfireOne℠ scanning services. (Coalfire is an Approved Scanning Vendor). This is often requested by our customers who have eCommerce or other customer facing websites.


Announces that Coalfire has advised and assisted you in your internal controls assessment. This is frequently used by customers that complete self assessments.


Affirms that Coalfire has completed a full assessment, documented our findings and signed off on the audit report, in accordance with industry best practices.

Click here if are interested in learning more about the Coalfire Certificate Program.