sitetrust.com

What It Is

SiteTrust positions itself as an “AI Disclosure Certification” standard. Its core offering is not a traditional cybersecurity product, but trust infrastructure around how companies publicly disclose, independently verify, and register their use of AI. Once certified, companies can receive a SiteTrust Certified badge, a structured AI policy, and a public registry listing. Visitors can click the badge to view certification details, a disclosure summary, and the most recent review date.

Core Capabilities and Deployment

In terms of protection type, SiteTrust is closer to a trust mark, AI governance proof, and disclosure certification than to attack-defense tools such as WAF, EDR, or vulnerability scanning. Deployment is lightweight: after certification, users obtain a unique iframe code from the dashboard and embed it in the website footer. The badge displays certification status in real time through a secure iframe; if the certification expires or is revoked, the status updates automatically. It also includes a built-in lightbox pop-up. Integration options include websites, subdomains, customer portals, applications, landing pages, email signatures, and document watermarks.

Compliance, Management, and Pricing

The materials mention the EU AI Act and AI disclosure laws in some U.S. states. At the Audit tier, SiteTrust provides compliance-readiness reports, governance and compliance assessments, audit certificates, and related materials. However, it does not disclose SiteTrust’s own security certifications or privacy compliance credentials. For management, the dashboard shows certification tier, status, expiration date, and badge code, but no alerting capabilities are described. Pricing is transparent: Disclose costs US$1,500/year, Verify costs US$3,000/year, and Audit costs US$6,000/year, with monthly payment available for all plans. Enterprise pricing is custom.

Pros, Cons, and Who It’s For

The advantages are clear certification outputs, public verifiability, simple embedding, and a tiered structure covering self-disclosure, independent verification, and full audit. The downside is that its security value is mainly about “trust and compliance presentation”; it cannot replace actual AI security assessments, data security controls, or network protection. The trust and conversion-rate improvement figures used in its marketing also do not include a disclosed verification methodology. SiteTrust is suitable for SaaS companies, content platforms, customer service automation providers, marketing technology vendors, and other businesses that already use AI and need to demonstrate transparency to customers, partners, or regulators.

China Access and Alternatives

The crawled content does not provide information on access from mainland China, RMB payment, invoices, or local support, so china_access can only be assessed as unknown. Companies operating in China must also consider the Interim Measures for the Management of Generative AI Services, algorithm filing requirements, data export rules, and personal information protection obligations. SiteTrust can only serve as a supplementary disclosure mark; it cannot replace local compliance assessments, MLPS compliance, data security work, or AI governance consulting services.