Website Assurance · a Sentinel GreenLight™ track

Your website, independently verified.

Website Assurance extends Sentinel GreenLight from apps to websites and web applications. We assess what is actually at risk — how your site uses AI, how it handles data and consent, and whether it is accessible and legally defensible — then hand back a plain-English, prioritized report anchored to recognized standards. Not raw scan output. Not a marketing opinion.

Book a free triage call →

What we evaluate

Three pillars — every finding tied to a standard

Automated scanners and accessibility ‘overlay’ widgets grade or patch the surface. They do not tell you whether your site is private-by-design, secure, and responsible in how it uses AI. That expert judgment is the product.

PILLAR 01

AI on the site

Are users told when they are talking to AI? What data do your chatbots, assistants, and generators send to third-party model services — and on what basis? We review disclosure, output guardrails, and the EU AI Act transparency obligations that bite as use scales. The natural on-ramp to our AI Governance track.

EU AI Act · transparencyDisclosure & guardrails

PILLAR 02

Security, privacy & data

HTTPS/HSTS, certificate validity, sensible security headers, exposed secrets in client code, and outdated, known-vulnerable components (OWASP). Cookie and consent under GDPR & CCPA — and whether the choice is actually honoured — plus a full tracker and third-party script inventory and a pre-consent tag-firing check.

OWASP · GDPR · CCPAPosture & consent integrity

PILLAR 03

Accessibility & trust

Conformance against WCAG 2.1 / 2.2 AA, aligned to EN 301 549 (the EU Accessibility Act standard) and U.S. ADA expectations — tested manually with real assistive technology, not a scan alone. Plus an honest read on any overlay widget in use, and the transparency signals buyers and regulators look for.

WCAG 2.2 AA · EN 301 549Tested with real AT

The deliverable

A report you can act on — and defend

Identical in shape to our App Assurance report, so the practice stays coherent.

Plain-English verdict

One overall readiness verdict, written for a decision-maker — not a 200-page scan dump.

Findings by severity

Every finding scored must-fix, recommended, or future — each tied to a named standard and a specific fix.

Prioritized action list

What to change, in what order, so your team knows exactly where to start.

Read-out & re-check

A short read-out call, plus an optional re-check of your fixes before launch.

Kept deliberately tight

What a standard review is — and isn’t

Discipline protects both your brand and a fixed price. A standard Website Assurance review flags exposure and prioritizes it; it is not a CREST-grade penetration test, not a signed conformance audit, and not design or remediation labour. We diagnose and prioritize — fixing is a separate engagement, and where something sits outside our scope, we say so up front and refer you on.

When you need more

The Conformance Audit tier

When a result has to stand up to scrutiny — an active demand letter, a procurement RFP that requires a VPAT, or a board that wants documented defensibility — the standard review is not enough. The Conformance Audit is a separate, premium engagement built for exactly that.

PREMIUM TIER

A signed VPAT / ACR, behind a named reviewer

On top of the standard review: evaluation to the W3C WCAG-EM methodology across a defined, representative page sample; manual testing with real assistive technology (screen readers, keyboard-only, zoom); a signed Accessibility Conformance Report mapping each WCAG 2.1 / 2.2 AA success criterion to Supports, Partially Supports, or Does Not Support, with evidence; a named, qualified reviewer who stands behind the findings and can support expert testimony; coordination with your legal counsel, who owns the legal determination; and a remediation plan with an optional re-audit.

Why now

The risk has already arrived

EU ACCESSIBILITY ACT

In force since 28 June 2025

Existing services have until 28 June 2030. Penalties can reach €100,000 or 4% of revenue, depending on the member state.

U.S. ADA LITIGATION

4,000+ digital lawsuits in 2024

About a quarter cited accessibility ‘overlay’ widgets as barriers — not solutions. Buyers need an honest, expert answer.

OVERLAYS ON NOTICE

A $1M FTC fine

The FTC fined a major overlay vendor $1,000,000 for misrepresenting that its tool makes sites WCAG-compliant. That is exactly the false comfort we replace.

Engagement tiers

Three ways in

Buying an accessibility audit, a security review, and a privacy/consent audit separately runs $9,000–$20,000+. Website Assurance bundles all three into one expert, standards-anchored review. Indicative starting points below — final scope and price are confirmed after the free triage call and scale with site size and complexity.

SNAPSHOT

Website Assurance Snapshot

A fast read across all three pillars on a representative set of pages: an overall verdict, your top findings, and a prioritized list. The honest first look.

From $5,000Triage-grade, days not weeks

FULL REVIEW

Full Website Assurance Review

The complete review across AI-on-site, security & privacy, and accessibility — every finding severity-scored and tied to a standard, with a read-out call and an optional re-check of your fixes before launch.

From $12,000All three pillars · full report

CONFORMANCE AUDIT

Conformance Audit

The defensible tier for a demand letter, RFP, or board: WCAG-EM evaluation, manual testing with real assistive technology, a signed VPAT/ACR behind a named reviewer, and coordination with your counsel.

From $15,000Litigation- & RFP-grade

Find out where your site stands.
Free, 30 minutes, no deck.

We walk your site’s AI footprint, data handling, and accessibility posture, flag your likely obligations, and tell you plainly whether and where you need help.

Book the triage call →