TAC Security Google CASA Partner
Cloud Application Security Assessment

Be confident of your security posture with Cloud Application Security Assessment (CASA) based on the OWASP Application Security Verification Standard (ASVS), the standard for CASA. TAC Security is App Defense Alliance Authorized Lab that can help you secure and verify your organization’s security levels quickly and efficiently by guiding you through each step of the process.

Why do I need this?

An app written for Google Store can declare Google CASA Security in its Data Security Section, leading to a higher level of user trust. 

Why TAC Security for your CASA Needs?

TAC Security is a verified third party assessor for multiple programs for Google with the association being over
a year old, enabling us to provide you deeper insights and step by step support through the process.

1.Fastest Turn Around Time with 100% Success Rate 

2.An Approved ADA Lab

3.Step-by-step guidance through the process

Tiering  for the Developers

Tier 1
Self – Assessment

This phase is a self assessment for the developers that is not attested by any of the Google approved labs. It helps the developer assess if their application is ready for CASA assessment 

Tier 2
Functional Assessment

In this phase, the developers scan their applications using Google CASA approved tools and provide the reports to an ADA approved lab to validate the reports.

Tier 3 –
Comprehensive Assessment

During this phase, a TAC Security an ADA Approved Lab will test and validate all the Google CASA requirements.

How would the process work in Tier 3?

1.Google will send the developer a notification via email indicating they are in scope for tier 3

2.The developer selects an TAC Security Authorized Assessor and signs an SOW with the assessor to initiate the process and pay for the assessment.  

3.Developers have valid certifications mapped in the Google CASA accelerator, they can provide them for the lab to validate (independently audited and unexpired), All cleared checks on the accelerator for that specific certification can be skipped during the assessment. 

4.The assessor will conduct the assessment and flag any failed requirements to be remediated.

5.The developer must fix all high CWEs during the initial assessment. 

6.The assessor validates that CWEs are remediated and submits a letter of validation to Google. 

Why TAC Security?

TAC Security is a Global Leader in Risk and Vulnerability Management with a 100% success rate for all its Google Security Assessments. 

Vast Expertise 
Our experience across industries and geographies helps us understand every cybersecurity requirement and allows us to tailor every project. 

Undivided Attention
With a vast team size and quick turnaround time, we aim and ensure we can focus on each project in-depth and tend to produce the highest quality results

Accurate Guidance
Attention to detail helps us ease the process for you marginally as it reduces your time investment on details we already can point out and help you improve.

Know more about the App Defense Alliance and the Google CASA program.