With Vanta Trust Reports, admins have the option to create a custom domain to link to and display the organization's Trust Report publicly. Using a custom domain to demonstrate a commitment to security and compliance allows you to:
Satisfy security page requirements for SOC 2
Get organic leads/inquiries from prospects researching your company
Market your status as a secure and trusted vendor
Looking for inspiration? You can view Vanta’s Trust Report in the footer on our homepage or at trust.vanta.com
Create your Custom Domain
In Trust Report settings, click Set up
Enter the desired domain where your report will be hosted
Copy the TXT record displayed into your hosting provider’s DNS settings.
AWS Route 53 Example:
You’ll notice suffix of .datastartup.net is auto-filled by route53.
Add the CNAME record
Submit and wait the new domain to be setup. This can take up to 10 minutes.
The custom domain show now show the public trust report.
CAA Records. A Certificate Authority Authorization (CAA) DNS record specifies which Certificate Authorities (CAs) are allowed to issue certificates for a domain. If your root domain uses CAA records, you'll need to add new records to allow us to issue certificates for the custom domain on your behalf.
# CAA records added by DigiCert 0 issue "digicert.com; cansignhttpexchanges=yes" 0 issuewild "digicert.com; cansignhttpexchanges=yes"
# CAA records added by Sectigo 0 issue "sectigo.com" 0 issuewild "sectigo.com" #
CAA records added by Let's Encrypt 0 issue "letsencrypt.org" 0 issuewild "letsencrypt.org"
# CAA records added by Google Trust Services 0 issue "pki.goog; cansignhttpexchanges=yes" 0 issuewild "pki.goog; cansignhttpexchanges=yes"