Mitigata uses the FAIR methodology to quantify your cyber risk in financial terms — giving you an annualised loss expectancy (ALE) in rupees. Know exactly how much risk you carry before you buy a policy.
Compare cyber insurance policies from 8+ Indian insurers side by side — coverage limits, exclusions, sub-limits, waiting periods, and claim processes. Gordon's AI highlights coverage gaps and recommends the policy that best matches your risk profile.
Mitigata generates a verified security evidence pack — showing your MFA deployment, EDR coverage, backup testing, and other controls — that you submit to insurers to negotiate lower premiums.
Mitigata maps your quantified risk exposure against your current policy coverage — identifying gaps where you are underinsured, including ransomware sub-limits, business interruption waiting periods, and social engineering exclusions.
Mitigata maintains a continuously updated evidence pack — incident logs, security control documentation, and response playbooks — that dramatically speeds up the claims process when you need it most.
90 days before renewal, Mitigata automatically re-runs your risk quantification, compares the market, and generates a renewal recommendation report — so you never overpay or miss coverage improvements.
Gordon connects to your environment and runs a FAIR-based risk quantification — calculating your annualised loss expectancy (ALE) across ransomware, data breach, business interruption, and regulatory fines. You get a financial risk number in rupees, not just a risk score.
Gordon compares policies from 8+ Indian insurers — HDFC Ergo, ICICI Lombard, Tata AIG, Bajaj Allianz, and more — against your specific risk profile. We highlight coverage gaps, sub-limit risks, and exclusions that could leave you exposed at claim time.
Gordon generates a verified security evidence pack from your Gordon platform data — showing insurers your actual security controls. Submit this pack during underwriting to negotiate a lower premium. Average saving: 18% on annual premium.
When an incident occurs, Gordon's claims readiness pack — with pre-built incident documentation, forensic evidence, and response logs — is ready to submit immediately. Gordon customers settle claims 3x faster than the industry average.
A mid-sized NBFC had a ₹10Cr cyber policy they'd renewed for 3 years without review. Gordon's risk quantification revealed their actual ALE was ₹38Cr — a ₹28Cr coverage gap they were completely unaware of.
Gordon's policy comparison found a ₹40Cr policy from a different insurer at only 12% higher premium than their existing ₹10Cr policy. The CISO presented the risk quantification report to the board, who approved the upgrade in one meeting.
A B2B SaaS company was paying ₹42L/year for cyber insurance. When they tried to negotiate a lower premium at renewal, the insurer asked for proof of their security controls — which they couldn't provide in a format the underwriter would accept.
Gordon generated a verified security evidence pack showing 100% MFA deployment, EDR coverage, and monthly backup testing. The insurer accepted the pack and reduced the premium by 18% — saving ₹7.6L annually. The pack took 2 hours to generate.
A manufacturing company suffered a ransomware attack causing ₹4.2Cr in damages. They had a cyber policy, but the claims process was stalled for weeks because they couldn't produce the forensic evidence and incident documentation the insurer required.
Gordon's claims readiness pack — with pre-built incident timeline, forensic logs, and response documentation — was submitted within 24 hours of the attack. The claim was settled in 11 days, versus the industry average of 47 days. ₹3.8Cr recovered.
Choose the plan that fits your team. Upgrade or cancel anytime.
For growing companies up to 100 employees. Core security, GRC, and insurance in one platform.
Start Free TrialFor companies with 100–500 employees. Expanded limits across all modules.
Start Free TrialFor large enterprises 500+ employees. Unlimited scale, dedicated support, and custom SLAs.
Talk to Sales| Features | Free | Startup $1,787/mo |
Mid-Market $3,382/mo |
Enterprise $6,607/mo |
|---|---|---|---|---|
| ▶Attack Surface Monitoring12 scans/year | ||||
| Monitored Assets (Domains, IPs, Mobile Apps) | — | 1 asset | 3 assets | 10 assets |
| Exposed subdomains & open ports | — | ✓ | ✓ | ✓ |
| SSL/TLS certificate health | — | ✓ | ✓ | ✓ |
| DNS anomalies & misconfigurations | — | ✓ | ✓ | ✓ |
| Web technology fingerprinting | — | ✓ | ✓ | ✓ |
| CVE & vulnerability scoring | — | ✓ | ✓ | ✓ |
| Continuous monitoring & alerts | — | ✓ | ✓ | ✓ |
| ▶SOC Monitoring24/7 | ||||
| Monitored Endpoints | — | Upto 100 | Upto 500 | Upto 2,000 |
| AI-powered alert triage | — | ✓ | ✓ | ✓ |
| Kill-chain reconstruction (MITRE ATT&CK) | — | ✓ | ✓ | ✓ |
| Automated response playbooks | — | ✓ | ✓ | ✓ |
| CERT-In 6-hour incident reporting | — | ✓ | ✓ | ✓ |
| Threat intelligence (IOCs, Campaigns) | — | 10 threats, 5 IOCs | 50 threats, 20 IOCs | Unlimited |
| ▶Workforce Risk & Security Awareness | ||||
| Monitored Employees | — | Upto 100 | Upto 500 | Upto 2,000 |
| Email phishing simulation | — | ✓ | ✓ | ✓ |
| Custom phishing templates | — | ✓ | ✓ | ✓ |
| Security awareness training + LMS | — | ✓ | ✓ | ✓ |
| ▶Dark Web Monitoring | ||||
| Monitored Keywords (brand, legal name, vendors) | — | 1 keyword | 1 keyword | 5 keywords |
| Tor forums, paste sites, Telegram channels | — | ✓ | ✓ | ✓ |
| Breach databases & data dumps | — | ✓ | ✓ | ✓ |
| Ransomware & APT group monitoring | — | ✓ | ✓ | ✓ |
| ▶Cloud Security & Billing Monitoring | ||||
| Cloud Instances Monitored | — | 1 instance | 2 instances | 5 instances |
| Misconfiguration detection (CIS 572 benchmark) | — | ✓ | ✓ | ✓ |
| IAM & privilege escalation checks | — | ✓ | ✓ | ✓ |
| S3 / Blob public exposure alerts | — | ✓ | ✓ | ✓ |
| Cloud billing tracking & optimisation | — | ✓ | ✓ | ✓ |
| ▶GRC & ComplianceAudit charges extra | ||||
| Compliance Frameworks | — | 2 frameworks | 4 frameworks | 5 frameworks |
| Automated control mapping | — | ✓ | ✓ | ✓ |
| AI gap assessment & remediation tasks | — | ✓ | ✓ | ✓ |
| Policy & procedure auto-generation | — | ✓ | ✓ | ✓ |
| Risk register automation | — | ✓ | ✓ | ✓ |
| AI-based internal audit & audit-ready reports | — | ✓ | ✓ | ✓ |
| Trust center | — | ✓ | ✓ | ✓ |
| ▶Third Party Risk Management (TPRM) | ||||
| Vendors Monitored | — | 100 vendors | 250 vendors | 1,000 vendors |
| AI security questionnaire dispatch & scoring | — | ✓ | ✓ | ✓ |
| Continuous external surface scan | — | ✓ | ✓ | ✓ |
| Breach & dark web alerts for vendor | — | ✓ | ✓ | ✓ |
| Risk rating (A–F) with trend | — | ✓ | ✓ | ✓ |
| ▶Gordon AI | ||||
| AI Credits / Tokens | — | 500 credits | 1,000 credits | 1,000 credits |
| Auto-generated risk narratives | — | ✓ | ✓ | ✓ |
| One-click remediation playbooks | — | ✓ | ✓ | ✓ |
| Executive summary generation | — | ✓ | ✓ | ✓ |
| AI-assisted questionnaire filling (CRQ) | — | ✓ | ✓ | ✓ |
| Threat intelligence summaries | — | ✓ | ✓ | ✓ |
| ▶Brand Intelligence & Takedowns | ||||
| Brand Assets Monitored | — | 1 asset, 20 keywords | 3 assets, 60 keywords | 5 assets, 100 keywords |
| Fake domain / phishing page / typosquat monitoring | — | ✓ | ✓ | ✓ |
| Reverse imaging / logo detection | — | ✓ | ✓ | ✓ |
| Social media & counterfeit listing monitoring | — | ✓ | ✓ | ✓ |
| Takedowns (Rogue app, DMCA, Phishing pages) | — | 25 takedowns | 100 takedowns | 125 takedowns |
| ▶Consent Manager (DPDPA) | ||||
| Unique Consents (website / mobile app users) | — | 25K consents | 100K consents | 500K consents |
| Granular consent collection & withdrawal | — | ✓ | ✓ | ✓ |
| 15+ platform integrations | — | ✓ | ✓ | ✓ |
| 22 Indian language translation (DPDPA Art. 18) | — | ✓ | ✓ | ✓ |
| Cookie scanner, data deletion & grievance requests | — | ✓ | ✓ | ✓ |
| Google Consent Mode V2 support | — | ✓ | ✓ | ✓ |
All plans include a 15-day free trial — no credit card required.
Get a FAIR-based risk quantification, compare policies from 8+ insurers, and generate your security evidence pack — all in one platform.
