Run realistic phishing simulations using a library of up-to-date attack templates — CEO fraud, invoice scams, IT helpdesk, credential harvesting, and smishing. Campaigns are personalised per employee using their name, department, and role.
When an employee clicks a phishing link, they're immediately redirected to a targeted training module explaining what they missed and why. Training adapts to each employee's specific failure pattern — not generic compliance videos.
Every employee gets a Human Risk Score based on simulation performance, training completion, and reporting behaviour. CISOs get a clear view of the riskiest employees, departments, and locations at a glance.
Access training modules covering phishing, password hygiene, social engineering, ransomware, data handling, and insider threats. Content is available in English, Hindi, Tamil, Telugu, and other regional languages.
One-click phishing report button for Outlook, Gmail, and mobile. Employees who correctly report simulations earn points and recognition — creating a positive security culture rather than a blame culture.
Generate security awareness compliance reports for ISO 27001, DPDP Act, RBI IT Framework, and SEBI CSCRF — with click rates, training completion rates, and improvement trends over time.
Sync employees from Active Directory, Google Workspace, or Okta in minutes. Gordon automatically groups employees by department, role, and location for targeted campaign design.
Select from 50+ phishing templates or create custom ones. Gordon schedules campaigns automatically, randomises send times to avoid detection, and tracks every click, credential submission, and report.
Employees who fail receive an immediate, personalised training module. Gordon tracks completion, sends reminders, and escalates to managers if training is not completed within the SLA.
Monitor click rates, training completion, and risk scores over time. Generate compliance reports for your board, auditors, and regulators — showing measurable improvement in human risk posture.
A private bank with 3,200 employees needed to demonstrate security awareness training for RBI's IT Framework. Their existing annual training had 34% click rates on simulations.
After 90 days of Gordon's adaptive simulations, click rates dropped to 6%. RBI inspection passed with zero findings on awareness training. Board received monthly risk score dashboards.
An IT services firm had suffered two Business Email Compromise (BEC) incidents in 12 months, losing ₹48 lakhs. Their finance team was the highest-risk group.
Gordon ran targeted CEO-fraud simulations for the finance team. After 6 weeks, the team's risk score improved from 28 to 81. Zero BEC incidents in the 18 months since deployment.
A hospital chain needed to train 1,800 staff on data protection under India's DPDP Act — including doctors, nurses, and administrative staff with varying levels of tech literacy.
Gordon delivered role-specific training in Hindi and English, with 5-minute modules designed for non-technical staff. 94% completion rate in 30 days. Full DPDP training documentation generated automatically.
Choose the plan that fits your team. Security Awareness features are highlighted below — scroll down to see the full platform included in every plan.
| Features | Free | Startup | Enterprise | Custom |
|---|---|---|---|---|
| ▶Overview(3 features) | ||||
| Gordon AI Credits (monthly) | 50 credits | 500 credits | 2,500 credits | Custom allocation |
| Dashboard | ✓ | ✓ | ✓ | ✓ |
| Account (User) Limit | 1 account | Up to 5 | Up to 20 | Unlimited |
| ▶Assess(7 features) | ||||
| Security Checklist (60-point) | Strong & Standard only | Dynamic + Analytics | Dynamic Checklist | ✓ |
| VAPT (Vulnerability Assessment) | — | — | 5 API + 10 Dynamic Pages | Custom |
| Third Party Risk | — | — | 3 vendors | Unlimited |
| Financial Impact — Risk Quantification | — | — | ✓ | ✓ |
| Financial Impact — Security ROI | — | — | ✓ | ✓ |
| Security Awareness (Phishing Sim + Training) | 5 Campaigns | 10 Campaigns | ✓ | ✓ |
| Cyber Force | — | — | On Demand | On Demand |
All other platform modules included | ||||
| ▶Identify(8 features)Other modules | ||||
| Monitored Domains | 1 | 5 | 20 | Unlimited |
| Monitored IPs | 5 | 50 | 500 | Unlimited |
| Monitored Web Apps | 1 | 5 | 20 | Unlimited |
| Tech & Services | ✓ | ✓ | ✓ | ✓ |
| Phishing Risk (Lookalike Domain + Email Security) | — | ✓ | ✓ | ✓ |
| Code Workspace (GitHub, GitLab, Bitbucket) | — | — | 2 Workspaces | Custom |
| Cloud Security Compliance | — | — | Single Cloud (3 instances) | Multi Cloud (10+) |
| Workforce Risk Monitoring | — | ✓ | ✓ | ✓ |
| ▶Monitor (SOC & Threat)(10 features)Other modules | ||||
| SOC Overview | — | — | 5 SOC Reports | ✓ |
| Alert Triage | — | — | 5,000 alerts/mo | Unlimited |
| Investigation | — | 50 investigations | Unlimited | ✓ |
| Threat Hunting | — | 1 exercise | Custom | Custom |
| Auto Response | — | — | ✓ | ✓ |
| Risk Monitoring | — | 5 Category dashboards | ✓ | ✓ |
| Threat Intelligence (Threats, IOCs, Campaigns) | — | 10 threats, 5 IOCs, 2 campaigns | Unlimited | Custom |
| Alert Center | — | ✓ | ✓ | ✓ |
| Brand Intelligence (Monitoring + Takedown) | 50 notifications | 1 Company monitoring | Full + Takedown | Full + Custom feeds |
| Dark Web Monitoring | Credential & Org Leaks | Industry + APT + Recent leaks | ✓ | ✓ |
| ▶Risk Transfer(2 features)Other modules | ||||
| Cyber Insurance | — | ✓ | ✓ | ✓ |
| Incident Hotline (24/7) | — | — | ✓ | ✓ |
| ▶Compliance (GRC)(2 features)Other modules | ||||
| GRC Module | 1 Policy creation | 1 framework | 3 frameworks | All + Custom |
| Unlimited Policy Generation | — | ✓ | ✓ | ✓ |
| ▶Extras & Integrations(3 features)Other modules | ||||
| Integrations | ✓ | 3 active | 15 active | All 26+ & Custom API |
| Marketplace | ✓ | ✓ | ✓ | ✓ |
| Credit Add-on Packs | — | ✓ | ✓ | ✓ |
| ▶Support & SLA(4 features)Other modules | ||||
| Support Channel | Docs only | Email (48h SLA) | Hotline + CSM (8h SLA) | 24/7 Engineer (1h SLA) |
| Dedicated Security Engineer | — | — | — | ✓ |
| White-label / MSSP | — | — | — | ✓ |
| API Access | — | — | — | ✓ |
All plans include a 15-day free trial — no credit card required.
91% of breaches start with a human. Make sure yours are trained, tested, and ready. Start a free phishing simulation today.
