Mitigata SOC Monitoring is purpose-built for organisations that need enterprise-grade security operations without the cost and complexity of building an in-house team.
Real-time monitoring of logs, network traffic, endpoint activity, and cloud environments. AI-powered correlation across your entire environment surfaces genuine threats while eliminating noise and false positives.
Gordon SOC is designed for rapid deployment. No professional services engagement, no months-long implementation.
Deploy Gordon's lightweight agent or connect via API to your existing security stack — SIEM, EDR, cloud providers, network devices, and identity systems. Setup takes under 30 minutes.
Gordon ingests logs, events, and telemetry from across your environment. The AI engine establishes behavioural baselines for users, devices, and network traffic within 72 hours.
Detection rules, ML models, and threat intelligence combine to surface genuine threats. Each alert is automatically triaged, enriched, and scored before reaching your team.
Critical alerts trigger automated investigation workflows that reconstruct the attack chain. Response playbooks execute containment actions — or escalate to human analysts for review.
A regional bank's IT team noticed unusual after-hours activity but had no way to correlate events across their hybrid environment.
Gordon SOC detected reconnaissance activity and lateral movement 4 hours before ransomware would have deployed. Automated isolation of 3 endpoints prevented a potential ₹1.6Cr incident.
A healthcare provider suspected a disgruntled employee was exfiltrating patient data but lacked the forensic capability to investigate.
Gordon's UEBA identified anomalous data access patterns. The investigation workflow built a complete timeline of 6 weeks of activity, providing evidence for HR and legal action.
A compromised third-party JavaScript library introduced malicious code into a retailer's checkout page during peak trading season.
Gordon SOC detected the anomalous script behaviour within 8 minutes. The automated response blocked the malicious domain before any card data was captured.
Choose the plan that fits your team. Upgrade or cancel anytime.
For growing companies up to 100 employees. Core security, GRC, and insurance in one platform.
Start Free TrialFor companies with 100–500 employees. Expanded limits across all modules.
Start Free TrialFor large enterprises 500+ employees. Unlimited scale, dedicated support, and custom SLAs.
Talk to Sales| Features | Free | Startup $1,787/mo |
Mid-Market $3,382/mo |
Enterprise $6,607/mo |
|---|---|---|---|---|
| ▶Attack Surface Monitoring12 scans/year | ||||
| Monitored Assets (Domains, IPs, Mobile Apps) | — | 1 asset | 3 assets | 10 assets |
| Exposed subdomains & open ports | — | ✓ | ✓ | ✓ |
| SSL/TLS certificate health | — | ✓ | ✓ | ✓ |
| DNS anomalies & misconfigurations | — | ✓ | ✓ | ✓ |
| Web technology fingerprinting | — | ✓ | ✓ | ✓ |
| CVE & vulnerability scoring | — | ✓ | ✓ | ✓ |
| Continuous monitoring & alerts | — | ✓ | ✓ | ✓ |
| ▶SOC Monitoring24/7 | ||||
| Monitored Endpoints | — | Upto 100 | Upto 500 | Upto 2,000 |
| AI-powered alert triage | — | ✓ | ✓ | ✓ |
| Kill-chain reconstruction (MITRE ATT&CK) | — | ✓ | ✓ | ✓ |
| Automated response playbooks | — | ✓ | ✓ | ✓ |
| CERT-In 6-hour incident reporting | — | ✓ | ✓ | ✓ |
| Threat intelligence (IOCs, Campaigns) | — | 10 threats, 5 IOCs | 50 threats, 20 IOCs | Unlimited |
| ▶Workforce Risk & Security Awareness | ||||
| Monitored Employees | — | Upto 100 | Upto 500 | Upto 2,000 |
| Email phishing simulation | — | ✓ | ✓ | ✓ |
| Custom phishing templates | — | ✓ | ✓ | ✓ |
| Security awareness training + LMS | — | ✓ | ✓ | ✓ |
| ▶Dark Web Monitoring | ||||
| Monitored Keywords (brand, legal name, vendors) | — | 1 keyword | 1 keyword | 5 keywords |
| Tor forums, paste sites, Telegram channels | — | ✓ | ✓ | ✓ |
| Breach databases & data dumps | — | ✓ | ✓ | ✓ |
| Ransomware & APT group monitoring | — | ✓ | ✓ | ✓ |
| ▶Cloud Security & Billing Monitoring | ||||
| Cloud Instances Monitored | — | 1 instance | 2 instances | 5 instances |
| Misconfiguration detection (CIS 572 benchmark) | — | ✓ | ✓ | ✓ |
| IAM & privilege escalation checks | — | ✓ | ✓ | ✓ |
| S3 / Blob public exposure alerts | — | ✓ | ✓ | ✓ |
| Cloud billing tracking & optimisation | — | ✓ | ✓ | ✓ |
| ▶GRC & ComplianceAudit charges extra | ||||
| Compliance Frameworks | — | 2 frameworks | 4 frameworks | 5 frameworks |
| Automated control mapping | — | ✓ | ✓ | ✓ |
| AI gap assessment & remediation tasks | — | ✓ | ✓ | ✓ |
| Policy & procedure auto-generation | — | ✓ | ✓ | ✓ |
| Risk register automation | — | ✓ | ✓ | ✓ |
| AI-based internal audit & audit-ready reports | — | ✓ | ✓ | ✓ |
| Trust center | — | ✓ | ✓ | ✓ |
| ▶Third Party Risk Management (TPRM) | ||||
| Vendors Monitored | — | 100 vendors | 250 vendors | 1,000 vendors |
| AI security questionnaire dispatch & scoring | — | ✓ | ✓ | ✓ |
| Continuous external surface scan | — | ✓ | ✓ | ✓ |
| Breach & dark web alerts for vendor | — | ✓ | ✓ | ✓ |
| Risk rating (A–F) with trend | — | ✓ | ✓ | ✓ |
| ▶Gordon AI | ||||
| AI Credits / Tokens | — | 500 credits | 1,000 credits | 1,000 credits |
| Auto-generated risk narratives | — | ✓ | ✓ | ✓ |
| One-click remediation playbooks | — | ✓ | ✓ | ✓ |
| Executive summary generation | — | ✓ | ✓ | ✓ |
| AI-assisted questionnaire filling (CRQ) | — | ✓ | ✓ | ✓ |
| Threat intelligence summaries | — | ✓ | ✓ | ✓ |
| ▶Brand Intelligence & Takedowns | ||||
| Brand Assets Monitored | — | 1 asset, 20 keywords | 3 assets, 60 keywords | 5 assets, 100 keywords |
| Fake domain / phishing page / typosquat monitoring | — | ✓ | ✓ | ✓ |
| Reverse imaging / logo detection | — | ✓ | ✓ | ✓ |
| Social media & counterfeit listing monitoring | — | ✓ | ✓ | ✓ |
| Takedowns (Rogue app, DMCA, Phishing pages) | — | 25 takedowns | 100 takedowns | 125 takedowns |
| ▶Consent Manager (DPDPA) | ||||
| Unique Consents (website / mobile app users) | — | 25K consents | 100K consents | 500K consents |
| Granular consent collection & withdrawal | — | ✓ | ✓ | ✓ |
| 15+ platform integrations | — | ✓ | ✓ | ✓ |
| 22 Indian language translation (DPDPA Art. 18) | — | ✓ | ✓ | ✓ |
| Cookie scanner, data deletion & grievance requests | — | ✓ | ✓ | ✓ |
| Google Consent Mode V2 support | — | ✓ | ✓ | ✓ |
All plans include a 15-day free trial — no credit card required.
Gordon SOC is designed for rapid deployment. Most customers are fully operational within 30 minutes for cloud environments. On-premise integrations with legacy SIEMs may take 2–4 hours. We provide guided onboarding for all plans.
No. Gordon SOC is designed to work alongside your existing tools. We integrate with Microsoft Sentinel, Splunk, CrowdStrike, SentinelOne, and 200+ other platforms. You can keep your existing investments and add Gordon's AI layer on top.
Our AI triage engine maintains a false positive rate below 0.3% across all customers. This means that of every 1,000 alerts generated, fewer than 3 are false positives. The system continuously learns from analyst feedback to improve accuracy over time.
Professional and Enterprise plans include access to our team of certified security analysts (CISSP, CEH, OSCP). They review critical incidents, provide context and recommendations, and can take direct action on your behalf. Starter plan customers can escalate to analysts on a per-incident basis.
Gordon SOC generates audit-ready reports for SOC 2 Type II, ISO 27001, PCI-DSS, HIPAA, and CERT-In (India). Every incident, investigation, and response action is logged with full chain of custody for compliance purposes.
Yes. All customer data is stored in AWS Mumbai (ap-south-1) by default. Enterprise customers can opt for private cloud or on-premise deployment. We are fully compliant with India's DPDP Act and do not transfer data outside India without explicit consent.
