15
Features Guardian Can Do
12
Requires Bitsight Infrastructure
$0
Guardian Cost vs $30,000+/yr Bitsight
🚨 Priority Fixes from Your Bitsight Report
These are failing grades in your December 2025 Bitsight report that Guardian can check and help you fix right now.
| Issue | Bitsight Grade | Priority | Fix | Guardian Check |
|---|---|---|---|---|
| DMARC Record Missing Anyone can send emails pretending to be from vedantatechnology.com |
Bad — Record does not exist | Critical | Add TXT: _dmarc.vedantatechnology.com → v=DMARC1; p=quarantine; rua=mailto:dmarc@vedantatechnology.com |
✅ Email Security page |
| SPF Record Ineffective SPF record exists but is misconfigured — flagged since Sep 2024 |
D — Bottom 30% | Critical | Fix your SPF record to include all authorized senders. Remove any +all or ?all entries. | ✅ Email Security page |
| DKIM Records Missing No DKIM records found — email signatures not configured |
C — Bottom 50% | High | Enable DKIM in Google Workspace or Microsoft 365 admin panel. | ✅ Email Security page |
| Web Application Security Insecure CSP, outdated JS libraries, missing CSRF tokens |
F | High | Update JS libraries, add CSP headers, implement CSRF protection. | ✅ Web App Security page |
| Missing Security Headers Ineffective Set-Cookie, missing required headers on both domains |
Bad — Material severity | High | Add: HSTS, X-Frame-Options, X-Content-Type-Options, CSP, Referrer-Policy | ✅ Web App Security page |
| DNSSEC Not Configured DNS responses are not cryptographically signed |
C — Neutral | Medium | Enable DNSSEC in your domain registrar settings. | ✅ DNS Monitor page |
| 535 Domain Squatting Risks 322 typo domains, 138 spear phishing domains found by Bitsight |
Informational | Medium | Register key lookalike domains. Set up trademark alerts. | ⚠ Phishing page (partial) |
| Exposed Credentials (LinkedIn 2023) 4 records from vedantatechnology.com exposed in LinkedIn breach |
Informational | Medium | Force password reset for affected accounts. Enable MFA everywhere. | ✅ Breach Checker page |
📊 Full Feature Comparison
Every capability from your Bitsight report compared against what Guardian Monitor can do.
| Capability | Guardian Monitor | Bitsight | Notes |
|---|---|---|---|
| 🔐 Email Security | |||
| SPF Record Check | ✅ Built | ✅ Yes | Your grade: D/Bad |
| DKIM Record Check | ✅ Built | ✅ Yes | Your grade: C/Bottom 50% |
| DMARC Record Check | ✅ Built | ✅ Yes | Your grade: Bad — missing |
| 🌐 Website & Infrastructure | |||
| Website Uptime Monitoring | ✅ Built | ✅ Yes | Guardian checks every 30–300s |
| SSL/TLS Certificate Check | ✅ Built | ✅ Yes | Your grade: A/Top 10% |
| TLS/SSL Configuration | ⚠ Partial | ✅ Yes | Guardian checks availability; Bitsight checks cipher strength |
| Web Application Security Headers | ✅ Built | ✅ Yes | Your grade: F — all missing |
| Open Ports Scanning | ❌ No | ✅ Yes | Requires raw TCP scanning |
| DNS Record Monitoring | ✅ Built | ✅ Yes | Guardian alerts on changes |
| DNSSEC Check | ✅ Built | ✅ Yes | Not configured on your domain |
| 🎣 Threats & Intelligence | |||
| Phishing Domain Detection | ⚠ Partial | ✅ Yes | Bitsight found 535 lookalikes |
| Exposed Credentials Check | ✅ Built | ✅ Yes | Guardian uses HIBP database |
| Botnet Infection Detection | ❌ No | ✅ Yes | Requires global passive monitoring |
| Malware Server Detection | ❌ No | ✅ Yes | Requires global threat feed sensors |
| Spam Propagation Tracking | ❌ No | ✅ Yes | Requires honeypot network |
| URLhaus Malware DB Check | ✅ Built | ✅ Yes | Guardian checks on demand |
| ☁ Microsoft 365 | |||
| M365 Service Availability | ✅ Built | ⚠ Partial | Guardian monitors 6 services live |
| M365 Admin — All Users View | ✅ Built | ❌ No | Guardian unique feature |
| Sign-in Activity (All Users) | ✅ Built | ❌ No | Requires MS admin login |
| At-Risk User Detection | ✅ Built | ❌ No | Via Microsoft Graph API |
| OneDrive Storage Monitoring | ✅ Built | ❌ No | Guardian unique feature |
| 📊 Reporting & Scoring | |||
| Security Rating Score | ⚠ Partial | ✅ Yes | Guardian score mapped to 300–820 scale |
| Historical Score Chart | ✅ Built | ✅ Yes | Guardian tracks over time |
| Industry Benchmarking | ❌ No | ✅ Yes | Requires database of 40M companies |
| PDF Incident Report | ✅ Built | ✅ Yes | Guardian generates on demand |
| CSV Export | ✅ Built | ✅ Yes | Full incident log export |
| Patching Cadence Score | ❌ No | ✅ Yes | Requires CVE scanning of all IPs |
| 👥 Team & Sharing | |||
| Team Monitor Sharing | ✅ Built | ✅ Yes | Via Cloudflare KV sync |
| Shareable Config URL | ✅ Built | ❌ No | Guardian unique feature |
| Email Alerts | ✅ Built | ✅ Yes | Guardian via EmailJS (free) |
| SMS Alerts | ✅ Built | ✅ Yes | Guardian via Twilio |
| Browser Push Notifications | ✅ Built | ❌ No | Guardian unique feature |
| T-Mobile Vendor Compliance Doc | ✅ Built | ❌ No | Guardian unique feature |
💰 Cost Comparison
What you pay for Guardian vs what Bitsight would cost for the same coverage.
Guardian Monitor
~$20/month
- Cloudflare Pages hosting — Free
- EmailJS alerts — Free (200/month)
- Twilio SMS — ~$1.15/mo + usage
- Cloudflare KV sync — Free
- SSL, DNS, email security checks — Free
- HIBP breach checker — Free
- Microsoft Graph API — Free
- Unlimited monitors — Free
- No botnet detection
- No global IP scanning
- No industry benchmarking
Bitsight
$30,000+/year
- Full security rating (300–820)
- Botnet & malware detection
- Global IP scanning
- Industry benchmarking
- Patching cadence tracking
- Spam propagation detection
- No Microsoft 365 monitoring
- No SMS/push notifications
- No team KV sync
- No T-Mobile compliance doc
- Pricing not transparent
💡 Bottom line for Vedanta Technology: The Bitsight report you received was almost certainly sent to you by T-Mobile or another client as part of their vendor security assessment — they paid for it. Guardian Monitor covers every check in that report that you can actually fix yourself. The things Bitsight does that Guardian can't (botnet detection, patching cadence, global IP scanning) are driven by data you don't have access to regardless of which tool you use.