iValue Center of Excellence
Your Technology. Proven. Positioned. Sold.
• Sell outcomes, not features
Insurance Upsell Stack with Controls
Comprehensive Insurance Security Controls Aligned with Industry Standards
| # | Security Control Area | Control Description | CERT-In | IRDAI | DPDP | RBI* | SEBI* | NCIIPC | Technology | iValue OEM Mapping |
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | IT Asset Discovery | Discover endpoints, servers, apps | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | Asset Discovery | Tenable |
| 2 | IT Asset Inventory / CMDB | Ownership, dependency, lifecycle | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | ITOM / CMDB | OpenText ITOM, Symphony Summit |
| 3 | Vulnerability Management | Continuous vulnerability assessment | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | Vulnerability Mgmt | Tenable |
| 4 | Patch Management | Patch SLAs, compliance | ✅ | ✅ | ⬜ | ✅ | ✅ | ⬜ | Patch Governance | OpenText ITOM |
| 5 | Identity Governance (IGA) | Joiner/Mover/Leaver | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | IGA | RSA |
| 6 | Authentication & SSO | Workforce & partner access | ✅ | ✅ | ⬜ | ✅ | ✅ | ⬜ | IDAM / SSO | RSA |
| 7 | Adaptive MFA | Risk-based authentication | ✅ | ✅ | ⬜ | ✅ | ✅ | ⬜ | MFA | RSA, Yubico |
| 8 | CIAM | Customer login, step-up auth, consent | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ⬜ | CIAM | RSA, Yubico |
| 9 | Privileged Access Management | Secure admin & DB access | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | PAM | CyberArk |
| 10 | ITDR | Detect identity & AD attacks | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | ITDR | Tenable.AD |
| 11 | Endpoint Protection (EPP/EDR) | Endpoint threat detection | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | EDR | SentinelOne |
| 12 | Endpoint Hardening | CIS baselines & posture | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | OS Hardening | OpenText ITOM |
| 13 | Email Security | Phishing & malware defense | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | Email Security | Forcepoint |
| 14 | BEC Protection | Payment & impersonation fraud | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | Anti-BEC | Forcepoint |
| 15 | Secure Web Gateway | Safe internet access | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | SWG | Netskope |
| 16 | Remote Browser Isolation | Web isolation | ⬜ | ✅ | ⬜ | ⬜ | ⬜ | ⬜ | RBI | Netskope RBI |
| 17 | Network Segmentation | Crown-jewel isolation | ⬜ | ✅ | ✅ | ✅ | ✅ | ⬜ | Segmentation | AlgoSec |
| 18 | Data Diode (Unidirectional) | One-way Core → SOC data flow | ⬜ | ✅ | ✅ | ✅ | ✅ | ⬜ | Data Diode | Terrafence |
| 19 | Firewall / IPS | Perimeter security | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | NGFW / IPS | Check Point |
| 20 | Web Application Firewall | Protect portals | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | WAF | Thales (Imperva) |
| 21 | API Security | Secure partner APIs | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | API Security | Imperva, Levo |
| 22 | Data Loss Prevention | Prevent data leakage | ⬜ | ✅ | ✅ | ✅ | ✅ | ⬜ | DLP | Forcepoint |
| 23 | Data Classification | Identify sensitive/PII data | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ⬜ | Classification | Forcepoint |
| 24 | Encryption & Key Management | Data & key protection | ⬜ | ✅ | ✅ | ✅ | ✅ | ⬜ | KMS / HSM | Thales |
| 25 | Database Security (Beyond DAM) | DB VA, config & privilege hardening | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | DB Security | Imperva SecureSphere |
| 26 | SIEM | Central monitoring & detection | ✅ | ✅ | ⬜ | ✅ | ✅ | ⬜ | SIEM | Splunk, Google Chronicle |
| 27 | UEBA | Insider & fraud analytics | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | UEBA | Gurucul, Innspark |
| 28 | SOAR | Automated incident response | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | SOAR | Chronicle SOAR, Splunk SOAR, OpenText SOAR |
| 29 | Threat Intelligence | Threat enrichment | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | TIP | Innspark, Check Point TI |
| 30 | External Attack Surface Mgmt | Internet exposure discovery | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | EASM | CloudSEK |
| 31 | Dark Web Monitoring | Credential & data leaks | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | Digital Risk | CloudSEK |
| 32 | Brand Monitoring | Phishing & spoofing | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | Brand Protection | CloudSEK |
| 33 | Incident Response Playbooks | IR procedures & RACI | ✅ | ✅ | ✅ | ✅ | ✅ | ⬜ | IR Process | SOAR + Whitehats |
| 34 | Forensics Readiness | Evidence & chain of custody | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | DFIR | OpenText EnCase, KapurGaurai |
| 35 | Ransomware Hardening | Immutable backups, AD tiering | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | Cyber Resilience | SentinelOne, OpenText |
| 36 | Backup & Disaster Recovery | Recovery & DR drills | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | BCDR | OpenText |
| 37 | Data Retention & Disposal (DPDP) | Lawful retention & deletion proof | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ⬜ | Data Lifecycle Mgmt | Whitehats, Forcepoint, OpenText |
| 38 | Third-Party / Vendor Risk | TPAs, brokers, partners | ⬜ | ✅ | ✅ | ✅ | ✅ | ⬜ | TPRM | RSA, Whitehats |
| 39 | GRC & Compliance Evidence | Audit artefacts & dashboards | ✅ | ✅ | ✅ | ✅ | ✅ | ⬜ | GRC | Whitehats |
| 40 | Regulatory Reporting | CERT-In timelines | ✅ | ✅ | ⬜ | ✅ | ✅ | ⬜ | Reporting Process | SOC + Whitehats |
| 41 | Security Governance | Policies & accountability | ⬜ | ✅ | ✅ | ✅ | ✅ | ⬜ | Governance | Whitehats |
| 42 | User Awareness & Training | Reduce human risk | ⬜ | ✅ | ⬜ | ✅ | ✅ | ⬜ | Awareness | Progist |