Available Now

Audit-ready compliance in 12 weeks, not 12 months

Automated evidence collection, gap analysis, compliance scoring, and 61 editable templates for SOC2 and GDPR. We handle the automation — you handle the handshakes.

Get a Free Audit See Pricing

Compliance doesn't have to be a nightmare

Manual Evidence Collection

Every audit cycle, your team scrambles to screenshot dashboards, export logs, and compile spreadsheets. 80% of this can be automated.

Spreadsheet Compliance

Tracking SOC2 control activities across dozens of criteria in a spreadsheet isn't compliance — it's theater. You need real-time control monitoring, not quarterly reviews.

Audit Scrambles

The auditor calls. Everyone panics. Three weeks of all-hands effort. Then you forget about compliance until next audit.

How it works

Map your frameworks

Choose SOC2, GDPR, or both. We map your existing infrastructure controls to framework requirements and identify gaps immediately.

SOC2 (34 controls) + GDPR (22 controls)

Automated evidence collection

Infrastructure evidence is collected automatically from your AWS environment — CloudTrail logs, IAM policies, encryption status, monitoring data. No manual screenshots.

Evidence mapper + AWS API integration

Gap analysis and scoring

Every control is scored as Met, Partially Met, or Not Met. Your compliance score (0-100) shows exactly where you stand and what needs attention.

Gap checker + compliance scoring engine

Close gaps with templates

61 editable DOCX templates for governance documents. Automated evidence for infrastructure controls. A 12-week roadmap from zero to audit-ready.

61 templates + 12-week roadmap

Everything you need for compliance

✓ SOC2 Evidence Mapping

  • • 34 SOC2 Trust Service Criteria controls
  • • Automated evidence from infrastructure
  • • Control status tracking (Met/Partial/Not Met)

✓ GDPR Evidence Mapping

  • • 22 GDPR data protection controls
  • • Data processing documentation
  • • Privacy impact assessment support

✓ Compliance Scoring (0-100)

  • • Real-time compliance score per framework
  • • Trend tracking over time
  • • Target score planning

✓ 61 DOCX Templates

  • • Editable governance document templates
  • • Information Security Policy
  • • Access Control, Risk Management, and more

✓ 12-Week Readiness Roadmap

  • • Week-by-week compliance milestones
  • • Prioritized gap remediation plan
  • • Clear path from zero to audit-ready

✓ Weekly Compliance Reports

  • • Score changes and progress tracking
  • • New gaps identified
  • • Remediation status updates

✓ Evidence Upload Portal

  • • Upload manual evidence documents
  • • Organize by control and framework
  • • Version tracking and audit trail

✓ Gap Analysis Dashboard

  • • Visual gap overview per framework
  • • Remediation effort estimation
  • • Executive-ready compliance reports

Built on proven compliance infrastructure

Evidence collection automated from your existing infrastructure

Evidence Mapper

AWS API evidence collection

Gap Checker

Control gap analysis engine

ReportLab

PDF/DOCX report generation

Client Portal

React 19 web interface

Why This Approach?

  • 66-70% automated - Infrastructure controls collected without manual work
  • Framework-agnostic engine - Easily extended to new frameworks
  • Editable templates - Customize to your organization's voice
  • Audit-ready reports - Formatted for auditor consumption

Vigil Compliance in production

56
Controls Mapped
61
DOCX Templates
12 wk
Readiness Roadmap
66-70%
Controls Automated

Transparent, framework-based pricing

Compliance included in Complete package, or available as add-on.

Most Popular

Complete

$999
per month

Up to 250 assets

All 5 modules

Asset Tiers

Starter (75 assets) $599/mo
Professional (250) $999/mo
Enterprise (1,000) $1,699/mo
All 5 modules

What's included

  • Monitoring + Security
  • Cost optimization
  • CI/CD monitoring
  • Compliance
Get Started

Compliance Add-On

$249
per month

First framework (SOC2 or GDPR)

A la carte

Per month, first framework

What's included

  • Add to any Observe package
  • SOC2 or GDPR mapping
  • 61 DOCX templates
  • Compliance scoring (0-100)
  • 12-week readiness roadmap
  • Weekly progress reports
Get Started

Managed Standard

From $2,499
per month

Platform + engineering

10 hrs/mo included

Asset Tiers

Starter (75 assets) $2,499/mo
Professional (250) $3,999/mo
Enterprise (1,000) $5,999/mo
All 5 modules + 10 hrs/mo

What's included

  • Evidence collection help
  • Gap remediation
  • Auditor coordination
  • 8x5 on-call
  • 4-hour response SLA
Contact Sales

One-Time Compliance Engagements

SOC2 Type I Preparation

Full readiness program with evidence and templates

$15,000
SOC2 Type II Preparation

Ongoing compliance monitoring and evidence collection

$25,000
GDPR Readiness Assessment

Data mapping, gap analysis, and remediation roadmap

$10,000 – $18,000
Inquire about one-time engagements →
See detailed pricing and feature comparison →

Common Questions

How long does it take to become SOC2 audit-ready?

Our 12-week readiness roadmap takes you from zero to audit-ready. Week 1-4: gap analysis and template customization. Week 5-8: evidence collection automation and remediation. Week 9-12: final review and auditor preparation. Timeline depends on your starting posture and team availability.

Do you handle the actual SOC2 audit?

No — only licensed CPA firms can conduct SOC2 audits. We prepare you for the audit: evidence collection, gap remediation, template documents, and compliance scoring. We can recommend auditors and coordinate with them during the audit process.

What percentage of SOC2 controls are automated?

66-70% of controls can be evidenced automatically from your infrastructure — IAM policies, encryption settings, CloudTrail logs, monitoring data, backup configurations. The remaining 30-34% require organizational policies and procedures, which we provide as editable DOCX templates.

What GDPR controls do you cover?

We map 22 GDPR data protection controls including data processing agreements, privacy impact assessments, consent management, data retention policies, breach notification procedures, and technical security measures. Templates provided for all required documentation.

Can I use my own compliance templates?

Yes. Our 61 DOCX templates are fully editable starting points. You can customize them to match your organization's voice, or upload your existing documents and we'll map them to the relevant controls.

Does this replace Vanta or Drata?

For Series A-B companies, yes. Vanta and Drata charge $10K-$30K/year for compliance automation alone. Vigil Compliance is $249/month as an add-on, or included in the Complete package ($999/mo). Plus, our compliance module integrates with monitoring, security, and cost optimization — so your compliance evidence is automatically generated from your infrastructure.

What frameworks do you support?

SOC2 Type I and Type II (34 controls) and GDPR (22 controls) are fully supported. Additional frameworks (ISO 27001, HIPAA, PCI-DSS) are on our roadmap. Our framework-agnostic engine makes it straightforward to add new standards.

How is the compliance score calculated?

Each control is scored as Met (full points), Partially Met (half points), or Not Met (zero points). Your compliance score is the percentage of total possible points achieved. A score of 100 means every mapped control has full evidence and documentation.

Can I get Compliance without Monitoring?

Compliance is available as an add-on ($249/mo) to any Observe package, including Essentials. However, many SOC2 controls require monitoring evidence (uptime, incident response, alerting). For the strongest audit posture, we recommend the Complete package which includes both.

Stop scrambling for audits. Start being always-ready.

Schedule a 30-minute demo to see Vigil compliance automation in action.

Schedule a Demo View Pricing