Available Now

Security posture that improves while you sleep

Continuous scanning, auto-remediation, and compliance mapping. We find the vulnerabilities before attackers do.

Get a Free Audit See Pricing

Most cloud security is reactive, not proactive

Blind Spots

Misconfigurations sit undetected for months. By the time you find them, the damage is done.

Manual Remediation

Security tools find problems but leave fixing to you. Your team is already stretched thin.

Compliance Gaps

CIS benchmarks, NIST frameworks, SOC2 controls—mapping your posture to standards is a full-time job.

How it works

We scan continuously

Automated scanning across your AWS accounts. IAM policies, S3 buckets, security groups, encryption settings—nothing is missed.

Prowler + ScoutSuite + Custom Rules

We detect and alert

Findings are triaged by severity. Critical issues get immediate attention. Low-priority items are tracked and scheduled.

Severity-based triage + Slack alerts

We remediate with guardrails

Common misconfigurations — public S3 buckets, overly permissive security groups, missing encryption — are fixed automatically via Terraform with approval workflows and rollback capability. Complex issues are escalated with a remediation plan.

Terraform + Auto-remediation engine

We report and improve

Security posture dashboards for your team and your board. Trend analysis shows improvement over time.

Grafana dashboards + Executive reports

Everything you need for cloud security

✓ Vulnerability Scanning

  • • Continuous infrastructure scanning
  • • CIS benchmark assessments
  • • NIST framework mapping

✓ Misconfiguration Detection

  • • S3 bucket policies
  • • IAM over-permissioning
  • • Security group rules

✓ Drift Detection

  • • Infrastructure-as-code drift alerts
  • • Unauthorized change detection
  • • Configuration baseline tracking

✓ Secret Scanning

  • • Exposed credentials detection
  • • API key rotation alerts
  • • Environment variable auditing

✓ Auto-Remediation

  • • Terraform-based automated fixes
  • • Approval workflows for changes
  • • Rollback capability

✓ Compliance Mapping

  • • CIS, NIST, PCI-DSS frameworks
  • • Control coverage tracking
  • • Gap analysis and roadmap

✓ Security Dashboards

  • • Real-time posture visualization
  • • Trend analysis over time
  • • Executive-ready reports

✓ Incident Response

  • • Critical finding triage
  • • Remediation plan creation
  • • Post-incident documentation

Built on proven security tools

Industry-standard open-source and cloud-native security

Prowler

AWS security assessment

ScoutSuite

Multi-cloud auditing

Grafana

Security dashboards

Terraform

Auto-remediation

AlertManager

Security alerting

Clear, asset-based pricing

Security included in Complete package or available as add-on.

Complete

$599
per month

Up to 75 assets

All 5 modules

Asset Tiers

Starter (75 assets) $599/mo
Professional (250) $999/mo
Enterprise (1,000) $1,699/mo
All 5 modules

What's included

  • Monitoring + Security
  • Cost optimization
  • CI/CD monitoring
  • Compliance
Get Started
Most Flexible

Security Add-On

$199
per month

Add to any package

A la carte

Per month, a la carte

What's included

  • Add to Essentials or Business
  • Continuous scanning
  • Misconfiguration detection
  • Auto-remediation
  • Security dashboards
  • Compliance mapping
Get Started

Managed Standard

From $2,499
per month

Platform + engineering

10 hrs/mo included

Asset Tiers

Starter (75 assets) $2,499/mo
Professional (250) $3,999/mo
Enterprise (1,000) $5,999/mo
All 5 modules + 10 hrs/mo

What's included

  • Incident remediation
  • Security remediation
  • Quarterly reviews
  • 8x5 on-call
  • 4-hour response SLA
Contact Sales
See detailed pricing and feature comparison →

Common Questions

What cloud providers do you scan?

AWS is our primary focus. We scan IAM, S3, EC2, RDS, Lambda, ECS/EKS, VPC, CloudTrail, and 100+ other AWS services. Multi-cloud support (Azure, GCP) is available on Enterprise tier.

How does auto-remediation work?

Common misconfigurations (public S3 buckets, overly permissive security groups, missing encryption) are fixed automatically via Terraform. For complex issues, we create a remediation plan and implement it with your approval.

Will scanning affect our infrastructure performance?

No. Our scanning uses read-only API calls to AWS. There is zero impact on your running infrastructure or application performance.

How quickly are critical findings addressed?

Critical findings trigger immediate alerts. On the Managed tier, our team begins remediation within the response SLA (1-4 hours depending on tier). On Observe tier, you receive the alert with a recommended remediation plan.

Can you help us prepare for SOC2?

Yes. Our security module maps your posture to SOC2 controls, identifies gaps, and tracks remediation progress. For full SOC2 preparation, see our one-time SOC2 Type I ($15,000) and Type II ($25,000) services.

Do you replace tools like Wiz or Lacework?

For most Series A-B companies, yes. Our scanning covers CIS benchmarks, misconfigurations, and compliance mapping at a fraction of the cost. Enterprise companies with advanced CSPM needs may still benefit from specialized tools alongside Vigil.

What frameworks do you map to?

CIS AWS Foundations Benchmark, NIST 800-53, PCI-DSS, SOC2 Trust Service Criteria, and AWS Well-Architected Security Pillar. Custom framework mapping is available on Enterprise tier.

Secure your cloud before it's too late

See how Vigil security finds and fixes vulnerabilities — automatically.

Schedule a Demo View Pricing