What AWS services does Vigilare monitor?

Vigilare monitors 7+ AWS services: Billing (cost anomalies and usage spikes), IAM (policy drift, root account usage, missing MFA), GuardDuty (threat findings), SES (sending reputation), CloudTrail (suspicious API patterns), Service Quotas (limit utilisation), and Account Health (AWS notifications). Coverage is continuously expanded.

How does Vigilare access my AWS account?

Vigilare uses a read-only cross-account IAM role that you provision using our open-source Terraform module. The role grants only the minimum permissions required for monitoring — no write access, no credential storage, and no data leaves your account except what is needed to display findings in your dashboard.

How quickly will I be alerted?

Depending on your plan, Vigilare scans every 1, 5, or 15 minutes. Alerts are delivered in real time via email, Slack, or PagerDuty the moment a threshold is crossed. The typical end-to-end latency from event to alert is under 90 seconds.

Can I monitor multiple AWS accounts?

Yes. The Solo plan covers 1 account, Team supports up to 10, Agency up to 50, and Enterprise is unlimited. All accounts appear in a single dashboard with per-account risk scores and consolidated alert feeds.

Is my AWS data secure?

All data is encrypted at rest with AES-256 and in transit with TLS 1.2+. Vigilare's control plane runs on AWS infrastructure in dedicated, isolated tenants. We never store raw AWS credentials. The platform is SOC 2 Type II compliant and we provide reports on request for Enterprise customers.

Is there a free trial?

Yes — all paid plans include a 14-day free trial. No credit card is required to get started. You can connect your first AWS account and see findings within 5 minutes of signing up.

What happens if I exceed my account limit?

We'll notify you as you approach your account limit and give you the option to upgrade. We won't stop monitoring your existing accounts without notice.

Can I cancel at any time?

Yes. There are no long-term contracts. You can cancel your subscription at any time from the billing settings page. Your access continues until the end of the current billing period.

AWS Config vs Vigilare: Compliance Monitoring Compared

AWS Config is the foundation of compliance monitoring in AWS. It continuously records resource configurations, evaluates them against rules, and generates compliance findings. If you're doing compliance monitoring on AWS, you're using Config — either directly or through a tool that reads Config data.

Vigilare also monitors compliance, but it approaches the problem differently. Instead of replacing Config, it layers on top of it — adding cross-signal correlation, risk scoring, and account health context that Config doesn't provide on its own.

This comparison explains how each tool works, where they overlap, and when Config alone is sufficient versus when the additional layer is worth it.

What AWS Config Does

Config continuously records the configuration state of your AWS resources — the settings on each EC2 instance, security group, IAM policy, S3 bucket, and over 300 other resource types. It answers the question: "Are my resources configured the way I expect them to be?"

Config Rules evaluate resource configurations against compliance criteria. AWS provides 300+ managed rules covering common checks: is CloudTrail enabled? Is S3 public access blocked? Are EBS volumes encrypted? Do IAM policies restrict admin access? You can also write custom rules using Lambda functions for organization-specific requirements.

Conformance Packs bundle related rules into compliance frameworks. AWS provides pre-built packs for CIS AWS Foundations Benchmark, PCI DSS, HIPAA, NIST 800-53, and others. Deploying a conformance pack instantly evaluates your environment against the full set of controls in that framework.

Compliance Score: Config produces a straightforward percentage — the proportion of rules that your resources pass. A 95% compliance score means 95% of evaluations returned COMPLIANT.

Where Config Falls Short

All Rules Are Equal

Config treats a missing S3 encryption setting (medium risk) the same as an open security group allowing SSH from 0.0.0.0/0 (high risk) in its compliance percentage. A 90% score could mean "a few low-priority settings need updating" or "your database is accessible from the internet." The percentage alone doesn't tell you how urgent the non-compliant findings are.

No Cross-Domain Correlation

Config monitors configuration compliance. It doesn't know about GuardDuty findings, billing anomalies, SES reputation, or service quota utilization. A Config rule might tell you that a security group is too permissive, but it can't tell you that the same security group is attached to an instance that GuardDuty has flagged for suspicious activity — a combination that's far more urgent than either signal alone.

No Account Health Context

Config evaluates whether your resources are configured correctly. It doesn't assess whether your account is healthy — whether your billing is normal, whether your SES reputation is safe, whether you're approaching service quotas, or whether the combination of your security, billing, and compliance signals puts you at risk of AWS enforcement.

Latency

Config evaluations run periodically — not in real-time. Configuration changes may take minutes to hours to be evaluated. For fast-moving incidents, this delay can be significant.

What Vigilare Adds

Vigilare reads Config compliance data as one input to a broader health assessment. It adds:

Severity-weighted scoring: Instead of treating all rules equally, Vigilare weights findings by severity, resource criticality, and age. A critical finding on a production resource impacts the score more than a low-severity finding on a sandbox resource. This produces a risk score that reflects actual risk, not just rule-pass percentages.

Cross-signal correlation: Vigilare combines Config compliance data with GuardDuty findings, billing trends, IAM analysis, SES metrics, and service quotas into a single view. When a Config rule fails at the same time as a GuardDuty finding fires, the correlated alert conveys urgency that neither signal communicates on its own.

Trend analysis: Config gives you a point-in-time compliance percentage. Vigilare tracks the risk score over time, showing whether your account is improving, stable, or degrading. A declining trend is an early warning, even when the absolute score is still acceptable.

Actionable prioritization: Rather than a flat list of non-compliant resources, Vigilare sorts findings by their impact on your risk score. Fix the items at the top of the list and your risk drops the most. This eliminates the "where do I start?" problem that teams face when Config generates dozens of findings.

When Config Alone Is Enough

Config is sufficient when your primary need is compliance reporting against a specific framework (CIS, PCI DSS, HIPAA), when you have a dedicated compliance or security engineer who reviews Config findings regularly, when your monitoring needs are limited to configuration compliance (not billing, security threats, or account health), and when you're comfortable building your own dashboards and alert integrations.

When to Add Vigilare

Consider adding Vigilare when you need a single view of account health across security, billing, compliance, and operations, when you're a small team that can't afford to check multiple dashboards daily, when you want risk scoring that reflects actual urgency rather than rule-pass percentages, when you need to correlate compliance findings with security threats and billing anomalies, and when you want early warning for the specific risk patterns that lead to AWS enforcement.

Vigilare complements Config — it doesn't replace it. Config provides the compliance evaluation engine. Vigilare provides the correlation, scoring, and prioritization layer that makes Config findings operationally actionable for small teams. Start a free 14-day trial.

Protect your AWS accounts before it's too late

Vigilare monitors your AWS accounts for suspension risks — billing anomalies, IAM issues, GuardDuty findings, and more — and alerts you before AWS takes action.

See Vigilare pricing Talk to us about securing your AWS Browse documentation →

Written by Vigilare Engineering

Platform Team