What AWS services does Vigilare monitor?

Vigilare monitors 7+ AWS services: Billing (cost anomalies and usage spikes), IAM (policy drift, root account usage, missing MFA), GuardDuty (threat findings), SES (sending reputation), CloudTrail (suspicious API patterns), Service Quotas (limit utilisation), and Account Health (AWS notifications). Coverage is continuously expanded.

How does Vigilare access my AWS account?

Vigilare uses a read-only cross-account IAM role that you provision using our open-source Terraform module. The role grants only the minimum permissions required for monitoring — no write access, no credential storage, and no data leaves your account except what is needed to display findings in your dashboard.

How quickly will I be alerted?

Depending on your plan, Vigilare scans every 1, 5, or 15 minutes. Alerts are delivered in real time via email, Slack, or PagerDuty the moment a threshold is crossed. The typical end-to-end latency from event to alert is under 90 seconds.

Can I monitor multiple AWS accounts?

Yes. The Solo plan covers 1 account, Team supports up to 10, Agency up to 50, and Enterprise is unlimited. All accounts appear in a single dashboard with per-account risk scores and consolidated alert feeds.

Is my AWS data secure?

All data is encrypted at rest with AES-256 and in transit with TLS 1.2+. Vigilare's control plane runs on AWS infrastructure in dedicated, isolated tenants. We never store raw AWS credentials. The platform is SOC 2 Type II compliant and we provide reports on request for Enterprise customers.

Is there a free trial?

Yes — all paid plans include a 14-day free trial. No credit card is required to get started. You can connect your first AWS account and see findings within 5 minutes of signing up.

What happens if I exceed my account limit?

We'll notify you as you approach your account limit and give you the option to upgrade. We won't stop monitoring your existing accounts without notice.

Can I cancel at any time?

Yes. There are no long-term contracts. You can cancel your subscription at any time from the billing settings page. Your access continues until the end of the current billing period.

AWS Security on a Budget: What to Enable When You Can't Afford Enterprise Tools

You've read about Cloud Security Posture Management (CSPM) tools. You've seen the sales decks from Prisma Cloud, Wiz, and Lacework. You know your AWS account should be monitored. And then you see the pricing: $5,000-50,000/year, based on the number of cloud assets, accounts, or workloads.

For a startup spending $500/month on AWS, that's absurd. But ignoring security entirely isn't an option either — a single compromised access key can generate a five-figure bill overnight, and an unmonitored account is a liability that grows with your infrastructure.

The good news: you can build a security posture that covers the real risks for under $100/month. Here's how, layer by layer.

Layer 1: Free — The Non-Negotiable Baseline ($0/month)

These cost nothing and should be enabled on every AWS account immediately.

Root Account MFA

Use a hardware security key (FIDO2) if you have one. Otherwise, a virtual MFA app (Authy, 1Password, Google Authenticator) is fine. This takes 2 minutes and eliminates the highest-severity attack vector.

CloudTrail (1 management trail)

One trail with management events is included in the AWS Free Tier. This gives you an audit log of every API call in your account. Without it, you're investigating blind if anything goes wrong.

S3 Block Public Access (account-level)

Enable all four settings at the account level. This prevents any S3 bucket from being accidentally made public. One click, zero cost, eliminates one of the most common data exposure vectors.

Cost Anomaly Detection

Free. ML-based spend monitoring. 24-hour detection lag, but it catches the slow-bleed cost issues that threshold alerts miss.

AWS Budgets (first 2 budgets)

Free for the first two budgets. Set one for your overall account and one for your most expensive service. Add email alerts at 80%, 100%, and 150% of expected spend.

Layer 2: Essential — The Cheap-but-High-Impact Additions ($20-40/month)

GuardDuty (~$15-30/month for a small account)

GuardDuty is the single best security investment per dollar for a small AWS account. It detects compromised credentials, cryptocurrency mining, unusual API patterns, and network-based threats. No agents, no rules to write, no infrastructure to manage. Enable it in all regions.

AWS Config (basic rules) (~$5-10/month)

Enable Config with a handful of critical rules: root-account-mfa-enabled, iam-user-mfa-enabled, cloudtrail-enabled, s3-bucket-public-read-prohibited, rds-instance-public-access-check. These five rules cover the most common misconfiguration risks for less than $10/month.

Layer 3: The Multiplier — Account Health Monitoring ($29/month)

The layers above give you individual signals: GuardDuty detects threats, Config detects misconfigurations, Cost Anomaly Detection detects spend deviations. What none of them do is correlate these signals into a unified picture of whether your account is healthy and whether you're at risk of AWS enforcement.

Vigilare's Solo plan ($29/month) adds the correlation layer. It connects to your account via a read-only role, ingests signals from GuardDuty, Config, billing, SES, and service quotas, and produces a single risk score with actionable alerts. When a billing spike happens at the same time as a GuardDuty finding, Vigilare connects the dots and tells you it's probably credential compromise — not just "your bill went up."

At $29/month, this is the most cost-effective upgrade you can make to your security posture. A single prevented billing incident pays for years of subscription.

Layer 4: Nice-to-Have — Add When You're Ready

Security Hub (~$5-15/month)

Security Hub aggregates findings from GuardDuty, Config, and Inspector into a single dashboard with compliance scoring against CIS Benchmarks and AWS Foundational Security Best Practices. Useful when you want a compliance scorecard; not critical for day-to-day security.

Inspector (~$5-20/month)

Vulnerability scanning for EC2, Lambda, and container images. Useful if you run long-lived servers or publish container images. Less relevant for serverless-first architectures.

IAM Access Analyzer (free)

Detects resources shared with external entities and identifies unused permissions. Enable this when you're ready to tighten IAM permissions beyond the initial setup.

The Complete Budget Security Stack

Layer	What	Monthly Cost
Free baseline	MFA, CloudTrail, S3 Block Public Access, Budgets, Cost Anomaly Detection	$0
Essential	GuardDuty + Config (5 rules)	$20-40
Correlation	Vigilare Solo	$29
Total		$49-69

For under $70/month, you have threat detection, compliance monitoring, billing protection, and cross-signal correlation with account health scoring. That's more security coverage than most startups running $10,000 enterprise CSPM tools actually use.

What Enterprise Tools Give You That This Stack Doesn't

To be fair about the tradeoffs: enterprise CSPM tools provide multi-cloud support (if you also use Azure or GCP), deeper vulnerability analysis (attack path mapping, SBOM analysis), compliance automation for complex frameworks (SOC 2, PCI DSS, HIPAA), and dedicated customer success teams who help interpret findings.

If you need these capabilities — because you're pursuing SOC 2 certification, because you operate across multiple clouds, or because a customer contract requires a specific CSPM — the enterprise tools have their place. But if you're a startup running on AWS with 1-3 accounts and your primary risks are billing surprises, credential compromise, and misconfiguration, the budget stack above covers you.

Protect your AWS accounts before it's too late

Vigilare monitors your AWS accounts for suspension risks — billing anomalies, IAM issues, GuardDuty findings, and more — and alerts you before AWS takes action.

See Vigilare pricing Talk to us about securing your AWS Browse documentation →

Written by Viktor B.

Co-founder & CEO