What AWS services does Vigilare monitor?

Vigilare monitors 7+ AWS services: Billing (cost anomalies and usage spikes), IAM (policy drift, root account usage, missing MFA), GuardDuty (threat findings), SES (sending reputation), CloudTrail (suspicious API patterns), Service Quotas (limit utilisation), and Account Health (AWS notifications). Coverage is continuously expanded.

How does Vigilare access my AWS account?

Vigilare uses a read-only cross-account IAM role that you provision using our open-source Terraform module. The role grants only the minimum permissions required for monitoring — no write access, no credential storage, and no data leaves your account except what is needed to display findings in your dashboard.

How quickly will I be alerted?

Depending on your plan, Vigilare scans every 1, 5, or 15 minutes. Alerts are delivered in real time via email, Slack, or PagerDuty the moment a threshold is crossed. The typical end-to-end latency from event to alert is under 90 seconds.

Can I monitor multiple AWS accounts?

Yes. The Solo plan covers 1 account, Team supports up to 10, Agency up to 50, and Enterprise is unlimited. All accounts appear in a single dashboard with per-account risk scores and consolidated alert feeds.

Is my AWS data secure?

All data is encrypted at rest with AES-256 and in transit with TLS 1.2+. Vigilare's control plane runs on AWS infrastructure in dedicated, isolated tenants. We never store raw AWS credentials. The platform is SOC 2 Type II compliant and we provide reports on request for Enterprise customers.

Is there a free trial?

Yes — all paid plans include a 14-day free trial. No credit card is required to get started. You can connect your first AWS account and see findings within 5 minutes of signing up.

What happens if I exceed my account limit?

We'll notify you as you approach your account limit and give you the option to upgrade. We won't stop monitoring your existing accounts without notice.

Can I cancel at any time?

Yes. There are no long-term contracts. You can cancel your subscription at any time from the billing settings page. Your access continues until the end of the current billing period.

White-Label AWS Monitoring for MSPs: Presenting Vigilare Under Your Brand

The monitoring tools your MSP uses to protect client accounts don't need to be visible to clients as separate vendor products. A client who logs into a portal and sees "YourMSP Security Dashboard" experiences a cohesive managed service. A client who logs into a portal and sees "Vigilare — powered by AWS GuardDuty" experiences a vendor's product with your name attached. The distinction matters for client retention, perceived value, and your MSP's ability to differentiate on service rather than tooling.

White-label monitoring solves this by allowing you to deliver monitoring insights under your own brand identity — your logo, your color scheme, your terminology — while the underlying technology does the heavy lifting of security analysis, cost monitoring, and compliance tracking.

What Clients Actually Want From Monitoring Reports

Before designing a white-label reporting experience, understand what your clients are trying to accomplish. Most clients fall into two categories:

Technical buyers (CTOs, engineering leads, DevOps teams) want detailed findings with technical context: exactly which resources are affected, what the specific misconfiguration is, how to fix it, and evidence that the fix worked. They appreciate access to raw data and the ability to dig deeper than summary reports.

Business buyers (CFOs, non-technical CEOs, operations managers) want high-level confirmation that things are under control: a score or status indicator, recent changes in risk posture, any incidents and their resolution, and cost trends. They don't want to interpret security findings — they want assurance that your team is handling them.

Effective white-label reporting serves both audiences with different views: a summary dashboard for business buyers that rolls up to green/yellow/red status indicators, and a detailed findings view for technical contacts who want the specifics.

Building White-Label Client Reports

Monthly security reports are a standard MSP deliverable that clients appreciate and that justify managed security service fees. A well-structured white-label report includes:

Executive summary: Overall security posture score for the month, change from prior month, count of findings by severity, and any significant incidents or changes.

Findings detail: All security findings during the period, categorized by service (GuardDuty, Config, Inspector), with severity, status (open/resolved), and resolution details. Findings your team resolved without client involvement are listed with resolution evidence. Findings requiring client action are highlighted.

Cost report: Month-over-month spend by service, any anomalies detected and resolved, and optimization opportunities identified. This is particularly valuable for clients who don't have internal AWS cost expertise.

Compliance status: Coverage against their applicable frameworks (SOC 2, ISO 27001, HIPAA), with any new gaps identified and remediation status.

Generate these reports from your aggregated monitoring data. AWS QuickSight supports custom branding that removes AWS branding from dashboards — configure it with your MSP logo and colors for embedded client-facing views. For PDF reports, tools like the AWS SDK combined with a reporting template generate branded documents from monitoring data.

Client Portal Architecture

A client portal gives clients self-service access to their current monitoring status between your regular reports. Core portal features:

Single sign-on through the client's existing identity provider (Google Workspace, Microsoft 365) so clients don't manage yet another set of credentials. Read-only access to their account's current findings, compliance status, and cost trends. Audit trail of MSP actions in their account. Ticketing integration showing the status of any open remediation items.

Build the portal on your own domain (monitoring.yourmspdomain.com/client-name) rather than exposing a vendor URL. The technical implementation can use vendor APIs (Vigilare's API, AWS APIs) as the data source, but the presentation layer should be your branded application.

Service Level Agreements and Reporting Cadence

Define what your white-label monitoring service delivers contractually. Common MSP monitoring SLAs:

Critical findings (GuardDuty HIGH, active compromise indicators) notified within 15-60 minutes
High-severity Config drift notified within 4 hours during business hours
Monthly report delivered by the 5th of the following month
Quarterly security review meeting to review trends and discuss posture improvements

Document these commitments in your service agreement and monitor them. If you commit to 15-minute critical finding notification and your monitoring system has a 2-hour alerting pipeline, you need to close that gap. Your SLAs define the operational requirements for your monitoring infrastructure.

FAQ

Do clients need to know what monitoring tools you use?

Transparency about your tool stack is generally good practice in MSP relationships, and clients often ask. You can be transparent about the underlying technology while still delivering under your brand. "We use Vigilare for AWS security monitoring, which we've configured and integrated into our operations workflow" is honest and positions the capability as something your team manages rather than a vendor product the client needs to understand.

How do you handle clients who want direct access to the raw monitoring tools?

Some clients — typically those with internal cloud security teams — want access to the native tools alongside your reports. Provision them read-only access to relevant AWS consoles (GuardDuty, Config, Security Hub) in addition to your white-label portal. This satisfies clients who want direct access without requiring you to expose your MSP operational infrastructure. Define clearly which access belongs to the client and which is internal MSP tooling.

Can you offer monitoring as a self-service product rather than MSP-managed?

Yes. Some MSPs offer tiered service models: managed service (MSP handles everything), monitored service (alerts go to the client who handles remediation), and software-only (the client manages everything with your tooling). White-label monitoring infrastructure supports all three tiers with different SLAs and pricing. The self-service tier requires less MSP labor per client and can be offered at lower price points to expand your addressable market.

Protect your AWS accounts before it's too late

Vigilare monitors your AWS accounts for suspension risks — billing anomalies, IAM issues, GuardDuty findings, and more — and alerts you before AWS takes action.

See Vigilare pricing Talk to us about securing your AWS Browse documentation →

Written by Viktor B.

Co-founder & CEO