What AWS services does Vigilare monitor?

Vigilare monitors 7+ AWS services: Billing (cost anomalies and usage spikes), IAM (policy drift, root account usage, missing MFA), GuardDuty (threat findings), SES (sending reputation), CloudTrail (suspicious API patterns), Service Quotas (limit utilisation), and Account Health (AWS notifications). Coverage is continuously expanded.

How does Vigilare access my AWS account?

Vigilare uses a read-only cross-account IAM role that you provision using our open-source Terraform module. The role grants only the minimum permissions required for monitoring — no write access, no credential storage, and no data leaves your account except what is needed to display findings in your dashboard.

How quickly will I be alerted?

Depending on your plan, Vigilare scans every 1, 5, or 15 minutes. Alerts are delivered in real time via email, Slack, or PagerDuty the moment a threshold is crossed. The typical end-to-end latency from event to alert is under 90 seconds.

Can I monitor multiple AWS accounts?

Yes. The Solo plan covers 1 account, Team supports up to 10, Agency up to 50, and Enterprise is unlimited. All accounts appear in a single dashboard with per-account risk scores and consolidated alert feeds.

Is my AWS data secure?

All data is encrypted at rest with AES-256 and in transit with TLS 1.2+. Vigilare's control plane runs on AWS infrastructure in dedicated, isolated tenants. We never store raw AWS credentials. The platform is SOC 2 Type II compliant and we provide reports on request for Enterprise customers.

Is there a free trial?

Yes — all paid plans include a 14-day free trial. No credit card is required to get started. You can connect your first AWS account and see findings within 5 minutes of signing up.

What happens if I exceed my account limit?

We'll notify you as you approach your account limit and give you the option to upgrade. We won't stop monitoring your existing accounts without notice.

Can I cancel at any time?

Yes. There are no long-term contracts. You can cancel your subscription at any time from the billing settings page. Your access continues until the end of the current billing period.

Understanding Your Vigilare Risk Score: What the Number Means

When you open your Vigilare dashboard, the first thing you see is your risk score — a number from 0 to 100. A higher score means a healthier account. But what does "healthy" actually mean, and what goes into the calculation?

The Four Dimensions

Your risk score is a weighted composite of four health dimensions, each reflecting a different aspect of your AWS account's status.

Security Posture (35% of score)

This dimension evaluates your protection against active threats and misconfigurations. It draws on GuardDuty findings (active threats, credential compromise indicators), IAM configuration (root MFA status, access key age, overly permissive policies), security group configurations (open ports, unrestricted access rules), and encryption status (S3 buckets, EBS volumes, RDS instances).

A perfect security posture score means: no active GuardDuty findings, root MFA enabled, no long-lived access keys, no overly permissive IAM policies, no security groups open to the world, and encryption enabled on all storage.

Billing Health (25% of score)

This dimension tracks whether your costs are normal and sustainable. It evaluates current spend against your rolling baseline (deviations reduce the score), payment method validity (expired cards or failed charges reduce it significantly), budget utilization (approaching or exceeding budgets reduces the score), and spending velocity (accelerating spend trends get flagged before they become anomalies).

A perfect billing health score means: spending within normal range, valid payment method, budgets not exceeded, and no unusual cost trends.

Compliance Status (25% of score)

This dimension measures how well your account configurations align with security best practices. It evaluates AWS Config rule compliance (percentage of rules passing), CloudTrail status (enabled, multi-region, with log file validation), S3 public access settings (account-level block enabled), and VPC flow log status.

A perfect compliance score means: all Config rules passing, CloudTrail properly configured, no public S3 access, and VPC flow logs enabled.

Operational Health (15% of score)

This dimension tracks the operational signals that can lead to service disruptions or account issues. It includes service quota utilization (approaching quotas reduce the score), SES reputation metrics (bounce and complaint rates), AWS Health Dashboard events (active issues or abuse notifications), and resource utilization patterns (idle or underutilized resources).

A perfect operational health score means: all service quotas below 80% utilization, SES metrics within safe ranges, no active Health Dashboard events, and no flagged resource issues.

What Each Score Range Means

90-100: Excellent. Your account is well-configured and actively maintained. Keep doing what you're doing. Review findings weekly to maintain this level.

70-89: Good. Your account has a solid foundation with some areas for improvement. Most findings in this range are informational — security group tightening, access key rotation, minor compliance gaps. Address them when convenient.

50-69: Needs Attention. There are meaningful risks that should be addressed this week. Common causes: GuardDuty findings that haven't been triaged, IAM users without MFA, Config rules failing, or billing trends that are moving in the wrong direction.

30-49: At Risk. Your account has significant issues that increase the probability of a security incident or AWS enforcement action. Common causes: active security findings, billing anomalies, expired payment methods, or SES reputation problems. Prioritize remediation.

Below 30: Critical. Immediate action required. At this level, one or more dimensions are in a state that could result in account suspension, data exposure, or significant financial damage. Drop everything and address the critical findings first.

How the Score Changes Over Time

Your risk score is recalculated every 5 minutes as new data arrives. It goes up when findings are resolved, security configurations improve, billing returns to normal, or compliance gaps are closed. It goes down when new findings appear, configurations drift, costs spike, or operational metrics degrade.

The Vigilare dashboard includes a trend chart showing your risk score over time. A declining trend — even if the absolute score is still acceptable — is an early warning signal. An account that was at 85 last week and is at 72 today is heading in the wrong direction, and the underlying cause should be investigated before the score drops further.

Improving Your Score

Click into your risk score on the dashboard to see the breakdown by dimension. Each finding includes the specific issue, the impact on your score, and the remediation steps. Findings are sorted by impact — the ones at the top of the list will move your score the most when resolved.

The highest-impact actions are almost always in the security dimension: enabling root MFA, resolving active GuardDuty findings, and fixing overly permissive IAM policies. These are also the actions that most reduce your actual risk — the score and the reality are aligned by design.

Protect your AWS accounts before it's too late

Vigilare monitors your AWS accounts for suspension risks — billing anomalies, IAM issues, GuardDuty findings, and more — and alerts you before AWS takes action.

See Vigilare pricing Talk to us about securing your AWS Browse documentation →

Written by Vigilare Engineering

Platform Team