What AWS services does Vigilare monitor?

Vigilare monitors 7+ AWS services: Billing (cost anomalies and usage spikes), IAM (policy drift, root account usage, missing MFA), GuardDuty (threat findings), SES (sending reputation), CloudTrail (suspicious API patterns), Service Quotas (limit utilisation), and Account Health (AWS notifications). Coverage is continuously expanded.

How does Vigilare access my AWS account?

Vigilare uses a read-only cross-account IAM role that you provision using our open-source Terraform module. The role grants only the minimum permissions required for monitoring — no write access, no credential storage, and no data leaves your account except what is needed to display findings in your dashboard.

How quickly will I be alerted?

Depending on your plan, Vigilare scans every 1, 5, or 15 minutes. Alerts are delivered in real time via email, Slack, or PagerDuty the moment a threshold is crossed. The typical end-to-end latency from event to alert is under 90 seconds.

Can I monitor multiple AWS accounts?

Yes. The Solo plan covers 1 account, Team supports up to 10, Agency up to 50, and Enterprise is unlimited. All accounts appear in a single dashboard with per-account risk scores and consolidated alert feeds.

Is my AWS data secure?

All data is encrypted at rest with AES-256 and in transit with TLS 1.2+. Vigilare's control plane runs on AWS infrastructure in dedicated, isolated tenants. We never store raw AWS credentials. The platform is SOC 2 Type II compliant and we provide reports on request for Enterprise customers.

Is there a free trial?

Yes — all paid plans include a 14-day free trial. No credit card is required to get started. You can connect your first AWS account and see findings within 5 minutes of signing up.

What happens if I exceed my account limit?

We'll notify you as you approach your account limit and give you the option to upgrade. We won't stop monitoring your existing accounts without notice.

Can I cancel at any time?

Yes. There are no long-term contracts. You can cancel your subscription at any time from the billing settings page. Your access continues until the end of the current billing period.

What Vigilare Monitors: A Plain-English Guide to Your Dashboard

You've connected your AWS account to Vigilare and the dashboard is populated. Here's what you're looking at and what to do with each section.

The Risk Score

The large number at the top of your dashboard is your account risk score — a number from 0 to 100. Higher is better. It's calculated from four dimensions: security posture (35%), billing health (25%), compliance status (25%), and operational health (15%).

Click the score to see the breakdown by dimension. Each dimension shows its contributing signals and any active findings that are pulling the score down. Findings are sorted by impact — the ones at the top move the score most when resolved.

What to do: Check your risk score once a day (or just watch for Slack/email alerts). If it drops below your comfort threshold, click in and address the top findings.

The Billing Panel

The billing panel shows your current month-to-date spend, a comparison to the same point last month, and a trend chart showing daily spend over the past 30 days. Anomalies are highlighted in the chart — points where spend deviated from the rolling baseline.

Below the chart, you'll see a breakdown by AWS service showing which services are driving your costs and whether any service has anomalous spend.

What to do: Glance at the trend chart. If the line is flat or growing gradually, you're fine. If there's a spike, click into it to see which service caused it and whether it correlates with any security findings (which would suggest a compromise rather than organic growth).

Security Findings

This section lists active security findings from GuardDuty, IAM analysis, and security group evaluation. Each finding includes a severity (Critical, High, Medium, Low), a plain-English description of what was detected, the affected resource, and remediation steps.

Findings are deduplicated — if GuardDuty generates the same finding type for the same resource multiple times, you see one entry with a count, not a wall of duplicate alerts.

What to do: Review Critical and High findings immediately. Medium findings should be reviewed within a week. Low findings can be addressed during routine maintenance. You can dismiss findings that are known-good (like a security scanner's IP triggering a reconnaissance finding) — dismissed findings are hidden from the active view but retained in history.

Compliance Status

This panel shows your compliance against security best practices: CloudTrail status, S3 public access settings, encryption coverage, IAM configuration (MFA status, access key age, policy analysis), and VPC configuration. Each check shows pass/fail with a link to remediation steps.

What to do: Work through failing checks in priority order. The highest-impact items are always root MFA, CloudTrail configuration, and S3 public access — these affect both your risk score and your actual security posture more than anything else.

Operational Health

This section tracks the signals that don't fit neatly into security or compliance but still affect your account health: SES reputation metrics (bounce rate, complaint rate), service quota utilization (how close you are to limits for EC2 instances, Lambda concurrency, VPCs, etc.), and AWS Health Dashboard events (maintenance notifications, abuse reports, service issues).

What to do: Check SES metrics if your application sends email — a bounce rate trending toward 5% needs intervention before it triggers AWS enforcement. Service quota warnings are informational until you're above 80% utilization; at that point, request a quota increase before you run into provisioning failures.

The Alerts Feed

The alerts feed at the bottom of the dashboard shows a chronological history of all alerts — risk score changes, new findings, resolved findings, billing anomalies, and compliance changes. Each entry is timestamped and linked to the underlying data.

This feed mirrors what's sent to your Slack/email integrations, so if you missed a notification, the dashboard has the full history.

Account Switcher

If you've connected multiple AWS accounts, use the account switcher in the top navigation to switch between them. Each account has its own independent risk score, findings, and billing data. The overview page shows all accounts at a glance with their risk scores, so you can immediately see which accounts need attention.

Protect your AWS accounts before it's too late

Vigilare monitors your AWS accounts for suspension risks — billing anomalies, IAM issues, GuardDuty findings, and more — and alerts you before AWS takes action.

See Vigilare pricing Talk to us about securing your AWS Browse documentation →

Written by Vigilare Engineering

Platform Team