Enterprise-grade cybersecurity,
built for growing businesses
The same security capabilities Fortune 500 companies rely on -- automated, affordable, and designed for teams without a dedicated security department.
Know exactly where you stand
Vigil scans your public-facing infrastructure the same way an attacker would -- then explains what it found in plain English.
DNS & Email Authentication Analysis
Checks your SPF, DKIM, and DMARC records to ensure outgoing email is authenticated and protected against spoofing. Misconfigured email authentication is the #1 reason phishing succeeds.
Why it matters
Email impersonation is the most common attack vector for small businesses. Proper authentication stops attackers from sending email that looks like it came from you.
Included in: Free tier and above
SSL/TLS Certificate Monitoring
Validates your certificates, checks expiration dates, cipher suites, and protocol versions. Alerts you before anything expires.
Why it matters
An expired or misconfigured certificate breaks customer trust and can expose data in transit.
Included in: Free tier and above
Security Header Assessment
Evaluates HTTP security headers including Content-Security-Policy, X-Frame-Options, HSTS, and more. Provides exact header values to add.
Why it matters
Security headers are free to implement and block entire categories of attacks like clickjacking and cross-site scripting.
Included in: Free tier and above
Technology Fingerprinting & CVE Matching
Identifies the software, frameworks, and services running on your infrastructure, then cross-references them against known vulnerability databases.
Why it matters
You can't patch what you don't know is running. Technology fingerprinting gives you visibility into your actual attack surface.
Included in: Visibility tier and above
Email Provider Detection
Identifies your email provider (Microsoft 365, Google Workspace, on-premises Exchange, etc.) and tailors remediation guidance to your specific platform.
Why it matters
Generic security advice wastes time. Platform-specific guidance means you can fix issues in minutes, not hours.
Included in: Visibility tier and above
Secure your Microsoft 365 & Google Workspace
Your productivity suite is your most sensitive system. Vigil scans internal configurations that external scanners miss entirely.
Microsoft 365 Security Audit
Reviews Entra ID settings, conditional access policies, MFA enrollment, mailbox forwarding rules, admin role assignments, and SharePoint/OneDrive sharing permissions.
Why it matters
Most M365 tenants have dozens of misconfigurations out of the box. A single forwarding rule to an external address can exfiltrate months of email silently.
Included in: Management tier and above
Google Workspace Security Audit
Evaluates 2-Step Verification enforcement, app passwords, third-party app access, Drive sharing settings, Gmail routing rules, and admin privileges.
Why it matters
Google Workspace defaults favor collaboration over security. Understanding what's shared externally is the first step to controlling data exposure.
Included in: Management tier and above
Auto-Remediation
For supported configurations, Vigil can automatically fix misconfigurations with a single click -- no manual PowerShell or admin console changes needed.
Why it matters
Knowing about a problem is only half the battle. Automated fixes close the gap between detection and resolution from days to seconds.
Included in: Compliance tier and above
Security doesn't stop after a scan
Vigil re-checks your posture automatically and alerts you when something changes. Think of it as a security system that never sleeps.
Automated Re-Scanning (Every 6 Hours)
Your external security posture is continuously monitored. DNS changes, certificate expirations, new vulnerabilities, and configuration drift are caught automatically.
Why it matters
Security is not a one-time event. Configurations change, certificates expire, and new vulnerabilities are discovered daily.
Included in: Management tier and above
Credential Breach Monitoring
Checks employee email addresses against known breach databases and dark web marketplaces. Alerts you when credentials appear in new data dumps.
Why it matters
Reused passwords from breached sites are the easiest way into your systems. Early detection lets you force password resets before attackers strike.
Included in: Management tier and above
Brand Impersonation Monitoring
Monitors Certificate Transparency logs for certificates issued to domains that look like yours. Catches phishing sites and impersonation attempts early.
Why it matters
Attackers register look-alike domains to phish your customers and employees. Catching these early protects your brand and your people.
Included in: vCISO tier
Meet requirements without hiring a consultant
Vigil maps your security posture to industry frameworks and tells you exactly what's missing. No spreadsheets, no guesswork.
Framework Mapping (NIST CSF, SOC 2, HIPAA, CIS, ISO 27001)
Your scan results are automatically mapped to compliance framework controls. See which controls you satisfy, which need work, and exactly what to do.
Why it matters
Compliance frameworks are complex documents written for auditors. Vigil translates them into actionable tasks for your team.
Included in: Compliance tier and above
Compliance Control Dashboard
A real-time view of your compliance posture across every framework. Filter by status, priority, or framework. Track progress over time.
Why it matters
When an auditor or customer asks about your compliance status, you need an answer in minutes, not weeks.
Included in: Compliance tier and above
Evidence Locker
Securely store compliance evidence (policies, screenshots, configurations) in Azure Blob Storage. Organized by framework and control for easy retrieval during audits.
Why it matters
Audit preparation is 80% evidence gathering. A pre-organized evidence locker turns a painful process into a simple export.
Included in: Compliance tier and above
Audit-Ready Reports
Generate professional compliance reports that auditors expect to see. Includes control mappings, evidence references, and gap analysis.
Why it matters
Professional documentation signals maturity and reduces back-and-forth with auditors, saving time and money.
Included in: Compliance tier and above
Understand and quantify your risk
Risk management is about making informed decisions. Vigil helps you identify, score, and track risks so you can prioritize what matters most.
Risk Register with Quantitative Scoring
Maintain a living inventory of security risks with likelihood, impact, and composite risk scores. Track risk treatment decisions and residual risk over time.
Why it matters
Not all risks are equal. A risk register helps you invest your limited security budget where it will have the greatest impact.
Included in: Compliance tier and above
Vendor Risk Tracking
Inventory your third-party vendors, track their security posture, and manage risk questionnaires. Surface hidden supply chain risks before they become incidents.
Why it matters
Your security is only as strong as your weakest vendor. Tracking vendor risk is essential for any compliance framework.
Included in: Management tier and above
Security Health Score (0-100)
A composite score across email security, infrastructure security, and website security. Track your score over time like a credit score for cybersecurity.
Why it matters
A single number makes it easy to communicate security posture to leadership, boards, and customers.
Included in: Free tier and above
Your AI security advisor
Vigil uses Azure OpenAI to generate policies, roadmaps, and remediation guidance tailored to your specific business and scan results.
AI Policy Generator (8+ Templates)
Generate industry-specific security policies in minutes: Acceptable Use, Incident Response, Data Retention, Remote Work, BYOD, Password Policy, Vendor Management, and Data Classification.
Why it matters
Writing security policies from scratch takes weeks and usually requires a consultant. AI-generated policies give you a professional starting point instantly.
Included in: Management tier and above
AI Security Roadmap (90-Day Plan)
Based on your scan results, Vigil generates a prioritized 90-day security improvement plan with specific tasks, timelines, and expected impact.
Why it matters
Knowing your problems is only useful if you know what to fix first. A prioritized roadmap turns findings into action.
Included in: Management tier and above
AI Budget Planner (12-Month)
Get a realistic 12-month security budget based on your organization size, industry, and current maturity level. Includes tool recommendations and ROI projections.
Why it matters
Security spending without a plan is guesswork. A data-driven budget helps you justify investment to leadership.
Included in: vCISO tier
Copy-Paste Remediation Configs
For every finding, Vigil provides exact configuration snippets you can copy and paste -- DNS records, PowerShell commands, admin console settings, and more.
Why it matters
Generic advice like 'enable DMARC' wastes time. Exact configs like 'add this TXT record' save hours of research.
Included in: Management tier and above
Professional reports for every audience
Whether you're reporting to your team, your board, or your customers, Vigil generates the right report for the right audience.
PDF Security Reports
Professional, branded PDF reports summarizing your security posture, findings, and recommendations. Perfect for sharing with leadership or clients.
Why it matters
A professional report communicates competence. It shows you take security seriously and have a system in place.
Included in: Management tier and above
Executive Security Dashboard
A high-level view designed for non-technical leadership. Key metrics, trends, risk summary, and compliance status at a glance.
Why it matters
Executives don't need technical details -- they need to know if the organization is getting more or less secure over time.
Included in: vCISO tier
Scan History & Trend Tracking
Every scan is saved. Compare results over time to see progress, catch regressions, and demonstrate continuous improvement.
Why it matters
Trends matter more than snapshots. Showing improvement over time is the strongest evidence of a maturing security program.
Included in: Visibility tier and above
Built for managed service providers
If you manage security for multiple clients, Vigil gives you the tools to scale your practice without scaling your team.
Multi-Client Management
Manage all your clients from a single dashboard. Switch between organizations, compare postures, and identify which clients need attention.
Why it matters
MSPs need efficiency. Managing clients one at a time doesn't scale. A unified view lets you prioritize across your entire portfolio.
Included in: vCISO tier
White-Label PDF Reports
Generate professional reports branded with your MSP's logo and identity. Deliver them to clients as your own work product.
Why it matters
White-label reports let you offer a premium security service without building the tooling yourself.
Included in: vCISO tier
Cloud Infrastructure Scanning (AWS/Azure/GCP)
Extend scanning beyond domains and workspaces into cloud infrastructure. Check IAM policies, storage permissions, network configurations, and more.
Why it matters
As businesses move to the cloud, misconfigured infrastructure becomes a major risk. Cloud scanning covers the full picture.
Included in: vCISO tier
Ready to see your security posture?
Start with a free scan. No credit card required, no commitment. In under two minutes you'll know exactly where you stand.