What AWS services does Vigilare monitor?

Vigilare monitors 7+ AWS services: Billing (cost anomalies and usage spikes), IAM (policy drift, root account usage, missing MFA), GuardDuty (threat findings), SES (sending reputation), CloudTrail (suspicious API patterns), Service Quotas (limit utilisation), and Account Health (AWS notifications). Coverage is continuously expanded.

How does Vigilare access my AWS account?

Vigilare uses a read-only cross-account IAM role that you provision using our open-source Terraform module. The role grants only the minimum permissions required for monitoring — no write access, no credential storage, and no data leaves your account except what is needed to display findings in your dashboard.

How quickly will I be alerted?

Depending on your plan, Vigilare scans every 1, 5, or 15 minutes. Alerts are delivered in real time via email, Slack, or PagerDuty the moment a threshold is crossed. The typical end-to-end latency from event to alert is under 90 seconds.

Can I monitor multiple AWS accounts?

Yes. The Solo plan covers 1 account, Team supports up to 10, Agency up to 50, and Enterprise is unlimited. All accounts appear in a single dashboard with per-account risk scores and consolidated alert feeds.

Is my AWS data secure?

All data is encrypted at rest with AES-256 and in transit with TLS 1.2+. Vigilare's control plane runs on AWS infrastructure in dedicated, isolated tenants. We never store raw AWS credentials. The platform is SOC 2 Type II compliant and we provide reports on request for Enterprise customers.

Is there a free trial?

Yes — all paid plans include a 14-day free trial. No credit card is required to get started. You can connect your first AWS account and see findings within 5 minutes of signing up.

What happens if I exceed my account limit?

We'll notify you as you approach your account limit and give you the option to upgrade. We won't stop monitoring your existing accounts without notice.

Can I cancel at any time?

Yes. There are no long-term contracts. You can cancel your subscription at any time from the billing settings page. Your access continues until the end of the current billing period.

Setting Up Slack Alerts in Vigilare: Never Miss a Critical Finding

Email alerts are fine for weekly summaries. For critical security findings and billing anomalies, you need something that interrupts your workflow — and for most teams, that's Slack. Here's how to connect Vigilare to Slack and configure alert routing so the right findings reach the right channel at the right time.

Step 1: Connect Slack to Vigilare (1 minute)

In the Vigilare dashboard, go to Settings → Integrations → Slack. Click "Add to Slack." You'll be redirected to Slack's OAuth flow — select the workspace you want to connect and authorize the Vigilare app. The app requests permission to post messages to channels you specify. It does not read your messages, access your files, or join channels automatically.

Step 2: Choose Your Alert Channel (1 minute)

After connecting, Vigilare asks which Slack channel should receive alerts. Most teams create a dedicated channel like #aws-alerts or #vigilare. You can also use an existing channel like #engineering or #ops.

If you manage multiple AWS accounts, you can route each account's alerts to a different channel — useful for agencies managing client accounts or teams with separate production and staging environments.

Step 3: Configure Alert Routing (2 minutes)

Not every finding deserves a Slack notification. Vigilare lets you configure routing rules based on severity and category:

Critical alerts → Slack (immediately): These include risk score drops below threshold, active security threats (GuardDuty HIGH/CRITICAL findings), billing anomalies exceeding your configured threshold, and account health warnings (SES reputation issues, payment failures).

Warning alerts → Slack (batched): These include new medium-severity findings, compliance configuration changes, and spending trend warnings. Batched alerts are delivered once per hour to reduce noise.

Informational → Email only: These include low-severity findings, optimization recommendations, and weekly summary reports. These don't need to interrupt your Slack workflow.

The default routing is sensible for most teams, but you can customize it in Settings → Notifications → Routing Rules.

What Slack Alerts Look Like

Vigilare Slack messages include the alert severity and category (color-coded), the affected AWS account and resource, a plain-English description of what happened, the impact on your risk score, and a direct link to the finding in your Vigilare dashboard for full details and remediation steps.

Critical alerts are formatted with a red sidebar and include an @channel mention (configurable). Warning alerts use a yellow sidebar without the mention.

Advanced: PagerDuty and Webhook Integration

For teams that need paging for critical alerts (not just Slack messages), Vigilare integrates with PagerDuty and Opsgenie. Go to Settings → Integrations and add your PagerDuty integration key. Critical findings will create PagerDuty incidents that follow your escalation policy.

For custom integrations, use the webhook option. Vigilare sends a JSON payload to your endpoint for every alert, which you can route to any system — Microsoft Teams, Discord, a custom dashboard, or your own incident management tool.

Protect your AWS accounts before it's too late

Vigilare monitors your AWS accounts for suspension risks — billing anomalies, IAM issues, GuardDuty findings, and more — and alerts you before AWS takes action.

See Vigilare pricing Talk to us about securing your AWS Browse documentation →

Written by Vigilare Engineering

Platform Team