What AWS services does Vigilare monitor?

Vigilare monitors 7+ AWS services: Billing (cost anomalies and usage spikes), IAM (policy drift, root account usage, missing MFA), GuardDuty (threat findings), SES (sending reputation), CloudTrail (suspicious API patterns), Service Quotas (limit utilisation), and Account Health (AWS notifications). Coverage is continuously expanded.

How does Vigilare access my AWS account?

Vigilare uses a read-only cross-account IAM role that you provision using our open-source Terraform module. The role grants only the minimum permissions required for monitoring — no write access, no credential storage, and no data leaves your account except what is needed to display findings in your dashboard.

How quickly will I be alerted?

Depending on your plan, Vigilare scans every 1, 5, or 15 minutes. Alerts are delivered in real time via email, Slack, or PagerDuty the moment a threshold is crossed. The typical end-to-end latency from event to alert is under 90 seconds.

Can I monitor multiple AWS accounts?

Yes. The Solo plan covers 1 account, Team supports up to 10, Agency up to 50, and Enterprise is unlimited. All accounts appear in a single dashboard with per-account risk scores and consolidated alert feeds.

Is my AWS data secure?

All data is encrypted at rest with AES-256 and in transit with TLS 1.2+. Vigilare's control plane runs on AWS infrastructure in dedicated, isolated tenants. We never store raw AWS credentials. The platform is SOC 2 Type II compliant and we provide reports on request for Enterprise customers.

Is there a free trial?

Yes — all paid plans include a 14-day free trial. No credit card is required to get started. You can connect your first AWS account and see findings within 5 minutes of signing up.

What happens if I exceed my account limit?

We'll notify you as you approach your account limit and give you the option to upgrade. We won't stop monitoring your existing accounts without notice.

Can I cancel at any time?

Yes. There are no long-term contracts. You can cancel your subscription at any time from the billing settings page. Your access continues until the end of the current billing period.

Vigilare vs AWS-Native Tools: What You Get That CloudWatch Doesn't Give You

AWS gives you a dozen native monitoring tools. CloudWatch tracks metrics. Cost Explorer analyzes spend. GuardDuty detects threats. Config evaluates compliance. Security Hub aggregates findings. Each one does its job. None of them talk to each other in a way that helps a solo engineer or a small team make fast decisions.

This is not a criticism of AWS. These tools are designed for organizations with dedicated platform teams who build custom integrations, maintain dashboards, and create the correlation logic that ties everything together. If you have that team, AWS native tools are incredibly powerful. If you don't — if you're the only person watching the account — you need something that does that integration for you.

That's what Vigilare is. Here's specifically what it adds.

The Core Problem: Fragmented Signals

Imagine this scenario. Your AWS bill spikes 300% overnight. At the same time, GuardDuty generates a finding for API calls from an IP address in a region you've never used. And Config reports that a new IAM role with AdministratorAccess was created outside your normal change management process.

In AWS native tools, these are three separate events in three separate dashboards. The billing spike is in Cost Explorer. The GuardDuty finding is in the GuardDuty console. The Config finding is in the Config console. No native service connects them and says: "Your credentials are probably compromised."

In Vigilare, these three signals produce one correlated alert with a risk score that reflects the combined severity. You get a single notification that says: probable credential compromise, here's the evidence, here's what to do first.

Feature Comparison

Cost Monitoring

AWS native: Cost Explorer provides historical analysis with 24-hour granularity. Cost Anomaly Detection uses ML to spot deviations but has a 24-hour detection lag. Budgets provide threshold-based alerts that don't adapt to your spending patterns.

Vigilare: Monitors billing metrics at 5-minute intervals. Detects anomalies against a rolling baseline that adapts to your normal patterns. Correlates cost spikes with security signals to distinguish between legitimate growth and incidents. Alerts within minutes of a deviation, not hours.

Security Monitoring

AWS native: GuardDuty detects threats. Security Hub aggregates findings. Config checks compliance. Each has its own console, its own alert configuration, and its own severity model. You need to check multiple dashboards to understand your security posture.

Vigilare: Aggregates security findings from GuardDuty, Config, and IAM into a single view. Provides a risk score that reflects the combined security posture — not just the number of findings, but their severity, age, and correlation with other signals. Alerts are routed to Slack, email, or PagerDuty based on the risk level.

Account Health

AWS native: There is no native "account health" metric. Billing status, SES reputation, service quota utilization, and compliance posture are tracked in separate services. No native tool tells you whether your account is at risk of suspension.

Vigilare: Monitors every signal that contributes to account health — billing, security, compliance, SES reputation, service quotas — and rolls them into a single account health score. Trend analysis shows whether your account health is improving or degrading over time. Early warning alerts fire before you reach the thresholds that trigger AWS enforcement.

Setup and Maintenance

AWS native: Setting up a comprehensive monitoring stack with native tools requires enabling and configuring 5-8 services, creating cross-service integrations through EventBridge and SNS, building custom dashboards in CloudWatch, and maintaining the entire stack as AWS releases updates. Estimated setup time: 2-5 days for an experienced engineer.

Vigilare: Deploy a read-only Terraform module. Vigilare connects to your account, discovers your resources, and starts monitoring. Setup time: under 5 minutes. No agents, no infrastructure to maintain, no custom integrations to build.

What Vigilare Doesn't Replace

Vigilare is not a replacement for CloudWatch metrics on your application. It doesn't provide APM, log management, or custom application metrics. If you need to debug a slow API endpoint or trace a request through your microservices, you still need CloudWatch (or Datadog, or Grafana).

Vigilare is the layer above that — the one that watches the account-level signals that application monitoring misses. Think of it as the difference between a smoke detector in every room (CloudWatch) and a fire marshal who checks the building's electrical system, exits, and sprinkler pressure (Vigilare). You need both, but the fire marshal catches the problems that start fires before the smoke detectors go off.

When AWS Native Is Enough

If you have a dedicated platform engineering team that has built and maintains cross-service integrations, if your monitoring infrastructure is codified in Terraform with tested alerting pipelines, and if someone on your team reviews GuardDuty findings, Config compliance, and billing trends daily — AWS native tools are probably sufficient. You've already built what Vigilare provides.

If you haven't built that — if your monitoring is CloudWatch alarms you set up six months ago and a Cost Anomaly Detection monitor you enabled once — Vigilare fills the gap. See how it works for your account — 5-minute setup, 14-day free trial, no credit card required.

Protect your AWS accounts before it's too late

Vigilare monitors your AWS accounts for suspension risks — billing anomalies, IAM issues, GuardDuty findings, and more — and alerts you before AWS takes action.

See Vigilare pricing Talk to us about securing your AWS Browse documentation →

Written by Viktor B.

Co-founder & CEO