What AWS services does Vigilare monitor?

Vigilare monitors 7+ AWS services: Billing (cost anomalies and usage spikes), IAM (policy drift, root account usage, missing MFA), GuardDuty (threat findings), SES (sending reputation), CloudTrail (suspicious API patterns), Service Quotas (limit utilisation), and Account Health (AWS notifications). Coverage is continuously expanded.

How does Vigilare access my AWS account?

Vigilare uses a read-only cross-account IAM role that you provision using our open-source Terraform module. The role grants only the minimum permissions required for monitoring — no write access, no credential storage, and no data leaves your account except what is needed to display findings in your dashboard.

How quickly will I be alerted?

Depending on your plan, Vigilare scans every 1, 5, or 15 minutes. Alerts are delivered in real time via email, Slack, or PagerDuty the moment a threshold is crossed. The typical end-to-end latency from event to alert is under 90 seconds.

Can I monitor multiple AWS accounts?

Yes. The Solo plan covers 1 account, Team supports up to 10, Agency up to 50, and Enterprise is unlimited. All accounts appear in a single dashboard with per-account risk scores and consolidated alert feeds.

Is my AWS data secure?

All data is encrypted at rest with AES-256 and in transit with TLS 1.2+. Vigilare's control plane runs on AWS infrastructure in dedicated, isolated tenants. We never store raw AWS credentials. The platform is SOC 2 Type II compliant and we provide reports on request for Enterprise customers.

Is there a free trial?

Yes — all paid plans include a 14-day free trial. No credit card is required to get started. You can connect your first AWS account and see findings within 5 minutes of signing up.

What happens if I exceed my account limit?

We'll notify you as you approach your account limit and give you the option to upgrade. We won't stop monitoring your existing accounts without notice.

Can I cancel at any time?

Yes. There are no long-term contracts. You can cancel your subscription at any time from the billing settings page. Your access continues until the end of the current billing period.

Vigilare vs Datadog for AWS Monitoring: Different Tools, Different Jobs

The question "should we use Vigilare or Datadog?" comes up regularly, usually from teams evaluating their AWS monitoring stack and trying to understand whether one tool can replace the other. The short answer is that they address fundamentally different problems, and most serious AWS deployments benefit from both.

Understanding the distinction requires being precise about what each tool is actually for — and where the boundaries of each are.

What Datadog Does

Datadog is an observability and monitoring platform. It collects metrics, logs, and traces from your infrastructure and applications, provides dashboards and alerting on operational state, and enables correlation of infrastructure events with application behavior. Datadog's AWS integration pulls CloudWatch metrics, ELB access logs, Lambda invocation data, and other AWS service metrics into Datadog's unified platform.

Datadog excels at: application performance monitoring (APM) with distributed tracing, infrastructure monitoring with custom dashboards, log analytics with powerful search and pattern detection, synthetics testing for uptime and performance verification, and correlation between infrastructure events and application degradation.

Datadog's AWS monitoring is fundamentally operational — it tells you whether your services are running correctly, where latency is coming from, and when something breaks. It's oriented toward incident response for operational failures: "the API p99 latency spiked at 14:23" and "Lambda error rate is 2% on the payment processing function."

What Vigilare Does

Vigilare is an AWS account health and security monitoring platform. It monitors your AWS account configuration, billing patterns, security posture, and compliance status against the factors that affect account risk — including the risk of account suspension. Vigilare analyzes CloudTrail activity, Config compliance data, GuardDuty findings, SES reputation metrics, billing anomalies, and service quota utilization to build a comprehensive view of account health.

Vigilare excels at: detecting security misconfigurations before they're exploited, monitoring billing anomalies that indicate unauthorized usage or cost surprises, tracking SES reputation metrics to prevent suspension, identifying compliance drift against SOC 2, ISO 27001, and other frameworks, and providing MSP-scale monitoring across multiple client accounts from a single platform.

Vigilare's monitoring is risk-oriented — it tells you about factors that create account risk: "your S3 bucket has public access and contains objects matching PII patterns," "your EC2 vCPU utilization is at 80% of your account limit," "GuardDuty detected cryptocurrency mining communication from an instance."

Where They Overlap

Both tools consume AWS data and generate alerts. Some specific areas of overlap:

CloudWatch metrics: Both can ingest CloudWatch metrics. Datadog uses them for operational dashboards; Vigilare uses specific metrics (SES reputation, service quota utilization) for risk assessment.

AWS cost monitoring: Both provide cost visibility. Datadog's cost management features track spending trends; Vigilare's billing anomaly detection specifically looks for patterns indicating unauthorized usage or account compromise.

Security events: Datadog has security monitoring capabilities (CSPM, SIEM). Vigilare has security monitoring focused specifically on AWS account security and suspension risk factors. The security coverage overlaps but approaches from different angles.

The Complementary Use Case

Most production AWS environments benefit from both tools serving distinct roles:

Datadog handles: Application performance monitoring, custom metric dashboards for business KPIs, distributed tracing for microservices, log analytics for application debugging, infrastructure health for EC2/ECS/Lambda workloads.

Vigilare handles: AWS account security posture, suspension risk monitoring, compliance tracking, billing anomaly detection for security indicators, SES reputation health, multi-account MSP visibility.

The tools don't compete — they address different failure modes. Datadog alerts when your application is broken. Vigilare alerts when your AWS account is at risk. Both are necessary for comprehensive AWS operational management.

Cost Considerations

Both tools have subscription costs, and the "use both" answer needs to make financial sense. Evaluate each against the specific risks it mitigates:

Datadog's ROI is in MTTR reduction for operational incidents — faster debugging, earlier detection of performance degradation, proactive alerting on resource exhaustion. Quantify your average incident cost and the time savings from improved observability.

Vigilare's ROI is primarily in risk avoidance — preventing account suspension, catching billing anomalies before they become large bills, maintaining compliance status that clients require. Suspension of a production AWS account, even for 24-48 hours during AWS review, generates costs far exceeding the annual Vigilare subscription. The prevention value is asymmetric: small ongoing cost versus large intermittent risk.

FAQ

Can Datadog replace Vigilare for AWS security monitoring?

Datadog has CSPM and Cloud SIEM capabilities that cover some of the same ground. For organizations already heavily invested in Datadog, these features provide meaningful security coverage. Datadog's cloud security features are designed as part of a broader observability platform; Vigilare's monitoring is designed specifically around AWS account risk factors including suspension prevention, billing anomaly patterns that indicate compromise, and multi-account MSP use cases. The feature depth for AWS-specific risk factors differs.

Does Vigilare integrate with Datadog?

Vigilare can send alerts to your existing notification channels including PagerDuty, Slack, and email — the same channels Datadog typically routes to. For teams running both tools, alerts from both can feed into the same on-call workflow and incident management system. Direct Datadog integration for pushing Vigilare findings as Datadog events is something to check with current product documentation for the latest integration options.

What's the minimum viable monitoring stack for a production AWS environment?

Native tools baseline: CloudTrail (enabled, all regions, log file integrity validation), Config (with critical security rules), GuardDuty (enabled all regions), and billing alerts. This is the free-or-near-free foundation. Layer on Vigilare for continuous account health monitoring and suspension risk prevention. Add Datadog or equivalent observability tooling for application performance monitoring. Each layer addresses distinct failure modes that the others don't cover.

Protect your AWS accounts before it's too late

Vigilare monitors your AWS accounts for suspension risks — billing anomalies, IAM issues, GuardDuty findings, and more — and alerts you before AWS takes action.

See Vigilare pricing Talk to us about securing your AWS Browse documentation →

Written by Viktor B.

Co-founder & CEO