VIGIL
Stop building your security program in your head. Start building it here.

VIGIL

Your security posture, finally visible.

Stop guessing where to start. Vigil assesses your security in 45 minutes, builds your prioritized roadmap, and tells you exactly what to do first — every week.

Start free — no credit card

Used by CISOs at fintechs, SaaS companies, and IoT startups.

Scroll
THE REALITY

You know exactly what needs to be done. You just don't have a system to do it.

You walk into a new company. No security policies. No asset inventory. No metrics. No roadmap. The board wants a report in 90 days.

You have the knowledge. IAM, network hardening, DevSecOps, PKI, IoT security, governance.

But it's all in your head. And it needs to be written down — somewhere permanent.

$50k+/year — just to start

Enterprise GRC tools like Archer or ServiceNow assume you already have mature processes. You don't. And you shouldn't have to pay enterprise prices to build from scratch.

SOC 2 is not a security program

Vanta and Drata are great for certification. But certification readiness is not the same as building a security program from zero. They don't tell you where to start.

AI forgets everything

Claude and ChatGPT give brilliant answers. But when you close the tab, it's gone. No memory. No tracking. No evidence trail. No system of record.

THE SOLUTION

An AI assistant gives you answers. Vigil gives you memory.

Your security posture needs to live somewhere permanent — with historical tracking, ownership assignment, evidence for auditors, and executive reporting. That's Vigil.

Memory

Every answer, every control, every gap — permanently stored and versioned. Access your full security history from any device, any browser, any time.

Prioritization

Not a to-do list. A risk-weighted roadmap. Vigil ranks every gap by regulatory impact, risk level, and implementation effort — so you always know what to do first.

Evidence

Every control has an audit trail. Upload evidence per item, assign owners, track completion dates. When the auditor asks, you're ready in one click.

THE DIFFERENCE

From paralysis to clarity — in 45 minutes.

Without Vigil
With Vigil ✓
Ideas scattered in your head
Documented roadmap in 45 min
No metrics for the board
Score 0–100 per domain
Gaps without priority
Ranked by regulatory risk
No evidence for auditors
Evidence attached per control
Manual PowerPoint reports
Executive PDF in one click
Forget what changed last month
Full score history and trends
Start from scratch every engagement
Reusable across clients and entities
No financial risk quantification
Board-ready risk in dollars with ROI
Security reports no one can act on
Board PDF with investment case in 1 click
WHAT VIGIL DOES

Everything a Day-0 CISO needs. Nothing they don't.

Adaptive Assessment

101 questions across 9 security domains. Adapts to your company profile — fintech, SaaS, IoT, healthtech. Skip what doesn't apply. Done in 45 minutes.

Prioritized Roadmap

Three phases. Zero guesswork. Phase 1: close critical gaps in 30 days. Phase 2: build structure in 90 days. Phase 3: certification readiness in 180 days.

OKRs & KPIs — auto-generated

Board-ready language, automatically. Quarterly objectives and key results generated from your actual security data. Update as you close gaps.

Gap Analysis

See exactly where you stand against PCI-DSS, SOC 2, ISO 27001, and NIST. Visual heatmap by domain and framework. Export for auditors in one click.

Weekly Intelligence Digest

Every Monday morning: your #1 priority, why it matters, and how long it takes. Personalized to your actual posture — not a generic newsletter.

Executive PDF Report

One page. Plain language. Built for your CEO, CFO, and board. Share a read-only link with auditors or investors — no login required.

BUILT FOR

If you're building a security program from scratch — this is for you.

Fintech / Payments

Our investors need security evidence before the next funding round.

PCI-DSSSOC 2Local regs

SaaS B2B

Enterprise customers won't sign without a security questionnaire.

SOC 2ISO 27001

Hardware / IoT

We have 200 devices in the field with no identity management.

NIST SP800-213ISO 27400

Healthtech

One breach notification could end the company.

HIPAASOC 2

Holdings & Groups

I need consolidated visibility across 4 subsidiaries.

Multiple frameworksMulti-entity
BY THE NUMBERS
45 min
Full assessment from zero
9
Security domains covered
IAM · Network · DevSecOps · IoT · Crypto · Gov · IR · People · Vendor
5
Frameworks mapped
PCI-DSS · SOC 2 · ISO 27001 · NIST · GDPR
SIMPLE PRICING

Start free. Scale when you're ready.

14-day free trial · No credit card required · All plans include full access during trial

Starter
$149/mo
$124/mo billed annually
For the solo CISO
  • 1 entity
  • Full 9-domain assessment
  • Prioritized roadmap (3 phases)
  • OKRs & KPIs dashboard
  • Gap analysis (4 frameworks)
  • Executive PDF export
  • Weekly intelligence digest
Start free →
Most popular
Corporate
$499/mo
$415/mo billed annually
For holdings and groups
  • Up to 5 entities
  • All Starter features
  • Consolidated dashboard
  • Policy inheritance
  • Multi-user access
  • Roles & permissions
  • Priority support
Start free →
Agency
$999/mo
$832/mo billed annually
For vCISOs and consultants
  • Unlimited client entities
  • All Corporate features
  • White-label portal
  • Custom branding per client
  • API access
  • Client-facing reports
  • Tandem Lens internal use
Start free →

Your company has a security posture.

For the first time, it will be written down.

Join the CISOs who stopped guessing and started building.

Start building with Vigil — free →

No credit card. No sales call. No setup fee. Ready in 45 minutes.