VVigilby Tandem Lens
Request access
🟢 Private beta · 26 operational modules

Stop building your security program in your head.
Start building it here.

An AI assistant gives you answers. Vigil gives you memory.
Organize, prioritize and communicate your security program — from wherever you are.

CISOsIT ManagersCTOsSecurity LeadsvCISOsConsultants
Request accessSee how it works
🔒 SOC 2-ready architecture
🌐 100% EN/ES
45 min to first roadmap

The fundamental difference

An AI assistant gives you answers. Vigil gives you memory.

Your company's security posture needs to live somewhere permanent — with historical tracking, ownership assignment, evidence for auditors, and executive reporting.

Today that information lives in your head, in scattered spreadsheets, or in AI chats that forget everything when you close the window. Vigil is the system of record you were missing.

Supports the frameworks you need

PCI DSSSOC 2ISO 27001NIST CSFCIS Controls v8HIPAAGDPRNIST AI RMFISO/IEC 42001ISO 27400

A complete program, from day zero

26 modules covering the full lifecycle of a security program — from initial assessment to board reporting.

ASSESS

Understand your real posture

  • Adaptive assessment — 120+ questions, 10 domains, calibrated to your industry and regulations
  • Gap Analysis — coverage across PCI-DSS, SOC 2, ISO 27001 and NIST in a visual heatmap
  • Risk Register — identify, quantify and prioritize risks formally (ISO 27001 clause 6.1)
  • Asset Inventory — strategic inventory of critical assets with data classification
  • Threat Intelligence — real CVEs and active campaigns filtered to your tech stack

OPERATE

Run your program day to day

  • Prioritized roadmap — 3 phases based on regulatory risk, impact and effort
  • Projects & Tasks — security project management with phases, tasks and dependencies
  • Incident Response — full NIST SP 800-61 cycle, timeline, checklist and MTTR/MTTD metrics
  • Vendor Risk — critical vendor due diligence with ISO 27001 A.15 assessments
  • Policies — policy library with 8 templates, versioning and approval workflow
  • Security Awareness — phishing campaign tracking and awareness program builder

REPORT

Communicate with any audience

  • OKRs & KPIs auto-generated from the roadmap
  • Financial Risk Translator — every gap in terms of financial exposure and ROI
  • Budget Planning OPEX/CAPEX with industry benchmarks (Gartner, IDC)
  • Communication Toolkit — 8 ready templates: board reports, executive briefings, staff alerts
  • Reports in PDF, Excel, CSV and PowerPoint
  • Certification Readiness — guide toward SOC 2, PCI-DSS, ISO 27001, HIPAA, NIST and GDPR

How it works

Three steps to a measurable, communicable security program.

🎯
1
Contextual assessment
Adaptive onboarding calibrates to your profile. Fintech + IoT? PKI and Crypto weight increases. Cloud-only? DevSecOps activates. Between 52 and 101 questions based on your context.
⚖️
2
Prioritization engine
Gaps are scored by regulatory impact (40%), inherent risk (35%), and inverse effort (25%). Phase 1 tackles quick wins and certification blockers. No guesswork.
📊
3
Security Command Center
Real-time dashboard with domain scores, simulation mode, auto-generated OKRs/KPIs, financial risk translator, and 10+ technical panels. Always visible. Always current.

Sound familiar?

I joined 3 months ago and still don't know exactly what systems we have or who's responsible for what.

— CISO, Fintech

They asked me for a security posture report for the board and I don't know where to start.

— IT Manager, SaaS B2B

I have the knowledge to build the program but no system to organize it and measure it.

— Security Lead, IoT

I manage 6 clients as a vCISO and each one has their status in a different spreadsheet.

— vCISO, Independent Consultant

They asked for SOC 2 to close an important contract and I don't know what gaps I have or how long it takes.

— CTO, SaaS startup

When the auditor came I had no evidence of anything. I knew we were doing things right but couldn't prove it.

— CISO, Healthtech

What leadership cares about

Vigil speaks the CFO's and the board's language

Every gap detected includes its financial exposure estimate and remediation ROI — so you can justify investments in the language leadership understands.

No MFA in production

Incident probability: 23%

Average cost if it happens: $485,000

Investment to close: $3,200/year

ROI: 15,000% in the first year

No offboarding process

Orphan accounts active: 12%

Unauthorized access exposure: $125,000

Investment to close: $0 (process only)

ROI: infinite — zero cost, risk eliminated

IoT without certificates

Devices with default credentials: 45

Lateral intrusion vector: $890,000

PKI investment: $12,000

ROI: 7,400% protected

Based on IBM Cost of Data Breach, Verizon DBIR and Ponemon Institute

Who Vigil is NOT for

If you already have a mature program and just need to automate a specific certification
If you're an enterprise with 500+ employees and established GRC processes
If you're looking for a specific technical tool — SIEM, EDR, or vulnerability scanner
If your program has been running formally for 3+ years

Vigil IS for you if...

You're responsible for cybersecurity — with or without the CISO title
Leadership asked for results and you don't have a system to organize, measure and communicate them
You have the knowledge but lack structure, metrics and documented evidence
You're a consultant or vCISO with clients building from zero
You operate in fintech, SaaS, IoT, healthtech or any regulated industry

26

operational modules

9

security domains

9

regulatory frameworks

100+

mapped controls

45 min

initial setup

Designed for whoever carries the responsibility

🛡️

The Day-0 CISO

You join a company where security is a spreadsheet with passwords and good intentions. You know what needs to be done — Vigil gives you the system to organize it, prioritize it and measure it.

🔑

The untitled security lead

You're the IT Manager, CTO or Security Lead who also handles security. Vigil gives you professional structure without requiring you to be a certified specialist.

👥

The vCISO or consultant

You manage multiple clients starting from zero. Vigil gives you a platform to scale without hiring — each client with their own program, roadmap and reports.

After years working in telecommunications, government and fintech of different scales, we built Vigil based on real experiences and needs we encountered along the way. That's why we decided to open it to the market.

— Founder, Tandem Lens Cybersecurity

Simple pricing. Beta users lock in lifetime rates.

Billing is disabled during beta. All features unlocked.

Starter

For 1 company or client

$124/mo

Billed annually

or $149/mo billed monthly

  • Adaptive onboarding calibrated to your context
  • Multi-framework assessment (NIST CSF 2.0, ISO 27001, CIS Controls v8, PCI DSS, SOC 2, HIPAA, GDPR, NIST AI RMF, ISO/IEC 42001)
  • Roadmap prioritized by regulatory impact × risk × effort
  • Risk Register (ISO 27001) + Asset Inventory
  • Incident Response (NIST 800-61) + Policy Management
  • Communication Toolkit — 8 bilingual executive templates
  • Executive reports (PDF, Excel, PPTX, CSV)
  • Threat Intel Free — CISA KEV + iCISO contextualization
  • Weekly CISO Summary on-demand
  • Email support (48h business-hours SLA)
Request access

Corporate

Groups and holdings — up to 5 entities

$665/mo

Billed annually

or $799/mo billed monthly

  • Everything in Starter, plus:
  • Consolidated multi-entity dashboard
  • Policy inheritance across entities
  • Unlimited users with roles (RBAC)
  • Basic SSO (Google Workspace, Microsoft 365)
  • Change audit log
  • Priority support (24h business-hours SLA)
Request access

Agency

vCISOs and consultancies — up to 25 clients

$2,080/mo

Billed annually

or $2,499/mo billed monthly

  • Everything in Corporate, plus:
  • White-label portal per client
  • Custom branding per client
  • End-client-oriented reports
  • REST API (read + webhooks)
  • Guided onboarding for your first client
  • Shared Slack channel
Request access

Enterprise

More than 25 clients or advanced requirements?

  • Unlimited clients
  • SSO/SCIM with Okta/Entra
  • Custom DPA
  • SOC 2 bridge letter
  • 99.9% SLA
  • Dedicated Customer Success Manager
  • Optional on-premise

Pricing tailored to your context

Contact sales

Your security program deserves to live somewhere.

Stop building it in your head.

Request beta access

Private beta · Invite only · No credit card required

Vigil — Security Posture Management