Product

Vigil

Stop building your security program in your head. Start building it here.

Vigil is our flagship SaaS platform: the system of record for cybersecurity leaders. Adaptive onboarding, roadmap prioritized by regulatory impact, 26+ management modules, and executive-ready reports — all in one place that remembers what your program already knows.

Differentiator

"An AI assistant gives you answers. Vigil gives you memory."

For whom

Who it's for

Companies starting from scratch

Series A–C startups without prior security leadership. Vigil calibrates the program to your context and tells you where to begin.

Companies consolidating scattered controls

If you're already running with spreadsheets, Notion and siloed tools, Vigil consolidates everything into a measurable system of record you can show the board.

vCISOs and boutique consultancies

Agency plan with white-label and multi-client access: run dozens of programs from a single console.

What's included

01

Adaptive onboarding

Calibrates the program by profile (Cloud, On-prem, IoT, Dev, OT, SaaS-only) and automatically adjusts domain weights.

02

Domain-first Gap Analysis

Primary view by domain with coverage %, toggle to framework (NIST CSF 2.0, ISO 27001, CIS, PCI, SOC 2, HIPAA, GDPR).

03

Prioritized roadmap

Regulatory impact × risk × inverse effort formula. Evidence, ownership and historical tracking by phase.

04

Management modules

Risk Register (ISO 27001 6.1), Vendor Risk, Incident Response (NIST 800-61), Policy Management, Asset Inventory, Communication Toolkit.

05

Executive reports

Board Report PDF, Weekly CISO Summary, Reports Builder with 8 types × 4 formats (PDF, Excel, CSV, PPTX).

06

Integrated Threat Intelligence

Multi-source adapter framework. Automated CISA KEV at no additional cost. Premium add-on available with Hudson Rock and HIBP.

Product

A look at the product

Real Vigil screenshots. Three views that capture how a security program is built, measured and communicated.

01 · vigil › security command center

Security Command Center

Single posture view: global score, critical gaps, mapped frameworks and per-domain scoring (IAM, Network, DevSecOps, IoT, Crypto, Governance, IR, Culture).

Security Command Center — Single posture view: global score, critical gaps, mapped frameworks and per-domain scoring (IAM, Network, DevSecOps, IoT, Crypto, Governance, IR, Culture).
02 · vigil › risk register

Risk Register

Aligned with ISO 27001 clause 6.1 and SOC 2 CC9. 5×5 Risk Matrix, likelihood × impact scoring, owner assignment, treatment and mitigation progress.

Risk Register — Aligned with ISO 27001 clause 6.1 and SOC 2 CC9. 5×5 Risk Matrix, likelihood × impact scoring, owner assignment, treatment and mitigation progress.
03 · vigil › certification roadmap

Certification Roadmap

Measurable readiness per framework: PCI DSS, SOC 2, ISO 27001, HIPAA, NIST CSF 2.0 and GDPR. Estimated timelines per certification and industry filtering (fintech, healthtech, SaaS, enterprise).

Certification Roadmap — Measurable readiness per framework: PCI DSS, SOC 2, ISO 27001, HIPAA, NIST CSF 2.0 and GDPR. Estimated timelines per certification and industry filtering (fintech, healthtech, SaaS, enterprise).
04 · vigil › communication toolkit

Communication Toolkit

Eight bilingual templates ready for execs: Board Report, Executive Briefing, Client Security Report, Security Alert, Policy Update, Security Win, Meeting Agenda.

Communication Toolkit — Eight bilingual templates ready for execs: Board Report, Executive Briefing, Client Security Report, Security Alert, Policy Update, Security Win, Meeting Agenda.
Pricing

Plans

Transparent per-tier pricing. The premium Threat Intelligence add-on is quoted separately. Organizations with +25 clients, SSO/SCIM or custom compliance needs → Enterprise.

Starter

1 company or client
USD 149/mo
  • Adaptive onboarding calibrated to your context
  • Multi-framework assessment (NIST CSF 2.0, ISO 27001, CIS, PCI, SOC 2, HIPAA)
  • Roadmap prioritized by regulatory impact × risk × inverse effort
  • Risk Register (ISO 27001) + Asset Inventory
  • Incident Response (NIST 800-61) + Policy Management
  • Communication Toolkit — 8 bilingual executive templates
  • Executive reports (PDF, Excel, PPTX, CSV)
  • Threat Intel Free — CISA KEV + iCISO contextualization
  • Weekly CISO Summary on-demand
  • Email support (48-business-hour SLA)
Most popular

Corporate

Groups and holdings — up to 5 entities
USD 799/mo
Everything in Starter, plus:
  • Consolidated multi-entity dashboard
  • Policy inheritance across entities
  • Unlimited users with roles (RBAC)
  • Basic SSO (Google Workspace, Microsoft 365)
  • Change audit log
  • Priority support (24-business-hour SLA)

Agency

vCISOs and consultancies — up to 25 clients
USD 2,499/mo
Everything in Corporate, plus:
  • Per-client white-label portal
  • Per-client custom branding
  • Client-facing reports
  • REST API (read + webhooks)
  • Assisted onboarding for first client
  • Shared Slack channel
Enterprise

More than 25 clients or advanced requirements?

Unlimited clients, SSO/SCIM with Okta/Entra, custom DPA, SOC 2 bridge letter, 99.9% SLA, dedicated Customer Success Manager, and optional on-prem. Pricing tailored to your context.

  • Unlimited clients and users
  • SSO/SCIM with enterprise IdPs
  • Custom DPA, EU/US data residency
  • 99.9% SLA with contractual penalties
  • Dedicated Customer Success Manager
  • SOC 2 Type II bridge letter
Contact us
Beta Vigil is in private beta. Access is granted manually; write to info@tandemlens.net or visit the product site to request it.

Explore Vigil in depth

The product site has the demo, documentation and access request form.

Go to vigil.tandemlens.net