Everything you need to know about Vigimati and cloud compliance
Vigimati is a context-aware cloud security compliance platform. Unlike traditional CSPMs that give you binary pass/fail results, Vigimati evaluates every resource with full context — permissions, configurations, dependencies — to calculate real residual risk, weighted compliance scores, and control maturity levels.
Vigimati currently supports AWS. We designed the platform to be multi-cloud ready, so support for Azure and GCP is on our roadmap.
Vigimati uses a read-only IAM role with least-privilege permissions. There are no agents to install, no impact on your workloads, and setup takes about 5 minutes. We never create, modify, or delete any resource in your environment.
When a resource fails a security check, traditional tools stamp it as HIGH. Vigimati goes further — it analyzes the resource's permissions, compensating controls, and exposure to calculate the actual remaining risk on a 0–10 scale. An admin user without MFA scores very differently from a read-only service account without MFA.
Traditional compliance scores are distorted by resource count — a control checking 500 S3 buckets outweighs a control checking root account MFA. Vigimati weights each control by criticality, so your score reflects what actually matters, not how many resources you have.
Not all passing checks are equal. A user with virtual MFA passes the same check as one with multiple hardware keys. Vigimati grades passing resources into three tiers — Bronze (basic), Silver (recommended), and Gold (best-in-class) — so you can track the quality of your implementations, not just compliance.
Yes. The free plan includes 1 AWS account (up to 500 resources), 1 user, and all compliance frameworks. No credit card required. It's free forever, not a trial.
The Professional plan is priced at €0.20 per resource per month. For example, 2,000 resources would cost €400/month. Enterprise pricing is custom for organizations with 50,000+ resources. Annual plans receive a 20% discount.
Vigimati supports all major cloud security frameworks and benchmarks. Every plan, including the free tier, has access to the full framework library.
Vigimati performs daily evaluations and continuous discovery. New accounts, regions, and resources are detected automatically without any manual configuration.
Absolutely. Vigimati runs on a fully serverless architecture on AWS with encryption at rest (AES-256) and in transit (TLS 1.3). We maintain strict multi-tenant isolation, and all access is protected by MFA and role-based controls. See our Security Policy for full details.
Yes. Professional and Enterprise plans can export compliance reports in PDF and CSV formats, ready for auditors and leadership.
Still have questions?
Our team is here to help. Schedule a personalized demo or ask us anything about Vigimati.