Vigil continuously discovers every subdomain, open port, and exposed service in your infrastructure — then analyses it with AI to surface real vulnerabilities.
The way an attacker sees you. Before they act.
$ nmap -sV api.acme.corp
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.9
443/tcp open https nginx/1.18.0
8080/tcp open http (admin panel)
$ subfinder -d acme.corp -silent
api.acme.corp
staging.acme.corp [EXPOSED]
admin-legacy.acme.corp [EXPOSED]
s3.acme.corp [TAKEOVER RISK]
The Threat Perspective
Most organisations discover their exposed assets after an incident. Vigil gives you the attacker's view — continuously, automatically, before anyone acts on it.
Scan Pipeline
Each scan runs up to five automated phases, each building on the last.
Subdomain enumeration, web crawl, and technology fingerprinting across your entire external surface.
Certificate transparency logs, breach data records, and public exposure indicators.
SPF, DMARC, and DKIM validation. Dangling CNAME detection for subdomain takeover risk.
Capabilities
Automatically enumerates subdomains, IPs, web services, and mail infrastructure. Updated on every scan as your perimeter evolves.
Phase 4 uses AI trained on threat data to generate exposure summaries and risk scores from live scan output — in plain language.
The Platform
A clean, data-dense interface that puts your security posture front and centre.
Join the early access programme. Invite-only private beta.
Get early accessGDPR Compliant · SOC 2 Ready · Data Never Sold
AI-generated exposure assessment, risk scoring, and attack narrative from live scan data.
AI red team findings mapped to your attack surface, with a prioritised remediation plan.
Phase 5 simulates an attacker's decision tree against your assets, producing a prioritised remediation plan your team can act on.