Vigil Gateway: private beta is open.
I am Toby, head of business development at Vigil. I have spent the last three months in conversations with security teams, compliance officers, and platform leads across Singapore, Hong Kong, Sydney, Tokyo, and Mumbai. The conversations have a consistent pattern. The teams know they need something. They are not sure exactly what. Their existing security stack was built before AI agents existed and does not give them a clean answer to the question their boards are now asking: when an agent acts on behalf of an employee or a customer, who is responsible, what is recorded, and how do we revoke?
Vigil Gateway is the answer we built. Today we are opening a private beta to a small set of partners in regulated industries across APAC. This post explains what Gateway is, who it is for, and how to apply.
The bar for joining the beta is not whether you are large. The bar is whether you can engage seriously with the architecture and tell us, in detail, what fails.
What Gateway is
Gateway is the enterprise deployment of Vigil's defense layer. The same five-plane architecture, the same four-model detection ensemble, the same Execution Gate, the same VOAF audit chain. The differences from the consumer product are operational, not architectural.
Specifically:
Multi-user policy management. A security team can configure detection sensitivity, capability bounds, and approval workflows for groups of users without each user managing their own configuration. The policy hierarchy is documented, with explicit precedence rules between user-level, team-level, and organization-level policy.
SSO and identity integration. Gateway integrates with Okta, Azure AD, and Google Workspace for user authentication. The TAP attestation chain anchors at the organization's identity provider. Users do not need to manage separate Vigil credentials.
Cross-provider visibility at scale. The consumer product gives a user visibility across the AI providers they personally use. Gateway gives a security team aggregate visibility across the providers their entire workforce uses, with the same statistical properties holding at organizational scale.
Audit chain at organizational scope. VOAF chains are produced per user, but Gateway aggregates them into an organizational view that a regulator, internal auditor, or counterparty can inspect under appropriate authorization. The aggregation does not break the cryptographic verifiability of individual chains.
Compliance-ready exports. SOC 2 audit support, GDPR-compliant data export and deletion workflows, and a documented mapping from Gateway's controls to common compliance frameworks (NIST AI RMF, ISO 42001, MAS Technology Risk Management Guidelines for our Singapore partners).
The Gateway runs on infrastructure you select. We support managed deployment in our Singapore region (vigil-cloud, on Fly.io), private cloud deployment in your AWS or GCP environment, and hybrid configurations where the audit chain stays in your environment while the policy plane runs in ours. The deployment topology is part of the procurement conversation.
Who Gateway is for
We are deliberately keeping the beta cohort small. Approximately fifteen partners across the region. The intent is to learn quickly with operators who can engage seriously with the product, not to maximize logo collection.
We are looking for partners who fit one of three profiles.
Financial services with active AI deployment. Asset managers, banks, insurers, and wealth management platforms running AI in customer-facing or internal-research contexts. Specifically interested in firms whose compliance teams have started asking about AI governance and whose technology teams are looking for a defensible answer that does not require waiting for MAS or HKMA to publish formal guidance.
Healthcare and life sciences. Hospital systems, pharma research teams, and digital health platforms running AI on workflows that touch patient data or clinical decision support. The audit and revocation primitives matter most where the consequence of a compromised agent is highest.
Professional services with proprietary knowledge bases. Law firms, consultancies, and accounting firms running AI on internal knowledge bases or client-facing research. The McKinsey Lilli incident two months ago made this category newly serious about the action layer in a way it was not before.
What the three profiles have in common is that the consequence of an AI agent doing something wrong is large enough to justify the operational overhead of a defense layer. If the consequence is small, the buying decision will be price-driven and we will not be the right product. If the consequence is large, the conversation we want to have is about whether the architecture survives a serious attack, and that conversation requires a partner who is willing to red-team the system seriously.
What the beta involves
A few specifics for partners considering applying.
Length: ninety days. Long enough to deploy, run, and produce a real evaluation. Short enough that a partner who decides Gateway is not for them can move on without a long contractual exit.
Engagement model. Weekly calls with our team, including engineering when the conversation is technical. Direct access to me and to Dipendra (CEO) for strategic and architectural questions. Direct access to engineering for implementation questions.
Cost. The beta is at a substantial discount to the eventual commercial pricing. The exact terms depend on the deployment scope. We do not have public list pricing for Gateway because the right price for an enterprise deployment depends on the topology, the user count, and the support model. We are upfront about pricing in the first conversation. We do not run the discovery dance.
Feedback expectations. We expect partners to use Gateway in production with real users on real workloads. We expect honest feedback about what does not work, what is too noisy, what is too quiet, and what does not fit the partner's compliance posture. Beta partners who use the system without engaging are not useful to us. The partners who tell us what is wrong, repeatedly, are the ones who shape the product.
What you get. Production deployment of Gateway against your AI provider stack, running on infrastructure you control or in our managed environment. Direct integration support. Architecture review with our engineering team. The ability to influence the product roadmap in ways that will not be available after general availability. Beta pricing locks for the first eighteen months of commercial deployment.
What you do not get. A polished sales experience. Marketing-ready case studies. Public reference rights without your explicit consent. We are running a beta to learn. The polish comes later.
Why the geographic focus
The first cohort is APAC-focused, with a heavy weighting toward Singapore, Hong Kong, Sydney, Tokyo, and Mumbai. There are four reasons.
Regulatory momentum. MAS in Singapore, HKMA in Hong Kong, APRA in Australia, and the Indian regulators are all in the active phase of producing AI governance frameworks. Partners deploying Gateway during the beta have a chance to engage with the regulator's framework as it forms. The opportunity to influence the eventual regulation closes once the framework is published.
Vigil's regional grounding. Our team is in Singapore. Our cloud infrastructure runs in Singapore. Our regulatory engagement is most active here. We can support partners in this region with a depth of engagement that is harder to deliver from the other side of the world.
The enterprise AI buyer in APAC is building from less legacy than in some markets. This is a genuine advantage. Buyers who are not already locked into a Western vendor's AI security pitch are open to evaluating an architectural argument on its merits. The beta is constructed around this opening.
The next twelve months matter disproportionately. The decisions buyers make in the next year will shape their AI defense architecture for the following five. We are deliberately concentrating on partners who recognize the moment.
US and EU partners are not excluded. We have several exploratory conversations underway. The structured cohort, with the dedicated engineering engagement, is APAC-first.
How to apply
If your organization fits one of the profiles above and you can engage seriously, contact me at toby [at] runvigil.ai. The first conversation is a thirty-minute call. I will ask about your current AI footprint, your compliance posture, and what you are looking to achieve with a defense layer. I will tell you, honestly, whether Gateway fits.
If we proceed, the next step is a technical session with our engineering team and a deployment scope conversation. Time from initial contact to deployment, for a fitting partner, is approximately three weeks.
The beta cohort closes when we hit fifteen partners. We are at four as of writing. The list is curated for fit, not for first-come.
What is next
Gateway in general availability is targeted for late 2026. Between the beta and GA, we expect to ship enterprise SSO providers we do not yet support, additional compliance framework mappings, and an expanded set of policy templates for industries we have not yet engaged. These additions will be informed by what the beta cohort tells us, in that order.
A note on what is not in scope for Gateway: it is not a managed-service replacement for a security operations center. The dashboards, alerts, and audit views are designed to feed a partner's existing SOC tooling, not to replace it. We integrate with what you have. If you are evaluating Gateway against the question of whether to replace your SIEM, that is the wrong evaluation.
I am happy to take questions on the beta directly. The application path is open.