Vigil Enterprise Gateway · Direct sale

Defense behind your firewall.

The same engine that protects individual users, with an admin layer above it. SSO. SCIM. MDM. SIEM. Self-hosted where you need it. WARDEN as standard. Built for CISOs who already know AI agents are inside their perimeter and cannot find a defense layer that speaks their language.

Talk to sales
One
Engine
Consumer and enterprise
SOC 2
In scope
Audit trail shipped
NIST
RFI filed
Docket NIST-2025-0035
Self-hosted
Option available
Airgapped deployment
The enterprise gap

Your perimeter is not the agent's perimeter.

You can harden the network. You can SSO the logins. You can SIEM the logs. None of that inspects what an AI agent is about to do on behalf of your employees, in real time, at the action layer. That gap is where every enterprise AI incident lives.

Case study · 2025-2026

McKinsey's Lilli. Prompt-layer breach at one of the most security-mature firms in the world.

Lilli is McKinsey's internal AI agent. The firm has world-class endpoint detection, data loss prevention, and mature security operations. The prompt layer was still compromised.

The lesson is not that McKinsey got unlucky. The lesson is that existing enterprise security cannot defend agents from inside the perimeter it was designed to protect. The agent is already past every control that matters. The only remaining layer is between the agent and the AI provider, and that is exactly where Vigil sits.

Point 01
Provider logs are not audit trails.
OpenAI and Anthropic keep logs. Those logs serve the provider, not the enterprise. They are not discoverable by your counsel, not admissible in your defense, not exportable in your SIEM format.
Point 02
DLP does not see the action.
Your DLP was built for files and emails. AI agents do not move files. They send API calls that result in actions. The thing DLP was built to stop is no longer the thing that happens.
Point 03
Providers cannot audit themselves.
An engagement-optimized product cannot ship a feature that flags its own outputs as risky to the customer. Anthropic's Glasswing launch is structural evidence that the defense layer belongs outside the model.
The architecture

One engine. Admin layer above.

The binary running on a Fortune 500 CISO's endpoint is the same binary running on a solo user's laptop. Enterprise is not a fork. It is the same engine with a policy server, admin console, and enterprise integrations layered on top. That is what keeps the defense capability identical across consumer and enterprise.

Layer aboveAdmin Layer

Policy server, admin console, identity and compliance integrations.

Everything the CISO needs to govern Vigil across an organization. Central policy authoring. Tiered access. Audit export. SIEM forwarding. Compliance reporting. Self-hosted where regulation requires it.

Policy serverAdmin consoleSSO · SCIMSIEM exportMDM integrationCompliance reporting
Layer underneathDefense Engine

The same 11-crate Rust engine. Same detection. Same Gate. Same Kill Switch.

Two-surface pipeline. Four-model ensemble. Execution Gate. VOAF-sealed evidence. TAP and VARP. Every capability on the consumer product is available to the enterprise, because it is the same code.

Two-surface pipelineFour-model ensembleExecution GateKill SwitchVOAF evidenceWARDEN standard

No forks. No lite versions. What your CISO ships is what the engineers ship. What the engineers ship is what the founder runs on his laptop.

Enterprise capabilities

What the admin layer actually does.

Enterprise buyers do not need a new product. They need the governance, compliance, and integration surface that turns an endpoint tool into an enterprise deployment. These are the capabilities the admin layer adds above the defense engine.

Capability 01
Central policy authoring
Write policy once. Deploy to every Vigil endpoint in your org. Role-based policy tiers. Per-business-unit overrides. Policy preview and simulation before rollout.
  • Policy-as-code
  • Tiered roles
  • Simulation mode
  • Version history
Capability 02
Identity and access
Okta, Azure AD, Google Workspace, Ping. SCIM provisioning. Automatic deprovisioning on exit. Every Vigil identity bound to your corporate directory.
  • SAML and OIDC
  • SCIM 2.0
  • Group-based policy
  • JIT provisioning
Capability 03
SIEM and audit export
Splunk, Datadog, Sumo Logic, Elastic, Chronicle. Native VOAF export. CEF, LEEF, and JSON schemas. Every agent action discoverable by the team you already have.
  • VOAF native
  • CEF, LEEF, JSON
  • Real-time streaming
  • Retention controls
Capability 04
MDM and endpoint management
Jamf, Kandji, Intune, Workspace ONE. Push Vigil to every managed endpoint. Enforce policy without user override. Update cadence in your control.
  • Managed install
  • Policy lock
  • Update control
  • Offboarding wipe
Capability 05
Self-hosted or cloud
Run the policy server and admin console inside your VPC. Air-gapped deployment available for regulated environments. Cloud remains an option for everyone else.
  • VPC deployment
  • Airgap profile
  • Cloud option
  • Hybrid path
Capability 06
Incident response integration
ServiceNow, PagerDuty, Jira. Vigil events flow into your existing IR workflows. VOAF packages attach to tickets automatically. SOC analysts meet Vigil in tools they already use.
  • ServiceNow ticketing
  • PagerDuty routing
  • Jira integration
  • VOAF attachment
Integrations

Fits the stack you already run.

Vigil does not ask you to replace anything. It sits in the gap every other tool leaves, and forwards its signal into the tools your SOC, compliance, and IT teams already use.

Identity
SSO and SCIM
  • Okta
  • Azure AD / Entra
  • Google Workspace
  • Ping Identity
  • JumpCloud
  • OneLogin
SIEM
Log and audit
  • Splunk
  • Datadog
  • Sumo Logic
  • Elastic / ELK
  • Chronicle
  • Sentinel
MDM
Endpoint
  • Jamf
  • Kandji
  • Intune
  • Workspace ONE
  • Mosyle
  • Addigy
IR / ITSM
Workflow
  • ServiceNow
  • PagerDuty
  • Jira / Atlassian
  • Opsgenie
  • Slack / Teams
  • Zendesk
Deployment

Three models. Your choice.

Regulated firms need airgap. Fast-moving firms need cloud. Most firms need something in between. Vigil ships all three from the same codebase, priced on scale rather than model.

Model 01
Managed Cloud
Fastest path · Shared tenancy
Admin console, policy server, and audit store run on Vigil infrastructure. Customer data stays on endpoint devices. VOAF evidence forwarded to customer SIEM.
  • SOC 2 Type II (in scope)
  • Singapore, US, EU regions
  • Same-day provisioning
  • Standard SLA
Model 02
Private Cloud
Recommended · Dedicated tenancy
Control plane deployed in your VPC. Managed by Vigil or by your infrastructure team. Most common path for financial services, healthcare, and mid-market enterprises.
  • AWS, GCP, Azure
  • Customer-managed keys
  • Region-locked data residency
  • Dedicated SLA
Model 03
Self-hosted Airgap
Regulated · No outbound
Full stack installed inside your perimeter. No outbound calls to Vigil infrastructure. Threat intel delivered by signed offline update. For defense, government, regulated finance.
  • Airgap install
  • Offline threat intel
  • On-prem or VPC
  • Custom SLA
Compliance posture

Built for audit from the binary up.

VOAF sealing is not a compliance feature bolted on top. It is the default output of every action Vigil processes. Your auditor does not need to ask for evidence. It already exists, cryptographically, for every decision the engine has made.

· Shipping
VOAF audit trail
Cryptographically sealed, tamper-evident, third-party verifiable via vigil-verify without a Vigil dependency. Admissible in court and insurance.
· In scope
SOC 2 Type II
Audit in progress. Control framework mapped. Controls shipped. Attestation targeted for 2026. Report shareable under NDA on request.
· Filed
NIST RFI submission
Docket NIST-2025-0035, tracking mmk-190r-hvap. VOAF submitted as standards candidate. Architecture proposed as reference implementation.
· Ready
EU AI Act alignment
Article 26 human oversight. Article 72 logging and traceability. Vigil's pipeline, evidence format, and revocation primitives map to the act's operational requirements.
Design partner program · 2026

Ship Vigil inside your firm before your CISO has to ask.

Our 2026 design partners get direct engineering access, custom policy development, early access to Sentinel and WARDEN for internal deployments, and pricing locked at pre-GA rates for 24 months.

In exchange, we ask for one thing: a reference conversation with another CISO once you are in production.

Apply to the programJust talk to sales
Design partner slots10
Engineering accessDirect
Pricing lock24 months
Custom policy devIncluded
Min commitment12 months

Your agents are already inside. Ours is the layer that watches.

Schedule a 30-minute architecture review. We walk your team through the engine, the admin layer, and the deployment path that fits your regulatory profile.

Talk to salesBundle Vigil in your product →