How It Works — Xigilant Managed Cloud Security

~10 minutes

Connect your cloud account

Grant Xigilant read-only access via a scoped role in your cloud account. No agents, no code changes, no infrastructure to manage. We never get write access — ever.

One simple onboarding template — no manual setup
Read-only role with least-privilege permissions
External ID prevents third-party spoofing attacks
Your data never leaves your cloud account

~10 minutes

We activate your security tools

Xigilant enables native threat detection, finding aggregation, and vulnerability scanning across all your target regions — then runs the first Xigilant Posture Check baseline across 400+ controls.

Threat detection enabled and tuned to reduce noise
Finding aggregation configured as the central hub
Vulnerability scanning across compute, containers, and serverless
Xigilant Posture Check baseline: 400+ checks across all regions

Ongoing

Continuous monitoring begins

From this point, Xigilant monitors your environment continuously. Threat detection watches in real time. Xigilant Posture Checks run on your configured schedule. Every finding is normalised, deduped, and prioritised.

Real-time threat detection alerts
Daily or weekly Xigilant Posture Checks
Deduplication removes noise from repeated findings
Severity scoring with CRITICAL → LOW prioritisation

Business hours or 24/7

Analysts review and triage

Xigilant analysts review every non-trivial finding before it reaches you. We suppress false positives, escalate critical issues immediately, and provide root cause context that automated tools can't.

Human review of all HIGH and CRITICAL findings
False positives suppressed before you see them
Immediate escalation for critical threats
Root cause analysis and plain-English remediation steps

Always

You stay audit-ready

Your compliance scorecard is updated in real time. Every control is mapped to the frameworks you care about. When an auditor asks for evidence, you download a report — not scramble for weeks.

Live scorecards for SOC 2, PCI-DSS, HIPAA, CIS
Every finding mapped to specific control IDs
Monthly posture reports generated automatically
Evidence package ready for auditors on demand

Capabilities

Cloud-native. Zero proprietary agents.

We activate and manage native cloud security capabilities — combined with Xigilant's own built-in posture checks. No lock-in, no agents, no complexity.

Threat Detection

Real-time Monitoring

Monitors audit logs, network flows, and DNS activity
Detects credential abuse, recon, and crypto mining
Machine learning baseline calibrated to your environment
Alerts within minutes of anomalous activity

Finding Aggregation

Security Posture

Central view for all security findings across your environment
Normalises findings from all detection sources into one feed
Tracks compliance status per framework in real time
Cross-account and cross-region aggregation

Vulnerability Triage

Risk Prioritisation

Continuous scanning — not periodic snapshots
OS and application vulnerabilities (CVEs) across compute
Container image scanning for known vulnerabilities
Serverless function vulnerability analysis

Xigilant Posture Checks

Built-in Compliance

400+ built-in checks across SOC 2, PCI-DSS, HIPAA, and CIS
Runs via read-only role — no agent needed
Detects access misconfigs, public resources, and encryption gaps
Every result mapped to specific compliance control IDs

We only have read-only access. Always.

Our access role is scoped to the minimum permissions needed to read your security posture. We cannot create, modify, or delete any resource in your environment.

Read-only access role

Scoped to read-only permissions — no write access, ever.

External ID protection

Prevents third-party spoofing attacks on our access role.

Full audit trail

Every Xigilant action is logged to your cloud provider's audit trail.

From zero to fully monitored in under 30 minutes