See the shape of what's allowed.
What Vigilia does
Vigilia analyses your security policy set — NIST 800-53, CIS Controls, PCI-DSS, ISO 27001, or your own uploaded rules — and tells you what's really there. Not whether you wrote down a policy, but what the policy actually prevents when you put all the rules together.
It is not a compliance checker. It is a geometry engine. It takes your rules as a system and computes the shape of what they let through and what they block.
How it works
- Load your policies. Use a built-in pack or upload CSV.
- Compute the permission surface. Every combination of role, resource, action, location, and sensitivity becomes a state. Each rule carves out a forbidden region.
- Report the findings. Which policies carry weight. Which are dead weight. Where attackers can move. What breaks if a rule changes.
What the tabs mean
- Overview — structural health at a glance: keystone policies, redundant controls, coverage gaps, fragility score.
- Controls — rule-by-rule analysis. Unique coverage, fragility class, fidelity score, recommended action.
- Probe — test a specific access scenario. Shows whether it's permitted or forbidden, which rules triggered, and which single change would flip the outcome.
- Attack Path — find routes through the permitted space. A sequence of single-property changes that individually pass every control but chains into a privilege escalation.
- Simulate — what-if analysis. Add a proposed control, remove an existing one, and see the before/after impact in one pass.
What Vigilia is not
Vigilia is not a SIEM. It does not watch traffic, correlate alerts, or respond to incidents. It does not tell you whether a specific user did something wrong. It tells you whether your policies could stop them from doing it in the first place.
Vigilia is not a legal opinion. Structural findings show what your rules, taken as a system, actually enforce. Regulatory attestation is a separate exercise.
Who we are
Vigilia is built by Ianura Research Initiative.
Questions, bug reports, or custom rule packs: cornelius@ianura.com