Compliance & enterprise usage
This document describes how vigil aligns with compliance frameworks and how to integrate it into enterprise environments that use AI agents to generate code.
Why vigil in an enterprise environment
Organizations adopting AI agents (Copilot, Cursor, Claude Code, ChatGPT) to generate code face new risks that traditional SAST tools do not cover:
- Supply chain via hallucinations: Agents invent package names. An attacker can register that name with malware.
- Example secrets in production: Agents copy values from documentation (
"your-api-key-here") that end up in production. - Auth without controls: Agents generate functional endpoints but without authentication middleware.
- Cosmetic tests: Agents generate tests that pass but do not verify anything real.
vigil detects these 4 patterns in a deterministic, auditable manner without dependency on external AI APIs.
Compliance framework alignment
OWASP Top 10 for LLM Applications (2025)
vigil aligns directly with 3 categories of the OWASP Top 10 for LLM Applications:
| OWASP Category | vigil rules | Coverage |
|---|---|---|
| LLM02 — Sensitive Information Disclosure | SEC-001, SEC-002, SEC-003, SEC-004, SEC-006, AUTH-004 | Detects hardcoded secrets, placeholders, connection strings with credentials |
| LLM03 — Supply Chain Vulnerabilities | DEP-001, DEP-002, DEP-003, DEP-005, DEP-007 | Detects hallucinated dependencies, typosquatting, suspiciously new packages |
| LLM06 — Excessive Agency | AUTH-001, AUTH-002, AUTH-005, AUTH-006 | Detects endpoints without auth, permissive CORS, insecure cookies |
EU Cyber Resilience Act (CRA)
The CRA requires that products with digital components be secure “by design”. vigil contributes to:
| CRA Requirement | How vigil contributes |
|---|---|
| Vulnerability management in third-party components | DEP-001 to DEP-007 verify that dependencies exist, are legitimate, and are not typosquatting |
| Protection of stored and in-transit data | SEC-001 to SEC-006 detect hardcoded credentials that compromise data |
| Adequate access control | AUTH-001 to AUTH-007 detect endpoints without authentication and permissive configurations |
| Adequate testing | TEST-001 to TEST-006 (when implemented) will detect tests that verify nothing |
SOC 2 Type II
| Trust Service Criteria | Relevant vigil rules |
|---|---|
| CC6.1 — Logical access controls | AUTH-001, AUTH-002, AUTH-005, AUTH-006 |
| CC6.6 — External threats | DEP-001, DEP-002, DEP-003 (supply chain) |
| CC6.7 — Credential management | AUTH-004, SEC-001, SEC-002, SEC-003, SEC-004, SEC-006 |
| CC7.1 — Vulnerability management | All DEP- rules for supply chain |
ISO 27001:2022
| Control | Relevant vigil rules |
|---|---|
| A.8.25 — Secure development lifecycle | Integrate vigil in CI/CD as a quality gate |
| A.8.26 — Application security requirements | AUTH-001 to AUTH-007 verify access controls |
| A.8.28 — Secure coding | SEC-001 to SEC-006 detect secrets in code |
NIST Cybersecurity Framework (CSF) 2.0
| Function | Category | vigil rules |
|---|---|---|
| Identify | Asset Management | DEP-001 to DEP-007 (dependency inventory) |
| Protect | Access Control | AUTH-001 to AUTH-007 |
| Protect | Data Security | SEC-001 to SEC-006 |
| Detect | Continuous Monitoring | Integrate vigil in CI/CD pipelines |
Enterprise pipeline integration
Recommended pipeline
AI-generated code
|
v
[1. vigil scan] <- Detects AI-specific patterns
|
v
[2. Semgrep/Bandit] <- General-purpose SAST
|
v
[3. Snyk/Dependabot] <- CVEs in dependencies
|
v
[4. Gitleaks] <- Real leaked secrets
|
v
[5. Tests + Coverage] <- Functional quality
|
v
DeployStrategy per environment
| Environment | Strategy | --fail-on | Notes |
|---|---|---|---|
| Local development | relaxed | critical | Fast feedback without blocking |
| CI/CD (feature branch) | standard | high | Balance between speed and security |
| CI/CD (main/release) | strict | medium | Maximum rigor before production |
| Security audit | strict | low | Complete report for analysis |
GitHub Actions example (production)
- name: Security scan (AI-specific)
run: |
pip install vigil-ai-cli
vigil scan src/ \
--format sarif \
--output results/vigil.sarif \
--fail-on medium \
--config .vigil.strict.yaml
- name: Upload SARIF
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results/vigil.sarifSARIF format for security platforms
vigil produces reports in SARIF 2.1.0, compatible with:
- GitHub Code Scanning (native)
- GitLab Security Dashboard
- Azure DevOps
- SonarQube (via importer)
- Defect Dojo
- Snyk (via SARIF importer)
Audit reports
Generate a complete JSON report
vigil scan src/ --format json --output audit-report.jsonGenerate a SARIF report with CWE references
vigil scan src/ --format sarif --output audit-report.sarifPrivacy and security of vigil
- No telemetry: Does not send data to external servers.
- Deterministic: Does not use AI, ML, or external inference APIs.
- Limited HTTP: Only makes GET requests to public PyPI/npm APIs. Disabled with
--offline. - Local cache: Registry responses are cached in
~/.cache/vigil/registry/. - Auditable: Each rule is a defined pattern in code. No black boxes.
- No side effects: vigil only reads files. It never modifies code.
Air-gapped mode
vigil scan src/ --offlineEnterprise FAQ
Does vigil replace Semgrep/Snyk/SonarQube?
No. vigil detects patterns specific to AI-generated code that other tools do not cover. It is complementary.
How long does a scan take?
- 100 files: < 1 second (offline), < 5 seconds (with registry verification)
- 1000 files: < 5 seconds (offline), < 30 seconds (with cold cache)
Can it be used in monorepos?
Yes. vigil supports multiple paths and automatically prunes directories such as node_modules/, .venv/, etc.
How to exclude false positives?
Disable the rule or change its severity in .vigil.yaml:
rules:
AUTH-005:
enabled: false
# or change severity
AUTH-005:
severity: "low"