Skip to main content
Live monitoring — no agents required

Know when your
vendors fail

Gjall monitors your critical vendors for outages, CVEs, and security incidents — and alerts you before your customers notice.

See how it works

14-day free trial · No credit card required · Cancel anytime

Monitoring vendors like

  • Stripe
  • GitHub
  • Okta
  • Twilio
  • Cloudflare
  • PagerDuty
Simple setup

Up and running in minutes

No agents, no SDKs, no configuration headaches.

  1. Add your vendors

    Paste a list of vendor names or import from your SaaS management tool. Gjall auto-classifies criticality using AI.

  2. We watch everything

    Status pages, NVD CVEs, CISA Known Exploited Vulnerabilities, breach feeds — monitored 24/7 in real time.

  3. Get alerted instantly

    Slack, Microsoft Teams, email, or your own webhook — with AI-prioritized context so you know what actually matters.

Platform

Everything your security team needs

Built for compliance-driven startups and security teams.

  • AI Triage

    Claude analyzes each alert in context of your vendor criticality and answers: does this actually affect me?

  • EPSS Scoring

    Exploitation probability from FIRST, not just CVSS severity. Know which CVEs attackers are actually using.

  • Audit Reports

    One-click SOC 2 evidence packages with control mapping. Auditors love it.

  • Risk Scoring

    Track vendor health over time with an A–F rating based on historical incident and CVE data.

  • Auto-deprovisioning

    GDPR-ready data lifecycle management. Automatically clean up customer data on subscription end.

  • Multi-channel

    Slack, Teams, email, Linear issues, and signed webhooks. Alert where your team already works.

Compliance

Built for compliance-driven teams

Gjall maps every alert to the controls your auditor cares about.

SOC 2 Type II

  • CC9.2 — Vendor risk assessment
  • CC7.1 — Security monitoring
  • CC7.2 — Incident detection
  • CC7.3 — Incident response
  • A1.1 — System availability monitoring

ISO 27001

  • A.5.19 — Information security in supplier relationships
  • A.5.22 — Monitoring and review of supplier services
  • A.8.8 — Management of technical vulnerabilities
  • A.5.26 — Response to information security incidents
Pricing

Simple, transparent pricing

14-day free trial on all plans. No credit card required.

Starter

$49/month

For lean teams monitoring their critical vendors.

  • Up to 15 vendors
  • Slack + email alerts
  • 7-day alert history
  • CVE + status page monitoring
  • Basic audit reports
Most popular

Pro

$149/month

For security-conscious teams with compliance needs.

  • Up to 50 vendors
  • All alert channels
  • 90-day alert history
  • AI triage + EPSS scoring
  • Full audit reports + control mapping
  • Linear integration
  • Risk scoring A–F

Enterprise

$499/month

For organizations with complex vendor portfolios.

  • Unlimited vendors
  • Everything in Pro
  • 1-year alert history
  • Custom webhook + SSO
  • Auto-deprovisioning
  • Dedicated support
  • SLA guarantee
Contact sales

Frequently asked questions

What vendors can I monitor?
Any vendor with a Statuspage.io-compatible status API, and any vendor with CVEs in NIST NVD or CISA KEV. That covers the vast majority of SaaS providers. You can also monitor custom vendors by providing keywords.
Does Gjall store my vendor data?
Gjall stores the list of vendors you choose to monitor and the alerts generated for them. We never access your vendors' services on your behalf — we only scrape public status pages and feeds.
Will AI train on my data?
No. AI triage uses only anonymized vendor names and public CVE/alert data. Your company name, email, and internal context are never sent to any AI provider.
How does SOC 2 compliance work?
Gjall generates audit-ready JSON reports that map to SOC 2 Trust Services Criteria (CC9.2, CC7.1–CC7.3, A1.1). Export on demand — no manual evidence collection.
Can I export my data?
Yes. All alert history and reports are exportable as JSON. Enterprise customers can configure automatic S3 export.