Protect your domain, your inbox, and your team.

Vilkax for business — compliance-aware monitoring, AI-tiered threat triage, and a domain-scoped pulse you can share with legal, security, and BD without redaction.

Request access Talk to support

Already a customer? Sign-in lands here once SSO + magic-link auth ship.

Domain pulse

Your domain's threat posture

Live count of how many of your team registered, how many appear in known breaches, how many show up on disposable-mail lists, and what their composite risk distribution looks like.

PII-safe by design

Compliance-grade redaction

Every endpoint serving this dashboard ships email_column_touched=false — domains and aggregates only. Screenshots are safe to forward to legal without manual redaction.

Multi-AI triage

Tiered AI shield

Every inbound message routes through a Claude → Workers AI → in-house KB → template chain. The tier that answers is voted on by recipients, so the model with the best thumbs-up share wins the next round.

Live defence layers

—

probing layers…

Active layers right now. Green = live, grey = roadmap.

What you'll see

domain-scoped, refresh in real time

Top your-domain signups — domain-leaderboard scoped to your verified domain, not the whole platform.
Encryption coverage % — how many of your team's records are AES-256-GCM encrypted at rest.
Retention age buckets — 0-7d / 7-30d / 30-90d / 90d+ so you can prove GDPR / CCPA posture in one screenshot.
Breach exposure % — fraction of your team marked in HIBP, with the option to alert affected users via the same template chain the wolf uses.
Daily acquisition sparkline — 30-day trend per your domain (lets you spot spear-phishing waves).
Hour-of-day distribution — when does suspicious activity hit your domain?
OSINT provider mix — which enrichment sources tagged each row (EmailRep / HIBP / SEON).
Risk-mix segmented bar — low / medium / high / unscored, scoped to your domain.

Why Vilkax for business

all in-house, all auditable

No external chart libs. Every visualisation in the dashboard is in-house SVG / CSS — your data never crosses an embed iframe.
No third-party tracker. No Google Analytics, no Segment, no Hotjar. The only third-party load is Google Fonts (Manrope) and Cloudflare Turnstile (captcha).
Sovereign at-rest encryption. AES-256-GCM with a server-side key you can rotate any time.
Multi-AI A/B routing. Live thumbs-up ratio per model decides which engine answers next ticket — your team votes on quality, not us.
Domain-only PII posture. Even the operator dashboard surfaces emails as al★★★@example.com; the business view never touches the email column at all.

Plans

Free for individuals · Enterprise for your domain

Want a domain-scoped pulse for your company? [email protected]