Stop chasing 250,000 CVEs
Focus on the ones being exploited
Are you in scope for NIS2 / DORA?
Find out if the directives apply to your organisation and how ready you are, with an indicative per-domain gap analysis mapped to NIS2 Article 21 and the DORA pillars.
Cloud or On-Premises — Both Free During Early Access
Choose the deployment that fits your security requirements. Both modes are free during Early Access.
Cloud
Managed platform at app.sentrikat.com. We handle infrastructure, updates, and backups.
On-Premises
Deploy on your own infrastructure via Docker Compose. Your data never leaves your network.
Both modes use the same vulnerability intelligence, compliance reports, and agent technology.
Most scanners tell you what's wrong.
SentriKat tells you what's actually fixed.
Traditional vulnerability scanners generate thousands of alerts with no context on which ones are already resolved by vendor patches. SentriKat automatically tracks vendor advisories so you only act on what's real.
Automatic Vendor Advisory Sync
SentriKat queries 4 vendor feeds daily and cross-references them against your inventory. When Red Hat backports a fix or Microsoft pushes a KB, SentriKat knows automatically.
Three-Tier Confidence System
Every vulnerability gets a confidence tier based on automated vendor analysis. Amber items stay visible for legal compliance. Green items are auto-acknowledged.
Distro-Native Version Comparison
SentriKat understands how your OS compares package versions. No generic string comparison -- real package manager logic for accurate results.
2.31-13+deb11u7 > 2.31-13+deb11u5 4.18.0-425.19.2.el8_7 > 4.18.0-425.3.1 1.36.1-r15 > 1.36.1-r2 Everything Included. No Add-Ons.
Windows, Linux, macOS, container scanning, NIS2 compliance reports, and executive PDFs — all included in the Professional Edition. No separate modules, no hidden costs.
Integrates with Jira, YouTrack, GitHub, GitLab, Slack, Microsoft Teams, and any SIEM via syslog / CEF / LEEF. Single Sign-On via SAML 2.0 (Keycloak, Azure AD, Okta, Google Workspace). User directory sync via LDAP and Active Directory.
Typical Enterprise Scanner
$10,000+/yr
Per module add-on
SIEM + Compliance
Extra modules
Custom pricing
SentriKat
All Included
Free during Early Access / €59/mo (Cloud) or €4,999/yr (On-Prem)
Don't trust us.
Trust the verification.
SentriKat is the only vulnerability management that verifies itself. An independent oracle re-checks every detection with a comparator that doesn't share the engine's code — plus a golden corpus built from your own inventory as a continuous regression proof. You see the result in-app, every week, on your data.
Ground-truth distro cross-check
Every detection is re-tested against independent distribution advisory data — the vendor's own source of truth — not the same feed the engine already used. If the two disagree, it's flagged.
Independent comparator — anti-false-positive
A second comparator that shares none of the detection engine's code re-derives each match. Anything the engine reports but the comparator can't confirm is surfaced as a discrepancy.
Independent comparator — anti-false-negative
The same independent comparator works the other direction: anything it finds that the engine missed is caught, so a silent gap in recall can't slip through unnoticed.
Golden floor on your top apps
A golden corpus generated from your real inventory becomes a continuous regression floor — the detections that must never break. Every run re-proves them, so an upgrade can't quietly regress coverage.
One line your auditor understands
No dashboards to interpret, no analyst required. The self-check runs on your instance — including fully air-gapped — and reports a single verdict you can act on and defend.
Detection agrees with the independent references. False-positive gate, recall floor and ground-truth cross-check all passed.
From deployment to protection in minutes
SentriKat is designed to be simple. No complex setup, no steep learning curve.
Deploy SentriKat
Self-host with Docker in minutes. Single command to get started. Your data, your infrastructure.
docker compose up -d
Import Your Inventory
Deploy agents on Windows, Linux, or macOS. Integrate with Lansweeper, SCCM, Intune, or import a CSV.
# Windows Agent .\sentrikat-agent.ps1 -Install
Automatic Matching
SentriKat syncs CISA KEV + ENISA EUVD daily and enriches CVSS scores from NVD, CVE.org, and EUVD with automatic fallback. No single point of failure.
# Daily sync at 2 AM UTC [KEV] 3 exploited vulns matched [EUVD] 1 EU-flagged vulnerability [CVSS] NVD -> CVE.org -> EUVD fallback
Multi-Platform Scanning
Native agents for Windows, Linux, and macOS collect installed software. On endpoints running Docker or Podman, container images are automatically scanned too.
# Windows: 142 products detected # Linux: 87 packages (dpkg) # macOS: 63 applications # Containers: 12 images scanned [OK] 3 HIGH, 1 CRITICAL found
Act on Real Threats
Get alerted via email, Slack, Microsoft Teams, or any SIEM via syslog/CEF/LEEF. Open tickets automatically in Jira, YouTrack, GitHub, or GitLab. Prioritize by severity, due dates, and ransomware indicators.
# Critical: CVE-2024-3400 # Due: 7 days | Ransomware: Yes # -> Jira SK-142 created, SIEM notified
All plans free during Early Access
During Early Access, every plan is free — you get each plan's features with its Early Access agent and user limits (the “EA limits” shown on every card). No credit card required. You'll only pay when Early Access ends, and existing subscribers are grandfathered at today's price.
Starter
- Email alerts
- EPSS + KEV prioritization
- CSV/Excel export
- Community support (email & portal)
Pro
- SBOM export (CycloneDX / SPDX / STIX)
- NIS2, DORA & BOD 22-01 reports
- SIEM integration
- Jira / GitHub / GitLab / YouTrack
- Remediation assignments + SLA
- Priority support (1 business day)*
Business
- Everything in Pro
- SSO / LDAP / SAML
- Multi-tenant + white-label
- Executive PDF reports
- Phone + scheduled calls*
Enterprise
- Custom SLA
- On-premises deployment
- Onboarding & training*
- Custom support agreement*
Unlocks PCI-DSS v4.0, ISO/IEC 27001:2022 and SOC 2 gap-analysis reports (HMAC-signed, JSON or PDF) on top of any Pro, Business or Enterprise plan.
All plans free during Early Access. Agent and user limits vary by plan.
No credit card required. Future prices in EUR, excl. VAT.
Existing subscribers are grandfathered at their original price.
*During Early Access, support is provided via email and tickets through the
Customer Portal.
Dedicated support tiers (priority SLA, phone, onboarding) will be available after Early Access.
Community Edition
Try the platform with limited capacity
- 10 Agents (Windows, Linux, macOS)
- 3 Users
- 1 Organization
- 100 Products
- Daily KEV Sync
- Basic Dashboard
- Container Scanning
- Multi-tenant
- Email Alerts + Webhooks
- LDAP/AD/SAML SSO
- Compliance Reports
- SIEM Integration
Professional
Full-featured on-premises — all features unlocked
- 10 Agents (Early Access limit)
- 3 Users (Early Access limit)
- Unlimited Organizations
- Unlimited Products
- All vulnerability intelligence sources
- NIS2, DORA, BOD 22-01 reports
- SIEM/Syslog integration
- Jira, GitHub, GitLab integration
- Multi-tenant + White-Label
- LDAP/AD/SAML SSO + TOTP 2FA
- Air-gapped deployment
- Backup/Restore + Docker deploy
Agent Packs (available after Early Access)
Need more agents? Add capacity to your Professional license.
Compare Cloud Plans
Everything you need to choose the right plan.
| Feature | Starter | Pro | Business | Enterprise |
|---|---|---|---|---|
| Agents (Early Access) | 10 | 25 | 50 | Custom |
| Agents (after EA) | 25 | 100 | 500 | Unlimited |
| Users (Early Access) | 3 | 5 | 10 | Custom |
| Agent Discovery (OS, browser, IDE, containers) | ||||
| Code Dependency Scanning | ||||
| Version-Verified CVE Dashboard | ||||
| Remediation Actions Widget | ||||
| Email Alerts | ||||
| SBOM Export (CycloneDX / SPDX / STIX) | — | |||
| NIS2, DORA & BOD 22-01 Reports | — | |||
| Compliance Pack — PCI / ISO 27001 / SOC 2 | — | Add-on | Add-on | Add-on |
| Remediation Assignments + SLA | — | |||
| SIEM Integration | — | |||
| Jira / GitHub / GitLab / YouTrack | — | |||
| SSO / LDAP / SAML | — | — | ||
| Multi-Tenant | — | — | ||
| White-Label | — | — | ||
| On-Premises Deployment | — | — | — | |
| Custom SLA | — | — | — | |
| Support (after EA)* | Email (1 bd) | Email + Calls | Custom SLA |
What changes with SentriKat
Stop spending hours on manual triage. Here's what your team gets on day one.
| Without SentriKat | With SentriKat | |
|---|---|---|
| CVEs to triage | Every CVE ever published | Only confirmed exploited vulnerabilities |
| CVE triage time | 40+ hours/month manual work | Automated daily — minutes, not hours |
| False positive rate | High noise from generic scanners | Vendor patch detection filters resolved CVEs |
| Starting price | $10,000 – $50,000+/yr | Free during Early Access |
Questions about Early Access, custom needs, or partnership?
Contact usFrequently asked questions
Everything you need to know about Early Access and the platform.
Join the Early Access Program
Get full access to SentriKat for free. No credit card, no commitment. Limited to 30 Cloud (SaaS) organizations.
Early Access is free with no time limit. When pricing goes live, you'll be notified in advance and can choose to upgrade or continue with a free tier.