Early Access — All features free while spots last. Join Now

Stop chasing 250,000 CVEs
Focus on the ones being exploited

Only a small fraction of all CVEs are actively exploited in the wild — the few that actually matter. SentriKat matches your inventory against real-world exploitation intelligence, then verifies which CVEs your vendor patches have actually resolved — so you act on what’s real, not on noise. Ships CRA-ready SBOM exports (CycloneDX / SPDX / STIX) plus signed NIS2, PCI-DSS, ISO 27001 and SOC 2 reports out of the box. Available as Cloud or on-premises. Now in Early Access — all features free, limited spots.

1,300+
Actively exploited CVEs
8
Code Ecosystems
3-Tier
Vendor-patch verification
0 / 30
Organizations in Early Access
2 Modes
Cloud + On-Prem

Just want to check a domain? Try the free public security scan

In scope for NIS2 / DORA? Take the free 5-minute readiness check

European privacy standards
NIS2 reporting built-in
Your data stays yours
Auditable source code
OWASP ASVS L1
SentriKat Dashboard
SentriKat dashboard — overview with KEV monitoring, priority breakdown and top vendors SentriKat dashboard — detailed vulnerability list and remediation view
Free · ~5 minutes · No signup to see results

Are you in scope for NIS2 / DORA?

Find out if the directives apply to your organisation and how ready you are, with an indicative per-domain gap analysis mapped to NIS2 Article 21 and the DORA pillars.

Your Choice

Cloud or On-Premises — Both Free During Early Access

Choose the deployment that fits your security requirements. Both modes are free during Early Access.

Recommended

Cloud

Managed platform at app.sentrikat.com. We handle infrastructure, updates, and backups.

Free during Early Access — every plan's limits (up to 50 agents)
Zero infrastructure to manage
Automatic updates and security patches
4 plans: Starter → Pro → Business → Enterprise
EU data residency
Free during Early Access
Join Early Access

On-Premises

Deploy on your own infrastructure via Docker Compose. Your data never leaves your network.

100% data sovereignty — zero cloud dependency
Air-gapped deployment supported
Auditable agents (plain bash/PowerShell)
Free during Early Access — 10 agents, full features
Ideal for defense, government, healthcare
Free during Early Access
Request Access

Both modes use the same vulnerability intelligence, compliance reports, and agent technology.

Why SentriKat

Most scanners tell you what's wrong.
SentriKat tells you what's actually fixed.

Traditional vulnerability scanners generate thousands of alerts with no context on which ones are already resolved by vendor patches. SentriKat automatically tracks vendor advisories so you only act on what's real.

4
Vendor feeds synced daily
50K+
CPE mappings in KB
3
Confidence tiers
NIS2
Article 21 reports built-in

Automatic Vendor Advisory Sync

SentriKat queries 4 vendor feeds daily and cross-references them against your inventory. When Red Hat backports a fix or Microsoft pushes a KB, SentriKat knows automatically.

OSV.dev (open-source advisories)
Red Hat Security API
Microsoft MSRC
Debian Security Tracker
How it works
RH MS OS DB
SentriKat
12
Affected
28
Likely Resolved
156
Resolved

Three-Tier Confidence System

Every vulnerability gets a confidence tier based on automated vendor analysis. Amber items stay visible for legal compliance. Green items are auto-acknowledged.

AFFECTED No vendor fix detected
LIKELY RESOLVED Vendor fix detected, not verified
RESOLVED Fix confirmed via version check

Distro-Native Version Comparison

SentriKat understands how your OS compares package versions. No generic string comparison -- real package manager logic for accurate results.

Debian / Ubuntu (dpkg)
2.31-13+deb11u7 > 2.31-13+deb11u5
RHEL / CentOS (RPM)
4.18.0-425.19.2.el8_7 > 4.18.0-425.3.1
Alpine (APK)
1.36.1-r15 > 1.36.1-r2

Everything Included. No Add-Ons.

Windows, Linux, macOS, container scanning, NIS2 compliance reports, and executive PDFs — all included in the Professional Edition. No separate modules, no hidden costs.

Integrates with Jira, YouTrack, GitHub, GitLab, Slack, Microsoft Teams, and any SIEM via syslog / CEF / LEEF. Single Sign-On via SAML 2.0 (Keycloak, Azure AD, Okta, Google Workspace). User directory sync via LDAP and Active Directory.

Typical Enterprise Scanner

$10,000+/yr

Per module add-on

SIEM + Compliance

Extra modules

Custom pricing

SentriKat

All Included

Free during Early Access / €59/mo (Cloud) or €4,999/yr (On-Prem)

Detection Self-Check

Don't trust us.
Trust the verification.

SentriKat is the only vulnerability management that verifies itself. An independent oracle re-checks every detection with a comparator that doesn't share the engine's code — plus a golden corpus built from your own inventory as a continuous regression proof. You see the result in-app, every week, on your data.

Ground-truth distro cross-check

Every detection is re-tested against independent distribution advisory data — the vendor's own source of truth — not the same feed the engine already used. If the two disagree, it's flagged.

Independent comparator — anti-false-positive

A second comparator that shares none of the detection engine's code re-derives each match. Anything the engine reports but the comparator can't confirm is surfaced as a discrepancy.

Independent comparator — anti-false-negative

The same independent comparator works the other direction: anything it finds that the engine missed is caught, so a silent gap in recall can't slip through unnoticed.

Golden floor on your top apps

A golden corpus generated from your real inventory becomes a continuous regression floor — the detections that must never break. Every run re-proves them, so an upgrade can't quietly regress coverage.

Admin Health Detection Self-Check

One line your auditor understands

No dashboards to interpret, no analyst required. The self-check runs on your instance — including fully air-gapped — and reports a single verdict you can act on and defend.

0 discrepancies
last run · weekly

Detection agrees with the independent references. False-positive gate, recall floor and ground-truth cross-check all passed.

Deterministic · Zero AI at runtime · Runs air-gapped · Every week, on your data
How It Works

From deployment to protection in minutes

SentriKat is designed to be simple. No complex setup, no steep learning curve.

01

Deploy SentriKat

Self-host with Docker in minutes. Single command to get started. Your data, your infrastructure.

bash
docker compose up -d
02

Import Your Inventory

Deploy agents on Windows, Linux, or macOS. Integrate with Lansweeper, SCCM, Intune, or import a CSV.

powershell
# Windows Agent
.\sentrikat-agent.ps1 -Install
03

Automatic Matching

SentriKat syncs CISA KEV + ENISA EUVD daily and enriches CVSS scores from NVD, CVE.org, and EUVD with automatic fallback. No single point of failure.

sync.log
# Daily sync at 2 AM UTC
[KEV] 3 exploited vulns matched
[EUVD] 1 EU-flagged vulnerability
[CVSS] NVD -> CVE.org -> EUVD fallback
04

Multi-Platform Scanning

Native agents for Windows, Linux, and macOS collect installed software. On endpoints running Docker or Podman, container images are automatically scanned too.

scan.log
# Windows: 142 products detected
# Linux: 87 packages (dpkg)
# macOS: 63 applications
# Containers: 12 images scanned
[OK] 3 HIGH, 1 CRITICAL found
05

Act on Real Threats

Get alerted via email, Slack, Microsoft Teams, or any SIEM via syslog/CEF/LEEF. Open tickets automatically in Jira, YouTrack, GitHub, or GitLab. Prioritize by severity, due dates, and ransomware indicators.

actions.log
# Critical: CVE-2024-3400
# Due: 7 days | Ransomware: Yes
# -> Jira SK-142 created, SIEM notified
Early Access — Free

All plans free during Early Access

During Early Access, every plan is free — you get each plan's features with its Early Access agent and user limits (the “EA limits” shown on every card). No credit card required. You'll only pay when Early Access ends, and existing subscribers are grandfathered at today's price.

Early Access open — 30 Cloud spots available

Starter

€59/mo €0 /mo
Early Access — Free
10 agents · 3 users
  • Email alerts
  • EPSS + KEV prioritization
  • CSV/Excel export
  • Community support (email & portal)
Join Early Access
Most Popular

Pro

€249/mo €0 /mo
Early Access — Free
25 agents · 5 users
  • SBOM export (CycloneDX / SPDX / STIX)
  • NIS2, DORA & BOD 22-01 reports
  • SIEM integration
  • Jira / GitHub / GitLab / YouTrack
  • Remediation assignments + SLA
  • Priority support (1 business day)*
Join Early Access

Business

€649/mo €0 /mo
Early Access — Free
50 agents · 10 users
  • Everything in Pro
  • SSO / LDAP / SAML
  • Multi-tenant + white-label
  • Executive PDF reports
  • Phone + scheduled calls*
Join Early Access

Enterprise

€1499/mo €0 /mo
Early Access — Free
Custom · Custom
  • Custom SLA
  • On-premises deployment
  • Onboarding & training*
  • Custom support agreement*
Contact Us
Compliance Pack Add-on €199/mo Free during Early Access

Unlocks PCI-DSS v4.0, ISO/IEC 27001:2022 and SOC 2 gap-analysis reports (HMAC-signed, JSON or PDF) on top of any Pro, Business or Enterprise plan.

All plans free during Early Access. Agent and user limits vary by plan. No credit card required. Future prices in EUR, excl. VAT. Existing subscribers are grandfathered at their original price.
*During Early Access, support is provided via email and tickets through the Customer Portal. Dedicated support tiers (priority SLA, phone, onboarding) will be available after Early Access.

Compare Cloud Plans

Everything you need to choose the right plan.

Feature Starter Pro Business Enterprise
Agents (Early Access) 10 25 50 Custom
Agents (after EA) 25 100 500 Unlimited
Users (Early Access) 3 5 10 Custom
Agent Discovery (OS, browser, IDE, containers)
Code Dependency Scanning
Version-Verified CVE Dashboard
Remediation Actions Widget
Email Alerts
SBOM Export (CycloneDX / SPDX / STIX)
NIS2, DORA & BOD 22-01 Reports
Compliance Pack — PCI / ISO 27001 / SOC 2 Add-on Add-on Add-on
Remediation Assignments + SLA
SIEM Integration
Jira / GitHub / GitLab / YouTrack
SSO / LDAP / SAML
Multi-Tenant
White-Label
On-Premises Deployment
Custom SLA
Support (after EA)* Email Email (1 bd) Email + Calls Custom SLA

What changes with SentriKat

Stop spending hours on manual triage. Here's what your team gets on day one.

Without SentriKat With SentriKat
CVEs to triage Every CVE ever published Only confirmed exploited vulnerabilities
CVE triage time 40+ hours/month manual work Automated daily — minutes, not hours
False positive rate High noise from generic scanners Vendor patch detection filters resolved CVEs
Starting price $10,000 – $50,000+/yr Free during Early Access

Questions about Early Access, custom needs, or partnership?

Contact us
FAQ

Frequently asked questions

Everything you need to know about Early Access and the platform.

Join the Early Access Program

Get full access to SentriKat for free. No credit card, no commitment. Limited to 30 Cloud (SaaS) organizations.

All plans free during Early Access. Limits vary by company size (10–50 agents).

This is the plan you'd be interested in once Early Access ends. Helps us understand demand and pre-fills your upgrade path later. All features are available during EA regardless of choice.

256-bit encryption
GDPR Compliant
No credit card

Early Access is free with no time limit. When pricing goes live, you'll be notified in advance and can choose to upgrade or continue with a free tier.