Built for European security teams. Auditable by design.
Everything a procurement officer, security reviewer, or DPO needs to evaluate SentriKat. No NDA required for public documents; the DPIA and pen-test summaries are available under NDA on request.
Last updated: 2026-04-17
Security
Architecture, application controls, and how data moves through the platform.
Security architecture
Transport encryption, password hashing, authentication, rate limiting, secrets at rest, agent key management.
Responsible disclosure
How to report a security issue, safe-harbor language, scope, and response-time commitments.
System status
Real-time availability, 90-day uptime history, incidents, email and RSS subscriptions.
Compliance
Where we stand against the frameworks that matter for European security teams.
Compliance matrix
GDPR, FADP, NIS2, DORA, EU Cyber Resilience Act, ISO/IEC 27001, SOC 2, PCI-DSS, BOD 22-01.
Security & compliance roadmap
Dated commitments on ISO 27001, SOC 2, pen test, disclosure program, DPIA, SBOM pipeline.
NIS2 readiness
How SentriKat maps to NIS2 Article 21 controls and Article 12 vulnerability-intelligence obligations.
Data processing
Legal documents and vendor relationships that govern customer data.
Data Processing Agreement
Pre-signed DPA covering SaaS processing. Download, counter-sign, return.
Sub-processors
Every third party we share customer data with, their purpose, location, and transfer mechanism.
Privacy policy
Lawful basis, retention, rights, international transfers, controller information.
Supply chain
Build provenance and third-party component transparency.
Need something not listed here?
Enterprise prospects can request the current DPIA, pen-test summaries, internal control narratives, or insurance certificates under a mutual NDA. Email [email protected] with the document you need — expect a response within two business days.