Sentinel scans your public IPs and domains the same way an attacker would. The report arrives in your inbox in under an hour, written in plain language a non-security person can act on.
Sentinel finds RDP open on a Windows Server somebody set up for a vendor in 2019. It catches Telnet still listening on a printer that nobody thought to retire. It surfaces SMB shares facing the public internet, and SSH on the default port with password authentication still enabled.
Sentinel detects Apache 2.2 from 2018 with a chain of unpatched CVEs. It identifies Exchange Server installations that are unpatched against ProxyShell, and WordPress sites running plugins with known vulnerabilities. Each finding lists the CVE, the fix, and whether public exploit code exists.
Sentinel finds admin/admin on router consoles facing the internet, default passwords on NAS units that should have been hardened, and SSH services that accept dictionary passwords. The credential test stops at the first match and nothing is exploited.
Sentinel reports expired TLS on admin panels, self-signed certificates on payment portals, and wildcard certificates covering subdomains the company forgot it owned. Each finding includes the correct replacement path with the corresponding ACME or vendor command.
CHF 2,870 yearly. Save 20 percent and cancel at the next monthly cycle.
The free tier auto-detects your residential IP. The Business tier accepts custom IPs and domains after ownership verification through DNS records or admin access.
A node in Frankfurt performs port discovery, service detection, CVE matching, and weak credential checks. End to end runtime is 30 to 60 minutes for a single target.
It also lands in the dashboard. Each finding carries severity, evidence, business impact, and step by step remediation that an IT generalist can follow.
The firewall blocks what you tell it to block. The scan tells you what is open. Most firewalls have a forgotten rule, an old port forward, or a service that should have been retired. Sentinel finds those before an attacker does.
Automated bots scan every IP on the internet several times per hour. Ransomware operators select targets by exposure, not by company size. A 20 person company with an unpatched VPN gateway exposes itself the same way a 5000 person company does.
Sentinel performs passive service detection and matches the results against the CVE database. Credential testing uses common default lists and stops at the first match. It does not exploit findings or modify anything on the target.
Shodan publishes raw scan data for anyone to query. Sentinel scans your specific systems on demand and writes a plain-language report a non-security person can act on the same afternoon. Different tools, different jobs.
You scan your own systems. The free tier only scans the IP your request originates from. The Business plan requires DNS or admin verification of ownership before custom targets are accepted. Fully legal under Swiss and EU law.
Free tier scan data is deleted 24 hours after the report is sent. Business plan data is retained for the duration of the subscription and encrypted at rest. The platform runs in Frankfurt and Swiss jurisdiction applies to the customer relationship.
The partner program is open to Swiss IT service providers, MSPs, security consultants, and system integrators with recurring service contracts. Partner rates are agreed in the application call. See the partner program.