The Continuous Threat Exposure Management platform that discovers real vulnerabilities with 80+ security tools, correlates them with KEV & EPSS exploit intelligence, and delivers them through one multi-tenant portal built for MSSPs.
A two-minute tour of the platform — from attack surface discovery to AI-enriched findings and board-ready reports.
Most platforms validate whether your defenses work. SentraLens goes further — we discover what is actually broken, using the same tools real attackers use.
Ten core capabilities, purpose-built for security teams that need real results — not compliance checkboxes.
Automated reconnaissance with subdomain enumeration, port scanning, technology fingerprinting, WHOIS, DNS, SSL analysis, and vulnerability detection across your entire perimeter.
Ask your findings questions. Genie enriches every vulnerability with context, prioritizes by exploitability, and generates remediation guidance using multi-model AI orchestration.
Lightweight Probe agents inside your network for internal vulnerability assessment, lateral-movement detection, and continuous exposure monitoring — no VPN headaches.
Realistic phishing campaigns with customizable templates, landing pages, credential-harvesting tracking, and employee awareness reporting — all within the same platform.
Drag-and-drop report builder with section templates, severity charts, and one-click PDF/HTML export. Generate board-ready reports that tell the story your leadership needs.
Manage multiple clients from a single pane. License only the modules you need. Full tenant isolation, RBAC, and role-based access designed for managed security providers.
Probes collect installed packages from every host automatically. The platform correlates them against mirrored NVD/OSV CVE feeds with distro-aware version comparison — telling you which host needs which patch, enriched with KEV and EPSS scores.
Findings are mapped to MITRE ATT&CK tactics and chained into kill-chain stages. See how an attacker would move from initial access through lateral movement to impact — across both external and internal scan results.
Open a live terminal to any probe directly from the SaaS UI — no VPN, no SSH keys, no inbound ports. The probe initiates outbound, passing through firewalls. Full PTY with idle and session timeouts.
Store encrypted credentials (web login, HTTP headers, Git tokens) and attach them to scans. Playwright replays browser logins for SPAs. Nuclei, ZAP, and Katana receive auth headers automatically — finding vulnerabilities behind login pages no anonymous scanner will ever see.
From discovery to executive reporting, SentraLens automates the entire CTEM lifecycle.
Map your entire external and internal attack surface automatically. Subdomains, IPs, ports, technologies, and certificates — nothing hides.
Orchestrate 80+ tools across 8 engines in parallel. Real vulnerability detection, not simulated probes. Full CVE correlation.
AI enriches every finding with exploitability scores, attack path context, and prioritized remediation steps. Ask Genie anything.
Generate board-ready PDF reports with the visual editor. Scheduled recurring scans keep your exposure data continuously fresh.
Other platforms simulate attacks. SentraLens runs a real detection pipeline that correlates CVE feeds with your actual installed packages, then ranks findings by exploit intelligence — not guesswork.
OSV.dev bulk feeds, NVD 2.0 API, and GHSA advisories are continuously mirrored into a local, tenant-isolated database. Distro-aware version comparators for Debian, Ubuntu, RHEL, Alpine, and more. No internet calls during scans.
Every finding is enriched with CISA KEV (Known Exploited Vulnerabilities) and FIRST.org EPSS exploit probability scores. A CVSS 7.2 that's actively exploited beats a CVSS 9.8 that no one can weaponise. Prioritise the real fires first.
The on-prem Probe collects the real installed package list from every Linux host via SSH. We compare installed versions against mirrored CVE data and tell you which host needs which patch, not just which CVE exists in the world.
Subfinder, Amass, Nmap, Naabu, Masscan, Nuclei, Dalfox, CRLFuzz, Katana, theHarvester, WHOIS, Nikto and more — all orchestrated by Celery with bounded retries, per-tenant module gating, and per-scan credential resolution.
Findings from the external attack surface and internal probes are joined into unified risk stories. When a harvested employee email from an OSINT scan matches a credential on an internal host, you see one finding with the full chain — not two disconnected alerts.
Every finding has an owner, a due date, a status, and an audit trail. Assign, suppress, resolve, export — and when rules match, suppressions apply automatically on the next scan. No more CSV dumps to a ticket system that never closes.
Findings inbox with KEV filter chip, severity tiles, and per-host patch correlator output.
7 independently licensable modules. Asset management and reporting are core to every plan — mix modules to build the exact security stack your organization requires.
Subdomain enumeration, port and technology fingerprinting, OWASP Top 10, Nuclei, Dalfox, CRLFuzz, Katana — external discovery and web application scanning in one module.
On-prem Probe agent with credentialed remote inventory via SSH, host patch correlation, port and service discovery. Outbound-only, no inbound firewall rules.
Full campaign management — templates, landing pages, SMTP profiles, IMAP monitoring, target groups, directory, leaderboard, training, compliance reporting.
8 compliance frameworks mapped (ISO 27001, SOC 2, ISO 42001, PCI DSS 4.0, NIST CSF 2.0, UAE NESA, ADHICS, UAE PDPL), tenant-scoped audit log, and evidence export for auditors.
Mirrored CVE feeds from OSV.dev, NVD and GHSA, enriched with CISA KEV and FIRST.org EPSS scores. Patch correlation against real installed packages.
Static application security testing with Semgrep (600+ OWASP rules) and Gitleaks secret detection. Source repository cloning, dependency analysis, and SAST-to-DAST correlation across scan results.
Genie — multi-model AI enrichment with a 4-layer guardrail pipeline. Auto-generated remediation, narrative reports, and a chat assistant that answers questions about your findings.
Asset management (domains, subdomains, IPs, ports, technologies), 8 report templates with a visual editor, multi-tenancy with 4-layer isolation, and the full CTEM workflow — scope, discover, prioritize, validate, mobilize.
Licensed Modules panel in Settings — per-tenant enforcement visible at a glance. Module state is checked at the gateway, orchestrator, and UI layers on every request.
Campaigns, realistic email templates, custom landing pages, SMTP + IMAP infrastructure, training assignments, and compliance reporting — without bolting on a second product.
Email template library — realistic lures, variables, and tracking pixels baked in.
Landing pages — credential-harvest simulations and automatic training redirects on capture.
SMTP + IMAP infrastructure — managed sending domains plus inbound monitoring for reported phishing.
Target groups & directory — sync from AD/IdP or import CSV; segment by department, geography, risk tier.
Training assignments — auto-enroll clickers; track completion alongside campaign metrics.
Compliance reporting — board-ready PDFs with click rates, training coverage, and risk improvement trends.
Included in the PHI module: Dashboard, Campaigns, Calendar, Target Groups, Directory, Leaderboard, Training, Email Templates, Landing Pages, Domains, SMTP Profiles, IMAP Monitor, Webhooks, Compliance, and Scheduled Reports.
C******e validates defenses. P****a proves exploitability. SentraLens discovers what is actually broken.
| Capability | SentraLens | Vendor C*** | Vendor P*** | Vendor H*** |
|---|---|---|---|---|
| External Attack Surface Discovery | ✓ Full | — | Limited | — |
| Real Vulnerability Scanning (80+ tools) | ✓ 80+ tools | — | Limited | — |
| Internal Network Scanning (Probe) | ✓ Outbound only | — | ✓ | — |
| Phishing Simulation | ✓ Integrated | ✓ | — | — |
| AI-Powered Intelligence | ✓ Multi-model | Basic | Basic | — |
| Visual Report Editor | ✓ Drag-and-drop | — | — | — |
| Multi-Tenant / MSSP Portal | ✓ Native | Partial | — | — |
| Modular Licensing | ✓ 7 modules | — | — | — |
| Host Vulnerability / Patch Detection | ✓ Per-host | — | ✓ | — |
| Attack Path Visualization | ✓ MITRE-mapped | — | ✓ | — |
| 8 Compliance Frameworks (incl. UAE) | ✓ NESA/PDPL/ADHICS | Limited | — | — |
Multi-tenancy, supply-chain integrity, and audit trails engineered in from day one — not bolted on after the first incident.
Every row in every table is scoped to a tenant UUID. No single mistake can cause a cross-tenant leak:
shared-secret header that downstream services verify on every request — direct hits are rejectedtenantID as a mandatory parameter — enforced at compile time@require_tenant decorator enforced in CIOn-prem probes pull signed images and verify them before every self-update — no tag-swap attacks:
Sigstore cosign keyless signatures with baked-in public key in the probe binaryEvery mutating action — who, what, when, from which IP, with which result — is recorded append-only in the tenant-scoped audit log.
created_by, match history, and expiry datesGenie processes finding metadata through input sanitisation → policy filter → output review → audit log on every invocation.
SentraLens ships with controls, evidence collection, and report templates mapped to the standards below — so your auditors get what they need without spreadsheets.
Additional frameworks can be added on request — talk to us about your audit pack.
See what attackers see. Get a complimentary attack surface report for your organization — no commitment required.
See SentraLens in action. We will reach out within one business day.