Product Overview

36 detection engines. 5-minute scans. Plain-English alerts.

SentinelSMB watches your Microsoft 365, Google Workspace, AWS, and Cloudflare accounts 24/7. Every alert explains what happened, how serious it is, and exactly what to do next — no jargon, no guesswork, no retainer.

Start 7-day free trial Run a free scan first
See It In Action

Your security posture, live. Not once a quarter.

Every five minutes, 288 times a day, our engines sweep your accounts, cloud, and email. Critical threats surface instantly. Normal activity gets filed away.

app.sentinelsmb.co/dashboard
Live
SentinelSMB dashboard at a 100 security score with 36 detection engines running and Google Workspace streaming live telemetry.
How It Works

From consent to answered alert in minutes.

No agent to install. No firewall to reconfigure. Connect once, and monitoring runs forever.

1

Connect

One-click OAuth for Microsoft 365 and Google Workspace. A read-only CloudFormation template for AWS. A scoped API token for Cloudflare. SentinelSMB never stores long-lived cloud credentials.

2

Baseline

We learn your normal activity patterns — sign-in locations, devices, work hours.

3

Scan

36 engines sweep your accounts every 5 minutes, 288 times a day, around the clock.

4

Triage

Detections pass through AI severity scoring (Anthropic Claude) so you only see what actually matters.

5

Alert & Respond

Plain-English alert with severity, evidence, and step-by-step guidance via SMS, email, Slack, or Teams.

36 Engines · 7 Categories

Every class of attack that hits small business, covered.

Each engine is purpose-built for a specific attack pattern we have seen hit SMBs repeatedly. Nothing generic, nothing noisy.

7 engines

Identity

Foreign sign-ins, impossible travel, brute force, credential stuffing, MFA bypass, admin escalation, dormant-account wake-up.

2 engines

Data

Bulk downloads, anomalous file access, sensitive content exfiltration across OneDrive, SharePoint, and Google Drive.

3 engines

Email

Silent forwarding rule hijacks, inbox rule manipulation, and OAuth consent abuse on the mailbox itself.

4 engines

Cloud

AWS IAM anomalies, Cloudflare config changes, shadow IT discovery, and cross-tenant OAuth app audit.

3 engines

Network

DNS tampering, SSL certificate changes, typosquat-domain registration targeting your brand.

3 engines

Threat Intelligence

URLhaus authoritative feed, HaveIBeenPwned credential exposure, AlienVault OTX threat-actor attribution.

14 engines

Behavioral & Advanced

Anomaly baselining, time-of-day drift, device-fingerprint changes, session-token anomalies, and more.

See all 36

Full catalog

Detailed description, severity scoring, and example alert for every engine. Browse engines →

See every engine →

Integrations monitored

Microsoft 365
Google Workspace
AWS
Cloudflare

Alert channels supported

SMS
Email
Slack
Microsoft Teams
Compliance Mapped

Every control mapped to the frameworks your customers and auditors ask about.

Pro subscribers get the Cyber Insurance Evidence Report — a 7-page audit-ready PDF generated from your real monitoring data, quarterly.

ABA Model Rule 1.6 IRS Publication 4557 FTC Safeguards SEC Reg S-P NAIC Model Law 668 CMMC 2.0 GLBA NIST 800-171 NY DFS 23 NYCRR 500 State breach notification
See the full compliance map →

Connect once. Monitor forever. Under 10 minutes.

7-day free trial. Credit card required. Nothing charges until day 8. Cancel in one click from the dashboard.

Start 7-day free trial See pricing