What SAL SENTRY monitors
SENTRY watches six categories of signal. You don't need all six on day one — we turn on what fits your environment.
- Endpoints — laptops and servers. Catches ransomware behavior, malware, and suspicious process activity via a lightweight agent.
- Email — Microsoft 365 / Google Workspace. Catches phishing, account takeover, impossible-travel logins, and mailbox rule tampering.
- Cloud — AWS / Azure / GCP. Catches public storage exposure, risky IAM changes, and provider threat findings.
- DNS — catches connections to known-malicious domains and command-and-control traffic.
- Dark web — catches your credentials and domains appearing in breach dumps and leak markets.
- Website — catches attacks and anomalies against your public web presence.
Every alert that matters is analyzed and, when it's genuinely serious, escalated to a human on our side before any action is taken.
Back to all support articlesOr call (844) 946-0098 — we answer.