Platform

Sentry

One portal for your pentests, CTEM findings and ASV scans

Sentry is Blackfoot's security testing platform: one secure portal where every technical engagement we deliver lands. Penetration test findings, continuous threat exposure management (CTEM) dashboards and PCI ASV compliance scans all live in the same place, so you see your security posture as one picture rather than a stack of disconnected PDFs. If Blackfoot has tested it, scanned it or monitored it, the results are in Sentry.

During a penetration test, findings appear in Sentry in real time as our consultants discover them — with critical and high-severity issues flagged during the test window, not in a report weeks later. You can message your consultant securely throughout the engagement, then download the board-ready report as a branded PDF or export the raw data. Findings stay in Sentry after delivery, so your team can assign owners, track remediation and compare results against previous engagements. A debrief session with your consultant rounds off every engagement.

One security testing platform, point-in-time and continuous

For CTEM subscribers, Sentry adds continuous visibility between tests. Module dashboards cover your discovered asset inventory and enriched findings, with AI-generated context on every result: a confidence assessment, severity re-ranked against real-world exposure, a contextual risk narrative specific to your environment and practical remediation guidance. Verification status shows which findings have been analyst-checked, and trend analysis tracks what is new, persisting or resolved from one run to the next. If you take PCI ASV scanning with us, your quarterly compliance scans are delivered and evidenced through the same portal.

Sentry is built for the people who have to act on findings as much as the people who commission the work. Security leads and IT teams use it to drive remediation through ticketing integrations and webhook notifications into their existing tools; compliance teams use its reporting, aligned to ISO 27001, PCI DSS and Cyber Essentials, as audit evidence on demand; executives get clear summaries without wading through technical detail.

Access to Sentry is included with every Blackfoot technical engagement and subscription — it is how we deliver, not an optional extra. Because point-in-time testing and continuous monitoring share one platform, each engagement builds on the last: pentest findings sit alongside continuous scan results, repeat engagements are compared like for like, and the exposure picture your CTEM subscription maintains directly informs the scope of your next test. Start with a single pentest and the same portal scales with you to a full continuous security programme, with your history intact.

What it does

Real-time pentest findings

Findings are uploaded as consultants discover them, with critical and high-severity issues flagged during the test window — so remediation can start before the report is written.

Direct consultant messaging

A secure message thread with your assigned consultant throughout the engagement. Ask questions about a finding while the tester is still on it.

Remediation tracking and trends

Assign owners, track fixes to closure and compare results across engagements and scans to evidence measurable improvement over time.

AI-enriched CTEM dashboards

Asset inventory and findings enriched with confidence assessment, context-driven severity re-ranking, a risk narrative specific to your environment, remediation guidance and analyst verification status.

Compliance-aligned reporting

Reports mapped to ISO 27001, PCI DSS and Cyber Essentials, downloadable as branded PDFs or raw data — audit evidence on demand, including ASV compliance scans.

Fits your workflow

Ticketing integrations and webhook notifications push findings into the tools your team already uses, so nothing waits in a portal to be noticed.

Frequently asked questions

Straight answers to what prospective clients ask us most.

Is Sentry included with a penetration test?

Yes — every Blackfoot engagement is delivered through Sentry at no extra cost. Your project owner has access during the engagement and for 90 days afterwards, and findings remain accessible for remediation tracking and historical comparison in line with our retention policy.

Can I export reports and data from Sentry?

Yes. Every engagement includes a branded, board-ready PDF report, and you can also download the raw findings data for use in your own tooling. Compliance-aligned reports for ISO 27001, PCI DSS and Cyber Essentials are available on demand.

Does Sentry integrate with our ticketing tools?

Yes. Sentry supports ticketing integrations and webhook notifications, so new and updated findings flow into your existing ITSM and messaging tools automatically rather than sitting unseen in a portal.

What does the AI enrichment in Sentry actually do?

Every CTEM finding is automatically assessed for confidence, re-ranked for severity using real-world context such as exposure and asset role, given a risk narrative specific to your environment, and paired with practical remediation guidance. On managed tiers, Blackfoot analysts verify flagged findings and suppress false positives before they reach your queue — and the verification status is visible on each finding.

See Sentry in action

Book a walkthrough with our team.