Platform
One portal for your pentests, CTEM findings and ASV scans
Sentry is Blackfoot's security testing platform: one secure portal where every technical engagement we deliver lands. Penetration test findings, continuous threat exposure management (CTEM) dashboards and PCI ASV compliance scans all live in the same place, so you see your security posture as one picture rather than a stack of disconnected PDFs. If Blackfoot has tested it, scanned it or monitored it, the results are in Sentry.
During a penetration test, findings appear in Sentry in real time as our consultants discover them — with critical and high-severity issues flagged during the test window, not in a report weeks later. You can message your consultant securely throughout the engagement, then download the board-ready report as a branded PDF or export the raw data. Findings stay in Sentry after delivery, so your team can assign owners, track remediation and compare results against previous engagements. A debrief session with your consultant rounds off every engagement.
For CTEM subscribers, Sentry adds continuous visibility between tests. Module dashboards cover your discovered asset inventory and enriched findings, with AI-generated context on every result: a confidence assessment, severity re-ranked against real-world exposure, a contextual risk narrative specific to your environment and practical remediation guidance. Verification status shows which findings have been analyst-checked, and trend analysis tracks what is new, persisting or resolved from one run to the next. If you take PCI ASV scanning with us, your quarterly compliance scans are delivered and evidenced through the same portal.
Sentry is built for the people who have to act on findings as much as the people who commission the work. Security leads and IT teams use it to drive remediation through ticketing integrations and webhook notifications into their existing tools; compliance teams use its reporting, aligned to ISO 27001, PCI DSS and Cyber Essentials, as audit evidence on demand; executives get clear summaries without wading through technical detail.
Access to Sentry is included with every Blackfoot technical engagement and subscription — it is how we deliver, not an optional extra. Because point-in-time testing and continuous monitoring share one platform, each engagement builds on the last: pentest findings sit alongside continuous scan results, repeat engagements are compared like for like, and the exposure picture your CTEM subscription maintains directly informs the scope of your next test. Start with a single pentest and the same portal scales with you to a full continuous security programme, with your history intact.
Findings are uploaded as consultants discover them, with critical and high-severity issues flagged during the test window — so remediation can start before the report is written.
A secure message thread with your assigned consultant throughout the engagement. Ask questions about a finding while the tester is still on it.
Assign owners, track fixes to closure and compare results across engagements and scans to evidence measurable improvement over time.
Asset inventory and findings enriched with confidence assessment, context-driven severity re-ranking, a risk narrative specific to your environment, remediation guidance and analyst verification status.
Reports mapped to ISO 27001, PCI DSS and Cyber Essentials, downloadable as branded PDFs or raw data — audit evidence on demand, including ASV compliance scans.
Ticketing integrations and webhook notifications push findings into the tools your team already uses, so nothing waits in a portal to be noticed.
Straight answers to what prospective clients ask us most.
Yes — every Blackfoot engagement is delivered through Sentry at no extra cost. Your project owner has access during the engagement and for 90 days afterwards, and findings remain accessible for remediation tracking and historical comparison in line with our retention policy.
Yes. Every engagement includes a branded, board-ready PDF report, and you can also download the raw findings data for use in your own tooling. Compliance-aligned reports for ISO 27001, PCI DSS and Cyber Essentials are available on demand.
Yes. Sentry supports ticketing integrations and webhook notifications, so new and updated findings flow into your existing ITSM and messaging tools automatically rather than sitting unseen in a portal.
Every CTEM finding is automatically assessed for confidence, re-ranked for severity using real-world context such as exposure and asset role, given a risk narrative specific to your environment, and paired with practical remediation guidance. On managed tiers, Blackfoot analysts verify flagged findings and suppress false positives before they reach your queue — and the verification status is visible on each finding.
Book a walkthrough with our team.