Security Posture Assessment · Made in Vienna, EU

GrantFlow Sentinel

Scan your Microsoft Entra ID, Active Directory, and Linux hosts for misconfigurations, privilege risks, and attack paths.

92 security checks across 15 domains. No agents, no cloud dependencies — run it locally in under five minutes.

Install Sentinel →Quick Start

Used by security teams across Austria, Germany & Switzerland· Visit website

Runs locally

No data exfiltration

Entra ID + AD + Linux

From €249

Terminal

$ sentinel scan --mode cloud

Authenticating via device code… ✓

Tenant·contoso.onmicrosoft.com

Mode·cloud (Entra ID)

Checks·57 checks across 7 domains

✓ Scan complete — Score: 72/100

Report saved to sentinel-contoso-2026-03-13.html

Scan coverage

Assess your security posture in minutes

Standalone CLI that audits Entra ID, Active Directory, and Linux — with actionable remediation steps.

Entra ID (Cloud)

Audit MFA enforcement, Conditional Access policies, privileged roles, tenant hardening, workload identities, and high-value targets.

Active Directory (On-Prem)

Detect Kerberoasting, unconstrained delegation, DCSync rights, weak password policies, ADCS attack vectors, and protocol misconfigurations.

Linux Hosts

Check SSH hardening, firewall status, SUID binaries, ASLR, auditd, and unattended security updates.

HTML, JSON & PDF Reports

Self-contained HTML reports with security scores, finding cards, and remediation steps. JSON for SIEM ingestion. PDF for print.

GrantFlow Integration

Findings controlled by GrantFlow PAM are automatically marked as managed — your score reflects your actual posture.

Configuration & Tuning

Filter checks by domain, set output formats, configure authentication methods, and integrate into CI/CD pipelines.