Skip to main content
sentrytex
Start free

Frequently asked questions

Last updated: April 2026

Answers to the questions we hear most often. Still stuck? Email [email protected].

What is Sentrytex?
Sentrytex is a security-monitoring service for the SaaS tools in your stack. You register the vendors you depend on — Supabase, Vercel, Stripe, GitHub, Resend, and 150+ others — and we alert you within 60 minutes when one of them has a breach, a CISA KEV listing, or a critical CVE. It's vendor-side monitoring, not application-side error tracking.
How fast do alerts arrive?
We poll our four primary feeds (vendor disclosures, CISA KEV, NVD 2.0, GitHub Advisory Database) every 30 minutes. From the moment a verified signal lands, you receive an alert within 60 minutes. For CISA KEV entries — which mean active exploitation has been confirmed — we skip the corroboration step and notify you immediately.
Which sources does Sentrytex monitor?
Four sources, polled every 30 minutes. Direct vendor security disclosure feeds from Vercel, AWS, GitHub, Cloudflare, Stripe, Supabase, Railway, MongoDB, and others. The CISA Known Exploited Vulnerabilities catalogue plus CISA Vulnrichment. The NVD 2.0 API for all CRITICAL and HIGH CVEs. The GitHub Advisory Database for npm, pip, Go, Rust, and GitHub Actions ecosystem advisories. Every alert is corroborated from at least two of these sources before it reaches you.
How is Sentrytex different from Sentry.io (the error-monitoring tool)?
They do different things despite the similar names. Sentry.io is an application performance and error monitoring tool — it watches your code for exceptions and slow transactions. Sentrytex watches your vendors for breaches and CVEs. If your app crashes, Sentry.io tells you. If GitHub gets compromised, Sentrytex tells you. Most teams that use both treat them as complementary. See our Sentrytex vs. Sentry.io comparison.
How is Sentrytex different from Snyk?
Snyk scans the dependencies inside your codebase for known vulnerabilities. Sentrytex monitors the SaaS vendors your team uses externally. Snyk would catch a vulnerable npm package in your repo. Sentrytex would catch a breach at your hosting provider, a CISA KEV entry against your auth vendor, or a CVE in a service you depend on. They're complementary: Snyk covers the code you ship, Sentrytex covers the platforms you ship on. See our Sentrytex vs. Snyk comparison.
What's a CVE? What's CISA KEV?
A CVE — Common Vulnerabilities and Exposures — is a publicly published security flaw with a unique identifier (like CVE-2024-3094). CISA KEV is the Known Exploited Vulnerabilities catalogue maintained by the US Cybersecurity and Infrastructure Security Agency. A vulnerability only lands on KEV after CISA has evidence it's being actively exploited in the wild. If a tool you use shows up on KEV, that's a P0. More terms in the glossary.
Do I need a SOC team to use Sentrytex?
No. Sentrytex was built for developers, founders, and small engineering teams without a dedicated security operations centre. Setup takes a few minutes: pick the vendors you use from a list, choose how you want to be notified, and we handle the rest. Alerts are written in plain English with a clear severity and a “what to do next” line.
Will I get false-positive alerts?
We optimise hard against noise. Every CVE alert is corroborated from at least two independent sources before it leaves our pipeline, and we filter by your registered stack — you only see alerts for vendors you actually use. CISA KEV entries go out without corroboration because KEV is the corroboration. If you do receive an alert you consider noise, one click marks it and tunes future delivery.
What does Sentrytex cost?
Solo is $9 per month for individual developers and founders. Team is $29 per month and adds multi-seat access, shared stack management, and integrations like Slack and webhooks. Both plans include a 7-day free trial. Prices are exclusive of any applicable VAT or sales tax. See pricing for the current breakdown.
Can I add custom internal tools?
Yes, on the Team plan. You can register internal services or self-hosted dependencies (a private GitLab instance, an internal IdP, a vendor that isn't in our default catalogue) and we'll match them against the NVD, GHSA, and KEV feeds. For vendors with public disclosure feeds we don't yet support, you can request coverage and we usually add it within a week.
Is my data secure? Where is it stored?
Sentrytex stores the minimum needed to deliver alerts: your account, your registered stack, and your notification preferences. We don't ingest your application data, your customer data, or your code. Data is encrypted at rest and in transit, hosted in the EU on infrastructure we monitor with the same tools we sell. See security and our DPA for details.
Can I cancel anytime?
Yes. The 7-day trial requires a card to activate but you aren't charged until day 8. Cancel inside the trial and you owe nothing. After that, billing is monthly and cancellation takes effect at the end of the current period. Payments and refunds are handled by Lemon Squeezy as our merchant of record — see refunds for the current policy.