Sentinel Dev Preview

Guided sentinels and honeypots for selected clients

Sentinel is the defence layer on the BlackDome roadmap: deployable host tripwires, customer honeypots, detonation evidence, and bounded response. It is visible now for private preview discussions, not broad self-serve deployment.

Differentiator

Most products separate threat feeds from the environment they protect. Sentinel is designed to close that loop by turning BlackDome's real attacker telemetry into guided deception, response, and evidence packs for customer systems.

Preview
Release stage
Guided
Deployment model
Host + Net
Collection layer
Proof
Design principle

What Sentinel Is Being Built To Do

The design goal is practical defence from the same evidence layer that powers BlackDome intelligence.

Host Tripwires

Canary files, fake credentials, and service facades designed to turn suspicious contact into high-signal evidence.

Managed Honeypots

Customer-specific honeypots and protocol surfaces for teams that need direct collection in their own risk context.

Bounded Response

Policy-constrained actions and escalation paths, with human review where the risk or ambiguity requires it.

Evidence Packs

Every meaningful verdict is intended to carry the contact evidence, reasoning context, and action trail needed for review.

Preview Deployment Path

For now, Sentinel is a guided engagement. The flow below is how we expect selected deployments to work while the agent matures.

1

Scope the environment

We identify hosts, subnets, acceptable collection boundaries, and what actions must remain approval-gated.

2

Deploy collection surfaces

BlackDome deploys or guides the deployment of honeypots, host tripwires, and safe deception points.

3

Correlate with live BlackDome intel

Customer events are compared against the global attacker contact layer, MCP-accessible intelligence, and detonation context.

4

Review, tune, and expand

The engagement hardens policies, response boundaries, and proof-pack outputs before wider rollout.

Best Fit For Preview

Sentinel is not for every self-serve user yet. These are the teams we should talk to first.

MDR / MSSP
Managed customer coverage
High-Risk SaaS
Targeted deception
Red Teams
Custom collection
Enterprise SOC
Evidence + response

Preview Engagement Options

Sentinel pricing is engagement-led while the product is in development. Public self-serve buyers should start with MCP, API, and packages.

Discovery

Free

A short call to decide whether Sentinel preview access is a fit.

  • Use-case review
  • Current risk surface
  • Deployment constraints
  • Suggested next step
Discuss Preview
PRIVATE PREVIEW

Managed Pilot

Custom

Guided honeypot or host-tripwire pilot for teams with a clear security outcome.

  • Scoped deployment
  • BlackDome telemetry correlation
  • Evidence-pack review
  • Tuning and operational notes
Plan a Pilot

Enterprise Defence

Custom

Broader managed deception and defence architecture for high-risk environments.

  • Managed honeypot architecture
  • Custom collection goals
  • MCP and API evidence access
  • Governance and reporting support
Contact Sales

Interested in the defence layer?

Use BlackDome's public intelligence and MCP now. If you need guided sentinels or honeypots in your own environment, talk to us about a preview engagement.