Skip to content

Sync API

Trigger and monitor vulnerability data synchronization (CISA KEV, NVD, EPSS).

Permissions

Manual sync triggers are admin-only operations.

Trigger a full sync

Runs a full vulnerability sync (CISA KEV catalog + recent NVD CVEs) in the background and returns immediately with a job id you can poll.

curl -X POST https://sentrikat.example.com/api/sync \
  -H "Authorization: Bearer YOUR_TOKEN"

Rate limit: 5 requests/minute. Super Admin only.

Sync status

curl https://sentrikat.example.com/api/sync/status \
  -H "Authorization: Bearer YOUR_TOKEN"

Returns the state of the current/last sync job (progress, counts, errors).

Sync history

curl https://sentrikat.example.com/api/sync/history \
  -H "Authorization: Bearer YOUR_TOKEN"

Returns past sync runs with timestamps and results.

Trigger an EPSS sync

Updates EPSS scores for known CVEs:

curl -X POST https://sentrikat.example.com/api/sync/epss \
  -H "Authorization: Bearer YOUR_TOKEN"

Scheduled syncs

Manual triggers are rarely needed — the scheduler keeps data fresh automatically:

Source Schedule
CISA KEV Daily at 02:00 (in the configured display timezone)
Vendor advisories Daily, 1 hour after the KEV sync
EPSS scores Daily
NVD CPE dictionary Weekly

See Data Sources & Intelligence for what each source provides.