First Scan¶
SaaS Understand what happens after your agent scans, and how to interpret the results.
Time: ~3 minutes
How Scanning Works¶
When an agent scans an endpoint, it:
- Collects a list of installed software (name, version, vendor)
- Uploads the inventory to SentriKat
- SentriKat matches each product against the CISA KEV catalog, ENISA EUVD, and NVD
- Results appear on your dashboard as matched vulnerabilities
The matching uses CPE (Common Platform Enumeration) identifiers. SentriKat's community knowledge base helps resolve ambiguous matches automatically.
Check Your Results¶
After your agent's first scan:
- Go to Products in the left sidebar
- You should see a list of software detected on your endpoint
- Each product shows:
- Name and version
- Vendor
- Status — whether any KEV vulnerabilities match
Understanding Matches¶
Navigate to Vulnerabilities to see what SentriKat found:
| Column | Meaning |
|---|---|
| CVE ID | The unique vulnerability identifier (e.g., CVE-2024-1234) |
| Severity | CVSS score from the best available source (NVD, CVE.org, or EUVD) |
| Product | Which of your installed products is affected |
| Status | Affected, Likely Resolved, or Resolved |
| Due Date | CISA's remediation deadline (if this is a KEV entry) |
| Ransomware | Whether this CVE is known to be used in ransomware campaigns |
Status Meanings¶
- Affected — Your installed version is vulnerable
- Likely Resolved — A patch exists and your version might include it, but couldn't be confirmed automatically
- Resolved — Your version includes the fix
What If Nothing Shows Up?¶
If no vulnerabilities appear, that's actually good news — it means none of your installed software matches a known exploited vulnerability. SentriKat only tracks actively exploited CVEs, not the full 200,000+ NVD catalog.
You'll still see your products listed under Products. If products don't appear either:
- Make sure the agent scan completed (check Settings > Agents for the last-seen timestamp)
- Wait 2–3 minutes for the matching pipeline to finish
- Try running the agent scan manually:
sentrikat-agent scan
Scheduling¶
By default, agents scan every 6 hours. You can adjust the schedule:
# Linux/macOS: edit the systemd timer or launchd plist
sudo sentrikat-agent configure --interval 4h
# Windows: the scheduled task interval can be adjusted
sentrikat-agent.exe configure --interval 4h