Skip to content

Products

Products represent software in your inventory. SentriKat matches products against the KEV catalog to identify vulnerabilities.

Adding Products

Manual Entry

  1. Go to AdminProducts
  2. Click Add Product
  3. Fill in details:
  4. Vendor: Software vendor (e.g., "Microsoft")
  5. Product: Product name (e.g., "Windows Server")
  6. Version: Specific version (e.g., "2019")
  7. Criticality: Business importance (1-5)
  8. Click Save

CSV Import

  1. Prepare a CSV file: 
    vendor,product,version,criticality
Microsoft,Windows Server,2019,5
Apache,HTTP Server,2.4.51,3
  2. Go to AdminImport
  3. Upload CSV
  4. Review mapped columns
  5. Confirm import

Via Agents

Deploy agents to automatically collect software inventory:

Via API

curl -X POST http://localhost:5000/api/products \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "vendor": "Microsoft",
    "product_name": "Windows Server",
    "version": "2019"
  }'

Product Type Filter

The Products page includes a Type dropdown to filter by product source:

Type Description
All Show all products (default)
OS Packages Software installed via OS package managers (dpkg, rpm, WMI, etc.)
Browser Extensions Chrome, Edge, and Firefox extensions discovered by extension scanning
IDE Plugins VS Code and JetBrains plugins discovered by extension scanning
Code Dependencies Project dependencies discovered by code dependency scanning (pip, npm, gem, cargo, go, maven, etc.)

Use this to quickly focus on a specific category — for example, filtering to Code Dependencies to review vulnerable libraries across all scanned projects.

Note

Browser Extensions, IDE Plugins, and Code Dependencies only appear if extension & dependency scanning is enabled on the agent's API key.

CPE Mapping

Common Platform Enumeration (CPE) provides standardized product identification.

Automatic CPE

SentriKat attempts to auto-match products to CPE:

  1. Exact match in NVD database
  2. Fuzzy match on vendor + product
  3. User-trained mappings

Manual CPE

Assign CPE manually:

  1. Edit a product
  2. Click Assign CPE
  3. Search for CPE
  4. Select and save

CPE Format

cpe:2.3:a:vendor:product:version:*:*:*:*:*:*:*

Example: 

cpe:2.3:a:microsoft:windows_server:2019:*:*:*:*:*:*:*

Product Organizations

Products can be assigned to multiple organizations:

  1. Edit a product
  2. Go to Organizations tab
  3. Check/uncheck organizations
  4. Save

Product Criticality

Rate product importance for prioritization:

Level Description Example
5 Mission Critical Domain controllers
4 High Database servers
3 Medium Application servers
2 Low Development systems
1 Minimal Test environments

Bulk Operations

Bulk Edit

  1. Select multiple products
  2. Click Bulk Edit
  3. Choose action:
  4. Change criticality
  5. Assign to organization
  6. Apply CPE mapping

Bulk Delete

  1. Select products
  2. Click Delete Selected
  3. Confirm

Deletion

Deleting products removes all associated vulnerability matches.

Agent Exclusions

Prevent agents from re-adding deleted products:

  1. Delete a product
  2. Check Add to exclusion list
  3. Product won't be re-imported by agents