Releases: NodeNestor/Sentinel
Releases · NodeNestor/Sentinel
Sentinel v1.1.0 — Standalone Mode + Exe Builds
Sentinel v1.1.0
New: Standalone Mode
Run Sentinel with zero external dependencies — no PostgreSQL, no Redis, no Docker:
STANDALONE=true ./sentinel
# Dashboard at http://localhost:3000Uses embedded SQLite database and in-memory event bus. Everything works out of the box.
New: Downloadable Binaries
| Platform | Architecture | Download |
|---|---|---|
| Windows | x64 | sentinel-win-x64.exe |
| Linux | x64 | sentinel-linux-x64 |
| Linux | ARM64 | sentinel-linux-arm64 |
| macOS | Intel | sentinel-macos-x64 |
| macOS | Apple Silicon | sentinel-macos-arm64 |
Download, run, done. No Node.js required.
Optional: Install nmap + trivy for full scanning
- nmap (network scanning): https://nmap.org/download
- trivy (CVE scanning): https://github.com/aquasecurity/trivy/releases
Without these, Sentinel still does config auditing, log monitoring, drift detection, AI chat, and threat intel — just without active network/CVE scanning.
Changes from v1.0.0
- SQLite standalone mode (
STANDALONE=true) - In-memory event bus (replaces Redis in standalone mode)
- PG→SQLite SQL conversion layer
- Proactive monitor uses shared event bus
- Array params serialized for SQLite compatibility
- GitHub Actions binary build pipeline
- Build script for all 5 platforms
Sentinel v1.0.0 — Autonomous AI Security Team
Sentinel v1.0.0
Autonomous AI Security Team — drop-in security monitoring for any environment.
Quick Start
One-line install (Linux/macOS/WSL):
curl -fsSL https://raw.githubusercontent.com/NodeNestor/Sentinel/main/scripts/install.sh | bashDocker Compose:
git clone https://github.com/NodeNestor/Sentinel.git
cd Sentinel
cp .env.example .env # set your AI provider
docker compose up -d
# Dashboard at http://localhost:3000Kubernetes:
helm install sentinel ./charts/sentinel -n sentinel --create-namespaceWhat's Included
Scanner Agents
- NetScout — network scanning (nmap, arp-scan, masscan)
- VulnHunter — CVE scanning (trivy + EPSS + CISA KEV enrichment)
- ConfigAuditor — CIS benchmarks (SSH, Docker, K8s, TLS, default creds)
- LogWatcher — real-time log monitoring (brute force, privilege escalation, 15+ patterns)
- DriftDetector — change detection (containers, users, crons, binaries, configs)
AI Integration
- Claude API, any OpenAI-compatible endpoint (vLLM, LM Studio, llama.cpp, LocalAI), or Ollama
- Interactive chat with 10 tools — ask questions, give commands, get explanations
- Proactive 4-tier alerting with spam prevention
- AI-generated attack narratives and risk assessments
Threat Intelligence (all free feeds)
- CISA KEV (1,500+ actively exploited CVEs)
- EPSS (exploit prediction scoring)
- abuse.ch (malicious URLs, C2 IPs, malware hashes)
- GreyNoise (filter out benign scanners)
- AbuseIPDB (community-reported malicious IPs)
Dashboard
- Dark-themed SPA with 8 pages
- Force-directed network topology graph
- MITRE ATT&CK technique mapping on every finding
- Compliance scoring (CIS Docker, CIS Linux) with PDF export
- Real-time WebSocket updates
Auto-Remediation
- Block IP, kill container, quarantine pod, rotate secret
- Dry-run mode by default (safe to deploy)
- Kill switch in dashboard settings
Downloads
| File | Description |
|---|---|
install.sh |
One-line installer for Docker Compose (Linux/macOS/WSL) |
install-k8s.sh |
Interactive Kubernetes/Helm installer |
docker-compose.yml |
Docker Compose stack definition |
.env.example |
Environment variable template |
init.sql |
PostgreSQL schema (auto-loaded by Docker Compose) |
sentinel-helm-chart-v1.0.0.tar.gz |
Helm chart for Kubernetes |
System Requirements
- Docker 20+ and Docker Compose v2+
- OR Kubernetes 1.25+ with Helm 3+
- 512MB RAM minimum (recommended 1GB+)
- Any AI provider (Claude API key, OpenAI-compatible endpoint, or Ollama)