NewReal-time incident board is live
Security

Multi-tenant. Never shared.

SentinelHub handles your clients' most sensitive security signals. It's built so trust is the default — not an afterthought you bolt on later.

01

Per-organization isolation

  • +Every database query is scoped to your organization
  • +One MSP can never read another's tenants or alerts
  • +Tenant data is partitioned end to end
02

Least-privilege access

  • +Read-only Microsoft Graph admin consent
  • +Only the security scopes the product needs
  • +No standing per-tenant credentials stored
03

Authentication & roles

  • +Sign in with Microsoft Entra ID
  • +Admin, analyst and viewer roles
  • +Session-based, role-aware authorization
04

Auditability

  • +Audit log of onboarding and disconnect events
  • +Full triage history per alert and incident
  • +Who changed what, and when
05

Data handling

  • +Encrypted onboarding state parameters
  • +EU-hosted infrastructure
  • +Webhook payloads validated with a secret
06

You stay in control

  • +Disconnect a tenant at any time
  • +Subscriptions revoked on disconnect
  • +Retain or remove data on your terms

Want the details on data flows, permissions and hosting?

Talk to our team
Security — SentinelHub