=> IL SISTEMA È ANCORA INSTABILE, NON USARE IN PRODUZIONE, CI SONO ANCORA DIVERSI ERRORI DA CORREGGERE, ANCHE CON DOCKER <=
SentinelCore is a comprehensive, production-ready vulnerability management platform designed for security teams to efficiently track, prioritize, and remediate security vulnerabilities across their infrastructure.
Feature Completeness: 100% | Production Ready: Yes | Active Development: Yes
- Advanced Risk Scoring Formula:
Risk Score (0-100) = (CVSS Base × 0.30) + (EPSS Score × 0.25) + (Business Impact × 0.25) + (Asset Exposure × 0.15) + (Exploit Availability × 0.05) - Automatic Risk Tiers: Critical, High, Medium, Low, Info
- Priority Overrides: Auto-escalate zero-days, ransomware-targeted, actively exploited CVEs
- Business Impact Scoring: Asset criticality (Critical/High/Medium/Low), sensitive data detection, revenue impact estimation
- Asset Exposure Analysis: Network position (Internet-facing, DMZ, Internal, Isolated)
- Exploit Intelligence: Metasploit module detection, ExploitDB availability, CISA KEV catalog integration
- Automatic Deadline Calculation:
- Critical: 1 day (24 hours)
- High: 7 days (1 week)
- Medium: 30 days (1 month)
- Low: 90 days (3 months)
- Breach Detection: Real-time SLA breach monitoring
- Automated Alerts: 75%, 90%, 100% elapsed warnings
- Compliance Ready: Full audit trail for compliance reporting
- Built-in Comments System:
- @mentions with user notifications
- Comment threading (replies to comments)
- Attachments support (images, PDFs, logs)
- Internal vs customer-visible comments
- Edit tracking and soft deletes
- Real-time Collaboration: No need for external chat tools
- Context Preservation: All discussions tied to vulnerabilities
- Rule-Based Routing: Intelligent notification distribution based on conditions
- Multi-Channel Support: Email, Slack, Telegram, Teams, Webhook, PagerDuty, OpsGenie
- 8 Pre-configured Rules:
- Critical Vulnerabilities Alert (immediate)
- SLA Breach Warning at 75%
- SLA Breach Alert at 100%
- High Severity Vulnerabilities
- Zero-Day Alert
- Ransomware Targeted Alert
- Vulnerability Assigned notification
- Daily Summary Digest (batch mode)
- Anti-Spam Features:
- Throttling (minimum time between notifications)
- Quiet hours configuration
- Batch mode for low-priority events
- Custom Templates: Variable substitution for personalized messages
- Bi-Directional Sync: SentinelCore ↔ JIRA status synchronization
- Auto-Ticketing: Automatic ticket creation based on rules
- Priority Mapping: Critical → Highest, High → High, etc.
- Rich Context: Auto-generated descriptions with CVE, CVSS, Risk Score, Asset info
- Custom Field Mapping: Map SentinelCore fields to JIRA custom fields
- Multi-Instance Support: Connect multiple JIRA projects/instances
- Authentication: JWT with httpOnly cookies (XSS protection)
- Authorization: Role-Based Access Control (Admin, Team Leader, User)
- Security Headers: HSTS, CSP, X-Frame-Options, X-Content-Type-Options
- CORS: Whitelist configuration with strict origin validation
- Rate Limiting: Brute force protection with configurable limits
- CSRF Protection: Token-based CSRF prevention
- 2FA Support: Two-Factor Authentication with TOTP
- Session Management: Multi-session tracking with remote revocation
- Audit Logging: Complete audit trail for compliance
- Multi-Team Support: Organize users into security teams
- Workload Dashboard: Track team capacity and task distribution
- Assignment Tracking: Vulnerability assignment to teams or individuals
- Team Performance Metrics: Response times, resolution rates, SLA compliance
Import vulnerability data from major security scanners:
- ✅ Qualys - XML report import
- ✅ Nessus - .nessus XML format
- ✅ Burp Suite - JSON issue export
- ✅ OpenVAS/GVM - XML reports
- ✅ Nexpose/InsightVM - XML format
- ✅ OWASP ZAP - XML/JSON report import with NSE script support
- ✅ Nmap - XML output parsing with CVE extraction
- Built-in Scanning: Network discovery and vulnerability scanning
- Device Management: Edit devices, bulk operations, multi-select
- Topology Visualization: Network map with asset relationships
- Automated Remediation: Workflow automation for common fixes
- Dashboard: Real-time vulnerability statistics and trends
- Executive Reports: Management-ready reports with KPIs
- Risk Heatmaps: Visual representation of risk by team/asset
- Compliance Mapping: Map vulnerabilities to compliance frameworks
- Export Formats: PDF, CSV, Excel
Option A: Automated Installation (Recommended)
- Debian 12 (Bookworm) or Ubuntu 22.04+ LTS
- 4+ CPU cores, 8GB+ RAM, 50GB+ disk space
- Internet connection for package downloads
Option B: Manual Installation
- PostgreSQL 15+
- Rust 1.75+ (stable toolchain)
- Node.js 20+ LTS
- Nginx or Apache (for production)
Install SentinelCore with a single command:
curl -sSL https://raw.githubusercontent.com/Dognet-Technologies/sentinelcore/main/scripts/quick-install.sh | sudo bashWhat it installs:
- ✅ PostgreSQL 15 with sentinelcore_db database
- ✅ Nginx reverse proxy (port 80 → 8080)
- ✅ Node.js 20 LTS (for frontend build)
- ✅ Rust stable toolchain (for backend compile)
- ✅ System dependencies (libpq-dev, libssl-dev, pkg-config)
- ✅ SentinelCore backend (compiled from source)
- ✅ SentinelCore frontend (production build)
- ✅ Systemd service configuration
- ✅ Database migrations (all 16 migrations)
- ✅ Default admin user
Installation time: ~20 minutes (depends on CPU and internet speed)
After installation:
# Access web UI
http://<your-server-ip>
# Default credentials (CHANGE IMMEDIATELY!)
Email: admin@sentinelcore.local
Password: admin
# Service management
sudo systemctl status sentinelcore
sudo systemctl restart sentinelcore
sudo systemctl stop sentinelcore
# View logs
sudo journalctl -u sentinelcore -fStep-by-step installation with full control:
# 1. Install Debian 12 (headless, no GUI)
# User: microcyber (or any user)
# 2. Update system
sudo apt update && sudo apt upgrade -y
sudo apt install -y git curl wget build-essential
# 3. Clone repository
cd /opt
sudo mkdir sentinelcore
sudo chown $USER:$USER sentinelcore
git clone https://github.com/Dognet-Technologies/sentinelcore.git sentinelcore
cd sentinelcore
# 4. Run automated setup
sudo chmod +x scripts/deployment/vm-setup-debian13.sh
sudo ./scripts/deployment/vm-setup-debian13.shSee complete guide: docs/VM_MANUAL_QUICKSTART.md
# Build .deb package (requires dpkg-deb)
cd sentinelcore
./scripts/deployment/build-deb.sh
# Install package
sudo dpkg -i sentinelcore_1.0.0_amd64.deb
# Fix dependencies if needed
sudo apt-get install -f- Email:
admin@sentinelcore.local - Password:
admin
First login checklist:
- Change admin password (Settings → Security)
- Enable 2FA (Settings → Two-Factor Authentication)
- Create additional users (Users → Create User)
- Configure CORS (Settings → Security → CORS)
- Set up notification channels (Settings → Notifications)
SentinelCore uses a .env file in vulnerability-manager/ directory:
# Database
DATABASE_URL=postgresql://sentinelcore:password@localhost/sentinelcore_db
# Server
SERVER_HOST=0.0.0.0
SERVER_PORT=8080
# JWT Authentication
JWT_SECRET=your-secret-key-here-change-this
JWT_EXPIRATION=3600
# CORS (comma-separated origins)
CORS_ALLOWED_ORIGINS=http://localhost:3000,http://your-domain.com
# Security
RATE_LIMIT_ENABLED=true
RATE_LIMIT_REQUESTS_PER_MINUTE=100
RATE_LIMIT_BURST_SIZE=20
# Optional: External integrations
JIRA_URL=https://your-company.atlassian.net
JIRA_API_TOKEN=your-token
SLACK_WEBHOOK_URL=https://hooks.slack.com/services/YOUR/WEBHOOK/URLProduction deployment requires reverse proxy:
# /etc/nginx/sites-available/sentinelcore
server {
listen 80;
server_name your-domain.com;
location / {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}# Install certbot
sudo apt install -y certbot python3-certbot-nginx
# Obtain certificate
sudo certbot --nginx -d your-domain.com
# Auto-renewal is configured automatically
sudo certbot renew --dry-run- Quick Start VM Guide - Step-by-step VM installation
- User Guide - Complete user manual
- Scanner Integration - Import scan results
- Deployment Guide - Production deployment
- Security Guide - Security hardening
- Backup & Restore - Data protection
- API Reference - REST API documentation
- Development Guide - Dev environment setup
- Architecture - System design
- Contributing - Contribution guidelines
┌─────────────────────────────────────────────────────────────┐
│ SentinelCore Stack │
├─────────────────────────────────────────────────────────────┤
│ │
│ ┌──────────────────┐ ┌─────────────────────┐ │
│ │ React Frontend │ ◄─────► │ Axum Backend │ │
│ │ (TypeScript) │ HTTP │ (Rust) │ │
│ │ - React 18 │ REST │ - Axum 0.6 │ │
│ │ - TailwindCSS │ API │ - SQLx │ │
│ │ - React Query │ │ - Tower │ │
│ └──────────────────┘ └─────────────────────┘ │
│ │ │
│ ▼ │
│ ┌─────────────────┐ │
│ │ PostgreSQL │ │
│ │ Database │ │
│ │ - JSONB │ │
│ │ - Triggers │ │
│ │ - Functions │ │
│ └─────────────────┘ │
│ │
└─────────────────────────────────────────────────────────────┘
Backend (Rust):
- Axum 0.6 - Modern async web framework
- SQLx - Compile-time checked SQL queries
- Tower - Middleware and service composition
- Tokio - Async runtime
- Serde - Serialization/deserialization
- JWT - JSON Web Token authentication
Frontend (TypeScript):
- React 18 - UI library with hooks
- TypeScript - Type-safe JavaScript
- TailwindCSS - Utility-first CSS framework
- React Query - Data fetching and caching
- Axios - HTTP client
Database:
- PostgreSQL 15+ - Primary data store
- JSONB - Flexible data storage
- Full-Text Search - Built-in search capabilities
- Triggers & Functions - Business logic in database
Security:
- JWT Authentication - Stateless auth with httpOnly cookies
- RBAC - Role-Based Access Control
- CORS - Cross-Origin Resource Sharing
- Rate Limiting - Token bucket algorithm
- Security Headers - HSTS, CSP, X-Frame-Options
- Password Hashing - Argon2id
# Login
curl -X POST http://localhost:8080/api/auth/login \
-H "Content-Type: application/json" \
-d '{
"email": "admin@sentinelcore.local",
"password": "admin"
}'
# Response
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"user": {
"id": "123e4567-e89b-12d3-a456-426614174000",
"email": "admin@sentinelcore.local",
"full_name": "Admin User",
"role": "admin"
}
}curl -X GET http://localhost:8080/api/vulnerabilities \
-H "Authorization: Bearer YOUR_TOKEN"curl -X POST http://localhost:8080/api/risk/vulnerabilities/{id}/calculate \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json"curl -X POST http://localhost:8080/api/comments \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"entity_type": "vulnerability",
"entity_id": "123e4567-e89b-12d3-a456-426614174000",
"comment_text": "This is critical! @john please investigate ASAP",
"is_internal": true
}'See complete API documentation: docs/API.md
cd /opt/sentinelcore
sudo ./scripts/deployment/update_tools.shThe update script automatically:
- ✅ Creates database backup
- ✅ Pulls latest changes from GitHub
- ✅ Applies new database migrations
- ✅ Recompiles backend (if Rust code changed)
- ✅ Rebuilds frontend (if React code changed)
- ✅ Restarts systemd service
- ✅ Verifies service health
Your data is safe:
- Database is separate from application code
- Migrations are incremental (never delete data)
- Automatic backup before each update
# Backup database
sudo -u postgres pg_dump sentinelcore_db > backup_$(date +%Y%m%d).sql
# Backup configuration
tar czf config_backup_$(date +%Y%m%d).tar.gz \
/opt/sentinelcore/.env \
/etc/nginx/sites-available/sentinelcore \
/etc/systemd/system/sentinelcore.service# Stop service
sudo systemctl stop sentinelcore
# Restore
sudo -u postgres psql sentinelcore_db < backup_20251212.sql
# Start service
sudo systemctl start sentinelcore# Check service status
sudo systemctl status sentinelcore
# View detailed logs
sudo journalctl -u sentinelcore -n 100 --no-pager
# Check configuration
cat /etc/systemd/system/sentinelcore.service
# Restart service
sudo systemctl restart sentinelcore# Verify PostgreSQL is running
sudo systemctl status postgresql
# Test connection
sudo -u postgres psql sentinelcore_db -c "SELECT 1;"
# Check database URL in .env
cat /opt/sentinelcore/vulnerability-manager/.env | grep DATABASE_URLcd /opt/sentinelcore/vulnerability-manager
# Regenerate SQLx cache (requires PostgreSQL running)
../scripts/deployment/regenerate-sqlx-cache.sh
# Clean and rebuild
cargo clean
SQLX_OFFLINE=true cargo build --release# Find process using port 80
sudo lsof -i :80
# Stop Apache (if installed by mistake)
sudo systemctl stop apache2
sudo systemctl disable apache2
# Restart Nginx
sudo systemctl restart nginxcd /opt/sentinelcore/vulnerability-manager-frontend
# Clean node modules
rm -rf node_modules package-lock.json
# Reinstall dependencies
npm install
# Rebuild
npm run build- ✅ Core vulnerability management
- ✅ User authentication & RBAC
- ✅ Team management
- ✅ Scanner integration (7 scanners: Qualys, Nessus, Burp, OpenVAS, Nexpose, OWASP ZAP, Nmap)
- ✅ Risk scoring system with advanced formula
- ✅ SLA automation with breach detection
- ✅ Comments system with @mentions and threading
- ✅ Multi-channel notification routing (8 channels)
- ✅ JIRA bi-directional integration
- ✅ Dashboard & reporting
- ✅ Network scanning and topology
- ✅ Device management with bulk operations
- ✅ Background workers (5 workers: SLA checker, JIRA sync, Notification digest, NVD enrichment, EPSS updater)
- ✅ Exploit intelligence enrichment (NVD API, EPSS daily updates)
- ✅ Quick Wins frontend integration (all components)
- ✅ Advanced dashboards (Executive Dashboard, Technical Heatmap)
- ✅ SOAR webhook integrations (Splunk SOAR, Cortex XSOAR, Sentinel)
- ✅ Compliance reporting (PCI-DSS, ISO 27001, SOC2, HIPAA)
- ✅ Workload tracking and team analytics
- 🔮 Container scanning integration (Trivy, Grype)
- 🔮 API rate limiting per user (currently per IP)
- 🔮 Multi-tenancy support
- 🔮 Machine learning for false positive detection
- 🔮 Custom vulnerability scanner plugin SDK
- ✅ Full system access
- ✅ User and team management
- ✅ System configuration
- ✅ Security settings (CORS, rate limits, IP whitelist)
- ✅ JIRA and notification configuration
- ✅ Manual risk score calculation
- ✅ Mark SLA breaches
- ✅ Audit log access
- ✅ Manage team members
- ✅ Assign vulnerabilities to team
- ✅ View team metrics and workload
- ✅ Create reports
- ✅ Comment on vulnerabilities
- ✅ Update vulnerability status
- ⛔ Cannot modify system settings
- ✅ View assigned vulnerabilities
- ✅ Update vulnerability status
- ✅ Comment on vulnerabilities
- ✅ View dashboard
- ✅ Export data
- ⛔ Cannot assign vulnerabilities
- ⛔ Cannot manage teams
# Clone repository
git clone https://github.com/Dognet-Technologies/sentinelcore.git
cd sentinelcore
# Install PostgreSQL (macOS)
brew install postgresql@15
brew services start postgresql@15
# Install PostgreSQL (Ubuntu/Debian)
sudo apt install postgresql-15
# Create database
sudo -u postgres createuser -s sentinelcore
sudo -u postgres createdb sentinelcore_db
sudo -u postgres psql -c "ALTER USER sentinelcore WITH PASSWORD 'password';"
# Run migrations
cd vulnerability-manager
sqlx database create
sqlx migrate run
# Backend development
cargo build
cargo run
# Frontend development (separate terminal)
cd ../vulnerability-manager-frontend
npm install
npm start# Backend tests
cd vulnerability-manager
cargo test
# Frontend tests
cd vulnerability-manager-frontend
npm test
# Integration tests
cargo test --features integration# Format code
cargo fmt
npm run format
# Lint
cargo clippy
npm run lint
# Security audit
cargo audit
npm auditThis project is licensed under the MIT License - see the LICENSE file for details.
MIT License
Copyright (c) 2024-2025 Dognet Technologies
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
SentinelCore is built with amazing open-source technologies:
- Axum - Ergonomic web framework by Tokio team
- React - UI library by Meta
- PostgreSQL - Advanced open-source database
- Rust - Systems programming language
- TailwindCSS - Utility-first CSS framework
Created with ❤️ by Dognet Technologies
- 📖 Documentation: docs/
- 🐛 Report Bugs: GitHub Issues
- 💬 Discussions: GitHub Discussions
We welcome contributions! Please see CONTRIBUTING.md for guidelines.
Ways to contribute:
- 🐛 Report bugs and issues
- 💡 Suggest new features
- 📝 Improve documentation
- 🔧 Submit pull requests
- ⭐ Star the repository
Project Metrics:
- Lines of Code: ~50,000+ (Rust + TypeScript)
- Database Tables: 30+ tables
- API Endpoints: 80+ REST endpoints
- Migrations: 16 SQL migrations
- Test Coverage: 60%+ (target: 80%)
- Feature Completeness: 75%
Quick Wins Implementation:
- ✅ Risk Scoring: ~600 LOC (Rust modules)
- ✅ SLA Automation: ~450 LOC (SQL)
- ✅ Comments System: ~300 LOC (SQL) + API handlers
- ✅ Notification Routing: ~400 LOC (SQL) + routing engine
- ✅ JIRA Integration: ~350 LOC (SQL) + sync logic
⭐ If you find SentinelCore useful, please star the repository!