🔍
Discovery and classification
Scans every table and column. Finds national IDs, IBANs, credit cards, e-mail, phone and secret keys. It even recognises poorly-named columns from the data inside them.
SentinelDB360 answers one question for enterprise SQL Server: what sensitive data exists, who can access it, what security holes are present, and how do I fix them?
Works end to end with the Microsoft data platform
Scans every table and column, recognises even poorly-named columns from the data inside them, and answers “who can reach this?”.
Turns more than 70 rules into a clear risk score and links every finding to KVKK and GDPR.
Ready apply, validate and rollback commands, plus data masking. Every action is logged.
ERP and CRM databases grow over the years. Personal data such as national IDs, IBANs, cards and salaries ends up everywhere, permissions pile up, and wrong settings go unnoticed. KVKK and GDPR ask for control you can prove. SentinelDB360 closes that gap: it finds the data, measures the risk and fixes the holes.
The whole process in one place, from finding the data to safely closing the gap.
Scans every table and column. Finds national IDs, IBANs, credit cards, e-mail, phone and secret keys. It even recognises poorly-named columns from the data inside them.
Clearly answers “who can reach this personal data?”. It works out the real access map across roles, permissions and masking-bypass paths.
Checks configuration, privilege, encryption and patch gaps with more than 70 ready-made rules. Every finding comes with its severity, impact and fix.
Generates apply, validate and rollback commands for every finding, plus ready-to-run data-masking scripts for each sensitive column.
Changes nothing by default. When you choose to act, it shows the change, asks for approval, applies it safely, validates it and can roll back. Every step is logged.
Turns technical findings into plain language everyone understands, with priorities and the expected drop in risk. It works without an internet connection too.
Executive and technical reports (TR/EN), Excel, the KVKK Personal Data Inventory and signed evidence. Ready to hand to management or an auditor.
Catches anything getting worse since the last scan: a new full-access user, removed masking, a new sensitive column. Shows your security score over time.
All customers from one panel: role-based access, each customer’s data kept separate, license tracking and a fleet view.
No question marks left. Here are the 70 security rules the assessment covers (by category) and the 14 sensitive data types it auto-detects. The full list is open source.
Why 70? Because these are the checks that actually matter for SQL Server hardening and KVKK/GDPR. The catalog is data-driven and grows toward 100+ over time.
Request the full rule list →These are recognised not just from the column name but from the actual data inside. For example a checksum for national IDs, mod-97 for IBAN, Luhn for credit cards, caught even when the column is named “col_a”.
See how it looks in the sample reports →The scanner carries zero business logic; all analysis runs in the secure engine.
The thin console scanner only collects, end-to-end encrypts the result (.bshscan) and uploads it. All scoring, classification and reporting happen in the portal.
Collection, analysis and reporting all run in your own environment. It creates its own encrypted repository database. No internet required; it works fully offline.
Every assessment ships as a corporate PDF: a circular score gauge, severity distribution, the KVKK Personal Data Inventory and signed evidence, in both executive and technical formats and both languages.
Lite for a fast assessment. Full for total control and offline environments.
| Feature | LiteCloud portal · free |
FullLocal · licensed |
|---|---|---|
| Sensitive-data discovery & classification | ✓ | ✓ |
| Access analysis & 70+ rules | ✓ | ✓ |
| TR/EN PDF, Excel, KVKK Data Inventory | ✓ | ✓ |
| AI security advisor | Azure OpenAI | Local (Ollama) |
| Fully local (offline) | — | ✓ |
| Local encrypted repository & trend | — | ✓ |
| Controlled Apply Mode (rollback + audit) | — | ✓ |
| Central portal & fleet view | ✓ | Optional push |
Raw personal data never leaves the environment; every report is audit-ready.
In Lite, detection runs on the client; only redacted/hashed evidence is uploaded. In Full, everything is local and AES-256-GCM encrypted at rest.
Each assessment carries a tamper-proof fingerprint (ScanHash) and a signed document. You can present it to a regulator or auditor.
In Full the rule catalog is sealed; it cannot be opened without a valid, machine-bound license. Resistant to reverse engineering.
Read-only default + session hardening. Changes happen only in approved Apply Mode, with transactions and tested rollback.
Hardening findings and safe, scripted fixes.
Objective risk score, CIS-mapped evidence and a technical report.
Personal-data inventory, exposure and masking bypass.
Attack paths to sensitive data and excessive privileges.
Classification (even badly-named columns) and least privilege.
One headline score and the upside of fixing it.
Start with a read-only scan; see what sensitive data lives where, who can access it, and how to fix it.