Sentrygraph maps every direct, transitive, and build-time dependency you ship into one provenance graph — then blocks the malicious package, the typosquat, and the unsigned artifact at the pull request, not in the post-mortem. Emit a signed SBOM on every build and prove exactly what's inside the binary you shipped.
$ sentrygraph scan . --explain CVE-2026-3104
graph built 4,812 packages · 11 ecosystems · depth 14 1.7s
CVE-2026-3104 critical 9.8 remote code execution
package libstream-parse@2.4.1 (you pin 2.4.x)
reached via 3 paths — NONE in your package.json
app → @acme/uploader@7.0.2
→ sharp-resize@1.9.0
→ libstream-parse@2.4.1 ← vulnerable
exploitable? yes — parse() runs on user-uploaded files
fixed in 2.4.2 (patch, no breaking change)
[policy] block-critical-on-reachable-path → BUILD FAILED
[fix] bump sharp-resize 1.9.0 → 1.9.1 closes all 3 paths
→ open the PR? sign the SBOM? waive with an expiry?
$ _Gating the pipelines of teams that ship to regulated customers
Most scanners read your manifest and stop. Sentrygraph resolves the whole tree — every transitive hop, every build tool, every base-image layer — and tells you which risks can actually reach production, so your engineers fix the three that matter instead of triaging three hundred that don't.
We resolve the complete tree across npm, PyPI, Maven, Go modules, Cargo, RubyGems, and NuGet — direct, transitive, dev, and build-time — down to the leaf and across the lockfile. Container images get peeled layer by layer, so an OS package buried in a base image shows up beside the library you imported. One graph, every ecosystem, fourteen hops deep.
A CVE in code you never call is not an incident. Sentrygraph traces call paths from your entry points to the vulnerable function and ranks by whether it's genuinely reachable — turning a wall of red into the handful you ship a fix for today.
Emit a CycloneDX or SPDX bill of materials automatically on each build, signed and attached to the artifact, so you can prove to an auditor or a customer exactly what's inside the version you released.
We flag brand-new packages, name look-alikes, maintainer hijacks, and install scripts that phone home — so the supply-chain attack is stopped before it reaches your lockfile, not discovered after it's in production.
Verify SLSA build provenance and Sigstore signatures end to end, so you know each artifact came from the pipeline you trust and was never swapped in transit.
What the graph changes on the first scan
The last decade of breaches didn't come through your firewall — they came through a dependency you trusted, a build step nobody watched, or an artifact swapped after you signed off. Sentrygraph closes each one in the pipeline, the moment the technique appears, not the next time someone runs an audit.
Newly published packages, maintainer hijacks, and post-install scripts that exfiltrate tokens are quarantined before they ever reach your lockfile.
Look-alike names, hyphen swaps, and homoglyph packages are flagged against the canonical registry the instant they appear in a manifest.
A vulnerability fourteen hops down, in code you never wrote, is surfaced with the exact path that pulls it in and whether it's reachable.
Internal package names shadowed by public uploads are caught before your resolver silently prefers the attacker's version.
Unsigned artifacts and broken build provenance fail the gate, so a binary swapped between build and deploy never ships.
A copyleft or unapproved license that slipped in through a transitive dependency is blocked before it reaches a customer's legal team.
No agent to install, no rip-and-replace, no source leaving your perimeter. Sentrygraph drops into the pipeline you have, gates on a policy you can read in plain YAML, and gets out of the way until something is actually wrong.
Add one action to GitHub Actions, GitLab CI, Jenkins, CircleCI, or Buildkite — or run the same CLI anywhere. First scan returns before the rest of your build finishes.
Express what fails the build in plain YAML — block criticals on reachable paths, deny unsigned artifacts, expire every waiver. It reviews in a pull request like any other code.
Resolution runs inside your pipeline; only the graph and the policy result come back. Deploy fully self-hosted or air-gapped and nothing crosses the perimeter at all.
When a bump closes the path, Sentrygraph opens the pull request with the reachability proof attached, so the fix merges instead of sitting in a backlog.
“We turned Sentrygraph on and it found a critical RCE fourteen levels deep that three other scanners had buried under noise. It opened the fix PR with the reachability proof attached. We merged it the same morning instead of arguing about whether it mattered.”
“Every enterprise deal stalled on 'send us your SBOM.' Now a signed bill of materials drops out of every build automatically, and our security questionnaire answers itself. It unblocked two seven-figure contracts in a quarter.”
“A typosquatted package made it into a developer's branch on a Friday. Sentrygraph failed the build before it merged and pinged the channel with the diff. With our old setup that's a Monday-morning incident, not a caught-it-in-CI footnote.”
Per-scan and per-finding pricing punishes you for watching more of your code. Sentrygraph bills for the engineers shipping it — scan every repo, every branch, as often as you want.
For public repositories and small teams getting their first graph.
For teams gating private pipelines around the clock.
For regulated, air-gapped, multi-team organizations.
Built-in scanners read your manifest and list known CVEs. Sentrygraph resolves the full transitive graph across eleven ecosystems and container layers, then traces reachability from your entry points to the vulnerable code — so you get the three findings that can actually reach production instead of three hundred that can't, each with the exact dependency path that pulls it in.
A Software Bill of Materials is a signed, machine-readable inventory of every component in a build — the supply-chain equivalent of an ingredients label. Regulators, enterprise buyers, and frameworks like the US Executive Order and the EU Cyber Resilience Act increasingly require one. Sentrygraph generates a CycloneDX or SPDX SBOM on every build automatically, signs it, and attaches it to the artifact.
No. Sentrygraph resolves the dependency graph inside your pipeline, and only the graph and the policy result leave — never your source, lockfiles, or binaries. For regulated teams, deploy fully self-hosted in your own cloud or air-gapped, where nothing crosses the perimeter at all.
A full scan runs in under 90 seconds in CI and caches the resolved graph between runs, so incremental scans on a pull request return in a few seconds. You gate the build on policy without your engineers waiting on it.
Dependency resolution for npm and Yarn, PyPI, Maven and Gradle, Go modules, Cargo, RubyGems, and NuGet, plus container image layers. It drops into GitHub Actions, GitLab CI, Jenkins, CircleCI, and Buildkite as a single step, or runs anywhere as a standalone CLI.
Sentrygraph is SOC 2 Type II and ISO 27001 certified, verifies SLSA build provenance and Sigstore signatures, emits VEX statements to document which CVEs don't apply, and writes immutable audit logs of every policy decision — so you can evidence supply-chain coverage to an assessor or your board.
Point Sentrygraph at a repo, watch it build the full dependency graph, and trace a real CVE to the line that pulls it in — before this tab goes stale. No agent to install, no source leaving your pipeline, no sales call to start.