Intelligent GroupAiT SOC Sentinel
AI-SOC oversight, MSP-grade

Audit your MSSP.
Before your customers do.

Sentinel is the AI-SOC oversight layer for MSPs. We compare your team's verdicts against autonomous AI triage and surface every disagreement, missed ticket, and SLA breach — before they become incidents.

Book a DemoView live demo

14-day POC · no card · we deploy into your GCP tenant

sentinel / mssp-shadowlive
Alert
MSSP verdict
Sentinel
ALR-29F1 · o365.suspicious_oauth_grant
benignbenign
ALR-2A04 · edr.process_injection
benignbenign
ALR-2A11 · tgs-rep.kerberoast_high_entropy
benignmalicious
ALR-2A18 · mosyle.unenrolled_macos
benignbenign
ALR-2A21 · exfil.gdrive_anonshare
closedmissed_sla
Alerts (24h)
1,284
Disagreements
14
SLA breaches
3
Why Sentinel

What Sentinel does that nobody else does

Audit your MSSP

Sentinel runs AI triage in parallel with your MSSP team. Every alert gets two verdicts. We flag every disagreement so your customers' CISOs see what their MSSP missed.

SIEM-agnostic

Plugs into any SIEM — Microsoft Sentinel, Splunk, Google SecOps, Exabeam — or no SIEM at all via direct vendor adapters. One dashboard, all your customers.

Multitenant by default

Manage 50+ customer environments from one Sentinel instance. SOC-2/PCI-DSS audit trails per tenant. Per-customer SLA tracking and weekly executive PDFs.

How it works

Four steps. One hour to first verdict.

01

Connect

Any SIEM (Splunk, Microsoft Sentinel, Google SecOps, Exabeam) — or just our vendor adapters. Sentinel works without a SIEM license at all.

SplunkMS SentinelGoogle SecOpsExabeamSentinelOneMosyleAdluminBlackPointMicrosoft 365Okta
02

Triage

Run by Manny — our AiT-Powered Security Analyst — every alert reaches a verdict in seconds.

03

Audit

We compare against your MSSP analyst's decision and flag every delta.

04

Report

Weekly IG-branded PDFs to your customers' CISOs, real-time Slack pings on critical disagrees.

Pricing

POC-friendly. Scales to 50+ customers.

POC
$0for 14 days

Up to 1 tenant, 100K alerts/mo, full feature set.

Start a POC
Most common
Single Tenant
$30K/mo per customer

Up to 1M alerts/mo, MSP-managed, dedicated SOC engineer slot.

Talk to us
MSP Bundle
$10K-20K/mo per 50-customer block

Negotiated per-MSP. Includes white-label option.

Talk to us
Talk to us

Built by Intelligent Group — an MSP that runs Sentinel itself.

Pilots include — Sumitomo Chemical Americas (3-month POC, starting May 2026).

Intelligent GroupIntelligent Group
/GCG · channel partner
FAQ

Common questions, straight answers.

Do I need to switch SIEM?
No. Sentinel is additive. Bring your Splunk, Microsoft Sentinel, Google SecOps, or Exabeam — we sit alongside it.
What about the Google Triage Agent — isn't that free?
It's free for triage. Sentinel is for governance: comparing your AI's verdicts against your team's, across every customer.
How long to onboard a tenant?
Under an hour with our onboarding wizard. Vendor API tokens + a Slack webhook is all you need; SIEM connection (SecOps, Splunk, Sentinel, Exabeam) is optional.
Where does my data live?
In your tenant's GCP boundary. We never see customer telemetry.
What about SOC-2?
When deployed against Google SecOps, Sentinel inherits the SecOps SOC-2 Type 2 control set. Our own audit logs are exportable for your attestations regardless of SIEM choice.
AiT SOC Sentinel