18 capabilities. No upsell tax.
Most MDMs hide their best features behind quote-only tiers. Here's the entire Sentinel catalog โ every capability, what plan it's in, and what it actually does.
Day-one device control.
Enroll Android tablets, Samsung phones, and Windows 10/11 laptops in minutes. QR code for Android, PowerShell one-liner for Windows. Live fleet view, command queue, kiosk lock, app management, end-user IT support tickets โ all in every plan including free.
Android device enrollment
android_agentManage Android tablets/phones via the Sentinel agent.
End-user IT support tickets
ticketsUsers on managed devices submit tickets to your admins.
Windows enrollment
windows_agentManage Windows 10/11/Server laptops via PowerShell + OMA-DM.
Device lifecycle + carbon
lifecycleTrack device stage from Fresh โ End of life with embodied-carbon ledger.
Managed apps + permissions
app_managementPublish apps from Play Store / MS Store with per-permission grants + update control.
Stop watching dashboards.
Declare what should happen: geofences, self-healing rules, multi-step automations. The agent evaluates on heartbeat and the platform runs the steps. IFTTT-style flows with 6 trigger types and 6 step types, including Slack notify, command issue, webhook fan-out.
Geofences
geofencingPrivacy-preserving location (in/out, not coordinates).
Self-healing rules
self_healingDeclarative auto-remediation on heartbeat.
Automation builder
automationsIFTTT-style cross-device flows.
Ask your fleet a question.
GPT-4o-mini translates natural-language fleet queries into safe, read-only SQL. Predictive failure heuristics flag batteries that will die in 30 days. Federated learning (in development) trains anomaly-detection without seeing raw telemetry from any single tenant.
Fleet Co-Pilot (AI)
fleet_copilotNatural-language fleet queries via GPT-4o-mini.
Predictive failure detection
predictive_failureHeuristics + ML over telemetry to flag failing devices.
Threats you'd never spot alone.
Cross-tenant threat intelligence: when 3 of our customers see the same malicious APK or callback domain, every other tenant who matches the IoC gets a global signal. Plus tamper-evident hash-chained audit on every write.
URL allowlist / blocklist
web_filtersBlock social media or allow only POS vendor URLs. Scoped by dept/branch.
Threat intelligence feed
threat_intelCross-tenant correlated threat signals.
Audit-ready out of the box.
One-click compliance bundles: GDPR ยท UAE PDPL ยท Saudi PDPL ยท HIPAA ยท PCI DSS ยท SOC 2. Each bundle auto-toggles the right controls (encryption-at-rest, log retention, data residency, app allowlist enforcement). Per-device investigation timeline exports to CSV for legal and HR.
Audit log CSV export
audit_csv_exportExport the immutable audit log for compliance.
Investigation timeline
investigation_timelinePer-device chronological history with CSV export for legal/HR.
Battery passport (EU 2023/1542)
battery_passportBattery origin, chemistry, cycles, embodied carbon.
Compliance bundles
complianceOne-click GDPR / UAE PDPL / HIPAA / PCI / SOC 2.
Looks like your company, not ours.
Per-device wallpaper, lock screen, agent app icon, primary locale, RTL Arabic, company name, footer message. Bulk-assign branding profiles by department, branch, tag, or policy. End users see your brand, not Sentinel's.
Branding profiles
brandingPer-tablet wallpaper / logo / colors / RTL Arabic. Bulk-assignable.
Talk to your stack.
Scope-tagged API keys for CI/CD, custom dashboards, and integrations. Webhooks on every state change. SCIM provisioning (Enterprise). Slack, Email, generic webhook notification channels in automations.
Public REST API
public_apiScope-tagged API keys for CI, scripts, custom dashboards.
Don't see what you need?
We ship the roadmap with our customers โ book a 25-minute call and we'll tell you exactly when (or why not) a capability lands.