About
Why this exists.
Patrick Donohue
IT Infrastructure & Cybersecurity — Spokane, WA
35 years in IT infrastructure and cybersecurity, most recently in the financial sector. Author of API-ocalypse Now: Python's Guide to Secure and Flexible Data Handling. Builder of tools that solve problems I've actually run into.
SurfaceSentinel exists because most small businesses have no idea what they look like from the outside — and attackers are counting on that.
I've spent 35 years doing assessments, writing policies, and cleaning up after incidents. The pattern that shows up every time: the basics weren't covered. Not because people didn't care, because nobody told them what the basics looked like from the attacker's side.
SurfaceSentinel runs the same passive reconnaissance an attacker would do before targeting your organization: DNS, email authentication, TLS certificates, HTTP security headers, exposed services. It translates those findings into plain language with clear next steps. No credentials required. No agent to install. Just an honest look at what's publicly visible about your domain.
It won't replace a full penetration test or a security audit. It will tell you whether the doors are locked before you spend money on a better alarm system.
Also from the same shop
Ephemeral Sentinel
A deterministic phishing analysis engine for organizations that need to triage suspicious email at scale — without sending everything to an LLM.