Harvington Sentry

The human‑layer security copilot

An AI agent that continuously stress‑tests, coaches and protects your people across email, chat, SMS and voice — while triaging reported threats, planting early‑warning tripwires, and generating board‑ready metrics mapped to Cyber Essentials, NIS2, and NHS DSPT.

Made‑to‑measure: we’ll tailor Sentry per client.

Why now

Human‑driven attacks are surging in the UK, and boards are being told to act. The human layer is where most attacks start, and regulators increasingly expect evidence of continuous training and control validation.

Rising UK incidents; more nationally significant cases.
Regulatory expectations: Cyber Essentials, NIS2, NHS DSPT.
Boards want measurable resilience, not annual slide‑decks.

Why we’re setting this up

Most breaches start with people, not firewalls. UK organisations are increasingly asked to evidence continuous training and control validation. Sentry focuses on the human layer: realistic simulations, timely coaching, and clear metrics leaders understand.

We tailor Sentry per client, starting with a quick health check and moving to a focused pilot if helpful.

What Sentry does

Adaptive Phishing & Social‑Engineering

Email, Slack/Teams, SMS (smishing) and voice (vishing). Role‑aware scenarios, generated safely by the agent.

Human BAS

Chain micro‑scenarios: phish → credential harvest → MFA fatigue → privilege test → exfil attempt.

Phish Triage Copilot

Users forward suspicious items; Sentry dedupes, enriches, summarises and recommends actions.

Honeytokens‑as‑a‑Service

One‑click tripwires across endpoints and SaaS. If touched, instant alerts and a guided playbook.

Teachable‑Moment Micro‑Training

90‑second nudges triggered by identity and mail events across M365/Google/Okta.

Board Pack & Compliance Mapping

Monthly Human Resilience Score and evidence mapped to Cyber Essentials, NIS2, and NHS DSPT.

How this stands out

Multi‑channel simulations, identity‑event coaching, deception, and UK compliance exports — packaged for SMEs.

Beyond email: SMS + voice with guardrails.
Flip real threats into safe training.
Human BAS: behaviour‑centric drills and metrics.

Example week

Invoice phish → praise + micro‑lesson.
Deepfake “CFO” call → challenge & escalate.
Triage 5 reports → 1 campaign summary → “flip‑to‑train”.
Honeytoken opened → alert + IR checklist.
Board pack shows resilience improving.

Preview: Admin Console

Concept mock‑up

Acme Ltd — Human Resilience

Human Resilience Score

+12 this period

Reporting Rate

55%

↑ improving

Repeat‑Offender Rate

↓ reducing

This period

Simulations run: 92

Real threats triaged: 410

MFA push approvals: 21

Honeytoken triggers: 7

Recent events

Time	Channel	User	Action	Outcome
Apr 03	Email	buyer@acme.co.uk	Entered details	High‑risk
Jun 22	Teams	cfo.pa@acme.co.uk	Reported simulation	Good catch
Sep 10	SMS	hr@acme.co.uk	Clicked link	Coached

Priority Actions

Enable number‑matching for MFA globally
Disable legacy mail protocols on 6 users
Roll out “Vendor Invoice” micro‑lesson

Compliance Snapshot

Cyber Essentials: 5/6 user controls evidenced
NHS DSPT: 3 artefacts ready for export

Pilot with us

We’re inviting 2–3 early partners. We’ll tailor Sentry for your environment and co‑design the roadmap.

Book a 15‑minute chat View Sample Report

Each deployment is customised and complements our Website Audit, Compliance Monitoring, and Security Health Check services.

Frequently asked questions

Is this suitable for UK SMEs?

Yes. Sentry is designed for small to mid‑sized organisations that need practical, continuous human‑layer protection and evidence for Cyber Essentials.

Can we include voice (vishing) simulations?

Yes. Voice simulations are an optional channel with clear consent and guardrails.

Does this replace Microsoft Attack Simulation Training?

It complements M365: we cover additional channels and add triage, honeytokens and UK‑focused reporting.

Where is data processed?

We prioritise UK/EU hosting with tenant isolation and minimal retention.