Frequently Asked
Questions

Most customers are observing live incidents within 72 hours of kickoff. A typical onboarding looks like this:

• Day 1: Platform provisioning and connector authentication (monitoring tools, ITSM, cloud APIs)
• Day 2: Signal baseline calibration - Sentinel learns your environment's normal state
• Day 3: First shadow-mode run - Sentinel observes and recommends, while your team validates
• Week 2+: Progressive automation enablement as confidence scores are validated

Complex environments with many integrations may take 1-2 weeks for full deployment. Our implementation team guides every step.

No. Ops Singularity sits on top of your existing observability and monitoring stack - it does not replace it. We integrate with tools like Dynatrace, Datadog, New Relic, Splunk, Prometheus, Grafana, PagerDuty, and many others.

Sentinel AI consumes signals from all your existing sources, correlates them intelligently, and acts - while those tools continue to do what they do. Think of Ops Singularity as the intelligence and action layer that sits above your existing monitoring layer.

Yes. We run a structured 30-day Proof of Value (POV) program for qualified enterprise customers. During the POV, Sentinel AI runs in shadow mode on your production environment - observing incidents, recommending actions, and demonstrating outcomes without taking any live action unless you explicitly enable it.

At the end of 30 days, you receive a detailed report showing: incidents Sentinel would have resolved autonomously, time savings, and mean-time-to-recovery improvements. Contact our team to initiate a POV.

Every enterprise customer gets a dedicated Customer Success Engineer who leads the onboarding. This includes connector configuration, initial MOP library setup, signal tuning, and training sessions for your ops team.

Professional services are available for custom MOP development, complex integrations, and change management programs - but many customers complete onboarding with just the CSE included in their plan.

Absolutely. Sentinel AI integrates natively with ServiceNow, Jira Service Management, and other ITSM platforms. Every automated action Sentinel takes is logged as a change record, incident update, or approval request - whichever your process requires.

You can configure approval gates for any MOP so that human sign-off is required before execution. This means autonomous operations and human governance coexist cleanly from day one.

OIAO stands for Observe - Investigate - Act - Optimize. It is the four-phase intelligence loop that powers every decision Sentinel AI makes:

• Observe: Sentinel ingests signals from all connected monitoring tools, cloud APIs, logs, metrics, and traces. It normalizes and correlates events across sources in real time.
• Investigate: When anomalies are detected, Sentinel runs automated root cause analysis - tracing signals across topology maps, historical patterns, and change records to determine what actually caused the issue.
• Act: Based on the investigation outcome, Sentinel selects and executes the appropriate MOP (Machine Operations Procedure) - a structured autonomous runbook with pre-checks, execution steps, and validation.
• Optimize: Every resolved incident is reviewed by Sherlock, our optimization engine, to learn patterns, improve future detection, and recommend enhancements to your MOP library.

The entire cycle happens in minutes - compared to hours with manual processes.

Sentinel AI uses a confidence scoring system before taking any action. Every investigation produces a confidence score - and Sentinel will only execute autonomously above a configurable threshold (typically 90%+).

Below that threshold, Sentinel escalates to a human with its analysis and recommended action pre-filled - making the human's decision faster and better-informed, not bypassed.

In practice, customers see Sentinel correctly identify root cause on over 94% of investigated incidents after a 2-week baselining period. If it does get something wrong, every MOP includes rollback procedures that execute automatically if validation fails post-action.

A traditional runbook is a document - a list of steps a human reads and follows. A MOP (Machine Operations Procedure) is an executable, structured operational program that Sentinel can run autonomously.

MOPs include: pre-execution safety checks (verifying conditions are right before acting), step-by-step execution with dependency management, post-execution validation (confirming the action worked), and automatic rollback if validation fails.

Ops Singularity ships with over 500 pre-built MOPs covering common incident types across cloud, Kubernetes, network, database, and security domains. You can also build custom MOPs using our no-code MOP builder or programmatic API.

Yes. Sentinel AI was designed for heterogeneous environments. It natively supports AWS, Azure, Google Cloud, and on-premises infrastructure simultaneously. It can correlate signals across cloud providers - for example, an AWS RDS issue affecting an Azure-hosted application will be tracked as a single incident, not two separate alerts.

Our topology mapping engine builds a real-time graph of your full environment - services, dependencies, and cross-cloud relationships - so Sentinel always has the full picture before it acts.

Sentinel's correlation engine groups related alerts into a single incident context before any action is taken. It does not respond to individual alerts - it responds to root causes. So a storm of 2,000 alerts from a cascading failure is treated as one incident, with one investigation and one coordinated response.

Additional safeguards include: rate limiting on MOP executions, blast radius analysis before any infrastructure change, and a circuit breaker that pauses automation and escalates to humans if anomalous patterns are detected in the automation itself.

Sherlock is Sentinel's post-incident optimization engine. After every resolved incident - whether resolved autonomously or by a human - Sherlock reviews what happened, what worked, and what could be improved.

Sherlock outputs: updated confidence thresholds based on outcomes, new MOP recommendations for recurring issue patterns, infrastructure optimization suggestions (rightsizing, configuration drift alerts), and trend reports that surface systemic issues before they cause incidents.

Over time, Sherlock makes Sentinel smarter and makes your infrastructure more resilient. Customers typically see a 40% reduction in incident frequency within 90 days - not just faster resolution, but fewer incidents altogether.

Yes, and this is a key part of our platform's value. We provide three ways to build custom MOPs:

• No-code MOP Builder: A visual drag-and-drop interface to define steps, conditions, and validations without writing code.
• MOP SDK: A Python-based SDK for engineers who want to write MOPs programmatically with full control over logic, API calls, and decision trees.
• MOP Conversion: Our team can convert your existing runbook documents into executable MOPs as part of onboarding.

All custom MOPs go through the same safety architecture as built-in MOPs - pre-checks, validation, rollback - and they are versioned and auditable.

Full control, always. Ops Singularity uses a graduated autonomy model. For every system, MOP type, or incident category, you can independently configure:

• Fully Manual: Sentinel observes and recommends, but humans make all decisions
• Approval Gate: Sentinel proposes actions and a human approves before execution
• Supervised Automation: Sentinel acts, but a human can halt execution at any step
• Full Autonomy: Sentinel acts and reports outcomes asynchronously

You can set different levels for different systems - for example, full autonomy for Kubernetes scaling events but approval gates for database schema changes. These settings can be changed at any time.

Every MOP includes a post-execution validation phase. After each step, Sentinel verifies the expected outcome using health checks, metric thresholds, and service validation probes. If validation fails, the MOP automatically triggers its rollback sequence - reversing any changes made during that execution.

If rollback also fails, Sentinel escalates immediately to the on-call team with a full execution log, what was attempted, what failed, and recommended manual next steps. No silent failures, ever.

Every action is fully audited with a timestamped execution log available in the platform dashboard and exportable to your ITSM system.

Sentinel natively supports maintenance windows and change freeze periods. During these periods, you can configure Sentinel to: pause all automated actions, require additional approvals, or restrict execution to read-only diagnostic MOPs only.

Change freeze calendars can be synced from ServiceNow, Jira, or defined directly in the platform. Sentinel respects these windows automatically and queues any proposed actions for post-freeze review.

Yes. When human escalation is needed, Sentinel integrates with PagerDuty, OpsGenie, and VictorOps to page the right on-call engineer based on the service affected, the team owning that service, and the current on-call rotation.

The escalation notification includes Sentinel's full investigation summary, confidence score, and recommended action - so the engineer arrives at the incident fully briefed, not starting from scratch.

Every action taken by Sentinel AI is fully logged in an immutable audit trail that includes: the triggering signal, the investigation reasoning, the MOP selected, every step executed, who (or what) approved the action, and the validation outcome.

This audit trail is available in the platform dashboard, exportable to your SIEM (Splunk, Elastic, etc.), and can be pushed to ServiceNow or Jira as change records and incident updates. For regulated industries, this audit capability is foundational to compliance.

Ops Singularity integrates with over 120 enterprise tools out of the box, including:

• Monitoring: Datadog, Dynatrace, New Relic, AppDynamics, Splunk, Prometheus, Grafana
• Cloud: AWS CloudWatch, Azure Monitor, Google Cloud Operations Suite
• ITSM: ServiceNow, Jira Service Management, Freshservice, BMC Remedy
• Alerting: PagerDuty, OpsGenie, VictorOps, Opsgenie
• Collaboration: Slack, Microsoft Teams, Google Chat
• Kubernetes: Native K8s API, Helm, ArgoCD, Rancher

If you use a tool not on this list, our Connector SDK allows custom integrations, and we regularly add new connectors based on customer requests.

Our ServiceNow integration is bidirectional and deep. Sentinel AI can: read open incidents and change records from ServiceNow, create and update incident tickets automatically when it detects and resolves issues, log all MOP executions as change records, and trigger approval workflows in ServiceNow for high-impact actions.

We also offer a Sentinel AI app on the ServiceNow Store that embeds Sentinel's investigation and recommendation engine directly into the ServiceNow incident interface - so your ITSM team sees AI-powered context without leaving ServiceNow.

Yes. Ops Singularity exposes a full REST API and GraphQL API covering: signal ingestion, incident management, MOP triggering and status, audit log export, configuration management, and dashboard metrics.

We also provide Webhooks for event-driven integration with internal tooling, a Python SDK for programmatic automation, and Terraform providers for infrastructure-as-code configuration management.

Yes. Sentinel's Incident Communication Engine automatically posts updates to designated Slack channels or Teams channels at configurable intervals during an active incident. Updates include: current severity assessment, investigation status, what Sentinel is doing (or has done), and estimated resolution time.

You can also create a dedicated war room channel per incident, with Sentinel as an intelligent bot participant - answering diagnostic queries, posting timeline updates, and summarizing the post-incident report when the issue is resolved.

Ops Singularity is certified under:

• SOC 2 Type II - annual audit covering security, availability, and confidentiality
• ISO 27001 - information security management system certification
• GDPR - data processing agreements available for EU customers
• HIPAA - Business Associate Agreements available for healthcare customers
• FedRAMP In Process - for US Federal and public sector customers

Security audit reports and certifications are available to prospective enterprise customers under NDA. Contact your account team to request them.

Ops Singularity processes signal metadata (events, metrics, log summaries) to power Sentinel's investigation and decision-making. Raw log content and payload data are never stored in Ops Singularity - only the structured metadata needed for correlation and root cause analysis.

For customers with strict data residency requirements, we offer regional deployment options (US, EU, APAC) and a private cloud/on-premises deployment model where all processing stays within your own infrastructure. No customer data is used to train shared models.

Sentinel uses least-privilege service accounts with scoped permissions for each integration. We support OAuth 2.0, API key vault integration (HashiCorp Vault, AWS Secrets Manager, Azure Key Vault), and role-based access control that mirrors your existing IAM policies.

All credentials are encrypted at rest (AES-256) and in transit (TLS 1.3). Sentinel never stores plaintext credentials, and all authentication events are logged in the platform's security audit trail. Permission scopes are reviewed as part of our onboarding security review.

Yes. We offer a fully on-premises deployment option where Ops Singularity runs entirely within your data center or private cloud. This includes the Sentinel AI engine, the MOP execution runtime, the dashboard, and all data storage. No data leaves your perimeter.

Air-gapped deployments are supported for government and defense customers, with offline model updates delivered via verified artifact packages. Contact our enterprise team for architecture details specific to your security requirements.

We support three deployment models to match your operational and compliance requirements:

• SaaS (Cloud-Hosted): Fastest to deploy, fully managed by Ops Singularity, available in US, EU, and APAC regions. Ideal for most enterprise customers.
• Private Cloud / VPC: Deployed into your AWS, Azure, or GCP environment. We manage the application, you own the infrastructure and data. Popular with financial services and healthcare customers.
• On-Premises / Air-Gapped: Fully within your data center. Full customer control. Supported for defense, government, and high-security enterprise environments.

All three deployment models support the full Sentinel AI feature set.

For SaaS deployment, there are no infrastructure requirements on your side beyond network connectivity to our platform endpoints and outbound API access to your monitoring tools.

For on-premises deployment, minimum requirements are a Kubernetes cluster (K8s 1.24+) with 8 vCPU / 32 GB RAM for a standard installation, scaling to 32+ vCPU / 128 GB RAM for large enterprise deployments processing millions of events per hour. Full sizing guidance is provided during scoping.

Sentinel AI ships with pre-trained models covering common infrastructure patterns - so it is not starting from zero. However, it does run a 2-week baselining period to learn your specific environment's normal state: typical traffic patterns, expected error rates, service dependencies, and historical incident patterns.

During baselining, Sentinel observes and learns but does not act autonomously. Once baseline is established, confidence scores calibrate quickly. Customers typically achieve production-grade autonomous resolution on their most common incident types within 3-4 weeks of go-live.

Ops Singularity is priced on a subscription model with tiers based on the scale of your environment - primarily measured by monitored node/service count and event throughput volume.

We offer three tiers: Enterprise for organizations with 500-5,000 managed nodes, Enterprise Plus for 5,000-50,000 nodes, and Strategic for hyperscale or multi-site global deployments. All tiers include the full Sentinel AI feature set; higher tiers include additional compliance modules, dedicated support, and SLA guarantees.

Pricing is annual subscription with multi-year discount options. Contact our team for a custom quote based on your environment size.

Ops Singularity is built for enterprise environments and has a minimum engagement size suited to organizations with significant infrastructure complexity. We are currently not serving startups or teams under 50 people.

All contracts start at a 1-year minimum term. We recommend starting with a 30-day Proof of Value engagement before signing, which allows you to validate ROI in your own environment before committing.

Based on data from our enterprise customer base, typical outcomes within the first 90 days include:

• 73% reduction in mean time to resolution (MTTR) for automated incident types
• 89% reduction in after-hours on-call alerts that require human intervention
• 40% reduction in total incident frequency due to Sherlock's proactive optimization
• 60% reduction in NOC operational costs for covered incident categories

The financial ROI typically exceeds 3x within the first year, driven by reduced downtime costs, lower on-call burden, and ops team time freed for strategic work. We provide a formal ROI model during the scoping process using your own environment data.