news

Announcing Sentinel Nerd v2.0: AI-Powered Security for UniFi

Sentinel Nerd v2.0 is here with AI-powered threat analysis, a redesigned detection engine, new integrations, and a completely overhauled dashboard.

TM

Tony Martinez

#release #v2 #ai #announcement

Today we’re thrilled to announce Sentinel Nerd v2.0, the biggest update since we launched. This release brings AI-powered threat analysis, a completely rewritten detection engine, four new integrations, and a dashboard redesign that makes security monitoring genuinely enjoyable.

Let’s walk through everything that’s new.

AI-Powered Threat Analysis

The headline feature of v2.0 is our new AI analysis engine. Every alert that Sentinel Nerd generates can now be analyzed by GPT-4, giving you:

  • Plain-English explanations of what happened and why it matters
  • MITRE ATT&CK mapping to understand where the attack fits in the kill chain
  • Actionable remediation steps tailored to your UniFi environment
  • Context enrichment pulling in threat intelligence from multiple sources

Instead of staring at a raw syslog entry wondering if ET TROJAN Generic - POST To gate.php is something to worry about, you get a clear assessment: what the attacker is likely doing, how severe it is, and exactly what to do about it.

AI analysis runs on-demand, so you control which alerts get analyzed. Results are cached for speed, and we never send your raw network data to any third party — only the alert metadata needed for analysis.

Redesigned Detection Engine

Our detection engine has been rebuilt from the ground up. The new engine is faster, more flexible, and easier to customize:

  • YAML-based rules that are human-readable and version-controllable
  • Complex conditions with support for AND, OR, and NOT logic across multiple fields
  • Windowed aggregation to detect patterns over time (e.g., “5 failed logins in 10 minutes”)
  • Cross-source correlation to connect events from Network, Protect, Access, and Talk
  • Built-in simulator to test rules before they go live

We ship with over 50 pre-built detection rules covering the most common UniFi security scenarios. Every rule is documented, and you can customize thresholds to match your environment.

New Integrations

v2.0 adds four new alert delivery channels:

  • Discord — Perfect for teams already using Discord for operations
  • PagerDuty — Escalation policies and on-call routing for critical alerts
  • Custom Webhooks — Send alert data to any HTTP endpoint with customizable payloads
  • Microsoft Teams — Coming in v2.1 (currently in beta)

These join our existing Slack and email integrations. You can route different severity levels to different channels — critical alerts to PagerDuty, warnings to Slack, and everything to email for archival.

Overhauled Dashboard

The v2.0 dashboard has been redesigned with a focus on clarity and speed:

  • Real-time event stream with live updates as events flow in
  • Threat overview cards showing your security posture at a glance
  • Interactive timeline for investigating incidents across time
  • Device health grid with status indicators for every monitored UniFi device
  • Custom widgets so you can build the view that works for your workflow

The dashboard is fully responsive and works on tablets, so you can check your security posture from anywhere.

Active Response Improvements

Active Response, our automated threat mitigation system, gets several upgrades:

  • Dry run mode — See what actions would be taken without actually executing them
  • Approval workflows — Require human approval for high-impact actions
  • Auto-revert timers — Automatically undo blocks after a specified duration
  • Detailed audit log — Every action is logged with full context for compliance

Migration Guide

Upgrading from v1.x to v2.0 is straightforward:

  1. Detection rules are automatically migrated to the new YAML format. Review them in Settings > Detection Rules after upgrade.
  2. Alert channels carry over unchanged. New channels can be added in Settings > Integrations.
  3. Historical data is preserved. Your Elasticsearch indices are compatible with v2.0.
  4. API changes are minimal. The v1 API continues to work, but we recommend migrating to the v2 API for new features. See our API migration guide for details.

If you’re on a Pro or Enterprise plan, our team will assist with migration. Reach out to support@sentinelnerd.com and we’ll schedule a session.

What’s Next

v2.0 is just the beginning. Here’s what’s on our roadmap for the next few months:

  • Compliance reporting — Automated reports for SOC 2, PCI DSS, and ISO 27001
  • Multi-tenant support — Manage multiple client networks from a single dashboard
  • Mobile app — Native iOS and Android apps for on-the-go monitoring
  • UniFi Talk deep integration — SIP-level analysis and VoIP security monitoring

We build based on what our users need. If there’s a feature you’d like to see, join our community Discord or email us at feedback@sentinelnerd.com.

Get Started

If you’re already a Sentinel Nerd user, v2.0 is available now — just log in and you’ll see the new dashboard. If you’re new, start your 14-day free trial and see what AI-powered UniFi security monitoring looks like.

Thank you to everyone who tested the beta and provided feedback. This release is better because of you.

Here’s to a more secure 2025.

Share this article

Ready to secure your UniFi network?

Start your free 14-day trial today. No credit card required.

Start Free Trial