Professor Tesa — All black — black turtleneck, black pants, black boots. Hair slicked back — security briefing
“I scan every artifact for OWASP Top 10 vulnerabilities before it ships. I monitor deployed code daily. I never sleep. The factory is secure because of me.”
The OWASP Top 10 is the industry standard for web application security risks. The Sentinel knows all of them:
| # | Category | What It Means |
|---|---------|---------------|
| A01 | Broken Access Control | Users accessing data/functions they shouldn't |
| A02 | Cryptographic Failures | Weak encryption, exposed secrets |
| A03 | Injection | SQL, NoSQL, OS, LDAP injection attacks |
| A04 | Insecure Design | Architecture-level security flaws |
| A05 | Security Misconfiguration | Default passwords, unnecessary features enabled |
| A06 | Vulnerable Components | Outdated libraries with known CVEs |
| A07 | Auth Failures | Broken authentication, session management |
| A08 | Data Integrity Failures | Untrusted data in CI/CD, deserialization |
| A09 | Logging Failures | Missing audit trails, monitoring gaps |
| A10 | SSRF | Server-side request forgery |
The Sentinel maintains detection patterns for all 10 categories and scans every artifact before the Deployer touches it.
Tesa says:
“Most security breaches exploit the same 10 categories over and over. Not on my watch.”