Privacy Policy — Sentinel Watcher
Last updated: June 2026
Overview
Sentinel Watcher is a browser extension that monitors Microsoft Sentinel
and Microsoft Defender XDR portal tabs for new security incidents and
delivers audio and browser notification alerts to the user.
Data Collection
Sentinel Watcher does not collect, transmit, or store any personal data
on external servers. All data handled by the extension remains exclusively
on the user’s local device within the browser’s storage API.
Data Stored Locally
The following data is stored locally in the browser using the
chrome.storage.local API:
- Seen incident IDs: A list of incident identifiers already alerted
on, used to prevent duplicate alerts. These are internal Microsoft
Sentinel identifiers, not personal data.
- User preferences: Alert settings including sound on/off, volume
level, and severity filters.
- Alert log: A local history of up to 100 detected incidents
including title, severity, and detection timestamp.
This data never leaves the user’s device and is not accessible to the
extension developer or any third party.
Permissions Used
- notifications: To display browser notification popups for new incidents.
- storage: To persist seen incident IDs and user preferences locally.
- alarms: To schedule a 60-second background polling interval.
- tabs: To identify open Sentinel portal tabs for monitoring.
- scripting: To inject the monitoring script into portal tabs.
- Host permissions: To intercept incident data responses from
portal.azure.com and security.microsoft.com within the user’s
existing authenticated session. The extension does not initiate
independent requests to these hosts.
Third Parties
Sentinel Watcher does not share any data with third parties. It does not
use analytics, tracking, or advertising services.
Remote Code
Sentinel Watcher does not load or execute any remote code. All
JavaScript is bundled within the extension package.
For questions about this privacy policy, open an issue on the
GitHub repository.