Triage & Response

Never miss a
critical alert.

A security alert inbox with configurable rules, severity-based routing, and multi-level escalation. The right alert, to the right person, at the right time.

Critical findings alert your on-call engineer via PagerDuty. SLA breaches notify the team lead via Slack. Weekly digests go to the CISO via email. All configurable per team, per project, per severity.

Start free — no credit card See all features
notifications Alert Inbox 3 critical 7 open 14 solved
error

Critical: SQL Injection detected in acme-api

2 minutes ago · Scan #142 · PagerDuty triggered

schedule

SLA Breach: CL-2849 overdue by 4h

1 hour ago · Escalated to team lead

trending_up

Regression: Fixed XSS finding re-appeared

3 hours ago · payments-svc · Slack notified

check_circle

Resolved: Missing auth on /admin endpoint

5 hours ago · Fixed by james@acme.io

Alert Inbox

Your security command center.

The Alert Inbox is where your team monitors security events in real time. Critical findings, SLA breaches, regressions, and resolved issues — all in one unified feed with filters and search.

error

3

Critical Alerts

Immediate action required

schedule

2

SLA Breaches

Overdue findings

trending_up

5

Regressions

Fixed findings that re-appeared

check_circle

14

Solved This Week

Successfully remediated

Alert Rules

Your rules. Your conditions. Your channels.

Define exactly when alerts fire, what severity threshold triggers them, and where notifications get routed. No more alert fatigue — only the alerts that matter.

  • tune

    Trigger Conditions

    Alert on new critical findings, SLA breaches, regression detections, scan failures, or custom conditions with boolean logic.

  • filter_alt

    Severity Thresholds

    Set minimum severity for each rule. Critical-only for PagerDuty, high+ for Slack, all severities for email digest.

  • alt_route

    Channel Routing

    Route each alert rule to one or more notification channels. Different rules can target different teams and channels.

  • snooze

    Suppression & Deduplication

    Suppress duplicate alerts for the same finding. Set cooldown periods to prevent alert storms during large scans.

tune Alert Rules

Critical Finding Alert

Active

Trigger

New finding

Severity

Critical only

Channel

PagerDuty + Slack

SLA Breach Warning

Active

Trigger

SLA 80% elapsed

Severity

High+

Channel

Slack + Email

Weekly Security Digest

Active

Trigger

Weekly schedule

Severity

All severities

Channel

Email digest

Escalation Policies

Unacknowledged alerts escalate automatically.

Define multi-level escalation policies to ensure critical alerts never go unnoticed. If the first responder doesn't acknowledge, the alert escalates to the next level — all the way up to management if needed.

Escalation Policy: Critical Findings

L1

Level 1 — Assigned Engineer

Immediate notification via Slack + In-App

If no acknowledgment in 30 min Escalate
L2

Level 2 — Team Lead

Notification via Slack + Email + PagerDuty

If no acknowledgment in 1 hour Escalate
L3

Level 3 — Security Manager / VP Engineering

Notification via PagerDuty + Email + Phone

Notification Channels

Deliver alerts where your team works.

codelake integrates with all major notification channels. Configure per-user preferences so every team member gets alerts in their preferred format and frequency.

web

In-App Notifications

Real-time notification bell in the codelake dashboard. Badge counts, sound alerts, and browser push notifications for critical items.

email

Email (Instant + Digest)

Instant email for critical alerts. Daily or weekly digests for non-urgent summaries. Configurable per user and per alert rule.

tag

Slack

Rich Slack messages with severity badges, finding details, and action buttons. Route to specific channels per project or team.

groups

Microsoft Teams

Adaptive Card messages in Teams channels with interactive triage buttons. Works with Teams Workflows for custom automation.

warning

PagerDuty

Trigger PagerDuty incidents for critical findings. Auto-resolve when findings are fixed. Integrates with on-call schedules.

webhook

Webhooks

Send alert payloads to any HTTP endpoint. Build custom integrations with your existing tools, SIEM, or internal alerting systems.

person

Per-User Notification Preferences

Every team member can configure their own notification preferences. Choose which channels, which severities, and which frequency — daily digest, instant, or muted. Preferences apply on top of team-level alert rules.

Stop missing critical security events.

codelake delivers the right alert, to the right person, at the right time. Configurable rules, multi-level escalation, and six notification channels — security events never slip through the cracks.

Start free — no credit card View pricing