Triage & Response

From finding to
fixed.

Every finding deserves a decision. codelake gives your team a structured triage workflow with documented reasoning, AI-powered remediation, and full case management.

No more spreadsheets. No more "we'll fix it later." Every vulnerability gets a status, an owner, a reason, and an SLA.

Start free — no credit card See all features
Triage Console

$ codelake triage --project acme-api

 

▸ Loading findings for acme-api...

  23 findings · 2 critical · 8 high · 9 medium · 4 low

 

CL-2847  SQL Injection — /api/users/search

  Status: OpenConfirmed

  Owner: sarah@acme.io · SLA: 24h

 

✓ AI remediation generated · 3 code patches ready

✓ Decision documented · Audit trail updated

Split-Screen Triage

Findings list left. Code detail right.

The triage console is designed for speed. Your findings list on the left, the full code context and remediation options on the right. Navigate with keyboard shortcuts, triage in seconds.

sort Triage Console acme-api · Scan #142
23 findings · 2 critical · 8 high
CRITICAL CL-2847

SQL Injection via user search

/api/users/search · Line 142

CRITICAL CL-2848

Missing auth on /admin endpoint

/routes/admin.js · Line 8

HIGH CL-2849

Unrotated AWS secret key

config/aws.js · Line 3

HIGH CL-2850

XSS via unsanitized output

/views/profile.ejs · Line 67

+ 19 more findings
CRITICAL SQL Injection via user search

Vulnerable Code

// /api/users/search — line 142

const results = await db.query(

  `SELECT * FROM users WHERE name LIKE '%${req.query.q}%'`

);

Data Flow

User input from req.query.q flows unfiltered through the search controller into the database query. Affects user table containing PII (email, phone, address).

Status Workflow

Every finding follows a structured path.

No more ambiguity. Every finding moves through a defined workflow with documented decisions. Auditors see exactly who decided what, when, and why.

radio_button_unchecked

Open

New finding detected

check_circle

Confirmed

Verified as real issue

verified

Fixed

Remediation applied & verified

visibility_off

Ignored

Accepted risk with reason

do_not_disturb_on

Dismissed

False positive with explanation

edit_note

Documented Decisions

Every status change requires a reason and optional comment. Build an audit-ready decision history for every finding.

history

Full Audit Trail

Who changed the status, when, and why. Every triage action is logged with user identity and timestamp for compliance.

keyboard

Keyboard-First

Navigate findings with arrow keys, triage with shortcuts. C to confirm, D to dismiss, I to ignore, F to mark fixed. Built for speed.

AI Remediation

Don't just find it. Fix it.

codelake doesn't just show you what's broken. It generates context-aware code patches that understand your application's architecture, dependencies, and coding style.

  • auto_fix_high

    Context-Aware Patches

    Remediation code that fits your framework, your coding conventions, and your dependencies.

  • difference

    Diff Preview

    See exactly what will change before applying. Review the fix in a side-by-side diff view.

  • content_copy

    One-Click Apply

    Copy the patch or create a pull request directly from the triage console.

  • school

    Learn & Explain

    Every fix includes an explanation of the vulnerability and why the patch works. Upskill your team while you fix.

auto_fix_high AI Remediation 3 patches ready

Suggested Fix

// Use parameterized query

const results = await db.query(

  'SELECT * FROM users WHERE name LIKE ?',

  [`%${req.query.q}%`]

);

Why this fixes it

Parameterized queries separate user input from SQL logic, preventing injection. The database driver handles escaping automatically.

Security Case Management

Track every vulnerability like a case.

Every finding gets a unique case ID, an assigned owner, and an SLA. Track remediation progress across your entire organization with full visibility.

tag

Case IDs

Every finding gets a unique, trackable ID (e.g., CL-2847). Reference cases in PRs, Slack messages, and audit reports.

person

Owner Assignment

Assign findings to team members. Auto-assign based on code ownership, file paths, or team structure.

timer

SLA Tracking

Set SLA policies per severity. Critical: 24h. High: 72h. Medium: 7d. Get alerted before SLAs breach.

monitoring

Progress Tracking

Dashboard view of all open cases, SLA status, team workload, and remediation velocity across projects.

Case ID Finding Severity Owner Status SLA
CL-2847 SQL Injection via user search CRITICAL sarah@acme.io Confirmed 18h remaining
CL-2848 Missing auth on /admin CRITICAL james@acme.io Fixed Resolved
CL-2849 Unrotated AWS secret key HIGH mike@acme.io Open 48h remaining
error Finding Detail CL-2847
CRITICAL SQL Injection via user search

File

/api/users/search.js:142

Scanner

SAST + Data Flow

First Seen

Mar 15, 2026

Occurrences

3 locations

140 async function searchUsers(req, res) {

141 const query = req.query.q;

142 const results = await db.query(`SELECT * FROM users WHERE name LIKE '%${query}%'`);

143 res.json(results);

144 }

Findings Slide-In Panel

Everything you need in one panel.

Click any finding to open the slide-in detail panel. See the severity badge, the vulnerable code snippet with line numbers, data flow context, and triage buttons — all without leaving the list.

  • Severity badge with visual color coding
  • Syntax-highlighted code snippet with line context
  • Data flow trace from input to sink
  • One-click triage buttons (Confirm / Dismiss / Ignore)
  • AI remediation suggestion with diff preview
  • Assignment, comments, and SLA info

Stop triaging in spreadsheets.

codelake gives your team a structured triage workflow with AI remediation, documented decisions, and full case management. Start triaging smarter today.

Start free — no credit card View pricing