InboundSecurity

Lacework + Alert24

Turn Lacework alerts into actionable incidents in Alert24, with on-call routing, escalations, and status updates.

Start Free Trial See Pricing

Receive Lacework cloud security and compliance alert notifications.

Auto-detected payloads

Alert24 recognizes Lacework webhooks out of the box and maps fields to incidents automatically.

On-call routing & escalations

Page the right engineer over SMS, voice, push, email, or chat with policy-driven escalations.

Auto-updating status pages

Promote incidents to a public or private status page with one click and keep customers informed.

Change correlation & AI RCA

Recent deploys, infra updates, and feature flag flips surface alongside the incident for faster root cause.

Quick Setup

Copy Webhook URL

Go to your Alert24 dashboard and copy the webhook URL for Lacework.

Configure Lacework

Add the webhook URL in your Lacework settings.

Auto-Detected

Alert24 auto-detects Lacework payloads and maps them to incidents.

Step-by-Step Setup Instructions

Lacework Webhook Setup

1.In Lacework Console, go to Settings → Notifications

2.Add a Webhook alert channel

3.Set the URL to the webhook URL shown above

4.Configure alert routing rules

5.Save

Example Webhook Payload

This is a sample payload that Lacework sends to Alert24 when an alert fires.

{
  "alert_name": "Anomalous API activity detected",
  "alert_type": "Critical",
  "source": "AWS CloudTrail",
  "details": "Unusual number of API calls from IAM user admin"
}

How Alert24 Maps Lacework Data

Status Field

alert_type

Message Field

alert_name

Auto-Create Incidents

Yes

Auto-Resolve Incidents

Status Mapping

Alert24 Status	Lacework Values
degraded	`Warning`
down	`CriticalHigh`

Connect Lacework to Alert24 in minutes

Free plan includes 5 monitors, 1 status page, and incident management. No credit card required.

Start Free Trial See Pricing

More Security Integrations

Microsoft Defender for Cloud

Inbound

Receive Microsoft Defender for Cloud security alerts via Activity Log webhook.

Microsoft Sentinel

Inbound

Receive Microsoft Sentinel SIEM incident notifications via Logic Apps webhook.

Snyk

Inbound

Receive Snyk vulnerability and license issue alerts via webhook.

SonarQube

Inbound

Receive SonarQube quality gate and analysis notifications via webhook.

Trivy

Inbound

Receive Aqua Trivy container and IaC vulnerability scan results via webhook.

Falco

Inbound

Receive Falco runtime security alerts via HTTP output.