lumina: proactive soc hub
The central nervous system for security notifications. Integrates disparate security feeds into interactive Microsoft Teams cards for rapid ownership and response.
Ownership tracking ensures no critical alert goes unacknowledged within defined thresholds.
Every interaction is logged to Azure Table Storage for compliance and reporting.
Core integrations with D3 SOAR, PagerDuty, Logic Apps, and more.
the problem: notification fatigue
when alerts are sent to general email boxes or static chat channels, they often get ignored or "double-handled". there is no clear ownership, and service level agreements (slas) are difficult to track in real-time.
soc productivity features
interactive ownership
transforms alerts from passive messages into active tasks. analysts can 'take ownership' directly from teams, updating the card for everyone else instantly.
api orchestration
direct integration with pagerduty, d3 soar, and custom azure logic apps to automate complex soc escalation workflows.
bot commands
custom /ticket, /oncall, and /travel commands allow analysts to trigger enterprise workflows without leaving the conversation.
auditable logging
every interaction, button click, and ownership change is persisted for long-term compliance and reporting in azure storage.
architecture highlight
lumina uses an azure function http trigger to receive alerts from any source system. it leverages the microsoft bot framework and azure blob storage to manage conversation references, enabling it to reach engineers in the right channel at the right time.