What triggers a notification
RAIDEN sends an email when a new High or Critical case is created. These are the two severity levels that require same-day action.| Severity | Meaning | Notification sent |
|---|---|---|
| Critical | Active or confirmed account compromise | Yes |
| High | Strong indicators of attack | Yes |
| Medium | Suspicious but unconfirmed | No |
| Low | Unusual activity, low risk | No |
| Info | Contextual data, no direct risk | No |
Who receives notifications
Email notifications are sent automatically to all team members with the following roles:- Owner
- Admin
- Analyst
Adjusting notification settings
To change who receives notifications or to modify notification preferences:- Go to Settings → Notifications
- Adjust the settings for your team
If you want a Viewer to receive notifications, consider whether an Analyst role would be more appropriate for their responsibilities.
Getting urgent support
For active compromise situations that need immediate escalation, email support@raidenhq.com with URGENT in the subject line. RAIDEN prioritises these requests. For standard queries, include:- Your organisation name or tenant slug (found in Settings → Account)
- The Case or Alert ID if your question relates to a specific detection
- A brief description of what you expected to see and what you saw instead