Group Security Dashboard metrics MVC
Problem to solve
The Security Dashboard should target not just Security specialists, but also Director of Security as a tool to track how the handling of security vulnerabilities is going. This requires metrics and historical data about how many vulns have been spotted, addressed, solved, and how much time was spent for the complete cycle.
Further details
As a Director of Security, I expect to see in the Security Dashboard how the team is performing, if our process is working fast enough, if process changes are increasing or decreasing the performances of the team.
Proposal
Add a graph to the group security dashboard to show how many vulnerabilities are affecting the group of projects.
We can show daily numbers for the total amount of vulnerabilities, and independent values based on the severity. This data will be fetched from vulnerabilities reports stored in the database.
Design
| Final Design | Mobile |
|---|---|
 |
 |
| Popover 1-variable | Pop-over for 2 variables of the same number |
|---|---|
 |
 |
Design Specs: Spec previews for metrics in group security dashboard
A ~"product discovery" for this topic is available in https://gitlab.com/gitlab-org/gitlab-ee/issues/7091.