Design: Presenting coverage-guided and API fuzz testing results
This issue is intended to determine the plans and designs for presenting fuzz testing results to our user, beyond what was done in the MVC issue.
Some specific items:
- Standalone vulnerabilities may not fit for fuzzing
- Fuzz testing produces additional data than those vulns can show today
- Fuzz test results have a different lifecycle than standalone vulns
This is what I think can be implemented.
- Problem statement: when there was a Fuzz testing job run, the findings need to be presented in vuln list, so that user can triage them
- Goal: present Fuzz testing results within the current Vuln Report List as a starting point and then improve it later
- Proposed solution with Figma file: https://www.figma.com/file/0Tk3EEGok9zuSoktvAJcgU/Fuzzing-Report?node-id=0%3A1
- Video walkthrough: https://youtu.be/IIjJ2iuTJ00
Future directions Exploration:
This is the future direction design that will be in a user research session
- Problem assumption 1: When fuzz testing result presented as "Unknown" severity, which is shown below severity "low" which gives the impression that "unknown" is not important, but actually "Unknown" is critical to triage
- Problem assumption 2: Fuzz testing results are faults when faults are labelled with "unknown" severity, within our current severity criteria, but if there is an unknown-finding-1 from SAST and unknown-finding-2 from Fuzz testing, they are not the same severity. It is not helpful we present users the same severity.
- Proposed solution with Figma file: https://www.figma.com/file/0Tk3EEGok9zuSoktvAJcgU/Fuzzing-Report?node-id=1%3A822
- Video walkthrough: