🎨 Design: DAST Project-level Scan Execution Policies

This is the design issue. Requirements are available on the parent epic.

initial ideation: 📽 overview

in-progress Figma file

Related MVC changes:

• 2a info-architecture change: new policies section under security section
• 3a policies UI, including new policy: schedule scan (dast)
• 3b edit policy (scan schedule)
• 4 create policy workflow UI and conditional text/selection logic (see prototype)
• create saved scan (when a DAST scan profile/scan doesn't exist or needs to be newly created) (later MVC - outside of scope)
• display scan results, scan records seen in 3b edit drawer, with anchor to related pipeline > security tab (results)
• remove policy history - pending question: will we be able to link to the scan results/findings? If not, where will the user retrieve this info.

Design

📽 Video walkthrough

🎨 Figma