UX - Consider how we want third party secure integrations to appear
There are a few jobs to be done
- A person wishes to add a third party integration
- A person wishes to enable a third party integration / scan into the pipeline
- A person wishes to disable a third party integration / scan into the pipeline
- A person wishes to remove a third party integration
- A developer views new scan in MR
- A dev or analyst views new scan in dashboard
- A dev or analyst interacts (views) details of a finding
- A dev is presented a solution to a finding in an MR
- A compliance person or dev or analyst wishes to see report(s) in detail somewhere
After the Engineering Discovery completes for the Epic: Enable Secure Stage Third Party Integrations
As a result we need to consider how we will
- Enable a user to setup a third-party integration for a secure, compliance or policy configuration. hopefully this can be in the same place and similar to our other integrations. Feel free to consider MVC integration (step by step lots of items like tokens and apis and webhooks), if there is time consider what a close-partnership might look like (where engineering teams work together to simply it to one step)
- Display third-party scans in an MR widget - MR widget needs to also extend to Security, Compliance, Policy, and Other
- Allow third-parties to offer solutions in the form of MRs
- Display third-party scans within the security dashboard - Also some of these might be beyond security - should there be a different dashboard, or just a secure, compliance, policy rename?
- How should the Vulnerability information (pop up) (which in some cases is NOT a vuln but a policy or compliance fail) be different?
- where can we put detailed reports to view if they are policy or compliance?
Are there any other touch points i am forgetting? (integration, MR, Dashboard, vuln pop up, report)
Overall - we have a current mental model that everything is a vulnerability, we need to extend that out (and potentially need to talk that out with the compliance team. "Finding?"
Reference Items
Edited by Nicole Schwartz