UX Theme: Flexible scan result policy options

UX Theme

Flexible scan result policy options

---

Beneficiary

• Persona: Security Analyst
• Persona: Compliance Manager

Need & JTBD

• JTBD: As an application security engineer, I need to be able to configure approval policies that align with my organization's requirements so that I can avoid blocking approvals unnecessarily.

Business objective

Drive Ultimate revenue by expanding the number of organizations that will be able to use Scan Result policies.

Confidence

Confidence	Research
Medium	Custom feedback has been received on existing functionality.

Subthemes

Feature/solution subthemes

Prioritized list of design issues in this theme:

Priority	Item
1	🎨 Design: Support Role Based Approval Action for Scan Result Policies
2	Security Approvals not required when scans removed in MR
3	🎨 Design: Support Additional Filtering for Scan Result Policies
4	🎨 Design: Fix Security Approval Policy Notifications
5	Security Gate: When both merge conflicts and a security approvals are blocking the MR
6	🎨 Design Follow-up: Investigate validation of required approvals to avoid dead-end-rules
7	🎨 Design: Clarify the state of security approvals while the pipeline is still running
8	~🎨 Design: Allow users to prioritise security approval as first things in MR which needs to be checked

Research subthemes

Opportunity	Issue link	Research type