Technical Discovery - Vulnerability report grouping

Vulnerability report grouping (&10164) is a large and complex project. UX is finalizing designs and conducting user research 16.3 and 16.4. During that time we will conduct a Technical Discovery.

The result of this technical discovery should be:

1. Updating the epic to ensure it remains the SSOT for the overall plan and resources.
2. Creation of additional discovery/spike issues
3. Creation of implementation issues

Open questions

Identify scope that is not currently supported

Scope not captured within the designs

Design gaps (eg. "what happens when you do X?")

UI code gaps (eg. "does our table component support X?")

Data gaps (eg. "does our data format support what is displayed in the UI?")

1. Group by OWASP Top 10 - #419092 (closed)
2. Group by CWE Top 25 - #422179
3. Group by pipeline - May not be required, wait for final UX design. See #419568 (comment 1515228803)

External teams we should engage (DB, infra, etc)

Risks

Identify if we should build a POC first

Identify MVC

Identify scope of first two milestones

Determine which work can be parallelized and which will be blocking (backend/backend, frontend/backend, etc).