Security dashboard component - Total Open Vulnerabilities per severity
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
What problem does the feature aims to solve?
The AppSec engineer would like to quickly understand and be able to investigate the current status of their app risk(Primary need) and have comparison with previous time (Secondary for this widget). The AppSec job is to both assess the risk, and the trend. This should allow a quick view into this
Proposed solution?
Providing the user a table of all currently open vulnerabilities (open - (resolved+closed)) for Critical/High/Medium/Low. An optional add-on can be showing a quick glimpse into the trend and compare the current number to the number a week or a month ago.
As we always aim to be action-driven, the widget will be clickable - once clicked on the issue number, this will take the user to the vuln report, with the filters enforced.
Examples
This is what exists today in the Vulnerability report
What is required:
- Make this widget available for all scopes - Project / Group / Custom(TBD)
- Make this widget an action-driver - clicking on it will enforce severity filters
- Include a minor trend as part of it. See comment with examples
- Improve visual representation - this widget is currently too big, not driving to the user to take action , and do not highlight the risk
What are the required timelines?
Q126