Security dashboard should show dismissal details on issues
Problem to solve
As a security administrator, when I see an issue that someone has dismissed, I will want to see the details of the person who dismissed it (who, when, why, etc), without having to go digging for the info, so that I can contact them and understand why they dismissed it.
Target audience
- Sam, Security Analyst, https://design.gitlab.com/research/personas#persona-sam
Further details
This information is available to the developer persona when looking at the security report on either the pipeline or the MR, but it is not available to the security admin when looking top-down from the group security dashboard. The data is there, but we aren't exposing it where it is needed.
This is also showing poorly during demos of the security dashboard. This prevents us from showing the security admin use case that requires a top down demo path, as we can't show the dismissal of an issue without showing what a sec admin would do with that info without them having to go dig through the MR and pipeline details.
Proposal
On dismissed issues, from the security dashboard, add dismissal information (who, when, what, preferably also collect and make available why).
Design
Sepcs
What does success look like, and how can we measure that?
Security admin from security dashboard can get details on dismissed issues without having to leave the security dashboard.
What is the type of buyer?
Enterprise buyer
Links / references
Security dashboard dismissed issue details
MR/pipeline dismissed issue details of SAME vulnerability
