🎨 Design: Security dashboard: "Status trends" aka "Vuln Resolution Velocity Over Time"
Overview
The AppSec engineer and leadership need to understand the trend of the vuln resolution velocity. Based on that, they can better assess the risk of the application, forecast the future risk, measure the team execution and proficiency, prioritize their work, plan resource allocation, etc.
User goals
I want to make sure we're closing vulnerabilities at a faster pace than we're opening them.
Proposed solution
Providing the user a trend graph of total open vulns (Needs triage + Confirmed) together with closed vulns (Dismissed+Resolved). This type of trend graph allows the user to visually identify when the the pace of vulnerabilities being opened is higher than the pace of those being closed. This means the resolution velocity is not good enough.
Examples in the comments
Requirements
- Create the widget to show several trend graph on the same timeline
- Make this widget available for all scopes - Project / Group / Custom(TBD)
- Make this widget an action-driver - clicking on the numbers in the popover will take the user to the Vulnerability Report with the appropriate filter(s) applied (either from the panel-level and/or page-level)
- Panel data should be adjusted if the following filters are applied at the page level:
-
✅ Report type- Ex: If SAST filter is applied, this panel would show only open SAST vulns vs closed SAST vulns
-
✅ Project- Ex: If 5 projects in a group are selected, this panel would only show open vs closed vulns from those projects.
-
- The only panel-level customization available is if the user readjusts the time frame.
Questions
-
Should open vulns look at ones that are"still detected" and ignore "no longer detected"? (Closed vulns can include both).
-
How would archived vulns be reflected in these counts? Open and closed vulns can be archived. See #505229 (comment 2629447293)