Add richer content about major object types: seeds, assets, risks

[privateducky]

We display content about what a seed is, when you first start using the application and again when you click to 'add more seeds' but we don't offer similar in-app content about what an asset or risk represents.

We should look for a location in the app to make this data readily available.

Examples:

• Put an info icon next to the page header (Seed/Asset/Risk) that when you click it, the page expands below to give a sentence or two description of what the object is.
• Create a new landing page, that isn't risks. This page would have a top-level description of each object type in our system.

[storbeck]

I think the navigation is a natural place for this to live. The labels listed here are only slightly helpful and there's no reason for it to be strictly this size.

Why don't we just expand this out further so people know what each section of the attack surface is?

[privateducky]

@storbeck you're probably right; this seems very natural

[storbeck]

Here is a first attempt.

Reasons for changes: (reference above comment for original)

1. Seeds - This only talks about scope definition, it doesn't explain what a seed is clearly.
2. Assets - objects and elements associated with seeds (not clearly defined above) - this is almost completely non-informative and depends on knowing what a seed is.
3. Risks - This tells the person what to do but doesn't tell them what a risk is.

---

I also believe that we should change the icon for seeds, typically this is recognizable as a database icon, which seeds are not.

[privateducky]

This is pretty good.

One thing on my coming soon list, is to express "coverage" (the things we're testing for that produce risks). That may fit into the overall design we move toward here.

I think updating the descriptions + icons is a must-have. But I think we'll need to go a step further to provide the more in-depth information. One possibility is to copy the concept you built into the add-seeds modal, which expresses everything I need to know about seeds. Is that transferrable (conceptually) to assets and risks? As in, is there a natural point in the experience that we can thread that level of detail in?

[storbeck]

One possibility is to copy the concept you built into the add-seeds modal, which expresses everything I need to know about seeds. Is that transferrable (conceptually) to assets and risks?

We can definitely do that for Add Risks but we have no Add Asset modal.

Put an info icon next to the page header (Seed/Asset/Risk) that when you click it, the page expands below to give a sentence or two description of what the object is.

I've add a tooltip on-hover as that's how all our other tooltips work, but we can set it to be on-click if that's what is preferred.

[privateducky]

This info icon + hover-over is a great addition.

I wonder if we should pull add-seed and add-risk options out of the actions menu and make them more accessible? if we did that, we could add an add-asset to be consistent (we support it on the backend and CLI).

Note: add-risk will be getting a slight makeover next week, as we allow users to create risks without specifying an asset first.