Closed privateducky closed 1 day ago
I think the navigation is a natural place for this to live. The labels listed here are only slightly helpful and there's no reason for it to be strictly this size.
Why don't we just expand this out further so people know what each section of the attack surface is?
@storbeck you're probably right; this seems very natural
Here is a first attempt.
Reasons for changes: (reference above comment for original)
I also believe that we should change the icon for seeds, typically this is recognizable as a database icon, which seeds are not.
This is pretty good.
One thing on my coming soon list, is to express "coverage" (the things we're testing for that produce risks). That may fit into the overall design we move toward here.
I think updating the descriptions + icons is a must-have. But I think we'll need to go a step further to provide the more in-depth information. One possibility is to copy the concept you built into the add-seeds modal, which expresses everything I need to know about seeds. Is that transferrable (conceptually) to assets and risks? As in, is there a natural point in the experience that we can thread that level of detail in?
One possibility is to copy the concept you built into the add-seeds modal, which expresses everything I need to know about seeds. Is that transferrable (conceptually) to assets and risks?
We can definitely do that for Add Risks
but we have no Add Asset
modal.
Put an info icon next to the page header (Seed/Asset/Risk) that when you click it, the page expands below to give a sentence or two description of what the object is.
I've add a tooltip on-hover as that's how all our other tooltips work, but we can set it to be on-click if that's what is preferred.
This info icon + hover-over is a great addition.
I wonder if we should pull add-seed and add-risk options out of the actions menu and make them more accessible? if we did that, we could add an add-asset to be consistent (we support it on the backend and CLI).
Note: add-risk will be getting a slight makeover next week, as we allow users to create risks without specifying an asset first.
We display content about what a seed is, when you first start using the application and again when you click to 'add more seeds' but we don't offer similar in-app content about what an asset or risk represents.
We should look for a location in the app to make this data readily available.
Examples: