docs consolidation and others
This commit is contained in:
master
32
docs/modules/vuln-explorer/guides/explorer-using-console.md
Normal file
32
docs/modules/vuln-explorer/guides/explorer-using-console.md
Normal file
@@ -0,0 +1,32 @@
|
||||
# Vulnerability Explorer Using the Console
|
||||
|
||||
This document describes the operator workflow for triaging findings in the Console. It is intentionally evidence-first and audit-oriented.
|
||||
|
||||
## Workflow (Typical)
|
||||
|
||||
1. Start from the findings list filtered to the tenant/environment you care about.
|
||||
2. Open a finding to review:
|
||||
- Verdict and “why” summary
|
||||
- Effective VEX status and issuer provenance
|
||||
- Reachability/impact signals (when available)
|
||||
- Policy gate and explain trace
|
||||
3. Record a triage action (assign/comment/mitigation/exception) with justification.
|
||||
4. Export an evidence bundle when review, escalation, or offline verification is required.
|
||||
|
||||
## What to Expect in a Finding View
|
||||
|
||||
- Clear tenant context and artifact identifiers
|
||||
- Evidence rail (SBOM, VEX, advisories, reachability, attestations)
|
||||
- History/timeline of state changes and actions (append-only)
|
||||
- Copyable identifiers (finding ID, digests, correlation IDs)
|
||||
|
||||
## Offline / Air-Gap Notes
|
||||
|
||||
- When operating from Offline Kit snapshots, the Console should surface snapshot identity and staleness budgets.
|
||||
- Evidence bundle export is the primary bridge between online and offline review.
|
||||
|
||||
## References
|
||||
|
||||
- Console operator guide: `docs/UI_GUIDE.md`
|
||||
- Vulnerability Explorer guide: `docs/VULNERABILITY_EXPLORER_GUIDE.md`
|
||||
- Offline Kit: `docs/OFFLINE_KIT.md`
|
||||
Reference in New Issue
Block a user