# Security Overview Dashboard

## Module
Web

## Status
VERIFIED

## Description
Consolidated security overview merging Analyze and Triage sections into a single security hub with release-aware finding counts and risk summaries.

## Implementation Details
- **Feature directory**: `src/Web/StellaOps.Web/src/app/features/security/`
- **Routes**: `security.routes.ts`
- **Components**:
  - `artifact-detail-page` (`src/Web/StellaOps.Web/src/app/features/security/artifact-detail-page.component.ts`)
  - `artifacts-page` (`src/Web/StellaOps.Web/src/app/features/security/artifacts-page.component.ts`)
  - `exception-detail-page` (`src/Web/StellaOps.Web/src/app/features/security/exception-detail-page.component.ts`)
  - `exceptions-page` (`src/Web/StellaOps.Web/src/app/features/security/exceptions-page.component.ts`)
  - `lineage-page` (`src/Web/StellaOps.Web/src/app/features/security/lineage-page.component.ts`)
  - `patch-map-page` (`src/Web/StellaOps.Web/src/app/features/security/patch-map-page.component.ts`)
  - `reachability-page` (`src/Web/StellaOps.Web/src/app/features/security/reachability-page.component.ts`)
  - `risk-page` (`src/Web/StellaOps.Web/src/app/features/security/risk-page.component.ts`)
  - `sbom-graph-page` (`src/Web/StellaOps.Web/src/app/features/security/sbom-graph-page.component.ts`)
  - `scan-detail-page` (`src/Web/StellaOps.Web/src/app/features/security/scan-detail-page.component.ts`)
  - `security-findings-page` (`src/Web/StellaOps.Web/src/app/features/security/security-findings-page.component.ts`)
  - `security-overview-page` (`src/Web/StellaOps.Web/src/app/features/security/security-overview-page.component.ts`)
  - `unknowns-page` (`src/Web/StellaOps.Web/src/app/features/security/unknowns-page.component.ts`)
  - `vex-hub-page` (`src/Web/StellaOps.Web/src/app/features/security/vex-hub-page.component.ts`)
  - `vulnerabilities-page` (`src/Web/StellaOps.Web/src/app/features/security/vulnerabilities-page.component.ts`)
  - ... and 1 more components
- **Source**: SPRINT_20260118_007_FE_security_consolidation.md

## E2E Test Plan
- **Setup**:
  - [ ] Log in with a user that has appropriate permissions
  - [ ] Navigate to `/security`
  - [ ] Ensure test data exists (scanned artifacts, SBOM data, or seed data as needed)
- **Core verification**:
  - [ ] Verify the dashboard loads without errors and displays summary cards/metrics
  - [ ] Verify data refreshes correctly and loading states are shown
  - [ ] Verify empty state is displayed when no data is available
- **Edge cases**:
  - [ ] Verify graceful handling when backend API is unavailable (error state)
  - [ ] Verify responsive layout at different viewport sizes
  - [ ] Verify accessibility (keyboard navigation, screen reader labels, ARIA attributes)

## Verification
- Run: `docs/qa/feature-checks/runs/web/security-overview-dashboard/run-001/`
- Date (UTC): 2026-02-11