stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
51cf4bc16c5ec4cfd1131f0243a26435571d3039
git.stella-ops.org/docs/modules/ui/operations/risk-ui.md
master 4789027317 docs consolidation and others
2026-01-06 19:07:48 +02:00

901 B
Raw Blame History

Console Risk UI (Overview)

This document describes how risk and explainability concepts should surface in the Console.

Concepts to Surface

  • Verdict and “why”: a short, narrative explanation above the fold.
  • Evidence rail: links to proofs that justify each fact (SBOM, VEX, reachability, policy explain trace).
  • Risk signals: severity, exploit signals, exposure context, and confidence/uncertainty indicators.

Explainability Expectations

  • Every blocking decision must link to the policy gate and the evidence inputs that triggered it.
  • Uncertainty must remain explicit (avoid false safety when evidence is missing or conflicts exist).

References

  • Risk model overview: docs/modules/risk-engine/guides/overview.md
  • Policy explainability: docs/modules/risk-engine/guides/explainability.md
  • Vulnerability Explorer guide: docs/VULNERABILITY_EXPLORER_GUIDE.md