-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution] Coverage overview test plan #165530
Conversation
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
Pinging @elastic/security-solution (Team: SecuritySolution) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@dplumlee good job writing such a detailed test plan 👍
I left a number of comments where I have doubts or suggestions. Feel free to push back if you think I'm not right. My point is we should be specific we expect the dashboard is rendered and not just rule data as it's too generic. While the dashboard is rendered
can be expanded in the Terminology
section. It also good to know @vgomez-el's opinion.
I also found some misprints (according to my spell check plugin). I'm not sure if you use one but if not I recommend to install one.
@@ -0,0 +1,191 @@ | |||
# Coverage Overview Dashboard | |||
|
|||
This is a test plan for the Mitre Att&ck coverage overview dashboard |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: Instead of giving an explanation sentence here it could be just a header part so the header'd look like Coverage Overview (Mitre Att&ck) Dashboard Test Plan
...on/docs/testing/test_plans/detection_response/rule_management/coverage_overview_dashboard.md
Outdated
Show resolved
Hide resolved
...on/docs/testing/test_plans/detection_response/rule_management/coverage_overview_dashboard.md
Outdated
Show resolved
Hide resolved
...on/docs/testing/test_plans/detection_response/rule_management/coverage_overview_dashboard.md
Outdated
Show resolved
Hide resolved
...on/docs/testing/test_plans/detection_response/rule_management/coverage_overview_dashboard.md
Outdated
Show resolved
Hide resolved
...on/docs/testing/test_plans/detection_response/rule_management/coverage_overview_dashboard.md
Outdated
Show resolved
Hide resolved
...on/docs/testing/test_plans/detection_response/rule_management/coverage_overview_dashboard.md
Show resolved
Hide resolved
...on/docs/testing/test_plans/detection_response/rule_management/coverage_overview_dashboard.md
Outdated
Show resolved
Hide resolved
...on/docs/testing/test_plans/detection_response/rule_management/coverage_overview_dashboard.md
Outdated
Show resolved
Hide resolved
...on/docs/testing/test_plans/detection_response/rule_management/coverage_overview_dashboard.md
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In general the test plan looks great, great job @dplumlee. IMO, I am missing the following scenarios:
- When user clicks on a tile, a popover is displayed, and the popover title links to the proper MITRE ATT&CK technique definition. (I know this can be tedious to automate/ check, but if we offer that functionality, we should assure that it works as expected)
- Upgrade scenarios from versions 7.17 or lower 8.X versions to assure that upgraded rules are properly displayed on the dashboard
- Expand/colapse cells behaviour and data properly displayed ( would be nice to include checks for small screens size behaviour)
I know the previous three points are difficult to automate, but at least we should add the scenarios to the test plan, even if they are not suitable for automation
...on/docs/testing/test_plans/detection_response/rule_management/coverage_overview_dashboard.md
Outdated
Show resolved
Hide resolved
I do agree with @maximpn with |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@dplumlee thank you for addressing my comments
Summary
Addresses #162248
Adds the coverage overview test plan to the rule management test plan folder
Checklist
Delete any items that are not applicable to this PR.
For maintainers