►
From YouTube: Threat Insights Weekly Group Discussion
Description
Weekly meeting for the Secure:Threat Insights group
A
Let's
go
so
there
was
one
issue
around
displaying
vulnerabilities
by
age
in
the
security
dashboard,
so
I
figured
we
started
the
design
issue.
This
was
one
that
actually
met.
I
think
we
have
a
fantastic
epic
here
as
well
with
lots
of
pertinent
information
and
an
mvc
iteration
plan.
It's
nice
has
anyone
had
a
chance
or
jonathan
or
savage
either.
A
You
had
a
chance
to
look
at
this
design
issue
prior
to
this
today,
synchronously
sorry
about
that,
it's
okay,
I'm
going
to
share
my
screen
then,
and
I'm
going
to
pull
up
the
design
tabs
and
we
can
just
talk
through
it.
Okay,
so
matt
do
we
want
to
start
with
the
epic,
because
you
do
have
a
sort
of
a
several
step
solution
to
get
there.
C
Let's,
let's
actually
just
take
a
quick
look
at
the
visual
yeah,
because
I
think
it'll
make
sense
what
we're
we're
kind
of
targeting
here
and
why
I
thought
to
slice
it
up.
So
actually
andy.
Do
you
want
to
talk
through
this?
Since
it's
it's
your
design,
I
don't
want
to
use
all
the
wrong
words
on
this
one.
Oh.
D
Yeah
no
worries,
so
we
are
going
to
use
two
existing
graphs
that
will
be
able
to
be
interchanged
via
a
drop
down
and
basically
place
them.
I
believe
on
the
group
dashboard
to
start,
and
they
lay
out
the
segments
of
time
in
which
these
vulnerabilities
by
severity
fit
into
and
we're
only
considering
the
detected
and
confirmed
vulnerabilities
at
this
point.
For
these.
E
But
the
tooltip
shows
all
of
them.
That's
just
copy
paste.
D
Or
the
hover
state,
so
those
will
just
show
in
that.
D
Yeah
yeah
within
that
range,
so
those
will
be
our
kind
of
first
pass
at
creating
a
date
range
and
bringing
the
data
on
vulnerability,
severity
and
displaying
it
via
range.
C
Yeah,
so
this
the
reason
that
we're
looking
at
doing
this
one
is
this
is
kind
of
our
mvc
of
an
sla,
since
we
don't
have
any
way
for
customers
to
define
those.
This
is
a
pretty
frequent
request.
Is
it's
awesome
that
I
can
see
all
the
vulnerabilities
from
like
a
total
number
and
severity
over
time
from
a
trends
perspective,
but
I
want
to
know:
do
I
have
an
aging
problem
like
I
have
a
bunch
of
criticals
that
are
more
than
let's
say
60
days
that
are
still
in
that?
That's?
E
A
D
D
D
I
think
that
just
downloads
the
image
as
a
ping
I'm
very
uncertain,
so
that
actually
came
as
part
of
the
chart
widget.
Yes,
that's
built
into
our
widget,
so
gotcha,
okay,
if,
if
that
doesn't
make
it
in,
I,
I
don't
think
it's
gonna
be
a
deal.
Breaker
yeah,
it's
a
good
thing
to
kind
of
figure
out.
What
is
that
doing
whatever
it
is
in
our
gitlab
ui
project?
We
should
just
mirror.
D
D
New,
I
think
it
did,
but
eventually
with
this
the
idea
is,
we
could
eventually
start
leveraging
the
fact
that
we
can
turn
these
into
pings
and
when
we
do
pdf
report
exports,
we
can
just
rip
the
pings
out
at
the
same
time
if
they
wanted
visuals
while
exporting
the
vulnerability
report.
A
D
A
So,
from
a
planning
breakdown
perspective,
we
have
three
questions.
We
tried
to
answer
during
this
discussion
and
I'm
going
to
jump
back
over
to
the
agenda
to
look
at
them.
So
this
is
matt.
Sorry
jonathan
says
up
to
you
guys
to
decide
if
you
guys
think
this
is
ready
to
move
on.
Are
the
requirements
clear
enough
to
understand
the
intent
of
the
requests.
F
I
mean
I
I
think
so
I
mean
we
have
a
lot
of
the
data
already
coming
in
savas,
just
off
the
top
of
your
head.
Do
you
can
you
think
of
any
additional
information?
You
would
need
that
we're
not
already
sending.
E
So
we
would
just.
I
was
just
expecting
like
imagining
to
have
an
object
or
an
array
which
says
okay
last
30
days
this
and
then
you
have
an
array
or
object
of
you,
know
severities
and
numbers
so
that
we
can
select
them.
Okay,.
F
Yeah
I
mean,
I
think,
that
I
think
it's
pretty
clear
on
what
we'll
need
to
do
there.
E
So
we
need
to
date,
we
need
how
many
vulnerabilities
there
were
confirmed
and
detected.
I
guess
yeah
during
that
date
with
their
severities,
so.
A
Well,
so
actually
you
worked
with
these
charts
before
and
we
added
the
vulnerabilities
over
time.
I
assume
this
is
going
to
be
fairly
similar
to
that
so
experience.
E
Wise,
we
just
depend
on
the
back
end
that
the
backhand
serves
the
data.
I
don't
know
if
there
is
any
dependency
in
the
back
end,
but
for
the
front
end
there
shouldn't
be
any
dependency
other
than
the
the
endpoint
okay.
A
I
am
not
going
to
punish
you
guys
for
coming
to
this
meeting
by
assuming
that
you
will
be
doing
the
planning
breakdown
of
this
tiago,
and
I
will
get
this
assigned
off
to
a
front-end
and
a
back-end
engineer
to
create
the
implementation
issues
and
get
this
prioritized
into
an
upcoming
milestone.
C
C
So
the
thing
up
at
the
top-
this
was
my
suggestions,
but
my
preference.
I
will
say
the
reason
that
I
put
the
group
security.
Dashboard
first
is
two
primary
reasons.
The
first
is
we
are
seeing.
I
have
some
metrics
dashboards
in
sisense
group
level.
Functionality
is
increasing
much
more
quickly
than
any
of
the
other
areas
of
vulnerability
management
in
talking
with
customers.
C
They
seem
to
like
that
level
that
it
provides
a
lot
of
organizations.
I
think,
are
structured
in
such
a
way
that
it
makes
sense
for
them
to
operate
at
the
group
level.
So
that's
where
we're
going
to
get
the
most
value
first.
The
other
reason
is:
if
there
are
any
performance
concerns
they're
going
to
manifest
themselves
at
the
group
level,
I
think
more
more
severely
than
at
the
project
level.
E
E
I
was
thinking
like
first
to
create
the
component
and
then
we
can
just
reuse
it.
So
I
don't
think
it's
a
big
issue
for
the
front
frontend
that
we
start
from
the
group
or
from
the
from
the
secure
from
the
instance
level
or
project
level.
So
actually
we
had
an
issue.
I
think
daniel
created
that
a
couple
of
weeks
ago
that
90
of
the
functionalities
in
the
security
dashboards,
the
group
level
instance
level
are
similar.
So
we
were
so
and
we
have
three.
E
A
Thanks
for
bringing
that
up,
sebastian
probably
makes
sense
to
make
sure
that
that
optimization
issue
daniel
created
is
either
in
the
same
milestone
or
ahead
of
this
work.
C
That
sounds
great
because
I
I
can
see
pretty
much
all
the
charts
that
we've
talked
about
and
are
thinking
about
would
have
value
at
all
three
levels.
I
think
in
some
cases
we'll
see
stuff
that
maybe
doesn't
make
sense
on
the
project
level,
where
it's
meant
to
get
kind
of
a
group
level
perspective,
but
no
that's
fantastic.
A
Does
it
make
sense
from
a
planning
breakdown
perspective,
to
even
define
these
npcs
based
on
the
level
of
the
dashboard
that
we're
introducing
it
to?
Because
we've
done
that
in
the
past?
And
I
don't
know
it
from
a
issue
organization
perspective
that
helped
us
out
very
much.
It
got
a
little
confusing.
E
Can
you
please
elaborate
on
that
so.
A
Yeah
so
matt's
basically
kind
of
identified
three
iterations
that
we
can
take
or
three
different
nbcs
that
we
could
deliver
independently.
Based
on
what
you
just
said,
savage
I'm
not
sure
if
it
makes
sense
for
us
to
restrict,
say
the
first
nbc
just
to
the
group
security
dashboard.
I
know
there's
more
than
well.
No
at
this
point,
there's
not
even
other
navigation
to
consider.
You
know.
A
We've
already
got
the
page
there,
so
I
I'm
wondering
if
whoever
does
this
planning
breakdown
again,
not
saying
it's
going
to
be
you
guys
if
it
were,
if
it
would
make
sense
to
break
down
the
tasks
in
any
way
based
on
the
level
of
the
dashboard,
whether
it's
the
group
level,
project
level
or
security
center,
or
if
that's
just
going
to
confuse
things.
F
I
mean
on
the
back
end
it
once
you
have
the
first
iteration
through
it
should
be
fairly
quick
to
iterate
through
them,
so
to
have
them
as
each
individual
mvcs
seems
a
little
much,
but
I
mean
iteration
iterating
through
different
issues
would
make
sense,
but
not
I
don't
know
about
any
people
in
vcs.
Does
that
make
sense?
A
F
Yeah,
that's
that
seemed
yeah.
It
seems
like
it's
a
lot
because
I
don't
think
we're
gonna.
It's
not
a
very
big
jump
to
go
from
one
to
two
at
all.
It's
just
basically,
you
know
quick
off-the-cuff
thinking.
It
would
probably
be
sending
either
the
group
id
or
the
project
id
to
determine
the
projects,
and
it's
just
based
off
that
variable
which
projects
it
pulls
and
which
vulnerabilities
it
pulls,
and
so,
once
you
have
one
written,
it
would
be
fairly
quickly
to
do
the
other
ones.
E
On
the
front
inside
the
biggest
work,
it's
going
to
be
the
to
create
the
component
to
display
the
chart.
I
would
so
for
the
for
the
for
the
breakdown.
I
will
create
an
issue
for
that
and
then
for
each
dashboard.
We
need
to
add
a
query.
That's
that's
it.
So
the
data
they're
expecting
to
get
back
in
exactly
so.
It
could
be.
E
It
could
be
either
a
big
issue
with
you
know
three
sub
tasks
like
e
to
do's,
or
it
could
be
three
issues,
one
for
a
group
dashboard
one
for
project
and
then
those
issues
are
fairly
simple
because
it's
probably
just
going
to
be
copy
and
paste
and
then
change
a
bit
a
couple
of
fields
that
they
will
be
just
adding.
The
query.
A
We'll
let
whoever
gets
the
opportunity
to
do
this
planning
breakdown
make
that
decision
and
they
can
watch
this
video
to
get
input
from
the
team
on.
You
know
your
guys's
opinions,
so
one
thing
that
I'll
make
sure
is
clear
and
put
the
relationship
between
the
two
is
the
optimization
issue
that
you
were
referring
to
savash
around,
uniting
those
two
dashboards
and
making
sure
that
you
know.
We
consider
that
in
our
scheduling.
A
You're
holding
your
okay,
you
gotta
volunteer
yeah,
exactly
jonathan's
like
all
right.
Let's
just
stay
quiet
and.
A
F
Funny
thing
like
I
tried
to
get
like
my
touch:
the
touch
login
wouldn't
work.
It
was
so
cold.
Oh
seriously,
yeah.
A
Maybe
your
finger
your
fingerprints
were
just
frozen,
could
have.