Problem Statement:

A security product requires scanning container images and showing users the findings. Container images contain applications with their dependencies and all these components might have known vulnerabilities.

Product Requirements Document

1. Objective

   The objective is to build a security tool that scans container images for known vulnerabilities and provides actionable insights to users. The tool will help users identify critical or high vulnerabilities within their container images, prioritize which images to fix, and streamline the remediation process.

2. User Personas

   • DevOps Engineers: Need to ensure container images are secure before deploying them into production.
   • Security Analysts: Require detailed insights into vulnerabilities for proactive risk management.
   • Developers: Want to quickly identify and fix vulnerabilities within their container images.

3. User Stories

   • As a DevOps Engineer, I need to view a list of all container images and their associated vulnerabilities so that I can assess the security risk of each image.
   • As a Security Analyst, I need to filter images by the severity of vulnerabilities (Critical, High, Medium, Low) to prioritize which images require immediate attention.
   • As a Developer, I need to drill down into specific vulnerabilities to understand their impact and remediation steps so that I can fix the issues promptly.
   • As a user, I need to understand which container images have vulnerabilities and how severe they are. If there are any critical or high vulnerabilities, I need to address them by identifying which images require fixing. I have thousands of images in my repository. Help us create a product requirements document or wireframe that can assist users in solving these issues.

4. Key Features

   • Image Dashboard: Displays a list of container images with high-level details about the number of vulnerabilities and their severity.
   • Vulnerability Filtering: Allows users to filter images based on vulnerability severity (e.g., Critical, High, Medium, Low).
   • Detailed View: Provides a detailed breakdown of vulnerabilities for a selected container image, including description, severity, and remediation guidance.
   • Search and Sort Functionality: Users can search and sort images based on different parameters (e.g., name, number of vulnerabilities, severity).
   • Bulk Actions: Users can select multiple images and initiate actions like "re-scan" or "mark as reviewed."
   • Notifications: Alerts users when new vulnerabilities are detected in existing images.

5. Non Functional Requirements

   • Performance: The tool should be able to scan thousands of images without significant delay.
   • Scalability: The system should support growing image repositories as user needs expand.
   • Security: Secure access with role-based permissions to ensure only authorized users can view or manage vulnerabilities.

6. UI Requirements

   • The UI should be intuitive and easy to navigate.
   • Critical and high vulnerabilities should be visually highlighted.
   • The design should support both light and dark modes for user preference

7. Development Actions (Optional Task)

   • Backend: Develop API endpoints for scanning images, retrieving scan results, and filtering vulnerabilities.
   • Frontend: Build the UI for the image dashboard, filtering options, and detailed vulnerability views.
   • Database: Set up a database to store scan results, images metadata, and vulnerability details.
   • Security: Implement authentication and authorization for secure access to the tool.

Low-Fidelity Wireframes