R
Rosewood Rabbit
Currently we have the following high level requirements for Scorecard checks:
  1. Each check can be in tier level not just passed or failed. e.g. Vulnerabilities Found: <5; 5 - 50; >50. And conditionally for each Rule, Check, we need to be able to configure to take the entire category down. e.g. we have Security category which include 10 checks, I want to configure if one of 1, 3, 6, 7, 8 checks failed, the Security category will be in Bronze (i.e. 15 point for example). Currently each check has weight, but lets say if I have too many checks, configuring 1, 3, 6, 7, 8 checks to bring the entire Security down to 15 points would be hard since the total weights are 100
  2. For each category, we want to be able to treat each differently based on its severity. i.e. having weight for each category. E.g. I want Security to have more weight in the Overall Score calculated.
  3. For each Scorecard check, we want to be able to specify different scenario that the check is passed. e.g. Check A passes if 1 and 2 are passed, OR 3 and 4 are passed. If we can have nest condition of check rules, it would provide more flexibility
  4. For each check if failed, clicking on it should list the details of the rules so that owner knows what being checked. Current it only show Expect==, Actual==, It would be clearer to show like Expect Incident Count < 10, Actual Incident Count = 15
It would be good if the scorecard calculation is more sophisticated. Especially the nested condition, would make our config work more easier.