Scope Security - OmniSight UI Enhancements
Scope Security is a healthcare cybersecurity company that created it's own detections for threats to hospital infrastructure and internal systems (i.e. - electronic health records, medical devices, and administrative access). Their client-facing UI, OmniSight, was to be used by the Security Operations Center (SOC) to assess Anomalies and determine whether or not they posed a viable threat to the hospital ecosystem to be investigated (Investigations), and provide follow up guidance to the hospital (Escalations).
Table Uniformity Across Tabs
The OmniSight UI had some quite advanced features, including Drop Zones that functioned across multiple browser windows (thanks to our Senior Frontend Engineer, who rebuilt the FE from scratch in 2021). When I joined Scope in May of 2022 my goal was to create a DesignOps workflow and smooth out any wrinkles in the OmniSight UI.
Drop Zones on Pages
The Anomalies and Investigations pages had Drop Zones, implemented with React, which triaged the Anomaly: Creating an Investigation promoted the incident to the Investigations tab, Closing as False Positive or Resolved marked the anomaly as closed and inactive.
Investigations Detail Pages
The Investigations Detail Page - where we see all related details of an Investigation - is a complex one. There is a lot of information to display, from the description to any child Escalations and original parent Anomalies and a case log of comments made by Security Analysts. The focal point on the right side of the page is a caret shape taken from the Scope Security logo which acts has a handle to pull open a side drawer, housing an audit log of all activity on the Investigation in the second image below.
Escalations Detail Page
At the time that I joined Scope, there was not an Escalations Detail Page. The goal was to create something similar to Investigations in terms of functionality, but altered to reflect that further step along the chain of assessment of the threat: the parent Investigation's description was included, the Guidance section contained the body of the Escalation instructions, with further comments to be added for expansion of details. Finally, files could be uploaded to an Escalation (future feature). Escalations would also have their own audit log using the same Scope Caret and side drawer.