Add wiki page: Executive-Dashboard-and-Reports

2026-05-22 12:33:07 +00:00
parent 73be05601e
commit 6e71348fd1
1 changed files with 215 additions and 0 deletions
--- a/Executive-Dashboard-and-Reports.-.md
+++ b/Executive-Dashboard-and-Reports.-.md
@@ -0,0 +1,215 @@
 # Executive Dashboard and Reports
 Aegis provides real-time dashboards, historical snapshots, and professional report
 generation for all stakeholders — from technical leads to C-suite executives.
 ---
 ## Dashboard Endpoints
 All dashboard endpoints require authentication but are accessible to all roles.
 ### KPIs
 ```http
 GET /api/v1/dashboard/kpis
 ```
 Returns the core metrics at a glance:
 ```json
 {
  "total_techniques": 742,
  "covered_techniques": 387,
  "coverage_percent": 52.2,
  "validated_tests": 312,
  "active_campaigns": 3,
  "open_alerts": 7,
  "last_snapshot": "2024-03-15T08:00:00Z",
  "organization_score": 64.8
 }
 ```
 ### Executive Summary
 ```http
 GET /api/v1/dashboard/executive
 ```
 Returns a narrative summary suitable for non-technical stakeholders:
 - Overall security posture statement
 - Coverage trend (improving/declining/stable)
 - Top 3 uncovered high-risk techniques
 - Recent key achievements (campaigns completed, techniques covered)
 - Open action items
 ### Coverage by Tactic
 ```http
 GET /api/v1/dashboard/coverage-by-tactic
 ```
 Returns per-tactic breakdown:
 ```json
 [
  {
    "tactic_id": "TA0002",
    "tactic_name": "Execution",
    "total_techniques": 13,
    "validated": 8,
    "partial": 3,
    "not_covered": 2,
    "coverage_percent": 84.6,
    "score": 76.2
  },
  ...
 ]
 ```
 ### Posture History
 ```http
 GET /api/v1/dashboard/posture-history?days=90
 ```
 Time-series data for trend charts (default: last 90 days):
 ```json
 [
  {"date": "2024-01-01", "score": 48.2, "covered_percent": 45.1},
  {"date": "2024-02-01", "score": 52.7, "covered_percent": 48.8},
  {"date": "2024-03-01", "score": 64.8, "covered_percent": 52.2}
 ]
 ```
 ### Activity Feed
 ```http
 GET /api/v1/dashboard/activity?limit=20
 ```
 Recent actions across the platform:
 - Tests validated
 - Campaigns completed
 - New lessons learned added
 - Alerts fired
 - MITRE sync completed
 ---
 ## Snapshots
 Snapshots capture a complete point-in-time record of coverage metrics. They enable
 trend analysis and before/after comparison.
 ### Creating a Snapshot
 **Manual** (leads, admin):
 ```http
 POST /api/v1/snapshots
 {"notes": "Pre-campaign baseline — March 2024"}
 ```
 **Automatic**: The system creates snapshots automatically:
 - After every campaign completion
 - After MITRE sync
 - On a scheduled basis (configurable)
 ### Listing Snapshots
 ```http
 GET /api/v1/snapshots?limit=10&offset=0
 ```
 ### Coverage Evolution (Trend)
 ```http
 GET /api/v1/snapshots/evolution?limit=50
 ```
 Returns time-ordered list of snapshots with key metrics — ideal for plotting a
 trend line of coverage improvement over time.
 ### Comparing Two Snapshots
 ```http
 GET /api/v1/snapshots/compare?a=<snapshot_id_1>&b=<snapshot_id_2>
 ```
 Returns a diff showing:
 - Techniques newly covered since snapshot A
 - Techniques that lost coverage
 - Score delta
 - Test count delta
 ### Deleting a Snapshot
 Only admins can delete snapshots:
 ```http
 DELETE /api/v1/snapshots/{id}
 ```
 ---
 ## Professional Report Generation
 Aegis can generate publication-ready reports in PDF, DOCX, or HTML format.
 These are available to: **admin, red_lead, blue_lead, and viewer**.
 ### Available Reports
 | Report | Endpoint | Description |
 |--------|----------|-------------|
 | Purple Team Campaign | GET /reports/generate/purple-campaign/{id} | Full campaign report with all tests |
 | Coverage Summary | GET /reports/generate/coverage-summary | Org-wide coverage status |
 | Executive Summary | GET /reports/generate/executive-summary | C-suite briefing, 2-3 pages |
 | Quarterly Summary | GET /reports/generate/quarterly-summary | Quarterly review with trends |
 | Technique Detail | GET /reports/generate/technique/{id} | Deep-dive on one technique |
 ### Format Selection
 Append `?format=pdf`, `?format=docx`, or `?format=html` (default: html):
 ```http
 GET /api/v1/reports/generate/executive-summary?format=pdf
 ```
 Response headers:
 ```
 Content-Type: application/pdf
 Content-Disposition: attachment; filename="executive-summary-2024-03-15.pdf"
 ```
 ### Report Content — Purple Team Campaign
 Includes for each test in the campaign:
 - Test title, technique ID and name, objective
 - Execution timeline
 - Red team findings (tool, command, output)
 - Blue team detection result and response
 - Validation status
 - Evidence thumbnails
 - Remediation status
 Plus campaign-level summary:
 - Detection rate (detected / total tests)
 - Coverage improvement delta
 - Top findings and recommendations
 - Executive narrative
 ### Report Content — Executive Summary
 - Organization security posture score
 - Coverage percentage vs last quarter
 - Top 5 technique gaps by risk
 - Recent campaign outcomes
 - Key recommendations for next quarter
 - Glossary of terms
 ---
 ## Raw Data Exports
 | Endpoint | Format | Description |
 |----------|--------|-------------|
 | GET /reports/coverage-summary | JSON | Coverage status per technique |
 | GET /reports/coverage-csv | CSV download | Coverage matrix for Excel/BI tools |
 | GET /reports/test-results | JSON | All test results with outcomes |
 | GET /reports/remediation-status | JSON | Remediation tracking per technique |