SO
SecOps WorkbenchDesign exploration · 21 of 21 screens · May 2026

Agentic security remediation, end-to-end

Fortify · Sonatype · Jira · GitLab feed an agentic Scrum team that triages, fixes, and ships under policy. Built on LangChain DeepAgents with Git-versioned playbooks. Every screen is governed by secops-policy@v3.2.

21
Screens
9
Pages
9
Drawers
3
Overlays
100%
Complete
Narrative thread

SEC-1745 · critical SQL injection in OrderRepository

Day 8 of Sprint 7. Alice has one ticket waiting for her final approval. Every screen points toward — or follows from — this single decision. The story enters at #07 Intake, reaches its crux at #19 Approval modal, and closes with the success toast at #21. Bordered cards below mark the 13 screens where SEC-1745 appears directly.

Policy loop · backup approver

Surfaced → pending → validated → live

Urgent action in #13 → pending T4 rule in #16 → validated against Sprint 6 in #17v3.3 promoted in #21.

Promotion loop · spring-csrf to T1

5 of 5 shadow runs → ready to graduate

Promote action in #13 → green-bordered candidate card in #14 → 100% success in #15 → shadow T1 pilot done in #17.

Remediation · contextual tabs 6
01SEC-1745
Remediation shell
Top bar, URL bar, 7-segment stage, contextual tab strip. The frame every tab inherits.
02SEC-1745
Overview tab
Next-action banner, closure blockers, acceptance criteria. The "what's pending" view.
03SEC-1745
Evidence tab
12 artifacts across 5 sources · grouped Scanner / Code / Tests / Policy / Reasoning.
04SEC-1745
Human Gates tab
Open / passed / future gates. Approver stacks, pre-check console, keyboard hints.
05SEC-1745
Regression tab
Class A verdict, before/after deltas, 6-check matrix, side-effect probes.
06SEC-1745
Verdict tab
Recommendation hero, approver votes with quoted comments, residual risk, rollback plan.
Top-level pages 3
07page
Intake
21 new findings · Triage Agent verdicts · 14 can-fix, 3 needs review, 4 too-complex.
08SEC-1745
Sprint
5-column kanban · 12 tickets · day 8/10 · 32 velocity points · 142k/500k tokens.
09SEC-1745
AgentBook
Chronological scrum thread · day-grouped · agents and humans post inline.
Utility drawers · slide-in right 9
10drawer
Integrations
7 sources · Fortify · Sonatype · Jira (degraded) · GitLab · Modal · LangSmith · Slack.
11SEC-1745
Agent Registry
5 agents · SCN · TRG · DEV (T1, working) · REV · ORC. Permissions inspectable, autonomy tiers visible.
secops-policy@v3.2
12drawer
Ceremonies
Sprint 7 Review & Retro Friday · 5 agenda items · past ceremonies with decisions & actions.
13drawer
Retro improvement backlog
9 action items · 4 shipped · 2 in progress · urgent: backup approver for crypto.
policy proposals
14SEC-1745
Playbooks & Skills
6 playbooks · spring-sql-injection@2.3 (T1, 12 uses) · spring-csrf ready for T1 promo.
15drawer
Metrics
MTTR 14h 22m · 98% DEV merge · token budget 28% · velocity trend across 4 sprints.
policy signals
16drawer
Production policy
14 rules across autonomy / recovery / audit / release gates · 1 pending (backup approver) · 4-version history.
policy editor
17drawer
Pilot & Replay
What-if sandbox · Sprint 6 replayed under v3.2 + backup-approver · 5 tickets re-routed.
policy validation
18drawer
Settings
Personal preferences · 6 sections · 2 policy-locked toggles · clear separation from org policy.
policy-bounded
Overlays 3
19SEC-1745
Approval modal
Centered · critical · diff preview required by policy · 3 of 4 approvers signed · ⌘+↵ to merge.
policy-enforced
20SEC-1745
Search overlay
Spotlight · ⌘+K · 9 results for "1745" across tickets, playbooks, ceremonies, people, commands.
21SEC-1745
Toast notifications
Bottom-right stack · 4 variants · merge confirm, policy promotion, budget warn, auto-rollback.
v3.3 promoted