Skip to main content

UX Feedback 2026-02-20

Fonts

Many fonts are very tiny, there’s a lot of white space — and font size inconsistency. Let’s ask Claude to normalize fonts - 5 sizes max - mapped to each specific element, e.g.

  • Page title
  • section title
  • metric value
  • body text
  • meta text

Instruct it to make UI feel executive, structured, deterministic, and calm. It should NOT feel like a developer console, an analyst dashboard, or a startup prototype.

Do not use fonts <12px.

Do not use lighter than 400 weight text.

Do not mix font sizes inside a single row unless hierarchy requires it.

Replace “SV0 Platform” with “SecurityV0”

Home page

Runtime

Make Runtime Dominant — add “Observed Autonomous Execution (30d)” title

  • Tile1: Total executions
  • Total executions (big number)
  • Δ vs prior 30d — OK if we don’t have it today
  • Tile 2: Executed paths
  • Total executed paths (big number)
  • Δ vs prior 30d — OK if we don’t have it today
  • Tile 3: keep the existing Dormant but Privileged — change the wording to add “Dormant”
  • Tile 4: keep invalid ownership

Clusters

Remove Tag chips like “orphaned ownership”, “reachable sensitive domain” (redundant) and long descriptive text.

Rebuild based on this design - this is validated in multiple iterations:

(we can adjust fonts later)

image.png

Cluster details

We will unify & combine cluster detail view (dashboard) with Authority Path Table. Clicking on a risk cluster will take the user to a path table view (filtered) that will only show those authority paths AND a header that clearly identified which cluster / filter we’re on.

image.png

From the header,

  • Remove sensitivity (e.g. “critical”)
  • Remove tag pills (”orphaned ownership”, “reachable sensitive domain”).

Authority Path Table

“sensitivity”

  • Remove

Domains

  • Ensure data domain can accept multiple domains - because it reality one path can reach both HR and Customer data at a time.

Columns

  • Column order:
  • Authority path ID
  • authority path name (BOLD text)
  • 30d Runs (BOLD text)
  • Last execution
  • 30d Trend, % (executions last 30d vs previous 30d — as a % increase / decrease)
    • +14% vs previous 30d
    • −22%
    • New (no prior baseline)
  • Findings
  • Ownership (valid / invalid / unknown)
  • Egress
  • Status
  • First seen

Authority Path Details

Order:

  1. Header + risk sentence
  2. Runtime Activity (dominant)
  3. Ownership by Object
  4. Findings strip
  5. Execution path diagram / graph
  6. Autonomous Execution Model
  7. Deterministic Identity Linkage
  8. Audit Metadata (collapsed)

Redesign the header in line with the Sketch mockup:

  • Keep the current name structure
  • Add the risk sentence (”autonomous authority path actively executing…”)
  • Add a line when it was verified
  • Remove the current data domain and tags like active, critical, confidential.

image.png

Add “Runtime Activity” bar

Immediately under the path header and above the diagram add a new horizontal block: Runtime Activity (30d)

Split into two columns:

Column 1

Big number:

  • 9 executions

Below:

  • Last execution: 3h ago
  • Δ vs prior period
  • First observed

Column 2 (narrower)

  • Source telemetry: Entra sign-in logs
  • Service telemetry: Foundry workload logs
  • API invocation observed
  • Sample execution: Feb 16, 10:42 AM

Ownership by Object

Remove primary / secondary etc. Instead, show fixed rows, no clicking:

  • Automation / Agent owner (the “biz owner”)
  • Owner: ___ or Invalid if it’s not valid or enabled
  • If invalid, show “Since xxd”
  • Service principal owner (runtime identity)
  • Owner: ___ or Invalid
  • If invalid, show “Since xxd”
  • App registration owner (config identity) (only if you truly have it; otherwise hide row)
  • Owner: ___ or Invalid
  • If invalid, show “Since xxd”

Add a “Findings” bar

  • Only show tiles that have info:
  • Sensitive: FIN (since 109d)
  • Sensitive: Customer (since 1d)
    • note that there can be multiple sensitive data domains reached — which means that we will need a tile for each
  • LLM Egress (Since 10d)
  • Allow each to expand for details (long text)
  • Keep “active” status per finding
  • Do not include “risk” status (”medium”) — we do not risk score

Findings timeline

Remove “Finding timeline” timeline block — it’s duplicative

Authority path

Rename “Authority Path Diagram” —> “Execution Path”

Deterministic linkage

Add the deterministic linkage block as in the mockups

image.png

Authority state

keep it at the bottom of the page, rename to Autonomous Execution Model

Display:

  • Client credentials
  • No human session
  • Federated OIDC

Rename section:

Identity binding

Just as in the mockup, bottom half of the page, just above Autonomous Execution Model. Name Deterministic Identity Linkage and include:

  • Relationship: RUNS_AS
  • Protocol: OIDC (Federated)
  • Verified match: sub_id → workload-42

image.png

Automation metadata

Rename to “Audit Metadata” and place at the bottom.

image.png

  • Auth chain depth → remove
  • Composition hash → keep
  • Sync version → remove