Business Problem:

Today, the Red Hat Advanced Cluster Security filtering capability is limited to positive/include filters. It can include Images, CVEs, Deployments, Namespaces, Clusters by name or label, and even Image components by source-type. In the workflows and questions that are often raised its frequently requested to combine those filters with an exclude.
To give an example, namespaces often are enriched with metadata such as environment/stage. It would be very interesting to e.g. show all deployments/vulnerabilities of namespaces that *don't* carry the label `environment=prod`. Based on the example given, it would be easy to see everything that is non-production and treat it accordingly.

Use Cases:

When assessing vulnerabilities reported by Red Hat Advanced Cluster Security it often is key to filter based on customer or platform demand. Meaning sometimes it's important to see very specific items while on the other hand, one is keen to see everything but one particular filter. Therefore having the ability to specify include and exclude filters would be practicle to provide much needed flexibility when reviewing vulnerabilities reported.

Key Functionality:

Include and Exclude capabilities available for all filters to select certain items one is looking for but then implement some exclude to reduce the list and not show potential not interesting data.

Benefits:

Much better user experience combined with a very much improved filter capability.
 

Timeline:

As soon as possible