Goal Summary:

Speaking to my customer today they want to see:

It would be better if ACS had the functionality to show "I know about this CVE" even if we don't have that CVE in an image running on our Clusters. I think this problem needs to be a bug. It is not useful to have a security scanning tool that will tell let you know what CVEs it can scan for.

Goals and expected user outcomes:

The observable functionality that the user now has as a result of receiving this feature. Include the anticipated primary user type/persona and which existing features, if any, will be expanded. Complete during New status.

The customer wants to be able to query ACS to find out what CVE's it knows about along with the functionality above. 

Acceptance Criteria:

A list of specific needs or objectives that a feature must deliver in order to be considered complete. Be sure to include nonfunctional requirements such as security, reliability, performance, maintainability, scalability, usability, etc. Initial completion during Refinement status.

<enter general Feature acceptance here>

Success Criteria or KPIs measured:

A list of specific, measurable criteria that will be used to determine if the feature is successful. Include key performance indicators (KPIs) or other metrics., etc. Initial completion during Refinement status.

<enter success criteria and/or KPIs here>

Use Cases (Optional):

Include use case diagrams, main success scenarios, alternative flow scenarios together with user type/persona. Initial completion during Refinement status.

<your text here>

Out of Scope (Optional):

High-level list of items that are out of scope. Initial completion during Refinement status.

<your text here>