Frontend UI Strategy
AuroraSOC's dashboard is allowed to be comprehensively redesigned.
This is not a cosmetic exception. The current interface does not yet meet the standards required for a top-tier SOC analyst workspace.
Decision
The product team may redesign the dashboard, navigation model, page layouts, and shared UI primitives where needed to support:
- alert triage at scale
- case-centric investigation workflows
- approvals and action governance
- evidence and observable handling
- threat-intel pivoting
- professional dashboards, reports, and admin surfaces
Stack Position
The current frontend stack remains the default implementation base:
- Next.js
- React
- TypeScript
- Tailwind CSS
- Radix primitives
This stack is not being replaced by default. It is being treated as the current foundation.
Once UI Policy
Once UI may be used if it materially improves implementation speed and visual quality.
The approved adoption path is:
- run a short spike during the redesign foundation milestone
- validate whether Once UI helps with analyst workspace layouts, tables, forms, or command surfaces
- adopt it selectively if the result is clearly better and does not create unnecessary lock-in
AuroraSOC should not commit to a full framework migration before the analyst workflow contracts are stable.
Required UX Outcomes
The redesign must produce:
- a professional analyst workspace instead of list-detail pages only
- consistent data-table behavior across alerts, cases, SIEM, and threat-intel views
- approval and automation UX that is visible and actionable
- strong keyboard navigation and accessibility behavior
- a documented design system that future contributors can extend
Required Documentation
Any significant frontend redesign must update:
- user workflow documentation
- developer UI architecture documentation
- troubleshooting pages for the new interaction model
- screenshots or diagrams when behavior is materially different