update docs to better describe the combined interface

mitre-attack · Jun 23, 2021 · b19f767 · b19f767
1 parent 65b08a1
commit b19f767
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 19 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,6 @@
 # v4.4 - changes staged on develop
-- Added combined techniques search and multiselect feature in sidebar. See issue [#204](https://github.com/mitre-attack/attack-navigator/issues/204). 
+## Improvements
+- Combined the search and multiselect interfaces into a single UI. This allows groups, software, and mitigations to be filtered alongside techniques and improves usability by moving the interface to a sidebar. See issue [#204](https://github.com/mitre-attack/attack-navigator/issues/204). 
 
 # v4.3 - 29 April 2021
 ## New Features

diff --git a/nav-app/src/app/datatable/data-table.component.html b/nav-app/src/app/datatable/data-table.component.html
@@ -43,7 +43,7 @@
                 <div class="control-row-button noselect"
                     (click)="(viewModel.sidebarOpened = (viewModel.sidebarContentType !== 'search') ? true : !viewModel.sidebarOpened) && (viewModel.sidebarContentType = 'search')"
                     matTooltipPosition="below"
-                    matTooltip="search">
+                    matTooltip="search & multiselect">
                     <img src="assets/icons/ic_search_black_24px.svg"/>
                 </div>
             </div>

diff --git a/nav-app/src/app/help/help.component.html b/nav-app/src/app/help/help.component.html
@@ -703,31 +703,39 @@ <h2 id="help_Search_Interface">
                 Search & Multiselect Interface
             </h2>
             <p>
-                The search interface provides a text input to search through techniques in the matrix.
-                Toggles in the interface allow for searching of specific technique fields (name, ID, and description).
+                The search & multiselect interface provides the means to select or deselect techniques in the matrix 
+                that match a text query or that are mapped to groups, software, or mitigations. The text input
+                can be used to filter the lists of techniques, groups, software, and mitigations according to their data. 
+                You can select what fields of the objects are searched under "search settings:" <i>name</i>, 
+                <i>ATT&CK ID</i>, <i>description</i>, and (for techniques) <i>data sources</i> can all be searched.
             </p>
             <p>
-                The multiselect interface provides a way to quickly select and deselect
-                groups of techniques. The interface provides two types of groupings, threat
-                groups and software. Threat groups constitute related intrusion activity
-                tracked by a common name. Software constitutes software, malware
-                or utilities that use known techniques for intrusion.
+                The lists of objects below the search can be used to select data in the matrix. 
             </p>
+            <ul>
+                <li><b>Techniques:</b> this list can be used to find a technique alphabetically or one that matches the search query.</li>
+                <li>
+                    <b>Threat Groups:</b> threat groups constitute related intrusion activity tracked under a common name. Selecting a group 
+                    under this section will select all techniques that are mapped to (used by) that group.
+                </li>
+                <li>
+                    <b>Software:</b> software constitutes malware (custom closed source or open source software intended for malicious purposes) 
+                    or tools (open-source, built-in, or publicly available software that could be used by a defender or an adversary). Selecting a software under this 
+                    section will select all techniques that are mapped to (used by) that software.
+                </li>
+                <li>
+                    <b>Mitigations:</b> Mitigations represent security concepts and classes of technologies that can be used to prevent a technique or 
+                    sub-technique from being successfully executed. Selecting a mitigation under this section will select all techniques that are mapped to (mitigated by) that mitigation.
+                </li>
+            </ul>
             <p>
-                The interface provides
-                buttons to select and deselect techniques. These buttons modify the currently selected techniques rather
+                The interface provides buttons to select and deselect each object. These buttons modify the currently selected techniques rather
                 than replacing then, allowing for the selection of the multiple techniques or the techniques of multiple
-                threat groups or software by selecting them in sequence.
-                There are 'view' links that lead to more info on each technique.
-            </p>
-            <p>
-                Threat groups and software in the list are given a gray background when all
-                of their techniques are selected, even if the selection was not made using
-                the multiselect interface.
+                threat groups, software, or mitigations by selecting them in sequence. The 'view' links for each entry link to additional information about the object in question.
             </p>
             <p>
                 Buttons labelled 'select all' and 'deselect all' are provided to quickly select/deselect all techniques in the results
-                area.
+                area. You can use this in conjunction with the search input to select all results which match the given query.
             </p>
 
             <h1 id="help_Customizing_The_Navigator">Customizing The Navigator</h1>