Open
Conversation
- Introduced the SIEM Dashboard minigame with complete functionality for alert triage and escalation. - Created CSS styles for the SIEM Dashboard UI, ensuring alignment with design specifications. - Developed strict alignment revision plan to ensure SIEM planning matches game design requirements. - Added audit documentation comparing current SIEM plans against game design documents. - Implemented scenario files for testing the SIEM Dashboard minigame - Updated minigame starters to include the new SIEM Dashboard minigame.
…ixed scrollheight
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds a new SIEM Alert Dashboard minigame and wires it into the existing minigame framework and lock system using the siem_dashboard flow. It implements core triage gameplay (dismiss/escalate), seeded IoC + noise alerts, timer-based success/fail logic, and global state outputs (siem_escalated / siem_missed_alerts) with completion event emission. It also supports runtime alert injection, ransomware-triggered escalation behavior, and session persistence so players can close/reopen without losing progress. I have implemented this according to the design documentation. It has been tested for any bugs and issues with the visual layout, which have been fixed. One slight deviation from the intended implementation is that the ransomware deployed event happens over 10-20 seconds and contains a mixture of critical alerts and other noise. I found that just deploying 4 critical alerts simultaneously didn't look right.