While thinking and researching how to do the search on TeamMentor 4.0 (next version of TM), one of the key workflows that I kept coming back into are:
This has a number of UE implications, since the key to make it work is to have an UI that is easy and intuitive in providing/exposing this information.
- need to have feedback loop on the search results (this is really what makes Google Google), which can be be captured:
- explicitly: via the user clicking on the + or - sign close to each search)
- implicitly: via detecting which search result the user clicks (and which rank that search had)
- by mapping: where the user (or TM admin/editor) is able to provide feedback on a particular search. For example saying that the search results for 'X' should be the search results for 'Y'
- need to learn: this is connected to the feedback loop mentioned above and is based on the idea that the TM search results should become better with time
- need to start collecting data as soon as possible (ideally leveraging the current hundreds or thousands of Application security searches SI employees already do every day
- need to explain how we calculated a particular search result (of course that this needs to be hidden to normal users (unless they want it to), but we really need to show TM Editors/Admins the logic behind the search formula (and data) used to create those results, and reach the conclusion that 'article X' should be shown before 'article Y' (or folder/view/category 'X' should be shown before folder/view/category 'y')
- Provide links to other search engines and application security websites (like google, StackOverflow, OWASP, Wikipedia, etc...). this would allow us to make the case 'first search in TM and then go into Google' (I think google used to do this with other search engines (in a long distant past)):
- If fact, this could also allow use to 'fix' Google queries, since we could say "Hey you searched for XSS but what you probably want (from google) is 'How to fix XSS vulnerabilities in .NET" (assuming we had detected that that user was looking at .NET results
- Provide recommended searches based on past searches: the typical "users that searched/bought this item also searched/bought this ones"
This has a number of UE implications, since the key to make it work is to have an UI that is easy and intuitive in providing/exposing this information.
Note that this part of the 'how do we find the articles to show based on a search' search workflow (which result in 100s of TEAM Mentor articles). The challenge them is the UE that is currently being researched on how to present those articles in a way the user can filter them quickly, and find the best article that matches his search criteria.
Btw, I do view that our challenge here is to be 'better than Google on Application Security Search'.
THAT is our brief, since that is what TM users are using, and will compare TM with (i.e. term by term, we should beat Google on Application Security search results (at least the ones covered by TM)
THAT is our brief, since that is what TM users are using, and will compare TM with (i.e. term by term, we should beat Google on Application Security search results (at least the ones covered by TM)