Motivation

On CSP Dashboard we have the logic that default tab is chosen based on the fact that the data is there. Eg. if cspm data is missing but kspm data is ingested we make kspm tab a default one. This doesn't happen on Findings page with Misconfguraitons/Vulnerabilities.
This was reported as a regression in 8.16 but we need to check if it actually ever was implemented. We need to discuss with product if we actually want to do that. Concerns:

• CNVM is lower priority atm, do we want to show data instead of PLG for Misconfigurations?
• the logic of setting the default tab can grow complicated as we also want to store last tab in the Local Storage and also we have the real time update logic to change the view if data is in process of ingestion. In the dashboard this logic is a source of bugs and complex code. Is it worth it?

Definition of done

• it is decided if this is a bug/features we want to work on

Out of scope

Related tasks/epics

Team tag

@elastic/kibana-cloud-security-posture