diff --git a/ui/components/RecentAlerts.tsx b/ui/components/RecentAlerts.tsx
index 0c476b8..e966d44 100644
--- a/ui/components/RecentAlerts.tsx
+++ b/ui/components/RecentAlerts.tsx
@@ -68,11 +68,11 @@ const RecentAlerts: React.FC<Props> = ({ alerts }) => {
                 </td>
                 <td className="px-6 py-4">
                   <div className="flex items-center gap-3">
-                    <span className="text-[11px] font-mono text-white font-black bg-[#0c0c0e] px-2 py-0.5 rounded border border-[#1e1e20]">
+                    <span className="text-[11px]  text-white font-black bg-[#0c0c0e] px-2 py-0.5 rounded border border-[#1e1e20]">
                       {alert.sourceIp}
                     </span>
                     <ArrowUpRight size={10} className="text-gray-700" />
-                    <span className="text-[11px] font-mono text-zinc-400 font-black">
+                    <span className="text-[11px]  text-zinc-400 font-black">
                       {alert.destinationIp}
                     </span>
                   </div>
diff --git a/ui/components/TopThreats.tsx b/ui/components/TopThreats.tsx
index cb9fd1b..af6851b 100644
--- a/ui/components/TopThreats.tsx
+++ b/ui/components/TopThreats.tsx
@@ -45,7 +45,7 @@ const TopThreats: React.FC<Props> = ({ threats }) => {
                    <p className="text-[9px] text-gray-600 font-bold uppercase tracking-tight truncate">
                      {threat.evidence}
                    </p>
-                   <span className="text-[8px] font-mono text-zinc-700 uppercase">MITRE: {threat.category}</span>
+                   <span className="text-[8px]  text-zinc-700 uppercase">MITRE: {threat.category}</span>
                 </div>
               </div>
               <div className="text-right flex-shrink-0">
diff --git a/ui/components/dashboard/ProtocolDistribution.tsx b/ui/components/dashboard/ProtocolDistribution.tsx
index 80e10af..18081b7 100644
--- a/ui/components/dashboard/ProtocolDistribution.tsx
+++ b/ui/components/dashboard/ProtocolDistribution.tsx
@@ -51,7 +51,7 @@ const ProtocolDistribution: React.FC<Props> = ({ protocols, onBarClick }) => {
                   )}
                 </div>
                 <div className="text-right">
-                  <span className="text-white font-mono">{p.percentage}%</span>
+                  <span className="text-white ">{p.percentage}%</span>
                   <p className="text-[8px] text-gray-600 font-black uppercase">{p.volume}</p>
                 </div>
               </div>
diff --git a/ui/components/dashboard/RecentAlertsTable.tsx b/ui/components/dashboard/RecentAlertsTable.tsx
index aa54a02..f407ab8 100644
--- a/ui/components/dashboard/RecentAlertsTable.tsx
+++ b/ui/components/dashboard/RecentAlertsTable.tsx
@@ -60,7 +60,7 @@ const RecentAlertsTable: React.FC<Props> = ({ alerts, onAlertClick }) => {
                     <p className="text-xs font-bold text-white group-hover:text-[#00D4AA] transition-colors uppercase tracking-tight">{alert.name}</p>
                     <p className="text-[10px] text-gray-600 font-bold uppercase tracking-widest">{alert.mitreTactic}</p>
                   </td>
-                  <td className="px-6 py-4 text-[11px] font-mono text-zinc-400">
+                  <td className="px-6 py-4 text-[11px]  text-zinc-400">
                     <span className="text-white">{alert.sourceIp}</span>
                     <span className="mx-2 text-zinc-700">→</span>
                     <span>{alert.destinationIp}</span>
diff --git a/ui/components/detections/AlertCard.tsx b/ui/components/detections/AlertCard.tsx
index a7d7635..aef7ddc 100644
--- a/ui/components/detections/AlertCard.tsx
+++ b/ui/components/detections/AlertCard.tsx
@@ -53,7 +53,7 @@ const AlertCard: React.FC<AlertCardProps> = ({ alert, onViewDetails }) => {
               <h3 className="text-sm font-black text-white uppercase tracking-tight truncate max-w-[400px]">
                 {alert.name}
               </h3>
-              <div className="flex items-center gap-2.5 font-mono text-[11px] font-bold">
+              <div className="flex items-center gap-2.5  text-[11px] font-bold">
                 <span className="text-zinc-400">{alert.sourceIp}</span>
                 {alert.assetContext?.hostname && (
                   <span className="text-blue-400/90 uppercase text-[9px] font-black px-1.5 py-0.5 rounded bg-blue-400/5 border border-blue-400/10">
diff --git a/ui/components/investigations/InvestigationAnalytics.tsx b/ui/components/investigations/InvestigationAnalytics.tsx
index 645115d..7869507 100644
--- a/ui/components/investigations/InvestigationAnalytics.tsx
+++ b/ui/components/investigations/InvestigationAnalytics.tsx
@@ -1,10 +1,8 @@
-
 import React, { useState } from 'react';
 import { 
   TrendingUp, TrendingDown, Clock, ShieldCheck, 
   AlertCircle, Users, Activity, BarChart2, PieChart as PieChartIcon,
   Download, Settings2, Target, Zap, Brain, CheckCircle2,
-  // Comment: Fixed missing 'ArrowRight' icon import
   ChevronRight, ArrowUpRight, ArrowRight
 } from 'lucide-react';
 import { 
@@ -21,17 +19,17 @@ const TIMELINE_DATA = Array.from({ length: 30 }, (_, i) => ({
 
 const STATUS_DIST = [
   { name: 'New', value: 5, color: '#3b82f6' },
-  { name: 'Active', value: 12, color: '#06b6d4' },
+  { name: 'Active', value: 12, color: '#3b82f6' },
   { name: 'Escalated', value: 2, color: '#ef4444' },
-  { name: 'On Hold', value: 3, color: '#6b7280' },
-  { name: 'Closed', value: 45, color: '#10b981' },
+  { name: 'On Hold', value: 3, color: '#71717a' },
+  { name: 'Closed', value: 45, color: '#22c55e' },
 ];
 
 const SEVERITY_MTTR = [
   { name: 'Critical', target: 2, actual: 2.1, color: '#ef4444' },
   { name: 'High', target: 4, actual: 4.5, color: '#f97316' },
   { name: 'Medium', target: 8, actual: 8.2, color: '#eab308' },
-  { name: 'Low', target: 24, actual: 12.3, color: '#10b981' },
+  { name: 'Low', target: 24, actual: 12.3, color: '#3b82f6' },
 ];
 
 const ANALYST_WORKLOAD = [
@@ -45,25 +43,31 @@ const InvestigationAnalytics: React.FC = () => {
   const [timeRange, setTimeRange] = useState('LAST 30D');
 
   return (
-    <div className="space-y-8 animate-in fade-in duration-500">
+    <div className="space-y-6 animate-in fade-in duration-500 max-w-[1300px] mx-auto px-4 pb-48">
       {/* Filters Header */}
-      <div className="flex flex-wrap items-center justify-between gap-6 bg-zinc-900 border border-zinc-800 p-6 rounded-lg shadow-xl">
-        <div className="flex items-center gap-2 bg-zinc-950 p-1 rounded-xl border border-zinc-800">
+      <div className="flex flex-wrap items-center justify-between gap-6 bg-[#161618] border border-[#1e1e20] p-6 rounded-xl shadow-sm">
+        <div className="flex items-center gap-2 bg-[#0a0a0b] p-1 rounded-lg border border-[#1e1e20]">
           {['LAST 24H', 'LAST 7D', 'LAST 30D', 'LAST 90D', 'CUSTOM'].map(r => (
             <button 
               key={r} 
               onClick={() => setTimeRange(r)}
-              className={`px-5 py-2 rounded-lg text-[9px] font-black uppercase tracking-widest transition-all ${timeRange === r ? 'bg-zinc-800 text-white shadow-lg' : 'text-zinc-600 hover:text-zinc-400'}`}
+              className={`px-5 py-2 rounded-lg text-[10px] font-black uppercase tracking-widest transition-all ${
+                timeRange === r 
+                  ? 'bg-zinc-900/50 text-white shadow-lg' 
+                  : 'text-zinc-500 hover:text-zinc-400'
+              }`}
             >
               {r}
             </button>
           ))}
         </div>
         <div className="flex gap-3">
-          <button className="flex items-center gap-2 bg-zinc-950 border border-zinc-800 text-zinc-400 px-6 py-2.5 rounded-xl text-[10px] font-black uppercase tracking-widest hover:text-white transition-all">
+          <button className="flex items-center gap-2 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all">
             <Download size={14}/> Export Full Report
           </button>
-          <button className="p-2.5 bg-zinc-950 border border-zinc-800 rounded-xl text-zinc-500 hover:text-white"><Settings2 size={18}/></button>
+          <button className="p-1.5 hover:bg-zinc-800 rounded transition-colors text-zinc-500 hover:text-white">
+            <Settings2 size={18}/>
+          </button>
         </div>
       </div>
 
@@ -72,240 +76,256 @@ const InvestigationAnalytics: React.FC = () => {
         {[
           { label: 'ACTIVE CASES', val: '12', trend: '+3', good: false, sub: 'vs last week', icon: Activity, color: 'text-white' },
           { label: 'AVG RESOLUTION', val: '4.2h', trend: '-1.3h', good: true, sub: 'Target: 6.0h', icon: Clock, color: 'text-[#00D4AA]' },
-          { label: 'CLOSED (30D)', val: '45', trend: '+12', good: true, sub: 'vs last 30d', icon: ShieldCheck, color: 'text-blue-400' },
-          { label: 'SLA BREACH', val: '3.2%', trend: '-1.5%', good: true, sub: 'Global Compliance', icon: AlertCircle, color: 'text-red-500' },
+          { label: 'CLOSED (30D)', val: '45', trend: '+12', good: true, sub: 'vs last 30d', icon: ShieldCheck, color: 'text-white' },
+          { label: 'SLA BREACH', val: '3.2%', trend: '-1.5%', good: true, sub: 'Global Compliance', icon: AlertCircle, color: 'text-white' },
         ].map((m, i) => (
-          <div key={i} className="bg-zinc-900 border border-zinc-800 p-6 rounded-lg shadow-sm space-y-4 hover:border-zinc-700 transition-all group">
+          <div key={i} className="bg-[#161618] border border-[#1e1e20] p-6 rounded-xl shadow-sm space-y-3 hover:border-zinc-700 transition-all group">
             <div className="flex justify-between items-start">
               <p className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">{m.label}</p>
-              <m.icon size={16} className="text-zinc-700 group-hover:text-zinc-400" />
+              <m.icon size={16} className="text-zinc-500 group-hover:text-zinc-400 transition-colors" />
             </div>
-            <div className="flex items-end justify-between">
-              <h3 className={`text-xl font-black ${m.color} tracking-tighter`}>{m.val}</h3>
-              <div className={`flex items-center gap-1 text-[11px] font-black ${m.good ? 'text-emerald-500' : 'text-red-500'}`}>
+            <div className="flex items-end justify-between"> 
+              <h3 className={`text-xl font-black  tracking-tighter`}>{m.val}</h3>
+              <div className={`flex items-center gap-1 text-xs font-black `}>
                 {m.trend.startsWith('+') ? <TrendingUp size={14}/> : <TrendingDown size={14}/>} {m.trend}
               </div>
             </div>
-            <p className="text-[9px] font-bold text-zinc-700 uppercase tracking-tighter">{m.sub}</p>
+            <p className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">{m.sub}</p>
           </div>
         ))}
       </div>
 
       {/* Analytics Grid */}
-      <div className="grid grid-cols-1 lg:grid-cols-3 gap-8">
+      <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
         
         {/* LEFT COLUMN: Distribution */}
-        <div className="space-y-8">
-          <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-8 space-y-8 shadow-xl">
-             <h3 className="text-[10px] font-black text-zinc-500 uppercase tracking-widest flex items-center justify-between">Case Status Distribution <PieChartIcon size={14}/></h3>
-             <div className="h-56 relative">
-                <ResponsiveContainer width="100%" height="100%">
-                   <PieChart>
-                      <Pie data={STATUS_DIST} innerRadius={60} outerRadius={85} paddingAngle={8} dataKey="value" stroke="none">
-                         {STATUS_DIST.map((entry, index) => <Cell key={`cell-${index}`} fill={entry.color} />)}
-                      </Pie>
-                   </PieChart>
-                </ResponsiveContainer>
-                <div className="absolute inset-0 flex flex-col items-center justify-center pointer-events-none">
-                   <p className="text-[10px] font-black text-zinc-600 uppercase">Total</p>
-                   <p className="text-xl font-black text-white">27</p>
+        <div className="space-y-6">
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-6 space-y-6 shadow-sm">
+            <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest flex items-center justify-between">
+              Case Status Distribution 
+              <PieChartIcon size={14} className="text-zinc-400"/>
+            </h3>
+            <div className="h-56 relative">
+              <ResponsiveContainer width="100%" height="100%">
+                <PieChart>
+                  <Pie data={STATUS_DIST} innerRadius={60} outerRadius={85} paddingAngle={8} dataKey="value" stroke="none">
+                    {STATUS_DIST.map((entry, index) => <Cell key={`cell-${index}`} fill={entry.color} />)}
+                  </Pie>
+                </PieChart>
+              </ResponsiveContainer>
+              <div className="absolute inset-0 flex flex-col items-center justify-center pointer-events-none">
+                <p className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">Total</p>
+                <p className="text-xl font-black text-white tracking-tighter">27</p>
+              </div>
+            </div>
+            <div className="space-y-2">
+              {STATUS_DIST.map(s => (
+                <div key={s.name} className="flex justify-between items-center text-xs font-bold uppercase group cursor-pointer">
+                  <div className="flex items-center gap-3">
+                    <div className="w-2 h-2 rounded-full" style={{backgroundColor: s.color}} />
+                    <span className="text-zinc-500 group-hover:text-white transition-colors">{s.name}</span>
+                  </div>
+                  <span className="text-white">{s.value}</span>
                 </div>
-             </div>
-             <div className="space-y-3">
-                {STATUS_DIST.map(s => (
-                   <div key={s.name} className="flex justify-between items-center text-[10px] font-black uppercase group cursor-pointer">
-                      <div className="flex items-center gap-3">
-                         <div className="w-1.5 h-1.5 rounded-full" style={{backgroundColor: s.color}} />
-                         <span className="text-zinc-500 group-hover:text-white transition-colors">{s.name}</span>
-                      </div>
-                      <span className="text-white font-mono">{s.value}</span>
-                   </div>
-                ))}
-             </div>
-             <p className="text-[10px] text-zinc-600 italic border-t border-zinc-800 pt-4">Average case age: <span className="text-white">8.5 hours</span></p>
+              ))}
+            </div>
+            <p className="text-xs text-zinc-500 font-medium italic border-t border-[#1e1e20] pt-4">
+              Average case age: <span className="text-white font-semibold">8.5 hours</span>
+            </p>
           </div>
 
-          <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-8 space-y-6 shadow-xl">
-             <h3 className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Severity vs Resolution</h3>
-             <div className="space-y-6">
-                {SEVERITY_MTTR.map(s => (
-                   <div key={s.name} className="space-y-2">
-                      <div className="flex justify-between text-[10px] font-black uppercase">
-                         <span className="text-zinc-500">{s.name}</span>
-                         <span className="text-white">MTTR: {s.actual}h</span>
-                      </div>
-                      <div className="h-1.5 w-full bg-zinc-950 rounded-full overflow-hidden">
-                         <div className="h-full" style={{ width: `${(s.actual / 24) * 100}%`, backgroundColor: s.color }} />
-                      </div>
-                   </div>
-                ))}
-             </div>
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-6 space-y-4 shadow-sm">
+            <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Severity vs Resolution</h3>
+            <div className="space-y-4">
+              {SEVERITY_MTTR.map(s => (
+                <div key={s.name} className="space-y-2">
+                  <div className="flex justify-between text-xs font-bold uppercase">
+                    <span className="text-zinc-500">{s.name}</span>
+                    <span className="text-white">MTTR: {s.actual}h</span>
+                  </div>
+                  <div className="h-1.5 w-full bg-[#0a0a0b] rounded-full overflow-hidden">
+                    <div className="h-full" style={{ width: `${(s.actual / 24) * 100}%`, backgroundColor: s.color }} />
+                  </div>
+                </div>
+              ))}
+            </div>
           </div>
 
-          <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-8 space-y-6 shadow-xl">
-             <h3 className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Top Investigated Tactics</h3>
-             <div className="space-y-4">
-                {[
-                  { name: 'Command & Control', count: 12, pct: 45, color: '#ef4444' },
-                  { name: 'Lateral Movement', count: 8, pct: 30, color: '#f97316' },
-                  { name: 'Exfiltration', count: 5, pct: 15, color: '#eab308' },
-                  { name: 'Discovery', count: 2, pct: 10, color: '#3b82f6' },
-                ].map(t => (
-                   <div key={t.name} className="flex items-center gap-4 group cursor-pointer">
-                      <div className="flex-1 space-y-1.5">
-                         <div className="flex justify-between text-[10px] font-black uppercase">
-                            <span className="text-zinc-500 group-hover:text-white transition-colors">{t.name}</span>
-                            <span className="text-white">{t.count}</span>
-                         </div>
-                         <div className="h-1 w-full bg-zinc-950 rounded-full overflow-hidden">
-                            <div className="h-full transition-all" style={{ width: `${t.pct}%`, backgroundColor: t.color }} />
-                         </div>
-                      </div>
-                      <ArrowUpRight size={14} className="text-zinc-800 group-hover:text-zinc-500" />
-                   </div>
-                ))}
-             </div>
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-6 space-y-4 shadow-sm">
+            <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Top Investigated Tactics</h3>
+            <div className="space-y-3">
+              {[
+                { name: 'Command & Control', count: 12, pct: 45, color: '#ef4444' },
+                { name: 'Lateral Movement', count: 8, pct: 30, color: '#f97316' },
+                { name: 'Exfiltration', count: 5, pct: 15, color: '#eab308' },
+                { name: 'Discovery', count: 2, pct: 10, color: '#3b82f6' },
+              ].map(t => (
+                <div key={t.name} className="flex items-center gap-4 group cursor-pointer">
+                  <div className="flex-1 space-y-1.5">
+                    <div className="flex justify-between text-xs font-bold uppercase">
+                      <span className="text-zinc-500 group-hover:text-white transition-colors">{t.name}</span>
+                      <span className="text-white">{t.count}</span>
+                    </div>
+                    <div className="h-1 w-full bg-[#0a0a0b] rounded-full overflow-hidden">
+                      <div className="h-full transition-all" style={{ width: `${t.pct}%`, backgroundColor: t.color }} />
+                    </div>
+                  </div>
+                  <ArrowUpRight size={14} className="text-zinc-500 group-hover:text-zinc-400 transition-colors" />
+                </div>
+              ))}
+            </div>
           </div>
         </div>
 
         {/* MIDDLE COLUMN: Trends & MTTR */}
-        <div className="space-y-8">
-          <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-8 space-y-8 shadow-xl">
-             <div className="flex justify-between items-center">
-                <h3 className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Case Volume Trend</h3>
-                <div className="flex gap-4">
-                  <div className="flex items-center gap-1.5"><div className="w-1.5 h-1.5 rounded-full bg-red-500"/><span className="text-[8px] font-black text-gray-600 uppercase">Opened</span></div>
-                  <div className="flex items-center gap-1.5"><div className="w-1.5 h-1.5 rounded-full bg-emerald-500"/><span className="text-[8px] font-black text-gray-600 uppercase">Closed</span></div>
+        <div className="space-y-6">
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-6 space-y-6 shadow-sm">
+            <div className="flex justify-between items-center">
+              <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Case Volume Trend</h3>
+              <div className="flex gap-4">
+                <div className="flex items-center gap-1.5">
+                  <div className="w-2 h-2 rounded-full bg-red-500"/>
+                  <span className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">Opened</span>
                 </div>
-             </div>
-             <div className="h-64">
-                <ResponsiveContainer width="100%" height="100%">
-                   <ComposedChart data={TIMELINE_DATA}>
-                      <CartesianGrid strokeDasharray="3 3" stroke="#27272a" vertical={false} />
-                      <XAxis dataKey="date" hide />
-                      <YAxis hide />
-                      <Tooltip contentStyle={{backgroundColor: '#0a0a0a', border: '1px solid #27272a', borderRadius: '12px', fontSize: '10px'}} />
-                      <Area type="monotone" dataKey="active" fill="#3b82f611" stroke="none" />
-                      <Line type="monotone" dataKey="opened" stroke="#ef4444" strokeWidth={2} dot={false} />
-                      <Line type="monotone" dataKey="closed" stroke="#10b981" strokeWidth={2} dot={false} />
-                   </ComposedChart>
-                </ResponsiveContainer>
-             </div>
-             <p className="text-[10px] text-zinc-600 font-bold uppercase tracking-tight flex items-center gap-2">
-                <Zap size={14} className="text-orange-500"/> Backlog growing by avg +2 cases/week
-             </p>
+                <div className="flex items-center gap-1.5">
+                  <div className="w-2 h-2 rounded-full bg-green-500"/>
+                  <span className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">Closed</span>
+                </div>
+              </div>
+            </div>
+            <div className="h-64">
+              <ResponsiveContainer width="100%" height="100%">
+                <ComposedChart data={TIMELINE_DATA}>
+                  <CartesianGrid strokeDasharray="3 3" stroke="#1e1e20" vertical={false} />
+                  <XAxis dataKey="date" hide />
+                  <YAxis hide />
+                  <Tooltip contentStyle={{backgroundColor: '#0a0a0b', border: '1px solid #1e1e20', borderRadius: '8px', fontSize: '10px'}} />
+                  <Area type="monotone" dataKey="active" fill="#3b82f611" stroke="none" />
+                  <Line type="monotone" dataKey="opened" stroke="#ef4444" strokeWidth={2} dot={false} />
+                  <Line type="monotone" dataKey="closed" stroke="#22c55e" strokeWidth={2} dot={false} />
+                </ComposedChart>
+              </ResponsiveContainer>
+            </div>
+            <p className="text-xs text-zinc-500 font-medium flex items-center gap-2">
+              <Zap size={14} className="text-orange-500"/> Backlog growing by avg +2 cases/week
+            </p>
           </div>
 
-          <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-8 space-y-8 shadow-xl">
-             <h3 className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Mean Time to Resolve (Actual vs Target)</h3>
-             <div className="h-64">
-                <ResponsiveContainer width="100%" height="100%">
-                   <BarChart data={SEVERITY_MTTR}>
-                      <CartesianGrid strokeDasharray="3 3" stroke="#27272a" vertical={false} />
-                      <XAxis dataKey="name" axisLine={false} tickLine={false} tick={{fill: '#4b5563', fontSize: 10}} />
-                      <YAxis hide />
-                      <Tooltip contentStyle={{backgroundColor: '#0a0a0a', border: '1px solid #27272a', borderRadius: '12px', fontSize: '10px'}} />
-                      <Bar dataKey="target" fill="#27272a" radius={[2, 2, 0, 0]} name="Target (Hours)" />
-                      <Bar dataKey="actual" fill="#00D4AA" radius={[2, 2, 0, 0]} name="Actual (Hours)" />
-                   </BarChart>
-                </ResponsiveContainer>
-             </div>
-             <div className="flex items-center justify-between p-4 bg-[#10b9810a] border border-[#10b98122] rounded-xl">
-                <p className="text-[10px] font-black text-emerald-500 uppercase tracking-widest">SLA Compliance: 96.8% ✅</p>
-                <button className="text-[8px] font-black text-white hover:underline uppercase">View Report</button>
-             </div>
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-6 space-y-6 shadow-sm">
+            <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Mean Time to Resolve (Actual vs Target)</h3>
+            <div className="h-64">
+              <ResponsiveContainer width="100%" height="100%">
+                <BarChart data={SEVERITY_MTTR}>
+                  <CartesianGrid strokeDasharray="3 3" stroke="#1e1e20" vertical={false} />
+                  <XAxis dataKey="name" axisLine={false} tickLine={false} tick={{fill: '#71717a', fontSize: 10}} />
+                  <YAxis hide />
+                  <Tooltip contentStyle={{backgroundColor: '#0a0a0b', border: '1px solid #1e1e20', borderRadius: '8px', fontSize: '10px'}} />
+                  <Bar dataKey="target" fill="#27272a" radius={[2, 2, 0, 0]} name="Target (Hours)" />
+                  <Bar dataKey="actual" fill="#00D4AA" radius={[2, 2, 0, 0]} name="Actual (Hours)" />
+                </BarChart>
+              </ResponsiveContainer>
+            </div>
+            <div className="flex items-center justify-between p-4 bg-green-500/10 border border-green-500/20 rounded-lg">
+              <p className="text-xs font-bold text-green-500 uppercase tracking-tight">SLA Compliance: 96.8% ✅</p>
+              <button className="text-[10px] font-bold text-white hover:underline uppercase tracking-tight">View Report</button>
+            </div>
           </div>
 
-          <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-8 space-y-6 shadow-xl">
-             <h3 className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">SLA Performance Summary</h3>
-             <div className="flex items-center justify-between">
-                <div className="text-center flex-1 border-r border-zinc-800">
-                   <p className="text-2xl font-black text-white">44</p>
-                   <p className="text-[8px] text-zinc-600 font-bold uppercase mt-1">Met SLA</p>
-                </div>
-                <div className="text-center flex-1 border-r border-zinc-800">
-                   <p className="text-2xl font-black text-red-500">1</p>
-                   <p className="text-[8px] text-zinc-600 font-bold uppercase mt-1">Breached</p>
-                </div>
-                <div className="text-center flex-1">
-                   <p className="text-2xl font-black text-emerald-400">+2.5h</p>
-                   <p className="text-[8px] text-zinc-600 font-bold uppercase mt-1">Avg Margin</p>
-                </div>
-             </div>
-             <button className="w-full py-2 bg-zinc-950 border border-zinc-800 rounded-lg text-[9px] font-black text-zinc-500 uppercase tracking-widest hover:text-white transition-all">View Breached Case Details</button>
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-6 space-y-4 shadow-sm">
+            <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">SLA Performance Summary</h3>
+            <div className="flex items-center justify-between">
+              <div className="text-center flex-1 border-r border-[#1e1e20]">
+                <p className="text-xl font-black text-white tracking-tighter">44</p>
+                <p className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mt-1">Met SLA</p>
+              </div>
+              <div className="text-center flex-1 border-r border-[#1e1e20]">
+                <p className="text-xl font-black text-white tracking-tighter">1</p>
+                <p className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mt-1">Breached</p>
+              </div>
+              <div className="text-center flex-1">
+                <p className="text-xl font-black text-white tracking-tighter">+2.5h</p>
+                <p className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mt-1">Avg Margin</p>
+              </div>
+            </div>
+            <button className="w-full bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all">
+              View Breached Case Details
+            </button>
           </div>
         </div>
 
         {/* RIGHT COLUMN: Team & Insights */}
-        <div className="space-y-8">
-          <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-8 space-y-8 shadow-xl">
-             <div className="flex justify-between items-center">
-                <h3 className="text-[10px] font-black text-zinc-500 uppercase tracking-widest flex items-center gap-2"><Users size={14}/> Analyst Workload</h3>
-                <button className="text-[9px] font-black text-[#00D4AA] uppercase hover:underline">Rebalance</button>
-             </div>
-             <div className="space-y-6">
-                {ANALYST_WORKLOAD.map(a => (
-                   <div key={a.name} className="space-y-3 group cursor-pointer">
-                      <div className="flex justify-between items-start">
-                         <div>
-                            <p className="text-[11px] font-black text-white uppercase tracking-tight group-hover:text-[#00D4AA] transition-colors">{a.name}</p>
-                            <p className="text-[9px] text-zinc-600 font-bold uppercase mt-0.5">{a.total} Cases • Avg age {a.age}h</p>
-                         </div>
-                         <div className="flex gap-1">
-                            {Array.from({length: a.critical}).map((_, i) => <div key={i} className="w-1.5 h-1.5 rounded-full bg-red-500" />)}
-                            {Array.from({length: a.high}).map((_, i) => <div key={i} className="w-1.5 h-1.5 rounded-full bg-orange-500" />)}
-                            {Array.from({length: a.medium}).map((_, i) => <div key={i} className="w-1.5 h-1.5 rounded-full bg-yellow-500" />)}
-                         </div>
-                      </div>
-                      <div className="h-1.5 w-full bg-zinc-950 rounded-full overflow-hidden">
-                         <div className={`h-full transition-all ${a.total > 4 ? 'bg-red-500' : 'bg-blue-500'}`} style={{ width: `${(a.total / 6) * 100}%` }} />
-                      </div>
-                   </div>
-                ))}
-             </div>
+        <div className="space-y-6">
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-6 space-y-6 shadow-sm">
+            <div className="flex justify-between items-center">
+              <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest flex items-center gap-2">
+                <Users size={14} className="text-zinc-400"/> Analyst Workload
+              </h3>
+              <button className="text-[10px] font-black text-white uppercase tracking-widest hover:underline">Rebalance</button>
+            </div>
+            <div className="space-y-4">
+              {ANALYST_WORKLOAD.map(a => (
+                <div key={a.name} className="space-y-2 group cursor-pointer">
+                  <div className="flex justify-between items-start">
+                    <div>
+                      <p className="text-xs font-bold text-white uppercase tracking-tight group-hover:text-[#00D4AA] transition-colors">{a.name}</p>
+                      <p className="text-[10px] font-medium text-zinc-500 uppercase tracking-tight mt-0.5">{a.total} Cases • Avg age {a.age}h</p>
+                    </div>
+                    <div className="flex gap-1">
+                      {Array.from({length: a.critical}).map((_, i) => <div key={i} className="w-2 h-2 rounded-full bg-red-500" />)}
+                      {Array.from({length: a.high}).map((_, i) => <div key={i} className="w-2 h-2 rounded-full bg-orange-500" />)}
+                      {Array.from({length: a.medium}).map((_, i) => <div key={i} className="w-2 h-2 rounded-full bg-yellow-500" />)}
+                    </div>
+                  </div>
+                  <div className="h-1.5 w-full bg-[#0a0a0b] rounded-full overflow-hidden">
+                    <div className={`h-full transition-all ${a.total > 4 ? 'bg-red-500' : 'bg-blue-500'}`} style={{ width: `${(a.total / 6) * 100}%` }} />
+                  </div>
+                </div>
+              ))}
+            </div>
           </div>
 
-          <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-8 space-y-6 shadow-xl relative overflow-hidden">
-             {/* <div className="absolute top-0 right-0 p-4 opacity-5">
-                <Brain size={120} className="text-[#00D4AA]" />
-             </div> */}
-             <h3 className="text-[10px] font-black text-[#00D4AA] uppercase tracking-[0.2em] flex items-center gap-2 relative z-10"><Brain size={14}/> Intelligence Insights</h3>
-             <div className="space-y-5 relative z-10">
-                <div className="p-4 bg-zinc-950 border border-zinc-800 rounded-xl space-y-2">
-                   <p className="text-[10px] font-black text-red-500 uppercase flex items-center gap-2">⚠️ Backlog Growing</p>
-                   <p className="text-[11px] text-zinc-400 leading-relaxed font-medium">Active cases increased <span className="text-white">25%</span> over last 2 weeks. Capacity re-evaluation recommended.</p>
-                </div>
-                <div className="p-4 bg-zinc-950 border border-zinc-800 rounded-xl space-y-2">
-                   <p className="text-[10px] font-black text-emerald-500 uppercase flex items-center gap-2">✅ Resolution Velocity</p>
-                   <p className="text-[11px] text-zinc-400 leading-relaxed font-medium">MTTR decreased by <span className="text-white">18%</span> month-over-month. Credited to improved playbooks.</p>
-                </div>
-                <div className="p-4 bg-zinc-950 border border-zinc-800 rounded-xl space-y-2">
-                   <p className="text-[10px] font-black text-orange-500 uppercase flex items-center gap-2">💡 False Positive Risk</p>
-                   <p className="text-[11px] text-zinc-400 leading-relaxed font-medium"><span className="text-white">33%</span> of cases closed as FP. Review "DNS-TUNNEL-01" rule logic.</p>
-                </div>
-             </div>
-             <button className="w-full mt-4 flex items-center justify-center gap-2 text-[10px] font-black text-zinc-500 uppercase tracking-widest hover:text-white transition-all">View Detail Audit <ArrowRight size={14}/></button>
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-6 space-y-4 shadow-sm relative overflow-hidden">
+            <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest flex items-center gap-2 relative z-10">
+              <Brain size={14}/> Intelligence Insights
+            </h3>
+            <div className="space-y-3 relative z-10">
+              <div className="p-4 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg space-y-2">
+                <p className="text-xs font-bold text-white uppercase tracking-tight flex items-center gap-2">⚠️ Backlog Growing</p>
+                <p className="text-sm text-zinc-400 leading-relaxed">Active cases increased <span className="text-white font-semibold">25%</span> over last 2 weeks. Capacity re-evaluation recommended.</p>
+              </div>
+              <div className="p-4 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg space-y-2">
+                <p className="text-xs font-bold text-white uppercase tracking-tight flex items-center gap-2">✅ Resolution Velocity</p>
+                <p className="text-sm text-zinc-400 leading-relaxed">MTTR decreased by <span className="text-white font-semibold">18%</span> month-over-month. Credited to improved playbooks.</p>
+              </div>
+              <div className="p-4 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg space-y-2">
+                <p className="text-xs font-bold text-white uppercase tracking-tight flex items-center gap-2">💡 False Positive Risk</p>
+                <p className="text-sm text-zinc-400 leading-relaxed"><span className="text-white font-semibold">33%</span> of cases closed as FP. Review "DNS-TUNNEL-01" rule logic.</p>
+              </div>
+            </div>
+            <button className="w-full mt-4 flex items-center justify-center gap-2 text-xs font-bold text-zinc-500 uppercase tracking-tight hover:text-white transition-all">
+              View Detail Audit <ArrowRight size={14}/>
+            </button>
           </div>
 
-          <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-8 space-y-6 shadow-xl">
-             <h3 className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Mean Response Metrics</h3>
-             <div className="grid grid-cols-3 gap-4">
-                <div className="text-center p-3 bg-zinc-950 border border-zinc-800 rounded-xl">
-                   <p className="text-lg font-black text-white">12m</p>
-                   <p className="text-[8px] text-zinc-600 font-bold uppercase mt-1">MTTA</p>
-                </div>
-                <div className="text-center p-3 bg-zinc-950 border border-zinc-800 rounded-xl">
-                   <p className="text-lg font-black text-white">3.2h</p>
-                   <p className="text-[8px] text-zinc-600 font-bold uppercase mt-1">MTTI</p>
-                </div>
-                <div className="text-center p-3 bg-zinc-950 border border-zinc-800 rounded-xl">
-                   <p className="text-lg font-black text-white">1.8h</p>
-                   <p className="text-[8px] text-zinc-600 font-bold uppercase mt-1">MTTR</p>
-                </div>
-             </div>
-             <div className="pt-4 flex justify-center gap-2 text-[9px] font-black text-emerald-500 uppercase">
-                <TrendingDown size={14}/> Efficiency increased by 18%
-             </div>
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-6 space-y-4 shadow-sm">
+            <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Mean Response Metrics</h3>
+            <div className="grid grid-cols-3 gap-3">
+              <div className="text-center p-3 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg">
+                <p className="text-xl font-black text-white tracking-tighter">12m</p>
+                <p className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mt-1">MTTA</p>
+              </div>
+              <div className="text-center p-3 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg">
+                <p className="text-xl font-black text-white tracking-tighter">3.2h</p>
+                <p className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mt-1">MTTI</p>
+              </div>
+              <div className="text-center p-3 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg">
+                <p className="text-xl font-black text-white tracking-tighter">1.8h</p>
+                <p className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mt-1">MTTR</p>
+              </div>
+            </div>
+            <div className="pt-4 flex justify-center gap-2 text-xs font-black text-white uppercase tracking-tight">
+              <TrendingDown size={14}/> Efficiency increased by 18%
+            </div>
           </div>
         </div>
       </div>
@@ -313,4 +333,4 @@ const InvestigationAnalytics: React.FC = () => {
   );
 };
 
-export default InvestigationAnalytics;
+export default InvestigationAnalytics;
\ No newline at end of file
diff --git a/ui/components/investigations/InvestigationList.tsx b/ui/components/investigations/InvestigationList.tsx
index 89bab39..68eb2cc 100644
--- a/ui/components/investigations/InvestigationList.tsx
+++ b/ui/components/investigations/InvestigationList.tsx
@@ -48,45 +48,45 @@ const InvestigationList: React.FC<Props> = ({ onSelectCase }) => {
   const getStatusColor = (status: string) => {
     switch (status.toLowerCase()) {
       case 'active':
-        return 'bg-blue-500/20 text-blue-400 border-blue-500/30';
+        return 'bg-blue-500/10 border-blue-500/20 text-blue-500';
       case 'new':
-        return 'bg-emerald-500/20 text-emerald-400 border-emerald-500/30';
+        return 'bg-green-500/10 border-green-500/20 text-green-500';
       case 'pending':
-        return 'bg-yellow-500/20 text-yellow-400 border-yellow-500/30';
+        return 'bg-yellow-500/10 border-yellow-500/20 text-yellow-500';
       case 'resolved':
-        return 'bg-zinc-500/20 text-zinc-400 border-zinc-500/30';
+        return 'bg-zinc-500/10 border-zinc-500/20 text-zinc-500';
       default:
-        return 'bg-zinc-500/20 text-zinc-400 border-zinc-500/30';
+        return 'bg-zinc-500/10 border-zinc-500/20 text-zinc-500';
     }
   };
 
   const getPriorityColor = (priority: string) => {
     switch (priority.toLowerCase()) {
       case 'critical':
-        return 'bg-red-500/20 text-red-400 border-red-500/30';
+        return 'bg-red-500/10 border-red-500/20 text-red-500';
       case 'high':
-        return 'bg-orange-500/20 text-orange-400 border-orange-500/30';
+        return 'bg-orange-500/10 border-orange-500/20 text-orange-500';
       case 'medium':
-        return 'bg-yellow-500/20 text-yellow-400 border-yellow-500/30';
+        return 'bg-yellow-500/10 border-yellow-500/20 text-yellow-500';
       case 'low':
-        return 'bg-zinc-500/20 text-zinc-400 border-zinc-500/30';
+        return 'bg-blue-500/10 border-blue-500/20 text-blue-500';
       default:
-        return 'bg-zinc-500/20 text-zinc-400 border-zinc-500/30';
+        return 'bg-zinc-500/10 border-zinc-500/20 text-zinc-500';
     }
   };
 
   return (
-    <div className="space-y-6 max-w-[1600px] mx-auto px-4 pb-32">
+    <div className="space-y-6 max-w-[1300px] mx-auto px-4 pb-48">
       
       {/* Filter Bar */}
       <div className="flex items-center gap-3 flex-wrap">
         {/* Search Field */}
-        <div className="flex-1 min-w-[300px] relative group mt-1">
-          <Search size={16} className="absolute left-4 top-1/2 -translate-y-1/2 text-zinc-600 group-focus-within:text-zinc-400 transition-colors" />
+        <div className="flex-1 min-w-[300px] relative">
+          <Search className="absolute left-4 top-1/2 -translate-y-1/2 text-zinc-400 z-10 pointer-events-none" size={18} />
           <input 
             type="text" 
             placeholder="Search Cases: IPs, Hostnames, or Zeek UIDs..." 
-            className="w-full bg-zinc-900/60 border border-zinc-800 rounded-lg pl-12 pr-4 py-2.5 text-sm text-white outline-none focus:border-zinc-700 transition-all placeholder:text-zinc-600"
+            className="w-full bg-zinc-900/60 backdrop-blur-md border border-white/10 rounded-lg pl-12 pr-6 py-3 text-sm text-zinc-200 outline-none focus:border-[#00D4AA] transition-all placeholder:text-zinc-500"
             value={searchTerm}
             onChange={(e) => setSearchTerm(e.target.value)}
           />
@@ -95,7 +95,7 @@ const InvestigationList: React.FC<Props> = ({ onSelectCase }) => {
         {/* Log Source Dropdown */}
         <div className="relative dropdown-container">
           <div className="flex flex-col gap-1">
-            <label className="text-[8px] font-bold text-zinc-600 uppercase tracking-wider px-1">Log Source</label>
+            <label className="text-xs font-bold text-zinc-500 uppercase tracking-wide px-1">Log Source</label>
             <button 
               onClick={() => setOpenDropdown(openDropdown === 'log' ? null : 'log')}
               className="bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all flex items-center gap-2 min-w-[140px]"
@@ -105,7 +105,7 @@ const InvestigationList: React.FC<Props> = ({ onSelectCase }) => {
             </button>
           </div>
           {openDropdown === 'log' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[180px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
               {['Conn', 'DNS', 'SSL', 'HTTP', 'Files', 'DHCP'].map(source => (
                 <button 
                   key={source}
@@ -125,7 +125,7 @@ const InvestigationList: React.FC<Props> = ({ onSelectCase }) => {
         {/* MITRE Tactic Dropdown */}
         <div className="relative dropdown-container">
           <div className="flex flex-col gap-1">
-            <label className="text-[8px] font-bold text-zinc-600 uppercase tracking-wider px-1">MITRE Tactic</label>
+            <label className="text-xs font-bold text-zinc-500 uppercase tracking-wide px-1">MITRE Tactic</label>
             <button 
               onClick={() => setOpenDropdown(openDropdown === 'mitre' ? null : 'mitre')}
               className="bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all flex items-center gap-2 min-w-[180px]"
@@ -135,7 +135,7 @@ const InvestigationList: React.FC<Props> = ({ onSelectCase }) => {
             </button>
           </div>
           {openDropdown === 'mitre' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[220px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
               {[
                 'Lateral Movement',
                 'Command & Control', 
@@ -162,7 +162,7 @@ const InvestigationList: React.FC<Props> = ({ onSelectCase }) => {
         {/* Asset Group Dropdown */}
         <div className="relative dropdown-container">
           <div className="flex flex-col gap-1">
-            <label className="text-[8px] font-bold text-zinc-600 uppercase tracking-wider px-1">Asset Group</label>
+            <label className="text-xs font-bold text-zinc-500 uppercase tracking-wide px-1">Asset Group</label>
             <button 
               onClick={() => setOpenDropdown(openDropdown === 'asset' ? null : 'asset')}
               className="bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all flex items-center gap-2 min-w-[160px]"
@@ -172,7 +172,7 @@ const InvestigationList: React.FC<Props> = ({ onSelectCase }) => {
             </button>
           </div>
           {openDropdown === 'asset' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[180px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
               {['All Segments', 'Engineering', 'Production', 'Management', 'Guest WiFi', 'DMZ'].map(group => (
                 <button 
                   key={group}
@@ -192,7 +192,7 @@ const InvestigationList: React.FC<Props> = ({ onSelectCase }) => {
         {/* Horizon Dropdown */}
         <div className="relative dropdown-container">
           <div className="flex flex-col gap-1">
-            <label className="text-[8px] font-bold text-zinc-600 uppercase tracking-wider px-1">Horizon</label>
+            <label className="text-xs font-bold text-zinc-500 uppercase tracking-wide px-1">Horizon</label>
             <button 
               onClick={() => setOpenDropdown(openDropdown === 'horizon' ? null : 'horizon')}
               className="bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all flex items-center gap-2 min-w-[160px]"
@@ -202,7 +202,7 @@ const InvestigationList: React.FC<Props> = ({ onSelectCase }) => {
             </button>
           </div>
           {openDropdown === 'horizon' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[180px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
               {['Last 1 Hour', 'Last 24 Hours', 'Last 7 Days', 'Last 30 Days', 'Custom Range'].map(range => (
                 <button 
                   key={range}
@@ -222,128 +222,128 @@ const InvestigationList: React.FC<Props> = ({ onSelectCase }) => {
 
       {/* Investigation Table */}
       <div className="bg-[#0a0a0b] border border-zinc-800/50 rounded-lg overflow-hidden">
-      <table className="w-full">
-  <thead className="bg-[#0d0d0f] border-b border-zinc-800">
-    <tr className="text-[9px] font-bold text-zinc-500 uppercase tracking-wider">
-      <th className="px-3 py-2 text-left w-8">
-        <input 
-          type="checkbox" 
-          className="h-4 w-4 border-2 border-zinc-700 bg-zinc-900 checked:bg-[#00D4AA] checked:border-[#00D4AA] appearance-none rounded flex items-center justify-center checked:after:content-['✓'] checked:after:text-black checked:after:text-xs"
-          checked={selectedRows.length === MOCK_INVESTIGATIONS.length && MOCK_INVESTIGATIONS.length > 0}
-          onChange={toggleAllRows}
-        />
-      </th>
-      <th className="px-3 py-2 text-left whitespace-nowrap">Investigation Case</th>
-      <th className="px-3 py-2 text-left whitespace-nowrap">Status</th>
-      <th className="px-3 py-2 text-left whitespace-nowrap">Priority</th>
-      <th className="px-3 py-2 text-left whitespace-nowrap">Asset / Segment</th>
-      <th className="px-3 py-2 text-left whitespace-nowrap">Assignee</th>
-      <th className="px-3 py-2 text-left whitespace-nowrap">Log Source</th>
-      <th className="px-3 py-2 text-left whitespace-nowrap">Actions</th>
-    </tr>
-  </thead>
-  <tbody className="divide-y divide-zinc-800/50">
-    {MOCK_INVESTIGATIONS.map((inv, idx) => (
-      <tr 
-        key={inv.id} 
-        className="hover:bg-zinc-900/30 transition-colors group"
-      >
-        <td className="px-3 py-3">
-          <input 
-            type="checkbox" 
-            className="h-4 w-4 border-2 border-zinc-700 bg-zinc-900 checked:bg-[#00D4AA] checked:border-[#00D4AA] appearance-none rounded flex items-center justify-center checked:after:content-['✓'] checked:after:text-black checked:after:text-xs"
-            checked={selectedRows.includes(inv.id)}
-            onChange={() => toggleRowSelection(inv.id)}
-            onClick={(e) => e.stopPropagation()}
-          />
-        </td>
-        <td className="px-3 py-3">
-          <div className="space-y-0.5">
-            <div className="text-sm font-semibold text-white group-hover:text-blue-400 transition-colors cursor-pointer whitespace-nowrap">
-              {inv.name}
-            </div>
-            <div className="text-[10px] text-zinc-500 font-mono space-x-2 whitespace-nowrap">
-              <span>CASE-{inv.id.slice(0, 8)}</span>
-              <span>·</span>
-              <span>{inv.mitreStage || 'Command & Control'}</span>
-            </div>
-          </div>
-        </td>
-        <td className="px-3 py-3">
-          <span className={`inline-flex px-2 py-0.5 rounded-md border text-[10px] font-bold uppercase tracking-wider whitespace-nowrap ${getStatusColor(inv.status || 'active')}`}>
-            {inv.status || 'Active'}
-          </span>
-        </td>
-        <td className="px-3 py-3">
-          <span className={`inline-flex items-center gap-1 px-2 py-0.5 rounded-md border text-[10px] font-bold uppercase tracking-wider whitespace-nowrap ${getPriorityColor(inv.severity)}`}>
-            {inv.severity === 'critical' && <AlertCircle size={12} />}
-            {inv.severity}
-          </span>
-        </td>
-        <td className="px-3 py-3">
-          <div className="space-y-0.5">
-            <div className="text-xs font-semibold text-white whitespace-nowrap">
-              {inv.segment || 'Engineering'}
-            </div>
-            <div className="text-[10px] text-zinc-500 whitespace-nowrap">
-              {inv.assetContext?.vlan || 'eng-station-pc'}
-            </div>
-          </div>
-        </td>
-        <td className="px-3 py-3">
-          <div className="flex items-center gap-2">
-            <div className="w-5 h-5 rounded-full bg-blue-600/20 border border-blue-600/30 flex items-center justify-center flex-shrink-0">
-              <User size={11} className="text-blue-400" />
-            </div>
-            <span className="text-xs text-zinc-300 font-medium whitespace-nowrap">
-              {inv.assignedTo?.name || (idx === 0 ? 'Sarah Chen' : idx === 1 ? 'Unassigned' : 'Marcus Thorne')}
-            </span>
-          </div>
-        </td>
-        <td className="px-3 py-3">
-          <div className="flex gap-1 flex-wrap">
-            <span className="px-1.5 py-0.5 bg-cyan-600/20 border border-cyan-600/30 text-emerald-400 rounded text-[9px] font-bold uppercase whitespace-nowrap">
-              {idx === 0 ? 'Conn' : idx === 1 ? 'DNS' : idx === 2 ? 'Conn' : idx === 3 ? 'Files' : 'DHCP'}
-            </span>
-            {idx === 0 && (
-              <span className="px-1.5 py-0.5 bg-cyan-600/20 border border-cyan-600/30 text-emerald-400 rounded text-[9px] font-bold uppercase whitespace-nowrap">
-                SSL
-              </span>
-            )}
-            {idx === 2 && (
-              <span className="px-1.5 py-0.5 bg-cyan-600/20 border border-cyan-600/30 text-emerald-400 rounded text-[9px] font-bold uppercase whitespace-nowrap">
-                DCE-RPC
-              </span>
-            )}
-          </div>
-        </td>
-        <td className="px-3 py-3">
-          <div className="flex items-center gap-2 whitespace-nowrap">
-            <button 
-              onClick={() => onSelectCase(inv.id)}
-              className="bg-[#00D4AA] text-black px-3 py-1.5 rounded-lg text-[10px] font-bold uppercase tracking-wider transition-all flex items-center gap-1"
-            >
-              Open Workspace
-              <ExternalLink size={11} />
-            </button>
-            <button className="p-1.5 hover:bg-zinc-800 rounded-lg transition-colors">
-              <MoreHorizontal size={14} className="text-zinc-500" />
-            </button>
-          </div>
-        </td>
-      </tr>
-    ))}
-  </tbody>
-</table>
+        <table className="w-full">
+          <thead className="bg-zinc-900/50 border-b border-zinc-800">
+            <tr className="text-[10px] font-bold text-zinc-500 uppercase tracking-wider">
+              <th className="px-4 py-3 text-left w-8">
+                <input 
+                  type="checkbox" 
+                  className="h-4 w-4 border-2 border-zinc-700 bg-zinc-900 checked:bg-[#00D4AA] checked:border-[#00D4AA] appearance-none rounded flex items-center justify-center checked:after:content-['✓'] checked:after:text-black checked:after:text-xs"
+                  checked={selectedRows.length === MOCK_INVESTIGATIONS.length && MOCK_INVESTIGATIONS.length > 0}
+                  onChange={toggleAllRows}
+                />
+              </th>
+              <th className="px-4 py-3 text-left whitespace-nowrap">Investigation Case</th>
+              <th className="px-4 py-3 text-left whitespace-nowrap">Status</th>
+              <th className="px-4 py-3 text-left whitespace-nowrap">Priority</th>
+              <th className="px-4 py-3 text-left whitespace-nowrap">Asset / Segment</th>
+              <th className="px-4 py-3 text-left whitespace-nowrap">Assignee</th>
+              <th className="px-4 py-3 text-left whitespace-nowrap">Log Source</th>
+              <th className="px-4 py-3 text-left whitespace-nowrap">Actions</th>
+            </tr>
+          </thead>
+          <tbody className="divide-y divide-zinc-800/50">
+            {MOCK_INVESTIGATIONS.map((inv, idx) => (
+              <tr 
+                key={inv.id} 
+                className="hover:bg-zinc-900/30 transition-colors cursor-pointer group"
+              >
+                <td className="px-4 py-4">
+                  <input 
+                    type="checkbox" 
+                    className="h-4 w-4 border-2 border-zinc-700 bg-zinc-900 checked:bg-[#00D4AA] checked:border-[#00D4AA] appearance-none rounded flex items-center justify-center checked:after:content-['✓'] checked:after:text-black checked:after:text-xs"
+                    checked={selectedRows.includes(inv.id)}
+                    onChange={() => toggleRowSelection(inv.id)}
+                    onClick={(e) => e.stopPropagation()}
+                  />
+                </td>
+                <td className="px-4 py-4">
+                  <div className="space-y-0.5">
+                    <div className="text-sm font-semibold text-white group-hover:text-[#00D4AA] transition-colors whitespace-nowrap">
+                      {inv.name}
+                    </div>
+                    <div className="text-xs text-zinc-500 font-medium space-x-2 whitespace-nowrap">
+                      <span>CASE-{inv.id.slice(0, 8)}</span>
+                      <span>·</span>
+                      <span>{inv.mitreStage || 'Command & Control'}</span>
+                    </div>
+                  </div>
+                </td>
+                <td className="px-4 py-4">
+                  <span className={`inline-flex px-3 py-1 rounded border text-xs font-bold uppercase whitespace-nowrap ${getStatusColor(inv.status || 'active')}`}>
+                    {inv.status || 'Active'}
+                  </span>
+                </td>
+                <td className="px-4 py-4">
+                  <span className={`inline-flex items-center gap-1.5 px-3 py-1 rounded border text-xs font-bold uppercase whitespace-nowrap ${getPriorityColor(inv.severity)}`}>
+                    {inv.severity === 'critical' && <AlertCircle size={12} />}
+                    {inv.severity}
+                  </span>
+                </td>
+                <td className="px-4 py-4">
+                  <div className="space-y-0.5">
+                    <div className="text-sm font-semibold text-white whitespace-nowrap">
+                      {inv.segment || 'Engineering'}
+                    </div>
+                    <div className="text-xs text-zinc-500 font-medium whitespace-nowrap">
+                      {inv.assetContext?.vlan || 'eng-station-pc'}
+                    </div>
+                  </div>
+                </td>
+                <td className="px-4 py-4">
+                  <div className="flex items-center gap-2">
+                    <div className="w-6 h-6 rounded-full bg-blue-500/10 border border-blue-500/20 flex items-center justify-center flex-shrink-0">
+                      <User size={12} className="text-blue-500" />
+                    </div>
+                    <span className="text-sm text-zinc-400 whitespace-nowrap">
+                      {inv.assignedTo?.name || (idx === 0 ? 'Sarah Chen' : idx === 1 ? 'Unassigned' : 'Marcus Thorne')}
+                    </span>
+                  </div>
+                </td>
+                <td className="px-4 py-4">
+                  <div className="flex gap-1.5 flex-wrap">
+                    <span className="px-2 py-0.5 bg-blue-500/10 border border-blue-500/20 text-blue-500 rounded text-[10px] font-bold uppercase whitespace-nowrap">
+                      {idx === 0 ? 'Conn' : idx === 1 ? 'DNS' : idx === 2 ? 'Conn' : idx === 3 ? 'Files' : 'DHCP'}
+                    </span>
+                    {idx === 0 && (
+                      <span className="px-2 py-0.5 bg-blue-500/10 border border-blue-500/20 text-blue-500 rounded text-[10px] font-bold uppercase whitespace-nowrap">
+                        SSL
+                      </span>
+                    )}
+                    {idx === 2 && (
+                      <span className="px-2 py-0.5 bg-blue-500/10 border border-blue-500/20 text-blue-500 rounded text-[10px] font-bold uppercase whitespace-nowrap">
+                        DCE-RPC
+                      </span>
+                    )}
+                  </div>
+                </td>
+                <td className="px-4 py-4">
+                  <div className="flex items-center gap-2 whitespace-nowrap">
+                    <button 
+                      onClick={() => onSelectCase(inv.id)}
+                      className="bg-[#00D4AA] hover:bg-[#00c399] text-black px-6 py-2 rounded-lg text-xs font-black uppercase tracking-widest transition-all shadow-lg disabled:opacity-50 disabled:cursor-not-allowed flex items-center gap-1.5"
+                    >
+                      Open
+                      <ExternalLink size={12} />
+                    </button>
+                    <button className="p-1.5 hover:bg-zinc-800 rounded transition-colors">
+                      <MoreHorizontal size={16} className="text-zinc-500" />
+                    </button>
+                  </div>
+                </td>
+              </tr>
+            ))}
+          </tbody>
+        </table>
 
         {/* Footer */}
-        <div className="px-6 py-4 border-t border-zinc-800 bg-[#0d0d0f] flex items-center justify-between">
+        <div className="flex items-center justify-between px-4 py-3 border-t border-zinc-800 bg-zinc-900/30">
           <div className="text-xs text-zinc-500">
             Showing <span className="font-bold text-white">1-5</span> of <span className="font-bold text-white">12</span> active investigations
             {selectedRows.length > 0 && (
               <>
                 <span className="mx-2">·</span>
-                <span className="text-blue-400 font-bold">{selectedRows.length} selected</span>
+                <span className="text-[#00D4AA] font-bold">{selectedRows.length} selected</span>
               </>
             )}
           </div>
@@ -352,7 +352,7 @@ const InvestigationList: React.FC<Props> = ({ onSelectCase }) => {
               Next refresh in 45s
             </button>
             <span className="mx-2 text-zinc-700">|</span>
-            <button className="text-xs font-bold text-blue-400 hover:text-blue-300 transition-colors">
+            <button className="bg-zinc-800 hover:bg-zinc-700 text-zinc-300 px-3 py-1.5 rounded text-xs transition-colors disabled:opacity-50">
               Next
             </button>
           </div>
diff --git a/ui/dist.zip b/ui/dist.zip
deleted file mode 100644
index ddb0795..0000000
Binary files a/ui/dist.zip and /dev/null differ
diff --git a/ui/pages/AlertDetailPage.tsx b/ui/pages/AlertDetailPage.tsx
index 941a945..67e9b97 100644
--- a/ui/pages/AlertDetailPage.tsx
+++ b/ui/pages/AlertDetailPage.tsx
@@ -41,7 +41,7 @@ const NETWORK_ACTIVITY_DATA = [
   { time: '23', value: 43, alert: false },
 ];
 
-const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
+const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
   const [activeTab, setActiveTab] = useState('explanation');
   const [behaviorTab, setBehaviorTab] = useState('network');
   const [isEscalateOpen, setIsEscalateOpen] = useState(false);
@@ -68,86 +68,79 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
   };
 
   return (
-    <div className="animate-in fade-in duration-500 max-w-[1300px] mx-auto  pb-32">
+    <div className="animate-in fade-in duration-500 max-w-[1300px] mx-auto pb-48 px-4">
       {/* Top Header Row */}
       <div className="flex items-center justify-between">
         <div className="flex items-center gap-2">
-           <div className="w-2 h-2 rounded-full bg-emerald-500 animate-pulse" />
-           <span className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Network Live</span>
+          <div className="w-2 h-2 rounded-full bg-green-500 animate-pulse" />
+          <span className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Network Live</span>
         </div>
-        {/* <div className="flex items-center gap-3">
-           <button className="bg-[#161618] border border-[#1e1e20] px-4 py-1.5 rounded-lg text-[10px] font-black text-zinc-400 uppercase flex items-center gap-2">
-             Last 24 Hours <ChevronRight size={12} className="rotate-90" />
-           </button>
-        </div> */}
       </div>
 
       {/* Title Block */}
-      <div className="flex items-center justify-between  py-4">
+      <div className="flex items-center justify-between py-4">
         <div className="flex items-center gap-6">
           <button onClick={onBack} className="p-3 bg-[#161618] border border-[#1e1e20] rounded-xl text-zinc-500 hover:text-white transition-all">
             <ArrowLeft size={20} />
           </button>
           <div>
             <div className="flex items-center gap-3">
-              <h2 className="text-xl font-black text-white uppercase tracking-tight">High Entropy DNS Queries</h2>
-              <span className="px-2.5 py-0.5 rounded bg-blue-500/10 border border-blue-500/30 text-blue-400 text-[10px] font-black uppercase tracking-widest">Zeek Analyzed</span>
+              <h2 className="text-xl font-bold text-white uppercase tracking-tight">High Entropy DNS Queries</h2>
+              <span className="inline-flex px-3 py-1 rounded border bg-blue-500/10 border-blue-500/20">
+                <span className="text-xs font-bold uppercase text-blue-500">Zeek Analyzed</span>
+              </span>
             </div>
-            <p className="text-[10px] font-black text-zinc-600 uppercase tracking-widest mt-1.5">Alert ID: {id || 'ALT-001'}</p>
+            <p className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mt-1.5">Alert ID: {id || 'ALT-001'}</p>
           </div>
         </div>
         <div className="flex gap-3 relative">
-           <div className="relative">
-             <button 
-               onClick={() => setActionsDropdownOpen(!actionsDropdownOpen)}
-               className="bg-[#161618] border border-[#1e1e20] text-zinc-400 px-6 py-2 rounded-lg text-[10px] font-black uppercase tracking-widest hover:text-white transition-all flex items-center gap-2"
-             >
-               Actions <ChevronDown size={14} />
-             </button>
-             {actionsDropdownOpen && (
-               <div className="absolute right-0 top-full mt-2 w-56 bg-[#161618] border border-[#1e1e20] rounded-lg shadow-2xl z-50 overflow-hidden">
-                 <button 
-                   onClick={() => {
-                     setIsEscalateOpen(true);
-                     setActionsDropdownOpen(false);
-                   }}
-                   className="w-full px-4 py-3 text-left text-xs text-zinc-300 hover:bg-[#1e1e20] transition-colors flex items-center gap-3"
-                 >
-                   <ArrowUpRight size={14} className="text-blue-400" />
-                   Escalate Case
-                 </button>
-                 <button 
-                   onClick={() => {
-                     handleMarkFalsePositive();
-                     setActionsDropdownOpen(false);
-                   }}
-                   className="w-full px-4 py-3 text-left text-xs text-zinc-300 hover:bg-[#1e1e20] transition-colors flex items-center gap-3 border-t border-[#1e1e20]"
-                 >
-                   <AlertCircle size={14} className="text-amber-400" />
-                   Mark False Positive
-                 </button>
-                 <button 
-                   onClick={() => {
-                     console.log('Mark resolved');
-                     setActionsDropdownOpen(false);
-                   }}
-                   className="w-full px-4 py-3 text-left text-xs text-zinc-300 hover:bg-[#1e1e20] transition-colors flex items-center gap-3 border-t border-[#1e1e20]"
-                 >
-                   <CheckCircle2 size={14} className="text-emerald-400" />
-                   Mark Resolved
-                 </button>
-               </div>
-             )}
-           </div>
-           <div className="relative">
-             <button 
-               
-               className="bg-[#161618] border border-[#1e1e20] text-zinc-400 px-6 py-2 rounded-lg text-[10px] font-black uppercase tracking-widest hover:text-white transition-all flex items-center gap-2"
-             >
-               Last 24 Hours
-             </button>
-            
-           </div>
+          <div className="relative">
+            <button 
+              onClick={() => setActionsDropdownOpen(!actionsDropdownOpen)}
+              className="bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all flex items-center gap-2"
+            >
+              Actions <ChevronDown size={14} />
+            </button>
+            {actionsDropdownOpen && (
+              <div className="absolute right-0 top-full mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
+                <button 
+                  onClick={() => {
+                    setIsEscalateOpen(true);
+                    setActionsDropdownOpen(false);
+                  }}
+                  className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-3"
+                >
+                  <ArrowUpRight size={14} className="text-blue-500" />
+                  Escalate Case
+                </button>
+                <button 
+                  onClick={() => {
+                    handleMarkFalsePositive();
+                    setActionsDropdownOpen(false);
+                  }}
+                  className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-3"
+                >
+                  <AlertCircle size={14} className="text-yellow-500" />
+                  Mark False Positive
+                </button>
+                <button 
+                  onClick={() => {
+                    console.log('Mark resolved');
+                    setActionsDropdownOpen(false);
+                  }}
+                  className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-3"
+                >
+                  <CheckCircle2 size={14} className="text-green-500" />
+                  Mark Resolved
+                </button>
+              </div>
+            )}
+          </div>
+          <div className="relative">
+            <button className="bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all">
+              Last 24 Hours
+            </button>
+          </div>
         </div>
       </div>
 
@@ -158,117 +151,64 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
         <div className="lg:col-span-2 space-y-6">
           
           {/* Why This Alert Was Triggered */}
-          <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl overflow-hidden">
-  {/* Header */}
-  <div className="border-b border-[#1e1e20] px-6 py-4">
-    <div className="flex items-center gap-2">
-      <AlertTriangle size={16} className="text-amber-400" />
-      <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">
-        Why This Alert Was Triggered
-      </h3>
-    </div>
-  </div>
-
-  {/* Body */}
-  <div className="p-6">
-    <div className="grid grid-cols-1 gap-4">
-      {/* Summary */}
-      <p className="text-sm text-zinc-400 leading-relaxed">
-        This alert was triggered because the system detected
-        <span className="text-zinc-200 font-medium">
-          {" "}sustained abnormal outbound data transfer behavior
-        </span>
-        , which deviated significantly from the host’s historical baseline.
-      </p>
-
-      {/* Detection stages */}
-      <div>
-        <h4 className="text-md font-semibold text-zinc-300  tracking-wide mb-2">
-          Detection Stages
-        </h4>
-        <ul className="list-disc list-inside text-sm text-zinc-400 space-y-1">
-          <li>
-            <span className="text-zinc-200 font-medium">Anomaly detected:</span>{" "}
-            Initial abnormal outbound activity was identified compared to normal behavior.
-          </li>
-          <li>
-            <span className="text-zinc-200 font-medium">Behavior sustained:</span>{" "}
-            The abnormal behavior persisted across multiple observation intervals.
-          </li>
-          <li>
-            <span className="text-zinc-200 font-medium">Alert threshold exceeded:</span>{" "}
-            Combined signal confidence crossed the alert threshold, resulting in alert generation.
-          </li>
-        </ul>
-      </div>
-
-      {/* Key factors */}
-      <div>
-        <h4 className="text-md font-semibold text-zinc-300  tracking-wide mb-2">
-          Key Contributing Factors
-        </h4>
-        <ul className="list-disc list-inside text-sm text-zinc-400 space-y-1">
-          <li>Sustained outbound volume spike</li>
-          <li>Abnormal upload-to-download ratio</li>
-        </ul>
-      </div>
-
-      {/* Footer note */}
-      <p className="text-xs text-zinc-500 italic">
-        The activity was observed consistently over a defined time window and was not a single transient spike.
-      </p>
-    </div>
-  </div>
-</div>
-
-
-          {/* Attack Progression */}
-          {/* <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl overflow-hidden">
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
+            {/* Header */}
             <div className="border-b border-[#1e1e20] px-6 py-4">
               <div className="flex items-center gap-2">
-                <Target size={16} className="text-[#00D4AA]" />
-                <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Attack Progression</h3>
+                <AlertTriangle size={16} className="text-yellow-500" />
+                <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">
+                  Why This Alert Was Triggered
+                </h3>
               </div>
             </div>
-            
-            <div className="p-6">
-              <div className="flex items-center justify-between">
-                {[
-                  { stage: 'Initial Activity', time: '13:40', status: 'complete', color: 'cyan' },
-                  { stage: 'Suspicious Behavior', time: '13:45', status: 'complete', color: 'cyan' },
-                  { stage: 'Escalation', time: '13:48', status: 'active', color: 'red' },
-                  { stage: 'Impact', time: '13:51', status: 'pending', color: 'red' },
-                ].map((item, idx) => (
-                  <React.Fragment key={idx}>
-                    <button
-                      onClick={() => openSidebar(`stage-${idx}`)}
-                      className="flex flex-col items-center gap-2 group cursor-pointer"
-                    >
-                      <div className={`w-16 h-16 rounded-full flex items-center justify-center border-2 transition-all
-                        ${item.status === 'complete' ? `bg-${item.color}-900/20 border-${item.color}-600/40` : 
-                          item.status === 'active' ? `bg-${item.color}-900/20 border-${item.color}-500 shadow-lg shadow-${item.color}-500/20` : 
-                          'bg-zinc-900/30 border-zinc-700'}`}
-                      >
-                        {item.status === 'complete' && <CheckCircle2 size={24} className={`text-${item.color}-400`} />}
-                        {item.status === 'active' && <AlertCircle size={24} className={`text-${item.color}-400 animate-pulse`} />}
-                        {item.status === 'pending' && <Clock size={24} className="text-zinc-600" />}
-                      </div>
-                      <div className="text-center">
-                        <div className="text-[9px] font-black text-white uppercase tracking-tight">{item.stage}</div>
-                        <div className="text-[8px] text-zinc-500 font-mono">{item.time}</div>
-                      </div>
-                    </button>
-                    {idx < 3 && (
-                      <div className={`flex-1 h-0.5 ${item.status === 'complete' ? `bg-${item.color}-600/30` : 'bg-zinc-700'}`}></div>
-                    )}
-                  </React.Fragment>
-                ))}
+
+            {/* Body */}
+            <div className="p-6 space-y-4">
+              {/* Summary */}
+              <p className="text-sm text-zinc-400 leading-relaxed">
+                This alert was triggered because the system detected
+                <span className="text-white font-semibold">
+                  {" "}sustained abnormal outbound data transfer behavior
+                </span>
+                , which deviated significantly from the host's historical baseline.
+              </p>
+
+              {/* Detection stages */}
+              <div>
+                <h4 className="text-xs font-bold text-zinc-500 uppercase tracking-wide mb-2">
+                  Detection Stages
+                </h4>
+                <ul className="list-disc list-inside text-sm text-zinc-400 space-y-1">
+                  <li>
+                    <span className="text-white font-semibold">Anomaly detected:</span>{" "}
+                    Initial abnormal outbound activity was identified compared to normal behavior.
+                  </li>
+                  <li>
+                    <span className="text-white font-semibold">Behavior sustained:</span>{" "}
+                    The abnormal behavior persisted across multiple observation intervals.
+                  </li>
+                  <li>
+                    <span className="text-white font-semibold">Alert threshold exceeded:</span>{" "}
+                    Combined signal confidence crossed the alert threshold, resulting in alert generation.
+                  </li>
+                </ul>
+              </div>
+
+              {/* Key factors */}
+              <div>
+                <h4 className="text-xs font-bold text-zinc-500 uppercase tracking-wide mb-2">
+                  Key Contributing Factors
+                </h4>
+                <ul className="list-disc list-inside text-sm text-zinc-400 space-y-1">
+                  <li>Sustained outbound volume spike</li>
+                  <li>Abnormal upload-to-download ratio</li>
+                </ul>
               </div>
             </div>
-          </div> */}
+          </div>
 
           {/* Attack Timeline - Detailed Signal Observations */}
-          <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl overflow-hidden">
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
             <div className="border-b border-[#1e1e20] px-6 py-4">
               <div className="flex items-center gap-2">
                 <Clock size={16} className="text-[#00D4AA]" />
@@ -277,117 +217,119 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
             </div>
             
             <div className="p-6">
-            <div className="space-y-0">
-  {/* Timeline Item 1 */}
-  <div onClick={() => openSidebar('signal-outbound')} className="flex gap-3 cursor-pointer">
-    <div  className="flex flex-col items-center">
-      <div className="w-8 h-8 rounded-full bg-cyan-500 border-2 border-[#0f0f10] flex items-center justify-center text-xs font-black text-black z-10">
-        1
-      </div>
-      <div className="w-0.5 h-full bg-cyan-500/30 -mt-1"></div>
-    </div>
-    
-    <div className="flex-1 pb-6 max-w-2xl">
-      <div className="flex items-center gap-3 mb-2">
-        <span className="text-sm font-black text-white uppercase">Initial Activity</span>
-        <span className="text-xs text-zinc-500 font-mono">13:40</span>
-      </div>
-      
-      <div className=" rounded-lg p-1">
-        <div className="flex items-start gap-2">
-          <div className="w-2 h-2 rounded-full bg-red-500 mt-1.5 flex-shrink-0"></div>
-          <div className="flex-1">
-            <div className="text-sm font-bold text-white mb-1">Outbound Volume Spike</div>
-            <div className="text-xs text-zinc-400">The host sent significantly more data than it normally does.</div>
-          </div>
-        </div>
-      </div>
-    </div>
-  </div>
-
-  {/* Timeline Item 2 */}
-  <div onClick={() => openSidebar('signal-ratio')} className="flex gap-3 cursor-pointer">
-    <div className="flex flex-col items-center">
-      <div className="w-8 h-8 rounded-full bg-cyan-500 border-2 border-[#0f0f10] flex items-center justify-center text-xs font-black text-black z-10">
-        2
-      </div>
-      <div className="w-0.5 h-full bg-cyan-500/30 -mt-1"></div>
-    </div>
-    
-    <div className="flex-1 pb-6 max-w-2xl">
-      <div className="flex items-center gap-3 mb-2">
-        <span className="text-sm font-black text-white uppercase">Initial Activity</span>
-        <span className="text-xs text-zinc-500 font-mono">13:40</span>
-      </div>
-      
-      <div className=" rounded-lg p-1">
-        <div className="flex items-start gap-2">
-          <div className="w-2 h-2 rounded-full bg-red-500 mt-1.5 flex-shrink-0"></div>
-          <div className="flex-1">
-            <div className="text-sm font-bold text-white mb-1">Outbound Volume Spike</div>
-            <div className="text-xs text-zinc-400">The host sent significantly more data than it normally does.</div>
-          </div>
-        </div>
-      </div>
-    </div>
-  </div>
-
-  {/* Timeline Item 3 */}
-  <div className="flex gap-3">
-    <div className="flex flex-col items-center">
-      <div className="w-8 h-8 rounded-full bg-cyan-500 border-2 border-[#0f0f10] flex items-center justify-center text-xs font-black text-black z-10">
-        3
-      </div>
-      <div className="w-0.5 h-full bg-cyan-500/30 -mt-1"></div>
-    </div>
-    
-    <div className="flex-1 pb-6 max-w-2xl">
-      <div className="flex items-center gap-3 mb-2">
-        <span className="text-sm font-black text-white uppercase">Initial Activity</span>
-        <span className="text-xs text-zinc-500 font-mono">13:40</span>
-      </div>
-      
-      <div className=" rounded-lg p-1">
-        <div className="flex items-start gap-2">
-          <div className="w-2 h-2 rounded-full bg-amber-500 mt-1.5 flex-shrink-0"></div>
-          <div className="flex-1">
-            <div className="text-sm font-bold text-white mb-1">Outbound Volume Spike</div>
-          </div>
-        </div>
-      </div>
-    </div>
-  </div>
-
-  {/* Timeline Item 4 - Final */}
-  <div className="flex gap-3">
-    <div className="flex flex-col items-center">
-      <div className="w-8 h-8 rounded-full bg-emerald-500 border-2 border-[#0f0f10] flex items-center justify-center text-xs font-black text-black z-10">
-        4
-      </div>
-    </div>
-    
-    <div className="flex-1 max-w-2xl">
-      <div className="flex items-center gap-3 mb-2">
-        <span className="text-sm font-black text-white uppercase">Initial Activity</span>
-        <span className="text-xs text-zinc-500 font-mono">13:40</span>
-      </div>
-      
-      <div className=" rounded-lg p-1">
-        <div className="flex items-start gap-2">
-          <div className="w-2 h-2 rounded-full bg-emerald-500 mt-1.5 flex-shrink-0"></div>
-          <div className="flex-1">
-            <div className="text-sm font-bold text-white mb-1">Triggered Rule</div>
-          </div>
-        </div>
-      </div>
-    </div>
-  </div>
-</div>
+              <div className="space-y-0">
+                {/* Timeline Item 1 */}
+                <div onClick={() => openSidebar('signal-outbound')} className="flex gap-3 cursor-pointer hover:bg-zinc-900/30 transition-colors rounded-lg p-2 -ml-2">
+                  <div className="flex flex-col items-center">
+                    <div className="w-8 h-8 rounded-full bg-[#00D4AA] border-2 border-[#161618] flex items-center justify-center text-xs font-black text-black z-10">
+                      1
+                    </div>
+                    <div className="w-0.5 h-full bg-[#00D4AA]/30 -mt-1"></div>
+                  </div>
+                  
+                  <div className="flex-1 pb-6 max-w-2xl">
+                    <div className="flex items-center gap-3 mb-2">
+                      <span className="text-sm font-bold text-white uppercase">Initial Activity</span>
+                      <span className="text-xs text-zinc-500 ">13:40</span>
+                    </div>
+                    
+                    <div className="rounded-lg p-1">
+                      <div className="flex items-start gap-2">
+                        <div className="w-2 h-2 rounded-full bg-red-500 mt-1.5 flex-shrink-0"></div>
+                        <div className="flex-1">
+                          <div className="text-sm font-semibold text-white mb-1">Outbound Volume Spike</div>
+                          <div className="text-xs text-zinc-500 font-medium">The host sent significantly more data than it normally does.</div>
+                        </div>
+                      </div>
+                    </div>
+                  </div>
+                </div>
+
+                {/* Timeline Item 2 */}
+                <div onClick={() => openSidebar('signal-ratio')} className="flex gap-3 cursor-pointer hover:bg-zinc-900/30 transition-colors rounded-lg p-2 -ml-2">
+                  <div className="flex flex-col items-center">
+                    <div className="w-8 h-8 rounded-full bg-[#00D4AA] border-2 border-[#161618] flex items-center justify-center text-xs font-black text-black z-10">
+                      2
+                    </div>
+                    <div className="w-0.5 h-full bg-[#00D4AA]/30 -mt-1"></div>
+                  </div>
+                  
+                  <div className="flex-1 pb-6 max-w-2xl">
+                    <div className="flex items-center gap-3 mb-2">
+                      <span className="text-sm font-bold text-white uppercase">Suspicious Behavior</span>
+                      <span className="text-xs text-zinc-500 ">13:45</span>
+                    </div>
+                    
+                    <div className="rounded-lg p-1">
+                      <div className="flex items-start gap-2">
+                        <div className="w-2 h-2 rounded-full bg-red-500 mt-1.5 flex-shrink-0"></div>
+                        <div className="flex-1">
+                          <div className="text-sm font-semibold text-white mb-1">Upload/Download Ratio Shift</div>
+                          <div className="text-xs text-zinc-500 font-medium">Unusual upload pattern detected compared to downloads.</div>
+                        </div>
+                      </div>
+                    </div>
+                  </div>
+                </div>
+
+                {/* Timeline Item 3 */}
+                <div className="flex gap-3 hover:bg-zinc-900/30 transition-colors rounded-lg p-2 -ml-2">
+                  <div className="flex flex-col items-center">
+                    <div className="w-8 h-8 rounded-full bg-[#00D4AA] border-2 border-[#161618] flex items-center justify-center text-xs font-black text-black z-10">
+                      3
+                    </div>
+                    <div className="w-0.5 h-full bg-[#00D4AA]/30 -mt-1"></div>
+                  </div>
+                  
+                  <div className="flex-1 pb-6 max-w-2xl">
+                    <div className="flex items-center gap-3 mb-2">
+                      <span className="text-sm font-bold text-white uppercase">Escalation</span>
+                      <span className="text-xs text-zinc-500 ">13:48</span>
+                    </div>
+                    
+                    <div className="rounded-lg p-1">
+                      <div className="flex items-start gap-2">
+                        <div className="w-2 h-2 rounded-full bg-yellow-500 mt-1.5 flex-shrink-0"></div>
+                        <div className="flex-1">
+                          <div className="text-sm font-semibold text-white mb-1">Sustained Activity Pattern</div>
+                          <div className="text-xs text-zinc-500 font-medium">Behavior persisted beyond normal threshold.</div>
+                        </div>
+                      </div>
+                    </div>
+                  </div>
+                </div>
+
+                {/* Timeline Item 4 - Final */}
+                <div className="flex gap-3 hover:bg-zinc-900/30 transition-colors rounded-lg p-2 -ml-2">
+                  <div className="flex flex-col items-center">
+                    <div className="w-8 h-8 rounded-full bg-green-500 border-2 border-[#161618] flex items-center justify-center text-xs font-black text-black z-10">
+                      4
+                    </div>
+                  </div>
+                  
+                  <div className="flex-1 max-w-2xl">
+                    <div className="flex items-center gap-3 mb-2">
+                      <span className="text-sm font-bold text-white uppercase">Alert Generated</span>
+                      <span className="text-xs text-zinc-500 ">13:51</span>
+                    </div>
+                    
+                    <div className="rounded-lg p-1">
+                      <div className="flex items-start gap-2">
+                        <div className="w-2 h-2 rounded-full bg-green-500 mt-1.5 flex-shrink-0"></div>
+                        <div className="flex-1">
+                          <div className="text-sm font-semibold text-white mb-1">Alert Threshold Triggered</div>
+                          <div className="text-xs text-zinc-500 font-medium">Combined signals exceeded detection threshold.</div>
+                        </div>
+                      </div>
+                    </div>
+                  </div>
+                </div>
+              </div>
             </div>
           </div>
 
           {/* Observed Network Behavior - With Two Tabs */}
-          <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl overflow-hidden">
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
             <div className="border-b border-[#1e1e20] px-6 py-4">
               <div className="flex items-center gap-2">
                 <BarChart2 size={16} className="text-[#00D4AA]" />
@@ -400,17 +342,17 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
                 onClick={() => setBehaviorTab('network')}
                 className={`flex-1 px-6 py-3 text-[10px] font-black uppercase tracking-widest transition-all
                   ${behaviorTab === 'network' 
-                    ? 'bg-[#00D4AA10] text-[#00D4AA] border-b-2 border-[#00D4AA10]' 
-                    : 'text-zinc-500 hover:text-zinc-300 hover:bg-[#00D4AA10]'}`}
+                    ? 'bg-[#00D4AA]/10 text-[#00D4AA] border-b-2 border-[#00D4AA]' 
+                    : 'text-zinc-500 hover:text-zinc-300 hover:bg-zinc-900/30'}`}
               >
-                Observed Network Behavior
+                Network Activity
               </button>
               <button
                 onClick={() => setBehaviorTab('data')}
                 className={`flex-1 px-6 py-3 text-[10px] font-black uppercase tracking-widest transition-all
                   ${behaviorTab === 'data' 
-                    ? 'bg-[#00D4AA10] text-[#00D4AA] border-b-2 border-[#00D4AA10]' 
-                    : 'text-zinc-500 hover:text-zinc-300 hover:bg-[#00D4AA10]'}`}
+                    ? 'bg-[#00D4AA]/10 text-[#00D4AA] border-b-2 border-[#00D4AA]' 
+                    : 'text-zinc-500 hover:text-zinc-300 hover:bg-zinc-900/30'}`}
               >
                 Associated Data
               </button>
@@ -420,42 +362,42 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
               {behaviorTab === 'network' && (
                 <div className="space-y-4 animate-in fade-in duration-300">
                   <div className="flex items-center justify-between text-xs">
-                    <span className="text-zinc-500 uppercase tracking-widest font-black text-[9px]">Total Data</span>
+                    <span className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Total Data</span>
                     <div className="flex items-center gap-4">
                       <div className="flex items-center gap-2">
-                        <div className="w-3 h-3 rounded bg-cyan-500"></div>
-                        <span className="text-white font-bold">2.6 GB</span>
+                        <div className="w-3 h-3 rounded bg-[#00D4AA]"></div>
+                        <span className="text-sm font-semibold text-white">2.6 GB</span>
                       </div>
                       <div className="flex items-center gap-2">
                         <div className="w-3 h-3 rounded bg-zinc-700"></div>
-                        <span className="text-zinc-400">12.1</span>
+                        <span className="text-sm text-zinc-400">12.1</span>
                       </div>
                       <div className="flex items-center gap-2">
                         <div className="w-3 h-3 rounded bg-zinc-700"></div>
-                        <span className="text-zinc-400">45 Mbps</span>
+                        <span className="text-sm text-zinc-400">45 Mbps</span>
                       </div>
                     </div>
                   </div>
 
-                  <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4">
+                  <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4">
                     <ResponsiveContainer width="100%" height={200}>
                       <LineChart data={NETWORK_ACTIVITY_DATA}>
-                        <CartesianGrid strokeDasharray="3 3" stroke="#1e293b" vertical={false} />
+                        <CartesianGrid strokeDasharray="3 3" stroke="#1e1e20" vertical={false} />
                         <XAxis 
                           dataKey="time" 
                           axisLine={false} 
                           tickLine={false} 
-                          tick={{fill: '#475569', fontSize: 9}} 
+                          tick={{fill: '#71717a', fontSize: 10}} 
                         />
                         <YAxis 
                           axisLine={false} 
                           tickLine={false} 
-                          tick={{fill: '#475569', fontSize: 9}} 
+                          tick={{fill: '#71717a', fontSize: 10}} 
                         />
                         <Tooltip 
                           contentStyle={{
-                            backgroundColor: '#0f0f10', 
-                            border: '1px solid #164e63', 
+                            backgroundColor: '#0a0a0b', 
+                            border: '1px solid #1e1e20', 
                             borderRadius: '8px', 
                             fontSize: '10px'
                           }} 
@@ -463,7 +405,7 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
                         <Line 
                           type="monotone" 
                           dataKey="value" 
-                          stroke="#22d3ee"
+                          stroke="#00D4AA"
                           strokeWidth={2}
                           dot={false}
                         />
@@ -471,7 +413,7 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
                     </ResponsiveContainer>
                   </div>
 
-                  <p className="text-xs text-zinc-500 italic mt-4">
+                  <p className="text-xs text-zinc-500 font-medium italic mt-4">
                     Network traffic shifted from normal download behavior to sustained outbound data transfer.
                   </p>
                 </div>
@@ -479,28 +421,36 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
 
               {behaviorTab === 'data' && (
                 <div className="space-y-3 animate-in fade-in duration-300">
-                  <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg overflow-hidden">
-                    <table className="w-full text-left">
-                      <thead className="bg-cyan-900/10 border-b border-[#1e1e20]">
-                        <tr className="text-[9px] font-black text-zinc-500 uppercase tracking-wider">
-                          <th className="px-4 py-3">Timestamp</th>
-                          <th className="px-4 py-3">Protocol</th>
-                          <th className="px-4 py-3">Bytes Sent</th>
-                          <th className="px-4 py-3">Destination</th>
+                  <div className="bg-[#0a0a0b] border border-zinc-800/50 rounded-lg overflow-hidden">
+                    <table className="w-full">
+                      <thead className="bg-zinc-900/50 border-b border-zinc-800">
+                        <tr className="text-[10px] font-bold text-zinc-500 uppercase tracking-wider">
+                          <th className="px-4 py-3 text-left">Timestamp</th>
+                          <th className="px-4 py-3 text-left">Protocol</th>
+                          <th className="px-4 py-3 text-left">Bytes Sent</th>
+                          <th className="px-4 py-3 text-left">Destination</th>
                         </tr>
                       </thead>
-                      <tbody className="divide-y divide-cyan-900/10 text-xs font-mono">
+                      <tbody className="divide-y divide-zinc-800/50">
                         {[
                           { ts: '13:40:15', proto: 'HTTPS', bytes: '524 KB', dest: '185.12.45.23' },
                           { ts: '13:42:33', proto: 'HTTPS', bytes: '892 KB', dest: '185.12.45.23' },
                           { ts: '13:45:12', proto: 'HTTPS', bytes: '1.2 MB', dest: '185.12.45.23' },
                           { ts: '13:48:45', proto: 'HTTPS', bytes: '1.5 MB', dest: '185.12.45.23' },
                         ].map((row, i) => (
-                          <tr key={i} className="hover:bg-[#00D4AA10] transition-colors">
-                            <td className="px-4 py-3 text-zinc-400">{row.ts}</td>
-                            <td className="px-4 py-3 text-[#00D4AA]">{row.proto}</td>
-                            <td className="px-4 py-3 text-zinc-300">{row.bytes}</td>
-                            <td className="px-4 py-3 text-zinc-400">{row.dest}</td>
+                          <tr key={i} className="hover:bg-zinc-900/30 transition-colors cursor-pointer">
+                            <td className="px-4 py-4">
+                              <span className="text-xs  text-zinc-400">{row.ts}</span>
+                            </td>
+                            <td className="px-4 py-4">
+                              <span className="text-xs  text-[#00D4AA]">{row.proto}</span>
+                            </td>
+                            <td className="px-4 py-4">
+                              <span className="text-sm font-semibold text-white">{row.bytes}</span>
+                            </td>
+                            <td className="px-4 py-4">
+                              <span className="text-xs  text-zinc-400">{row.dest}</span>
+                            </td>
                           </tr>
                         ))}
                       </tbody>
@@ -516,7 +466,7 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
         <div className="space-y-6">
           
           {/* Affected Systems and Destinations */}
-          <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl overflow-hidden">
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
             <div className="border-b border-[#1e1e20] px-6 py-4">
               <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Affected Systems and Destinations</h3>
             </div>
@@ -525,39 +475,39 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
               {/* Source System */}
               <button 
                 onClick={() => openSidebar('source')}
-                className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4 hover:border-cyan-600/40 transition-all text-left"
+                className="w-full bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 hover:border-[#00D4AA] transition-all text-left"
               >
                 <div className="flex items-center gap-3 mb-2">
                   <Server size={16} className="text-[#00D4AA]" />
                   <div className="flex-1">
-                    <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Source System: WS-FINAN...</div>
-                    <div className="text-xs font-mono text-white mt-1">192.168.1.45</div>
+                    <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">Source System: WS-FINAN...</div>
+                    <div className="text-xs  text-white mt-1">192.168.1.45</div>
                   </div>
                   <ChevronRight size={16} className="text-zinc-500" />
                 </div>
                 <div className="flex items-center gap-2 mt-2">
-                  <span className="px-2 py-0.5 bg-emerald-600/20 border border-emerald-600/30 text-emerald-400 text-[8px] font-black uppercase tracking-widest rounded">
+                  <span className="px-2 py-0.5 bg-green-500/10 border border-green-500/20 text-green-500 rounded text-[10px] font-bold uppercase">
                     Critical Asset
                   </span>
-                  <span className="text-[8px] text-zinc-500">VLAN: 10</span>
+                  <span className="text-xs text-zinc-500 font-medium">VLAN: 10</span>
                 </div>
               </button>
 
               {/* Internal Systems */}
               <button 
                 onClick={() => openSidebar('internal')}
-                className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4 hover:border-cyan-600/40 transition-all text-left"
+                className="w-full bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 hover:border-[#00D4AA] transition-all text-left"
               >
                 <div className="flex items-center gap-3 mb-2">
-                  <Server size={16} className="text-blue-400" />
+                  <Server size={16} className="text-blue-500" />
                   <div className="flex-1">
-                    <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Internal systems involved: 35</div>
+                    <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">Internal systems involved: 35</div>
                     <div className="text-xs text-white mt-1">FVLAN</div>
                   </div>
                   <ChevronRight size={16} className="text-zinc-500" />
                 </div>
                 <div className="flex items-center gap-2 mt-2">
-                  <span className="px-2 py-0.5 bg-blue-600/20 border border-blue-600/30 text-blue-400 text-[8px] font-black uppercase tracking-widest rounded">
+                  <span className="px-2 py-0.5 bg-blue-500/10 border border-blue-500/20 text-blue-500 rounded text-[10px] font-bold uppercase">
                     File Server
                   </span>
                 </div>
@@ -566,18 +516,18 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
               {/* External Destination */}
               <button 
                 onClick={() => openSidebar('external')}
-                className="w-full bg-zinc-900/30 border border-red-900/20 rounded-lg p-4 hover:border-red-600/40 transition-all text-left"
+                className="w-full bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 hover:border-red-500/40 transition-all text-left"
               >
                 <div className="flex items-center gap-3 mb-2">
-                  <Globe size={16} className="text-red-400" />
+                  <Globe size={16} className="text-red-500" />
                   <div className="flex-1">
-                    <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">External destinations: 3 un...</div>
+                    <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">External destinations: 3 un...</div>
                     <div className="text-xs text-white mt-1">DESTINATION</div>
                   </div>
                   <ChevronRight size={16} className="text-zinc-500" />
                 </div>
                 <div className="flex items-center gap-2 mt-2">
-                  <span className="px-2 py-0.5 bg-red-600/20 border border-red-600/30 text-red-400 text-[8px] font-black uppercase tracking-widest rounded">
+                  <span className="px-2 py-0.5 bg-red-500/10 border border-red-500/20 text-red-500 rounded text-[10px] font-bold uppercase">
                     External (IP)
                   </span>
                 </div>
@@ -586,7 +536,7 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
           </div>
 
           {/* What Should I Check Next */}
-          <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl overflow-hidden">
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
             <div className="border-b border-[#1e1e20] px-6 py-4">
               <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">What Should I Check Next?</h3>
             </div>
@@ -598,25 +548,25 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
                 'Monitor external connections for continued activity.',
               ].map((item, idx) => (
                 <div key={idx} className="flex gap-3 items-start">
-                  <div className="mt-1 flex-shrink-0 w-5 h-5 rounded-full bg-cyan-900/30 border border-cyan-600/40 flex items-center justify-center text-[#00D4AA] text-[10px] font-black">
+                  <div className="mt-1 flex-shrink-0 w-5 h-5 rounded-full bg-[#00D4AA]/20 border border-[#00D4AA]/40 flex items-center justify-center text-[#00D4AA] text-[10px] font-black">
                     {idx + 1}
                   </div>
-                  <p className="text-xs text-zinc-400 leading-relaxed">{item}</p>
+                  <p className="text-sm text-zinc-400 leading-relaxed">{item}</p>
                 </div>
               ))}
             </div>
           </div>
 
           {/* Threat Classification */}
-          <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl overflow-hidden">
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
             <div className="border-b border-[#1e1e20] px-6 py-4">
               <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Threat Classification</h3>
             </div>
             
-            <div className="p-6">
-              <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-2">Mitre Attack</div>
-              <div className="text-sm text-white font-bold mb-1">TA0010 - Exfiltration</div>
-              <p className="text-xs text-zinc-400">
+            <div className="p-6 space-y-3">
+              <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">Mitre Attack</div>
+              <div className="text-sm font-semibold text-white">TA0010 - Exfiltration</div>
+              <p className="text-sm text-zinc-400 leading-relaxed">
                 Adversary is attempting to steal data from your network.
               </p>
             </div>
@@ -631,13 +581,13 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
           onClick={closeSidebar}
         >
           <div 
-            className="absolute right-0 top-0 h-full w-full max-w-2xl bg-[#0c0c0e] border-l border-[#1e1e20] shadow-2xl animate-in slide-in-from-right duration-300"
+            className="absolute right-0 top-0 h-full w-full max-w-2xl bg-black border-l border-[#1e1e20] shadow-2xl animate-in slide-in-from-right duration-300"
             onClick={(e) => e.stopPropagation()}
           >
             <div className="flex flex-col h-full">
               {/* Sidebar Header */}
-              <div className="border-b border-[#1e1e20] px-6 py-4 flex items-center justify-between">
-                <h3 className="text-lg font-black text-white uppercase tracking-tight">
+              <div className="border-b border-[#1e1e20] px-6 py-4 flex items-center justify-between bg-[#161618]">
+                <h3 className="text-xl font-bold text-white uppercase tracking-tight">
                   {(sidebarOpen === 'signal-outbound' || sidebarOpen === 'signal-ratio') && 'Signal Detail: ' + (sidebarOpen === 'signal-outbound' ? 'Outbound Volume Spike' : 'Upload/Download Ratio Shift')}
                   {sidebarOpen === 'source' && 'Source System Details'}
                   {sidebarOpen === 'internal' && 'Internal Systems'}
@@ -651,14 +601,14 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
                 </h3>
                 <button 
                   onClick={closeSidebar}
-                  className="p-2 hover:bg-[#161618] rounded-lg transition-colors"
+                  className="p-1.5 hover:bg-zinc-800 rounded transition-colors"
                 >
                   <X size={20} className="text-zinc-500" />
                 </button>
               </div>
 
               {/* Sidebar Content */}
-              <div className="flex-1 overflow-y-auto">
+              <div className="flex-1 overflow-y-auto bg-black">
                 {/* Signal Detail Tabs */}
                 {(sidebarOpen === 'signal-outbound' || sidebarOpen === 'signal-ratio') && (
                   <>
@@ -673,8 +623,8 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
                           onClick={() => setActiveTab(tab.id)}
                           className={`flex-1 px-6 py-3 text-[10px] font-black uppercase tracking-widest transition-all
                             ${activeTab === tab.id 
-                              ? 'bg-[#00D4AA10] text-[#00D4AA] border-b-2 border-[#00D4AA10]' 
-                              : 'text-zinc-500 hover:text-zinc-300 hover:bg-[#00D4AA10]'}`}
+                              ? 'bg-[#00D4AA]/10 text-[#00D4AA] border-b-2 border-[#00D4AA]' 
+                              : 'text-zinc-500 hover:text-zinc-300 hover:bg-zinc-900/30'}`}
                         >
                           {tab.label}
                         </button>
@@ -684,15 +634,15 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
                     <div className="p-6">
                       {activeTab === 'explanation' && (
                         <div className="space-y-4 animate-in fade-in duration-300">
-                          <div className="bg-cyan-900/10 border border-cyan-600/30 rounded-lg p-4">
-                            <p className="text-sm text-cyan-100 italic leading-relaxed">
+                          <div className="bg-[#00D4AA]/10 border border-[#00D4AA]/30 rounded-lg p-4">
+                            <p className="text-sm text-white italic leading-relaxed">
                               {sidebarOpen === 'signal-outbound' 
                                 ? '"This signal indicates that the observed network behavior deviated significantly from what is normally expected for this system over a sustained period."'
                                 : '"The host uploaded much more data than it downloaded, which is unusual for typical network behavior."'
                               }
                             </p>
                           </div>
-                          <p className="text-xs text-zinc-400 leading-relaxed">
+                          <p className="text-sm text-zinc-400 leading-relaxed">
                             {sidebarOpen === 'signal-outbound'
                               ? 'This signal indicates that the observed network behavior deviated significantly from what is normally expected for this system over a sustained period.'
                               : 'This pattern often indicates data exfiltration where an attacker is uploading stolen data to an external server while minimizing downloads to avoid detection.'
@@ -705,7 +655,7 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
                         <div className="space-y-4 animate-in fade-in duration-300">
                           <div>
                             <h4 className="text-[10px] font-black text-[#00D4AA] uppercase tracking-widest mb-3">What was monitored:</h4>
-                            <ul className="space-y-2 text-xs text-zinc-300">
+                            <ul className="space-y-2 text-sm text-zinc-400">
                               {sidebarOpen === 'signal-outbound' ? (
                                 <>
                                   <li className="flex items-start gap-2">
@@ -742,7 +692,7 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
 
                           <div className="pt-4 border-t border-[#1e1e20]">
                             <h4 className="text-[10px] font-black text-[#00D4AA] uppercase tracking-widest mb-3">When it is considered suspicious:</h4>
-                            <ul className="space-y-2 text-xs text-zinc-300">
+                            <ul className="space-y-2 text-sm text-zinc-400">
                               {sidebarOpen === 'signal-outbound' ? (
                                 <>
                                   <li className="flex items-start gap-2">
@@ -771,7 +721,7 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
 
                           <div className="pt-4 border-t border-[#1e1e20]">
                             <h4 className="text-[10px] font-black text-[#00D4AA] uppercase tracking-widest mb-3">Why this matters:</h4>
-                            <p className="text-xs text-zinc-300">
+                            <p className="text-sm text-zinc-400">
                               {sidebarOpen === 'signal-outbound'
                                 ? 'This pattern is commonly associated with unauthorized data transfer or exfiltration.'
                                 : 'Unusual upload patterns often indicate data theft where attackers extract sensitive information to external servers.'
@@ -784,10 +734,10 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
                       {activeTab === 'evidence' && (
                         <div className="space-y-3 animate-in fade-in duration-300">
                           <div className="flex items-center justify-between mb-4">
-                            <div className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">
+                            <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">
                               Time Window
                             </div>
-                            <div className="text-sm font-mono text-white">13:40 - 13:58</div>
+                            <div className="text-xs  text-white">13:40 - 13:58</div>
                           </div>
 
                           <div className="space-y-2">
@@ -795,12 +745,12 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
                             
                             <button 
                               onClick={() => setSidebarOpen('evidence1')}
-                              className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4 text-left hover:border-cyan-600/40 transition-all"
+                              className="w-full bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 text-left hover:border-[#00D4AA] transition-all"
                             >
                               <div className="flex items-center gap-3">
                                 <FileText size={16} className="text-[#00D4AA]" />
                                 <div className="flex-1">
-                                  <div className="text-xs font-mono text-white">HTTP_105 - UID: C934228</div>
+                                  <div className="text-xs  text-white">HTTP_105 - UID: C934228</div>
                                 </div>
                                 <ChevronRight size={16} className="text-zinc-500" />
                               </div>
@@ -808,12 +758,12 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
 
                             <button 
                               onClick={() => setSidebarOpen('evidence2')}
-                              className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4 text-left hover:border-cyan-600/40 transition-all"
+                              className="w-full bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 text-left hover:border-[#00D4AA] transition-all"
                             >
                               <div className="flex items-center gap-3">
                                 <FileText size={16} className="text-[#00D4AA]" />
                                 <div className="flex-1">
-                                  <div className="text-xs font-mono text-white">HTTP_105 - UID: C8442594</div>
+                                  <div className="text-xs  text-white">HTTP_105 - UID: C8442594</div>
                                 </div>
                                 <ChevronRight size={16} className="text-zinc-500" />
                               </div>
@@ -825,47 +775,48 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
                   </>
                 )}
 
-                {/* Other sidebar content */}
+                {/* Source System Details */}
                 {sidebarOpen === 'source' && (
                   <div className="p-6">
-                    <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl p-6">
-                      <div className="flex items-center gap-4 mb-6">
-                        <div className="p-3 bg-[#00D4AA10] border border-cyan-600/30 rounded-lg">
+                    <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-6 space-y-6 shadow-sm">
+                      <div className="flex items-center gap-4">
+                        <div className="p-3 bg-[#00D4AA]/10 border border-[#00D4AA]/30 rounded-lg">
                           <Server size={32} className="text-[#00D4AA]" />
                         </div>
                         <div>
-                          <div className="text-xl font-black text-white uppercase">WS-FINAN-01</div>
-                          <div className="text-sm text-[#00D4AA] font-mono mt-1">192.168.1.45</div>
+                          <div className="text-xl font-bold text-white uppercase tracking-tight">WS-FINAN-01</div>
+                          <div className="text-xs  text-[#00D4AA] mt-1">192.168.1.45</div>
                         </div>
                       </div>
                       
                       <div className="space-y-4 pt-4 border-t border-[#1e1e20]">
                         <div>
-                          <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-2">VLAN</div>
-                          <div className="text-sm text-white">FINANCE-VLAN (VLAN 10)</div>
+                          <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">VLAN</div>
+                          <div className="text-sm font-semibold text-white">FINANCE-VLAN (VLAN 10)</div>
                         </div>
                         <div>
-                          <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-2">Asset Classification</div>
-                          <span className="px-3 py-1 bg-emerald-600/20 border border-emerald-600/30 text-emerald-400 text-xs font-bold uppercase rounded">
+                          <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">Asset Classification</div>
+                          <span className="px-2 py-0.5 bg-green-500/10 border border-green-500/20 text-green-500 rounded text-[10px] font-bold uppercase">
                             Critical Asset
                           </span>
                         </div>
                         <div>
-                          <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-2">Last Seen</div>
-                          <div className="text-sm text-white">2026-01-27 13:58:34 UTC</div>
+                          <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">Last Seen</div>
+                          <div className="text-sm font-semibold text-white">2026-01-27 13:58:34 UTC</div>
                         </div>
                       </div>
                     </div>
                   </div>
                 )}
 
+                {/* Attack Stage Details */}
                 {sidebarOpen.startsWith('stage-') && (
                   <div className="p-6 space-y-6">
                     {/* What Happened in This Stage */}
                     <div>
                       <div className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-3">What Happened in This Stage</div>
-                      <div className="bg-cyan-900/10 border border-cyan-600/30 rounded-lg p-4">
-                        <p className="text-sm text-cyan-100 italic leading-relaxed">
+                      <div className="bg-[#00D4AA]/10 border border-[#00D4AA]/30 rounded-lg p-4">
+                        <p className="text-sm text-white italic leading-relaxed">
                           "Internal exploration activity targeting sensitive systems was observed."
                         </p>
                       </div>
@@ -874,12 +825,12 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
                     {/* Signals Involved in This Stage */}
                     <div>
                       <div className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-3">Signals Involved in This Stage</div>
-                      <button className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4 hover:border-cyan-600/40 transition-all text-left flex items-center justify-between">
+                      <button className="w-full bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 hover:border-[#00D4AA] transition-all text-left flex items-center justify-between">
                         <div className="flex items-center gap-3">
-                          <div className="w-8 h-8 rounded bg-amber-900/20 border border-amber-600/30 flex items-center justify-center">
-                            <AlertTriangle size={16} className="text-amber-400" />
+                          <div className="w-8 h-8 rounded bg-yellow-500/10 border border-yellow-500/20 flex items-center justify-center">
+                            <AlertTriangle size={16} className="text-yellow-500" />
                           </div>
-                          <span className="text-sm text-white font-bold">SIG_DR_EXAM</span>
+                          <span className="text-sm font-semibold text-white">SIG_DR_EXAM</span>
                         </div>
                         <ChevronRight size={16} className="text-zinc-500" />
                       </button>
@@ -889,13 +840,13 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
                     <div>
                       <div className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-3">Evidence Summary</div>
                       <div className="grid grid-cols-2 gap-4">
-                        <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4">
-                          <div className="text-[9px] text-zinc-500 uppercase tracking-widest mb-2">Time Window</div>
-                          <div className="text-base font-black text-white">13:58 UTC</div>
+                        <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4">
+                          <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">Time Window</div>
+                          <div className="text-sm font-semibold text-white">13:58 UTC</div>
                         </div>
-                        <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4">
-                          <div className="text-[9px] text-zinc-500 uppercase tracking-widest mb-2">Affected Systems</div>
-                          <div className="text-base font-black text-white">Affected system(s) and associated network logs</div>
+                        <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4">
+                          <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">Affected Systems</div>
+                          <div className="text-xs text-white">Multiple systems</div>
                         </div>
                       </div>
                     </div>
@@ -903,7 +854,7 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
                     {/* Why This Stage Matters */}
                     <div>
                       <div className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-3">Why This Stage Matters</div>
-                      <p className="text-xs text-zinc-400 leading-relaxed italic">
+                      <p className="text-sm text-zinc-400 leading-relaxed italic">
                         "Activity in this stage is often observed before escalation or data loss."
                       </p>
                     </div>
@@ -925,7 +876,7 @@ const AlertDetailPage: React.FC<Props> = ({ id, onBack }) => {
           setIsEscalateOpen(false);
         }}
       />
-    </div>
+    </div> 
   );
 };
 
diff --git a/ui/pages/AlertPage.tsx b/ui/pages/AlertPage.tsx
index b4fa816..1dfde01 100644
--- a/ui/pages/AlertPage.tsx
+++ b/ui/pages/AlertPage.tsx
@@ -11,7 +11,7 @@ import {
   AreaChart, Area, XAxis, YAxis, CartesianGrid, Tooltip, ResponsiveContainer, Line
 } from 'recharts';
 import { MOCK_ALERTS } from '../constants/mockData/detections';
-import AlertDetailPage from './AlertDetailPage'; 
+import DetectionDetailPage from './DetectionDetailPage';
 import AlertCard from '../components/detections/AlertCard';
 import { Severity } from '../types';
 
@@ -40,8 +40,6 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
 
   useEffect(() => { setView(defaultView); }, [defaultView]);
 
-  
-
   // Close dropdowns when clicking outside
   useEffect(() => {
     const handleClickOutside = (e: MouseEvent) => {
@@ -141,7 +139,7 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
       case 'medium':
         return 'text-yellow-500';
       default:
-        return 'text-zinc-500';
+        return 'text-blue-500';
     }
   };
 
@@ -154,57 +152,57 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
       case 'medium':
         return 'bg-yellow-500/10 border-yellow-500/20';
       default:
-        return 'bg-zinc-500/10 border-zinc-500/20';
+        return 'bg-blue-500/10 border-blue-500/20';
     }
   };
 
   const renderFilterHeader = () => (
     <div className="space-y-4 mb-6">
-      {/* Search Bar */}
+      {/* Search Bar - STANDARDIZED */}
       <div className="relative">
-  <Search 
-    size={18}
-    className="absolute left-4 top-1/2 -translate-y-1/2 text-zinc-400 z-10 pointer-events-none"
-  />
-
-  <input 
-    type="text"
-    placeholder="IP, Host, or Rule Name..."
-    className="w-full bg-zinc-900/60 backdrop-blur-md border border-white/10 rounded-lg pl-12 pr-6 py-3 text-sm text-zinc-200 outline-none focus:border-[#00D4AA] transition-all placeholder:text-zinc-500"
-    value={searchTerm}
-    onChange={(e) => setSearchTerm(e.target.value)}
-  />
-</div>
-
-      {/* Filter Dropdowns Bar */}
+        <Search 
+          size={18}
+          className="absolute left-4 top-1/2 -translate-y-1/2 text-zinc-400 z-10 pointer-events-none"
+        />
+        <input 
+          type="text"
+          placeholder="IP, Host, or Rule Name..."
+          className="w-full bg-zinc-900/60 backdrop-blur-md border border-white/10 rounded-lg pl-12 pr-6 py-3 text-sm text-zinc-200 outline-none focus:border-[#00D4AA] transition-all placeholder:text-zinc-500"
+          value={searchTerm}
+          onChange={(e) => setSearchTerm(e.target.value)}
+        />
+      </div>
+
+      {/* Filter Dropdowns Bar - STANDARDIZED */}
       <div className="flex items-center gap-3 flex-wrap">
+        {/* Advanced Filter Button - STANDARDIZED */}
         <button 
           onClick={() => setShowAdvancedFilter(!showAdvancedFilter)}
-          className="flex items-center gap-2 bg-[#00D4AA]  text-black px-4 py-2 rounded-lg text-xs font-semibold transition-colors"
+          className="bg-[#00D4AA] hover:bg-[#00c399] text-black px-6 py-2 rounded-lg text-xs font-black uppercase tracking-widest transition-all shadow-lg"
         >
-          <FilterIcon size={14} />
-          Advanced Filter
+          <FilterIcon size={14} className="inline mr-2" />
+          Advanced Filter 
         </button>
 
-        {/* Severity Dropdown */}
+        {/* Severity Dropdown - STANDARDIZED */}
         <div className="relative dropdown-container">
           <button 
             onClick={() => setOpenDropdown(openDropdown === 'severity' ? null : 'severity')}
-            className="flex items-center gap-2 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
+            className="flex items-center gap-2 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
           >
             <ShieldAlert size={14} className="text-red-500" />
             Severity: {severities.length === 3 ? 'All' : severities.length === 0 ? 'None' : severities.join(', ')}
             <ChevronDown size={14} className={`transition-transform ${openDropdown === 'severity' ? 'rotate-180' : ''}`} />
           </button>
           {openDropdown === 'severity' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
               {(['critical', 'high', 'medium'] as Severity[]).map(sev => (
                 <label key={sev} className="flex items-center gap-3 px-4 py-2.5 hover:bg-zinc-900 cursor-pointer transition-colors">
                   <input 
                     type="checkbox" 
                     checked={severities.includes(sev)}
                     onChange={() => toggleSeverity(sev)}
-                    className="rounded border-zinc-700 text-blue-600 focus:ring-0"
+                    className="h-4 w-4 border-2 border-zinc-700 bg-zinc-900 checked:bg-[#00D4AA] checked:border-[#00D4AA] appearance-none rounded flex items-center justify-center checked:after:content-['✓'] checked:after:text-black checked:after:text-xs"
                   />
                   <span className="text-sm text-zinc-300 capitalize">{sev}</span>
                 </label>
@@ -213,18 +211,18 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           )}
         </div>
 
-        {/* Asset Group Dropdown */}
+        {/* Asset Group Dropdown - STANDARDIZED */}
         <div className="relative dropdown-container">
           <button 
             onClick={() => setOpenDropdown(openDropdown === 'asset' ? null : 'asset')}
-            className="flex items-center gap-2 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
+            className="flex items-center gap-2 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
           >
-            <Monitor size={14} className="text-blue-500" />
+            <Monitor size={14} className="text-zinc-400" />
             Asset Group
             <ChevronDown size={14} className={`transition-transform ${openDropdown === 'asset' ? 'rotate-180' : ''}`} />
           </button>
           {openDropdown === 'asset' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
               {['all', 'User VLAN', 'Server VLAN', 'DMZ', 'Management'].map(group => (
                 <button 
                   key={group}
@@ -241,18 +239,18 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           )}
         </div>
 
-        {/* MITRE Tactic Dropdown */}
+        {/* MITRE Tactic Dropdown - STANDARDIZED (removed purple icon) */}
         <div className="relative dropdown-container">
           <button 
             onClick={() => setOpenDropdown(openDropdown === 'mitre' ? null : 'mitre')}
-            className="flex items-center gap-2 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
+            className="flex items-center gap-2 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
           >
-            <Target size={14} className="text-purple-500" />
+            <Target size={14} className="text-zinc-400" />
             MITRE Tactic
             <ChevronDown size={14} className={`transition-transform ${openDropdown === 'mitre' ? 'rotate-180' : ''}`} />
           </button>
           {openDropdown === 'mitre' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[220px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[220px] z-50 py-2">
               {['all', 'Command & Control', 'Lateral Movement', 'Exfiltration', 'Defense Evasion', 'Credential Access'].map(tactic => (
                 <button 
                   key={tactic}
@@ -269,18 +267,18 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           )}
         </div>
 
-        {/* Log Source Dropdown */}
+        {/* Log Source Dropdown - STANDARDIZED (kept green for status) */}
         <div className="relative dropdown-container">
           <button 
             onClick={() => setOpenDropdown(openDropdown === 'log' ? null : 'log')}
-            className="flex items-center gap-2 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
+            className="flex items-center gap-2 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
           >
             <Activity size={14} className="text-green-500" />
             Log Source
             <ChevronDown size={14} className={`transition-transform ${openDropdown === 'log' ? 'rotate-180' : ''}`} />
           </button>
           {openDropdown === 'log' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
               {['all', 'Zeek', 'Suricata', 'Sysmon', 'Windows Events', 'Linux Auditd'].map(source => (
                 <button 
                   key={source}
@@ -297,18 +295,18 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           )}
         </div>
 
-        {/* Directionality Dropdown */}
+        {/* Directionality Dropdown - STANDARDIZED (changed cyan to zinc) */}
         <div className="relative dropdown-container">
           <button 
             onClick={() => setOpenDropdown(openDropdown === 'direction' ? null : 'direction')}
-            className="flex items-center gap-2 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
+            className="flex items-center gap-2 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
           >
-            <Globe size={14} className="text-cyan-500" />
+            <Globe size={14} className="text-zinc-400" />
             Directionality
             <ChevronDown size={14} className={`transition-transform ${openDropdown === 'direction' ? 'rotate-180' : ''}`} />
           </button>
           {openDropdown === 'direction' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
               {['all', 'North-South', 'East-West', 'Internal', 'External'].map(dir => (
                 <button 
                   key={dir}
@@ -325,18 +323,18 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           )}
         </div>
 
-        {/* Time Range Dropdown */}
+        {/* Time Range Dropdown - STANDARDIZED */}
         <div className="relative dropdown-container">
           <button 
             onClick={() => setOpenDropdown(openDropdown === 'time' ? null : 'time')}
-            className="flex items-center gap-2 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
+            className="flex items-center gap-2 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
           >
             <Clock size={14} className="text-orange-500" />
             Last {selectedTimeRange === '1h' ? '1 Hour' : selectedTimeRange === '24h' ? '24 Hours' : selectedTimeRange === '7d' ? '7 Days' : '30 Days'}
             <ChevronDown size={14} className={`transition-transform ${openDropdown === 'time' ? 'rotate-180' : ''}`} />
           </button>
           {openDropdown === 'time' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[180px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[180px] z-50 py-2">
               {[
                 { value: '1h', label: 'Last 1 Hour' },
                 { value: '24h', label: 'Last 24 Hours' },
@@ -359,7 +357,7 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
         </div>
       </div>
 
-      {/* Active Filters */}
+      {/* Active Filters - STANDARDIZED */}
       {activeFilters.length > 0 && (
         <div className="flex items-center gap-2 flex-wrap text-xs">
           <span className="text-zinc-500 font-medium">FILTERS APPLIED:</span>
@@ -391,187 +389,192 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
   const renderDetectionTable = () => (
     <div className="bg-[#0a0a0b] border border-zinc-800/50 rounded-lg overflow-hidden">
       <table className="w-full">
-  <thead className="bg-zinc-900/50 border-b border-zinc-800">
-    <tr className="text-[10px] font-bold text-zinc-500 uppercase tracking-wider">
-      <th className="px-4 py-3 text-left w-8">
-        <input 
-          type="checkbox" 
-          className="h-4 w-4 border-2 border-zinc-700 bg-zinc-900 checked:bg-[#00D4AA] checked:border-[#00D4AA] appearance-none rounded flex items-center justify-center checked:after:content-['✓'] checked:after:text-black checked:after:text-xs"
-          checked={selectedRows.length === filteredAlerts.length && filteredAlerts.length > 0}
-          onChange={toggleAllRows}
-        />
-      </th>
-      <th className="px-4 py-3 text-left w-12">LEVEL</th>
-      <th className="px-4 py-3 text-left min-w-[200px]">USECASE NAME / MITRE ID</th>
-      <th className="px-4 py-3 text-left min-w-[180px]">SOURCE → DESTINATION</th>
-      <th className="px-4 py-3 text-left min-w-[200px]">TELEMETRY & TRAFFIC</th>
-      <th className="px-4 py-3 text-left min-w-[140px]">SEVERITY ANALYSIS</th>
-      <th className="px-4 py-3 text-left min-w-[120px]">TRIGGERED</th>
-      <th className="px-4 py-3 text-left w-16">ACTIONS</th>
-    </tr>
-  </thead>
-  <tbody className="divide-y divide-zinc-800/50">
-    {filteredAlerts.length > 0 ? (
-      filteredAlerts.slice(0, 10).map((alert) => (
-        <tr 
-          key={alert.id} 
-          className="hover:bg-zinc-900/30 transition-colors cursor-pointer"
-          onClick={() => setSelectedAlertId(alert.id)}
-        >
-          <td className="px-4 py-4">
-            <input 
-  type="checkbox" 
-  className="h-4 w-4 border-2 border-zinc-700 bg-zinc-900 checked:bg-[#00D4AA] checked:border-[#00D4AA] appearance-none rounded flex items-center justify-center checked:after:content-['✓'] checked:after:text-black checked:after:text-xs"
-  checked={selectedRows.includes(alert.id)}
-  onChange={() => toggleRowSelection(alert.id)}
-  onClick={(e) => e.stopPropagation()}
-/>
-          </td>
-          <td className="px-4 py-4">
-            <div className={`w-2 h-2 rounded-full ${
-              alert.severity === 'critical' ? 'bg-red-500' :
-              alert.severity === 'high' ? 'bg-orange-500' :
-              'bg-yellow-500'
-            }`} />
-          </td>
-          <td className="px-4 py-4">
-            <div className="space-y-1">
-              <div className="text-sm font-semibold text-white">{alert.name}</div>
-              <div className="text-[10px] text-zinc-500 font-mono whitespace-nowrap">{alert.mitreId || 'T1071.001'} · {alert.mitreStage || 'C&C'} · 2024-{alert.timestamp?.split('-')[1] || '06'}-{alert.timestamp?.split('-')[2]?.split(' ')[0] || '15'}</div>
-            </div>
-          </td>
-          <td className="px-4 py-4">
-            <div className="space-y-1">
-              <div className="flex items-center gap-2">
-                <span className="text-xs font-mono text-white">{alert.sourceIp}</span>
-                <ChevronRight size={12} className="text-zinc-600 flex-shrink-0" />
-                <span className="text-xs font-mono text-white">{alert.destIp || '45.12.88.2'}</span>
-              </div>
-              <div className="text-[10px] text-zinc-500 font-medium truncate">{alert.assetContext?.segment || 'MGMT-CHQ-K02'} ({alert.protocol || 'ZEEK DHCP'})</div>
-            </div>
-          </td>
-          <td className="px-4 py-4">
-            <div className="flex flex-wrap gap-1.5">
-              <span className="px-2 py-0.5 bg-cyan-600/20 border border-cyan-600/30 text-cyan-400 rounded text-[10px] font-bold whitespace-nowrap">
-                ZEEK-CONN
-              </span>
-              <span className="px-2 py-0.5 bg-cyan-600/20 border border-cyan-600/30 text-cyan-400 rounded text-[10px] font-bold whitespace-nowrap">
-                ZEEK-SSL
-              </span>
-              <span className="px-2 py-0.5 bg-green-600/20 border border-green-600/30 text-green-400 rounded text-[10px] font-bold whitespace-nowrap">
-                NORTH-SOUTH
-              </span>
-            </div>
-          </td>
-          <td className="px-4 py-4">
-            <div className={`inline-flex px-3 py-1 rounded border ${getSeverityBg(alert.severity)}`}>
-              <span className={`text-xs font-bold uppercase whitespace-nowrap ${getSeverityColor(alert.severity)}`}>
-                {alert.severity} ({alert.score || 88})
-              </span>
-            </div>
-          </td>
-          <td className="px-4 py-4">
-            <div className="space-y-0.5">
-              <div className="flex items-center gap-1.5 text-zinc-400 text-[11px] whitespace-nowrap">
-                <Clock size={12} className="flex-shrink-0" />
-                <span>2 mins ago</span>
-              </div>
-              <div className="text-[10px] text-zinc-600 font-mono whitespace-nowrap">
-                JAN 22, 16:22
-              </div>
-            </div>
-          </td>
-          <td className="px-4 py-4">
-            <div className="relative dropdown-container">
-              <button 
-                className="p-1.5 hover:bg-zinc-800 rounded transition-colors"
-                onClick={(e) => {
-                  e.stopPropagation();
-                  setOpenActionMenu(openActionMenu === alert.id ? null : alert.id);
-                }}
+        <thead className="bg-zinc-900/50 border-b border-zinc-800">
+          <tr className="text-[10px] font-bold text-zinc-500 uppercase tracking-wider">
+            <th className="px-4 py-3 text-left w-8">
+              <input 
+                type="checkbox" 
+                className="h-4 w-4 border-2 border-zinc-700 bg-zinc-900 checked:bg-[#00D4AA] checked:border-[#00D4AA] appearance-none rounded flex items-center justify-center checked:after:content-['✓'] checked:after:text-black checked:after:text-xs"
+                checked={selectedRows.length === filteredAlerts.length && filteredAlerts.length > 0}
+                onChange={toggleAllRows}
+              />
+            </th>
+            <th className="px-4 py-3 text-left w-12">LEVEL</th>
+            <th className="px-4 py-3 text-left min-w-[200px]">USECASE NAME / MITRE ID</th>
+            <th className="px-4 py-3 text-left min-w-[180px]">SOURCE → DESTINATION</th>
+            <th className="px-4 py-3 text-left min-w-[200px]">TELEMETRY & TRAFFIC</th>
+            <th className="px-4 py-3 text-left min-w-[140px]">SEVERITY ANALYSIS</th>
+            <th className="px-4 py-3 text-left min-w-[120px]">TRIGGERED</th>
+            <th className="px-4 py-3 text-left w-16">ACTIONS</th>
+          </tr>
+        </thead>
+        <tbody className="divide-y divide-zinc-800/50">
+          {filteredAlerts.length > 0 ? (
+            filteredAlerts.slice(0, 10).map((alert) => (
+              <tr 
+                key={alert.id} 
+                className="hover:bg-zinc-900/30 transition-colors cursor-pointer"
+                onClick={() => setSelectedAlertId(alert.id)}
               >
-                <MoreVertical size={16} className="text-zinc-500" />
-              </button>
-              {openActionMenu === alert.id && (
-                <div className="absolute right-0 top-full mt-1 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[180px] z-50 py-2">
-                  <button 
-                    onClick={(e) => {
-                      e.stopPropagation();
-                      setSelectedAlertId(alert.id);
-                      setOpenActionMenu(null);
-                    }}
-                    className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
-                  >
-                    <Search size={14} />
-                    View Details
-                  </button>
-                  <button 
-                    onClick={(e) => {
-                      e.stopPropagation();
-                      console.log('Acknowledge alert:', alert.id);
-                      setOpenActionMenu(null);
-                    }}
-                    className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
-                  >
-                    <ShieldCheck size={14} />
-                    Acknowledge
-                  </button>
-                  <button 
-                    onClick={(e) => {
-                      e.stopPropagation();
-                      console.log('Escalate alert:', alert.id);
-                      setOpenActionMenu(null);
-                    }}
-                    className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
-                  >
-                    <Zap size={14} />
-                    Escalate
-                  </button>
-                  <button 
-                    onClick={(e) => {
-                      e.stopPropagation();
-                      console.log('Create case:', alert.id);
-                      setOpenActionMenu(null);
-                    }}
-                    className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
-                  >
-                    <Target size={14} />
-                    Create Case
-                  </button>
-                  <div className="border-t border-zinc-800 my-2"></div>
-                  <button 
-                    onClick={(e) => {
-                      e.stopPropagation();
-                      console.log('Mark false positive:', alert.id);
-                      setOpenActionMenu(null);
-                    }}
-                    className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-red-400 transition-colors flex items-center gap-2"
-                  >
-                    <X size={14} />
-                    Mark False Positive
-                  </button>
+                <td className="px-4 py-4">
+                  <input 
+                    type="checkbox" 
+                    className="h-4 w-4 border-2 border-zinc-700 bg-zinc-900 checked:bg-[#00D4AA] checked:border-[#00D4AA] appearance-none rounded flex items-center justify-center checked:after:content-['✓'] checked:after:text-black checked:after:text-xs"
+                    checked={selectedRows.includes(alert.id)}
+                    onChange={() => toggleRowSelection(alert.id)}
+                    onClick={(e) => e.stopPropagation()}
+                  />
+                </td>
+                <td className="px-4 py-4">
+                  <div className={`w-2 h-2 rounded-full ${
+                    alert.severity === 'critical' ? 'bg-red-500' :
+                    alert.severity === 'high' ? 'bg-orange-500' :
+                    alert.severity === 'medium' ? 'bg-yellow-500' :
+                    'bg-blue-500'
+                  }`} />
+                </td>
+                <td className="px-4 py-4">
+                  <div className="space-y-1">
+                    <div className="text-sm font-semibold text-white">{alert.name}</div>
+                    <div className="text-[10px] text-zinc-500  whitespace-nowrap">
+                      {alert.mitreId || 'T1071.001'} · {alert.mitreStage || 'C&C'} · 2024-{alert.timestamp?.split('-')[1] || '06'}-{alert.timestamp?.split('-')[2]?.split(' ')[0] || '15'}
+                    </div>
+                  </div>
+                </td>
+                <td className="px-4 py-4">
+                  <div className="space-y-1">
+                    <div className="flex items-center gap-2">
+                      <span className="text-xs  text-white">{alert.sourceIp}</span>
+                      <ChevronRight size={12} className="text-zinc-600 flex-shrink-0" />
+                      <span className="text-xs  text-white">{alert.destIp || '45.12.88.2'}</span>
+                    </div>
+                    <div className="text-[10px] text-zinc-500 font-medium truncate">
+                      {alert.assetContext?.segment || 'MGMT-CHQ-K02'} ({alert.protocol || 'ZEEK DHCP'})
+                    </div>
+                  </div>
+                </td>
+                <td className="px-4 py-4">
+                  <div className="flex flex-wrap gap-1.5">
+                    <span className="px-2 py-0.5 bg-cyan-600/20 border border-cyan-600/30 text-cyan-400 rounded text-[10px] font-bold whitespace-nowrap">
+                      ZEEK-CONN
+                    </span>
+                    <span className="px-2 py-0.5 bg-cyan-600/20 border border-cyan-600/30 text-cyan-400 rounded text-[10px] font-bold whitespace-nowrap">
+                      ZEEK-SSL
+                    </span>
+                    <span className="px-2 py-0.5 bg-green-600/20 border border-green-600/30 text-green-400 rounded text-[10px] font-bold whitespace-nowrap">
+                      NORTH-SOUTH
+                    </span>
+                  </div>
+                </td>
+                <td className="px-4 py-4">
+                  <div className={`inline-flex px-3 py-1 rounded border ${getSeverityBg(alert.severity)}`}>
+                    <span className={`text-xs font-bold uppercase whitespace-nowrap ${getSeverityColor(alert.severity)}`}>
+                      {alert.severity} ({alert.score || 88})
+                    </span>
+                  </div>
+                </td>
+                <td className="px-4 py-4">
+                  <div className="space-y-0.5">
+                    <div className="flex items-center gap-1.5 text-zinc-400 text-[11px] whitespace-nowrap">
+                      <Clock size={12} className="flex-shrink-0" />
+                      <span>2 mins ago</span>
+                    </div>
+                    <div className="text-[10px] text-zinc-600  whitespace-nowrap">
+                      JAN 22, 16:22
+                    </div>
+                  </div>
+                </td>
+                <td className="px-4 py-4">
+                  <div className="relative dropdown-container">
+                    <button 
+                      className="p-1.5 hover:bg-zinc-800 rounded transition-colors"
+                      onClick={(e) => {
+                        e.stopPropagation();
+                        setOpenActionMenu(openActionMenu === alert.id ? null : alert.id);
+                      }}
+                    >
+                      <MoreVertical size={16} className="text-zinc-500" />
+                    </button>
+                    {openActionMenu === alert.id && (
+                      <div className="absolute right-0 top-full mt-1 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[180px] z-50 py-2">
+                        <button 
+                          onClick={(e) => {
+                            e.stopPropagation();
+                            setSelectedAlertId(alert.id);
+                            setOpenActionMenu(null);
+                          }}
+                          className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
+                        >
+                          <Search size={14} />
+                          View Details
+                        </button>
+                        <button 
+                          onClick={(e) => {
+                            e.stopPropagation();
+                            console.log('Acknowledge alert:', alert.id);
+                            setOpenActionMenu(null);
+                          }}
+                          className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
+                        >
+                          <ShieldCheck size={14} />
+                          Acknowledge
+                        </button>
+                        <button 
+                          onClick={(e) => {
+                            e.stopPropagation();
+                            console.log('Escalate alert:', alert.id);
+                            setOpenActionMenu(null);
+                          }}
+                          className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
+                        >
+                          <Zap size={14} />
+                          Escalate
+                        </button>
+                        <button 
+                          onClick={(e) => {
+                            e.stopPropagation();
+                            console.log('Create case:', alert.id);
+                            setOpenActionMenu(null);
+                          }}
+                          className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
+                        >
+                          <Target size={14} />
+                          Create Case
+                        </button>
+                        <div className="border-t border-[#1e1e20] my-2"></div>
+                        <button 
+                          onClick={(e) => {
+                            e.stopPropagation();
+                            console.log('Mark false positive:', alert.id);
+                            setOpenActionMenu(null);
+                          }}
+                          className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-red-400 transition-colors flex items-center gap-2"
+                        >
+                          <X size={14} />
+                          Mark False Positive
+                        </button>
+                      </div>
+                    )}
+                  </div>
+                </td>
+              </tr>
+            ))
+          ) : (
+            <tr>
+              <td colSpan={8} className="px-4 py-16 text-center">
+                <div className="flex flex-col items-center justify-center opacity-30">
+                  <X size={32} className="text-zinc-600 mb-2" />
+                  <h3 className="text-sm font-bold text-zinc-500 uppercase tracking-wider">
+                    No matching detections
+                  </h3>
                 </div>
-              )}
-            </div>
-          </td>
-        </tr>
-      ))
-    ) : (
-      <tr>
-        <td colSpan={8} className="px-4 py-16 text-center">
-          <div className="flex flex-col items-center justify-center opacity-30">
-            <X size={32} className="text-zinc-600 mb-2" />
-            <h3 className="text-sm font-bold text-zinc-500 uppercase tracking-wider">
-              No matching detections
-            </h3>
-          </div>
-        </td>
-      </tr>
-    )}
-  </tbody>
-</table>
+              </td>
+            </tr>
+          )}
+        </tbody>
+      </table>
 
-      {/* Pagination */}
+      {/* Pagination - STANDARDIZED */}
       <div className="flex items-center justify-between px-4 py-3 border-t border-zinc-800 bg-zinc-900/30">
         <div className="text-xs text-zinc-500">
           Detections: <span className="font-bold text-white">1,284</span>
@@ -579,10 +582,10 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           Filtered: <span className="font-bold text-white">{filteredAlerts.length}</span>
         </div>
         <div className="flex items-center gap-2">
-          <button className="px-3 py-1.5 bg-zinc-800 hover:bg-zinc-700 text-zinc-300 text-xs rounded transition-colors">
+          <button className="px-3 py-1.5 bg-zinc-800 hover:bg-zinc-700 text-zinc-300 text-xs rounded transition-colors disabled:opacity-50">
             Prev
           </button>
-          <button className="px-3 py-1.5 bg-[#00D4AA] text-white text-xs font-semibold rounded">
+          <button className="px-3 py-1.5 bg-[#00D4AA] text-black text-xs font-semibold rounded">
             1
           </button>
           <button className="px-3 py-1.5 bg-zinc-800 hover:bg-zinc-700 text-zinc-300 text-xs rounded transition-colors">
@@ -591,7 +594,7 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           <button className="px-3 py-1.5 bg-zinc-800 hover:bg-zinc-700 text-zinc-300 text-xs rounded transition-colors">
             3
           </button>
-          <button className="px-3 py-1.5 bg-zinc-800 hover:bg-zinc-700 text-zinc-300 text-xs rounded transition-colors">
+          <button className="px-3 py-1.5 bg-zinc-800 hover:bg-zinc-700 text-zinc-300 text-xs rounded transition-colors disabled:opacity-50">
             Next
           </button>
         </div>
@@ -601,12 +604,12 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
 
   const renderStats = () => (
     <div className="animate-in fade-in duration-500 space-y-6">
-      {/* Top row metric cards */}
+      {/* Top row metric cards - STANDARDIZED */}
       <div className="grid grid-cols-1 md:grid-cols-4 gap-4">
         {[
-          { label: 'TOTAL DETECTIONS (24H)', value: '247', sub: '↑ 12% from previous', color: 'text-white', trend: 'text-[#10b981]' },
-          { label: 'MTTR (MEAN RESPONSE)', value: '2.4h', sub: 'Target: < 3.0h', color: 'text-[#00D4AA]', trend: 'text-[#3b82f6]' },
-          { label: 'DETECTION PRECISION', value: '94.2%', sub: 'False Positives: 5.8%', color: 'text-[#10b981]', trend: 'text-zinc-500' },
+          { label: 'TOTAL DETECTIONS (24H)', value: '247', sub: '↑ 12% from previous', color: 'text-white', trend: 'text-green-500' },
+          { label: 'MTTR (MEAN RESPONSE)', value: '2.4h', sub: 'Target: < 3.0h', color: 'text-[#00D4AA]', trend: 'text-blue-500' },
+          { label: 'DETECTION PRECISION', value: '94.2%', sub: 'False Positives: 5.8%', color: 'text-green-500', trend: 'text-zinc-500' },
           { label: 'SENSOR EFFICIENCY', value: '99.8%', sub: 'Packet Loss: 0.002%', color: 'text-white', trend: 'text-zinc-500' },
         ].map((m, i) => (
           <div key={i} className="bg-[#161618] border border-[#1e1e20] p-6 rounded-xl shadow-sm space-y-3">
@@ -618,10 +621,12 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
       </div>
 
       <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
-        {/* Main Chart Area */}
+        {/* Main Chart Area - STANDARDIZED */}
         <div className="lg:col-span-2 bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-6 shadow-sm">
           <div className="flex justify-between items-center">
-            <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">DETECTION TIMELINE (LAST 24H / 15M WINDOWS)</h3>
+            <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">
+              DETECTION TIMELINE (LAST 24H / 15M WINDOWS)
+            </h3>
           </div>
           <div className="h-[300px]">
             <ResponsiveContainer width="100%" height="100%">
@@ -633,29 +638,31 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
                   </linearGradient>
                 </defs>
                 <CartesianGrid strokeDasharray="3 3" stroke="#1e1e20" vertical={false} />
-                <XAxis dataKey="time" axisLine={false} tickLine={false} tick={{fill: '#4b5563', fontSize: 10}} />
-                <YAxis axisLine={false} tickLine={false} tick={{fill: '#4b5563', fontSize: 10}} />
-                <Tooltip contentStyle={{backgroundColor: '#0c0c0e', border: '1px solid #333', borderRadius: '12px', fontSize: '10px'}} />
+                <XAxis dataKey="time" axisLine={false} tickLine={false} tick={{fill: '#71717a', fontSize: 10}} />
+                <YAxis axisLine={false} tickLine={false} tick={{fill: '#71717a', fontSize: 10}} />
+                <Tooltip contentStyle={{backgroundColor: '#0a0a0b', border: '1px solid #1e1e20', borderRadius: '12px', fontSize: '10px'}} />
                 <Area type="monotone" dataKey="v" stroke="#e11d48" fill="url(#colorThreat)" strokeWidth={2} dot={{ r: 4, fill: '#e11d48', strokeWidth: 2, stroke: '#161618' }} />
               </AreaChart>
             </ResponsiveContainer>
           </div>
         </div>
 
-        {/* Right Sidebar: Protocol Threats */}
+        {/* Right Sidebar: Protocol Threats - STANDARDIZED */}
         <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-8 shadow-sm">
-          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">PROTOCOL-BASED THREATS (ZEEK LOGS)</h3>
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">
+            PROTOCOL-BASED THREATS (ZEEK LOGS)
+          </h3>
           <div className="space-y-8">
             {[
-              { label: 'HTTP C2 (conn.log)', pct: 45, color: 'bg-blue-500' },
-              { label: 'DNS Tunneling (dns.log)', pct: 25, color: 'bg-blue-500' },
-              { label: 'SMB Lateral (smb.log)', pct: 15, color: 'bg-blue-500' },
-              { label: 'RDP Brute (notice.log)', pct: 10, color: 'bg-blue-500' },
+              { label: 'HTTP C2 (conn.log)', pct: 45, color: 'bg-[#00D4AA]' },
+              { label: 'DNS Tunneling (dns.log)', pct: 25, color: 'bg-[#00D4AA]' },
+              { label: 'SMB Lateral (smb.log)', pct: 15, color: 'bg-[#00D4AA]' },
+              { label: 'RDP Brute (notice.log)', pct: 10, color: 'bg-[#00D4AA]' },
             ].map(p => (
               <div key={p.label} className="space-y-2">
                 <div className="flex justify-between items-center text-[10px] font-black uppercase tracking-tight">
                   <span className="text-zinc-400">{p.label}</span>
-                  <span className="text-blue-400">{p.pct}%</span>
+                  <span className="text-[#00D4AA]">{p.pct}%</span>
                 </div>
                 <div className="h-1.5 w-full bg-zinc-950 rounded-full overflow-hidden">
                   <div className={`h-full ${p.color}`} style={{ width: `${p.pct}%` }} />
@@ -667,14 +674,21 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
       </div>
 
       <div className="grid grid-cols-1 lg:grid-cols-12 gap-6">
-        {/* Heatmap Section */}
+        {/* Heatmap Section - STANDARDIZED */}
         <div className="lg:col-span-4 bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-6">
-          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">ATTACK TIMELINE HEATMAP (7 DAYS)</h3>
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">
+            ATTACK TIMELINE HEATMAP (7 DAYS)
+          </h3>
           <div className="grid grid-cols-24 gap-1">
             {Array.from({ length: 7 * 24 }).map((_, i) => {
               const isActive = Math.random() > 0.8;
               return (
-                <div key={i} className={`aspect-square rounded-[1px] ${isActive ? (Math.random() > 0.5 ? 'bg-blue-500' : 'bg-[#00D4AA]/40') : 'bg-zinc-800/40'}`} />
+                <div 
+                  key={i} 
+                  className={`aspect-square rounded-[1px] ${
+                    isActive ? (Math.random() > 0.5 ? 'bg-[#00D4AA]' : 'bg-[#00D4AA]/40') : 'bg-zinc-800/40'
+                  }`} 
+                />
               );
             })}
           </div>
@@ -683,13 +697,15 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           </div>
         </div>
 
-        {/* Targeted Assets Section */}
+        {/* Targeted Assets Section - STANDARDIZED */}
         <div className="lg:col-span-8 bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden">
           <div className="px-8 py-6 border-b border-[#1e1e20]">
-             <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">MOST TARGETED INTERNAL ASSETS</h3>
+            <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">
+              MOST TARGETED INTERNAL ASSETS
+            </h3>
           </div>
           <table className="w-full text-left">
-            <thead className="bg-zinc-950/20 text-[8px] font-black text-zinc-600 uppercase tracking-widest border-b border-[#1e1e20]">
+            <thead className="bg-zinc-900/50 text-[10px] font-bold text-zinc-500 uppercase tracking-wider border-b border-[#1e1e20]">
               <tr>
                 <th className="px-8 py-3">INTERNAL HOST</th>
                 <th className="px-8 py-3">LATEST ALERT</th>
@@ -702,14 +718,14 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
                 { host: '10.0.5.42', tag: '(CEO-MBP)', alert: 'C2 Beaconing', volume: '15 Hits', score: '92/100', color: 'text-red-500' },
                 { host: '10.0.1.10', tag: '(DC-PROD-01)', alert: 'Suspicious SMB', volume: '12 Hits', score: '78/100', color: 'text-orange-500' },
               ].map((row, i) => (
-                <tr key={i} className="hover:bg-white/5 transition-colors group cursor-pointer">
+                <tr key={i} className="hover:bg-zinc-900/30 transition-colors cursor-pointer">
                   <td className="px-8 py-5">
-                    <span className="text-[11px] font-mono font-bold text-white tracking-tight">{row.host}</span>
-                    <span className="text-[9px] text-zinc-600 font-bold ml-2">{row.tag}</span>
+                    <span className="text-xs  font-semibold text-white">{row.host}</span>
+                    <span className="text-[10px] text-zinc-600 font-bold ml-2">{row.tag}</span>
                   </td>
-                  <td className="px-8 py-5 text-[10px] font-bold text-zinc-300 uppercase tracking-tight">{row.alert}</td>
-                  <td className="px-8 py-5 text-[10px] font-bold text-white uppercase tracking-tight">{row.volume}</td>
-                  <td className={`px-8 py-5 text-right text-[11px] font-black ${row.color}`}>{row.score}</td>
+                  <td className="px-8 py-5 text-sm text-zinc-400">{row.alert}</td>
+                  <td className="px-8 py-5 text-sm font-semibold text-white">{row.volume}</td>
+                  <td className={`px-8 py-5 text-right text-sm font-black ${row.color}`}>{row.score}</td>
                 </tr>
               ))}
             </tbody>
@@ -720,20 +736,34 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
   );
 
   if (selectedAlertId) {
-    return <AlertDetailPage id={selectedAlertId} onBack={() => setSelectedAlertId(null)} />;
+    return <DetectionDetailPage id={selectedAlertId} onBack={() => setSelectedAlertId(null)} />;
   }
 
   return (
     <div className="max-w-[1300px] mx-auto pb-48 px-4">
-      {/* Header section - UNCHANGED */}
+      {/* Header section - STANDARDIZED */}
       <div className="flex items-center justify-between mb-8 px-2">
-        <h2 className="text-xl font-bold text-white uppercase tracking-tight">
-          {view === 'feed' ? 'Detection Feed' : 'Detection Feed'}
-        </h2>
+        <h1 className="text-xl font-bold text-white uppercase tracking-tight">
+          Detection Feed
+        </h1>
         <div className="flex items-center gap-4">
           <div className="flex bg-[#161618] border border-[#1e1e20] p-1 rounded-xl">
-             <button onClick={() => setView('feed')} className={`px-6 py-1.5 rounded-lg text-[10px] font-black uppercase tracking-widest transition-all ${view === 'feed' ? 'bg-[#00D4AA] text-black shadow-lg' : 'text-zinc-500 hover:text-white'}`}>Feed View</button>
-             <button onClick={() => setView('stats')} className={`px-6 py-1.5 rounded-lg text-[10px] font-black uppercase tracking-widest transition-all ${view === 'stats' ? 'bg-[#00D4AA] text-black shadow-lg' : 'text-zinc-500 hover:text-white'}`}>Analytics</button>
+            <button 
+              onClick={() => setView('feed')} 
+              className={`px-6 py-1.5 rounded-lg text-[10px] font-black uppercase tracking-widest transition-all ${
+                view === 'feed' ? 'bg-[#00D4AA] text-black shadow-lg' : 'text-zinc-500 hover:text-white'
+              }`}
+            >
+              Feed View
+            </button>
+            <button 
+              onClick={() => setView('stats')} 
+              className={`px-6 py-1.5 rounded-lg text-[10px] font-black uppercase tracking-widest transition-all ${
+                view === 'stats' ? 'bg-[#00D4AA] text-black shadow-lg' : 'text-zinc-500 hover:text-white'
+              }`}
+            >
+              Analytics
+            </button>
           </div>
         </div>
       </div>
diff --git a/ui/pages/AssetDetailPage.tsx b/ui/pages/AssetDetailPage.tsx
index 4b13807..b27a8f3 100644
--- a/ui/pages/AssetDetailPage.tsx
+++ b/ui/pages/AssetDetailPage.tsx
@@ -1,441 +1,331 @@
 import React, { useState } from 'react';
 import { 
-  ArrowLeft, Monitor, ShieldAlert, Wifi, Activity, Clock, Lock, 
-  Info, Globe, Shield, Terminal, Server, ArrowRight, Database,
-  TrendingUp, Calendar, Zap, AlertTriangle, ExternalLink, ShieldCheck,
-  Layers, CheckCircle, XCircle, AlertCircle, Eye, ChevronDown, MoreVertical
+  ArrowLeft, Activity, Clock, Lock, 
+  Globe, Server, ArrowRight,
+  Calendar, AlertCircle, ShieldCheck,
+  CheckCircle, Eye, ChevronDown, MoreVertical, Shield
 } from 'lucide-react';
-import { AreaChart, Area, XAxis, YAxis, CartesianGrid, Tooltip, ResponsiveContainer, PieChart, Pie, Cell } from 'recharts';
 
 interface Props {
   ip: string;
   onBack: () => void;
 }
 
+// ─── MOCK DATA ─────────────────────────────────────────────────────────────
+const PROTOCOL_DATA = [
+  { name: 'SMB',  count: 4821, pct: 46 },
+  { name: 'DNS',  count: 2403, pct: 23 },
+  { name: 'LDAP', count: 1572, pct: 15 },
+  { name: 'HTTP', count: 838,  pct:  8 },
+  { name: 'TLS',  count: 418,  pct:  4 },
+];
+
+const LISTENING_SERVICES = [
+  { name: 'SMB',  port: 445, status: 'Listening', change: '+8.2%', up: true },
+  { name: 'LDAP', port: 389, status: 'Listening', change: '-2.1%', up: false },
+  { name: 'DNS',  port: 53,  status: 'Listening', change: '+3.0%', up: true },
+];
+
+const DETECTIONS = [
+  { id: 'det-1', name: 'High-Entropy DNS Queries',        severity: 'medium', timeAgo: '2 days ago' },
+  { id: 'det-2', name: 'SMB Lateral Movement Attempt',   severity: 'high',   timeAgo: '14 days ago' },
+];
+
+// ─── COMPONENT ─────────────────────────────────────────────────────────────
 const AssetDetailPage: React.FC<Props> = ({ ip, onBack }) => {
-  const [activeTab, setActiveTab] = useState('alerts');
   const [showActionMenu, setShowActionMenu] = useState(false);
+  const [activeWindow,   setActiveWindow]   = useState<'1h' | '24h' | '7d'>('24h');
 
-  const riskData = Array.from({ length: 12 }, (_, i) => ({
-    time: `${i * 2}h`,
-    score: 60 + Math.random() * 30
-  }));
-
-  const trafficData = [
-    { name: 'SMB', value: 46, color: '#10b981' },
-    { name: 'DNS', value: 23, color: '#3b82f6' },
-    { name: 'LDAP', value: 15, color: '#f59e0b' },
-  ];
+  // max bar width reference (longest bar = 100%)
+  const maxCount = Math.max(...PROTOCOL_DATA.map(p => p.count));
 
   return (
-    <div className="animate-in max-w-[1300px] mx-auto fade-in duration-500 space-y-8 pb-32">
-      
-      {/* Header Section */}
-      <div className="space-y-6">
-        {/* Top Bar with Back Button and Title */}
-        <div className="flex items-center justify-between">
-          <div className="flex items-center gap-6">
-            <button 
-              onClick={onBack} 
-              className="p-3 bg-[#161618] border border-[#1e1e20] rounded-xl text-zinc-500 hover:text-white transition-all hover:border-zinc-700"
-            >
-              <ArrowLeft size={20} />
-            </button>
-            <div>
-              <div className="flex items-center gap-3">
-                <h2 className="text-xl font-black text-white uppercase tracking-tight">{ip}</h2>
-                <span className="px-3 py-1.5 bg-emerald-500/10 text-emerald-400 border border-emerald-500/30 rounded-lg text-[9px] font-black uppercase tracking-widest">
-                  STABLE ASSET
-                </span>
+    <div className="animate-in max-w-[1300px] mx-auto fade-in duration-500 space-y-6 pb-32 px-4">
+
+      {/* ════════════════════════════════════════════════════════════════════
+          1. ASSET HEADER
+          ════════════════════════════════════════════════════════════════════ */}
+      <div className="flex items-center justify-between">
+
+        {/* Back + identity */}
+        <div className="flex items-center gap-6">
+          <button
+            onClick={onBack}
+            className="p-1.5 hover:bg-zinc-800 rounded transition-colors"
+          >
+            <ArrowLeft size={20} className="text-zinc-400 hover:text-white transition-colors" />
+          </button>
+          <div>
+            <div className="flex items-center gap-3 flex-wrap">
+              <h2 className="text-xl font-bold text-white uppercase tracking-tight">{ip}</h2>
+              <div className="inline-flex px-3 py-1 rounded border bg-green-500/10 border-green-500/20">
+                <span className="text-xs font-bold uppercase text-green-500">Normal</span>
               </div>
-              <p className="text-[10px] font-black text-zinc-600 uppercase tracking-widest mt-1.5">
-                MS-ENG-042 • Windows Server 2022 • Server Role (High Confidence)
-              </p>
+              {/* Alerts-in-30-days badge */}
+              <span className="px-3 py-1 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg text-[10px] font-bold uppercase tracking-tight text-zinc-500 flex items-center gap-1.5">
+                <AlertCircle size={10} className="text-orange-500" />
+                2 Alerts · 30 d
+              </span>
             </div>
+            <p className="text-[10px] font-bold text-zinc-600 uppercase tracking-widest mt-1.5">
+              MS-ENG-042 · Windows Server 2022 · Server Role (High Confidence)
+            </p>
           </div>
+        </div>
 
-          {/* Action Button Dropdown */}
-          <div className="relative">
-            <button
-              onClick={() => setShowActionMenu(!showActionMenu)}
-              className="flex items-center gap-3 px-6 py-3 bg-[#161618] border border-zinc-800 rounded-xl text-zinc-400 hover:text-white hover:border-zinc-700 transition-all"
-            >
-              <MoreVertical size={18} />
-              <span className="text-[10px] font-black uppercase tracking-widest">Actions</span>
-              <ChevronDown size={14} className={`transition-transform ${showActionMenu ? 'rotate-180' : ''}`} />
-            </button>
+        {/* Actions dropdown */}
+        <div className="relative">
+          <button
+            onClick={() => setShowActionMenu(!showActionMenu)}
+            className="flex items-center gap-3 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
+          >
+            <MoreVertical size={18} />
+            <span className="text-xs font-bold uppercase tracking-wide">Actions</span>
+            <ChevronDown size={14} className={`transition-transform ${showActionMenu ? 'rotate-180' : ''}`} />
+          </button>
 
-            {/* Dropdown Menu */}
-            {showActionMenu && (
-              <div className="absolute right-0 top-full mt-2 w-56 bg-[#0a0a0b] border border-zinc-800 rounded-xl shadow-2xl overflow-hidden z-50 animate-in fade-in slide-in-from-top-2 duration-200">
-                <button
-                  onClick={() => {
-                    setShowActionMenu(false);
-                    // Handle isolate action
-                  }}
-                  className="w-full px-4 py-3 flex items-center gap-3 text-left hover:bg-zinc-900 transition-colors border-b border-zinc-800/50"
-                >
-                  <Lock size={14} className="text-red-400" />
-                  <span className="text-xs font-bold text-red-400">Isolate Asset (EDR)</span>
-                </button>
+          {showActionMenu && (
+            <div className="absolute right-0 top-full mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[200px] z-50 py-2 animate-in fade-in slide-in-from-top-2 duration-200">
+              <button
+                onClick={() => setShowActionMenu(false)}
+                className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors border-b border-zinc-800/50 flex items-center gap-3"
+              >
+                <Lock size={14} className="text-red-500" />
+                <span className="text-sm font-semibold text-red-500">Isolate Asset (EDR)</span>
+              </button>
+              <button
+                onClick={() => setShowActionMenu(false)}
+                className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-3"
+              >
+                <Eye size={14} className="text-blue-500" />
+                <span className="text-sm font-semibold text-blue-500">Manual Review Cycle</span>
+              </button>
+            </div>
+          )}
+        </div>
+      </div>
+
+      {/* ════════════════════════════════════════════════════════════════════
+          2. CURRENT NETWORK STATUS  (full-width banner)
+          ════════════════════════════════════════════════════════════════════ */}
+      <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-6 flex items-center justify-between shadow-sm">
+        <div className="flex items-center gap-4">
+          <div className="w-10 h-10 rounded-lg bg-green-500/10 border border-green-500/20 flex items-center justify-center">
+            <ShieldCheck size={20} className="text-green-500" />
+          </div>
+          <div>
+            <p className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-1">Current Network Status</p>
+            <p className="text-sm font-semibold text-white">Normal Network Activity Observed</p>
+          </div>
+        </div>
+        {/* status tag */}
+        <div className="inline-flex px-3 py-1 rounded border bg-green-500/10 border-green-500/20">
+          <span className="text-xs font-bold uppercase text-green-500 flex items-center gap-2">
+            <div className="w-2 h-2 rounded-full bg-green-500" />
+            Normal
+          </span>
+        </div>
+      </div>
+
+      {/* ════════════════════════════════════════════════════════════════════
+          3. OBSERVED NETWORK ACTIVITY
+          ════════════════════════════════════════════════════════════════════ */}
+      <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
+
+        {/* card header */}
+        <div className="px-6 py-4 border-b border-[#1e1e20] bg-[#0a0a0b]">
+          <div className="flex items-center justify-between">
+            <div className="flex items-center gap-2">
+              <Activity size={14} className="text-green-500" />
+              <h3 className="text-[10px] font-black uppercase tracking-widest text-zinc-400">Observed Network Activity</h3>
+            </div>
+            {/* window toggle */}
+            <div className="flex items-center gap-2">
+              {(['1h', '24h', '7d'] as const).map(w => (
                 <button
-                  onClick={() => {
-                    setShowActionMenu(false);
-                    // Handle manual review action
-                  }}
-                  className="w-full px-4 py-3 flex items-center gap-3 text-left hover:bg-zinc-900 transition-colors"
+                  key={w}
+                  onClick={() => setActiveWindow(w)}
+                  className={`px-3 py-1.5 rounded-lg text-[10px] font-bold uppercase tracking-tight transition-all
+                    ${activeWindow === w
+                      ? 'bg-[#00D4AA] text-black'
+                      : 'bg-[#0a0a0b] border border-[#1e1e20] text-zinc-500 hover:text-white hover:border-zinc-700'
+                    }`}
                 >
-                  <Eye size={14} className="text-blue-400" />
-                  <span className="text-xs font-bold text-blue-400">Manual Review Cycle</span>
+                  {w}
                 </button>
-              </div>
-            )}
+              ))}
+            </div>
           </div>
         </div>
 
-        {/* Summary Banner */}
-        {/* <div className="bg-blue-500/5 border border-blue-500/20 rounded-xl p-4 flex items-start gap-3">
-          <Info size={16} className="text-blue-400 mt-0.5" />
-          <p className="text-xs text-blue-200 leading-relaxed">
-            <span className="font-black">Summary:</span> This server is behaving like a predictable internal service host. Current activity is 92% consistent with its 30-day baseline.
-          </p>
-        </div> */}
+        {/* body: 2-col — left graph, right text */}
+        <div className="p-6 space-y-6">
 
-        {/* Risk Score Card */}
-       
-      </div>
-
-      {/* Main Content Grid */}
-      <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
-        
-        {/* Left Column - 2/3 width */}
-        <div className="lg:col-span-2 space-y-6">
-          
-          {/* How This Host Uses the Network */}
-          <div className="bg-[#0a0a0b] border border-zinc-800 rounded-xl overflow-hidden">
-            <div className="px-6 py-4 border-b border-zinc-800 bg-[#0d0d0f]">
-              <div className="flex items-center justify-between">
-                <div className="flex items-center gap-2">
-                  <Activity size={14} className="text-emerald-400" />
-                  <h3 className="text-[10px] font-black uppercase tracking-widest text-emerald-400">How This Host Uses the Network</h3>
-                </div>
-                <div className="flex items-center gap-3">
-                  <button className="px-3 py-1.5 bg-emerald-500/10 border border-emerald-500/30 rounded-lg text-[9px] font-black uppercase tracking-widest text-emerald-400">
-                    1h
-                  </button>
-                  <button className="px-3 py-1.5 bg-zinc-900 border border-zinc-800 rounded-lg text-[9px] font-black uppercase tracking-widest text-zinc-500 hover:text-white hover:border-zinc-700 transition-colors">
-                    24h
-                  </button>
-                  <button className="px-3 py-1.5 bg-zinc-900 border border-zinc-800 rounded-lg text-[9px] font-black uppercase tracking-widest text-zinc-500 hover:text-white hover:border-zinc-700 transition-colors">
-                    7d
-                  </button>
-                </div>
-              </div>
-            </div>
-            
-            <div className="p-6">
-              <p className="text-xs text-zinc-500 mb-6">
-                This shows what kind of network activity this host primarily generates.
-              </p>
+          {/* subtitle */}
+          <div>
+            <p className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">
+              Observed Protocol Distribution
+            </p>
+            <p className="text-xs text-zinc-500 font-medium mt-1">
+              Based on network traffic observed from Zeek logs
+            </p>
+          </div>
 
-              <div className="grid grid-cols-2 gap-8">
-                {/* Traffic Volume */}
-                <div>
-                  <h4 className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-4">Traffic Volume</h4>
-                  <div className="space-y-4">
-                    <div>
-                      <div className="flex items-center justify-between mb-2">
-                        <span className="text-sm font-bold text-emerald-400">Inbound (92%)</span>
-                        <span className="text-sm font-black text-white">1.2 GB</span>
-                      </div>
-                      <div className="w-full h-2 bg-zinc-900 rounded-full overflow-hidden">
-                        <div className="h-full bg-gradient-to-r from-emerald-500 to-emerald-400" style={{ width: '92%' }} />
-                      </div>
-                    </div>
-                    <div>
-                      <div className="flex items-center justify-between mb-2">
-                        <span className="text-sm font-bold text-blue-400">Outbound (8%)</span>
-                        <span className="text-sm font-black text-white">104 MB</span>
-                      </div>
-                      <div className="w-full h-2 bg-zinc-900 rounded-full overflow-hidden">
-                        <div className="h-full bg-gradient-to-r from-blue-500 to-blue-400" style={{ width: '8%' }} />
-                      </div>
-                    </div>
-                  </div>
-                  <p className="text-[10px] text-zinc-600 mt-4 italic">
-                    Volume is consistent with typical internal server behavior (Inbound  Outbound).
-                  </p>
-                </div>
+          <div className="grid grid-cols-[1fr_380px] gap-6">
 
-                {/* Main Types of Traffic */}
-                <div>
-                  <h4 className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-4">Main Types of Traffic</h4>
-                  <div className="flex items-center gap-6">
-                    <div className="relative w-40 h-40">
-                      <ResponsiveContainer width="100%" height="100%">
-                        <PieChart>
-                          <Pie
-                            data={trafficData}
-                            cx="50%"
-                            cy="50%"
-                            innerRadius={50}
-                            outerRadius={70}
-                            paddingAngle={2}
-                            dataKey="value"
-                          >
-                            {trafficData.map((entry, index) => (
-                              <Cell key={`cell-${index}`} fill={entry.color} />
-                            ))}
-                          </Pie>
-                        </PieChart>
-                      </ResponsiveContainer>
-                      <div className="absolute inset-0 flex items-center justify-center">
-                        <span className="text-2xl font-black text-white">ZEEK</span>
-                      </div>
-                    </div>
-                    <div className="space-y-3">
-                      <div className="flex items-center gap-3">
-                        <div className="w-3 h-3 rounded-full bg-emerald-500" />
-                        <div className="flex items-center gap-2">
-                          <span className="text-xs font-bold text-white">SMB</span>
-                          <span className="text-xs font-black text-zinc-500">46%</span>
-                        </div>
-                      </div>
-                      <div className="flex items-center gap-3">
-                        <div className="w-3 h-3 rounded-full bg-blue-500" />
-                        <div className="flex items-center gap-2">
-                          <span className="text-xs font-bold text-white">DNS</span>
-                          <span className="text-xs font-black text-zinc-500">23%</span>
-                        </div>
-                      </div>
-                      <div className="flex items-center gap-3">
-                        <div className="w-3 h-3 rounded-full bg-amber-500" />
-                        <div className="flex items-center gap-2">
-                          <span className="text-xs font-bold text-white">LDAP</span>
-                          <span className="text-xs font-black text-zinc-500">15%</span>
-                        </div>
-                      </div>
+            {/* ── LEFT: horizontal bar chart ── */}
+            <div className="space-y-3">
+              {PROTOCOL_DATA.map((proto) => {
+                const widthPct = (proto.count / maxCount) * 100;
+                return (
+                  <div key={proto.name} className="flex items-center gap-4">
+                    {/* label */}
+                    <span className="text-xs font-bold text-white w-12 text-right shrink-0">{proto.name}</span>
+                    {/* bar track */}
+                    <div className="flex-1 h-6 bg-zinc-900 rounded-lg overflow-hidden relative">
+                      <div
+                        className="h-full bg-gradient-to-r from-green-600 to-green-400 rounded-lg transition-all duration-500"
+                        style={{ width: `${widthPct}%` }}
+                      />
+                      {/* count label inside bar (only if bar wide enough) */}
+                      {widthPct > 18 && (
+                        <span className="absolute right-3 top-1/2 -translate-y-1/2 text-[10px] font-bold text-white/90">
+                          {proto.count.toLocaleString()}
+                        </span>
+                      )}
                     </div>
+                    {/* count label outside bar (fallback when bar is narrow) */}
+                    {widthPct <= 18 && (
+                      <span className="text-xs text-zinc-500 font-medium shrink-0 w-16">{proto.count.toLocaleString()}</span>
+                    )}
                   </div>
-                  <p className="text-[10px] text-zinc-600 mt-4 italic">
-                    Traffic distribution matches standard Active Directory server role profile.
-                  </p>
-                </div>
-              </div>
-            </div>
-          </div>
+                );
+              })}
 
-          {/* How Predictable This Host Is */}
-          <div className="bg-[#0a0a0b] border border-zinc-800 rounded-xl overflow-hidden">
-            <div className="px-6 py-4 border-b border-zinc-800 bg-[#0d0d0f]">
-              <div className="flex items-center gap-2">
-                <TrendingUp size={14} className="text-emerald-400" />
-                <h3 className="text-[10px] font-black uppercase tracking-widest text-emerald-400">How Predictable This Host Is</h3>
+              {/* Traffic direction line */}
+              <div className="pt-4 mt-3 border-t border-[#1e1e20] flex items-center gap-3">
+                <span className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">Traffic Pattern</span>
+                <span className="text-sm font-semibold text-white">Inbound-dominant</span>
+                <span className="text-xs text-zinc-600">·</span>
+                <span className="text-xs text-zinc-500 font-medium">Inbound: High</span>
+                <span className="text-xs text-zinc-600">|</span>
+                <span className="text-xs text-zinc-500 font-medium">Outbound: Low</span>
               </div>
             </div>
-            
-            <div className="p-6">
-              <p className="text-xs text-zinc-500 mb-6">
-                Current activity closely matches learned behavior.
-              </p>
 
-              <div className="flex items-center gap-6">
-                <div className="flex-1">
-                  <div className="flex items-end justify-center gap-2 h-32">
-                    {Array.from({ length: 20 }).map((_, i) => {
-                      const height = 30 + Math.random() * 70;
-                      return (
-                        <div
-                          key={i}
-                          className="flex-1 bg-gradient-to-t from-emerald-500 to-emerald-400 rounded-t"
-                          style={{ height: `${height}%` }}
-                        />
-                      );
-                    })}
-                  </div>
-                </div>
-                <div className="text-center">
-                  <div className="text-6xl font-black text-emerald-400 mb-2">92%</div>
-                  <div className="text-[9px] font-black text-emerald-500 uppercase tracking-widest">Match</div>
-                </div>
-              </div>
-            </div>
-          </div>
-
-          {/* Active Services */}
-          <div className="bg-[#0a0a0b] border border-zinc-800 rounded-xl overflow-hidden">
-            <div className="px-6 py-4 border-b border-zinc-800 bg-[#0d0d0f] flex items-center justify-between">
-              <div className="flex items-center gap-2">
-                <Server size={14} className="text-blue-400" />
-                <h3 className="text-[10px] font-black uppercase tracking-widest text-blue-400">Observed Listening Services</h3>
-              </div>
-              <button className="text-[9px] font-bold text-blue-400 uppercase tracking-wider hover:text-blue-300 transition-colors">
-                See Config Log
-              </button>
-            </div>
-            
-            <div className="p-6">
-              <div className="grid grid-cols-3 gap-4">
+            {/* ── RIGHT: text observations ── */}
+            <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-6 space-y-4">
+              <p className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Observations</p>
+              <div className="space-y-3">
                 {[
-                  { name: 'SMB', status: 'Listening', change: '+8.2%' },
-                  { name: 'LDAP', status: 'Listening', change: '-2%' },
-                  { name: 'DNS', status: 'Listening', change: '+3%' },
-                ].map((service, i) => (
-                  <div key={i} className="bg-[#0d0d0f] border border-zinc-800 rounded-lg p-4">
-                    <div className="flex items-center justify-between mb-2">
-                      <span className="text-sm font-black text-white">{service.name}</span>
-                      <CheckCircle size={12} className="text-emerald-400" />
-                    </div>
-                    <div className="text-[9px] text-zinc-600 font-medium mb-2">{service.status}</div>
-                    <div className={`text-xs font-bold ${service.change.startsWith('+') ? 'text-emerald-400' : 'text-red-400'}`}>
-                      {service.change}
-                    </div>
+                  'Traffic is primarily inbound and service-oriented.',
+                  'SMB and directory-related protocols dominate activity.',
+                  'Limited outbound application traffic observed.',
+                ].map((obs, i) => (
+                  <div key={i} className="flex items-start gap-3">
+                    <div className="w-1.5 h-1.5 rounded-full bg-green-500 mt-1.5 shrink-0" />
+                    <p className="text-sm text-zinc-400 leading-relaxed">{obs}</p>
                   </div>
                 ))}
               </div>
             </div>
           </div>
         </div>
+      </div>
 
-        {/* Right Column - 1/3 width */}
-        <div className="space-y-6">
-        <div className="bg-[#0a0a0b] border border-emerald-500/30 rounded-xl p-6">
-          <div className="flex items-center justify-between">
-            <div>
-              <h3 className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-2">Current Network Status</h3>
-              <div className="flex items-baseline gap-3">
-                <span className="text-5xl font-black text-emerald-400">12</span>
-                <span className="text-sm font-black text-emerald-500 uppercase">Nominal</span>
-              </div>
-            </div>
-            <div className="flex items-center gap-2">
-              <div className="w-32 h-2 bg-zinc-900 rounded-full overflow-hidden">
-                <div className="h-full bg-gradient-to-r from-emerald-500 to-emerald-400" style={{ width: '12%' }} />
-              </div>
-            </div>
+      {/* ════════════════════════════════════════════════════════════════════
+          4. OBSERVED LISTENING SERVICES
+          ════════════════════════════════════════════════════════════════════ */}
+      <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
+
+        <div className="px-6 py-4 border-b border-[#1e1e20] bg-[#0a0a0b] flex items-center justify-between">
+          <div className="flex items-center gap-2">
+            <Server size={14} className="text-blue-500" />
+            <h3 className="text-[10px] font-black uppercase tracking-widest text-zinc-400">Observed Listening Services</h3>
           </div>
+          <button className="text-xs font-bold text-blue-500 uppercase tracking-wide hover:text-blue-400 transition-colors">
+            See Config Log
+          </button>
         </div>
-          
-          {/* Why This Host Is Considered Stable */}
-          <div className="bg-[#0a0a0b] border border-emerald-500/30 rounded-xl overflow-hidden">
-            <div className="px-6 py-4 border-b border-emerald-500/20 bg-emerald-950/10">
-              <div className="flex items-center gap-2 text-emerald-400">
-                <CheckCircle size={14} />
-                <h3 className="text-[10px] font-black uppercase tracking-wider">Why This Host Is Considered Stable</h3>
-              </div>
-            </div>
-            
-            <div className="p-6 space-y-4">
-              <div className="flex items-start gap-3">
-                <CheckCircle size={14} className="text-emerald-400 mt-1" />
-                <div>
-                  <div className="text-xs font-bold text-white mb-1">LDAP / SMB usage within learned baseline</div>
-                  <div className="text-[10px] text-zinc-500">-15</div>
-                </div>
-              </div>
-              <div className="flex items-start gap-3">
-                <CheckCircle size={14} className="text-emerald-400 mt-1" />
-                <div>
-                  <div className="text-xs font-bold text-white mb-1">No lateral movement detected</div>
-                  <div className="text-[10px] text-zinc-500">-15</div>
-                </div>
-              </div>
-            </div>
-          </div>
 
-          {/* Operational Risk Summary */}
-          <div className="bg-[#0a0a0b] border border-zinc-800 rounded-xl overflow-hidden">
-            <div className="px-6 py-4 border-b border-zinc-800 bg-[#0d0d0f]">
-              <div className="text-[9px] font-black text-zinc-600 uppercase tracking-wider mb-2">Operational Risk Summary</div>
-              <div className="text-2xl font-black text-emerald-400">Low Risk</div>
-            </div>
-            
-            <div className="p-6 space-y-4">
-              <div>
-                <div className="text-[9px] font-black text-zinc-600 uppercase tracking-wider mb-3">Things to Watch For</div>
-                <div className="space-y-2">
-                  <div className="flex items-start gap-2">
-                    <span className="text-amber-400 mt-1">•</span>
-                    <span className="text-xs text-zinc-400">Outbound SMB to new subnets</span>
-                  </div>
-                  <div className="flex items-start gap-2">
-                    <span className="text-amber-400 mt-1">•</span>
-                    <span className="text-xs text-zinc-400">LDAP spikes outside business hours</span>
-                  </div>
-                  <div className="flex items-start gap-2">
-                    <span className="text-amber-400 mt-1">•</span>
-                    <span className="text-xs text-zinc-400">Anomalous DNS query patterns</span>
+        <div className="p-6">
+          <div className="grid grid-cols-3 gap-4">
+            {LISTENING_SERVICES.map((svc, i) => (
+              <div key={i} className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 space-y-3">
+                <div className="flex items-center justify-between">
+                  <div className="flex items-center gap-2">
+                    <span className="text-sm font-semibold text-white">{svc.name}</span>
+                    <span className="text-xs text-zinc-600 font-medium">:{svc.port}</span>
                   </div>
+                  <CheckCircle size={12} className="text-green-500" />
                 </div>
-              </div>
-            </div>
-          </div>
-
-          {/* Who It Talks To */}
-          <div className="bg-[#0a0a0b] border border-zinc-800 rounded-xl overflow-hidden">
-            <div className="px-6 py-4 border-b border-zinc-800 bg-[#0d0d0f]">
-              <div className="flex items-center gap-2 text-blue-400">
-                <Globe size={14} />
-                <h3 className="text-[10px] font-black uppercase tracking-wider">Who It Talks To</h3>
-              </div>
-            </div>
-            
-            <div className="p-6 space-y-3">
-              <div className="flex items-center justify-between">
-                <span className="text-[9px] font-bold text-zinc-600 uppercase">Production Segment</span>
-                <div className="flex items-center gap-2">
-                  <Database size={10} className="text-emerald-400" />
-                  <span className="text-xs font-mono text-white">Production Segment</span>
+                <div className="text-xs text-zinc-500 font-medium">{svc.status}</div>
+                <div className={`text-xs font-bold `}>
+                  {svc.change}
                 </div>
               </div>
-            </div>
+            ))}
           </div>
+        </div>
+      </div>
 
-          {/* Where It Reaches Out */}
-          <div className="bg-[#0a0a0b] border border-zinc-800 rounded-xl overflow-hidden">
-            <div className="px-6 py-4 border-b border-zinc-800 bg-[#0d0d0f]">
-              <div className="flex items-center gap-2 text-blue-400">
-                <ArrowRight size={14} />
-                <h3 className="text-[10px] font-black uppercase tracking-wider">Where It Reaches Out</h3>
-              </div>
-            </div>
-            
-            <div className="p-6 space-y-3">
-              <div className="flex items-center gap-3 bg-[#0d0d0f] border border-blue-500/30 rounded-lg p-3">
-                <Globe size={14} className="text-blue-400" />
-                <span className="text-xs font-bold text-white">Known Update Servers</span>
-              </div>
-            </div>
+      {/* ════════════════════════════════════════════════════════════════════
+          5. DETECTION HISTORY  (new — essential)
+          ════════════════════════════════════════════════════════════════════ */}
+      <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
+
+        <div className="px-6 py-4 border-b border-[#1e1e20] bg-[#0a0a0b] flex items-center justify-between">
+          <div className="flex items-center gap-2">
+            <Shield size={14} className="text-orange-500" />
+            <h3 className="text-[10px] font-black uppercase tracking-widest text-zinc-400">Detections Involving This Host</h3>
           </div>
+          <span className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">Last 30 days</span>
+        </div>
 
-          {/* Recent Milestones */}
-          <div className="bg-[#0a0a0b] border border-zinc-800 rounded-xl overflow-hidden">
-            <div className="px-6 py-4 border-b border-zinc-800 bg-[#0d0d0f]">
-              <div className="flex items-center gap-2 text-blue-400">
-                <Clock size={14} />
-                <h3 className="text-[10px] font-black uppercase tracking-wider">Recent Milestones</h3>
-              </div>
-            </div>
-            
-            <div className="p-6 space-y-4">
-              <div className="flex items-start gap-3">
-                <CheckCircle size={14} className="text-emerald-400 mt-1" />
-                <div>
-                  <div className="text-[10px] text-zinc-600 font-medium">80 days ago</div>
-                  <div className="text-xs font-bold text-white mt-1">Baseline learning cycle complete</div>
-                </div>
-              </div>
-              <div className="flex items-start gap-3">
-                <CheckCircle size={14} className="text-blue-400 mt-1" />
-                <div>
-                  <div className="text-[10px] text-zinc-600 font-medium">Yesterday</div>
-                  <div className="text-xs font-bold text-white mt-1">Scheduled Patch Window observed</div>
-                </div>
-              </div>
+        <div className="p-6">
+          {DETECTIONS.length === 0 ? (
+            <p className="text-sm text-zinc-500 italic">No detections in the last 30 days.</p>
+          ) : (
+            <div className="space-y-3">
+              {DETECTIONS.map((det) => {
+                const severityStyles = {
+                  critical: { bg: 'bg-red-500/10',    border: 'border-red-500/20',    text: 'text-red-500',    dot: 'bg-red-500' },
+                  high:     { bg: 'bg-orange-500/10', border: 'border-orange-500/20', text: 'text-orange-500', dot: 'bg-orange-500' },
+                  medium:   { bg: 'bg-yellow-500/10', border: 'border-yellow-500/20', text: 'text-yellow-500', dot: 'bg-yellow-500' },
+                  low:      { bg: 'bg-blue-500/10',   border: 'border-blue-500/20',   text: 'text-blue-500',   dot: 'bg-blue-500' },
+                };
+                const s = severityStyles[det.severity as keyof typeof severityStyles] || severityStyles.low;
+
+                return (
+                  <div
+                    key={det.id}
+                    className={`flex items-center justify-between px-5 py-4 rounded-lg border cursor-pointer
+                      ${s.bg} ${s.border} hover:bg-zinc-900/30 transition-all group`}
+                  >
+                    {/* left: severity dot + name */}
+                    <div className="flex items-center gap-3">
+                      <div className={`w-2 h-2 rounded-full ${s.dot}`} />
+                      <span className={`text-sm font-semibold ${s.text}`}>
+                        {det.name}
+                      </span>
+                    </div>
+
+                    {/* right: time + arrow */}
+                    <div className="flex items-center gap-4">
+                      <div className="flex items-center gap-1.5 text-zinc-500">
+                        <Clock size={11} />
+                        <span className="text-xs font-medium">{det.timeAgo}</span>
+                      </div>
+                      <ArrowRight size={14} className={`${s.text} opacity-0 group-hover:opacity-100 transition-all`} />
+                    </div>
+                  </div>
+                );
+              })}
             </div>
-          </div>
+          )}
         </div>
       </div>
+
     </div>
   );
 };
diff --git a/ui/pages/AssetsPage.tsx b/ui/pages/AssetsPage.tsx
index dee5658..749519b 100644
--- a/ui/pages/AssetsPage.tsx
+++ b/ui/pages/AssetsPage.tsx
@@ -30,18 +30,18 @@ interface Props {
 }
 
 const RISK_DISTRIBUTION = [
-  { name: 'Critical', value: 12, color: '#e11d48' },
-  { name: 'High', value: 25, color: '#f59e0b' },
-  { name: 'Medium', value: 45, color: '#3b82f6' },
-  { name: 'Low', value: 18, color: '#10b981' },
+  { name: 'Critical', value: 12, color: '#ef4444' },
+  { name: 'High', value: 25, color: '#f97316' },
+  { name: 'Medium', value: 45, color: '#eab308' },
+  { name: 'Low', value: 18, color: '#3b82f6' },
 ];
 
 const TYPE_DISTRIBUTION = [
   { name: 'Workstations', value: 840, color: '#00D4AA' },
   { name: 'Servers', value: 210, color: '#3b82f6' },
-  { name: 'Databases', value: 45, color: '#8b5cf6' },
-  { name: 'Network', value: 32, color: '#f59e0b' },
-  { name: 'IoT/Other', value: 120, color: '#6b7280' },
+  { name: 'Databases', value: 45, color: '#6b7280' },
+  { name: 'Network', value: 32, color: '#f97316' },
+  { name: 'IoT/Other', value: 120, color: '#71717a' },
 ];
 
 const DISCOVERY_TIMELINE = Array.from({ length: 30 }, (_, i) => ({
@@ -95,7 +95,7 @@ const AssetsPage: React.FC<Props> = ({ onSelectAsset, defaultView = 'inventory'
         segment: segments[i % segments.length],
         os: osList[i % osList.length],
         services: i === 0 ? ['HTTP', 'SMB', 'LDAP', 'DNS'] : i === 1 ? ['SSH'] : ['RTSP', 'HTTP'],
-        logSources: i === 0 ? ['known_hosts.log', 'known_services.log'] : i === 1 ? ['dhcp.log', 'notice.log'] : ['known_hosts.log', 'conn.log'],
+        logSources: i === 0 ? ['known_hosts.log', 'known_services.log'] : i === 1 ?  ['dhcp.log', 'notice.log'] : ['known_hosts.log', 'conn.log'],
         lastActivity: i === 0 ? '2 mins ago' : i === 1 ? 'Just now' : '15 mins ago',
         vulnerabilities: { 
           critical: Math.floor(Math.random() * 5),
@@ -127,12 +127,12 @@ const AssetsPage: React.FC<Props> = ({ onSelectAsset, defaultView = 'inventory'
       {/* Filter Bar */}
       <div className="flex items-center gap-3 flex-wrap">
         {/* Search Field */}
-        <div className="flex-1 min-w-[300px] relative group">
-          <Search size={16} className="absolute left-4 top-1/2 -translate-y-1/2 text-zinc-600 group-focus-within:text-zinc-400 transition-colors" />
+        <div className="flex-1 min-w-[300px] relative">
+          <Search size={18} className="absolute left-4 top-1/2 -translate-y-1/2 text-zinc-400 z-10 pointer-events-none" />
           <input 
             type="text" 
             placeholder="Search by IP, Hostname, or MAC..." 
-            className="w-full bg-[#0a0a0b] border border-zinc-800 rounded-lg pl-12 pr-4 py-2.5 text-sm text-white outline-none focus:border-zinc-700 transition-all placeholder:text-zinc-600"
+            className="w-full bg-zinc-900/60 backdrop-blur-md border border-white/10 rounded-lg pl-12 pr-6 py-3 text-sm text-zinc-200 outline-none focus:border-[#00D4AA] transition-all placeholder:text-zinc-500"
             value={searchTerm}
             onChange={(e) => setSearchTerm(e.target.value)}
           />
@@ -141,17 +141,17 @@ const AssetsPage: React.FC<Props> = ({ onSelectAsset, defaultView = 'inventory'
         {/* Asset Type Dropdown */}
         <div className="relative dropdown-container">
           <div className="flex flex-col gap-1">
-            <label className="text-[8px] font-bold text-zinc-600 uppercase tracking-wider px-1">Asset Type</label>
+            <label className="text-xs font-bold text-zinc-500 uppercase tracking-wide">Asset Type</label>
             <button 
               onClick={() => setOpenDropdown(openDropdown === 'type' ? null : 'type')}
-              className="bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all flex items-center gap-2 min-w-[140px]"
+              className="flex items-center gap-2 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all min-w-[140px]"
             >
               <span className="capitalize">{selectedAssetType === 'all' ? 'All Types' : selectedAssetType}</span>
               <ChevronDown size={14} className={`ml-auto transition-transform ${openDropdown === 'type' ? 'rotate-180' : ''}`} />
             </button>
           </div>
           {openDropdown === 'type' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[180px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[180px] z-50 py-2">
               {['All Types', 'Server', 'Workstation', 'Network Device', 'Database'].map(type => (
                 <button 
                   key={type}
@@ -171,17 +171,17 @@ const AssetsPage: React.FC<Props> = ({ onSelectAsset, defaultView = 'inventory'
         {/* Segment Dropdown */}
         <div className="relative dropdown-container">
           <div className="flex flex-col gap-1">
-            <label className="text-[8px] font-bold text-zinc-600 uppercase tracking-wider px-1">Segment</label>
+            <label className="text-xs font-bold text-zinc-500 uppercase tracking-wide">Segment</label>
             <button 
               onClick={() => setOpenDropdown(openDropdown === 'segment' ? null : 'segment')}
-              className="bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all flex items-center gap-2 min-w-[160px]"
+              className="flex items-center gap-2 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all min-w-[160px]"
             >
               <span className="capitalize">{selectedSegment === 'all' ? 'All Segments' : selectedSegment}</span>
               <ChevronDown size={14} className={`ml-auto transition-transform ${openDropdown === 'segment' ? 'rotate-180' : ''}`} />
             </button>
           </div>
           {openDropdown === 'segment' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
               {['All Segments', 'Production', 'Engineering', 'DMZ', 'Finance', 'Corporate', 'Guest Network'].map(seg => (
                 <button 
                   key={seg}
@@ -201,17 +201,17 @@ const AssetsPage: React.FC<Props> = ({ onSelectAsset, defaultView = 'inventory'
         {/* Risk Level Dropdown */}
         <div className="relative dropdown-container">
           <div className="flex flex-col gap-1">
-            <label className="text-[8px] font-bold text-zinc-600 uppercase tracking-wider px-1">Risk Level</label>
+            <label className="text-xs font-bold text-zinc-500 uppercase tracking-wide">Risk Level</label>
             <button 
               onClick={() => setOpenDropdown(openDropdown === 'risk' ? null : 'risk')}
-              className="bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all flex items-center gap-2 min-w-[140px]"
+              className="flex items-center gap-2 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all min-w-[140px]"
             >
               <span className="capitalize">{selectedRiskLevel === 'all' ? 'All Risks' : selectedRiskLevel}</span>
               <ChevronDown size={14} className={`ml-auto transition-transform ${openDropdown === 'risk' ? 'rotate-180' : ''}`} />
             </button>
           </div>
           {openDropdown === 'risk' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[160px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[160px] z-50 py-2">
               {['All Risks', 'Critical', 'High', 'Medium', 'Low'].map(risk => (
                 <button 
                   key={risk}
@@ -230,10 +230,10 @@ const AssetsPage: React.FC<Props> = ({ onSelectAsset, defaultView = 'inventory'
       </div>
 
       {/* Tabs */}
-      <div className="flex gap-1 border-b border-zinc-800">
+      <div className="flex gap-1 border-b border-[#1e1e20]">
         <button
           onClick={() => setActiveTab('active')}
-          className={`px-4 py-2 text-xs font-semibold uppercase tracking-wider transition-all ${
+          className={`px-4 py-2 text-xs font-bold uppercase tracking-wide transition-all ${
             activeTab === 'active' 
               ? 'text-[#00D4AA] border-b-2 border-[#00D4AA]' 
               : 'text-zinc-500 hover:text-zinc-300'
@@ -243,7 +243,7 @@ const AssetsPage: React.FC<Props> = ({ onSelectAsset, defaultView = 'inventory'
         </button>
         <button
           onClick={() => setActiveTab('threat')}
-          className={`px-4 py-2 text-xs font-semibold uppercase tracking-wider transition-all ${
+          className={`px-4 py-2 text-xs font-bold uppercase tracking-wide transition-all ${
             activeTab === 'threat' 
               ? 'text-[#00D4AA] border-b-2 border-[#00D4AA]' 
               : 'text-zinc-500 hover:text-zinc-300'
@@ -252,37 +252,41 @@ const AssetsPage: React.FC<Props> = ({ onSelectAsset, defaultView = 'inventory'
           Threat Linked
         </button>
         <div className="ml-auto flex items-center gap-2 px-4">
-          <CheckCircle2 size={12} className="text-emerald-500" />
-          <span className="text-[10px] text-zinc-500 font-medium">Live Asset Polling Active</span>
+          <CheckCircle2 size={12} className="text-green-500" />
+          <span className="text-[10px] text-zinc-500 font-medium uppercase tracking-tight">Live Asset Polling Active</span>
         </div>
       </div>
 
       {/* Asset Table */}
       <div className="bg-[#0a0a0b] border border-zinc-800/50 rounded-lg overflow-hidden">
         <table className="w-full">
-          <thead className="bg-[#0d0d0f] border-b border-zinc-800">
-            <tr className="text-[9px] font-bold text-zinc-500 uppercase tracking-wider">
-              <th className="px-6 py-4 text-left">Identity</th>
-              <th className="px-6 py-4 text-left">OS / Environment</th>
-              <th className="px-6 py-4 text-left">Risk Status</th>
-              <th className="px-6 py-4 text-left">Services (Known Services.log)</th>
-              <th className="px-6 py-4 text-left">Log Provenance</th>
-              <th className="px-6 py-4 text-left">Last Activity</th>
+          <thead className="bg-zinc-900/50 border-b border-zinc-800">
+            <tr className="text-[10px] font-bold text-zinc-500 uppercase tracking-wider">
+              <th className="px-4 py-3 text-left">Identity</th>
+              <th className="px-4 py-3 text-left">OS / Environment</th>
+              <th className="px-4 py-3 text-left">Risk Status</th>
+              <th className="px-4 py-3 text-left">Services</th>
+              <th className="px-4 py-3 text-left">Log Provenance</th>
+              <th className="px-4 py-3 text-left">Last Activity</th>
             </tr>
           </thead>
           <tbody className="divide-y divide-zinc-800/50">
             {loading ? (
               <tr>
-                <td colSpan={6} className="px-6 py-20 text-center text-zinc-600 text-xs uppercase tracking-wider animate-pulse">
-                  Synchronizing Inventory...
+                <td colSpan={6} className="px-4 py-20 text-center">
+                  <div className="flex items-center justify-center gap-3">
+                    <div className="animate-spin rounded-full border-2 border-zinc-800 border-t-[#00D4AA] w-5 h-5" />
+                    <span className="text-xs text-zinc-500 uppercase tracking-wide">Synchronizing Inventory...</span>
+                  </div>
                 </td>
               </tr>
             ) : filteredAssets.length > 0 ? (
               filteredAssets.slice(0, 10).map((asset, idx) => {
                 const riskScore = asset.riskLevel === 'critical' ? 82 : asset.riskLevel === 'high' ? 51 : asset.riskLevel === 'medium' ? 45 : 12;
-                const riskColor = asset.riskLevel === 'critical' ? 'bg-red-500/20 text-red-400 border-red-500/30' : 
-                                  asset.riskLevel === 'high' ? 'bg-orange-500/20 text-orange-400 border-orange-500/30' :
-                                  'bg-emerald-500/20 text-emerald-400 border-emerald-500/30';
+                const riskColor = asset.riskLevel === 'critical' ? 'bg-red-500/10 text-red-500 border-red-500/20' : 
+                                  asset.riskLevel === 'high' ? 'bg-orange-500/10 text-orange-500 border-orange-500/20' :
+                                  asset.riskLevel === 'medium' ? 'bg-yellow-500/10 text-yellow-500 border-yellow-500/20' :
+                                  'bg-green-500/10 text-green-500 border-green-500/20';
                 
                 return (
                   <tr 
@@ -290,70 +294,70 @@ const AssetsPage: React.FC<Props> = ({ onSelectAsset, defaultView = 'inventory'
                     className="hover:bg-zinc-900/30 transition-colors group cursor-pointer"
                     onClick={() => onSelectAsset?.(asset.ip)}
                   >
-                    <td className="px-6 py-5">
+                    <td className="px-4 py-4">
                       <div className="flex items-center gap-3">
-                        <div className={`p-2 rounded-lg bg-[#0d0d0f] border ${asset.riskLevel === 'critical' ? 'border-red-500/30' : 'border-zinc-800'}`}>
-                          {asset.type === 'server' ? <Server size={16} className="text-blue-400" /> : <Monitor size={16} className="text-zinc-500" />}
+                        <div className={`p-2 rounded-lg bg-[#161618] border ${asset.riskLevel === 'critical' ? 'border-red-500/20' : 'border-[#1e1e20]'}`}>
+                          {asset.type === 'server' ? <Server size={16} className="text-blue-500" /> : <Monitor size={16} className="text-zinc-400" />}
                         </div>
                         <div>
-                          <div className="text-sm font-bold text-white group-hover:text-blue-400 transition-colors">
+                          <div className="text-sm font-semibold text-white group-hover:text-[#00D4AA] transition-colors">
                             {asset.hostname}
                           </div>
-                          <div className="text-[10px] text-zinc-500 font-mono mt-0.5">
+                          <div className="text-xs text-zinc-500 font-medium mt-0.5">
                             {asset.ip}
                           </div>
                         </div>
                       </div>
                     </td>
-                    <td className="px-6 py-5">
+                    <td className="px-4 py-4">
                       <div className="space-y-1.5">
-                        <div className="text-xs font-semibold text-white">{asset.os}</div>
+                        <div className="text-sm font-semibold text-white">{asset.os}</div>
                         <div className="flex gap-1.5 flex-wrap">
-                          <span className="px-2 py-0.5 bg-zinc-800/50 border border-zinc-700 text-zinc-400 rounded text-[9px] font-medium">
+                          <span className="px-2 py-0.5 bg-zinc-900 border border-[#1e1e20] text-zinc-400 rounded text-[10px] font-bold uppercase">
                             {asset.segment}
                           </span>
                           {idx === 0 && (
-                            <span className="px-2 py-0.5 bg-blue-600/20 border border-blue-600/30 text-blue-400 rounded text-[9px] font-medium">
+                            <span className="px-2 py-0.5 bg-blue-500/10 border border-blue-500/20 text-blue-500 rounded text-[10px] font-bold uppercase">
                               Active Directory
                             </span>
                           )}
                         </div>
                       </div>
                     </td>
-                    <td className="px-6 py-5">
-                      <span className={`inline-flex px-3 py-1.5 rounded-md border text-[10px] font-bold uppercase tracking-wider ${riskColor}`}>
+                    <td className="px-4 py-4">
+                      <div className={`inline-flex px-3 py-1 rounded border text-xs font-bold uppercase ${riskColor}`}>
                         {riskScore}
-                      </span>
+                      </div>
                     </td>
-                    <td className="px-6 py-5">
+                    <td className="px-4 py-4">
                       <div className="flex gap-1.5 flex-wrap">
                         {asset.services.map(service => (
                           <span 
                             key={service}
-                            className="px-2 py-1 bg-blue-600/20 border border-blue-600/30 text-blue-400 rounded text-[9px] font-bold uppercase"
+                            className="px-2 py-1 bg-blue-500/10 border border-blue-500/20 text-blue-500 rounded text-[10px] font-bold uppercase"
                           >
                             {service}
                           </span>
                         ))}
                       </div>
                     </td>
-                    <td className="px-6 py-5">
+                    <td className="px-4 py-4">
                       <div className="space-y-1">
                         {asset.logSources.map(log => (
-                          <div key={log} className="flex items-center gap-1.5 text-[10px] text-zinc-500">
-                            <span className="w-1 h-1 rounded-full bg-emerald-500" />
+                          <div key={log} className="flex items-center gap-1.5 text-xs text-zinc-500 font-medium">
+                            <div className="w-1.5 h-1.5 rounded-full bg-green-500" />
                             {log}
                           </div>
                         ))}
                       </div>
                     </td>
-                    <td className="px-6 py-5">
+                    <td className="px-4 py-4">
                       <div className="space-y-1">
-                        <div className="flex items-center gap-2 text-zinc-400 text-[11px]">
+                        <div className="flex items-center gap-2 text-zinc-400 text-xs font-medium">
                           <Clock size={12} />
                           <span>{asset.lastActivity}</span>
                         </div>
-                        <div className="text-[9px] text-zinc-600 font-mono uppercase">
+                        <div className="text-[10px] text-zinc-600 font-medium uppercase tracking-tight">
                           {idx === 0 ? 'INTERNAL-SERVERS-VLAN' : idx === 1 ? 'WIFI USERS' : 'IOT-SENSORS'}
                         </div>
                       </div>
@@ -363,7 +367,7 @@ const AssetsPage: React.FC<Props> = ({ onSelectAsset, defaultView = 'inventory'
               })
             ) : (
               <tr>
-                <td colSpan={6} className="px-6 py-16 text-center">
+                <td colSpan={6} className="px-4 py-16 text-center">
                   <div className="flex flex-col items-center justify-center opacity-30">
                     <X size={32} className="text-zinc-600 mb-2" />
                     <h3 className="text-sm font-bold text-zinc-500 uppercase tracking-wider">
@@ -377,12 +381,12 @@ const AssetsPage: React.FC<Props> = ({ onSelectAsset, defaultView = 'inventory'
         </table>
 
         {/* Footer */}
-        <div className="px-6 py-4 border-t border-zinc-800 bg-[#0d0d0f] flex items-center justify-between">
+        <div className="flex items-center justify-between px-4 py-3 border-t border-zinc-800 bg-zinc-900/30">
           <div className="text-xs text-zinc-500">
-            <span className="text-[10px]">Asset classification derived from SSL, HTTP, and DHCP flows.</span>
+            Asset classification derived from SSL, HTTP, and DHCP flows.
           </div>
           <div className="text-xs text-zinc-500">
-            <span className="font-bold text-blue-400">{filteredAssets.length}</span> Assets in View
+            Total: <span className="font-bold text-white">{filteredAssets.length}</span>
           </div>
         </div>
       </div>
@@ -390,136 +394,236 @@ const AssetsPage: React.FC<Props> = ({ onSelectAsset, defaultView = 'inventory'
   );
 
   const renderStats = () => (
-    <div className="animate-in fade-in duration-500 space-y-8">
-      <div className="flex items-center justify-between mb-8 px-2">
-        <div className="flex items-center gap-2 text-[10px] font-bold text-gray-500 uppercase tracking-widest">
+    <div className="animate-in fade-in duration-500 space-y-6">
+      {/* Header with View Toggle */}
+      <div className="flex items-center justify-between mb-6 px-2">
+        <div className="flex items-center gap-2 text-xs font-bold text-zinc-500 uppercase tracking-wide">
           <span>Home</span>
           <ChevronRight size={10} />
-          <span className="text-gray-300">Assets</span>
+          <span>Assets</span>
           <ChevronRight size={10} />
-          <span className="text-[#00D4AA] font-black uppercase">Risk Analytics</span>
+          <span className="text-[#00D4AA]">Risk Analytics</span>
         </div>
-        <div className="flex items-center gap-2 bg-[#161618] border border-[#1e1e20] p-1 rounded-xl">
-          <button onClick={() => setView('inventory')} className={`px-6 py-1.5 rounded-lg text-[10px] font-black uppercase transition-all ${view === 'inventory' ? 'bg-[#00D4AA] text-black' : 'text-gray-500 hover:text-white'}`}>Inventory</button>
-          <button onClick={() => setView('stats')} className={`px-6 py-1.5 rounded-lg text-[10px] font-black uppercase transition-all ${view === 'stats' ? 'bg-[#00D4AA] text-black' : 'text-gray-500 hover:text-white'}`}>Analytics</button>
+        <div className="flex items-center gap-1 bg-[#161618] border border-[#1e1e20] p-1 rounded-lg">
+          <button 
+            onClick={() => setView('inventory')} 
+            className={`px-6 py-1.5 rounded-lg text-xs font-black uppercase tracking-widest transition-all ${
+              view === 'inventory' ? 'bg-[#00D4AA] text-black' : 'text-zinc-500 hover:text-white'
+            }`}
+          >
+            Inventory
+          </button>
+          <button 
+            onClick={() => setView('stats')} 
+            className={`px-6 py-1.5 rounded-lg text-xs font-black uppercase tracking-widest transition-all ${
+              view === 'stats' ? 'bg-[#00D4AA] text-black' : 'text-zinc-500 hover:text-white'
+            }`}
+          >
+            Analytics
+          </button>
         </div>
       </div>
 
-      <div className="grid grid-cols-1 md:grid-cols-4 gap-6">
+      {/* Metric Cards */}
+      <div className="grid grid-cols-1 md:grid-cols-4 gap-4">
         {[
-          { label: 'TOTAL ASSETS', value: '1,247', trend: '+12', icon: Monitor, color: 'text-[#00D4AA]' },
-          { label: 'HIGH RISK ENTITIES', value: '32', trend: '+3', icon: ShieldAlert, color: 'text-red-500' },
-          { label: 'ACTIVE THREATS', value: '145', trend: '-8', icon: Activity, color: 'text-orange-500' },
-          { label: 'CRITICAL VULNS', value: '28', trend: '+2', icon: AlertTriangle, color: 'text-red-600' },
+          { label: 'TOTAL ASSETS', value: '1,247', trend: '+12', icon: Monitor, trendUp: true },
+          { label: 'HIGH RISK ENTITIES', value: '32', trend: '+3', icon: ShieldAlert, trendUp: true },
+          { label: 'ACTIVE THREATS', value: '145', trend: '-8', icon: Activity, trendUp: false },
+          { label: 'CRITICAL VULNS', value: '28', trend: '+2', icon: AlertTriangle, trendUp: true },
         ].map((stat, i) => (
-          <div key={i} className="bg-[#161618] border border-[#1e1e20] p-6 rounded-lg space-y-4 hover:border-zinc-700 transition-all shadow-xl">
-             <div className="flex justify-between items-start">
-                <p className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">{stat.label}</p>
-                <stat.icon size={16} className="text-zinc-700" />
-             </div>
-             <div className="flex items-end justify-between">
-                <h3 className={`text-xl font-black text-white tracking-tighter`}>{stat.value}</h3>
-                <span className={`text-[10px] font-black ${stat.trend.startsWith('+') ? 'text-red-500' : 'text-emerald-500'}`}>{stat.trend}</span>
-             </div>
+          <div key={i} className="bg-[#161618] border border-[#1e1e20] p-6 rounded-xl shadow-sm space-y-3">
+            <div className="flex justify-between items-start">
+              <p className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">{stat.label}</p>
+              <stat.icon size={16} className="text-zinc-600" />
+            </div>
+            <h3 className="text-xl font-black text-white tracking-tighter">{stat.value}</h3>
+            <p className="text-[10px] font-bold uppercase tracking-tight text-zinc-500">
+              <span className={stat.trendUp ? 'text-red-500' : 'text-green-500'}>{stat.trend}</span> vs last month
+            </p>
           </div>
         ))}
       </div>
 
-      <div className="grid grid-cols-1 lg:grid-cols-3 gap-8">
-        <div className="bg-[#161618] border border-[#1e1e20] rounded-lg p-8 space-y-8 shadow-xl flex flex-col">
-           <h3 className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Risk Level Distribution</h3>
-           <div className="flex-1 min-h-[250px] relative">
-              <ResponsiveContainer width="100%" height="100%">
-                 <PieChart>
-                    <Pie data={RISK_DISTRIBUTION} cx="50%" cy="50%" innerRadius={60} outerRadius={90} paddingAngle={5} dataKey="value">
-                       {RISK_DISTRIBUTION.map((entry, index) => <Cell key={`cell-${index}`} fill={entry.color} />)}
-                    </Pie>
-                    <Tooltip contentStyle={{ backgroundColor: '#0c0c0e', border: '1px solid #333', borderRadius: '12px', fontSize: '10px' }} />
-                 </PieChart>
-              </ResponsiveContainer>
-              <div className="absolute inset-0 flex flex-col items-center justify-center pointer-events-none">
-                 <p className="text-[10px] font-black text-zinc-600 uppercase">Avg Risk</p>
-                 <p className="text-2xl font-black text-white">42%</p>
+      {/* Charts Row 1 */}
+      <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
+        {/* Risk Distribution Pie Chart */}
+        <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-6 shadow-sm flex flex-col">
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Risk Level Distribution</h3>
+          <div className="flex-1 min-h-[250px] relative">
+            <ResponsiveContainer width="100%" height="100%">
+              <PieChart>
+                <Pie data={RISK_DISTRIBUTION} cx="50%" cy="50%" innerRadius={60} outerRadius={90} paddingAngle={5} dataKey="value">
+                  {RISK_DISTRIBUTION.map((entry, index) => <Cell key={`cell-${index}`} fill={entry.color} />)}
+                </Pie>
+                <Tooltip 
+                  contentStyle={{ 
+                    backgroundColor: '#0a0a0b', 
+                    border: '1px solid #1e1e20', 
+                    borderRadius: '8px', 
+                    fontSize: '10px',
+                    color: '#fff'
+                  }} 
+                />
+              </PieChart>
+            </ResponsiveContainer>
+            <div className="absolute inset-0 flex flex-col items-center justify-center pointer-events-none">
+              <p className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">Avg Risk</p>
+              <p className="text-2xl font-black text-white">42%</p>
+            </div>
+          </div>
+          <div className="grid grid-cols-2 gap-4">
+            {RISK_DISTRIBUTION.map(r => (
+              <div key={r.name} className="flex items-center gap-2 text-[10px] font-bold uppercase tracking-tight">
+                <div className="w-2 h-2 rounded-full" style={{ backgroundColor: r.color }} />
+                <span className="text-zinc-500">{r.name}</span>
+                <span className="text-white ml-auto">{r.value}%</span>
               </div>
-           </div>
-           <div className="grid grid-cols-2 gap-4">
-              {RISK_DISTRIBUTION.map(r => (
-                 <div key={r.name} className="flex items-center gap-2 text-[10px] font-black uppercase">
-                    <div className="w-2 h-2 rounded-full" style={{ backgroundColor: r.color }} />
-                    <span className="text-zinc-500">{r.name}</span>
-                    <span className="text-white ml-auto">{r.value}%</span>
-                 </div>
-              ))}
-           </div>
+            ))}
+          </div>
         </div>
 
-        <div className="lg:col-span-2 bg-[#161618] border border-[#1e1e20] rounded-lg p-8 space-y-8 shadow-xl">
-           <h3 className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Asset Category Breakdown</h3>
-           <div className="h-[300px]">
-              <ResponsiveContainer width="100%" height="100%">
-                 <BarChart data={TYPE_DISTRIBUTION} layout="vertical" margin={{ left: 40, right: 40 }}>
-                    <XAxis type="number" hide />
-                    <YAxis dataKey="name" type="category" axisLine={false} tickLine={false} tick={{ fill: '#4b5563', fontSize: 10, fontWeight: 'bold' }} width={100} />
-                    <Tooltip cursor={{ fill: 'transparent' }} contentStyle={{ backgroundColor: '#0c0c0e', border: '1px solid #333', borderRadius: '12px', fontSize: '10px' }} />
-                    <Bar dataKey="value" radius={[0, 4, 4, 0]} barSize={24}>
-                       {TYPE_DISTRIBUTION.map((entry, index) => <Cell key={`cell-${index}`} fill={entry.color} />)}
-                    </Bar>
-                 </BarChart>
-              </ResponsiveContainer>
-           </div>
-           <p className="text-[9px] text-zinc-600 uppercase font-bold text-center tracking-widest">Infrastructure classified via OUI, MAC analysis, and port fingerprinting.</p>
+        {/* Asset Category Breakdown */}
+        <div className="lg:col-span-2 bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-6 shadow-sm">
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Asset Category Breakdown</h3>
+          <div className="h-[300px]">
+            <ResponsiveContainer width="100%" height="100%">
+              <BarChart data={TYPE_DISTRIBUTION} layout="vertical" margin={{ left: 40, right: 40 }}>
+                <XAxis type="number" hide />
+                <YAxis 
+                  dataKey="name" 
+                  type="category" 
+                  axisLine={false} 
+                  tickLine={false} 
+                  tick={{ fill: '#71717a', fontSize: 10, fontWeight: 'bold' }} 
+                  width={100} 
+                />
+                <Tooltip 
+                  cursor={{ fill: 'transparent' }} 
+                  contentStyle={{ 
+                    backgroundColor: '#0a0a0b', 
+                    border: '1px solid #1e1e20', 
+                    borderRadius: '8px', 
+                    fontSize: '10px',
+                    color: '#fff'
+                  }} 
+                />
+                <Bar dataKey="value" radius={[0, 4, 4, 0]} barSize={24}>
+                  {TYPE_DISTRIBUTION.map((entry, index) => <Cell key={`cell-${index}`} fill={entry.color} />)}
+                </Bar>
+              </BarChart>
+            </ResponsiveContainer>
+          </div>
+          <p className="text-[10px] text-zinc-500 font-bold uppercase text-center tracking-wide">
+            Infrastructure classified via OUI, MAC analysis, and port fingerprinting.
+          </p>
         </div>
       </div>
 
-      <div className="grid grid-cols-1 lg:grid-cols-2 gap-8">
-        <div className="bg-[#161618] border border-[#1e1e20] rounded-lg p-8 space-y-8 shadow-xl">
-           <h3 className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Discovery Timeline (Discovered vs Inventory Growth)</h3>
-           <div className="h-64">
-              <ResponsiveContainer width="100%" height="100%">
-                 <AreaChart data={DISCOVERY_TIMELINE}>
-                    <defs>
-                      <linearGradient id="colorCount" x1="0" y1="0" x2="0" y2="1"><stop offset="5%" stopColor="#00D4AA" stopOpacity={0.1}/><stop offset="95%" stopColor="#00D4AA" stopOpacity={0}/></linearGradient>
-                    </defs>
-                    <CartesianGrid strokeDasharray="3 3" stroke="#1e1e1e" vertical={false} />
-                    <XAxis dataKey="date" axisLine={false} tickLine={false} tick={{ fill: '#4b5563', fontSize: 9 }} interval={5} />
-                    <YAxis axisLine={false} tickLine={false} tick={{ fill: '#4b5563', fontSize: 9 }} />
-                    <Tooltip contentStyle={{ backgroundColor: '#0c0c0e', border: '1px solid #333', borderRadius: '12px', fontSize: '10px' }} />
-                    <Area type="monotone" dataKey="count" stroke="#00D4AA" fill="url(#colorCount)" strokeWidth={2} dot={false} />
-                    <Line type="monotone" dataKey="new" stroke="#3b82f6" strokeWidth={2} dot={false} />
-                 </AreaChart>
-              </ResponsiveContainer>
-           </div>
+      {/* Charts Row 2 */}
+      <div className="grid grid-cols-1 lg:grid-cols-2 gap-6">
+        {/* Discovery Timeline */}
+        <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-6 shadow-sm">
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Discovery Timeline</h3>
+          <div className="h-64">
+            <ResponsiveContainer width="100%" height="100%">
+              <AreaChart data={DISCOVERY_TIMELINE}>
+                <defs>
+                  <linearGradient id="colorCount" x1="0" y1="0" x2="0" y2="1">
+                    <stop offset="5%" stopColor="#00D4AA" stopOpacity={0.1}/>
+                    <stop offset="95%" stopColor="#00D4AA" stopOpacity={0}/>
+                  </linearGradient>
+                </defs>
+                <CartesianGrid strokeDasharray="3 3" stroke="#1e1e20" vertical={false} />
+                <XAxis 
+                  dataKey="date" 
+                  axisLine={false} 
+                  tickLine={false} 
+                  tick={{ fill: '#71717a', fontSize: 9 }} 
+                  interval={5} 
+                />
+                <YAxis 
+                  axisLine={false} 
+                  tickLine={false} 
+                  tick={{ fill: '#71717a', fontSize: 9 }} 
+                />
+                <Tooltip 
+                  contentStyle={{ 
+                    backgroundColor: '#0a0a0b', 
+                    border: '1px solid #1e1e20', 
+                    borderRadius: '8px', 
+                    fontSize: '10px',
+                    color: '#fff'
+                  }} 
+                />
+                <Area 
+                  type="monotone" 
+                  dataKey="count" 
+                  stroke="#00D4AA" 
+                  fill="url(#colorCount)" 
+                  strokeWidth={2} 
+                  dot={false} 
+                />
+                <Line 
+                  type="monotone" 
+                  dataKey="new" 
+                  stroke="#3b82f6" 
+                  strokeWidth={2} 
+                  dot={false} 
+                />
+              </AreaChart>
+            </ResponsiveContainer>
+          </div>
         </div>
 
-        <div className="bg-[#161618] border border-[#1e1e20] rounded-lg p-8 space-y-8 shadow-xl">
-           <h3 className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Risk Exposure by Network Segment</h3>
-           <div className="space-y-6">
-              {SEGMENT_RISK.map(s => (
-                 <div key={s.name} className="space-y-2 group cursor-pointer">
-                    <div className="flex justify-between items-center text-[10px] font-black uppercase">
-                       <span className="text-zinc-500 group-hover:text-white transition-colors">{s.name} <span className="text-zinc-700 ml-2">({s.assets} Assets)</span></span>
-                       <span className={s.risk > 80 ? 'text-red-500' : 'text-white'}>{s.risk}% Risk</span>
-                    </div>
-                    <div className="h-2 w-full bg-zinc-950 rounded-full overflow-hidden">
-                       <div className={`h-full transition-all duration-1000 ${s.risk > 80 ? 'bg-red-500 shadow-[0_0_8px_#ef4444]' : s.risk > 50 ? 'bg-orange-500' : 'bg-[#00D4AA]'}`} style={{ width: `${s.risk}%` }} />
-                    </div>
-                 </div>
-              ))}
-           </div>
-           <div className="pt-4 border-t border-[#1e1e20]">
-              <p className="text-[8px] text-zinc-700 font-bold uppercase tracking-[0.2em] text-center">Risk calculation integrates vulnerabilities, lateral movement proximity, and asset sensitivity.</p>
-           </div>
+        {/* Risk Exposure by Segment */}
+        <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-6 shadow-sm">
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Risk Exposure by Network Segment</h3>
+          <div className="space-y-6">
+            {SEGMENT_RISK.map(s => (
+              <div key={s.name} className="space-y-2 group cursor-pointer">
+                <div className="flex justify-between items-center text-xs font-bold uppercase tracking-wide">
+                  <span className="text-zinc-500 group-hover:text-white transition-colors">
+                    {s.name} <span className="text-zinc-600">({s.assets} Assets)</span>
+                  </span>
+                  <span className={s.risk > 80 ? 'text-red-500' : s.risk > 50 ? 'text-orange-500' : 'text-white'}>
+                    {s.risk}%
+                  </span>
+                </div>
+                <div className="h-2 w-full bg-zinc-900 rounded-full overflow-hidden">
+                  <div 
+                    className={`h-full transition-all duration-1000 ${
+                      s.risk > 80 
+                        ? 'bg-red-500' 
+                        : s.risk > 50 
+                        ? 'bg-orange-500' 
+                        : 'bg-[#00D4AA]'
+                    }`} 
+                    style={{ width: `${s.risk}%` }} 
+                  />
+                </div>
+              </div>
+            ))}
+          </div>
+          <div className="pt-4 border-t border-[#1e1e20]">
+            <p className="text-[10px] text-zinc-500 font-bold uppercase tracking-wide text-center">
+              Risk calculation integrates vulnerabilities, lateral movement proximity, and asset sensitivity.
+            </p>
+          </div>
         </div>
       </div>
       
-      <div className="flex justify-center pt-8">
-         <span className="text-[9px] font-black text-gray-700 uppercase tracking-[0.4em]">Inventory Analytics Sync: {new Date().toLocaleTimeString()}</span>
+      {/* Footer Timestamp */}
+      <div className="flex justify-center pt-6">
+        <span className="text-[10px] font-bold text-zinc-600 uppercase tracking-widest">
+          Inventory Analytics Sync: {new Date().toLocaleTimeString()}
+        </span>
       </div>
     </div>
   );
 
   return (
-    <div className="max-w-[1300px] mx-auto pb-48 px-6">
+    <div className="max-w-[1300px] mx-auto pb-48 px-4">
       {view === 'inventory' ? renderInventory() : renderStats()}
     </div>
   );
diff --git a/ui/pages/DetectionDetailPage.tsx b/ui/pages/DetectionDetailPage.tsx
index 3aa05cc..dc32c37 100644
--- a/ui/pages/DetectionDetailPage.tsx
+++ b/ui/pages/DetectionDetailPage.tsx
@@ -68,86 +68,79 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
   };
 
   return (
-    <div className="animate-in fade-in duration-500 max-w-[1300px] mx-auto  pb-32">
+    <div className="animate-in fade-in duration-500 max-w-[1300px] mx-auto pb-48 px-4">
       {/* Top Header Row */}
       <div className="flex items-center justify-between">
         <div className="flex items-center gap-2">
-           <div className="w-2 h-2 rounded-full bg-emerald-500 animate-pulse" />
-           <span className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Network Live</span>
+          <div className="w-2 h-2 rounded-full bg-green-500 animate-pulse" />
+          <span className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Network Live</span>
         </div>
-        {/* <div className="flex items-center gap-3">
-           <button className="bg-[#161618] border border-[#1e1e20] px-4 py-1.5 rounded-lg text-[10px] font-black text-zinc-400 uppercase flex items-center gap-2">
-             Last 24 Hours <ChevronRight size={12} className="rotate-90" />
-           </button>
-        </div> */}
       </div>
 
       {/* Title Block */}
-      <div className="flex items-center justify-between  py-4">
+      <div className="flex items-center justify-between py-4">
         <div className="flex items-center gap-6">
           <button onClick={onBack} className="p-3 bg-[#161618] border border-[#1e1e20] rounded-xl text-zinc-500 hover:text-white transition-all">
             <ArrowLeft size={20} />
           </button>
           <div>
             <div className="flex items-center gap-3">
-              <h2 className="text-xl font-black text-white uppercase tracking-tight">High Entropy DNS Queries</h2>
-              <span className="px-2.5 py-0.5 rounded bg-blue-500/10 border border-blue-500/30 text-blue-400 text-[10px] font-black uppercase tracking-widest">Zeek Analyzed</span>
+              <h2 className="text-xl font-bold text-white uppercase tracking-tight">High Entropy DNS Queries</h2>
+              <span className="inline-flex px-3 py-1 rounded border bg-blue-500/10 border-blue-500/20">
+                <span className="text-xs font-bold uppercase text-blue-500">Zeek Analyzed</span>
+              </span>
             </div>
-            <p className="text-[10px] font-black text-zinc-600 uppercase tracking-widest mt-1.5">Alert ID: {id || 'ALT-001'}</p>
+            <p className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mt-1.5">Alert ID: {id || 'ALT-001'}</p>
           </div>
         </div>
         <div className="flex gap-3 relative">
-           <div className="relative">
-             <button 
-               onClick={() => setActionsDropdownOpen(!actionsDropdownOpen)}
-               className="bg-[#161618] border border-[#1e1e20] text-zinc-400 px-6 py-2 rounded-lg text-[10px] font-black uppercase tracking-widest hover:text-white transition-all flex items-center gap-2"
-             >
-               Actions <ChevronDown size={14} />
-             </button>
-             {actionsDropdownOpen && (
-               <div className="absolute right-0 top-full mt-2 w-56 bg-[#161618] border border-[#1e1e20] rounded-lg shadow-2xl z-50 overflow-hidden">
-                 <button 
-                   onClick={() => {
-                     setIsEscalateOpen(true);
-                     setActionsDropdownOpen(false);
-                   }}
-                   className="w-full px-4 py-3 text-left text-xs text-zinc-300 hover:bg-[#1e1e20] transition-colors flex items-center gap-3"
-                 >
-                   <ArrowUpRight size={14} className="text-blue-400" />
-                   Escalate Case
-                 </button>
-                 <button 
-                   onClick={() => {
-                     handleMarkFalsePositive();
-                     setActionsDropdownOpen(false);
-                   }}
-                   className="w-full px-4 py-3 text-left text-xs text-zinc-300 hover:bg-[#1e1e20] transition-colors flex items-center gap-3 border-t border-[#1e1e20]"
-                 >
-                   <AlertCircle size={14} className="text-amber-400" />
-                   Mark False Positive
-                 </button>
-                 <button 
-                   onClick={() => {
-                     console.log('Mark resolved');
-                     setActionsDropdownOpen(false);
-                   }}
-                   className="w-full px-4 py-3 text-left text-xs text-zinc-300 hover:bg-[#1e1e20] transition-colors flex items-center gap-3 border-t border-[#1e1e20]"
-                 >
-                   <CheckCircle2 size={14} className="text-emerald-400" />
-                   Mark Resolved
-                 </button>
-               </div>
-             )}
-           </div>
-           <div className="relative">
-             <button 
-               
-               className="bg-[#161618] border border-[#1e1e20] text-zinc-400 px-6 py-2 rounded-lg text-[10px] font-black uppercase tracking-widest hover:text-white transition-all flex items-center gap-2"
-             >
-               Last 24 Hours
-             </button>
-            
-           </div>
+          <div className="relative">
+            <button 
+              onClick={() => setActionsDropdownOpen(!actionsDropdownOpen)}
+              className="bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all flex items-center gap-2"
+            >
+              Actions <ChevronDown size={14} />
+            </button>
+            {actionsDropdownOpen && (
+              <div className="absolute right-0 top-full mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
+                <button 
+                  onClick={() => {
+                    setIsEscalateOpen(true);
+                    setActionsDropdownOpen(false);
+                  }}
+                  className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-3"
+                >
+                  <ArrowUpRight size={14} className="text-blue-500" />
+                  Escalate Case
+                </button>
+                <button 
+                  onClick={() => {
+                    handleMarkFalsePositive();
+                    setActionsDropdownOpen(false);
+                  }}
+                  className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-3"
+                >
+                  <AlertCircle size={14} className="text-yellow-500" />
+                  Mark False Positive
+                </button>
+                <button 
+                  onClick={() => {
+                    console.log('Mark resolved');
+                    setActionsDropdownOpen(false);
+                  }}
+                  className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-3"
+                >
+                  <CheckCircle2 size={14} className="text-green-500" />
+                  Mark Resolved
+                </button>
+              </div>
+            )}
+          </div>
+          <div className="relative">
+            <button className="bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all">
+              Last 24 Hours
+            </button>
+          </div>
         </div>
       </div>
 
@@ -158,117 +151,64 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
         <div className="lg:col-span-2 space-y-6">
           
           {/* Why This Alert Was Triggered */}
-          <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl overflow-hidden">
-  {/* Header */}
-  <div className="border-b border-[#1e1e20] px-6 py-4">
-    <div className="flex items-center gap-2">
-      <AlertTriangle size={16} className="text-amber-400" />
-      <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">
-        Why This Alert Was Triggered
-      </h3>
-    </div>
-  </div>
-
-  {/* Body */}
-  <div className="p-6">
-    <div className="grid grid-cols-1 gap-4">
-      {/* Summary */}
-      <p className="text-sm text-zinc-400 leading-relaxed">
-        This alert was triggered because the system detected
-        <span className="text-zinc-200 font-medium">
-          {" "}sustained abnormal outbound data transfer behavior
-        </span>
-        , which deviated significantly from the host’s historical baseline.
-      </p>
-
-      {/* Detection stages */}
-      <div>
-        <h4 className="text-md font-semibold text-zinc-300  tracking-wide mb-2">
-          Detection Stages
-        </h4>
-        <ul className="list-disc list-inside text-sm text-zinc-400 space-y-1">
-          <li>
-            <span className="text-zinc-200 font-medium">Anomaly detected:</span>{" "}
-            Initial abnormal outbound activity was identified compared to normal behavior.
-          </li>
-          <li>
-            <span className="text-zinc-200 font-medium">Behavior sustained:</span>{" "}
-            The abnormal behavior persisted across multiple observation intervals.
-          </li>
-          <li>
-            <span className="text-zinc-200 font-medium">Alert threshold exceeded:</span>{" "}
-            Combined signal confidence crossed the alert threshold, resulting in alert generation.
-          </li>
-        </ul>
-      </div>
-
-      {/* Key factors */}
-      <div>
-        <h4 className="text-md font-semibold text-zinc-300  tracking-wide mb-2">
-          Key Contributing Factors
-        </h4>
-        <ul className="list-disc list-inside text-sm text-zinc-400 space-y-1">
-          <li>Sustained outbound volume spike</li>
-          <li>Abnormal upload-to-download ratio</li>
-        </ul>
-      </div>
-
-      {/* Footer note */}
-      <p className="text-xs text-zinc-500 italic">
-        The activity was observed consistently over a defined time window and was not a single transient spike.
-      </p>
-    </div>
-  </div>
-</div>
-
-
-          {/* Attack Progression */}
-          {/* <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl overflow-hidden">
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
+            {/* Header */}
             <div className="border-b border-[#1e1e20] px-6 py-4">
               <div className="flex items-center gap-2">
-                <Target size={16} className="text-[#00D4AA]" />
-                <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Attack Progression</h3>
+                <AlertTriangle size={16} className="text-yellow-500" />
+                <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">
+                  Why This Alert Was Triggered
+                </h3>
               </div>
             </div>
-            
-            <div className="p-6">
-              <div className="flex items-center justify-between">
-                {[
-                  { stage: 'Initial Activity', time: '13:40', status: 'complete', color: 'cyan' },
-                  { stage: 'Suspicious Behavior', time: '13:45', status: 'complete', color: 'cyan' },
-                  { stage: 'Escalation', time: '13:48', status: 'active', color: 'red' },
-                  { stage: 'Impact', time: '13:51', status: 'pending', color: 'red' },
-                ].map((item, idx) => (
-                  <React.Fragment key={idx}>
-                    <button
-                      onClick={() => openSidebar(`stage-${idx}`)}
-                      className="flex flex-col items-center gap-2 group cursor-pointer"
-                    >
-                      <div className={`w-16 h-16 rounded-full flex items-center justify-center border-2 transition-all
-                        ${item.status === 'complete' ? `bg-${item.color}-900/20 border-${item.color}-600/40` : 
-                          item.status === 'active' ? `bg-${item.color}-900/20 border-${item.color}-500 shadow-lg shadow-${item.color}-500/20` : 
-                          'bg-zinc-900/30 border-zinc-700'}`}
-                      >
-                        {item.status === 'complete' && <CheckCircle2 size={24} className={`text-${item.color}-400`} />}
-                        {item.status === 'active' && <AlertCircle size={24} className={`text-${item.color}-400 animate-pulse`} />}
-                        {item.status === 'pending' && <Clock size={24} className="text-zinc-600" />}
-                      </div>
-                      <div className="text-center">
-                        <div className="text-[9px] font-black text-white uppercase tracking-tight">{item.stage}</div>
-                        <div className="text-[8px] text-zinc-500 font-mono">{item.time}</div>
-                      </div>
-                    </button>
-                    {idx < 3 && (
-                      <div className={`flex-1 h-0.5 ${item.status === 'complete' ? `bg-${item.color}-600/30` : 'bg-zinc-700'}`}></div>
-                    )}
-                  </React.Fragment>
-                ))}
+
+            {/* Body */}
+            <div className="p-6 space-y-4">
+              {/* Summary */}
+              <p className="text-sm text-zinc-400 leading-relaxed">
+                This alert was triggered because the system detected
+                <span className="text-white font-semibold">
+                  {" "}sustained abnormal outbound data transfer behavior
+                </span>
+                , which deviated significantly from the host's historical baseline.
+              </p>
+
+              {/* Detection stages */}
+              <div>
+                <h4 className="text-xs font-bold text-zinc-500 uppercase tracking-wide mb-2">
+                  Detection Stages
+                </h4>
+                <ul className="list-disc list-inside text-sm text-zinc-400 space-y-1">
+                  <li>
+                    <span className="text-white font-semibold">Anomaly detected:</span>{" "}
+                    Initial abnormal outbound activity was identified compared to normal behavior.
+                  </li>
+                  <li>
+                    <span className="text-white font-semibold">Behavior sustained:</span>{" "}
+                    The abnormal behavior persisted across multiple observation intervals.
+                  </li>
+                  <li>
+                    <span className="text-white font-semibold">Alert threshold exceeded:</span>{" "}
+                    Combined signal confidence crossed the alert threshold, resulting in alert generation.
+                  </li>
+                </ul>
+              </div>
+
+              {/* Key factors */}
+              <div>
+                <h4 className="text-xs font-bold text-zinc-500 uppercase tracking-wide mb-2">
+                  Key Contributing Factors
+                </h4>
+                <ul className="list-disc list-inside text-sm text-zinc-400 space-y-1">
+                  <li>Sustained outbound volume spike</li>
+                  <li>Abnormal upload-to-download ratio</li>
+                </ul>
               </div>
             </div>
-          </div> */}
+          </div>
 
           {/* Attack Timeline - Detailed Signal Observations */}
-          <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl overflow-hidden">
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
             <div className="border-b border-[#1e1e20] px-6 py-4">
               <div className="flex items-center gap-2">
                 <Clock size={16} className="text-[#00D4AA]" />
@@ -277,117 +217,119 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
             </div>
             
             <div className="p-6">
-            <div className="space-y-0">
-  {/* Timeline Item 1 */}
-  <div onClick={() => openSidebar('signal-outbound')} className="flex gap-3 cursor-pointer">
-    <div  className="flex flex-col items-center">
-      <div className="w-8 h-8 rounded-full bg-cyan-500 border-2 border-[#0f0f10] flex items-center justify-center text-xs font-black text-black z-10">
-        1
-      </div>
-      <div className="w-0.5 h-full bg-cyan-500/30 -mt-1"></div>
-    </div>
-    
-    <div className="flex-1 pb-6 max-w-2xl">
-      <div className="flex items-center gap-3 mb-2">
-        <span className="text-sm font-black text-white uppercase">Initial Activity</span>
-        <span className="text-xs text-zinc-500 font-mono">13:40</span>
-      </div>
-      
-      <div className=" rounded-lg p-1">
-        <div className="flex items-start gap-2">
-          <div className="w-2 h-2 rounded-full bg-red-500 mt-1.5 flex-shrink-0"></div>
-          <div className="flex-1">
-            <div className="text-sm font-bold text-white mb-1">Outbound Volume Spike</div>
-            <div className="text-xs text-zinc-400">The host sent significantly more data than it normally does.</div>
-          </div>
-        </div>
-      </div>
-    </div>
-  </div>
+              <div className="space-y-0">
+                {/* Timeline Item 1 */}
+                <div onClick={() => openSidebar('signal-outbound')} className="flex gap-3 cursor-pointer hover:bg-zinc-900/30 transition-colors rounded-lg p-2 -ml-2">
+                  <div className="flex flex-col items-center">
+                    <div className="w-8 h-8 rounded-full bg-[#00D4AA] border-2 border-[#161618] flex items-center justify-center text-xs font-black text-black z-10">
+                      1
+                    </div>
+                    <div className="w-0.5 h-full bg-[#00D4AA]/30 -mt-1"></div>
+                  </div>
+                  
+                  <div className="flex-1 pb-6 max-w-2xl">
+                    <div className="flex items-center gap-3 mb-2">
+                      <span className="text-sm font-bold text-white uppercase">Initial Activity</span>
+                      <span className="text-xs text-zinc-500 ">13:40</span>
+                    </div>
+                    
+                    <div className="rounded-lg p-1">
+                      <div className="flex items-start gap-2">
+                        <div className="w-2 h-2 rounded-full bg-red-500 mt-1.5 flex-shrink-0"></div>
+                        <div className="flex-1">
+                          <div className="text-sm font-semibold text-white mb-1">Outbound Volume Spike</div>
+                          <div className="text-xs text-zinc-500 font-medium">The host sent significantly more data than it normally does.</div>
+                        </div>
+                      </div>
+                    </div>
+                  </div>
+                </div>
 
-  {/* Timeline Item 2 */}
-  <div onClick={() => openSidebar('signal-ratio')} className="flex gap-3 cursor-pointer">
-    <div className="flex flex-col items-center">
-      <div className="w-8 h-8 rounded-full bg-cyan-500 border-2 border-[#0f0f10] flex items-center justify-center text-xs font-black text-black z-10">
-        2
-      </div>
-      <div className="w-0.5 h-full bg-cyan-500/30 -mt-1"></div>
-    </div>
-    
-    <div className="flex-1 pb-6 max-w-2xl">
-      <div className="flex items-center gap-3 mb-2">
-        <span className="text-sm font-black text-white uppercase">Initial Activity</span>
-        <span className="text-xs text-zinc-500 font-mono">13:40</span>
-      </div>
-      
-      <div className=" rounded-lg p-1">
-        <div className="flex items-start gap-2">
-          <div className="w-2 h-2 rounded-full bg-red-500 mt-1.5 flex-shrink-0"></div>
-          <div className="flex-1">
-            <div className="text-sm font-bold text-white mb-1">Outbound Volume Spike</div>
-            <div className="text-xs text-zinc-400">The host sent significantly more data than it normally does.</div>
-          </div>
-        </div>
-      </div>
-    </div>
-  </div>
+                {/* Timeline Item 2 */}
+                <div onClick={() => openSidebar('signal-ratio')} className="flex gap-3 cursor-pointer hover:bg-zinc-900/30 transition-colors rounded-lg p-2 -ml-2">
+                  <div className="flex flex-col items-center">
+                    <div className="w-8 h-8 rounded-full bg-[#00D4AA] border-2 border-[#161618] flex items-center justify-center text-xs font-black text-black z-10">
+                      2
+                    </div>
+                    <div className="w-0.5 h-full bg-[#00D4AA]/30 -mt-1"></div>
+                  </div>
+                  
+                  <div className="flex-1 pb-6 max-w-2xl">
+                    <div className="flex items-center gap-3 mb-2">
+                      <span className="text-sm font-bold text-white uppercase">Suspicious Behavior</span>
+                      <span className="text-xs text-zinc-500 ">13:45</span>
+                    </div>
+                    
+                    <div className="rounded-lg p-1">
+                      <div className="flex items-start gap-2">
+                        <div className="w-2 h-2 rounded-full bg-red-500 mt-1.5 flex-shrink-0"></div>
+                        <div className="flex-1">
+                          <div className="text-sm font-semibold text-white mb-1">Upload/Download Ratio Shift</div>
+                          <div className="text-xs text-zinc-500 font-medium">Unusual upload pattern detected compared to downloads.</div>
+                        </div>
+                      </div>
+                    </div>
+                  </div>
+                </div>
 
-  {/* Timeline Item 3 */}
-  <div className="flex gap-3">
-    <div className="flex flex-col items-center">
-      <div className="w-8 h-8 rounded-full bg-cyan-500 border-2 border-[#0f0f10] flex items-center justify-center text-xs font-black text-black z-10">
-        3
-      </div>
-      <div className="w-0.5 h-full bg-cyan-500/30 -mt-1"></div>
-    </div>
-    
-    <div className="flex-1 pb-6 max-w-2xl">
-      <div className="flex items-center gap-3 mb-2">
-        <span className="text-sm font-black text-white uppercase">Initial Activity</span>
-        <span className="text-xs text-zinc-500 font-mono">13:40</span>
-      </div>
-      
-      <div className=" rounded-lg p-1">
-        <div className="flex items-start gap-2">
-          <div className="w-2 h-2 rounded-full bg-amber-500 mt-1.5 flex-shrink-0"></div>
-          <div className="flex-1">
-            <div className="text-sm font-bold text-white mb-1">Outbound Volume Spike</div>
-          </div>
-        </div>
-      </div>
-    </div>
-  </div>
+                {/* Timeline Item 3 */}
+                <div className="flex gap-3 hover:bg-zinc-900/30 transition-colors rounded-lg p-2 -ml-2">
+                  <div className="flex flex-col items-center">
+                    <div className="w-8 h-8 rounded-full bg-[#00D4AA] border-2 border-[#161618] flex items-center justify-center text-xs font-black text-black z-10">
+                      3
+                    </div>
+                    <div className="w-0.5 h-full bg-[#00D4AA]/30 -mt-1"></div>
+                  </div>
+                  
+                  <div className="flex-1 pb-6 max-w-2xl">
+                    <div className="flex items-center gap-3 mb-2">
+                      <span className="text-sm font-bold text-white uppercase">Escalation</span>
+                      <span className="text-xs text-zinc-500 ">13:48</span>
+                    </div>
+                    
+                    <div className="rounded-lg p-1">
+                      <div className="flex items-start gap-2">
+                        <div className="w-2 h-2 rounded-full bg-yellow-500 mt-1.5 flex-shrink-0"></div>
+                        <div className="flex-1">
+                          <div className="text-sm font-semibold text-white mb-1">Sustained Activity Pattern</div>
+                          <div className="text-xs text-zinc-500 font-medium">Behavior persisted beyond normal threshold.</div>
+                        </div>
+                      </div>
+                    </div>
+                  </div>
+                </div>
 
-  {/* Timeline Item 4 - Final */}
-  <div className="flex gap-3">
-    <div className="flex flex-col items-center">
-      <div className="w-8 h-8 rounded-full bg-emerald-500 border-2 border-[#0f0f10] flex items-center justify-center text-xs font-black text-black z-10">
-        4
-      </div>
-    </div>
-    
-    <div className="flex-1 max-w-2xl">
-      <div className="flex items-center gap-3 mb-2">
-        <span className="text-sm font-black text-white uppercase">Initial Activity</span>
-        <span className="text-xs text-zinc-500 font-mono">13:40</span>
-      </div>
-      
-      <div className=" rounded-lg p-1">
-        <div className="flex items-start gap-2">
-          <div className="w-2 h-2 rounded-full bg-emerald-500 mt-1.5 flex-shrink-0"></div>
-          <div className="flex-1">
-            <div className="text-sm font-bold text-white mb-1">Triggered Rule</div>
-          </div>
-        </div>
-      </div>
-    </div>
-  </div>
-</div>
+                {/* Timeline Item 4 - Final */}
+                <div className="flex gap-3 hover:bg-zinc-900/30 transition-colors rounded-lg p-2 -ml-2">
+                  <div className="flex flex-col items-center">
+                    <div className="w-8 h-8 rounded-full bg-green-500 border-2 border-[#161618] flex items-center justify-center text-xs font-black text-black z-10">
+                      4
+                    </div>
+                  </div>
+                  
+                  <div className="flex-1 max-w-2xl">
+                    <div className="flex items-center gap-3 mb-2">
+                      <span className="text-sm font-bold text-white uppercase">Alert Generated</span>
+                      <span className="text-xs text-zinc-500 ">13:51</span>
+                    </div>
+                    
+                    <div className="rounded-lg p-1">
+                      <div className="flex items-start gap-2">
+                        <div className="w-2 h-2 rounded-full bg-green-500 mt-1.5 flex-shrink-0"></div>
+                        <div className="flex-1">
+                          <div className="text-sm font-semibold text-white mb-1">Alert Threshold Triggered</div>
+                          <div className="text-xs text-zinc-500 font-medium">Combined signals exceeded detection threshold.</div>
+                        </div>
+                      </div>
+                    </div>
+                  </div>
+                </div>
+              </div>
             </div>
           </div>
 
           {/* Observed Network Behavior - With Two Tabs */}
-          <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl overflow-hidden">
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
             <div className="border-b border-[#1e1e20] px-6 py-4">
               <div className="flex items-center gap-2">
                 <BarChart2 size={16} className="text-[#00D4AA]" />
@@ -400,17 +342,17 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
                 onClick={() => setBehaviorTab('network')}
                 className={`flex-1 px-6 py-3 text-[10px] font-black uppercase tracking-widest transition-all
                   ${behaviorTab === 'network' 
-                    ? 'bg-[#00D4AA10] text-[#00D4AA] border-b-2 border-[#00D4AA10]' 
-                    : 'text-zinc-500 hover:text-zinc-300 hover:bg-[#00D4AA10]'}`}
+                    ? 'bg-[#00D4AA]/10 text-[#00D4AA] border-b-2 border-[#00D4AA]' 
+                    : 'text-zinc-500 hover:text-zinc-300 hover:bg-zinc-900/30'}`}
               >
-                Observed Network Behavior
+                Network Activity
               </button>
               <button
                 onClick={() => setBehaviorTab('data')}
                 className={`flex-1 px-6 py-3 text-[10px] font-black uppercase tracking-widest transition-all
                   ${behaviorTab === 'data' 
-                    ? 'bg-[#00D4AA10] text-[#00D4AA] border-b-2 border-[#00D4AA10]' 
-                    : 'text-zinc-500 hover:text-zinc-300 hover:bg-[#00D4AA10]'}`}
+                    ? 'bg-[#00D4AA]/10 text-[#00D4AA] border-b-2 border-[#00D4AA]' 
+                    : 'text-zinc-500 hover:text-zinc-300 hover:bg-zinc-900/30'}`}
               >
                 Associated Data
               </button>
@@ -420,42 +362,42 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
               {behaviorTab === 'network' && (
                 <div className="space-y-4 animate-in fade-in duration-300">
                   <div className="flex items-center justify-between text-xs">
-                    <span className="text-zinc-500 uppercase tracking-widest font-black text-[9px]">Total Data</span>
+                    <span className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Total Data</span>
                     <div className="flex items-center gap-4">
                       <div className="flex items-center gap-2">
-                        <div className="w-3 h-3 rounded bg-cyan-500"></div>
-                        <span className="text-white font-bold">2.6 GB</span>
+                        <div className="w-3 h-3 rounded bg-[#00D4AA]"></div>
+                        <span className="text-sm font-semibold text-white">2.6 GB</span>
                       </div>
                       <div className="flex items-center gap-2">
                         <div className="w-3 h-3 rounded bg-zinc-700"></div>
-                        <span className="text-zinc-400">12.1</span>
+                        <span className="text-sm text-zinc-400">12.1</span>
                       </div>
                       <div className="flex items-center gap-2">
                         <div className="w-3 h-3 rounded bg-zinc-700"></div>
-                        <span className="text-zinc-400">45 Mbps</span>
+                        <span className="text-sm text-zinc-400">45 Mbps</span>
                       </div>
                     </div>
                   </div>
 
-                  <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4">
+                  <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4">
                     <ResponsiveContainer width="100%" height={200}>
                       <LineChart data={NETWORK_ACTIVITY_DATA}>
-                        <CartesianGrid strokeDasharray="3 3" stroke="#1e293b" vertical={false} />
+                        <CartesianGrid strokeDasharray="3 3" stroke="#1e1e20" vertical={false} />
                         <XAxis 
                           dataKey="time" 
                           axisLine={false} 
                           tickLine={false} 
-                          tick={{fill: '#475569', fontSize: 9}} 
+                          tick={{fill: '#71717a', fontSize: 10}} 
                         />
                         <YAxis 
                           axisLine={false} 
                           tickLine={false} 
-                          tick={{fill: '#475569', fontSize: 9}} 
+                          tick={{fill: '#71717a', fontSize: 10}} 
                         />
                         <Tooltip 
                           contentStyle={{
-                            backgroundColor: '#0f0f10', 
-                            border: '1px solid #164e63', 
+                            backgroundColor: '#0a0a0b', 
+                            border: '1px solid #1e1e20', 
                             borderRadius: '8px', 
                             fontSize: '10px'
                           }} 
@@ -463,7 +405,7 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
                         <Line 
                           type="monotone" 
                           dataKey="value" 
-                          stroke="#22d3ee"
+                          stroke="#00D4AA"
                           strokeWidth={2}
                           dot={false}
                         />
@@ -471,7 +413,7 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
                     </ResponsiveContainer>
                   </div>
 
-                  <p className="text-xs text-zinc-500 italic mt-4">
+                  <p className="text-xs text-zinc-500 font-medium italic mt-4">
                     Network traffic shifted from normal download behavior to sustained outbound data transfer.
                   </p>
                 </div>
@@ -479,28 +421,36 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
 
               {behaviorTab === 'data' && (
                 <div className="space-y-3 animate-in fade-in duration-300">
-                  <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg overflow-hidden">
-                    <table className="w-full text-left">
-                      <thead className="bg-cyan-900/10 border-b border-[#1e1e20]">
-                        <tr className="text-[9px] font-black text-zinc-500 uppercase tracking-wider">
-                          <th className="px-4 py-3">Timestamp</th>
-                          <th className="px-4 py-3">Protocol</th>
-                          <th className="px-4 py-3">Bytes Sent</th>
-                          <th className="px-4 py-3">Destination</th>
+                  <div className="bg-[#0a0a0b] border border-zinc-800/50 rounded-lg overflow-hidden">
+                    <table className="w-full">
+                      <thead className="bg-zinc-900/50 border-b border-zinc-800">
+                        <tr className="text-[10px] font-bold text-zinc-500 uppercase tracking-wider">
+                          <th className="px-4 py-3 text-left">Timestamp</th>
+                          <th className="px-4 py-3 text-left">Protocol</th>
+                          <th className="px-4 py-3 text-left">Bytes Sent</th>
+                          <th className="px-4 py-3 text-left">Destination</th>
                         </tr>
                       </thead>
-                      <tbody className="divide-y divide-cyan-900/10 text-xs font-mono">
+                      <tbody className="divide-y divide-zinc-800/50">
                         {[
                           { ts: '13:40:15', proto: 'HTTPS', bytes: '524 KB', dest: '185.12.45.23' },
                           { ts: '13:42:33', proto: 'HTTPS', bytes: '892 KB', dest: '185.12.45.23' },
                           { ts: '13:45:12', proto: 'HTTPS', bytes: '1.2 MB', dest: '185.12.45.23' },
                           { ts: '13:48:45', proto: 'HTTPS', bytes: '1.5 MB', dest: '185.12.45.23' },
                         ].map((row, i) => (
-                          <tr key={i} className="hover:bg-[#00D4AA10] transition-colors">
-                            <td className="px-4 py-3 text-zinc-400">{row.ts}</td>
-                            <td className="px-4 py-3 text-[#00D4AA]">{row.proto}</td>
-                            <td className="px-4 py-3 text-zinc-300">{row.bytes}</td>
-                            <td className="px-4 py-3 text-zinc-400">{row.dest}</td>
+                          <tr key={i} className="hover:bg-zinc-900/30 transition-colors cursor-pointer">
+                            <td className="px-4 py-4">
+                              <span className="text-xs  text-zinc-400">{row.ts}</span>
+                            </td>
+                            <td className="px-4 py-4">
+                              <span className="text-xs  text-[#00D4AA]">{row.proto}</span>
+                            </td>
+                            <td className="px-4 py-4">
+                              <span className="text-sm font-semibold text-white">{row.bytes}</span>
+                            </td>
+                            <td className="px-4 py-4">
+                              <span className="text-xs  text-zinc-400">{row.dest}</span>
+                            </td>
                           </tr>
                         ))}
                       </tbody>
@@ -516,7 +466,7 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
         <div className="space-y-6">
           
           {/* Affected Systems and Destinations */}
-          <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl overflow-hidden">
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
             <div className="border-b border-[#1e1e20] px-6 py-4">
               <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Affected Systems and Destinations</h3>
             </div>
@@ -525,39 +475,39 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
               {/* Source System */}
               <button 
                 onClick={() => openSidebar('source')}
-                className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4 hover:border-cyan-600/40 transition-all text-left"
+                className="w-full bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 hover:border-[#00D4AA] transition-all text-left"
               >
                 <div className="flex items-center gap-3 mb-2">
                   <Server size={16} className="text-[#00D4AA]" />
                   <div className="flex-1">
-                    <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Source System: WS-FINAN...</div>
-                    <div className="text-xs font-mono text-white mt-1">192.168.1.45</div>
+                    <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">Source System: WS-FINAN...</div>
+                    <div className="text-xs  text-white mt-1">192.168.1.45</div>
                   </div>
                   <ChevronRight size={16} className="text-zinc-500" />
                 </div>
                 <div className="flex items-center gap-2 mt-2">
-                  <span className="px-2 py-0.5 bg-emerald-600/20 border border-emerald-600/30 text-emerald-400 text-[8px] font-black uppercase tracking-widest rounded">
+                  <span className="px-2 py-0.5 bg-green-500/10 border border-green-500/20 text-green-500 rounded text-[10px] font-bold uppercase">
                     Critical Asset
                   </span>
-                  <span className="text-[8px] text-zinc-500">VLAN: 10</span>
+                  <span className="text-xs text-zinc-500 font-medium">VLAN: 10</span>
                 </div>
               </button>
 
               {/* Internal Systems */}
               <button 
                 onClick={() => openSidebar('internal')}
-                className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4 hover:border-cyan-600/40 transition-all text-left"
+                className="w-full bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 hover:border-[#00D4AA] transition-all text-left"
               >
                 <div className="flex items-center gap-3 mb-2">
-                  <Server size={16} className="text-blue-400" />
+                  <Server size={16} className="text-blue-500" />
                   <div className="flex-1">
-                    <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Internal systems involved: 35</div>
+                    <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">Internal systems involved: 35</div>
                     <div className="text-xs text-white mt-1">FVLAN</div>
                   </div>
                   <ChevronRight size={16} className="text-zinc-500" />
                 </div>
                 <div className="flex items-center gap-2 mt-2">
-                  <span className="px-2 py-0.5 bg-blue-600/20 border border-blue-600/30 text-blue-400 text-[8px] font-black uppercase tracking-widest rounded">
+                  <span className="px-2 py-0.5 bg-blue-500/10 border border-blue-500/20 text-blue-500 rounded text-[10px] font-bold uppercase">
                     File Server
                   </span>
                 </div>
@@ -566,18 +516,18 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
               {/* External Destination */}
               <button 
                 onClick={() => openSidebar('external')}
-                className="w-full bg-zinc-900/30 border border-red-900/20 rounded-lg p-4 hover:border-red-600/40 transition-all text-left"
+                className="w-full bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 hover:border-red-500/40 transition-all text-left"
               >
                 <div className="flex items-center gap-3 mb-2">
-                  <Globe size={16} className="text-red-400" />
+                  <Globe size={16} className="text-red-500" />
                   <div className="flex-1">
-                    <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">External destinations: 3 un...</div>
+                    <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">External destinations: 3 un...</div>
                     <div className="text-xs text-white mt-1">DESTINATION</div>
                   </div>
                   <ChevronRight size={16} className="text-zinc-500" />
                 </div>
                 <div className="flex items-center gap-2 mt-2">
-                  <span className="px-2 py-0.5 bg-red-600/20 border border-red-600/30 text-red-400 text-[8px] font-black uppercase tracking-widest rounded">
+                  <span className="px-2 py-0.5 bg-red-500/10 border border-red-500/20 text-red-500 rounded text-[10px] font-bold uppercase">
                     External (IP)
                   </span>
                 </div>
@@ -586,7 +536,7 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
           </div>
 
           {/* What Should I Check Next */}
-          <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl overflow-hidden">
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
             <div className="border-b border-[#1e1e20] px-6 py-4">
               <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">What Should I Check Next?</h3>
             </div>
@@ -598,25 +548,25 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
                 'Monitor external connections for continued activity.',
               ].map((item, idx) => (
                 <div key={idx} className="flex gap-3 items-start">
-                  <div className="mt-1 flex-shrink-0 w-5 h-5 rounded-full bg-cyan-900/30 border border-cyan-600/40 flex items-center justify-center text-[#00D4AA] text-[10px] font-black">
+                  <div className="mt-1 flex-shrink-0 w-5 h-5 rounded-full bg-[#00D4AA]/20 border border-[#00D4AA]/40 flex items-center justify-center text-[#00D4AA] text-[10px] font-black">
                     {idx + 1}
                   </div>
-                  <p className="text-xs text-zinc-400 leading-relaxed">{item}</p>
+                  <p className="text-sm text-zinc-400 leading-relaxed">{item}</p>
                 </div>
               ))}
             </div>
           </div>
 
           {/* Threat Classification */}
-          <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl overflow-hidden">
+          <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
             <div className="border-b border-[#1e1e20] px-6 py-4">
               <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Threat Classification</h3>
             </div>
             
-            <div className="p-6">
-              <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-2">Mitre Attack</div>
-              <div className="text-sm text-white font-bold mb-1">TA0010 - Exfiltration</div>
-              <p className="text-xs text-zinc-400">
+            <div className="p-6 space-y-3">
+              <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">Mitre Attack</div>
+              <div className="text-sm font-semibold text-white">TA0010 - Exfiltration</div>
+              <p className="text-sm text-zinc-400 leading-relaxed">
                 Adversary is attempting to steal data from your network.
               </p>
             </div>
@@ -631,13 +581,13 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
           onClick={closeSidebar}
         >
           <div 
-            className="absolute right-0 top-0 h-full w-full max-w-2xl bg-[#0c0c0e] border-l border-[#1e1e20] shadow-2xl animate-in slide-in-from-right duration-300"
+            className="absolute right-0 top-0 h-full w-full max-w-2xl bg-black border-l border-[#1e1e20] shadow-2xl animate-in slide-in-from-right duration-300"
             onClick={(e) => e.stopPropagation()}
           >
             <div className="flex flex-col h-full">
               {/* Sidebar Header */}
-              <div className="border-b border-[#1e1e20] px-6 py-4 flex items-center justify-between">
-                <h3 className="text-lg font-black text-white uppercase tracking-tight">
+              <div className="border-b border-[#1e1e20] px-6 py-4 flex items-center justify-between bg-[#161618]">
+                <h3 className="text-xl font-bold text-white uppercase tracking-tight">
                   {(sidebarOpen === 'signal-outbound' || sidebarOpen === 'signal-ratio') && 'Signal Detail: ' + (sidebarOpen === 'signal-outbound' ? 'Outbound Volume Spike' : 'Upload/Download Ratio Shift')}
                   {sidebarOpen === 'source' && 'Source System Details'}
                   {sidebarOpen === 'internal' && 'Internal Systems'}
@@ -651,14 +601,14 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
                 </h3>
                 <button 
                   onClick={closeSidebar}
-                  className="p-2 hover:bg-[#161618] rounded-lg transition-colors"
+                  className="p-1.5 hover:bg-zinc-800 rounded transition-colors"
                 >
                   <X size={20} className="text-zinc-500" />
                 </button>
               </div>
 
               {/* Sidebar Content */}
-              <div className="flex-1 overflow-y-auto">
+              <div className="flex-1 overflow-y-auto bg-black">
                 {/* Signal Detail Tabs */}
                 {(sidebarOpen === 'signal-outbound' || sidebarOpen === 'signal-ratio') && (
                   <>
@@ -673,8 +623,8 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
                           onClick={() => setActiveTab(tab.id)}
                           className={`flex-1 px-6 py-3 text-[10px] font-black uppercase tracking-widest transition-all
                             ${activeTab === tab.id 
-                              ? 'bg-[#00D4AA10] text-[#00D4AA] border-b-2 border-[#00D4AA10]' 
-                              : 'text-zinc-500 hover:text-zinc-300 hover:bg-[#00D4AA10]'}`}
+                              ? 'bg-[#00D4AA]/10 text-[#00D4AA] border-b-2 border-[#00D4AA]' 
+                              : 'text-zinc-500 hover:text-zinc-300 hover:bg-zinc-900/30'}`}
                         >
                           {tab.label}
                         </button>
@@ -684,15 +634,15 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
                     <div className="p-6">
                       {activeTab === 'explanation' && (
                         <div className="space-y-4 animate-in fade-in duration-300">
-                          <div className="bg-cyan-900/10 border border-cyan-600/30 rounded-lg p-4">
-                            <p className="text-sm text-cyan-100 italic leading-relaxed">
+                          <div className="bg-[#00D4AA]/10 border border-[#00D4AA]/30 rounded-lg p-4">
+                            <p className="text-sm text-white italic leading-relaxed">
                               {sidebarOpen === 'signal-outbound' 
                                 ? '"This signal indicates that the observed network behavior deviated significantly from what is normally expected for this system over a sustained period."'
                                 : '"The host uploaded much more data than it downloaded, which is unusual for typical network behavior."'
                               }
                             </p>
                           </div>
-                          <p className="text-xs text-zinc-400 leading-relaxed">
+                          <p className="text-sm text-zinc-400 leading-relaxed">
                             {sidebarOpen === 'signal-outbound'
                               ? 'This signal indicates that the observed network behavior deviated significantly from what is normally expected for this system over a sustained period.'
                               : 'This pattern often indicates data exfiltration where an attacker is uploading stolen data to an external server while minimizing downloads to avoid detection.'
@@ -705,7 +655,7 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
                         <div className="space-y-4 animate-in fade-in duration-300">
                           <div>
                             <h4 className="text-[10px] font-black text-[#00D4AA] uppercase tracking-widest mb-3">What was monitored:</h4>
-                            <ul className="space-y-2 text-xs text-zinc-300">
+                            <ul className="space-y-2 text-sm text-zinc-400">
                               {sidebarOpen === 'signal-outbound' ? (
                                 <>
                                   <li className="flex items-start gap-2">
@@ -742,7 +692,7 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
 
                           <div className="pt-4 border-t border-[#1e1e20]">
                             <h4 className="text-[10px] font-black text-[#00D4AA] uppercase tracking-widest mb-3">When it is considered suspicious:</h4>
-                            <ul className="space-y-2 text-xs text-zinc-300">
+                            <ul className="space-y-2 text-sm text-zinc-400">
                               {sidebarOpen === 'signal-outbound' ? (
                                 <>
                                   <li className="flex items-start gap-2">
@@ -771,7 +721,7 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
 
                           <div className="pt-4 border-t border-[#1e1e20]">
                             <h4 className="text-[10px] font-black text-[#00D4AA] uppercase tracking-widest mb-3">Why this matters:</h4>
-                            <p className="text-xs text-zinc-300">
+                            <p className="text-sm text-zinc-400">
                               {sidebarOpen === 'signal-outbound'
                                 ? 'This pattern is commonly associated with unauthorized data transfer or exfiltration.'
                                 : 'Unusual upload patterns often indicate data theft where attackers extract sensitive information to external servers.'
@@ -784,10 +734,10 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
                       {activeTab === 'evidence' && (
                         <div className="space-y-3 animate-in fade-in duration-300">
                           <div className="flex items-center justify-between mb-4">
-                            <div className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">
+                            <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">
                               Time Window
                             </div>
-                            <div className="text-sm font-mono text-white">13:40 - 13:58</div>
+                            <div className="text-xs  text-white">13:40 - 13:58</div>
                           </div>
 
                           <div className="space-y-2">
@@ -795,12 +745,12 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
                             
                             <button 
                               onClick={() => setSidebarOpen('evidence1')}
-                              className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4 text-left hover:border-cyan-600/40 transition-all"
+                              className="w-full bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 text-left hover:border-[#00D4AA] transition-all"
                             >
                               <div className="flex items-center gap-3">
                                 <FileText size={16} className="text-[#00D4AA]" />
                                 <div className="flex-1">
-                                  <div className="text-xs font-mono text-white">HTTP_105 - UID: C934228</div>
+                                  <div className="text-xs  text-white">HTTP_105 - UID: C934228</div>
                                 </div>
                                 <ChevronRight size={16} className="text-zinc-500" />
                               </div>
@@ -808,12 +758,12 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
 
                             <button 
                               onClick={() => setSidebarOpen('evidence2')}
-                              className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4 text-left hover:border-cyan-600/40 transition-all"
+                              className="w-full bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 text-left hover:border-[#00D4AA] transition-all"
                             >
                               <div className="flex items-center gap-3">
                                 <FileText size={16} className="text-[#00D4AA]" />
                                 <div className="flex-1">
-                                  <div className="text-xs font-mono text-white">HTTP_105 - UID: C8442594</div>
+                                  <div className="text-xs  text-white">HTTP_105 - UID: C8442594</div>
                                 </div>
                                 <ChevronRight size={16} className="text-zinc-500" />
                               </div>
@@ -825,47 +775,48 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
                   </>
                 )}
 
-                {/* Other sidebar content */}
+                {/* Source System Details */}
                 {sidebarOpen === 'source' && (
                   <div className="p-6">
-                    <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl p-6">
-                      <div className="flex items-center gap-4 mb-6">
-                        <div className="p-3 bg-[#00D4AA10] border border-cyan-600/30 rounded-lg">
+                    <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-6 space-y-6 shadow-sm">
+                      <div className="flex items-center gap-4">
+                        <div className="p-3 bg-[#00D4AA]/10 border border-[#00D4AA]/30 rounded-lg">
                           <Server size={32} className="text-[#00D4AA]" />
                         </div>
                         <div>
-                          <div className="text-xl font-black text-white uppercase">WS-FINAN-01</div>
-                          <div className="text-sm text-[#00D4AA] font-mono mt-1">192.168.1.45</div>
+                          <div className="text-xl font-bold text-white uppercase tracking-tight">WS-FINAN-01</div>
+                          <div className="text-xs  text-[#00D4AA] mt-1">192.168.1.45</div>
                         </div>
                       </div>
                       
                       <div className="space-y-4 pt-4 border-t border-[#1e1e20]">
                         <div>
-                          <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-2">VLAN</div>
-                          <div className="text-sm text-white">FINANCE-VLAN (VLAN 10)</div>
+                          <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">VLAN</div>
+                          <div className="text-sm font-semibold text-white">FINANCE-VLAN (VLAN 10)</div>
                         </div>
                         <div>
-                          <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-2">Asset Classification</div>
-                          <span className="px-3 py-1 bg-emerald-600/20 border border-emerald-600/30 text-emerald-400 text-xs font-bold uppercase rounded">
+                          <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">Asset Classification</div>
+                          <span className="px-2 py-0.5 bg-green-500/10 border border-green-500/20 text-green-500 rounded text-[10px] font-bold uppercase">
                             Critical Asset
                           </span>
                         </div>
                         <div>
-                          <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-2">Last Seen</div>
-                          <div className="text-sm text-white">2026-01-27 13:58:34 UTC</div>
+                          <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">Last Seen</div>
+                          <div className="text-sm font-semibold text-white">2026-01-27 13:58:34 UTC</div>
                         </div>
                       </div>
                     </div>
                   </div>
                 )}
 
+                {/* Attack Stage Details */}
                 {sidebarOpen.startsWith('stage-') && (
                   <div className="p-6 space-y-6">
                     {/* What Happened in This Stage */}
                     <div>
                       <div className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-3">What Happened in This Stage</div>
-                      <div className="bg-cyan-900/10 border border-cyan-600/30 rounded-lg p-4">
-                        <p className="text-sm text-cyan-100 italic leading-relaxed">
+                      <div className="bg-[#00D4AA]/10 border border-[#00D4AA]/30 rounded-lg p-4">
+                        <p className="text-sm text-white italic leading-relaxed">
                           "Internal exploration activity targeting sensitive systems was observed."
                         </p>
                       </div>
@@ -874,12 +825,12 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
                     {/* Signals Involved in This Stage */}
                     <div>
                       <div className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-3">Signals Involved in This Stage</div>
-                      <button className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4 hover:border-cyan-600/40 transition-all text-left flex items-center justify-between">
+                      <button className="w-full bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 hover:border-[#00D4AA] transition-all text-left flex items-center justify-between">
                         <div className="flex items-center gap-3">
-                          <div className="w-8 h-8 rounded bg-amber-900/20 border border-amber-600/30 flex items-center justify-center">
-                            <AlertTriangle size={16} className="text-amber-400" />
+                          <div className="w-8 h-8 rounded bg-yellow-500/10 border border-yellow-500/20 flex items-center justify-center">
+                            <AlertTriangle size={16} className="text-yellow-500" />
                           </div>
-                          <span className="text-sm text-white font-bold">SIG_DR_EXAM</span>
+                          <span className="text-sm font-semibold text-white">SIG_DR_EXAM</span>
                         </div>
                         <ChevronRight size={16} className="text-zinc-500" />
                       </button>
@@ -889,13 +840,13 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
                     <div>
                       <div className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-3">Evidence Summary</div>
                       <div className="grid grid-cols-2 gap-4">
-                        <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4">
-                          <div className="text-[9px] text-zinc-500 uppercase tracking-widest mb-2">Time Window</div>
-                          <div className="text-base font-black text-white">13:58 UTC</div>
+                        <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4">
+                          <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">Time Window</div>
+                          <div className="text-sm font-semibold text-white">13:58 UTC</div>
                         </div>
-                        <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-4">
-                          <div className="text-[9px] text-zinc-500 uppercase tracking-widest mb-2">Affected Systems</div>
-                          <div className="text-base font-black text-white">Affected system(s) and associated network logs</div>
+                        <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4">
+                          <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">Affected Systems</div>
+                          <div className="text-xs text-white">Multiple systems</div>
                         </div>
                       </div>
                     </div>
@@ -903,7 +854,7 @@ const DetectionDetailPage: React.FC<Props> = ({ id, onBack }) => {
                     {/* Why This Stage Matters */}
                     <div>
                       <div className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-3">Why This Stage Matters</div>
-                      <p className="text-xs text-zinc-400 leading-relaxed italic">
+                      <p className="text-sm text-zinc-400 leading-relaxed italic">
                         "Activity in this stage is often observed before escalation or data loss."
                       </p>
                     </div>
diff --git a/ui/pages/DetectionRulesPage.tsx b/ui/pages/DetectionRulesPage.tsx
index 5a0beee..7a54620 100644
--- a/ui/pages/DetectionRulesPage.tsx
+++ b/ui/pages/DetectionRulesPage.tsx
@@ -73,6 +73,7 @@ const DetectionRulesPage: React.FC<{ defaultView?: TabId }> = ({ defaultView = '
   const [activeFieldInput, setActiveFieldInput] = useState<{groupId: string, condId: string, fieldType: 'field' | 'value'} | null>(null);
   const [modalTab, setModalTab] = useState<'default' | 'enriched' | 'datasets' | 'static'>('default');
   const [selectedDefaultField, setSelectedDefaultField] = useState<string | null>(null);
+
   // Field Catalog Data
   const fieldCatalog = {
     default: [
@@ -132,495 +133,409 @@ const DetectionRulesPage: React.FC<{ defaultView?: TabId }> = ({ defaultView = '
   const openFieldModal = (groupId: string, condId: string, fieldType: 'field' | 'value') => {
     setActiveFieldInput({ groupId, condId, fieldType });
     setModalTab(fieldType === 'field' ? 'default' : 'datasets');
-    setSelectedDefaultField(null); // Reset selected field
+    setSelectedDefaultField(null);
     setShowFieldModal(true);
   };
   
   const closeFieldModal = () => {
     setShowFieldModal(false);
     setActiveFieldInput(null);
-    setSelectedDefaultField(null); // Reset when closing
+    setSelectedDefaultField(null);
   };
 
   const selectFieldValue = (value: string) => {
    if (activeFieldInput) {
      const { groupId, condId, fieldType } = activeFieldInput;
-     
-     // Handle correlation join keys
      if (groupId === 'correlation-g1' && condId === 'join-key') {
        setThresholdField(value);
      } else if (groupId === 'correlation-g2' && condId === 'join-key') {
-       // Handle second correlation key (you might want to add state for this)
        console.log('Group B join key:', value);
      } else if (groupId === 'dedup' && condId === 'key') {
-       // Handle deduplication key addition
        console.log('Add dedup key:', value);
-       // You can add logic here to add the key to a deduplication keys array
      } else {
-       // Handle normal condition fields/values
        updateCondition(groupId, condId, fieldType === 'field' ? { field: value } : { value });
      }
    }
    closeFieldModal();
  };
 
-  // Field Picker Modal Component
-// Update the FieldPickerModal component - replace the entire value picker section:
-
-const FieldPickerModal = () => {
-  if (!showFieldModal) return null;
-
-  const isFieldPicker = activeFieldInput?.fieldType === 'field';
-  
-  if (isFieldPicker) {
-    // Field picker - show enriched fields only when a default field is selected
-    return (
-      <div className="fixed inset-0 z-[100] flex items-center justify-center bg-black/70 backdrop-blur-sm animate-in fade-in duration-200">
-        <div 
-          className={`bg-zinc-900 border border-zinc-800 rounded-2xl shadow-2xl overflow-hidden animate-in zoom-in duration-200 transition-all ${
-            selectedDefaultField ? 'w-[720px]' : 'w-[450px]'
-          }`}
-        >
-          <div className="p-4 border-b border-zinc-800 flex justify-between items-center bg-zinc-900/50">
-            <h3 className="text-[11px] font-black uppercase tracking-[0.2em] text-zinc-400">
-              Select Field
-            </h3>
-            <button 
-              onClick={() => {
-                setSelectedDefaultField(null);
-                closeFieldModal();
-              }}
-              className="text-zinc-500 hover:text-white transition-colors text-lg leading-none"
-            >
-              ✕
-            </button>
-          </div>
-          
-          <div className={`grid ${selectedDefaultField ? 'grid-cols-2' : 'grid-cols-1'}`}>
-            {/* Left Side - Default Fields */}
-            <div className={selectedDefaultField ? 'border-r border-zinc-800' : ''}>
-              <div className="p-3 bg-zinc-900/20 border-b border-zinc-800">
-                <h4 className="text-[10px] font-black uppercase tracking-widest text-zinc-500">Default Fields</h4>
-              </div>
-              <div className="p-2 max-h-[320px] overflow-y-auto">
-                {fieldCatalog.default.map((item) => (
-                  <div
-                    key={item.id}
-                    onClick={() => {
-                      if (selectedDefaultField === item.id) {
-                        // If clicking the same field, select it
-                        selectFieldValue(item.id);
-                        setSelectedDefaultField(null);
-                      } else {
-                        // Show enriched fields for this default field
-                        setSelectedDefaultField(item.id);
-                      }
-                    }}
-                    className={`p-3 mb-1 rounded-xl cursor-pointer border transition-all group ${
-                      selectedDefaultField === item.id
-                        ? 'bg-zinc-800 border-blue-500/50'
-                        : 'hover:bg-zinc-800 border-transparent hover:border-zinc-700'
-                    }`}
-                  >
-                    <div className="text-[11px] font-bold font-mono text-zinc-300 flex items-center justify-between">
-                      {item.id}
-                      {selectedDefaultField === item.id && (
-                        <span className="text-blue-400 text-[9px]">→</span>
-                      )}
-                    </div>
-                    <div className="text-[9px] text-zinc-500 mt-1">{item.desc}</div>
-                  </div>
-                ))}
-              </div>
+  // ─── FIELD PICKER MODAL ────────────────────────────────────────────
+  const FieldPickerModal = () => {
+    if (!showFieldModal) return null;
+    const isFieldPicker = activeFieldInput?.fieldType === 'field';
+    
+    if (isFieldPicker) {
+      return (
+        <div className="fixed inset-0 z-[100] flex items-center justify-center bg-black/70 backdrop-blur-sm animate-in fade-in duration-200">
+          <div 
+            className={`bg-zinc-900 border border-zinc-800 rounded-2xl shadow-2xl overflow-hidden animate-in zoom-in duration-200 transition-all ${
+              selectedDefaultField ? 'w-[720px]' : 'w-[450px]'
+            }`}
+          >
+            <div className="p-4 border-b border-zinc-800 flex justify-between items-center bg-zinc-900/50">
+              <h3 className="text-[11px] font-black uppercase tracking-[0.2em] text-zinc-400">Select Field</h3>
+              <button 
+                onClick={() => { setSelectedDefaultField(null); closeFieldModal(); }}
+                className="text-zinc-500 hover:text-white transition-colors text-lg leading-none"
+              >✕</button>
             </div>
-
-            {/* Right Side - Enriched Fields (only shown when default field selected) */}
-            {selectedDefaultField && (
-              <div className="animate-in slide-in-from-right duration-200">
-                <div className="p-3 bg-zinc-900/20 border-b border-zinc-800 flex items-center justify-between">
-                  <h4 className="text-[10px] font-black uppercase tracking-widest text-blue-500">
-                    Enriched Fields for {selectedDefaultField}
-                  </h4>
-                  <button
-                    onClick={() => setSelectedDefaultField(null)}
-                    className="text-[9px] text-zinc-500 hover:text-zinc-300 font-bold uppercase tracking-widest"
-                  >
-                    ← Back
-                  </button>
+            
+            <div className={`grid ${selectedDefaultField ? 'grid-cols-2' : 'grid-cols-1'}`}>
+              {/* Left — Default Fields */}
+              <div className={selectedDefaultField ? 'border-r border-zinc-800' : ''}>
+                <div className="p-3 bg-zinc-900/20 border-b border-zinc-800">
+                  <h4 className="text-[10px] font-black uppercase tracking-widest text-zinc-500">Default Fields</h4>
                 </div>
                 <div className="p-2 max-h-[320px] overflow-y-auto">
-                  {fieldCatalog.enriched.map((item) => (
+                  {fieldCatalog.default.map((item) => (
                     <div
                       key={item.id}
                       onClick={() => {
-                        selectFieldValue(item.id);
-                        setSelectedDefaultField(null);
+                        if (selectedDefaultField === item.id) {
+                          selectFieldValue(item.id);
+                          setSelectedDefaultField(null);
+                        } else {
+                          setSelectedDefaultField(item.id);
+                        }
                       }}
-                      className="p-3 mb-1 rounded-xl hover:bg-zinc-800 cursor-pointer border border-transparent hover:border-blue-700/30 transition-all group"
+                      className={`p-3 mb-1 rounded-xl cursor-pointer border transition-all group ${
+                        selectedDefaultField === item.id
+                          ? 'bg-zinc-800 border-blue-500/50'
+                          : 'hover:bg-zinc-800 border-transparent hover:border-zinc-700'
+                      }`}
                     >
-                      <div className="text-[11px] font-bold font-mono text-blue-400">{item.id}</div>
+                      <div className="text-[11px] font-bold  text-zinc-300 flex items-center justify-between">
+                        {item.id}
+                        {selectedDefaultField === item.id && <span className="text-blue-400 text-[9px]">→</span>}
+                      </div>
                       <div className="text-[9px] text-zinc-500 mt-1">{item.desc}</div>
                     </div>
                   ))}
-                  
-                  {/* Option to select the base field */}
-                  <div className="mt-4 pt-4 border-t border-zinc-800">
-                    <div
-                      onClick={() => {
-                        selectFieldValue(selectedDefaultField);
-                        setSelectedDefaultField(null);
-                      }}
-                      className="p-3 rounded-xl hover:bg-blue-600/10 cursor-pointer border border-blue-500/30 hover:border-blue-500/50 transition-all"
-                    >
-                      <div className="text-[11px] font-bold font-mono text-zinc-300">
-                        Use base field: {selectedDefaultField}
+                </div>
+              </div>
+
+              {/* Right — Enriched Fields */}
+              {selectedDefaultField && (
+                <div className="animate-in slide-in-from-right duration-200">
+                  <div className="p-3 bg-zinc-900/20 border-b border-zinc-800 flex items-center justify-between">
+                    <h4 className="text-[10px] font-black uppercase tracking-widest text-blue-500">
+                      Enriched Fields for {selectedDefaultField}
+                    </h4>
+                    <button onClick={() => setSelectedDefaultField(null)} className="text-[9px] text-zinc-500 hover:text-zinc-300 font-bold uppercase tracking-widest">← Back</button>
+                  </div>
+                  <div className="p-2 max-h-[320px] overflow-y-auto">
+                    {fieldCatalog.enriched.map((item) => (
+                      <div
+                        key={item.id}
+                        onClick={() => { selectFieldValue(item.id); setSelectedDefaultField(null); }}
+                        className="p-3 mb-1 rounded-xl hover:bg-zinc-800 cursor-pointer border border-transparent hover:border-blue-700/30 transition-all group"
+                      >
+                        <div className="text-[11px] font-bold  text-blue-400">{item.id}</div>
+                        <div className="text-[9px] text-zinc-500 mt-1">{item.desc}</div>
+                      </div>
+                    ))}
+                    <div className="mt-4 pt-4 border-t border-zinc-800">
+                      <div
+                        onClick={() => { selectFieldValue(selectedDefaultField); setSelectedDefaultField(null); }}
+                        className="p-3 rounded-xl hover:bg-blue-600/10 cursor-pointer border border-blue-500/30 hover:border-blue-500/50 transition-all"
+                      >
+                        <div className="text-[11px] font-bold  text-zinc-300">Use base field: {selectedDefaultField}</div>
+                        <div className="text-[9px] text-zinc-500 mt-1">Select the original field without enrichment</div>
                       </div>
-                      <div className="text-[9px] text-zinc-500 mt-1">Select the original field without enrichment</div>
                     </div>
                   </div>
                 </div>
-              </div>
-            )}
-          </div>
-
-          <div className="p-4 bg-zinc-900/50 border-t border-zinc-800 text-[9px] text-zinc-500 uppercase font-bold tracking-tighter">
-            Phase-1 Engine • Automatic Fact Discovery Enabled
+              )}
+            </div>
+            <div className="p-4 bg-zinc-900/50 border-t border-zinc-800 text-[9px] text-zinc-500 uppercase font-bold tracking-tighter">
+              Phase-1 Engine • Automatic Fact Discovery Enabled
+            </div>
           </div>
         </div>
-      </div>
-    );
-  } else {
-    // Value picker - show datasets only when a static value is selected
-    return (
-      <div className="fixed inset-0 z-[100] flex items-center justify-center bg-black/70 backdrop-blur-sm animate-in fade-in duration-200">
-        <div 
-          className={`bg-zinc-900 border border-zinc-800 rounded-2xl shadow-2xl overflow-hidden animate-in zoom-in duration-200 transition-all ${
-            selectedDefaultField ? 'w-[720px]' : 'w-[450px]'
-          }`}
-        >
-          <div className="p-4 border-b border-zinc-800 flex justify-between items-center bg-zinc-900/50">
-            <h3 className="text-[11px] font-black uppercase tracking-[0.2em] text-zinc-400">
-              Select Value
-            </h3>
-            <button 
-              onClick={() => {
-                setSelectedDefaultField(null);
-                closeFieldModal();
-              }}
-              className="text-zinc-500 hover:text-white transition-colors text-lg leading-none"
-            >
-              ✕
-            </button>
-          </div>
-          
-          <div className={`grid ${selectedDefaultField ? 'grid-cols-2' : 'grid-cols-1'}`}>
-            {/* Left Side - Static Values */}
-            <div className={selectedDefaultField ? 'border-r border-zinc-800' : ''}>
-              <div className="p-3 bg-zinc-900/20 border-b border-zinc-800">
-                <h4 className="text-[10px] font-black uppercase tracking-widest text-zinc-500">Common Values</h4>
-              </div>
-              <div className="p-2 max-h-[320px] overflow-y-auto">
-                {valueCatalog.static.map((item) => (
-                  <div
-                    key={item.id}
-                    onClick={() => {
-                      if (selectedDefaultField === item.id) {
-                        // If clicking the same value, select it
-                        selectFieldValue(item.id);
-                        setSelectedDefaultField(null);
-                      } else {
-                        // Show datasets for this static value
-                        setSelectedDefaultField(item.id);
-                      }
-                    }}
-                    className={`p-3 mb-1 rounded-xl cursor-pointer border transition-all group ${
-                      selectedDefaultField === item.id
-                        ? 'bg-zinc-800 border-emerald-500/50'
-                        : 'hover:bg-zinc-800 border-transparent hover:border-zinc-700'
-                    }`}
-                  >
-                    <div className="text-[11px] font-bold font-mono text-zinc-300 flex items-center justify-between">
-                      {item.id}
-                      {selectedDefaultField === item.id && (
-                        <span className="text-emerald-400 text-[9px]">→</span>
-                      )}
-                    </div>
-                    <div className="text-[9px] text-zinc-500 mt-1">{item.desc}</div>
-                  </div>
-                ))}
-              </div>
+      );
+    } else {
+      // Value picker
+      return (
+        <div className="fixed inset-0 z-[100] flex items-center justify-center bg-black/70 backdrop-blur-sm animate-in fade-in duration-200">
+          <div 
+            className={`bg-zinc-900 border border-zinc-800 rounded-2xl shadow-2xl overflow-hidden animate-in zoom-in duration-200 transition-all ${
+              selectedDefaultField ? 'w-[720px]' : 'w-[450px]'
+            }`}
+          >
+            <div className="p-4 border-b border-zinc-800 flex justify-between items-center bg-zinc-900/50">
+              <h3 className="text-[11px] font-black uppercase tracking-[0.2em] text-zinc-400">Select Value</h3>
+              <button 
+                onClick={() => { setSelectedDefaultField(null); closeFieldModal(); }}
+                className="text-zinc-500 hover:text-white transition-colors text-lg leading-none"
+              >✕</button>
             </div>
-
-            {/* Right Side - Datasets (only shown when static value selected) */}
-            {selectedDefaultField && (
-              <div className="animate-in slide-in-from-right duration-200">
-                <div className="p-3 bg-zinc-900/20 border-b border-zinc-800 flex items-center justify-between">
-                  <h4 className="text-[10px] font-black uppercase tracking-widest text-emerald-500">
-                    Datasets
-                  </h4>
-                  <button
-                    onClick={() => setSelectedDefaultField(null)}
-                    className="text-[9px] text-zinc-500 hover:text-zinc-300 font-bold uppercase tracking-widest"
-                  >
-                    ← Back
-                  </button>
+            
+            <div className={`grid ${selectedDefaultField ? 'grid-cols-2' : 'grid-cols-1'}`}>
+              <div className={selectedDefaultField ? 'border-r border-zinc-800' : ''}>
+                <div className="p-3 bg-zinc-900/20 border-b border-zinc-800">
+                  <h4 className="text-[10px] font-black uppercase tracking-widest text-zinc-500">Common Values</h4>
                 </div>
                 <div className="p-2 max-h-[320px] overflow-y-auto">
-                  {valueCatalog.datasets.map((item) => (
+                  {valueCatalog.static.map((item) => (
                     <div
                       key={item.id}
                       onClick={() => {
-                        selectFieldValue(item.id);
-                        setSelectedDefaultField(null);
+                        if (selectedDefaultField === item.id) {
+                          selectFieldValue(item.id);
+                          setSelectedDefaultField(null);
+                        } else {
+                          setSelectedDefaultField(item.id);
+                        }
                       }}
-                      className="p-3 mb-1 rounded-xl hover:bg-zinc-800 cursor-pointer border border-transparent hover:border-emerald-700/30 transition-all group"
+                      className={`p-3 mb-1 rounded-xl cursor-pointer border transition-all group ${
+                        selectedDefaultField === item.id
+                          ? 'bg-zinc-800 border-emerald-500/50'
+                          : 'hover:bg-zinc-800 border-transparent hover:border-zinc-700'
+                      }`}
                     >
-                      <div className="text-[11px] font-bold font-mono text-emerald-400">{item.id}</div>
+                      <div className="text-[11px] font-bold  text-zinc-300 flex items-center justify-between">
+                        {item.id}
+                        {selectedDefaultField === item.id && <span className="text-emerald-400 text-[9px]">→</span>}
+                      </div>
                       <div className="text-[9px] text-zinc-500 mt-1">{item.desc}</div>
-                      {item.table && (
-                        <div className="text-[8px] text-zinc-600 mt-1 font-mono">Table: {item.table}</div>
-                      )}
                     </div>
                   ))}
-                  
-                  {/* Option to select the base value */}
-                  <div className="mt-4 pt-4 border-t border-zinc-800">
-                    <div
-                      onClick={() => {
-                        selectFieldValue(selectedDefaultField);
-                        setSelectedDefaultField(null);
-                      }}
-                      className="p-3 rounded-xl hover:bg-emerald-600/10 cursor-pointer border border-emerald-500/30 hover:border-emerald-500/50 transition-all"
-                    >
-                      <div className="text-[11px] font-bold font-mono text-zinc-300">
-                        Use value: {selectedDefaultField}
+                </div>
+              </div>
+
+              {selectedDefaultField && (
+                <div className="animate-in slide-in-from-right duration-200">
+                  <div className="p-3 bg-zinc-900/20 border-b border-zinc-800 flex items-center justify-between">
+                    <h4 className="text-[10px] font-black uppercase tracking-widest text-emerald-500">Datasets</h4>
+                    <button onClick={() => setSelectedDefaultField(null)} className="text-[9px] text-zinc-500 hover:text-zinc-300 font-bold uppercase tracking-widest">← Back</button>
+                  </div>
+                  <div className="p-2 max-h-[320px] overflow-y-auto">
+                    {valueCatalog.datasets.map((item) => (
+                      <div
+                        key={item.id}
+                        onClick={() => { selectFieldValue(item.id); setSelectedDefaultField(null); }}
+                        className="p-3 mb-1 rounded-xl hover:bg-zinc-800 cursor-pointer border border-transparent hover:border-emerald-700/30 transition-all group"
+                      >
+                        <div className="text-[11px] font-bold  text-emerald-400">{item.id}</div>
+                        <div className="text-[9px] text-zinc-500 mt-1">{item.desc}</div>
+                        {item.table && <div className="text-[8px] text-zinc-600 mt-1 ">Table: {item.table}</div>}
+                      </div>
+                    ))}
+                    <div className="mt-4 pt-4 border-t border-zinc-800">
+                      <div
+                        onClick={() => { selectFieldValue(selectedDefaultField); setSelectedDefaultField(null); }}
+                        className="p-3 rounded-xl hover:bg-emerald-600/10 cursor-pointer border border-emerald-500/30 hover:border-emerald-500/50 transition-all"
+                      >
+                        <div className="text-[11px] font-bold  text-zinc-300">Use value: {selectedDefaultField}</div>
+                        <div className="text-[9px] text-zinc-500 mt-1">Select this common value directly</div>
                       </div>
-                      <div className="text-[9px] text-zinc-500 mt-1">Select this common value directly</div>
                     </div>
                   </div>
                 </div>
-              </div>
-            )}
-          </div>
-
-          <div className="p-4 bg-zinc-900/50 border-t border-zinc-800 text-[9px] text-zinc-500 uppercase font-bold tracking-tighter">
-            Phase-1 Engine • Automatic Fact Discovery Enabled
+              )}
+            </div>
+            <div className="p-4 bg-zinc-900/50 border-t border-zinc-800 text-[9px] text-zinc-500 uppercase font-bold tracking-tighter">
+              Phase-1 Engine • Automatic Fact Discovery Enabled
+            </div>
           </div>
         </div>
-      </div>
-    );
-  }
-};
+      );
+    }
+  };
 
-  // --- Step 1: Definition & Scheduling ---
+  // ─── STEP 1: DEFINE ────────────────────────────────────────────────
   const renderStep1About = () => (
     <div className="grid grid-cols-1 lg:grid-cols-[1fr_300px] gap-4 animate-in fade-in duration-300">
   
       {/* LEFT SIDE */}
       <div className="space-y-4">
   
-        
-        {/* GENERAL INFORMATION */}
-<section className="bg-zinc-900 border border-zinc-800 rounded-lg p-4">
-  <div className="flex items-start gap-2 mb-3">
-    <FileText size={14} className="text-blue-400" />
-    <div className="flex- flex-column">
-      <h3 className="text-xs font-black text-white uppercase tracking-widest">
-      Detection Definition
-    </h3>
-      <p className="text-[10px] text-zinc-600 font-bold  tracking-[0.2em] mt-1">Describe what this detection identifies and how it should be classified.</p>
+        {/* DETECTION DEFINITION */}
+        <section className="bg-zinc-900 border border-zinc-800 rounded-lg p-4">
+          <div className="flex items-start gap-2 mb-3">
+            <FileText size={14} className="text-blue-400" />
+            <div className="flex- flex-column">
+              <h3 className="text-xs font-black text-white uppercase tracking-widest">Detection Definition</h3>
+              <p className="text-[10px] text-zinc-600 font-bold tracking-[0.2em] mt-1">Describe what this detection identifies and how it should be classified.</p>
+            </div>
+          </div>
 
-    </div>
-    
-  </div>
-
-  <div className="grid grid-cols-12 w-full gap-3 d-flex items-end">
-    {/* Rule Name */}
-    <div className="col-span-8 space-y-1 ">
-      <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">
-        Rule Name *
-      </label>
-      <input
-        type="text"
-        value={ruleName}
-        onChange={e => setRuleName(e.target.value)}
-        className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-3 py-2 text-sm text-white outline-none focus:border-[#00D4AA]"
-      />
-    </div>
+          <div className="grid grid-cols-12 w-full gap-3 d-flex items-center">
+            {/* Rule Name */}
+            <div className="col-span-8 space-y-1">
+              <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Rule Name *</label>
+              <input
+                type="text"
+                value={ruleName}
+                onChange={e => setRuleName(e.target.value)}
+                className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-3 py-2 text-sm text-white outline-none focus:border-[#00D4AA]"
+              />
+            </div>
 
-    {/* Severity */}
-    <div className="col-span-4 space-y-1 " >
-      <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">
-        Severity
-      </label>
-      <select
-        value={severity}
-        onChange={e => setSeverity(e.target.value as Severity)}
-        className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-3 py-2 text-sm text-white outline-none"
-      >
-        <option value="critical">Critical</option>
-        <option value="high">High</option>
-        <option value="medium">Medium</option>
-        <option value="low">Low</option>
-      </select>
-    </div>
+            {/* Severity */}
+            <div className="col-span-4 mt-2 space-y-1">
+              <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Severity</label>
+              <select
+                value={severity}
+                onChange={e => setSeverity(e.target.value as Severity)}
+                className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-3 py-2 text-sm text-white outline-none"
+              >
+                <option value="critical">Critical</option>
+                <option value="high">High</option>
+                <option value="medium">Medium</option>
+                <option value="low">Low</option>
+              </select>
+              <p className="text-[9px] text-zinc-600 mt-1">Alert severity when this detection triggers</p>
+            </div>
+          </div>
 
-    {/* Description */}
-   
-  </div>
-   <div className="col-span-6 space-y-1 mt-1">
-      <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">
-       Detection Description
-      </label>
-      <textarea
-  value={description}
-  onChange={e => setDescription(e.target.value)}
-  rows={4}
-  className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-3 py-2 text-sm text-white outline-none resize-none"
-  placeholder="What suspicious behavior does this detection represent?"
-/>
-    </div>
-</section>
-
-{/* EXECUTION + MITRE */}
-<section className="bg-zinc-900 border border-zinc-800 rounded-lg p-4">
-  <div className="flex items-center gap-2 mb-3">
-    <Clock size={14} className="text-[#006bb4]" />
-    <h3 className="text-xs font-black text-white uppercase tracking-widest">
-      When and How This Detection Runs
-    </h3>
-  </div>
-
-  <div className="space-y-3">
-  {/* Row 1 */}
-  <div className="grid grid-cols-12 gap-3 items-end">
-    {/* Run Mode */}
-    <div className="col-span-4 space-y-1">
-      <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">
-        Execution Mode
-      </label>
-      <div className="flex gap-2">
-        {['realtime', 'scheduled'].map(mode => (
-          <button
-            key={mode}
-            onClick={() => setFrequency(mode as any)}
-            className={`px-3 py-1.5 rounded-md border text-[10px] font-black uppercase
-              ${frequency === mode
-                ? 'bg-[#006bb410] border-[#006bb444] text-white'
-                : 'bg-zinc-950 border-zinc-800 text-zinc-500'}`}
-          >
-            {mode}
-          </button>
-        ))}
-      </div>
-    </div>
+          {/* Detection Description */}
+          <div className="col-span-6 space-y-1 mt-3">
+            <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Detection Description</label>
+            <textarea
+              value={description}
+              onChange={e => setDescription(e.target.value)}
+              rows={4}
+              className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-3 py-2 text-sm text-white outline-none resize-none"
+              placeholder="What suspicious behavior does this detection represent?"
+            />
+          </div>
+        </section>
 
-    {/* Repeat */}
-    <div className={`col-span-3 space-y-1 ${frequency === 'realtime' && 'opacity-30 pointer-events-none'}`}>
-      <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">
-        Evaluation Frequency
-      </label>
-      <input
-        type="number"
-        value={repeatValue}
-        onChange={e => setRepeatValue(+e.target.value)}
-        className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-2 py-1.5 text-sm text-white"
-      />
-    </div>
+        {/* RULE EXECUTION */}
+        <section className="bg-zinc-900 border border-zinc-800 rounded-lg p-4">
+          <div className="flex items-center gap-2 mb-1">
+            <Clock size={14} className="text-[#006bb4]" />
+            <h3 className="text-xs font-black text-white uppercase tracking-widest">Rule Execution</h3>
+          </div>
+          <p className="text-[10px] text-zinc-600 font-bold tracking-[0.15em] mb-3 ml-5">When and how often this rule evaluates incoming data.</p>
 
-    <div className={`col-span-3 space-y-1 ${frequency === 'realtime' && 'opacity-30 pointer-events-none'}`}>
-      <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">
-        Unit
-      </label>
-      <select
-        value={repeatUnit}
-        onChange={e => setRepeatUnit(e.target.value)}
-        className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-2 py-1.5 text-sm text-white"
-      >
-        <option>Minutes</option>
-        <option>Hours</option>
-        <option>Days</option>
-      </select>
-    </div>
+          <div className="space-y-3">
+            {/* Row 1 */}
+            <div className="grid grid-cols-12 gap-3 items-end">
+              {/* Execution Mode */}
+              <div className="col-span-4 space-y-1">
+                <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Execution Mode</label>
+                <div className="flex gap-2">
+                  {['realtime', 'scheduled'].map(mode => (
+                    <button
+                      key={mode}
+                      onClick={() => setFrequency(mode as any)}
+                      className={`px-3 py-1.5 rounded-md border text-[10px] font-black uppercase
+                        ${frequency === mode
+                          ? 'bg-[#006bb410] border-[#006bb444] text-white'
+                          : 'bg-zinc-950 border-zinc-800 text-zinc-500'}`}
+                    >
+                      {mode === 'realtime' ? 'Real-time' : 'Scheduled'}
+                    </button>
+                  ))}
+                </div>
+              </div>
 
-    {/* Lookback */}
-    <div className="col-span-2 space-y-1">
-      <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">
-        Data Lookback
-      </label>
-      <input
-        type="number"
-        value={lookback}
-        onChange={e => setLookback(+e.target.value)}
-        className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-2 py-1.5 text-sm text-white"
-      />
-    </div>
-  </div>
-
-  {/* Row 2 */}
-  <div className="grid grid-cols-12 gap-3 items-end">
-    {/* MITRE */}
-    <div className="col-span-10 space-y-1">
-      <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">
-        Threat Context
-      </label>
-      <select
-        value={tactic}
-        onChange={e => setTactic(e.target.value)}
-        className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-2 py-1.5 text-sm text-white"
-      >
-        <option>Initial Access</option>
-        <option>Execution</option>
-        <option>Persistence</option>
-        <option>Command & Control</option>
-      </select>
-    </div>
+              {/* Evaluation Interval */}
+              <div className={`col-span-3 space-y-1 ${frequency === 'realtime' && 'opacity-30 pointer-events-none'}`}>
+                <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Evaluation Interval</label>
+                <input
+                  type="number"
+                  value={repeatValue}
+                  onChange={e => setRepeatValue(+e.target.value)}
+                  className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-2 py-1.5 text-sm text-white"
+                />
+              </div>
 
-    <div className="col-span-2 space-y-1">
-      <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">
-        Technique
-      </label>
-      <input
-        type="text"
-        value={techniqueId}
-        onChange={e => setTechniqueId(e.target.value)}
-        placeholder="T1078"
-        className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-2 py-1.5 text-sm text-white"
-      />
-    </div>
-  </div>
-</div>
-</section>
+              {/* Interval Unit */}
+              <div className={`col-span-3 space-y-1 ${frequency === 'realtime' && 'opacity-30 pointer-events-none'}`}>
+                <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Interval Unit</label>
+                <select
+                  value={repeatUnit}
+                  onChange={e => setRepeatUnit(e.target.value)}
+                  className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-2 py-1.5 text-sm text-white"
+                >
+                  <option>Minutes</option>
+                  <option>Hours</option>
+                  <option>Days</option>
+                </select>
+              </div>
+
+              {/* Data Lookback Window */}
+              <div className="col-span-2 space-y-1">
+                <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Data Lookback Window</label>
+                <input
+                  type="number"
+                  value={lookback}
+                  onChange={e => setLookback(+e.target.value)}
+                  className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-2 py-1.5 text-sm text-white"
+                />
+              </div>
+            </div>
+          </div>
+        </section>
+
+        {/* THREAT CLASSIFICATION */}
+        <section className="bg-zinc-900 border border-zinc-800 rounded-lg p-4">
+          <div className="flex items-center gap-2 mb-1">
+            <Shield size={14} className="text-orange-400" />
+            <h3 className="text-xs font-black text-white uppercase tracking-widest">Threat Classification</h3>
+          </div>
+          <p className="text-[10px] text-zinc-600 font-bold tracking-[0.15em] mb-3 ml-5">How this detection is categorized for investigation and reporting.</p>
+
+          <div className="grid grid-cols-12 gap-3 items-end">
+            {/* Threat Context (MITRE Tactic) */}
+            <div className="col-span-6 space-y-1">
+              <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Threat Context</label>
+              <select
+                value={tactic}
+                onChange={e => setTactic(e.target.value)}
+                className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-2 py-1.5 text-sm text-white"
+              >
+                <option>Initial Access</option>
+                <option>Execution</option>
+                <option>Persistence</option>
+                <option>Command & Control</option>
+              </select>
+            </div>
+
+            {/* Technique */}
+            <div className="col-span-2 space-y-1">
+              <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Technique</label>
+              <input
+                type="text"
+                value={techniqueId}
+                onChange={e => setTechniqueId(e.target.value)}
+                placeholder="T1078"
+                className="w-full bg-zinc-950 border border-zinc-800 rounded-md px-2 py-1.5 text-sm text-white"
+              />
+            </div>
+
+            {/* Risk Score inline */}
+            <div className="col-span-4 space-y-1">
+              <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Risk Score</label>
+              <div className="flex items-center gap-3 bg-zinc-950 border border-zinc-800 rounded-md px-3 py-1.5">
+                <input
+                  type="range"
+                  min="1"
+                  max="100"
+                  value={riskScore}
+                  onChange={e => setRiskScore(+e.target.value)}
+                  className="flex-1 accent-[#006bb4]"
+                />
+                <span className="text-sm font-black text-[#006bb4] w-8 text-right">{riskScore}</span>
+              </div>
+            </div>
+          </div>
+        </section>
       </div>
   
       {/* RIGHT SIDE */}
       <div className="space-y-4">
-  
-        {/* RISK ANALYTICS */}
-        <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-4">
-          <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">
-            Risk Score
-          </label>
-          <div className="flex justify-between items-center mb-2">
-            <span className="text-xs text-zinc-600">Impact</span>
-            <span className="text-2xl font-black text-[#006bb4]">{riskScore}</span>
+        {/* DETECTION METHOD */}
+        <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-4 space-y-2">
+          <div className="flex items-center gap-2 mb-1">
+            <Target size={14} className="text-blue-400" />
+            <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Detection Method</label>
           </div>
-          <input
-            type="range"
-            min="1"
-            max="100"
-            value={riskScore}
-            onChange={e => setRiskScore(+e.target.value)}
-            className="w-full accent-[#006bb4]"
-          />
-        </div>
-  
-        {/* DETECTION STRATEGY */}
-        <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-3 space-y-2">
-          <label className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">
-            Detection Method
-          </label>
-  
+          <p className="text-[10px] text-zinc-600 font-bold tracking-[0.15em] mb-2 ml-5">Defines how suspicious behavior is identified.</p>
+
           {[
             { id: 'query', label: 'Event-based', icon: Search },
             { id: 'threshold', label: 'Threshold-based', icon: TrendingUp },
@@ -638,64 +553,24 @@ const FieldPickerModal = () => {
                     : 'border-zinc-800 bg-zinc-950'}`}
             >
               <s.icon size={14} />
-              <span className="text-[11px] font-black uppercase text-white">
-                {s.label}
-              </span>
+              <span className="text-[11px] font-black uppercase text-white">{s.label}</span>
             </button>
           ))}
         </div>
       </div>
     </div>
   );
-  
-  
-
-  // --- Step 2: Logic & Aggregation with Modal ---
-  // Update the renderStep2Logic function with these additions:
 
+  // ─── STEP 2: LOGIC ─────────────────────────────────────────────────
   const renderStep2Logic = () => (
     <div className="max-w-6xl mx-auto space-y-12 animate-in fade-in duration-300">
       {/* Field Picker Modal */}
       <FieldPickerModal />
   
-      {/* STAGE 1: Identity */}
-      {/* <section className="space-y-6">
-        <div className="flex items-center gap-4">
-          <div className="w-10 h-10 rounded-xl bg-zinc-900 border border-zinc-800 flex items-center justify-center text-zinc-500 font-bold">01</div>
-          <div>
-            <h2 className="text-base font-bold text-zinc-100">Identity</h2>
-            <p className="text-[11px] text-zinc-500 font-medium tracking-tight">Standard Phase-1 Rule Metadata</p>
-          </div>
-        </div>
-  
-        <div className="grid grid-cols-12 gap-4">
-          <div className="col-span-8">
-            <input 
-              type="text" 
-              value={ruleName}
-              onChange={e => setRuleName(e.target.value)}
-              placeholder="Rule Name..." 
-              className="w-full bg-zinc-950 border border-zinc-800 rounded-xl px-4 py-3 text-sm font-medium text-white outline-none focus:border-blue-500" 
-            />
-          </div>
-          <div className="col-span-4">
-            <select 
-              value={severity}
-              onChange={e => setSeverity(e.target.value as Severity)}
-              className="w-full bg-zinc-950 border border-zinc-800 rounded-xl px-4 py-3 text-xs font-bold uppercase tracking-wider text-zinc-400 outline-none"
-            >
-              <option value="critical">Critical</option>
-              <option value="high">High</option>
-              <option value="medium">Medium</option>
-              <option value="low">Low</option>
-            </select>
-          </div>
-        </div>
-      </section> */}
-  
-      {/* STAGE 2: Detection Logic */}
+      {/* MAIN LOGIC CARD */}
       <section className="bg-zinc-900 border border-zinc-800 rounded-lg p-4 shadow-xl space-y-12">
-        {/* STAGE 1: Initial Trigger */}
+
+        {/* ── PRIMARY DETECTION CONDITION ── */}
         <div className="space-y-6">
           <div className="flex items-center justify-between">
             <div className="flex items-center gap-4">
@@ -704,14 +579,10 @@ const FieldPickerModal = () => {
               </div>
               <div>
                 <h2 className="text-base font-bold text-zinc-100">Primary Detection Condition</h2>
-                {/* <p className="text-[10px] text-zinc-500 font-medium tracking-tight uppercase">Matching Pattern ({logicGroups[0]?.source.toUpperCase() || 'DNS.LOG'})</p> */}
                 <p className="text-[10px] text-zinc-500 font-medium tracking-tight uppercase">Define the network activity that should trigger this detection.</p>
               </div>
             </div>
             <div className="flex items-center gap-3">
-              <button className="px-3 py-1.5 bg-blue-500/10 border border-blue-500/30 rounded-lg text-[9px] font-black text-blue-400 uppercase tracking-widest">
-                Trigger_Source
-              </button>
               <select 
                 value={logicGroups[0]?.source || 'Network Data'}
                 onChange={e => setLogicGroups(logicGroups.map((g, i) => i === 0 ? {...g, source: e.target.value} : g))}
@@ -721,20 +592,15 @@ const FieldPickerModal = () => {
                 <option value="Endpoint Logs">http.log</option>
                 <option value="Auth Service">flow.log</option>
               </select>
-              
             </div>
           </div>
   
           <div className="space-y-4">
-            
-            {/* Parameters */}
+            {/* Condition Rows */}
             <div className="bg-zinc-950 border border-zinc-800 rounded-xl p-4 space-y-4">
               <div className="flex items-center gap-2 mb-3">
                 <Activity size={13} className="text-blue-400" />
-                <span className="text-[9px] font-black text-zinc-400 uppercase tracking-widest">
-                  Condition
-                </span>
-                
+                <span className="text-[9px] font-black text-zinc-400 uppercase tracking-widest">Condition</span>
               </div>
               {logicGroups[0]?.conditions.map((cond) => (
                 <div key={cond.id} className="flex items-center gap-3">
@@ -744,7 +610,7 @@ const FieldPickerModal = () => {
                       value={cond.field} 
                       onChange={e => updateCondition(logicGroups[0].id, cond.id, { field: e.target.value })} 
                       placeholder="id.orig_h"
-                      className="w-full bg-zinc-900 border border-zinc-800 rounded-lg pl-3 pr-10 py-3 text-xs font-mono text-zinc-300 outline-none focus:border-blue-500" 
+                      className="w-full bg-zinc-900 border border-zinc-800 rounded-lg pl-3 pr-10 py-3 text-xs  text-zinc-300 outline-none focus:border-blue-500" 
                     />
                     <button
                       onClick={() => openFieldModal(logicGroups[0].id, cond.id, 'field')}
@@ -793,24 +659,17 @@ const FieldPickerModal = () => {
               </button>
             </div>
   
-            {/* Bucket Threshold */}
+            {/* Suspicion Threshold */}
             <div className="bg-zinc-950 border border-zinc-800 rounded-lg p-4">
               <div className="flex items-center gap-2 mb-3">
                 <Activity size={13} className="text-blue-400" />
                 <span className="text-[9px] font-black text-zinc-400 uppercase tracking-widest">
                   When should this condition be considered suspicious?
                 </span>
-                {/* <span className="text-[9px] text-zinc-600 uppercase">
-                  Agg: COUNT(*)
-                </span> */}
               </div>
-  
               <div className="flex items-center gap-4">
                 <div className="flex items-center gap-2">
-                  <span className="text-[9px] text-zinc-600 font-bold uppercase">
-                    Occurs more than 
-                  </span>
-                  {/* <span className="text-xs text-zinc-500">&gt;</span> */}
+                  <span className="text-[9px] text-zinc-600 font-bold uppercase">Occurs more than</span>
                   <input
                     type="number"
                     value={thresholdHits}
@@ -818,11 +677,8 @@ const FieldPickerModal = () => {
                     className="w-16 bg-zinc-900 border border-zinc-800 rounded-md px-2 py-1 text-xs font-bold text-white outline-none"
                   />
                 </div>
-  
                 <div className="flex items-center gap-2">
-                  <span className="text-[9px] text-zinc-600 font-bold uppercase">
-                    times within 
-                  </span>
+                  <span className="text-[9px] text-zinc-600 font-bold uppercase">times within</span>
                   <input
                     type="number"
                     value={thresholdWindow}
@@ -842,107 +698,89 @@ const FieldPickerModal = () => {
             </div>
           </div>
         </div>
-  
-        {/* JOIN IDENTIFIER & CORRELATION */}
+
+        {/* ── JOIN BAR + CORRELATED CONDITION ── */}
         {logicGroups.length > 1 && (
           <>
+            {/* Join / Window Bar */}
             <div className="bg-zinc-950 border border-zinc-800 rounded-xl p-4">
-  <div className="flex items-center gap-4">
-    {/* Left Section - Join Identifier */}
-    <div className="flex items-center gap-3 flex-1">
-      <span className="text-[10px] font-black text-zinc-500 uppercase tracking-widest whitespace-nowrap">
-        Join Identifier
-      </span>
-      
-      <div className="flex items-center gap-2 bg-zinc-900/50 p-2 rounded-lg border border-zinc-800">
-        <div className="relative">
-          <input
-            type="text"
-            value={thresholdField}
-            onChange={e => setThresholdField(e.target.value)}
-            className="bg-zinc-950 border border-zinc-800 w-24 pl-2 pr-7 py-1.5 rounded-md text-[10px] font-mono text-blue-400 outline-none"
-          />
-          <button
-            onClick={() => {
-              setActiveFieldInput({
-                groupId: 'correlation-g1',
-                condId: 'join-key',
-                fieldType: 'field'
-              });
-              setSelectedDefaultField(null);
-              setShowFieldModal(true);
-            }}
-            className="absolute right-1 top-1 w-5 h-5 flex items-center justify-center rounded bg-zinc-800 hover:bg-blue-600 transition-colors text-zinc-500 hover:text-white"
-          >
-            <span className="text-[10px] font-bold">+</span>
-          </button>
-        </div>
+              <div className="flex items-center gap-4">
+                {/* Join Identifier */}
+                <div className="flex items-center gap-3 flex-1">
+                  <span className="text-[10px] font-black text-zinc-500 uppercase tracking-widest whitespace-nowrap">Join Identifier</span>
+                  <div className="flex items-center gap-2 bg-zinc-900/50 p-2 rounded-lg border border-zinc-800">
+                    <div className="relative">
+                      <input
+                        type="text"
+                        value={thresholdField}
+                        onChange={e => setThresholdField(e.target.value)}
+                        className="bg-zinc-950 border border-zinc-800 w-24 pl-2 pr-7 py-1.5 rounded-md text-[10px]  text-blue-400 outline-none"
+                      />
+                      <button
+                        onClick={() => {
+                          setActiveFieldInput({ groupId: 'correlation-g1', condId: 'join-key', fieldType: 'field' });
+                          setSelectedDefaultField(null);
+                          setShowFieldModal(true);
+                        }}
+                        className="absolute right-1 top-1 w-5 h-5 flex items-center justify-center rounded bg-zinc-800 hover:bg-blue-600 transition-colors text-zinc-500 hover:text-white"
+                      >
+                        <span className="text-[10px] font-bold">+</span>
+                      </button>
+                    </div>
+                    <span className="text-zinc-700 font-bold text-sm">＝</span>
+                    <div className="relative">
+                      <input
+                        type="text"
+                        defaultValue="destination.ip"
+                        className="bg-zinc-950 border border-zinc-800 w-24 pl-2 pr-7 py-1.5 rounded-md text-[10px]  text-purple-400 outline-none"
+                      />
+                      <button
+                        onClick={() => {
+                          setActiveFieldInput({ groupId: 'correlation-g2', condId: 'join-key', fieldType: 'field' });
+                          setSelectedDefaultField(null);
+                          setShowFieldModal(true);
+                        }}
+                        className="absolute right-1 top-1 w-5 h-5 flex items-center justify-center rounded bg-zinc-800 hover:bg-purple-600 transition-colors text-zinc-500 hover:text-white"
+                      >
+                        <span className="text-[10px] font-bold">+</span>
+                      </button>
+                    </div>
+                  </div>
+                </div>
 
-        <span className="text-zinc-700 font-bold text-sm">＝</span>
-
-        <div className="relative">
-          <input
-            type="text"
-            defaultValue="destination.ip"
-            className="bg-zinc-950 border border-zinc-800 w-24 pl-2 pr-7 py-1.5 rounded-md text-[10px] font-mono text-purple-400 outline-none"
-          />
-          <button
-            onClick={() => {
-              setActiveFieldInput({
-                groupId: 'correlation-g2',
-                condId: 'join-key',
-                fieldType: 'field'
-              });
-              setSelectedDefaultField(null);
-              setShowFieldModal(true);
-            }}
-            className="absolute right-1 top-1 w-5 h-5 flex items-center justify-center rounded bg-zinc-800 hover:bg-purple-600 transition-colors text-zinc-500 hover:text-white"
-          >
-            <span className="text-[10px] font-bold">+</span>
-          </button>
-        </div>
-      </div>
-    </div>
+                <div className="h-8 w-px bg-zinc-800 flex-shrink-0"></div>
 
-    {/* Divider */}
-    <div className="h-8 w-px bg-zinc-800 flex-shrink-0"></div>
-
-    {/* Middle Section - Global Window */}
-    <div className="flex items-center gap-2 flex-shrink-0">
-      <span className="text-[10px] font-black text-zinc-500 uppercase tracking-widest whitespace-nowrap">
-        Global Window
-      </span>
-      <input
-        type="text"
-        defaultValue="5m"
-        className="bg-zinc-950 border border-zinc-800 w-14 py-1.5 rounded-md text-[10px] text-center font-bold outline-none"
-      />
-    </div>
+                {/* Global Window */}
+                <div className="flex items-center gap-2 flex-shrink-0">
+                  <span className="text-[10px] font-black text-zinc-500 uppercase tracking-widest whitespace-nowrap">Global Window</span>
+                  <input
+                    type="text"
+                    defaultValue="5m"
+                    className="bg-zinc-950 border border-zinc-800 w-14 py-1.5 rounded-md text-[10px] text-center font-bold outline-none"
+                  />
+                </div>
 
-    {/* Divider */}
-    <div className="h-8 w-px bg-zinc-800 flex-shrink-0"></div>
-
-    {/* Right Section - Wait Window */}
-    <div className="flex items-center gap-2 flex-shrink-0">
-      <Clock size={12} className="text-zinc-400 flex-shrink-0" />
-      <span className="text-[10px] font-black text-zinc-500 uppercase tracking-widest whitespace-nowrap">
-        Wait Window
-      </span>
-      <select
-        defaultValue="2m"
-        className="bg-zinc-900 border border-zinc-800 rounded-md px-2 py-1.5 text-[10px] font-bold text-blue-400 outline-none cursor-pointer"
-      >
-        <option value="30s">30s</option>
-        <option value="1m">1m</option>
-        <option value="2m">2m</option>
-        <option value="5m">5m</option>
-        <option value="10m">10m</option>
-      </select>
-    </div>
-  </div>
-</div>
+                <div className="h-8 w-px bg-zinc-800 flex-shrink-0"></div>
+
+                {/* Wait Window */}
+                <div className="flex items-center gap-2 flex-shrink-0">
+                  <Clock size={12} className="text-zinc-400 flex-shrink-0" />
+                  <span className="text-[10px] font-black text-zinc-500 uppercase tracking-widest whitespace-nowrap">Wait Window</span>
+                  <select
+                    defaultValue="2m"
+                    className="bg-zinc-900 border border-zinc-800 rounded-md px-2 py-1.5 text-[10px] font-bold text-blue-400 outline-none cursor-pointer"
+                  >
+                    <option value="30s">30s</option>
+                    <option value="1m">1m</option>
+                    <option value="2m">2m</option>
+                    <option value="5m">5m</option>
+                    <option value="10m">10m</option>
+                  </select>
+                </div>
+              </div>
+            </div>
   
-            {/* STAGE 2: Correlated Anomaly */}
+            {/* Correlated Detection Condition */}
             <div className="space-y-6">
               <div className="flex items-center justify-between">
                 <div className="flex items-center gap-4">
@@ -952,7 +790,6 @@ const FieldPickerModal = () => {
                   <div>
                     <h2 className="text-base font-bold text-zinc-100">Correlated Detection Condition</h2>
                     <p className="text-[10px] text-zinc-500 font-medium tracking-tight uppercase">This condition must also be met to trigger the detection.</p> 
-                    {/* <p className="text-[10px] text-zinc-500 font-medium tracking-tight uppercase">Matching Pattern ({logicGroups[1]?.source.toUpperCase() || 'HTTP.LOG'})</p> */}
                   </div> 
                 </div>
                 <div className="flex items-center gap-3">
@@ -981,7 +818,7 @@ const FieldPickerModal = () => {
               </div>
   
               <div className="space-y-4">
-                {/* Parameters */}
+                {/* Condition Rows */}
                 <div className="bg-zinc-950 border border-zinc-800 rounded-xl p-4 space-y-4">
                   {logicGroups[1]?.conditions.map((cond) => (
                     <div key={cond.id} className="flex items-center gap-3">
@@ -991,7 +828,7 @@ const FieldPickerModal = () => {
                           value={cond.field} 
                           onChange={e => updateCondition(logicGroups[1].id, cond.id, { field: e.target.value })} 
                           placeholder="id.orig_h"
-                          className="w-full bg-zinc-900 border border-zinc-800 rounded-lg pl-3 pr-10 py-3 text-xs font-mono text-zinc-300 outline-none focus:border-red-500" 
+                          className="w-full bg-zinc-900 border border-zinc-800 rounded-lg pl-3 pr-10 py-3 text-xs  text-zinc-300 outline-none focus:border-red-500" 
                         />
                         <button
                           onClick={() => openFieldModal(logicGroups[1].id, cond.id, 'field')}
@@ -1040,35 +877,25 @@ const FieldPickerModal = () => {
                   </button>
                 </div>
   
-                {/* Anomaly Threshold */}
+                {/* Correlated Suspicion Threshold — same language as primary */}
                 <div className="bg-zinc-950 border border-zinc-800 rounded-lg p-4">
                   <div className="flex items-center gap-2 mb-3">
                     <Activity size={12} className="text-red-400" />
                     <span className="text-[9px] font-black text-zinc-400 uppercase tracking-widest">
-                      Time-Bucket Logic
-                    </span>
-                    <span className="text-[9px] text-zinc-600 uppercase">
-                      COUNT(*)
+                      When should this condition be considered suspicious?
                     </span>
                   </div>
-  
                   <div className="flex items-center gap-6">
                     <div className="flex items-center gap-2">
-                      <span className="text-[9px] text-zinc-600 font-bold uppercase">
-                        Occ
-                      </span>
-                      <span className="text-xs text-zinc-500">&gt;</span>
+                      <span className="text-[9px] text-zinc-600 font-bold uppercase">Occurs more than</span>
                       <input
                         type="number"
                         defaultValue="5"
                         className="w-14 bg-zinc-900 border border-zinc-800 rounded-md px-2 py-1 text-xs font-bold text-white outline-none"
                       />
                     </div>
-  
                     <div className="flex items-center gap-2">
-                      <span className="text-[9px] text-zinc-600 font-bold uppercase">
-                        Window
-                      </span>
+                      <span className="text-[9px] text-zinc-600 font-bold uppercase">times within</span>
                       <input
                         type="number"
                         defaultValue="1"
@@ -1089,388 +916,356 @@ const FieldPickerModal = () => {
           </>
         )}
   
-        {/* ADD GROUP BUTTON */}
+        {/* ── ADD CORRELATED CONDITION CTA ── */}
         {logicGroups.length === 1 && (
-          <div className="border-2 border-dashed border-zinc-800/50 rounded-xl p-8 flex items-center justify-center hover:border-red-500/30 transition-all group cursor-pointer" onClick={addLogicGroup}>
+          <div className="border-2 border-dashed border-zinc-800/50 rounded-xl p-8 flex flex-col items-center justify-center hover:border-red-500/30 transition-all group cursor-pointer" onClick={addLogicGroup}>
             <span className="text-xs font-bold text-zinc-600 group-hover:text-red-500 transition-colors uppercase tracking-widest">
-              ＋ Add Correlated Condition 
+              ＋ Add Correlated Condition
+            </span>
+            <span className="text-[9px] text-zinc-700 mt-1.5 group-hover:text-zinc-500 transition-colors">
+              Require additional activity before raising an alert.
             </span>
           </div>
         )}
       </section>
   
-      {/* STAGE 3: Signal Tuning */}
+      {/* ── SIGNAL TUNING ── */}
       <section className="space-y-4 pb-20">
-  <div className="flex items-center gap-3">
-    <div className="w-8 h-8 rounded-lg bg-zinc-900 border border-zinc-800 flex items-center justify-center text-zinc-500 text-sm font-bold">03</div>
-    <div>
-      <h2 className="text-sm font-bold text-zinc-100">Signal Tuning</h2>
-      <p className="text-[10px] text-zinc-500 font-medium">Manage alert fatigue and suppression.</p>
-    </div>
-  </div>
-
-  <div className="grid grid-cols-2 gap-3">
-    <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-4 space-y-3">
-      <span className="text-[9px] font-black text-zinc-600 uppercase tracking-widest block">Suppression & Limits</span>
-      <div className="space-y-2">
-        <div className="flex items-center justify-between bg-zinc-950 p-2.5 rounded-lg border border-zinc-800">
-          <span className="text-[10px] text-zinc-500 font-bold uppercase">Mute Window</span>
-          <input 
-            type="text" 
-            defaultValue="1h"
-            className="bg-zinc-900 border border-zinc-800 w-14 py-1 rounded text-center text-xs font-bold outline-none" 
-          />
-        </div>
-        <div className="flex items-center justify-between bg-zinc-950 p-2.5 rounded-lg border border-zinc-800">
-          <span className="text-[10px] text-zinc-500 font-bold uppercase">Suppression Limit</span>
-          <input 
-            type="number" 
-            defaultValue="50"
-            className="bg-zinc-900 border border-zinc-800 w-14 py-1 rounded text-center text-xs font-bold outline-none" 
-          />
-        </div>
-      </div>
-    </div>
-    
-    <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-4 space-y-3">
-      <span className="text-[9px] font-black text-zinc-600 uppercase tracking-widest block">Deduplication Keys</span>
-      <div className="relative">
-        <input 
-          type="text" 
-          placeholder="Select key..."
-          readOnly
-          className="bg-zinc-950 border border-zinc-800 w-full pl-3 pr-9 py-2 rounded-lg text-xs font-mono text-zinc-500 outline-none cursor-pointer" 
-        />
-        <button
-          onClick={() => {
-            setActiveFieldInput({ groupId: 'dedup', condId: 'key', fieldType: 'field' });
-            setModalTab('default');
-            setShowFieldModal(true);
-          }}
-          className="absolute right-1.5 top-1.5 w-6 h-6 flex items-center justify-center rounded bg-zinc-800 hover:bg-blue-600 transition-colors text-zinc-400 hover:text-white"
-        >
-          <span className="text-[10px] font-bold">+</span>
-        </button>
-      </div>
-      <div className="flex flex-wrap gap-1.5">
-        <div className="px-2 py-1 bg-zinc-950 rounded text-[10px] font-mono border border-zinc-800 flex items-center gap-1.5">
-          <span className="text-blue-400 font-bold">source.ip</span>
-          <button className="text-zinc-600 hover:text-red-500 text-xs">✕</button>
-        </div>
-        <div className="px-2 py-1 bg-zinc-950 rounded text-[10px] font-mono border border-zinc-800 flex items-center gap-1.5">
-          <span className="text-blue-400 font-bold">rule_id</span>
-          <button className="text-zinc-600 hover:text-red-500 text-xs">✕</button>
+        <div className="flex items-center gap-3">
+          <div className="w-8 h-8 rounded-lg bg-zinc-900 border border-zinc-800 flex items-center justify-center text-zinc-500 text-sm font-bold">03</div>
+          <div>
+            <h2 className="text-sm font-bold text-zinc-100">Signal Tuning</h2>
+            <p className="text-[10px] text-zinc-500 font-medium">Manage alert fatigue and suppression.</p>
+          </div>
         </div>
-      </div>
-    </div>
-  </div>
-</section>
-    </div>
-  );
-
-  // Keep all other render functions (renderStep3Review, renderStepHeader, renderBuilder, renderLibrary, renderAnalytics) as they were...
-  
-  // [Rest of the code remains the same...]
-
-  // Replace the existing renderStep3Review function with this:
-
-const renderStep3Review = () => (
-  <div className="max-w-5xl mx-auto animate-in fade-in duration-300">
-    {/* Header */}
-    <div className="mb-8 text-center">
-      <h2 className="text-2xl font-black text-white uppercase tracking-tight mb-2">
-        Review & Deploy
-      </h2>
-      <p className="text-xs text-zinc-500 font-medium">
-        Verify your detection rule configuration before deployment
-      </p>
-    </div>
 
-    <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
-      {/* Left Column - Rule Identity & Execution */}
-      <div className="space-y-6">
-        {/* Rule Identity */}
-        <div className="bg-zinc-900 border border-zinc-800 rounded-xl p-6 space-y-4">
-          <div className="flex items-center gap-3 pb-4 border-b border-zinc-800">
-            <div className="p-2 bg-blue-500/10 rounded-lg">
-              <FileText size={18} className="text-blue-400" />
+        <div className="grid grid-cols-2 gap-3">
+          {/* Suppression & Limits */}
+          <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-4 space-y-3">
+            <span className="text-[9px] font-black text-zinc-600 uppercase tracking-widest block">Suppression & Limits</span>
+            <div className="space-y-2">
+              <div className="flex items-center justify-between bg-zinc-950 p-2.5 rounded-lg border border-zinc-800">
+                <span className="text-[10px] text-zinc-500 font-bold uppercase">Mute Window</span>
+                <input 
+                  type="text" 
+                  defaultValue="1h"
+                  className="bg-zinc-900 border border-zinc-800 w-14 py-1 rounded text-center text-xs font-bold outline-none" 
+                />
+              </div>
+              <div className="flex items-center justify-between bg-zinc-950 p-2.5 rounded-lg border border-zinc-800">
+                <span className="text-[10px] text-zinc-500 font-bold uppercase">Suppression Limit</span>
+                <input 
+                  type="number" 
+                  defaultValue="50"
+                  className="bg-zinc-900 border border-zinc-800 w-14 py-1 rounded text-center text-xs font-bold outline-none" 
+                />
+              </div>
             </div>
-            <h3 className="text-sm font-black text-white uppercase tracking-wide">
-              Rule Identity
-            </h3>
           </div>
-
-          <div className="space-y-3">
-            <div>
-              <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">
-                Rule Name
-              </p>
-              <p className="text-sm font-bold text-white">
-                {ruleName || 'Untitled Rule'}
-              </p>
+          
+          {/* Deduplication Keys */}
+          <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-4 space-y-3">
+            <span className="text-[9px] font-black text-zinc-600 uppercase tracking-widest block">Deduplication Keys</span>
+            <div className="relative">
+              <input 
+                type="text" 
+                placeholder="Select key..."
+                readOnly
+                className="bg-zinc-950 border border-zinc-800 w-full pl-3 pr-9 py-2 rounded-lg text-xs  text-zinc-500 outline-none cursor-pointer" 
+              />
+              <button
+                onClick={() => {
+                  setActiveFieldInput({ groupId: 'dedup', condId: 'key', fieldType: 'field' });
+                  setModalTab('default');
+                  setShowFieldModal(true);
+                }}
+                className="absolute right-1.5 top-1.5 w-6 h-6 flex items-center justify-center rounded bg-zinc-800 hover:bg-blue-600 transition-colors text-zinc-400 hover:text-white"
+              >
+                <span className="text-[10px] font-bold">+</span>
+              </button>
             </div>
-
-            <div>
-              <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">
-                Severity
-              </p>
-              <div className="flex items-center gap-2">
-                <div className={`w-2 h-2 rounded-full ${
-                  severity === 'critical' ? 'bg-red-500' :
-                  severity === 'high' ? 'bg-orange-500' :
-                  severity === 'medium' ? 'bg-blue-500' : 'bg-zinc-500'
-                }`} />
-                <p className="text-sm font-bold text-white capitalize">
-                  {severity}
-                </p>
+            <div className="flex flex-wrap gap-1.5">
+              <div className="px-2 py-1 bg-zinc-950 rounded text-[10px]  border border-zinc-800 flex items-center gap-1.5">
+                <span className="text-blue-400 font-bold">source.ip</span>
+                <button className="text-zinc-600 hover:text-red-500 text-xs">✕</button>
               </div>
-            </div>
-
-            <div>
-              <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">
-                Status
-              </p>
-              <div className="inline-flex items-center gap-2 px-3 py-1 bg-zinc-950 border border-zinc-800 rounded-md">
-                <div className="w-1.5 h-1.5 rounded-full bg-yellow-500 animate-pulse" />
-                <p className="text-xs font-bold text-zinc-400 uppercase">
-                  Draft
-                </p>
+              <div className="px-2 py-1 bg-zinc-950 rounded text-[10px]  border border-zinc-800 flex items-center gap-1.5">
+                <span className="text-blue-400 font-bold">rule_id</span>
+                <button className="text-zinc-600 hover:text-red-500 text-xs">✕</button>
               </div>
             </div>
-
-            <div>
-              <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">
-                Risk Score
-              </p>
-              <p className="text-sm font-bold text-blue-400">
-                {riskScore} / 100
-              </p>
-            </div>
           </div>
         </div>
+      </section>
+    </div>
+  );
 
-        {/* Execution Context */}
-        <div className="bg-zinc-900 border border-zinc-800 rounded-xl p-6 space-y-4">
-          <div className="flex items-center gap-3 pb-4 border-b border-zinc-800">
-            <div className="p-2 bg-emerald-500/10 rounded-lg">
-              <Clock size={18} className="text-emerald-400" />
-            </div>
-            <h3 className="text-sm font-black text-white uppercase tracking-wide">
-              Execution Context
-            </h3>
-          </div>
+  // ─── STEP 3: REVIEW ────────────────────────────────────────────────
+  // Phase-1 only: Rule Identity | Trigger Summary | Execution Context | Noise Controls | Deploy Action
+  const renderStep3Review = () => {
+    // Build the plain-English trigger sentence from live state
+    const sourceLabel = logicGroups[0]?.source === 'Network Data' ? 'network traffic'
+      : logicGroups[0]?.source === 'Endpoint Logs' ? 'endpoint activity'
+      : 'authentication events';
+
+    const conditionParts = logicGroups[0]?.conditions
+      .filter(c => c.field && c.value)
+      .map(c => {
+        const opWord = c.operator === 'is' ? 'equals' : c.operator === '!=' ? 'does not equal' : 'is in';
+        return `${c.field} ${opWord} ${c.value}`;
+      }) || [];
+
+    const triggerSentence = conditionParts.length > 0
+      ? `This rule triggers when ${sourceLabel} where ${conditionParts.join(' and ')} is observed more than ${thresholdHits} time${thresholdHits !== 1 ? 's' : ''} within ${thresholdWindow} ${thresholdUnit.toLowerCase()}.`
+      : `This rule triggers when ${sourceLabel} is observed more than ${thresholdHits} time${thresholdHits !== 1 ? 's' : ''} within ${thresholdWindow} ${thresholdUnit.toLowerCase()}.`;
+
+    const hasCorrelation = logicGroups.length > 1;
+    const correlationParts = hasCorrelation
+      ? logicGroups[1]?.conditions.filter(c => c.field && c.value).map(c => {
+          const opWord = c.operator === 'is' ? 'equals' : c.operator === '!=' ? 'does not equal' : 'is in';
+          return `${c.field} ${opWord} ${c.value}`;
+        }) || []
+      : [];
 
-          <div className="space-y-3">
-            <div>
-              <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">
-                Execution
-              </p>
-              <p className="text-sm font-bold text-white capitalize">
-                {frequency}
-              </p>
-            </div>
+    return (
+      <div className="max-w-4xl mx-auto animate-in fade-in duration-300">
+        {/* Header */}
+        <div className="mb-8 text-center">
+          <h2 className="text-2xl font-black text-white uppercase tracking-tight mb-2">Review & Deploy</h2>
+          <p className="text-xs text-zinc-500 font-medium">Verify your detection rule configuration before deployment</p>
+        </div>
 
-            <div>
-              <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">
-                Data Source
-              </p>
-              <p className="text-sm font-bold text-white">
-                Network telemetry ({logicGroups[0]?.source || 'Zeek'})
-              </p>
-            </div>
+        <div className="space-y-5">
 
-            <div>
-              <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">
-                Lookback Window
-              </p>
-              <p className="text-sm font-bold text-white">
-                Last {lookback} {lookback === 1 ? 'minute' : 'minutes'}
-              </p>
+          {/* 1. RULE IDENTITY */}
+          <div className="bg-zinc-900 border border-zinc-800 rounded-xl p-6">
+            <div className="flex items-center gap-3 pb-4 border-b border-zinc-800 mb-4">
+              <div className="p-2 bg-blue-500/10 rounded-lg">
+                <FileText size={18} className="text-blue-400" />
+              </div>
+              <h3 className="text-sm font-black text-white uppercase tracking-wide">Rule Identity </h3>
             </div>
 
-            {frequency === 'scheduled' && (
+            <div className="grid grid-cols-3 gap-6">
               <div>
-                <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">
-                  Schedule
-                </p>
-                <p className="text-sm font-bold text-white">
-                  Every {repeatValue} {repeatUnit.toLowerCase()}
-                </p>
+                <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">Rule Name</p>
+                <p className="text-sm font-bold text-white">{ruleName || 'Untitled Rule'}</p>
+              </div>
+              <div>
+                <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">Severity</p>
+                <div className="flex items-center gap-2">
+                  <div className={`w-2 h-2 rounded-full ${
+                    severity === 'critical' ? 'bg-red-500' :
+                    severity === 'high' ? 'bg-orange-500' :
+                    severity === 'medium' ? 'bg-blue-500' : 'bg-zinc-500'
+                  }`} />
+                  <p className="text-sm font-bold text-white capitalize">{severity}</p>
+                </div>
+              </div>
+              <div>
+                <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">Status</p>
+                <div className="inline-flex items-center gap-2 px-3 py-1 bg-zinc-950 border border-zinc-800 rounded-md">
+                  <div className="w-1.5 h-1.5 rounded-full bg-yellow-500 animate-pulse" />
+                  <p className="text-xs font-bold text-zinc-400 uppercase">Draft</p>
+                </div>
               </div>
-            )}
-          </div>
-        </div>
-      </div>
-
-      {/* Middle Column - Detection Logic Summary */}
-      <div className="lg:col-span-2 space-y-6">
-        {/* Detection Logic */}
-        <div className="bg-zinc-900 border border-zinc-800 rounded-xl p-6 space-y-6">
-          <div className="flex items-center gap-3 pb-4 border-b border-zinc-800">
-            <div className="p-2 bg-purple-500/10 rounded-lg">
-              <Zap size={18} className="text-purple-400" />
             </div>
-            <h3 className="text-sm font-black text-white uppercase tracking-wide">
-              Detection Logic
-            </h3>
           </div>
 
-          {/* Stage 1 */}
-          <div className="space-y-3">
-            <div className="flex items-center gap-2">
-              <div className="w-6 h-6 rounded-lg bg-blue-500/20 border border-blue-500/40 flex items-center justify-center">
-                <span className="text-blue-400 font-black text-xs">1</span>
+          {/* 2. TRIGGER SUMMARY — the most important section */}
+          <div className="bg-zinc-900 border border-emerald-500/25 rounded-xl p-6">
+            <div className="flex items-center gap-3 pb-4 border-b border-zinc-800 mb-4">
+              <div className="p-2 bg-emerald-500/10 rounded-lg">
+                <Zap size={18} className="text-emerald-400" />
               </div>
-              <span className="text-xs font-bold text-white uppercase">Primary Condition</span>
+              <h3 className="text-sm font-black text-white uppercase tracking-wide">Trigger Summary</h3>
             </div>
 
-            <div className="bg-zinc-950 border border-zinc-800 rounded-lg p-4 space-y-2">
-              <div className="flex items-center justify-between">
-                <span className="text-[9px] font-black text-zinc-600 uppercase tracking-widest">Source</span>
-                <span className="text-xs font-mono text-blue-400">{logicGroups[0]?.source}</span>
-              </div>
-              
-              {logicGroups[0]?.conditions.map((cond, idx) => (
-                <div key={idx} className="flex items-center gap-2 text-xs font-mono">
-                  <span className="text-emerald-400">{cond.field}</span>
-                  <span className="text-zinc-600">{cond.operator}</span>
-                  <span className="text-pink-400">{cond.value}</span>
-                </div>
-              ))}
+            {/* Primary trigger sentence */}
+            <p className="text-sm text-zinc-300 leading-relaxed">
+              {triggerSentence}
+            </p>
 
-              <div className="pt-2 mt-2 border-t border-zinc-800">
-                <div className="text-[10px] text-zinc-500">
-                  <span className="font-bold">Threshold:</span> More than {thresholdHits} times within {thresholdWindow} {thresholdUnit.toLowerCase()}
+            {/* Correlation sentence — only if a second group exists */}
+            {hasCorrelation && correlationParts.length > 0 && (
+              <div className="mt-4 pt-4 border-t border-zinc-800">
+                <div className="flex items-center gap-2 mb-2">
+                  <Sparkles size={13} className="text-red-400" />
+                  <span className="text-[9px] font-black text-zinc-500 uppercase tracking-widest">Correlated with</span>
                 </div>
+                <p className="text-sm text-zinc-300 leading-relaxed">
+                  Additionally, {logicGroups[1]?.source === 'Endpoint Logs' ? 'endpoint activity' : logicGroups[1]?.source === 'Network Data' ? 'network traffic' : 'authentication events'} where {correlationParts.join(' and ')} must also be observed within the correlation window to raise the alert.
+                </p>
               </div>
-            </div>
-          </div>
+            )}
 
-          {/* Stage 2 - Correlation */}
-          {logicGroups.length > 1 && (
-            <>
-              <div className="flex items-center justify-center">
-                <div className="px-4 py-1.5 bg-zinc-950 border border-emerald-500/50 rounded-full">
-                  <span className="text-[9px] font-black text-emerald-400 uppercase tracking-widest">
-                    Correlated Within 5m
-                  </span>
-                </div>
-              </div>
+            {/* ── Visual logic breakdown (scannable confirmation) ── */}
+            <div className="mt-6 space-y-3">
 
-              <div className="space-y-3">
+              {/* Primary Condition card */}
+              <div className="space-y-2">
                 <div className="flex items-center gap-2">
-                  <div className="w-6 h-6 rounded-lg bg-red-500/20 border border-red-500/40 flex items-center justify-center">
-                    <span className="text-red-400 font-black text-xs">2</span>
+                  <div className="w-6 h-6 rounded-lg bg-blue-500/20 border border-blue-500/40 flex items-center justify-center">
+                    <span className="text-blue-400 font-black text-xs">1</span>
                   </div>
-                  <span className="text-xs font-bold text-white uppercase">Correlated Condition</span>
+                  <span className="text-xs font-bold text-white uppercase">Primary Condition</span>
                 </div>
 
                 <div className="bg-zinc-950 border border-zinc-800 rounded-lg p-4 space-y-2">
                   <div className="flex items-center justify-between">
                     <span className="text-[9px] font-black text-zinc-600 uppercase tracking-widest">Source</span>
-                    <span className="text-xs font-mono text-red-400">{logicGroups[1]?.source}</span>
+                    <span className="text-xs  text-blue-400">{logicGroups[0]?.source}</span>
                   </div>
                   
-                  {logicGroups[1]?.conditions.map((cond, idx) => (
-                    <div key={idx} className="flex items-center gap-2 text-xs font-mono">
+                  {logicGroups[0]?.conditions.map((cond, idx) => (
+                    <div key={idx} className="flex items-center gap-2 text-xs ">
                       <span className="text-emerald-400">{cond.field}</span>
                       <span className="text-zinc-600">{cond.operator}</span>
                       <span className="text-pink-400">{cond.value}</span>
                     </div>
                   ))}
+
+                  <div className="pt-2 mt-2 border-t border-zinc-800">
+                    <div className="text-[10px] text-zinc-500">
+                      <span className="font-bold">Threshold:</span> More than {thresholdHits} times within {thresholdWindow} {thresholdUnit.toLowerCase()}
+                    </div>
+                  </div>
                 </div>
               </div>
-            </>
-          )}
-        </div>
 
-        {/* MITRE Mapping */}
-        <div className="bg-zinc-900 border border-zinc-800 rounded-xl p-6 space-y-4">
-          <div className="flex items-center gap-3 pb-4 border-b border-zinc-800">
-            <div className="p-2 bg-orange-500/10 rounded-lg">
-              <Shield size={18} className="text-orange-400" />
+              {/* Correlation pill + Correlated Condition card */}
+              {hasCorrelation && (
+                <>
+                  <div className="flex items-center justify-center">
+                    <div className="px-4 py-1.5 bg-zinc-950 border border-emerald-500/50 rounded-full">
+                      <span className="text-[9px] font-black text-emerald-400 uppercase tracking-widest">
+                        Correlated Within 5m
+                      </span>
+                    </div>
+                  </div>
+
+                  <div className="space-y-2">
+                    <div className="flex items-center gap-2">
+                      <div className="w-6 h-6 rounded-lg bg-red-500/20 border border-red-500/40 flex items-center justify-center">
+                        <span className="text-red-400 font-black text-xs">2</span>
+                      </div>
+                      <span className="text-xs font-bold text-white uppercase">Correlated Condition</span>
+                    </div>
+
+                    <div className="bg-zinc-950 border border-zinc-800 rounded-lg p-4 space-y-2">
+                      <div className="flex items-center justify-between">
+                        <span className="text-[9px] font-black text-zinc-600 uppercase tracking-widest">Source</span>
+                        <span className="text-xs  text-red-400">{logicGroups[1]?.source}</span>
+                      </div>
+                      
+                      {logicGroups[1]?.conditions.map((cond, idx) => (
+                        <div key={idx} className="flex items-center gap-2 text-xs ">
+                          <span className="text-emerald-400">{cond.field}</span>
+                          <span className="text-zinc-600">{cond.operator}</span>
+                          <span className="text-pink-400">{cond.value}</span>
+                        </div>
+                      ))}
+                    </div>
+                  </div>
+                </>
+              )}
             </div>
-            <h3 className="text-sm font-black text-white uppercase tracking-wide">
-              MITRE ATT&CK Mapping
-            </h3>
           </div>
 
-          <div className="grid grid-cols-2 gap-4">
-            <div>
-              <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">
-                Tactic
-              </p>
-              <p className="text-sm font-bold text-white">
-                {tactic}
-              </p>
+          {/* 3. EXECUTION CONTEXT */}
+          <div className="bg-zinc-900 border border-zinc-800 rounded-xl p-6">
+            <div className="flex items-center gap-3 pb-4 border-b border-zinc-800 mb-4">
+              <div className="p-2 bg-[#006bb410] rounded-lg">
+                <Clock size={18} className="text-[#006bb4]" />
+              </div>
+              <h3 className="text-sm font-black text-white uppercase tracking-wide">Execution Context</h3>
             </div>
 
-            <div>
-              <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">
-                Technique
-              </p>
-              <p className="text-sm font-mono font-bold text-orange-400">
-                {techniqueId}
-              </p>
+            <div className="grid grid-cols-3 gap-6">
+              <div>
+                <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">Execution Mode</p>
+                <p className="text-sm font-bold text-white capitalize">{frequency === 'realtime' ? 'Real-time' : 'Scheduled'}</p>
+              </div>
+              <div>
+                <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">Data Source</p>
+                <p className="text-sm font-bold text-white">
+                  {logicGroups[0]?.source === 'Network Data' ? 'Network telemetry (Zeek)' : logicGroups[0]?.source === 'Endpoint Logs' ? 'Endpoint telemetry' : 'Auth service logs'}
+                </p>
+              </div>
+              <div>
+                <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">Lookback Window</p>
+                <p className="text-sm font-bold text-white">Last {lookback} {lookback === 1 ? 'minute' : 'minutes'}</p>
+              </div>
+              {frequency === 'scheduled' && (
+                <div>
+                  <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-1.5">Evaluation Interval</p>
+                  <p className="text-sm font-bold text-white">Every {repeatValue} {repeatUnit.toLowerCase()}</p>
+                </div>
+              )}
             </div>
           </div>
-        </div>
 
-        {/* Description */}
-        {description && (
-          <div className="bg-zinc-900 border border-zinc-800 rounded-xl p-6 space-y-4">
-            <div className="flex items-center gap-3 pb-4 border-b border-zinc-800">
-              <div className="p-2 bg-zinc-700/30 rounded-lg">
-                <MessageSquare size={18} className="text-zinc-400" />
+          {/* 4. NOISE CONTROLS */}
+          <div className="bg-zinc-900 border border-zinc-800 rounded-xl p-6">
+            <div className="flex items-center gap-3 pb-4 border-b border-zinc-800 mb-4">
+              <div className="p-2 bg-orange-500/10 rounded-lg">
+                <Sliders size={18} className="text-orange-400" />
               </div>
-              <h3 className="text-sm font-black text-white uppercase tracking-wide">
-                Description
-              </h3>
+              <h3 className="text-sm font-black text-white uppercase tracking-wide">Noise Controls</h3>
             </div>
 
-            <p className="text-xs text-zinc-400 leading-relaxed">
-              {description}
-            </p>
+            <div className="grid grid-cols-2 gap-6">
+              <div>
+                <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-2">Deduplication</p>
+                <div className="flex flex-wrap gap-2">
+                  <span className="px-2.5 py-1 bg-zinc-950 border border-zinc-800 rounded text-[11px]  text-blue-400 font-bold">source.ip</span>
+                  <span className="text-[10px] text-zinc-700 font-bold self-center">+</span>
+                  <span className="px-2.5 py-1 bg-zinc-950 border border-zinc-800 rounded text-[11px]  text-blue-400 font-bold">rule.id</span>
+                </div>
+              </div>
+              <div>
+                <p className="text-[9px] font-black text-zinc-600 uppercase tracking-widest mb-2">Mute Window</p>
+                <p className="text-sm font-bold text-white">1 hour</p>
+              </div>
+            </div>
           </div>
-        )}
 
-        {/* Deploy Actions */}
-        <div className="bg-gradient-to-br from-emerald-900/20 to-blue-900/20 border border-emerald-500/30 rounded-xl p-6 space-y-4">
-          <div className="flex items-center gap-3 pb-4 border-b border-emerald-500/20">
-            <div className="p-2 bg-emerald-500/20 rounded-lg">
-              <Zap size={18} className="text-emerald-400" fill="currentColor" />
+          {/* 5. DEPLOY ACTION */}
+          <div className="bg-gradient-to-br from-emerald-900/20 to-blue-900/20 border border-emerald-500/30 rounded-xl p-6">
+            <div className="flex items-center gap-3 pb-4 border-b border-emerald-500/20 mb-4">
+              <div className="p-2 bg-emerald-500/20 rounded-lg">
+                <Send size={18} className="text-emerald-400" />
+              </div>
+              <h3 className="text-sm font-black text-white uppercase tracking-wide">Deploy Action</h3>
             </div>
-            <h3 className="text-sm font-black text-white uppercase tracking-wide">
-              Deploy Action
-            </h3>
-          </div>
 
-          <p className="text-xs text-zinc-400">
-            Ready to deploy this detection rule to your SOC environment. The rule will start monitoring for suspicious activity based on your configured logic.
-          </p>
+            <p className="text-xs text-zinc-400 mb-5">
+              You can edit this rule later if adjustments are needed.
+            </p>
 
-          <div className="flex gap-3 pt-2">
-            <button 
-              onClick={() => setCurrentStep(2)}
-              className="flex-1 px-6 py-3 bg-zinc-900 border border-zinc-800 text-white rounded-lg text-xs font-black uppercase tracking-widest hover:bg-zinc-800 transition-all flex items-center justify-center gap-2"
-            >
-              <ArrowRight size={16} className="rotate-180" />
-              Back to Logic
-            </button>
-            <button 
-              onClick={() => setActiveTab('library')}
-              className="flex-1 px-6 py-3 bg-emerald-600 text-white rounded-lg text-xs font-black uppercase tracking-widest hover:bg-emerald-500 transition-all flex items-center justify-center gap-2 shadow-lg shadow-emerald-600/20"
-            >
-              <Send size={16} />
-              Deploy Rule
-            </button>
+            <div className="flex gap-3">
+              <button 
+                onClick={() => setCurrentStep(2)}
+                className="flex-1 px-6 py-3 bg-zinc-900 border border-zinc-800 text-white rounded-lg text-xs font-black uppercase tracking-widest hover:bg-zinc-800 transition-all flex items-center justify-center gap-2"
+              >
+                <ArrowRight size={16} className="rotate-180" />
+                Back to Logic
+              </button>
+              <button 
+                onClick={() => setActiveTab('library')}
+                className="flex-1 px-6 py-3 bg-emerald-600 text-white rounded-lg text-xs font-black uppercase tracking-widest hover:bg-emerald-500 transition-all flex items-center justify-center gap-2 shadow-lg shadow-emerald-600/20"
+              >
+                <Send size={16} />
+                Deploy Rule
+              </button>
+            </div>
           </div>
         </div>
       </div>
-    </div>
-  </div>
-);
+    );
+  };
 
+  // ─── STEP HEADER ───────────────────────────────────────────────────
   const renderStepHeader = () => (
     <div className="flex items-center justify-center gap-16 mb-10 relative">
        <div className="absolute top-1/2 left-1/2 -translate-x-1/2 -translate-y-1/2 h-[1px] w-[300px] bg-zinc-800 -z-10" />
@@ -1489,6 +1284,7 @@ const renderStep3Review = () => (
     </div>
   );
 
+  // ─── BUILDER SHELL ─────────────────────────────────────────────────
   const renderBuilder = () => (
     <div className="animate-in fade-in duration-500">
       <div className="flex items-center justify-between mb-10">
@@ -1499,7 +1295,13 @@ const renderStep3Review = () => (
                <p className="text-[10px] text-zinc-600 font-bold uppercase tracking-[0.2em] mt-1">Define how suspicious behavior is identified in real time</p>
             </div>
          </div>
-         <div className="flex items-center gap-8"><div className="text-right"><p className="text-[10px] font-black text-zinc-700 uppercase tracking-widest">Version</p><p className="text-[11px] font-mono font-bold text-zinc-500">v4.2.0-PRD</p></div><button onClick={() => setActiveTab('library')} className="p-2 text-zinc-700 hover:text-white"><X size={24}/></button></div>
+         <div className="flex items-center gap-8">
+            <div className="text-right">
+               <p className="text-[10px] font-black text-zinc-700 uppercase tracking-widest">Version</p>
+               <p className="text-[11px]  font-bold text-zinc-500">v4.2.0-PRD</p>
+            </div>
+            <button onClick={() => setActiveTab('library')} className="p-2 text-zinc-700 hover:text-white"><X size={24}/></button>
+         </div>
       </div>
       {renderStepHeader()}
       <main className="min-h-[500px]">
@@ -1521,6 +1323,7 @@ const renderStep3Review = () => (
     </div>
   );
 
+  // ─── LIBRARY TAB ───────────────────────────────────────────────────
   const renderLibrary = () => {
     const filteredRules = MOCK_RULES.filter(r => 
       r.name.toLowerCase().includes(searchTerm.toLowerCase()) || 
@@ -1551,7 +1354,7 @@ const renderStep3Review = () => (
               <thead className="bg-zinc-950/50 border-b border-zinc-800 text-[10px] font-black text-zinc-600 uppercase tracking-widest">
                  <tr>
                     <th className="px-6 py-4 w-12 text-center">State</th>
-                    <th className="px-6 py-4">Rule Identity</th>
+                    <th className="px-6 py-4">Rule Identity</th> 
                     <th className="px-6 py-4">MITRE Mapping</th>
                     <th className="px-6 py-4 text-center">Detections (24h)</th>
                     <th className="px-6 py-4 text-center">FP Rate</th>
@@ -1572,7 +1375,7 @@ const renderStep3Review = () => (
                             <div>
                                <p className="text-sm font-black text-white group-hover:text-[#00D4AA] transition-colors">{rule.name}</p>
                                <div className="flex items-center gap-2 mt-1">
-                                  <span className="text-[9px] font-mono text-zinc-600 font-bold">{rule.id}</span>
+                                  <span className="text-[9px]  text-zinc-600 font-bold">{rule.id}</span>
                                   <span className="text-[8px] font-black uppercase tracking-tighter text-zinc-500 bg-zinc-950 px-1.5 py-0.5 rounded border border-zinc-800">[{rule.source}]</span>
                                </div>
                             </div>
@@ -1612,6 +1415,7 @@ const renderStep3Review = () => (
     );
   };
 
+  // ─── ANALYTICS TAB ─────────────────────────────────────────────────
   const renderAnalytics = () => (
     <div className="animate-in fade-in duration-500 space-y-8">
       <div className="grid grid-cols-1 md:grid-cols-4 gap-6">
@@ -1687,7 +1491,6 @@ const renderStep3Review = () => (
            </div>
 
            <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-8 space-y-6 shadow-xl relative overflow-hidden group">
-              {/* <div className="absolute top-0 right-0 p-4 opacity-5 group-hover:opacity-10 transition-opacity"><Brain size={100} className="text-[#00D4AA]" /></div> */}
               <h3 className="text-[10px] font-black text-[#00D4AA] uppercase tracking-widest flex items-center gap-2"><Brain size={14}/> Engine Insights</h3>
               <div className="space-y-4 relative z-10">
                  <p className="text-xs text-zinc-400 leading-relaxed"><span className="text-white font-bold uppercase tracking-tight">Efficacy:</span> Baseline tuning has reduced overall False Positives by <span className="text-emerald-500 font-black">1.3%</span> this month.</p>
@@ -1700,6 +1503,7 @@ const renderStep3Review = () => (
     </div>
   );
 
+  // ─── PAGE ROOT ─────────────────────────────────────────────────────
   return (
     <div className="max-w-[1300px] mx-auto pb-48 px-6">
       <div className="flex items-center justify-between mb-8 border-b border-zinc-800 pb-8">
@@ -1713,12 +1517,6 @@ const renderStep3Review = () => (
             </div>
           </div>
         </div>
-        
-        {/* <div className="flex items-center gap-2 bg-zinc-900 border border-zinc-800 p-1.5 rounded-lg shadow-xl">
-           <button onClick={() => { setActiveTab('library'); setCurrentStep(1); }} className={`px-8 py-2.5 rounded-xl text-[10px] font-black uppercase tracking-widest transition-all ${activeTab === 'library' ? 'bg-[#00D4AA] text-black shadow-lg' : 'text-zinc-500 hover:text-white'}`}><Settings2 size={14} className="inline mr-2" /> Library</button>
-           <button onClick={() => setActiveTab('builder')} className={`px-8 py-2.5 rounded-xl text-[10px] font-black uppercase tracking-widest transition-all ${activeTab === 'builder' ? 'bg-[#00D4AA] text-black shadow-lg' : 'text-zinc-500 hover:text-white'}`}><Plus size={14} className="inline mr-2" /> Builder</button>
-           <button onClick={() => { setActiveTab('analytics'); setCurrentStep(1); }} className={`px-8 py-2.5 rounded-xl text-[10px] font-black uppercase tracking-widest transition-all ${activeTab === 'analytics' ? 'bg-[#00D4AA] text-black shadow-lg' : 'text-zinc-500 hover:text-white'}`}><BarChart2 size={14} className="inline mr-2" /> Analytics</button>
-        </div> */}
 
         {activeTab === 'builder' && (
           <div className="flex gap-2">
diff --git a/ui/pages/DetectionsPage.tsx b/ui/pages/DetectionsPage.tsx
index 905452f..1dfde01 100644
--- a/ui/pages/DetectionsPage.tsx
+++ b/ui/pages/DetectionsPage.tsx
@@ -40,8 +40,6 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
 
   useEffect(() => { setView(defaultView); }, [defaultView]);
 
-  
-
   // Close dropdowns when clicking outside
   useEffect(() => {
     const handleClickOutside = (e: MouseEvent) => {
@@ -141,7 +139,7 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
       case 'medium':
         return 'text-yellow-500';
       default:
-        return 'text-zinc-500';
+        return 'text-blue-500';
     }
   };
 
@@ -154,57 +152,57 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
       case 'medium':
         return 'bg-yellow-500/10 border-yellow-500/20';
       default:
-        return 'bg-zinc-500/10 border-zinc-500/20';
+        return 'bg-blue-500/10 border-blue-500/20';
     }
   };
 
   const renderFilterHeader = () => (
     <div className="space-y-4 mb-6">
-      {/* Search Bar */}
+      {/* Search Bar - STANDARDIZED */}
       <div className="relative">
-  <Search 
-    size={18}
-    className="absolute left-4 top-1/2 -translate-y-1/2 text-zinc-400 z-10 pointer-events-none"
-  />
-
-  <input 
-    type="text"
-    placeholder="IP, Host, or Rule Name..."
-    className="w-full bg-zinc-900/60 backdrop-blur-md border border-white/10 rounded-lg pl-12 pr-6 py-3 text-sm text-zinc-200 outline-none focus:border-[#00D4AA] transition-all placeholder:text-zinc-500"
-    value={searchTerm}
-    onChange={(e) => setSearchTerm(e.target.value)}
-  />
-</div>
-
-      {/* Filter Dropdowns Bar */}
+        <Search 
+          size={18}
+          className="absolute left-4 top-1/2 -translate-y-1/2 text-zinc-400 z-10 pointer-events-none"
+        />
+        <input 
+          type="text"
+          placeholder="IP, Host, or Rule Name..."
+          className="w-full bg-zinc-900/60 backdrop-blur-md border border-white/10 rounded-lg pl-12 pr-6 py-3 text-sm text-zinc-200 outline-none focus:border-[#00D4AA] transition-all placeholder:text-zinc-500"
+          value={searchTerm}
+          onChange={(e) => setSearchTerm(e.target.value)}
+        />
+      </div>
+
+      {/* Filter Dropdowns Bar - STANDARDIZED */}
       <div className="flex items-center gap-3 flex-wrap">
+        {/* Advanced Filter Button - STANDARDIZED */}
         <button 
           onClick={() => setShowAdvancedFilter(!showAdvancedFilter)}
-          className="flex items-center gap-2 bg-[#00D4AA]  text-black px-4 py-2 rounded-lg text-xs font-semibold transition-colors"
+          className="bg-[#00D4AA] hover:bg-[#00c399] text-black px-6 py-2 rounded-lg text-xs font-black uppercase tracking-widest transition-all shadow-lg"
         >
-          <FilterIcon size={14} />
-          Advanced Filter
+          <FilterIcon size={14} className="inline mr-2" />
+          Advanced Filter 
         </button>
 
-        {/* Severity Dropdown */}
+        {/* Severity Dropdown - STANDARDIZED */}
         <div className="relative dropdown-container">
           <button 
             onClick={() => setOpenDropdown(openDropdown === 'severity' ? null : 'severity')}
-            className="flex items-center gap-2 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
+            className="flex items-center gap-2 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
           >
             <ShieldAlert size={14} className="text-red-500" />
             Severity: {severities.length === 3 ? 'All' : severities.length === 0 ? 'None' : severities.join(', ')}
             <ChevronDown size={14} className={`transition-transform ${openDropdown === 'severity' ? 'rotate-180' : ''}`} />
           </button>
           {openDropdown === 'severity' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
               {(['critical', 'high', 'medium'] as Severity[]).map(sev => (
                 <label key={sev} className="flex items-center gap-3 px-4 py-2.5 hover:bg-zinc-900 cursor-pointer transition-colors">
                   <input 
                     type="checkbox" 
                     checked={severities.includes(sev)}
                     onChange={() => toggleSeverity(sev)}
-                    className="rounded border-zinc-700 text-blue-600 focus:ring-0"
+                    className="h-4 w-4 border-2 border-zinc-700 bg-zinc-900 checked:bg-[#00D4AA] checked:border-[#00D4AA] appearance-none rounded flex items-center justify-center checked:after:content-['✓'] checked:after:text-black checked:after:text-xs"
                   />
                   <span className="text-sm text-zinc-300 capitalize">{sev}</span>
                 </label>
@@ -213,18 +211,18 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           )}
         </div>
 
-        {/* Asset Group Dropdown */}
+        {/* Asset Group Dropdown - STANDARDIZED */}
         <div className="relative dropdown-container">
           <button 
             onClick={() => setOpenDropdown(openDropdown === 'asset' ? null : 'asset')}
-            className="flex items-center gap-2 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
+            className="flex items-center gap-2 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
           >
-            <Monitor size={14} className="text-blue-500" />
+            <Monitor size={14} className="text-zinc-400" />
             Asset Group
             <ChevronDown size={14} className={`transition-transform ${openDropdown === 'asset' ? 'rotate-180' : ''}`} />
           </button>
           {openDropdown === 'asset' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
               {['all', 'User VLAN', 'Server VLAN', 'DMZ', 'Management'].map(group => (
                 <button 
                   key={group}
@@ -241,18 +239,18 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           )}
         </div>
 
-        {/* MITRE Tactic Dropdown */}
+        {/* MITRE Tactic Dropdown - STANDARDIZED (removed purple icon) */}
         <div className="relative dropdown-container">
           <button 
             onClick={() => setOpenDropdown(openDropdown === 'mitre' ? null : 'mitre')}
-            className="flex items-center gap-2 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
+            className="flex items-center gap-2 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
           >
-            <Target size={14} className="text-purple-500" />
+            <Target size={14} className="text-zinc-400" />
             MITRE Tactic
             <ChevronDown size={14} className={`transition-transform ${openDropdown === 'mitre' ? 'rotate-180' : ''}`} />
           </button>
           {openDropdown === 'mitre' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[220px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[220px] z-50 py-2">
               {['all', 'Command & Control', 'Lateral Movement', 'Exfiltration', 'Defense Evasion', 'Credential Access'].map(tactic => (
                 <button 
                   key={tactic}
@@ -269,18 +267,18 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           )}
         </div>
 
-        {/* Log Source Dropdown */}
+        {/* Log Source Dropdown - STANDARDIZED (kept green for status) */}
         <div className="relative dropdown-container">
           <button 
             onClick={() => setOpenDropdown(openDropdown === 'log' ? null : 'log')}
-            className="flex items-center gap-2 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
+            className="flex items-center gap-2 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
           >
             <Activity size={14} className="text-green-500" />
             Log Source
             <ChevronDown size={14} className={`transition-transform ${openDropdown === 'log' ? 'rotate-180' : ''}`} />
           </button>
           {openDropdown === 'log' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
               {['all', 'Zeek', 'Suricata', 'Sysmon', 'Windows Events', 'Linux Auditd'].map(source => (
                 <button 
                   key={source}
@@ -297,18 +295,18 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           )}
         </div>
 
-        {/* Directionality Dropdown */}
+        {/* Directionality Dropdown - STANDARDIZED (changed cyan to zinc) */}
         <div className="relative dropdown-container">
           <button 
             onClick={() => setOpenDropdown(openDropdown === 'direction' ? null : 'direction')}
-            className="flex items-center gap-2 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
+            className="flex items-center gap-2 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
           >
-            <Globe size={14} className="text-cyan-500" />
+            <Globe size={14} className="text-zinc-400" />
             Directionality
             <ChevronDown size={14} className={`transition-transform ${openDropdown === 'direction' ? 'rotate-180' : ''}`} />
           </button>
           {openDropdown === 'direction' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
               {['all', 'North-South', 'East-West', 'Internal', 'External'].map(dir => (
                 <button 
                   key={dir}
@@ -325,18 +323,18 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           )}
         </div>
 
-        {/* Time Range Dropdown */}
+        {/* Time Range Dropdown - STANDARDIZED */}
         <div className="relative dropdown-container">
           <button 
             onClick={() => setOpenDropdown(openDropdown === 'time' ? null : 'time')}
-            className="flex items-center gap-2 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
+            className="flex items-center gap-2 bg-[#0a0a0b] border border-[#1e1e20] hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all"
           >
             <Clock size={14} className="text-orange-500" />
             Last {selectedTimeRange === '1h' ? '1 Hour' : selectedTimeRange === '24h' ? '24 Hours' : selectedTimeRange === '7d' ? '7 Days' : '30 Days'}
             <ChevronDown size={14} className={`transition-transform ${openDropdown === 'time' ? 'rotate-180' : ''}`} />
           </button>
           {openDropdown === 'time' && (
-            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[180px] z-50 py-2">
+            <div className="absolute top-full left-0 mt-2 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[180px] z-50 py-2">
               {[
                 { value: '1h', label: 'Last 1 Hour' },
                 { value: '24h', label: 'Last 24 Hours' },
@@ -359,7 +357,7 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
         </div>
       </div>
 
-      {/* Active Filters */}
+      {/* Active Filters - STANDARDIZED */}
       {activeFilters.length > 0 && (
         <div className="flex items-center gap-2 flex-wrap text-xs">
           <span className="text-zinc-500 font-medium">FILTERS APPLIED:</span>
@@ -391,187 +389,192 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
   const renderDetectionTable = () => (
     <div className="bg-[#0a0a0b] border border-zinc-800/50 rounded-lg overflow-hidden">
       <table className="w-full">
-  <thead className="bg-zinc-900/50 border-b border-zinc-800">
-    <tr className="text-[10px] font-bold text-zinc-500 uppercase tracking-wider">
-      <th className="px-4 py-3 text-left w-8">
-        <input 
-          type="checkbox" 
-          className="h-4 w-4 border-2 border-zinc-700 bg-zinc-900 checked:bg-[#00D4AA] checked:border-[#00D4AA] appearance-none rounded flex items-center justify-center checked:after:content-['✓'] checked:after:text-black checked:after:text-xs"
-          checked={selectedRows.length === filteredAlerts.length && filteredAlerts.length > 0}
-          onChange={toggleAllRows}
-        />
-      </th>
-      <th className="px-4 py-3 text-left w-12">LEVEL</th>
-      <th className="px-4 py-3 text-left min-w-[200px]">USECASE NAME / MITRE ID</th>
-      <th className="px-4 py-3 text-left min-w-[180px]">SOURCE → DESTINATION</th>
-      <th className="px-4 py-3 text-left min-w-[200px]">TELEMETRY & TRAFFIC</th>
-      <th className="px-4 py-3 text-left min-w-[140px]">SEVERITY ANALYSIS</th>
-      <th className="px-4 py-3 text-left min-w-[120px]">TRIGGERED</th>
-      <th className="px-4 py-3 text-left w-16">ACTIONS</th>
-    </tr>
-  </thead>
-  <tbody className="divide-y divide-zinc-800/50">
-    {filteredAlerts.length > 0 ? (
-      filteredAlerts.slice(0, 10).map((alert) => (
-        <tr 
-          key={alert.id} 
-          className="hover:bg-zinc-900/30 transition-colors cursor-pointer"
-          onClick={() => setSelectedAlertId(alert.id)}
-        >
-          <td className="px-4 py-4">
-            <input 
-  type="checkbox" 
-  className="h-4 w-4 border-2 border-zinc-700 bg-zinc-900 checked:bg-[#00D4AA] checked:border-[#00D4AA] appearance-none rounded flex items-center justify-center checked:after:content-['✓'] checked:after:text-black checked:after:text-xs"
-  checked={selectedRows.includes(alert.id)}
-  onChange={() => toggleRowSelection(alert.id)}
-  onClick={(e) => e.stopPropagation()}
-/>
-          </td>
-          <td className="px-4 py-4">
-            <div className={`w-2 h-2 rounded-full ${
-              alert.severity === 'critical' ? 'bg-red-500' :
-              alert.severity === 'high' ? 'bg-orange-500' :
-              'bg-yellow-500'
-            }`} />
-          </td>
-          <td className="px-4 py-4">
-            <div className="space-y-1">
-              <div className="text-sm font-semibold text-white">{alert.name}</div>
-              <div className="text-[10px] text-zinc-500 font-mono whitespace-nowrap">{alert.mitreId || 'T1071.001'} · {alert.mitreStage || 'C&C'} · 2024-{alert.timestamp?.split('-')[1] || '06'}-{alert.timestamp?.split('-')[2]?.split(' ')[0] || '15'}</div>
-            </div>
-          </td>
-          <td className="px-4 py-4">
-            <div className="space-y-1">
-              <div className="flex items-center gap-2">
-                <span className="text-xs font-mono text-white">{alert.sourceIp}</span>
-                <ChevronRight size={12} className="text-zinc-600 flex-shrink-0" />
-                <span className="text-xs font-mono text-white">{alert.destIp || '45.12.88.2'}</span>
-              </div>
-              <div className="text-[10px] text-zinc-500 font-medium truncate">{alert.assetContext?.segment || 'MGMT-CHQ-K02'} ({alert.protocol || 'ZEEK DHCP'})</div>
-            </div>
-          </td>
-          <td className="px-4 py-4">
-            <div className="flex flex-wrap gap-1.5">
-              <span className="px-2 py-0.5 bg-cyan-600/20 border border-cyan-600/30 text-cyan-400 rounded text-[10px] font-bold whitespace-nowrap">
-                ZEEK-CONN
-              </span>
-              <span className="px-2 py-0.5 bg-cyan-600/20 border border-cyan-600/30 text-cyan-400 rounded text-[10px] font-bold whitespace-nowrap">
-                ZEEK-SSL
-              </span>
-              <span className="px-2 py-0.5 bg-green-600/20 border border-green-600/30 text-green-400 rounded text-[10px] font-bold whitespace-nowrap">
-                NORTH-SOUTH
-              </span>
-            </div>
-          </td>
-          <td className="px-4 py-4">
-            <div className={`inline-flex px-3 py-1 rounded border ${getSeverityBg(alert.severity)}`}>
-              <span className={`text-xs font-bold uppercase whitespace-nowrap ${getSeverityColor(alert.severity)}`}>
-                {alert.severity} ({alert.score || 88})
-              </span>
-            </div>
-          </td>
-          <td className="px-4 py-4">
-            <div className="space-y-0.5">
-              <div className="flex items-center gap-1.5 text-zinc-400 text-[11px] whitespace-nowrap">
-                <Clock size={12} className="flex-shrink-0" />
-                <span>2 mins ago</span>
-              </div>
-              <div className="text-[10px] text-zinc-600 font-mono whitespace-nowrap">
-                JAN 22, 16:22
-              </div>
-            </div>
-          </td>
-          <td className="px-4 py-4">
-            <div className="relative dropdown-container">
-              <button 
-                className="p-1.5 hover:bg-zinc-800 rounded transition-colors"
-                onClick={(e) => {
-                  e.stopPropagation();
-                  setOpenActionMenu(openActionMenu === alert.id ? null : alert.id);
-                }}
+        <thead className="bg-zinc-900/50 border-b border-zinc-800">
+          <tr className="text-[10px] font-bold text-zinc-500 uppercase tracking-wider">
+            <th className="px-4 py-3 text-left w-8">
+              <input 
+                type="checkbox" 
+                className="h-4 w-4 border-2 border-zinc-700 bg-zinc-900 checked:bg-[#00D4AA] checked:border-[#00D4AA] appearance-none rounded flex items-center justify-center checked:after:content-['✓'] checked:after:text-black checked:after:text-xs"
+                checked={selectedRows.length === filteredAlerts.length && filteredAlerts.length > 0}
+                onChange={toggleAllRows}
+              />
+            </th>
+            <th className="px-4 py-3 text-left w-12">LEVEL</th>
+            <th className="px-4 py-3 text-left min-w-[200px]">USECASE NAME / MITRE ID</th>
+            <th className="px-4 py-3 text-left min-w-[180px]">SOURCE → DESTINATION</th>
+            <th className="px-4 py-3 text-left min-w-[200px]">TELEMETRY & TRAFFIC</th>
+            <th className="px-4 py-3 text-left min-w-[140px]">SEVERITY ANALYSIS</th>
+            <th className="px-4 py-3 text-left min-w-[120px]">TRIGGERED</th>
+            <th className="px-4 py-3 text-left w-16">ACTIONS</th>
+          </tr>
+        </thead>
+        <tbody className="divide-y divide-zinc-800/50">
+          {filteredAlerts.length > 0 ? (
+            filteredAlerts.slice(0, 10).map((alert) => (
+              <tr 
+                key={alert.id} 
+                className="hover:bg-zinc-900/30 transition-colors cursor-pointer"
+                onClick={() => setSelectedAlertId(alert.id)}
               >
-                <MoreVertical size={16} className="text-zinc-500" />
-              </button>
-              {openActionMenu === alert.id && (
-                <div className="absolute right-0 top-full mt-1 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[180px] z-50 py-2">
-                  <button 
-                    onClick={(e) => {
-                      e.stopPropagation();
-                      setSelectedAlertId(alert.id);
-                      setOpenActionMenu(null);
-                    }}
-                    className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
-                  >
-                    <Search size={14} />
-                    View Details
-                  </button>
-                  <button 
-                    onClick={(e) => {
-                      e.stopPropagation();
-                      console.log('Acknowledge alert:', alert.id);
-                      setOpenActionMenu(null);
-                    }}
-                    className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
-                  >
-                    <ShieldCheck size={14} />
-                    Acknowledge
-                  </button>
-                  <button 
-                    onClick={(e) => {
-                      e.stopPropagation();
-                      console.log('Escalate alert:', alert.id);
-                      setOpenActionMenu(null);
-                    }}
-                    className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
-                  >
-                    <Zap size={14} />
-                    Escalate
-                  </button>
-                  <button 
-                    onClick={(e) => {
-                      e.stopPropagation();
-                      console.log('Create case:', alert.id);
-                      setOpenActionMenu(null);
-                    }}
-                    className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
-                  >
-                    <Target size={14} />
-                    Create Case
-                  </button>
-                  <div className="border-t border-zinc-800 my-2"></div>
-                  <button 
-                    onClick={(e) => {
-                      e.stopPropagation();
-                      console.log('Mark false positive:', alert.id);
-                      setOpenActionMenu(null);
-                    }}
-                    className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-red-400 transition-colors flex items-center gap-2"
-                  >
-                    <X size={14} />
-                    Mark False Positive
-                  </button>
+                <td className="px-4 py-4">
+                  <input 
+                    type="checkbox" 
+                    className="h-4 w-4 border-2 border-zinc-700 bg-zinc-900 checked:bg-[#00D4AA] checked:border-[#00D4AA] appearance-none rounded flex items-center justify-center checked:after:content-['✓'] checked:after:text-black checked:after:text-xs"
+                    checked={selectedRows.includes(alert.id)}
+                    onChange={() => toggleRowSelection(alert.id)}
+                    onClick={(e) => e.stopPropagation()}
+                  />
+                </td>
+                <td className="px-4 py-4">
+                  <div className={`w-2 h-2 rounded-full ${
+                    alert.severity === 'critical' ? 'bg-red-500' :
+                    alert.severity === 'high' ? 'bg-orange-500' :
+                    alert.severity === 'medium' ? 'bg-yellow-500' :
+                    'bg-blue-500'
+                  }`} />
+                </td>
+                <td className="px-4 py-4">
+                  <div className="space-y-1">
+                    <div className="text-sm font-semibold text-white">{alert.name}</div>
+                    <div className="text-[10px] text-zinc-500  whitespace-nowrap">
+                      {alert.mitreId || 'T1071.001'} · {alert.mitreStage || 'C&C'} · 2024-{alert.timestamp?.split('-')[1] || '06'}-{alert.timestamp?.split('-')[2]?.split(' ')[0] || '15'}
+                    </div>
+                  </div>
+                </td>
+                <td className="px-4 py-4">
+                  <div className="space-y-1">
+                    <div className="flex items-center gap-2">
+                      <span className="text-xs  text-white">{alert.sourceIp}</span>
+                      <ChevronRight size={12} className="text-zinc-600 flex-shrink-0" />
+                      <span className="text-xs  text-white">{alert.destIp || '45.12.88.2'}</span>
+                    </div>
+                    <div className="text-[10px] text-zinc-500 font-medium truncate">
+                      {alert.assetContext?.segment || 'MGMT-CHQ-K02'} ({alert.protocol || 'ZEEK DHCP'})
+                    </div>
+                  </div>
+                </td>
+                <td className="px-4 py-4">
+                  <div className="flex flex-wrap gap-1.5">
+                    <span className="px-2 py-0.5 bg-cyan-600/20 border border-cyan-600/30 text-cyan-400 rounded text-[10px] font-bold whitespace-nowrap">
+                      ZEEK-CONN
+                    </span>
+                    <span className="px-2 py-0.5 bg-cyan-600/20 border border-cyan-600/30 text-cyan-400 rounded text-[10px] font-bold whitespace-nowrap">
+                      ZEEK-SSL
+                    </span>
+                    <span className="px-2 py-0.5 bg-green-600/20 border border-green-600/30 text-green-400 rounded text-[10px] font-bold whitespace-nowrap">
+                      NORTH-SOUTH
+                    </span>
+                  </div>
+                </td>
+                <td className="px-4 py-4">
+                  <div className={`inline-flex px-3 py-1 rounded border ${getSeverityBg(alert.severity)}`}>
+                    <span className={`text-xs font-bold uppercase whitespace-nowrap ${getSeverityColor(alert.severity)}`}>
+                      {alert.severity} ({alert.score || 88})
+                    </span>
+                  </div>
+                </td>
+                <td className="px-4 py-4">
+                  <div className="space-y-0.5">
+                    <div className="flex items-center gap-1.5 text-zinc-400 text-[11px] whitespace-nowrap">
+                      <Clock size={12} className="flex-shrink-0" />
+                      <span>2 mins ago</span>
+                    </div>
+                    <div className="text-[10px] text-zinc-600  whitespace-nowrap">
+                      JAN 22, 16:22
+                    </div>
+                  </div>
+                </td>
+                <td className="px-4 py-4">
+                  <div className="relative dropdown-container">
+                    <button 
+                      className="p-1.5 hover:bg-zinc-800 rounded transition-colors"
+                      onClick={(e) => {
+                        e.stopPropagation();
+                        setOpenActionMenu(openActionMenu === alert.id ? null : alert.id);
+                      }}
+                    >
+                      <MoreVertical size={16} className="text-zinc-500" />
+                    </button>
+                    {openActionMenu === alert.id && (
+                      <div className="absolute right-0 top-full mt-1 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg shadow-2xl min-w-[180px] z-50 py-2">
+                        <button 
+                          onClick={(e) => {
+                            e.stopPropagation();
+                            setSelectedAlertId(alert.id);
+                            setOpenActionMenu(null);
+                          }}
+                          className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
+                        >
+                          <Search size={14} />
+                          View Details
+                        </button>
+                        <button 
+                          onClick={(e) => {
+                            e.stopPropagation();
+                            console.log('Acknowledge alert:', alert.id);
+                            setOpenActionMenu(null);
+                          }}
+                          className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
+                        >
+                          <ShieldCheck size={14} />
+                          Acknowledge
+                        </button>
+                        <button 
+                          onClick={(e) => {
+                            e.stopPropagation();
+                            console.log('Escalate alert:', alert.id);
+                            setOpenActionMenu(null);
+                          }}
+                          className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
+                        >
+                          <Zap size={14} />
+                          Escalate
+                        </button>
+                        <button 
+                          onClick={(e) => {
+                            e.stopPropagation();
+                            console.log('Create case:', alert.id);
+                            setOpenActionMenu(null);
+                          }}
+                          className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-2"
+                        >
+                          <Target size={14} />
+                          Create Case
+                        </button>
+                        <div className="border-t border-[#1e1e20] my-2"></div>
+                        <button 
+                          onClick={(e) => {
+                            e.stopPropagation();
+                            console.log('Mark false positive:', alert.id);
+                            setOpenActionMenu(null);
+                          }}
+                          className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-red-400 transition-colors flex items-center gap-2"
+                        >
+                          <X size={14} />
+                          Mark False Positive
+                        </button>
+                      </div>
+                    )}
+                  </div>
+                </td>
+              </tr>
+            ))
+          ) : (
+            <tr>
+              <td colSpan={8} className="px-4 py-16 text-center">
+                <div className="flex flex-col items-center justify-center opacity-30">
+                  <X size={32} className="text-zinc-600 mb-2" />
+                  <h3 className="text-sm font-bold text-zinc-500 uppercase tracking-wider">
+                    No matching detections
+                  </h3>
                 </div>
-              )}
-            </div>
-          </td>
-        </tr>
-      ))
-    ) : (
-      <tr>
-        <td colSpan={8} className="px-4 py-16 text-center">
-          <div className="flex flex-col items-center justify-center opacity-30">
-            <X size={32} className="text-zinc-600 mb-2" />
-            <h3 className="text-sm font-bold text-zinc-500 uppercase tracking-wider">
-              No matching detections
-            </h3>
-          </div>
-        </td>
-      </tr>
-    )}
-  </tbody>
-</table>
+              </td>
+            </tr>
+          )}
+        </tbody>
+      </table>
 
-      {/* Pagination */}
+      {/* Pagination - STANDARDIZED */}
       <div className="flex items-center justify-between px-4 py-3 border-t border-zinc-800 bg-zinc-900/30">
         <div className="text-xs text-zinc-500">
           Detections: <span className="font-bold text-white">1,284</span>
@@ -579,10 +582,10 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           Filtered: <span className="font-bold text-white">{filteredAlerts.length}</span>
         </div>
         <div className="flex items-center gap-2">
-          <button className="px-3 py-1.5 bg-zinc-800 hover:bg-zinc-700 text-zinc-300 text-xs rounded transition-colors">
+          <button className="px-3 py-1.5 bg-zinc-800 hover:bg-zinc-700 text-zinc-300 text-xs rounded transition-colors disabled:opacity-50">
             Prev
           </button>
-          <button className="px-3 py-1.5 bg-[#00D4AA] text-white text-xs font-semibold rounded">
+          <button className="px-3 py-1.5 bg-[#00D4AA] text-black text-xs font-semibold rounded">
             1
           </button>
           <button className="px-3 py-1.5 bg-zinc-800 hover:bg-zinc-700 text-zinc-300 text-xs rounded transition-colors">
@@ -591,7 +594,7 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           <button className="px-3 py-1.5 bg-zinc-800 hover:bg-zinc-700 text-zinc-300 text-xs rounded transition-colors">
             3
           </button>
-          <button className="px-3 py-1.5 bg-zinc-800 hover:bg-zinc-700 text-zinc-300 text-xs rounded transition-colors">
+          <button className="px-3 py-1.5 bg-zinc-800 hover:bg-zinc-700 text-zinc-300 text-xs rounded transition-colors disabled:opacity-50">
             Next
           </button>
         </div>
@@ -601,12 +604,12 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
 
   const renderStats = () => (
     <div className="animate-in fade-in duration-500 space-y-6">
-      {/* Top row metric cards */}
+      {/* Top row metric cards - STANDARDIZED */}
       <div className="grid grid-cols-1 md:grid-cols-4 gap-4">
         {[
-          { label: 'TOTAL DETECTIONS (24H)', value: '247', sub: '↑ 12% from previous', color: 'text-white', trend: 'text-[#10b981]' },
-          { label: 'MTTR (MEAN RESPONSE)', value: '2.4h', sub: 'Target: < 3.0h', color: 'text-[#00D4AA]', trend: 'text-[#3b82f6]' },
-          { label: 'DETECTION PRECISION', value: '94.2%', sub: 'False Positives: 5.8%', color: 'text-[#10b981]', trend: 'text-zinc-500' },
+          { label: 'TOTAL DETECTIONS (24H)', value: '247', sub: '↑ 12% from previous', color: 'text-white', trend: 'text-green-500' },
+          { label: 'MTTR (MEAN RESPONSE)', value: '2.4h', sub: 'Target: < 3.0h', color: 'text-[#00D4AA]', trend: 'text-blue-500' },
+          { label: 'DETECTION PRECISION', value: '94.2%', sub: 'False Positives: 5.8%', color: 'text-green-500', trend: 'text-zinc-500' },
           { label: 'SENSOR EFFICIENCY', value: '99.8%', sub: 'Packet Loss: 0.002%', color: 'text-white', trend: 'text-zinc-500' },
         ].map((m, i) => (
           <div key={i} className="bg-[#161618] border border-[#1e1e20] p-6 rounded-xl shadow-sm space-y-3">
@@ -618,10 +621,12 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
       </div>
 
       <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
-        {/* Main Chart Area */}
+        {/* Main Chart Area - STANDARDIZED */}
         <div className="lg:col-span-2 bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-6 shadow-sm">
           <div className="flex justify-between items-center">
-            <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">DETECTION TIMELINE (LAST 24H / 15M WINDOWS)</h3>
+            <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">
+              DETECTION TIMELINE (LAST 24H / 15M WINDOWS)
+            </h3>
           </div>
           <div className="h-[300px]">
             <ResponsiveContainer width="100%" height="100%">
@@ -633,29 +638,31 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
                   </linearGradient>
                 </defs>
                 <CartesianGrid strokeDasharray="3 3" stroke="#1e1e20" vertical={false} />
-                <XAxis dataKey="time" axisLine={false} tickLine={false} tick={{fill: '#4b5563', fontSize: 10}} />
-                <YAxis axisLine={false} tickLine={false} tick={{fill: '#4b5563', fontSize: 10}} />
-                <Tooltip contentStyle={{backgroundColor: '#0c0c0e', border: '1px solid #333', borderRadius: '12px', fontSize: '10px'}} />
+                <XAxis dataKey="time" axisLine={false} tickLine={false} tick={{fill: '#71717a', fontSize: 10}} />
+                <YAxis axisLine={false} tickLine={false} tick={{fill: '#71717a', fontSize: 10}} />
+                <Tooltip contentStyle={{backgroundColor: '#0a0a0b', border: '1px solid #1e1e20', borderRadius: '12px', fontSize: '10px'}} />
                 <Area type="monotone" dataKey="v" stroke="#e11d48" fill="url(#colorThreat)" strokeWidth={2} dot={{ r: 4, fill: '#e11d48', strokeWidth: 2, stroke: '#161618' }} />
               </AreaChart>
             </ResponsiveContainer>
           </div>
         </div>
 
-        {/* Right Sidebar: Protocol Threats */}
+        {/* Right Sidebar: Protocol Threats - STANDARDIZED */}
         <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-8 shadow-sm">
-          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">PROTOCOL-BASED THREATS (ZEEK LOGS)</h3>
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">
+            PROTOCOL-BASED THREATS (ZEEK LOGS)
+          </h3>
           <div className="space-y-8">
             {[
-              { label: 'HTTP C2 (conn.log)', pct: 45, color: 'bg-blue-500' },
-              { label: 'DNS Tunneling (dns.log)', pct: 25, color: 'bg-blue-500' },
-              { label: 'SMB Lateral (smb.log)', pct: 15, color: 'bg-blue-500' },
-              { label: 'RDP Brute (notice.log)', pct: 10, color: 'bg-blue-500' },
+              { label: 'HTTP C2 (conn.log)', pct: 45, color: 'bg-[#00D4AA]' },
+              { label: 'DNS Tunneling (dns.log)', pct: 25, color: 'bg-[#00D4AA]' },
+              { label: 'SMB Lateral (smb.log)', pct: 15, color: 'bg-[#00D4AA]' },
+              { label: 'RDP Brute (notice.log)', pct: 10, color: 'bg-[#00D4AA]' },
             ].map(p => (
               <div key={p.label} className="space-y-2">
                 <div className="flex justify-between items-center text-[10px] font-black uppercase tracking-tight">
                   <span className="text-zinc-400">{p.label}</span>
-                  <span className="text-blue-400">{p.pct}%</span>
+                  <span className="text-[#00D4AA]">{p.pct}%</span>
                 </div>
                 <div className="h-1.5 w-full bg-zinc-950 rounded-full overflow-hidden">
                   <div className={`h-full ${p.color}`} style={{ width: `${p.pct}%` }} />
@@ -667,14 +674,21 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
       </div>
 
       <div className="grid grid-cols-1 lg:grid-cols-12 gap-6">
-        {/* Heatmap Section */}
+        {/* Heatmap Section - STANDARDIZED */}
         <div className="lg:col-span-4 bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-6">
-          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">ATTACK TIMELINE HEATMAP (7 DAYS)</h3>
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">
+            ATTACK TIMELINE HEATMAP (7 DAYS)
+          </h3>
           <div className="grid grid-cols-24 gap-1">
             {Array.from({ length: 7 * 24 }).map((_, i) => {
               const isActive = Math.random() > 0.8;
               return (
-                <div key={i} className={`aspect-square rounded-[1px] ${isActive ? (Math.random() > 0.5 ? 'bg-blue-500' : 'bg-[#00D4AA]/40') : 'bg-zinc-800/40'}`} />
+                <div 
+                  key={i} 
+                  className={`aspect-square rounded-[1px] ${
+                    isActive ? (Math.random() > 0.5 ? 'bg-[#00D4AA]' : 'bg-[#00D4AA]/40') : 'bg-zinc-800/40'
+                  }`} 
+                />
               );
             })}
           </div>
@@ -683,13 +697,15 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
           </div>
         </div>
 
-        {/* Targeted Assets Section */}
+        {/* Targeted Assets Section - STANDARDIZED */}
         <div className="lg:col-span-8 bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden">
           <div className="px-8 py-6 border-b border-[#1e1e20]">
-             <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">MOST TARGETED INTERNAL ASSETS</h3>
+            <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">
+              MOST TARGETED INTERNAL ASSETS
+            </h3>
           </div>
           <table className="w-full text-left">
-            <thead className="bg-zinc-950/20 text-[8px] font-black text-zinc-600 uppercase tracking-widest border-b border-[#1e1e20]">
+            <thead className="bg-zinc-900/50 text-[10px] font-bold text-zinc-500 uppercase tracking-wider border-b border-[#1e1e20]">
               <tr>
                 <th className="px-8 py-3">INTERNAL HOST</th>
                 <th className="px-8 py-3">LATEST ALERT</th>
@@ -702,14 +718,14 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
                 { host: '10.0.5.42', tag: '(CEO-MBP)', alert: 'C2 Beaconing', volume: '15 Hits', score: '92/100', color: 'text-red-500' },
                 { host: '10.0.1.10', tag: '(DC-PROD-01)', alert: 'Suspicious SMB', volume: '12 Hits', score: '78/100', color: 'text-orange-500' },
               ].map((row, i) => (
-                <tr key={i} className="hover:bg-white/5 transition-colors group cursor-pointer">
+                <tr key={i} className="hover:bg-zinc-900/30 transition-colors cursor-pointer">
                   <td className="px-8 py-5">
-                    <span className="text-[11px] font-mono font-bold text-white tracking-tight">{row.host}</span>
-                    <span className="text-[9px] text-zinc-600 font-bold ml-2">{row.tag}</span>
+                    <span className="text-xs  font-semibold text-white">{row.host}</span>
+                    <span className="text-[10px] text-zinc-600 font-bold ml-2">{row.tag}</span>
                   </td>
-                  <td className="px-8 py-5 text-[10px] font-bold text-zinc-300 uppercase tracking-tight">{row.alert}</td>
-                  <td className="px-8 py-5 text-[10px] font-bold text-white uppercase tracking-tight">{row.volume}</td>
-                  <td className={`px-8 py-5 text-right text-[11px] font-black ${row.color}`}>{row.score}</td>
+                  <td className="px-8 py-5 text-sm text-zinc-400">{row.alert}</td>
+                  <td className="px-8 py-5 text-sm font-semibold text-white">{row.volume}</td>
+                  <td className={`px-8 py-5 text-right text-sm font-black ${row.color}`}>{row.score}</td>
                 </tr>
               ))}
             </tbody>
@@ -725,15 +741,29 @@ const DetectionsPage: React.FC<{ defaultView?: 'feed' | 'stats' }> = ({ defaultV
 
   return (
     <div className="max-w-[1300px] mx-auto pb-48 px-4">
-      {/* Header section - UNCHANGED */}
+      {/* Header section - STANDARDIZED */}
       <div className="flex items-center justify-between mb-8 px-2">
-        <h2 className="text-xl font-bold text-white uppercase tracking-tight">
-          {view === 'feed' ? 'Detection Feed' : 'Detection Feed'}
-        </h2>
+        <h1 className="text-xl font-bold text-white uppercase tracking-tight">
+          Detection Feed
+        </h1>
         <div className="flex items-center gap-4">
           <div className="flex bg-[#161618] border border-[#1e1e20] p-1 rounded-xl">
-             <button onClick={() => setView('feed')} className={`px-6 py-1.5 rounded-lg text-[10px] font-black uppercase tracking-widest transition-all ${view === 'feed' ? 'bg-[#00D4AA] text-black shadow-lg' : 'text-zinc-500 hover:text-white'}`}>Feed View</button>
-             <button onClick={() => setView('stats')} className={`px-6 py-1.5 rounded-lg text-[10px] font-black uppercase tracking-widest transition-all ${view === 'stats' ? 'bg-[#00D4AA] text-black shadow-lg' : 'text-zinc-500 hover:text-white'}`}>Analytics</button>
+            <button 
+              onClick={() => setView('feed')} 
+              className={`px-6 py-1.5 rounded-lg text-[10px] font-black uppercase tracking-widest transition-all ${
+                view === 'feed' ? 'bg-[#00D4AA] text-black shadow-lg' : 'text-zinc-500 hover:text-white'
+              }`}
+            >
+              Feed View
+            </button>
+            <button 
+              onClick={() => setView('stats')} 
+              className={`px-6 py-1.5 rounded-lg text-[10px] font-black uppercase tracking-widest transition-all ${
+                view === 'stats' ? 'bg-[#00D4AA] text-black shadow-lg' : 'text-zinc-500 hover:text-white'
+              }`}
+            >
+              Analytics
+            </button>
           </div>
         </div>
       </div>
diff --git a/ui/pages/InvestigationDetailPage.tsx b/ui/pages/InvestigationDetailPage.tsx
index c358f7f..52cba73 100644
--- a/ui/pages/InvestigationDetailPage.tsx
+++ b/ui/pages/InvestigationDetailPage.tsx
@@ -16,43 +16,43 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
   const [actionsDropdownOpen, setActionsDropdownOpen] = useState(false);
 
   return (
-    <div className="animate-in fade-in duration-500 max-w-[1300px] mx-auto space-y-6 pb-32">
+    <div className="animate-in fade-in duration-500 max-w-[1300px] mx-auto space-y-6 pb-48 px-4">
       {/* Top Header Row */}
       <div className="flex items-center justify-between">
         <div className="flex items-center gap-2">
-           <div className="w-2 h-2 rounded-full bg-emerald-500 animate-pulse" />
-           <span className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Ingestion: Healthy</span>
+          <div className="w-2 h-2 rounded-full bg-green-500 animate-pulse" />
+          <span className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Ingestion: Healthy</span>
         </div>
       </div>
 
       {/* Title Block */}
-      <div className="flex items-center justify-between  py-4">
+      <div className="flex items-center justify-between py-4">
         <div className="flex items-center gap-6">
           <button onClick={onBack} className="p-3 bg-[#161618] border border-[#1e1e20] rounded-xl text-zinc-500 hover:text-white transition-all">
             <ArrowLeft size={20} />
           </button>
           <div>
-            <h2 className="text-xl font-black text-white uppercase tracking-tight">Persistent C2 Beaconing Activity</h2>
-            <p className="text-[10px] font-black text-zinc-600 uppercase tracking-widest mt-1.5">Case ID: {id || 'INV-2024-001'}</p>
+            <h2 className="text-xl font-bold text-white uppercase tracking-tight">Persistent C2 Beaconing Activity</h2>
+            <p className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mt-1.5">Case ID: {id || 'INV-2024-001'}</p>
           </div>
         </div>
         <div className="relative">
           <button 
             onClick={() => setActionsDropdownOpen(!actionsDropdownOpen)}
-            className="bg-[#161618] border border-[#1e1e20] text-zinc-400 px-6 py-3 rounded-lg text-[10px] font-black uppercase tracking-widest hover:text-white transition-all flex items-center gap-2"
+            className="bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all flex items-center gap-2"
           >
             Actions <ChevronDown size={14} />
           </button>
           {actionsDropdownOpen && (
-            <div className="absolute right-0 top-full mt-2 w-56 bg-[#161618] border border-[#1e1e20] rounded-lg shadow-2xl z-50 overflow-hidden">
+            <div className="absolute right-0 top-full mt-2 bg-[#0a0a0b] border border-zinc-800 rounded-lg shadow-2xl min-w-[200px] z-50 py-2">
               <button 
                 onClick={() => {
                   console.log('Resolve case');
                   setActionsDropdownOpen(false);
                 }}
-                className="w-full px-4 py-3 text-left text-xs text-zinc-300 hover:bg-[#1e1e20] transition-colors flex items-center gap-3"
+                className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-3"
               >
-                <CheckCircle2 size={14} className="text-emerald-400" />
+                <CheckCircle2 size={14} className="text-green-500" />
                 Resolve Case
               </button>
               <button 
@@ -60,9 +60,9 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
                   console.log('Escalate to me');
                   setActionsDropdownOpen(false);
                 }}
-                className="w-full px-4 py-3 text-left text-xs text-zinc-300 hover:bg-[#1e1e20] transition-colors flex items-center gap-3 border-t border-[#1e1e20]"
+                className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-3"
               >
-                <TrendingUp size={14} className="text-blue-400" />
+                <TrendingUp size={14} className="text-blue-500" />
                 Escalate to Me
               </button>
               <button 
@@ -70,9 +70,9 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
                   console.log('Isolate host');
                   setActionsDropdownOpen(false);
                 }}
-                className="w-full px-4 py-3 text-left text-xs text-zinc-300 hover:bg-[#1e1e20] transition-colors flex items-center gap-3 border-t border-[#1e1e20]"
+                className="w-full text-left px-4 py-2.5 hover:bg-zinc-900 text-sm text-zinc-300 transition-colors flex items-center gap-3"
               >
-                <Shield size={14} className="text-red-400" />
+                <Shield size={14} className="text-red-500" />
                 Isolate Host
               </button>
             </div>
@@ -81,7 +81,7 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
       </div>
 
       {/* Tabs Navigation */}
-      <div className="border-b border-zinc-800">
+      <div className="border-b border-[#1e1e20]">
         <div className="flex gap-1">
           {[
             { id: 'overview', label: 'Overview', icon: Monitor },
@@ -95,9 +95,9 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
               <button
                 key={tab.id}
                 onClick={() => setActiveTab(tab.id)}
-                className={`px-6 py-3 text-xs font-bold uppercase tracking-wider transition-all relative flex items-center gap-2 ${
+                className={`px-6 py-3 text-[10px] font-black uppercase tracking-widest transition-all relative flex items-center gap-2 ${
                   activeTab === tab.id 
-                    ? 'text-emerald-400 border-b-2 border-emerald-500' 
+                    ? 'text-[#00D4AA] border-b-2 border-[#00D4AA]' 
                     : 'text-zinc-500 hover:text-zinc-300'
                 }`}
               >
@@ -113,36 +113,31 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
       <div className="animate-in fade-in duration-300">
         {activeTab === 'overview' && (
           <div className="space-y-6">
-            
             {/* Case Header Card */}
-            <div className="bg-[#0c0c0e]  border-l-4 border-red-500 rounded-lg p-6">
-              <div className="flex items-start justify-between">
-                <div className="flex-1">
-                  <div className="flex items-center gap-3 mb-4">
-                    <span className="px-3 py-1 bg-red-600/20 border border-red-600/30 text-red-400 text-xs font-black uppercase rounded">
-                      Critical - P1
-                    </span>
-                    <h2 className="text-xl font-black text-white">Persistent DNS Tunneling & SMB Lateral Movement</h2>
-                  </div>
-                  
-                  <div className="grid grid-cols-4 gap-6 text-sm">
-                    <div>
-                      <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-1">Lead Analyst</div>
-                      <div className="text-white font-bold">Alex Rivera</div>
-                    </div>
-                    <div>
-                      <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-1">Time Open</div>
-                      <div className="text-white font-bold">2 hours ago</div>
-                    </div>
-                    <div>
-                      <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-1">Primary Entity</div>
-                      <div className="text-emerald-400 font-mono font-bold">MGMT-CHQ-K02 (10.0.2.88)</div>
-                    </div>
-                    <div>
-                      <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-1">Connected Alerts</div>
-                      <div className="text-white font-bold">3 Records</div>
-                    </div>
-                  </div>
+            <div className="bg-[#161618] border border-[#1e1e20] border-l-4 border-l-red-500 rounded-xl p-6 space-y-4 shadow-sm">
+              <div className="flex items-center gap-3">
+                <span className="inline-flex px-3 py-1 rounded border bg-red-500/10 border-red-500/20">
+                  <span className="text-xs font-bold uppercase text-red-500">Critical - P1</span>
+                </span>
+                <h2 className="text-xl font-bold text-white uppercase tracking-tight">Persistent DNS Tunneling & SMB Lateral Movement</h2>
+              </div>
+              
+              <div className="grid grid-cols-4 gap-6">
+                <div>
+                  <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">Lead Analyst</div>
+                  <div className="text-sm font-semibold text-white">Alex Rivera</div>
+                </div>
+                <div>
+                  <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">Time Open</div>
+                  <div className="text-sm font-semibold text-white">2 hours ago</div>
+                </div>
+                <div>
+                  <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">Primary Entity</div>
+                  <div className="text-sm font-semibold text-white">MGMT-CHQ-K02 (10.0.2.88)</div>
+                </div>
+                <div>
+                  <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">Connected Alerts</div>
+                  <div className="text-sm font-semibold text-white">3 Records</div>
                 </div>
               </div>
             </div>
@@ -153,23 +148,23 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
               <div className="space-y-6">
                 
                 {/* Case Origin */}
-                <div className="bg-[#0a0a0b] border border-emerald-900/30 rounded-xl overflow-hidden">
-                  <div className="px-6 py-4 border-b border-emerald-900/20">
-                    <div className="flex items-center gap-2 text-emerald-400">
-                      <Target size={14} />
-                      <h3 className="text-[10px] font-black uppercase tracking-widest">Case Origin</h3>
+                <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
+                  <div className="px-6 py-4 border-b border-[#1e1e20]">
+                    <div className="flex items-center gap-2">
+                      <Target size={16} className="text-[#00D4AA]" />
+                      <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Case Origin</h3>
                     </div>
                   </div>
                   <div className="p-6 space-y-4">
                     <div>
-                      <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-2">Created From</div>
+                      <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">Created From</div>
                       <div className="flex items-center gap-2">
-                        <AlertTriangle size={14} className="text-emerald-400" />
-                        <span className="text-sm text-white font-bold">Signal: DNS Tunneling Detected</span>
+                        <AlertTriangle size={14} className="text-[#00D4AA]" />
+                        <span className="text-sm font-semibold text-white">Signal: DNS Tunneling Detected</span>
                       </div>
                     </div>
-                    <div className="bg-emerald-900/10 border border-emerald-900/20 rounded-lg p-4">
-                      <p className="text-sm text-emerald-100  leading-relaxed">
+                    <div className="bg-[#00D4AA]/10 border border-[#00D4AA]/30 rounded-lg p-4">
+                      <p className="text-sm text-white italic leading-relaxed">
                         "Auto-escalated due to related SMB lateral movement"
                       </p>
                     </div>
@@ -177,29 +172,29 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
                 </div>
 
                 {/* Executive Summary */}
-                <div className="bg-[#0a0a0b] border border-emerald-900/30 rounded-xl overflow-hidden">
-                  <div className="px-6 py-4 border-b border-emerald-900/20">
-                    <div className="flex items-center gap-2 text-emerald-400">
-                      <FileText size={14} />
-                      <h3 className="text-[10px] font-black uppercase tracking-widest">Executive Summary</h3>
+                <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
+                  <div className="px-6 py-4 border-b border-[#1e1e20]">
+                    <div className="flex items-center gap-2">
+                      <FileText size={16} className="text-[#00D4AA]" />
+                      <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Executive Summary</h3>
                     </div>
                   </div>
                   <div className="p-6">
-                  <ul className="text-sm text-zinc-300 leading-relaxed space-y-2 list-disc list-inside">
-  <li>Investigation into a series of high-entropy DNS queries</li>
-  <li>Unauthorized SMB enumeration from the management workstation</li>
-  <li>Patterns suggest data exfiltration attempt</li>
-  <li>Following local credential compromise</li>
-</ul>
+                    <ul className="text-sm text-zinc-400 leading-relaxed space-y-2 list-disc list-inside">
+                      <li>Investigation into a series of high-entropy DNS queries</li>
+                      <li>Unauthorized SMB enumeration from the management workstation</li>
+                      <li>Patterns suggest data exfiltration attempt</li>
+                      <li>Following local credential compromise</li>
+                    </ul>
                   </div>
                 </div>
 
                 {/* Recent Activity */}
-                <div className="bg-[#0a0a0b] border border-emerald-900/30 rounded-xl overflow-hidden">
-                  <div className="px-6 py-4 border-b border-emerald-900/20">
-                    <div className="flex items-center gap-2 text-amber-400">
-                      <Clock size={14} />
-                      <h3 className="text-[10px] font-black uppercase tracking-widest">Recent Activity</h3>
+                <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
+                  <div className="px-6 py-4 border-b border-[#1e1e20]">
+                    <div className="flex items-center gap-2">
+                      <Clock size={16} className="text-yellow-500" />
+                      <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Recent Activity</h3>
                     </div>
                   </div>
                   <div className="p-6 space-y-3">
@@ -209,7 +204,7 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
                       { time: '17:12:18', text: 'Related Use Case UC-1021-SMB associated with this case' },
                     ].map((item, idx) => (
                       <div key={idx} className="flex items-start gap-3 text-xs">
-                        <span className="text-zinc-600 font-mono min-w-[4.5rem]">{item.time}</span>
+                        <span className="text-zinc-500  min-w-[4.5rem]">{item.time}</span>
                         <span className="text-zinc-400">{item.text}</span>
                       </div>
                     ))}
@@ -221,80 +216,76 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
               <div className="space-y-6">
                 
                 {/* Affected Scope */}
-                <div className="bg-[#0a0a0b] border border-emerald-900/30 rounded-xl overflow-hidden">
-                  <div className="px-6 py-4 border-b border-emerald-900/20">
-                    <div className="flex items-center gap-2 text-emerald-400">
-                      <Target size={14} />
-                      <h3 className="text-[10px] font-black uppercase tracking-widest">Affected Scope</h3>
+                <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
+                  <div className="px-6 py-4 border-b border-[#1e1e20]">
+                    <div className="flex items-center gap-2">
+                      <Target size={16} className="text-[#00D4AA]" />
+                      <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Affected Scope</h3>
                     </div>
                   </div>
-                  <div className="p-6 space-y-4">
+                  <div className="p-6 space-y-3">
                     <div className="flex items-center justify-between">
                       <div className="flex items-center gap-2 text-zinc-400">
                         <Server size={14} />
-                        <span className="text-xs uppercase font-bold">Affected Host(s)</span>
+                        <span className="text-xs font-bold uppercase tracking-tight">Affected Host(s)</span>
                       </div>
-                      <span className="text-white font-bold">1</span>
+                      <span className="text-sm font-semibold text-white">1</span>
                     </div>
                     <div className="flex items-center justify-between">
                       <div className="flex items-center gap-2 text-zinc-400">
                         <Users size={14} />
-                        <span className="text-xs uppercase font-bold">Internal Systems Involved</span>
+                        <span className="text-xs font-bold uppercase tracking-tight">Internal Systems Involved</span>
                       </div>
-                      <span className="text-white font-bold">3</span>
+                      <span className="text-sm font-semibold text-white">3</span>
                     </div>
                     <div className="flex items-center justify-between">
                       <div className="flex items-center gap-2 text-zinc-400">
                         <Globe size={14} />
-                        <span className="text-xs uppercase font-bold">External Destinations</span>
+                        <span className="text-xs font-bold uppercase tracking-tight">External Destinations</span>
                       </div>
-                      <span className="text-white font-bold">1</span>
+                      <span className="text-sm font-semibold text-white">1</span>
                     </div>
                     <div className="flex items-center justify-between">
                       <div className="flex items-center gap-2 text-zinc-400">
                         <Clock size={14} />
-                        <span className="text-xs uppercase font-bold">Observed Time Window</span>
+                        <span className="text-xs font-bold uppercase tracking-tight">Observed Time Window</span>
                       </div>
-                      <span className="text-white font-bold">22 minutes</span>
+                      <span className="text-sm font-semibold text-white">22 minutes</span>
                     </div>
                   </div>
                 </div>
 
                 {/* Current Assessment */}
-                <div className="bg-[#0a0a0b] border border-emerald-900/30 rounded-xl overflow-hidden">
-                  <div className="px-6 py-4 border-b border-emerald-900/20">
-                    <div className="flex items-center gap-2 text-emerald-400">
-                      <ShieldCheck size={14} />
-                      <h3 className="text-[10px] font-black uppercase tracking-widest">Current Assessment</h3>
+                <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
+                  <div className="px-6 py-4 border-b border-[#1e1e20]">
+                    <div className="flex items-center gap-2">
+                      <ShieldCheck size={16} className="text-[#00D4AA]" />
+                      <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Current Assessment</h3>
                     </div>
                   </div>
                   <div className="p-6 space-y-4">
-                  <div className="flex items-center justify-between gap-6">
-  <div className="flex flex-col gap-1">
-    <span className="text-xs text-zinc-500 font-bold uppercase">Status</span>
-    <span className="text-sm text-amber-400 font-bold">Under Investigation</span>
-  </div>
-  <div className="h-[30px] w-[1px] bg-gray-400"></div>
-  
-  
-  
-  <div className="flex flex-col gap-1">
-    <span className="text-xs text-amber-400 font-bold uppercase">Verdict</span>
-    <span className="text-sm text-red-400 font-bold">Likely Malicious</span>
-  </div>
-  <div className="h-[30px] w-[1px] bg-gray-400"></div>
-  
-  
-  
-  <div className="flex flex-col gap-1">
-    <span className="text-xs text-emerald-400 font-bold uppercase">Confidence</span>
-    <span className="text-sm text-emerald-400 font-bold">High</span>
-  </div>
-</div>
+                    <div className="flex items-center justify-between gap-4">
+                      <div className="flex flex-col gap-1">
+                        <span className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">Status</span>
+                        <span className="text-sm font-semibold text-yellow-500">Under Investigation</span>
+                      </div>
+                      <div className="h-[30px] w-[1px] bg-[#1e1e20]"></div>
+                      
+                      <div className="flex flex-col gap-1">
+                        <span className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">Verdict</span>
+                        <span className="text-sm font-semibold text-red-500">Likely Malicious</span>
+                      </div>
+                      <div className="h-[30px] w-[1px] bg-[#1e1e20]"></div>
+                      
+                      <div className="flex flex-col gap-1">
+                        <span className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">Confidence</span>
+                        <span className="text-sm font-semibold text-green-500">High</span>
+                      </div>
+                    </div>
 
-                    <div className="pt-4 border-t border-emerald-900/20">
-                      <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-2">Analyst Stance</div>
-                      <p className="text-xs text-emerald-400 ">
+                    <div className="pt-4 border-t border-[#1e1e20]">
+                      <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-2">Analyst Stance</div>
+                      <p className="text-sm text-zinc-400 leading-relaxed">
                         Initial indicators strongly support an active exfiltration attempt. Containment protocol is currently active.
                       </p>
                     </div>
@@ -302,11 +293,11 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
                 </div>
 
                 {/* Recommended Actions */}
-                <div className="bg-[#0a0a0b] border border-emerald-900/30 rounded-xl overflow-hidden">
-                  <div className="px-6 py-4 border-b border-emerald-900/20">
-                    <div className="flex items-center gap-2 text-emerald-400">
-                      <Zap size={14} />
-                      <h3 className="text-[10px] font-black uppercase tracking-widest">Recommended Actions</h3>
+                <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
+                  <div className="px-6 py-4 border-b border-[#1e1e20]">
+                    <div className="flex items-center gap-2">
+                      <Zap size={16} className="text-[#00D4AA]" />
+                      <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Recommended Actions</h3>
                     </div>
                   </div>
                   <div className="p-6 space-y-3">
@@ -315,10 +306,10 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
                       'Review SMB access logs on MGMT-CHQ-K02',
                     ].map((action, idx) => (
                       <div key={idx} className="flex items-start gap-3">
-                        <div className="mt-0.5 w-5 h-5 rounded bg-cyan-900/30 border border-cyan-600/40 flex items-center justify-center flex-shrink-0">
-                          <span className="text-[10px] text-emerald-400 font-black">{idx + 1}</span>
+                        <div className="mt-0.5 w-5 h-5 rounded-full bg-[#00D4AA]/20 border border-[#00D4AA]/40 flex items-center justify-center flex-shrink-0">
+                          <span className="text-[10px] text-[#00D4AA] font-black">{idx + 1}</span>
                         </div>
-                        <p className="text-xs text-zinc-400 leading-relaxed">{action}</p>
+                        <p className="text-sm text-zinc-400 leading-relaxed">{action}</p>
                       </div>
                     ))}
                   </div>
@@ -331,7 +322,7 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
         {activeTab === 'alerts' && (
           <div className="space-y-4">
             <div className="flex items-center justify-between mb-4">
-              <h3 className="text-sm font-black text-zinc-500 uppercase tracking-widest">Linked Detection</h3>
+              <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Linked Detection</h3>
             </div>
             
             {[
@@ -339,33 +330,31 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
               { name: 'Lateral Movement via SMB', type: 'USE CASE', time: '45 mins ago', severity: 'CRITICAL' },
               { name: 'TLS Beaconing Pattern', type: 'SIGNAL', time: '1 hour ago', severity: 'MEDIUM' },
             ].map((alert, idx) => (
-              <div key={idx} className="bg-[#0a0a0b] border border-zinc-800/50 rounded-lg p-3 hover:border-cyan-600/30 transition-all cursor-pointer">
-  <div className="flex items-center justify-between gap-4">
-  <div className="flex items-center gap-3 flex-shrink-0">
-  <div className="text-sm font-bold text-white truncate">
-      {alert.name}
-    </div>
-    <span className="px-2 py-0.5 bg-zinc-800 border border-zinc-700 text-zinc-400 font-bold uppercase rounded text-[10px] whitespace-nowrap">
-        {alert.type}
-      </span>
-
-  </div>
-   
-    <div className="flex items-center gap-3 flex-shrink-0">
-      
-      <span className="text-[10px] text-zinc-500 whitespace-nowrap">
-        {alert.time}
-      </span>
-      <span className={`px-2 py-0.5 font-black text-[10px] uppercase rounded whitespace-nowrap ${
-        alert.severity === 'CRITICAL' ? 'bg-red-600/20 border border-red-600/30 text-red-400' :
-        alert.severity === 'HIGH' ? 'bg-red-600/20 border border-red-600/30 text-red-400' :
-        'bg-amber-600/20 border border-amber-600/30 text-amber-400'
-      }`}>
-        {alert.severity}
-      </span>
-    </div>
-  </div>
-</div>
+              <div key={idx} className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 hover:border-[#00D4AA] transition-all cursor-pointer">
+                <div className="flex items-center justify-between gap-4">
+                  <div className="flex items-center gap-3 flex-shrink-0">
+                    <div className="text-sm font-semibold text-white truncate">
+                      {alert.name}
+                    </div>
+                    <span className="px-2 py-0.5 bg-zinc-900/50 border border-zinc-800 text-zinc-400 font-bold uppercase rounded text-[10px] whitespace-nowrap">
+                      {alert.type}
+                    </span>
+                  </div>
+                  
+                  <div className="flex items-center gap-3 flex-shrink-0">
+                    <span className="text-xs text-zinc-500 font-medium whitespace-nowrap">
+                      {alert.time}
+                    </span>
+                    <span className={`inline-flex px-3 py-1 rounded border text-xs font-bold uppercase whitespace-nowrap ${
+                      alert.severity === 'CRITICAL' ? 'bg-red-500/10 border-red-500/20 text-red-500' :
+                      alert.severity === 'HIGH' ? 'bg-orange-500/10 border-orange-500/20 text-orange-500' :
+                      'bg-yellow-500/10 border-yellow-500/20 text-yellow-500'
+                    }`}>
+                      {alert.severity}
+                    </span>
+                  </div>
+                </div>
+              </div>
             ))}
           </div>
         )}
@@ -373,8 +362,8 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
         {activeTab === 'evidence' && (
           <div className="space-y-4">
             <div className="flex items-center justify-between mb-4">
-              <h3 className="text-sm font-black text-zinc-500 uppercase tracking-widest">Evidence Locker</h3>
-              <button className="bg-emerald-600 hover:bg-emerald-500 text-white px-4 py-2 rounded-lg text-xs font-black uppercase tracking-widest flex items-center gap-2 transition-all">
+              <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Evidence Locker</h3>
+              <button className="bg-[#00D4AA] hover:bg-[#00c399] text-black px-6 py-2 rounded-lg text-xs font-black uppercase tracking-widest transition-all shadow-lg disabled:opacity-50 disabled:cursor-not-allowed flex items-center gap-2">
                 <Plus size={14} />
                 Attach Evidence
               </button>
@@ -385,34 +374,34 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
               { name: 'MGMT-CHQ-K02_Tunnel_Traffic.pcap', type: 'PCAP REF - PENDING ANALYSIS', status: 'pending' },
               { name: 'conn.log Summary (Port 445 Activity)', type: 'LOG EXCERPT - VERIFIED', status: 'verified' },
             ].map((evidence, idx) => (
-              <div key={idx} className="bg-[#0a0a0b] border border-zinc-800/50 rounded-lg p-3 hover:border-cyan-600/30 transition-all">
-  <div className="flex items-center justify-between gap-4">
-    <div className="flex items-center gap-3">
-      <div className="p-2 bg-cyan-900/20 border border-cyan-600/30 rounded-lg flex-shrink-0">
-        <FileText size={16} className="text-emerald-400" />
-      </div>
-      <div>
-        <div className="text-xs font-bold text-white">{evidence.name}</div>
-        <div className="text-[10px] text-zinc-500 uppercase font-bold">{evidence.type}</div>
-      </div>
-    </div>
-    <div className="flex items-center gap-2 flex-shrink-0">
-      <button className="p-1.5 hover:bg-zinc-800 rounded-lg transition-colors">
-        <Eye size={14} className="text-zinc-500" />
-      </button>
-      <button className="p-1.5 hover:bg-zinc-800 rounded-lg transition-colors">
-        <Download size={14} className="text-zinc-500" />
-      </button>
-    </div>
-  </div>
-</div>
+              <div key={idx} className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 hover:border-[#00D4AA] transition-all">
+                <div className="flex items-center justify-between gap-4">
+                  <div className="flex items-center gap-3">
+                    <div className="p-2 bg-[#00D4AA]/10 border border-[#00D4AA]/30 rounded-lg flex-shrink-0">
+                      <FileText size={16} className="text-[#00D4AA]" />
+                    </div>
+                    <div>
+                      <div className="text-sm font-semibold text-white">{evidence.name}</div>
+                      <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight">{evidence.type}</div>
+                    </div>
+                  </div>
+                  <div className="flex items-center gap-2 flex-shrink-0">
+                    <button className="p-1.5 hover:bg-zinc-800 rounded transition-colors">
+                      <Eye size={14} className="text-zinc-500" />
+                    </button>
+                    <button className="p-1.5 hover:bg-zinc-800 rounded transition-colors">
+                      <Download size={14} className="text-zinc-500" />
+                    </button>
+                  </div>
+                </div>
+              </div>
             ))}
           </div>
         )}
 
         {activeTab === 'timeline' && (
           <div className="space-y-6">
-            <div className="relative pl-12 space-y-8 before:absolute before:left-4 before:top-2 before:bottom-2 before:w-[2px] before:bg-zinc-800">
+            <div className="relative pl-12 space-y-3 before:absolute before:left-4 before:top-2 before:bottom-2 before:w-[2px] before:bg-[#1e1e20]">
               {[
                 { time: '16:08:42', label: 'SYSTEM', type: 'system', text: 'Case created via auto-escalation from Signal SIG-8821', color: 'blue' },
                 { time: '16:34:41', label: 'ANALYST', type: 'analyst', text: 'Analyst Alex Rivera assigned to investigation', color: 'purple' },
@@ -421,105 +410,110 @@ const InvestigationDetailPage: React.FC<Props> = ({ id, onBack }) => {
                 { time: '18:05:05', label: 'ANALYST', type: 'analyst', text: 'Evidence item EV-01 (dns.log) attached to case', color: 'purple' },
               ].map((event, idx) => (
                 <div key={idx} className="relative group">
-  <div className={`absolute -left-[44px] top-0.5 w-6 h-6 rounded-full border-2 border-[#0c0c0e] z-10 flex items-center justify-center ${
-    event.color === 'blue' ? 'bg-blue-600' :
-    event.color === 'purple' ? 'bg-purple-600' :
-    'bg-emerald-600'
-  }`}>
-    <div className="w-1.5 h-1.5 rounded-full bg-white"></div>
-  </div>
-  <div className="bg-[#0a0a0b] border border-zinc-800/50 rounded-lg p-3 hover:border-cyan-600/30 transition-all">
-    <div className="flex justify-between items-center gap-3 mb-2">
-      <span className="text-[10px] font-mono text-zinc-500">{event.time}</span>
-      <span className={`text-[9px] font-black uppercase px-1.5 py-0.5 rounded whitespace-nowrap ${
-        event.color === 'blue' ? 'bg-blue-600/20 border border-blue-600/30 text-blue-400' :
-        event.color === 'purple' ? 'bg-purple-600/20 border border-purple-600/30 text-purple-400' :
-        'bg-emerald-600/20 border border-emerald-600/30 text-emerald-400'
-      }`}>
-        {event.label}
-      </span>
-    </div>
-    <p className="text-xs text-white leading-relaxed">{event.text}</p>
-  </div>
-</div>
+                  <div className={`absolute -left-[44px] top-0.5 w-6 h-6 rounded-full border-2 border-black z-10 flex items-center justify-center ${
+                    event.color === 'blue' ? 'bg-blue-500' :
+                    event.color === 'purple' ? 'bg-blue-500' :
+                    'bg-green-500'
+                  }`}>
+                    <div className="w-1.5 h-1.5 rounded-full bg-white"></div>
+                  </div>
+                  <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 hover:border-[#00D4AA] transition-all">
+                    <div className="flex justify-between items-center gap-3 mb-2">
+                      <span className="text-xs  text-zinc-500">{event.time}</span>
+                      <span className={`inline-flex px-2 py-0.5 rounded border text-[10px] font-bold uppercase whitespace-nowrap ${
+                        event.color === 'blue' ? 'bg-blue-500/10 border-blue-500/20 text-blue-500' :
+                        event.color === 'purple' ? 'bg-blue-500/10 border-blue-500/20 text-blue-500' :
+                        'bg-green-500/10 border-green-500/20 text-green-500'
+                      }`}>
+                        {event.label}
+                      </span>
+                    </div>
+                    <p className="text-sm text-white leading-relaxed">{event.text}</p>
+                  </div>
+                </div>
               ))}
             </div>
           </div>
         )}
 
         {activeTab === 'notes' && (
-          <div className="grid grid-cols-1 lg:grid-cols-2 gap-6">
-            
-            {/* Left Column - Analyst Journal */}
-            <div className="space-y-6">
-              <div className="bg-[#0a0a0b] border border-emerald-900/30 rounded-xl overflow-hidden">
-                <div className="px-6 py-4 border-b border-emerald-900/20">
-                  <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Analyst Journal</h3>
-                </div>
-                <div className="p-6 space-y-4">
-                  {[
-                    { author: 'ALEX RIVERA', time: '5 hours ago', initial: 'A', text: '"Confirmed that the destination domain has no business justification. Entropy tests are consistent with tunneling."' },
-                    { author: 'SOC LEAD', time: '48 mins ago', initial: 'S', text: '"High priority. Check if any other hosts in the management subnet have contacted the same external IP."' },
-                  ].map((note, idx) => (
-                    <div key={idx} className="bg-[#0d0d0f] border border-zinc-800/50 rounded-lg p-4">
-                      <div className="flex items-start gap-3 mb-3">
-                        <div className="w-8 h-8 rounded bg-emerald-600 flex items-center justify-center flex-shrink-0">
-                          <span className="text-sm font-black text-white">{note.initial}</span>
-                        </div>
-                        <div className="flex-1">
-                          <div className="flex items-center justify-between mb-1">
-                            <span className="text-xs font-black text-white uppercase">{note.author}</span>
-                            <span className="text-[10px] text-zinc-600">{note.time}</span>
+          <div className="space-y-6">
+            <div className="grid grid-cols-1 lg:grid-cols-2 gap-6">
+              
+              {/* Left Column - Analyst Journal */}
+              <div className="space-y-4">
+                <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
+                  <div className="px-6 py-4 border-b border-[#1e1e20]">
+                    <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Analyst Journal</h3>
+                  </div>
+                  <div className="p-6 space-y-4">
+                    {[
+                      { author: 'ALEX RIVERA', time: '5 hours ago', initial: 'A', text: '"Confirmed that the destination domain has no business justification. Entropy tests are consistent with tunneling."' },
+                      { author: 'SOC LEAD', time: '48 mins ago', initial: 'S', text: '"High priority. Check if any other hosts in the management subnet have contacted the same external IP."' },
+                    ].map((note, idx) => (
+                      <div key={idx} className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4">
+                        <div className="flex items-start gap-3">
+                          <div className="w-8 h-8 rounded bg-[#00D4AA] flex items-center justify-center flex-shrink-0">
+                            <span className="text-sm font-black text-black">{note.initial}</span>
+                          </div>
+                          <div className="flex-1">
+                            <div className="flex items-center justify-between mb-1">
+                              <span className="text-xs font-bold text-white uppercase tracking-tight">{note.author}</span>
+                              <span className="text-xs text-zinc-500 font-medium">{note.time}</span>
+                            </div>
+                            <p className="text-sm text-zinc-400 leading-relaxed">{note.text}</p>
                           </div>
-                          <p className="text-xs text-zinc-400  leading-relaxed">{note.text}</p>
                         </div>
                       </div>
-                    </div>
-                  ))}
+                    ))}
 
-                  <button className="w-full bg-zinc-800 hover:bg-zinc-700 border border-zinc-700 text-zinc-400 px-4 py-3 rounded-lg text-xs font-bold uppercase transition-all text-left">
-                    Add an observation or update analysis...
-                  </button>
+                    <button className="w-full bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all text-left">
+                      Add an observation or update analysis...
+                    </button>
 
-                  <button className="w-full bg-zinc-900 hover:bg-zinc-800 text-zinc-500 px-4 py-2 rounded-lg text-xs font-bold uppercase transition-all">
-                    Add Entry
-                  </button>
+                    <button className="w-full bg-[#00D4AA] hover:bg-[#00c399] text-black px-6 py-2 rounded-lg text-xs font-black uppercase tracking-widest transition-all shadow-lg disabled:opacity-50 disabled:cursor-not-allowed">
+                      Add Entry
+                    </button>
+                  </div>
                 </div>
               </div>
-            </div>
 
-            {/* Right Column - Final Decision */}
-            <div className="space-y-6">
-              <div className="bg-[#0a0a0b] border border-emerald-900/30 rounded-xl overflow-hidden">
-                <div className="px-6 py-4 border-b border-emerald-900/20">
-                  <div className="flex items-center gap-2 text-emerald-400">
-                    <CheckCircle2 size={14} />
-                    <h3 className="text-[10px] font-black uppercase tracking-widest">Final Decision</h3>
-                  </div>
-                </div>
-                <div className="p-6 space-y-4">
-                  <div>
-                    <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-2">Select Verdict</div>
-                    <select className="w-full bg-[#0d0d0f] border border-zinc-800 text-white px-4 py-3 rounded-lg text-sm focus:outline-none focus:border-emerald-600">
-                      <option>True Positive (Malicious)</option>
-                      <option>False Positive</option>
-                      <option>Benign True Positive</option>
-                      <option>Requires Escalation</option>
-                    </select>
+              {/* Right Column - Final Decision */}
+              <div className="space-y-4">
+                <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
+                  <div className="px-6 py-4 border-b border-[#1e1e20]">
+                    <div className="flex items-center gap-2">
+                      <CheckCircle2 size={16} className="text-[#00D4AA]" />
+                      <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Final Decision</h3>
+                    </div>
                   </div>
+                  <div className="p-6 space-y-4">
+                    <div>
+                      <label className="text-xs font-bold text-zinc-500 uppercase tracking-wide block mb-2">
+                        Select Verdict
+                      </label>
+                      <select className="w-full bg-zinc-900/60 backdrop-blur-md border border-white/10 rounded-lg px-4 py-3 text-sm text-zinc-200 outline-none focus:border-[#00D4AA] transition-all disabled:bg-zinc-900 disabled:text-zinc-600">
+                        <option>True Positive (Malicious)</option>
+                        <option>False Positive</option>
+                        <option>Benign True Positive</option>
+                        <option>Requires Escalation</option>
+                      </select>
+                    </div>
 
-                  <div>
-                    <div className="text-[9px] font-black text-zinc-500 uppercase tracking-widest mb-2">Resolution Justification...</div>
-                    <textarea 
-                      className="w-full bg-[#0d0d0f] border border-zinc-800 text-white px-4 py-3 rounded-lg text-sm focus:outline-none focus:border-emerald-600 resize-none"
-                      rows={4}
-                      placeholder="Provide reasoning for the verdict..."
-                    ></textarea>
-                  </div>
+                    <div>
+                      <label className="text-xs font-bold text-zinc-500 uppercase tracking-wide block mb-2">
+                        Resolution Justification
+                      </label>
+                      <textarea 
+                        className="w-full bg-zinc-900/60 backdrop-blur-md border border-white/10 rounded-lg px-4 py-3 text-sm text-zinc-200 outline-none focus:border-[#00D4AA] transition-all placeholder:text-zinc-500 min-h-[120px] resize-y"
+                        placeholder="Provide reasoning for the verdict..."
+                      ></textarea>
+                    </div>
 
-                  <button className="w-full bg-emerald-600 hover:bg-emerald-500 text-white px-6 py-3 rounded-lg text-xs font-black uppercase tracking-widest transition-all">
-                    Submit Final Verdict
-                  </button>
+                    <button className="w-full bg-[#00D4AA] hover:bg-[#00c399] text-black px-6 py-2 rounded-lg text-xs font-black uppercase tracking-widest transition-all shadow-lg disabled:opacity-50 disabled:cursor-not-allowed">
+                      Submit Final Verdict
+                    </button>
+                  </div>
                 </div>
               </div>
             </div>
diff --git a/ui/pages/LogsPage.tsx b/ui/pages/LogsPage.tsx
index c15eac0..2627542 100644
--- a/ui/pages/LogsPage.tsx
+++ b/ui/pages/LogsPage.tsx
@@ -157,9 +157,9 @@ const LogsPage: React.FC<{ defaultView?: 'search' | 'stats' | 'live' }> = ({ def
     <div className="bg-zinc-900 border border-zinc-800 p-6 rounded-xl space-y-4 hover:border-zinc-700 transition-all group shadow-sm">
       <p className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">{label}</p>
       <div className="flex items-end justify-between">
-        <h3 className={`text-xl font-black text-white tracking-tighter ${color}`}>{value}</h3>
+        <h3 className={`text-xl font-black text-white tracking-tighter `}>{value}</h3> 
         {trend && (
-          <div className={`flex items-center gap-1 text-[11px] font-black ${trendGood ? 'text-emerald-500' : 'text-red-500'}`}>
+          <div className={`flex items-center gap-1 text-[11px] font-black `}>
             {trend.startsWith('↑') ? <TrendingUp size={14}/> : <TrendingDown size={14}/>} {trend}
           </div>
         )}
@@ -344,7 +344,7 @@ const LogsPage: React.FC<{ defaultView?: 'search' | 'stats' | 'live' }> = ({ def
                 onClick={() => setSelectedLog(log)}
                 className="hover:bg-zinc-800/50 transition-colors cursor-pointer group"
               >
-                <td className="px-6 py-4 text-[11px] font-mono text-zinc-500">{log.timestamp.split(' ')[1]}</td>
+                <td className="px-6 py-4 text-[11px]  text-zinc-500">{log.timestamp.split(' ')[1]}</td>
                 <td className="px-6 py-4 text-center">
                   <div className={`w-2.5 h-2.5 rounded-full mx-auto ${
                     log.severity === 'critical' ? 'bg-red-500 shadow-[0_0_8px_rgba(239,68,68,0.5)]' : 
@@ -354,13 +354,13 @@ const LogsPage: React.FC<{ defaultView?: 'search' | 'stats' | 'live' }> = ({ def
                 </td>
                 <td className="px-6 py-4">
                   <div className="space-y-0.5">
-                    <p className="text-[11px] font-mono font-bold text-white group-hover:text-[#00D4AA] transition-colors">{log.sourceIP}</p>
+                    <p className="text-[11px]  font-bold text-white group-hover:text-[#00D4AA] transition-colors">{log.sourceIP}</p>
                     {log.sourceAsset && <p className="text-[9px] text-zinc-600 font-bold uppercase tracking-tighter">{log.sourceAsset.hostname}</p>}
                   </div>
                 </td>
                 <td className="px-6 py-4">
                   <div className="space-y-0.5">
-                    <p className="text-[11px] font-mono font-bold text-zinc-400">{log.destIP}</p>
+                    <p className="text-[11px]  font-bold text-zinc-400">{log.destIP}</p>
                     {log.destInfo && <p className="text-[9px] text-zinc-600 font-bold uppercase tracking-tighter flex items-center gap-1.5">{log.destInfo.flag} {log.destInfo.hostname} {log.destInfo.malicious && <AlertTriangle size={10} className="text-red-500"/>}</p>}
                   </div>
                 </td>
@@ -443,7 +443,7 @@ const LogsPage: React.FC<{ defaultView?: 'search' | 'stats' | 'live' }> = ({ def
              </div>
              <div className="space-y-3 pt-4 border-t border-zinc-800">
                 <div className="flex justify-between items-center"><span className="text-[9px] font-bold text-zinc-600 uppercase">Storage Growth Rate</span><span className="text-xs font-black text-white">85GB/Day</span></div>
-                <div className="flex justify-between items-center"><span className="text-[9px] font-bold text-zinc-600 uppercase">Days Until Full</span><span className="text-xs font-black text-orange-500">45 Days ⚠️</span></div>
+                <div className="flex justify-between items-center"><span className="text-[9px] font-bold text-zinc-600 uppercase">Days Until Full</span><span className="text-xs font-black">45 Days ⚠️</span></div>
              </div>
           </div>
 
@@ -502,7 +502,7 @@ const LogsPage: React.FC<{ defaultView?: 'search' | 'stats' | 'live' }> = ({ def
                         <span className="text-zinc-700">{s.value}%</span>
                      </div>
                      <div className="flex items-center gap-3">
-                        <span className="text-[10px] font-mono text-zinc-500">{s.count}</span>
+                        <span className="text-[10px]  text-zinc-500">{s.count}</span>
                         <button className="text-[8px] font-black text-zinc-600 hover:text-[#00D4AA] uppercase opacity-0 group-hover:opacity-100 transition-all">View Logs</button>
                      </div>
                   </div>
@@ -522,7 +522,7 @@ const LogsPage: React.FC<{ defaultView?: 'search' | 'stats' | 'live' }> = ({ def
                    <div key={gen.ip} className="bg-zinc-950 border border-zinc-800 rounded-xl p-5 space-y-4 hover:border-zinc-700 transition-all group">
                       <div className="flex justify-between items-start">
                          <div>
-                            <p className="text-sm font-black text-white font-mono">{gen.ip}</p>
+                            <p className="text-sm font-black text-white ">{gen.ip}</p>
                             <p className="text-[9px] text-zinc-600 font-bold uppercase mt-0.5">{gen.hostname} • {gen.type}</p>
                          </div>
                          <div className="flex flex-col items-end gap-2">
@@ -539,7 +539,7 @@ const LogsPage: React.FC<{ defaultView?: 'search' | 'stats' | 'live' }> = ({ def
                            <div className={`h-full ${gen.anomaly ? 'bg-red-500' : 'bg-blue-500'}`} style={{ width: `${gen.pct * 15}%` }} />
                         </div>
                       </div>
-                      {gen.anomaly && <p className="text-[9px] text-red-400 font-bold uppercase tracking-tighter flex items-center gap-2"><Zap size={10}/> {gen.reason} - Spike +340%</p>}
+                      {gen.anomaly && <p className="text-[9px]  font-bold uppercase tracking-tighter flex items-center gap-2"><Zap size={10}/> {gen.reason} - Spike +340%</p>}
                    </div>
                 ))}
              </div>
@@ -553,7 +553,7 @@ const LogsPage: React.FC<{ defaultView?: 'search' | 'stats' | 'live' }> = ({ def
           <div className="bg-zinc-900 border border-zinc-800 rounded-xl p-8 space-y-6 shadow-xl">
              <div className="flex justify-between items-center">
                 <h3 className="text-[10px] font-black text-zinc-500 uppercase tracking-widest flex items-center gap-2"><CheckCircle2 size={14} className="text-emerald-500" /> Data Quality</h3>
-                <span className="text-xl font-black text-emerald-500 tracking-tighter">97.8%</span>
+                <span className="text-xl font-black  tracking-tighter">97.8%</span>
              </div>
              <div className="space-y-4">
                 {[
@@ -623,34 +623,34 @@ const LogsPage: React.FC<{ defaultView?: 'search' | 'stats' | 'live' }> = ({ def
         
         <div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-4 gap-8">
            <div className="space-y-4">
-              <p className="text-[10px] font-black text-red-500 uppercase tracking-widest flex items-center gap-2"><ShieldAlert size={12}/> Critical Anomalies</p>
+              <p className="text-[10px] font-black  uppercase tracking-widest flex items-center gap-2"><ShieldAlert size={12}/> Critical Anomalies</p>
               <div className="space-y-4">
                  <p className="text-xs text-zinc-400 leading-relaxed"><span className="text-white font-bold uppercase tracking-tight">C2 Traffic detected:</span> Asset 10.0.5.42 log volume increased 340% following unusual DNS entropy peaks.</p>
                  <div className="flex gap-2">
-                    <button className="text-[9px] font-black text-[#00D4AA] uppercase tracking-widest hover:underline">Investigate</button>
+                    <button className="text-[9px] font-black  uppercase tracking-widest hover:underline">Investigate</button>
                     <button className="text-[9px] font-black text-zinc-500 uppercase tracking-widest hover:underline">Dismiss</button>
                  </div>
               </div>
            </div>
            <div className="space-y-4">
-              <p className="text-[10px] font-black text-orange-500 uppercase tracking-widest flex items-center gap-2"><AlertTriangle size={12}/> Pipeline Alerts</p>
+              <p className="text-[10px] font-black  uppercase tracking-widest flex items-center gap-2"><AlertTriangle size={12}/> Pipeline Alerts</p>
               <div className="space-y-4">
                  <p className="text-xs text-zinc-400 leading-relaxed"><span className="text-white font-bold uppercase tracking-tight">Exhaustion Risk:</span> Total telemetry storage will be at capacity in ~45 days based on current growth rate.</p>
-                 <button className="text-[9px] font-black text-[#00D4AA] uppercase tracking-widest hover:underline">Adjust Retention</button>
+                 <button className="text-[9px] font-black  uppercase tracking-widest hover:underline">Adjust Retention</button>
               </div>
            </div>
            <div className="space-y-4">
-              <p className="text-[10px] font-black text-emerald-500 uppercase tracking-widest flex items-center gap-2"><CheckCircle2 size={12}/> Performance Hits</p>
+              <p className="text-[10px] font-black  uppercase tracking-widest flex items-center gap-2"><CheckCircle2 size={12}/> Performance Hits</p>
               <div className="space-y-4">
                  <p className="text-xs text-zinc-400 leading-relaxed"><span className="text-white font-bold uppercase tracking-tight">Latency Optimized:</span> End-to-end pipeline latency improved by 10% following recent cluster reconfiguration.</p>
-                 <button className="text-[9px] font-black text-[#00D4AA] uppercase tracking-widest hover:underline">View Benchmark</button>
+                 <button className="text-[9px] font-black  uppercase tracking-widest hover:underline">View Benchmark</button>
               </div>
            </div>
            <div className="space-y-4">
               <p className="text-[10px] font-black text-zinc-500 uppercase tracking-widest flex items-center gap-2"><Layers size={12}/> Optimization</p>
               <div className="space-y-4">
                  <p className="text-xs text-zinc-400 leading-relaxed"><span className="text-white font-bold uppercase tracking-tight">Rule Tuning:</span> "DNS-TUNNEL-001" is causing 40% of detection latency. Consider regex optimization.</p>
-                 <button className="text-[9px] font-black text-[#00D4AA] uppercase tracking-widest hover:underline">Open Rules</button>
+                 <button className="text-[9px] font-black  uppercase tracking-widest hover:underline">Open Rules</button>
               </div>
            </div>
         </div>
@@ -677,7 +677,7 @@ const LogsPage: React.FC<{ defaultView?: 'search' | 'stats' | 'live' }> = ({ def
              <button className="bg-zinc-950 border border-zinc-800 text-zinc-400 px-4 py-2 rounded-lg text-[10px] font-black uppercase hover:text-white transition-all">Export View</button>
           </div>
         </div>
-        <div className="flex-1 bg-[#0c0c0e] font-mono text-[11px] p-6 overflow-y-auto space-y-2 no-scrollbar">
+        <div className="flex-1 bg-[#0c0c0e]  text-[11px] p-6 overflow-y-auto space-y-2 no-scrollbar">
            {MOCK_LOGS.map((log, i) => (
              <div key={i} className="flex items-center gap-6 py-1 group cursor-pointer hover:bg-white/5 transition-all">
                 <span className="text-zinc-700 w-24">{log.timestamp.split(' ')[1]}</span>
@@ -715,7 +715,7 @@ const LogsPage: React.FC<{ defaultView?: 'search' | 'stats' | 'live' }> = ({ def
           <div className="sticky top-0 bg-zinc-950/95 backdrop-blur-sm border-b border-zinc-800 p-6 flex items-center justify-between z-10">
             <div>
               <h3 className="text-lg font-black text-white uppercase tracking-tight">Log Details</h3>
-              <p className="text-[10px] text-zinc-500 font-mono mt-1">{selectedLog.id}</p>
+              <p className="text-[10px] text-zinc-500  mt-1">{selectedLog.id}</p>
             </div>
             <button 
               onClick={() => setSelectedLog(null)}
@@ -734,11 +734,11 @@ const LogsPage: React.FC<{ defaultView?: 'search' | 'stats' | 'live' }> = ({ def
               <div className="bg-zinc-950 border border-zinc-800 rounded-xl p-4 space-y-3">
   <div className="flex items-center justify-between">
     <p className="text-[10px] font-black text-zinc-600 uppercase tracking-wider">Timestamp (UTC)</p>
-    <p className="text-sm font-mono text-white">{selectedLog.timestamp}</p>
+    <p className="text-sm  text-white">{selectedLog.timestamp}</p>
   </div>
   <div className="flex items-center justify-between">
     <p className="text-[10px] font-black text-zinc-600 uppercase tracking-wider">Internal Log ID</p>
-    <p className="text-sm font-mono text-zinc-400">{selectedLog.id}</p>
+    <p className="text-sm  text-zinc-400">{selectedLog.id}</p>
   </div>
   <div className="flex items-center justify-between">
     <p className="text-[10px] font-black text-zinc-600 uppercase tracking-wider">Global Severity</p>
@@ -784,7 +784,7 @@ const LogsPage: React.FC<{ defaultView?: 'search' | 'stats' | 'live' }> = ({ def
                   {selectedLog.message}
                 </p>
                 {selectedLog.type === 'dns' && (
-                  <div className="p-3 bg-zinc-900 rounded-lg border border-zinc-800 font-mono text-[10px] text-zinc-500 break-all leading-relaxed">
+                  <div className="p-3 bg-zinc-900 rounded-lg border border-zinc-800  text-[10px] text-zinc-500 break-all leading-relaxed">
                     Query: abc123xyz789.evil-domain.com<br/>
                     Response: TXT record with encrypted payload (base64)
                   </div>
@@ -841,7 +841,7 @@ const LogsPage: React.FC<{ defaultView?: 'search' | 'stats' | 'live' }> = ({ def
                 {[1, 2, 3].map(i => (
                   <div key={i} className="text-[10px] text-zinc-500 hover:text-white cursor-pointer transition-colors flex justify-between uppercase tracking-tighter">
                     <span>DNS query to evil.domain</span>
-                    <span className="font-mono text-[9px] text-zinc-700">15:{42 - i}:18</span>
+                    <span className=" text-[9px] text-zinc-700">15:{42 - i}:18</span>
                   </div>
                 ))}
                 <button className="text-[9px] font-black text-[#00D4AA] uppercase tracking-widest hover:underline mt-2">
@@ -910,7 +910,7 @@ const LogsPage: React.FC<{ defaultView?: 'search' | 'stats' | 'live' }> = ({ def
                              <select className="w-24 bg-zinc-950 border border-zinc-800 rounded-xl px-4 py-3 text-xs text-zinc-500 outline-none focus:border-[#00D4AA] appearance-none font-black text-center">
                                 <option>{cond.op}</option>
                              </select>
-                             <input type="text" defaultValue={cond.val} className="flex-[2] bg-zinc-950 border border-zinc-800 rounded-xl px-4 py-3 text-xs text-white outline-none font-mono focus:border-[#00D4AA]" />
+                             <input type="text" defaultValue={cond.val} className="flex-[2] bg-zinc-950 border border-zinc-800 rounded-xl px-4 py-3 text-xs text-white outline-none  focus:border-[#00D4AA]" />
                              <button className="p-3 text-zinc-800 hover:text-red-500 transition-colors"><Trash2 size={16}/></button>
                           </div>
                        ))}
diff --git a/ui/pages/NetworkViewPage.tsx b/ui/pages/NetworkViewPage.tsx
index 56dad0f..dd646c0 100644
--- a/ui/pages/NetworkViewPage.tsx
+++ b/ui/pages/NetworkViewPage.tsx
@@ -1,4 +1,3 @@
-
 import React, { useState, useEffect, useMemo } from 'react';
 import { 
   Network, 
@@ -28,7 +27,6 @@ import {
   ExternalLink,
   ShieldCheck,
   ChevronDown,
-  // Added missing icon imports
   X,
   Monitor
 } from 'lucide-react';
@@ -138,45 +136,55 @@ const NetworkViewPage: React.FC = () => {
   ];
 
   const StatCard = ({ label, value, sub, icon: Icon, color }: any) => (
-    <div className="bg-[#161618] border border-[#1e1e20] p-5 rounded-lg flex items-center gap-4 hover:border-[#333] transition-all group">
-      <div className={`p-3 rounded-xl bg-[#0c0c0e] border border-[#1e1e20] ${color} group-hover:scale-105 transition-transform`}>
-        <Icon size={20} />
-      </div>
-      <div>
-        <p className="text-[10px] font-black text-gray-500 uppercase tracking-widest">{label}</p>
-        <p className="text-xl font-black text-white mt-0.5 tracking-tight">{value}</p>
-        <p className="text-[9px] font-bold text-gray-600 uppercase tracking-tighter mt-1">{sub}</p>
+    <div className="bg-[#161618] border border-[#1e1e20] p-6 rounded-xl shadow-sm space-y-3">
+      <div className="flex items-center gap-4">
+        <div className={`p-3 rounded-xl bg-[#0a0a0b] border border-[#1e1e20] ${color}`}>
+          <Icon size={20} />
+        </div>
+        <div className="flex-1">
+          <p className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">{label}</p>
+          <h3 className="text-xl font-black text-white tracking-tighter mt-1">{value}</h3>
+          <p className="text-[10px] font-bold uppercase tracking-tight text-zinc-500 mt-1">{sub}</p>
+        </div>
       </div>
     </div>
   );
 
   return (
-    <div className="space-y-6 animate-in max-w-[1300px] mx-auto fade-in duration-500 pb-20">
+    <div className="max-w-[1300px] mx-auto pb-48 px-4 space-y-6">
       {/* Page Header */}
       <div className="flex flex-col md:flex-row justify-between items-start md:items-center gap-4">
         <div>
-          <h2 className="text-2xl font-bold text-white uppercase tracking-tight">Network View</h2>
-          <p className="text-[10px] text-gray-500 font-black uppercase tracking-[0.2em]">Real-time Visualization of Topology, Service Usage, and Cross-Segment Flows</p>
+          <h1 className="text-xl font-bold text-white uppercase tracking-tight">Network View</h1>
+          <p className="text-xs text-zinc-500 font-medium mt-1">Real-time Visualization of Topology, Service Usage, and Cross-Segment Flows</p>
         </div>
         <div className="flex items-center gap-3">
-          <div className="flex items-center gap-1 bg-[#161618] border border-[#1e1e20] rounded-lg p-1">
+          <div className="flex items-center gap-1 bg-[#0a0a0b] border border-zinc-800 rounded-lg p-1">
             {(['1h', '6h', '24h', '7d', 'all'] as TimeRange[]).map(r => (
               <button
                 key={r}
                 onClick={() => setTimeRange(r)}
-                className={`px-3 py-1 text-[9px] font-black rounded-md transition-all uppercase tracking-widest ${timeRange === r ? 'bg-[#00D4AA] text-black' : 'text-gray-500 hover:text-white'}`}
+                className={`px-3 py-1.5 text-xs font-bold rounded-md transition-all uppercase tracking-wide ${
+                  timeRange === r 
+                    ? 'bg-[#00D4AA] text-black' 
+                    : 'text-zinc-500 hover:text-zinc-300'
+                }`}
               >
                 {r}
               </button>
             ))}
           </div>
           
-          <div className="flex items-center gap-1 bg-[#161618] border border-[#1e1e20] rounded-lg p-1">
+          <div className="flex items-center gap-1 bg-[#0a0a0b] border border-zinc-800 rounded-lg p-1">
             {(['all', 'critical', 'high'] as RiskFilter[]).map(rf => (
               <button
                 key={rf}
                 onClick={() => setRiskFilter(rf)}
-                className={`px-3 py-1 text-[9px] font-black rounded-md transition-all uppercase tracking-widest ${riskFilter === rf ? 'bg-[#333] text-white' : 'text-gray-500 hover:text-white'}`}
+                className={`px-3 py-1.5 text-xs font-bold rounded-md transition-all uppercase tracking-wide ${
+                  riskFilter === rf 
+                    ? 'bg-zinc-800 text-white' 
+                    : 'text-zinc-500 hover:text-zinc-300'
+                }`}
               >
                 {rf}
               </button>
@@ -185,7 +193,10 @@ const NetworkViewPage: React.FC = () => {
 
           <button 
             onClick={handleRefresh}
-            className={`flex items-center gap-2 bg-[#161618] border border-[#1e1e20] px-4 py-2 rounded-lg text-xs font-black uppercase tracking-widest hover:text-white transition-all ${isRefreshing ? 'opacity-50 cursor-not-allowed' : ''}`}
+            className={`flex items-center gap-2 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 px-4 py-2 rounded-lg text-xs font-medium transition-all ${
+              isRefreshing ? 'opacity-50 cursor-not-allowed' : 'text-zinc-300'
+            }`}
+            disabled={isRefreshing}
           >
             <RefreshCcw size={14} className={isRefreshing ? 'animate-spin text-[#00D4AA]' : ''} /> 
             {isRefreshing ? 'Syncing...' : 'Refresh'}
@@ -194,7 +205,7 @@ const NetworkViewPage: React.FC = () => {
       </div>
 
       {/* Main Tabs Navigation */}
-      <div className="flex flex-wrap gap-1 bg-[#161618] border border-[#1e1e20] p-1 rounded-xl w-max">
+      <div className="flex flex-wrap gap-1 bg-[#0a0a0b] border border-zinc-800 p-1 rounded-xl w-max">
         {tabs.map(tab => (
           <button
             key={tab.id}
@@ -204,8 +215,11 @@ const NetworkViewPage: React.FC = () => {
               setSelectedServiceId(null);
               setSelectedCell(null);
             }}
-            className={`flex items-center gap-2 px-6 py-2.5 rounded-lg text-[10px] font-black uppercase tracking-widest transition-all relative
-              ${activeTab === tab.id ? 'bg-[#00D4AA] text-black' : 'text-gray-400 hover:text-white hover:bg-[#1e1e20]'}`}
+            className={`flex items-center gap-2 px-6 py-2.5 rounded-lg text-xs font-bold uppercase tracking-wide transition-all ${
+              activeTab === tab.id 
+                ? 'bg-[#00D4AA] text-black' 
+                : 'text-zinc-400 hover:text-white hover:bg-zinc-800'
+            }`}
           >
             <tab.icon size={14} />
             {tab.label}
@@ -216,20 +230,26 @@ const NetworkViewPage: React.FC = () => {
       {/* Tab Content Area */}
       <div className="min-h-[650px] relative">
         {isRefreshing && (
-          <div className="absolute inset-0 bg-[#0c0c0e]/60 backdrop-blur-[2px] z-[60] flex flex-col items-center justify-center gap-4 rounded-xl">
-             <div className="w-12 h-12 border-4 border-[#00D4AA] border-t-transparent rounded-full animate-spin" />
-             <p className="text-gray-400 text-xs font-bold uppercase tracking-widest animate-pulse">Syncing Global Network State...</p>
+          <div className="absolute inset-0 bg-black/60 backdrop-blur-sm z-50 flex flex-col items-center justify-center gap-4 rounded-xl">
+             <div className="animate-spin rounded-full border-2 border-zinc-800 border-t-[#00D4AA] w-12 h-12" />
+             <p className="text-zinc-400 text-xs font-bold uppercase tracking-wider animate-pulse">Syncing Global Network State...</p>
           </div>
         )}
 
         {/* --- TOPOLOGY TAB --- */}
         {activeTab === 'topology' && (
           <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden flex flex-col md:flex-row min-h-[650px]">
-            <div className="flex-1 relative bg-[#0c0c0e]">
+            <div className="flex-1 relative bg-[#0a0a0b]">
               <div className="absolute top-4 right-4 flex flex-col gap-2 z-10">
-                <button className="p-2 bg-[#161618] border border-[#333] rounded-lg text-gray-400 hover:text-white"><ZoomIn size={18}/></button>
-                <button className="p-2 bg-[#161618] border border-[#333] rounded-lg text-gray-400 hover:text-white"><ZoomOut size={18}/></button>
-                <button className="p-2 bg-[#161618] border border-[#333] rounded-lg text-gray-400 hover:text-white"><Maximize size={18}/></button>
+                <button className="p-2 bg-[#161618] border border-zinc-800 hover:border-zinc-700 rounded-lg text-zinc-400 hover:text-white transition-all">
+                  <ZoomIn size={18}/>
+                </button>
+                <button className="p-2 bg-[#161618] border border-zinc-800 hover:border-zinc-700 rounded-lg text-zinc-400 hover:text-white transition-all">
+                  <ZoomOut size={18}/>
+                </button>
+                <button className="p-2 bg-[#161618] border border-zinc-800 hover:border-zinc-700 rounded-lg text-zinc-400 hover:text-white transition-all">
+                  <Maximize size={18}/>
+                </button>
               </div>
 
               <div className="absolute inset-0 p-10 flex items-center justify-center">
@@ -238,10 +258,10 @@ const NetworkViewPage: React.FC = () => {
                     onClick={() => setSelectedNodeId('1')}
                     className="absolute top-1/2 left-1/2 -translate-x-1/2 -translate-y-1/2 cursor-pointer group"
                   >
-                    <div className="w-16 h-16 rounded-full bg-[#00D4AA] flex items-center justify-center border-4 border-[#00D4AA33] shadow-[0_0_30px_rgba(0,212,170,0.2)] group-hover:scale-110 transition-transform">
+                    <div className="w-16 h-16 rounded-full bg-[#00D4AA] flex items-center justify-center border-4 border-[#00D4AA]/20 shadow-lg group-hover:scale-110 transition-transform">
                       <Shield size={24} className="text-black" />
                     </div>
-                    <span className="absolute -bottom-6 left-1/2 -translate-x-1/2 text-[9px] font-black text-white whitespace-nowrap uppercase tracking-widest">FW-EDGE-01</span>
+                    <span className="absolute -bottom-6 left-1/2 -translate-x-1/2 text-[10px] font-black text-white whitespace-nowrap uppercase tracking-widest">FW-EDGE-01</span>
                   </div>
 
                   {NODES.filter(n => n.id !== '1').map((node, i) => {
@@ -253,12 +273,14 @@ const NetworkViewPage: React.FC = () => {
                     
                     return (
                       <React.Fragment key={node.id}>
-                        <div className="absolute top-1/2 left-1/2 h-px bg-gradient-to-r from-[#00D4AA44] to-transparent origin-left"
+                        <div className="absolute top-1/2 left-1/2 h-px bg-gradient-to-r from-[#00D4AA]/30 to-transparent origin-left"
                           style={{ width: `${radius}px`, transform: `rotate(${angle}rad)`, opacity: 0.3 }} />
                         <div onClick={() => setSelectedNodeId(node.id)} className="absolute cursor-pointer group"
                           style={{ left: `calc(50% + ${x}px)`, top: `calc(50% + ${y}px)`, transform: 'translate(-50%, -50%)' }}
                         >
-                          <div className={`w-12 h-12 rounded-xl bg-[#161618] border-2 flex items-center justify-center group-hover:scale-110 transition-transform ${selectedNodeId === node.id ? 'border-white shadow-[0_0_15px_rgba(255,255,255,0.2)]' : 'border-[#333]'}`}
+                          <div className={`w-12 h-12 rounded-xl bg-[#161618] border-2 flex items-center justify-center group-hover:scale-110 transition-transform ${
+                            selectedNodeId === node.id ? 'border-white shadow-lg' : 'border-zinc-800'
+                          }`}
                             style={{ borderColor: selectedNodeId === node.id ? '#fff' : riskColor }}
                           >
                             {node.type === 'server' && <Server size={20} style={{ color: riskColor }} />}
@@ -266,7 +288,7 @@ const NetworkViewPage: React.FC = () => {
                             {node.type === 'workstation' && <Activity size={20} style={{ color: riskColor }} />}
                             {node.type === 'external' && <Globe size={20} style={{ color: riskColor }} className="animate-pulse" />}
                           </div>
-                          <span className="absolute -bottom-5 left-1/2 -translate-x-1/2 text-[9px] font-black text-gray-500 whitespace-nowrap uppercase tracking-tighter">{node.name}</span>
+                          <span className="absolute -bottom-5 left-1/2 -translate-x-1/2 text-[10px] font-bold text-zinc-500 whitespace-nowrap uppercase tracking-tight">{node.name}</span>
                         </div>
                       </React.Fragment>
                     );
@@ -274,60 +296,87 @@ const NetworkViewPage: React.FC = () => {
                 </div>
               </div>
 
-              <div className="absolute bottom-6 left-6 bg-[#161618]/80 backdrop-blur-md border border-[#1e1e20] p-4 rounded-xl space-y-3 z-10">
-                 <p className="text-[9px] font-black text-gray-500 uppercase tracking-widest">Topology Legend</p>
+              <div className="absolute bottom-6 left-6 bg-[#161618]/90 backdrop-blur-md border border-[#1e1e20] p-4 rounded-xl space-y-3 z-10">
+                 <p className="text-[10px] font-black text-zinc-500 uppercase tracking-widest">Topology Legend</p>
                  <div className="grid grid-cols-2 gap-x-6 gap-y-2">
-                    <div className="flex items-center gap-2"><div className="w-2 h-2 rounded-full bg-[#e11d48]" /><span className="text-[8px] font-black text-gray-600 uppercase">Critical Risk</span></div>
-                    <div className="flex items-center gap-2"><div className="w-2 h-2 rounded-full bg-[#00D4AA]" /><span className="text-[8px] font-black text-gray-600 uppercase">Low Risk</span></div>
-                    <div className="flex items-center gap-2"><Server size={10} className="text-gray-700"/><span className="text-[8px] font-black text-gray-600 uppercase">Server</span></div>
-                    <div className="flex items-center gap-2"><Activity size={10} className="text-gray-700"/><span className="text-[8px] font-black text-gray-600 uppercase">Endpoint</span></div>
+                    <div className="flex items-center gap-2">
+                      <div className="w-2 h-2 rounded-full bg-red-500" />
+                      <span className="text-xs text-zinc-500 font-medium">Critical Risk</span>
+                    </div>
+                    <div className="flex items-center gap-2">
+                      <div className="w-2 h-2 rounded-full bg-[#00D4AA]" />
+                      <span className="text-xs text-zinc-500 font-medium">Low Risk</span>
+                    </div>
+                    <div className="flex items-center gap-2">
+                      <Server size={10} className="text-zinc-600"/>
+                      <span className="text-xs text-zinc-500 font-medium">Server</span>
+                    </div>
+                    <div className="flex items-center gap-2">
+                      <Activity size={10} className="text-zinc-600"/>
+                      <span className="text-xs text-zinc-500 font-medium">Endpoint</span>
+                    </div>
                  </div>
               </div>
             </div>
 
             <div className="w-full md:w-80 border-l border-[#1e1e20] bg-[#161618] p-6 overflow-y-auto">
               {selectedNode ? (
-                <div className="space-y-6 animate-in slide-in-from-right-4 duration-300">
+                <div className="space-y-6">
                   <div className="flex justify-between items-start">
-                    <h3 className="text-lg font-bold text-white uppercase tracking-tight">{selectedNode.name}</h3>
-                    <button onClick={() => setSelectedNodeId(null)} className="text-gray-500 hover:text-white"><X size={18}/></button>
+                    <h3 className="text-sm font-bold text-white uppercase tracking-wide">{selectedNode.name}</h3>
+                    <button onClick={() => setSelectedNodeId(null)} className="p-1.5 hover:bg-zinc-800 rounded transition-colors text-zinc-500 hover:text-white">
+                      <X size={18}/>
+                    </button>
                   </div>
-                  <div className="p-4 bg-[#0c0c0e] rounded-xl border border-[#1e1e20] space-y-4">
-                    <div><p className="text-[9px] font-black text-gray-600 uppercase tracking-widest">IP Address</p><p className="text-sm font-mono text-white font-bold">{selectedNode.ip}</p></div>
+                  <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 space-y-4">
+                    <div>
+                      <p className="text-xs font-bold text-zinc-500 uppercase tracking-wide">IP Address</p>
+                      <p className="text-xs font-mono text-white mt-1">{selectedNode.ip}</p>
+                    </div>
                     <div>
-                      <p className="text-[9px] font-black text-gray-600 uppercase tracking-widest">Network Risk Score</p>
-                      <div className="flex items-center gap-3 mt-1">
-                        <div className="flex-1 h-1.5 bg-[#1e1e20] rounded-full overflow-hidden">
-                          <div className="h-full" style={{ width: `${selectedNode.risk}%`, backgroundColor: selectedNode.risk > 80 ? '#e11d48' : selectedNode.risk > 40 ? '#f59e0b' : '#00D4AA' }} />
+                      <p className="text-xs font-bold text-zinc-500 uppercase tracking-wide">Network Risk Score</p>
+                      <div className="flex items-center gap-3 mt-2">
+                        <div className="flex-1 h-1.5 bg-zinc-900 rounded-full overflow-hidden">
+                          <div 
+                            className="h-full transition-all" 
+                            style={{ 
+                              width: `${selectedNode.risk}%`, 
+                              backgroundColor: selectedNode.risk > 80 ? '#e11d48' : selectedNode.risk > 40 ? '#f59e0b' : '#00D4AA' 
+                            }} 
+                          />
                         </div>
-                        <span className="text-xs font-black text-white">{selectedNode.risk}/100</span>
+                        <span className="text-sm font-semibold text-white">{selectedNode.risk}/100</span>
                       </div>
                     </div>
                   </div>
                   <div className="space-y-3">
-                    <p className="text-[9px] font-black text-gray-600 uppercase tracking-widest">Contextual Flows</p>
+                    <p className="text-xs font-bold text-zinc-500 uppercase tracking-wide">Contextual Flows</p>
                     <div className="space-y-2">
-                       <div className="p-3 bg-[#0c0c0e] rounded-lg border border-[#1e1e20] text-[9px] text-gray-500 flex justify-between font-black uppercase tracking-widest">
-                          <span>Outbound to External</span>
-                          <span className="text-white">2m ago</span>
+                       <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-3 flex justify-between">
+                          <span className="text-xs text-zinc-400">Outbound to External</span>
+                          <span className="text-xs font-medium text-zinc-500">2m ago</span>
                        </div>
-                       <div className="p-3 bg-[#0c0c0e] rounded-lg border border-[#1e1e20] text-[9px] text-gray-500 flex justify-between font-black uppercase tracking-widest">
-                          <span>RPC Auth Attempt</span>
-                          <span className="text-white">15m ago</span>
+                       <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-3 flex justify-between">
+                          <span className="text-xs text-zinc-400">RPC Auth Attempt</span>
+                          <span className="text-xs font-medium text-zinc-500">15m ago</span>
                        </div>
                     </div>
                   </div>
                   <div className="pt-4 flex gap-2">
-                    <button className="flex-1 py-2 bg-[#00D4AA] text-black text-[10px] font-black rounded-lg uppercase tracking-widest hover:opacity-80">Investigate</button>
-                    <button className="flex-1 py-2 bg-[#1e1e20] text-gray-400 text-[10px] font-black rounded-lg uppercase border border-[#333] hover:text-white tracking-widest">Isolate</button>
+                    <button className="flex-1 bg-[#00D4AA] hover:bg-[#00c399] text-black px-6 py-2 rounded-lg text-xs font-black uppercase tracking-widest transition-all">
+                      Investigate
+                    </button>
+                    <button className="flex-1 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all">
+                      Isolate
+                    </button>
                   </div>
                 </div>
               ) : (
-                <div className="h-full flex flex-col items-center justify-center text-center space-y-4 opacity-40">
-                  <div className="w-12 h-12 rounded-lg border border-dashed border-gray-600 flex items-center justify-center text-gray-600">
+                <div className="h-full flex flex-col items-center justify-center text-center space-y-4 opacity-30">
+                  <div className="w-12 h-12 rounded-lg border border-dashed border-zinc-700 flex items-center justify-center text-zinc-600">
                     <Search size={24} />
                   </div>
-                  <p className="text-[10px] font-black text-gray-600 uppercase tracking-[0.2em]">Select node to analyze</p>
+                  <p className="text-xs text-zinc-500 font-medium">Select node to analyze</p>
                 </div>
               )}
             </div>
@@ -336,71 +385,85 @@ const NetworkViewPage: React.FC = () => {
 
         {/* --- SERVICES TAB --- */}
         {activeTab === 'services' && (
-          <div className="space-y-6 animate-in fade-in duration-300">
+          <div className="space-y-6">
             <div className="grid grid-cols-4 gap-4">
               <StatCard label="TOTAL SERVICES" value="47" sub="Running now" icon={Zap} color="text-[#00D4AA]" />
-              <StatCard label="HIGH RISK" value="3" sub="Needs review" icon={ShieldAlert} color="text-[#e11d48]" />
-              <StatCard label="TOTAL BANDWIDTH" value="12.4 TB" sub="Last 24h" icon={Activity} color="text-blue-400" />
-              <StatCard label="ACTIVE PORTS" value="234" sub="Monitored" icon={Database} color="text-purple-400" />
+              <StatCard label="HIGH RISK" value="3" sub="Needs review" icon={ShieldAlert} color="text-red-500" />
+              <StatCard label="TOTAL BANDWIDTH" value="12.4 TB" sub="Last 24h" icon={Activity} color="text-blue-500" />
+              <StatCard label="ACTIVE PORTS" value="234" sub="Monitored" icon={Database} color="text-zinc-400" />
             </div>
 
             <div className="flex gap-6">
-              <div className={`transition-all duration-300 ${selectedServiceId ? 'flex-1' : 'w-full'} space-y-4`}>
-                <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-6 flex flex-col h-full space-y-6">
+              <div className={`transition-all duration-300 ${selectedServiceId ? 'flex-1' : 'w-full'}`}>
+                <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-6">
                   <div className="flex justify-between items-center">
-                    <h3 className="text-[10px] font-black text-gray-400 uppercase tracking-widest">Active Network Services</h3>
-                    <div className="relative group max-w-xs w-full">
-                      <Search size={14} className="absolute left-3 top-1/2 -translate-y-1/2 text-gray-600 group-focus-within:text-[#00D4AA] transition-colors" />
+                    <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Active Network Services</h3>
+                    <div className="relative max-w-xs w-full">
+                      <Search size={14} className="absolute left-3 top-1/2 -translate-y-1/2 text-zinc-500 pointer-events-none" />
                       <input 
                         type="text" 
                         placeholder="Filter services..." 
-                        className="w-full bg-[#0c0c0e] border border-[#1e1e20] pl-10 pr-4 py-2 rounded-lg text-xs text-white outline-none focus:ring-1 focus:ring-[#00D4AA] transition-all"
+                        className="w-full bg-zinc-900/60 backdrop-blur-md border border-white/10 rounded-lg pl-10 pr-4 py-2 text-sm text-zinc-200 outline-none focus:border-[#00D4AA] transition-all placeholder:text-zinc-500"
                         value={searchQuery}
                         onChange={(e) => setSearchQuery(e.target.value)}
                       />
                     </div>
                   </div>
 
-                  <div className="overflow-x-auto">
-                    <table className="w-full text-left">
-                      <thead className="text-[9px] text-gray-600 font-black uppercase tracking-[0.2em] border-b border-[#1e1e20]">
-                        <tr>
-                          <th className="px-4 py-4">Service</th>
-                          <th className="px-4 py-4">Port / Protocol</th>
-                          <th className="px-4 py-4">Assets</th>
-                          <th className="px-4 py-4">Bandwidth</th>
-                          <th className="px-4 py-4">Risk Profile</th>
-                          <th className="px-4 py-4 text-right">Ops</th>
+                  <div className="bg-[#0a0a0b] border border-zinc-800/50 rounded-lg overflow-hidden">
+                    <table className="w-full">
+                      <thead className="bg-zinc-900/50 border-b border-zinc-800">
+                        <tr className="text-[10px] font-bold text-zinc-500 uppercase tracking-wider">
+                          <th className="px-4 py-3 text-left">Service</th>
+                          <th className="px-4 py-3 text-left">Port / Protocol</th>
+                          <th className="px-4 py-3 text-left">Assets</th>
+                          <th className="px-4 py-3 text-left">Bandwidth</th>
+                          <th className="px-4 py-3 text-left">Risk Profile</th>
+                          <th className="px-4 py-3 text-right">Ops</th>
                         </tr>
                       </thead>
-                      <tbody className="divide-y divide-[#1e1e20]">
+                      <tbody className="divide-y divide-zinc-800/50">
                         {filteredServices.map((service) => (
                           <tr 
                             key={service.id} 
                             onClick={() => setSelectedServiceId(service.id === selectedServiceId ? null : service.id)}
-                            className={`hover:bg-[#1e1e20] transition-colors group cursor-pointer ${selectedServiceId === service.id ? 'bg-[#1e1e20]' : ''}`}
+                            className={`hover:bg-zinc-900/30 transition-colors group cursor-pointer ${
+                              selectedServiceId === service.id ? 'bg-zinc-900/30' : ''
+                            }`}
                           >
-                            <td className="px-4 py-5">
+                            <td className="px-4 py-4">
                               <div className="flex items-center gap-3">
-                                 <div className="p-2 bg-[#0c0c0e] rounded-lg border border-[#1e1e20] text-[#00D4AA] group-hover:bg-[#00D4AA20] transition-all">
+                                 <div className="p-2 bg-[#0a0a0b] rounded-lg border border-[#1e1e20] text-[#00D4AA] group-hover:bg-zinc-800 transition-all">
                                     <Zap size={14} />
                                  </div>
-                                 <span className="text-xs font-bold text-white uppercase tracking-wide group-hover:text-[#00D4AA]">{service.service}</span>
+                                 <span className="text-sm font-semibold text-white uppercase tracking-wide group-hover:text-[#00D4AA] transition-colors">{service.service}</span>
                               </div>
                             </td>
-                            <td className="px-4 py-5 font-mono text-[10px] text-gray-500">{service.port} / {service.protocol}</td>
-                            <td className="px-4 py-5 text-xs text-gray-300 font-bold">{service.assets}</td>
-                            <td className="px-4 py-5 text-xs text-gray-300 font-bold">{service.bandwidth}</td>
-                            <td className="px-4 py-5">
-                              <span className={`px-2 py-0.5 rounded-[4px] text-[8px] font-black uppercase tracking-widest ${
-                                service.risk === 'high' ? 'bg-[#e11d4820] text-[#e11d48]' : 
-                                service.risk === 'medium' ? 'bg-[#f59e0b20] text-[#f59e0b]' : 
-                                'bg-[#00D4AA20] text-[#00D4AA]'
-                              }`}>
-                                {service.risk}
-                              </span>
+                            <td className="px-4 py-4 text-xs text-zinc-500 font-medium">{service.port} / {service.protocol}</td>
+                            <td className="px-4 py-4 text-sm font-semibold text-white">{service.assets}</td>
+                            <td className="px-4 py-4 text-sm font-semibold text-white">{service.bandwidth}</td>
+                            <td className="px-4 py-4">
+                              {service.risk === 'high' && (
+                                <span className="inline-flex px-3 py-1 rounded border bg-red-500/10 border-red-500/20 text-xs font-bold uppercase text-red-500">
+                                  High
+                                </span>
+                              )}
+                              {service.risk === 'medium' && (
+                                <span className="inline-flex px-3 py-1 rounded border bg-yellow-500/10 border-yellow-500/20 text-xs font-bold uppercase text-yellow-500">
+                                  Medium
+                                </span>
+                              )}
+                              {service.risk === 'low' && (
+                                <span className="inline-flex px-3 py-1 rounded border bg-blue-500/10 border-blue-500/20 text-xs font-bold uppercase text-blue-500">
+                                  Low
+                                </span>
+                              )}
+                            </td>
+                            <td className="px-4 py-4 text-right">
+                              <button className="p-1.5 hover:bg-zinc-800 rounded transition-colors">
+                                <MoreVertical size={14} className="text-zinc-600" />
+                              </button>
                             </td>
-                            <td className="px-4 py-5 text-right"><MoreVertical size={14} className="text-gray-700 ml-auto" /></td>
                           </tr>
                         ))}
                       </tbody>
@@ -410,46 +473,54 @@ const NetworkViewPage: React.FC = () => {
               </div>
 
               {selectedService && (
-                <div className="w-96 bg-[#161618] border border-[#1e1e20] rounded-xl p-8 animate-in slide-in-from-right-4 duration-300 shadow-2xl flex flex-col gap-8">
+                <div className="w-96 bg-[#161618] border border-[#1e1e20] rounded-xl p-8 shadow-2xl space-y-6">
                   <div className="flex justify-between items-start">
                     <div>
-                      <h4 className="text-lg font-black text-white uppercase tracking-tight">{selectedService.service} Details</h4>
-                      <p className="text-[10px] font-bold text-gray-500 uppercase mt-1 tracking-widest">Protocol Intelligence Analysis</p>
+                      <h4 className="text-sm font-bold text-white uppercase tracking-wide">{selectedService.service} Details</h4>
+                      <p className="text-xs text-zinc-500 font-medium mt-1">Protocol Intelligence Analysis</p>
                     </div>
-                    <button onClick={() => setSelectedServiceId(null)} className="text-gray-500 hover:text-white transition-colors"><X size={20}/></button>
+                    <button onClick={() => setSelectedServiceId(null)} className="p-1.5 hover:bg-zinc-800 rounded transition-colors text-zinc-500 hover:text-white">
+                      <X size={20}/>
+                    </button>
                   </div>
 
                   <div className="space-y-6">
-                    <div className="p-4 bg-[#0c0c0e] rounded-xl border border-[#1e1e20]">
-                      <p className="text-[9px] font-black text-gray-600 uppercase tracking-widest mb-1">Service Description</p>
-                      <p className="text-xs text-gray-400 leading-relaxed">Encrypted web traffic using {selectedService.protocol} protocol on port {selectedService.port}. Primary entry/exit vector for web assets.</p>
+                    <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4">
+                      <p className="text-xs font-bold text-zinc-500 uppercase tracking-wide mb-2">Service Description</p>
+                      <p className="text-sm text-zinc-400 leading-relaxed">
+                        Encrypted web traffic using {selectedService.protocol} protocol on port {selectedService.port}. Primary entry/exit vector for web assets.
+                      </p>
                     </div>
 
-                    <div className="space-y-4">
-                      <p className="text-[9px] font-black text-[#00D4AA] uppercase tracking-widest">Top Assets Using Service</p>
+                    <div className="space-y-3">
+                      <p className="text-xs font-bold text-zinc-500 uppercase tracking-wide">Top Assets Using Service</p>
                       {[1, 2, 3].map(i => (
-                        <div key={i} className="flex items-center justify-between p-3 bg-[#1e1e20] rounded-lg border border-[#333]">
-                           <span className="text-[10px] font-mono font-bold text-white">10.0.5.{i + 40}</span>
-                           <span className="text-[9px] font-black text-gray-600 uppercase">2.4 GB</span>
+                        <div key={i} className="flex items-center justify-between bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-3">
+                           <span className="text-xs font-mono text-white">10.0.5.{i + 40}</span>
+                           <span className="text-xs text-zinc-500 font-medium">2.4 GB</span>
                         </div>
                       ))}
                     </div>
 
-                    <div className="space-y-4">
-                      <p className="text-[9px] font-black text-[#e11d48] uppercase tracking-widest">Associated Detections</p>
-                      <div className="p-4 bg-[#e11d480a] border border-[#e11d4822] rounded-xl flex items-center gap-3">
-                         <ShieldAlert size={16} className="text-[#e11d48]" />
+                    <div className="space-y-3">
+                      <p className="text-xs font-bold text-zinc-500 uppercase tracking-wide">Associated Detections</p>
+                      <div className="bg-red-500/10 border border-red-500/20 rounded-lg p-4 flex items-center gap-3">
+                         <ShieldAlert size={16} className="text-red-500" />
                          <div>
-                            <p className="text-[10px] font-black text-white uppercase">C2 Beaconing Found</p>
-                            <p className="text-[9px] text-gray-500 mt-0.5">Jan 15, 08:02 PM • HIGH CONF.</p>
+                            <p className="text-xs font-bold text-white uppercase">C2 Beaconing Found</p>
+                            <p className="text-xs text-zinc-500 font-medium mt-0.5">Jan 15, 08:02 PM • HIGH CONF.</p>
                          </div>
                       </div>
                     </div>
                   </div>
 
-                  <div className="mt-auto pt-6 border-t border-[#1e1e20] flex gap-2">
-                    <button className="flex-1 py-3 bg-[#e11d48] text-white text-[10px] font-black rounded-xl uppercase tracking-widest hover:opacity-90">Block Service</button>
-                    <button className="flex-1 py-3 bg-[#1e1e20] border border-[#333] text-gray-300 text-[10px] font-black rounded-xl uppercase tracking-widest hover:text-white">Investigate</button>
+                  <div className="pt-6 border-t border-[#1e1e20] flex gap-2">
+                    <button className="flex-1 bg-red-500/10 border border-red-500/20 hover:bg-red-500/20 text-red-400 px-4 py-2 rounded-lg text-xs font-bold uppercase transition-all">
+                      Block Service
+                    </button>
+                    <button className="flex-1 bg-[#0a0a0b] border border-zinc-800 hover:border-zinc-700 text-zinc-300 px-4 py-2 rounded-lg text-xs font-medium transition-all">
+                      Investigate
+                    </button>
                   </div>
                 </div>
               )}
@@ -459,22 +530,31 @@ const NetworkViewPage: React.FC = () => {
 
         {/* --- TRAFFIC MATRIX TAB --- */}
         {activeTab === 'matrix' && (
-          <div className="space-y-6 animate-in fade-in duration-300">
+          <div className="space-y-6">
             <div className="grid grid-cols-4 gap-4">
               <StatCard label="TOTAL FLOWS" value="2.4M" sub="Last 24h" icon={Activity} color="text-[#00D4AA]" />
-              <StatCard label="ANOMALIES" value="2" sub="Needs attention" icon={ShieldAlert} color="text-[#e11d48]" />
-              <StatCard label="BUSIEST SEGMENT" value="Workstations" sub="7.9K flows" icon={Monitor} color="text-blue-400" />
-              <StatCard label="EXTERNAL TRAFFIC" value="847 GB" sub="Outbound" icon={Globe} color="text-purple-400" />
+              <StatCard label="ANOMALIES" value="2" sub="Needs attention" icon={ShieldAlert} color="text-red-500" />
+              <StatCard label="BUSIEST SEGMENT" value="Workstations" sub="7.9K flows" icon={Monitor} color="text-blue-500" />
+              <StatCard label="EXTERNAL TRAFFIC" value="847 GB" sub="Outbound" icon={Globe} color="text-zinc-400" />
             </div>
 
             <div className="flex gap-6 h-[600px]">
-              <div className="flex-1 bg-[#161618] border border-[#1e1e20] rounded-xl p-8 flex flex-col space-y-8 overflow-hidden">
+              <div className="flex-1 bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-6 overflow-hidden">
                 <div className="flex justify-between items-center">
-                  <h3 className="text-[10px] font-black text-gray-400 uppercase tracking-widest">Cross-Segment Traffic Matrix</h3>
+                  <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Cross-Segment Traffic Matrix</h3>
                   <div className="flex gap-6">
-                    <div className="flex items-center gap-2"><div className="w-2.5 h-2.5 rounded-sm bg-[#00D4AA22]" /><span className="text-[9px] font-black text-gray-600 uppercase">Low</span></div>
-                    <div className="flex items-center gap-2"><div className="w-2.5 h-2.5 rounded-sm bg-[#00D4AA]" /><span className="text-[9px] font-black text-gray-600 uppercase">High</span></div>
-                    <div className="flex items-center gap-2"><div className="w-2.5 h-2.5 rounded-sm bg-[#e11d48] animate-pulse" /><span className="text-[9px] font-black text-[#e11d48] uppercase">Anomaly</span></div>
+                    <div className="flex items-center gap-2">
+                      <div className="w-2.5 h-2.5 rounded-sm bg-[#00D4AA]/20" />
+                      <span className="text-xs text-zinc-500 font-medium">Low</span>
+                    </div>
+                    <div className="flex items-center gap-2">
+                      <div className="w-2.5 h-2.5 rounded-sm bg-[#00D4AA]" />
+                      <span className="text-xs text-zinc-500 font-medium">High</span>
+                    </div>
+                    <div className="flex items-center gap-2">
+                      <div className="w-2.5 h-2.5 rounded-sm bg-red-500 animate-pulse" />
+                      <span className="text-xs font-bold text-red-500 uppercase">Anomaly</span>
+                    </div>
                   </div>
                 </div>
                 
@@ -484,14 +564,14 @@ const NetworkViewPage: React.FC = () => {
                       <tr>
                         <th className="p-4"></th>
                         {SEGMENTS.map(h => (
-                          <th key={h} className="text-[9px] font-black text-gray-500 uppercase tracking-widest p-2">{h}</th>
+                          <th key={h} className="text-[10px] font-bold text-zinc-500 uppercase tracking-wider p-2">{h}</th>
                         ))}
                       </tr>
                     </thead>
                     <tbody>
                       {SEGMENTS.map((row, i) => (
                         <tr key={row}>
-                          <td className="text-[9px] font-black text-gray-500 uppercase tracking-widest text-left p-2 whitespace-nowrap">{row}</td>
+                          <td className="text-[10px] font-bold text-zinc-500 uppercase tracking-wider text-left p-2 whitespace-nowrap">{row}</td>
                           {SEGMENTS.map((col, j) => {
                             const val = (Math.random() * 10).toFixed(1);
                             const isAnomaly = (i === 2 && j === 4) || (i === 1 && j === 0);
@@ -501,8 +581,8 @@ const NetworkViewPage: React.FC = () => {
                               <td 
                                 key={j} 
                                 onClick={() => setSelectedCell({ row: i, col: j })}
-                                className={`p-6 rounded-xl text-xs font-black transition-all hover:scale-105 cursor-pointer relative group
-                                  ${isAnomaly ? 'bg-[#e11d48] text-white shadow-[0_0_15px_rgba(225,29,72,0.4)]' : 'text-gray-300'}
+                                className={`p-6 rounded-xl text-sm font-semibold transition-all hover:scale-105 cursor-pointer relative group
+                                  ${isAnomaly ? 'bg-red-500 text-white shadow-lg' : 'text-white'}
                                   ${isActive ? 'ring-2 ring-white scale-105 z-10' : ''}`}
                                 style={!isAnomaly ? { backgroundColor: `rgba(0, 212, 170, ${intensity * 0.4 + 0.1})` } : {}}
                               >
@@ -520,46 +600,59 @@ const NetworkViewPage: React.FC = () => {
               </div>
 
               {selectedCell && (
-                <div className="w-96 bg-[#161618] border border-[#1e1e20] rounded-xl p-8 animate-in slide-in-from-right-4 duration-300 shadow-2xl space-y-10 overflow-y-auto">
+                <div className="w-96 bg-[#161618] border border-[#1e1e20] rounded-xl p-8 shadow-2xl space-y-6 overflow-y-auto">
                    <div className="flex justify-between items-center">
                       <div>
-                         <h4 className="text-sm font-black text-white uppercase tracking-widest">Flow Detail</h4>
-                         <p className="text-[10px] text-[#00D4AA] font-bold uppercase mt-1">{SEGMENTS[selectedCell.row]} → {SEGMENTS[selectedCell.col]}</p>
+                         <h4 className="text-sm font-bold text-white uppercase tracking-wide">Flow Detail</h4>
+                         <p className="text-xs text-[#00D4AA] font-medium mt-1">{SEGMENTS[selectedCell.row]} → {SEGMENTS[selectedCell.col]}</p>
                       </div>
-                      <button onClick={() => setSelectedCell(null)} className="text-gray-600 hover:text-white transition-colors"><X size={20}/></button>
+                      <button onClick={() => setSelectedCell(null)} className="p-1.5 hover:bg-zinc-800 rounded transition-colors text-zinc-500 hover:text-white">
+                        <X size={20}/>
+                      </button>
                    </div>
 
                    <div className="space-y-6">
-                      <div className="p-5 bg-[#0c0c0e] rounded-lg border border-[#1e1e20] space-y-4">
-                         <div className="flex justify-between items-center"><span className="text-[9px] font-black text-gray-600 uppercase">ACTIVE SESSIONS</span><span className="text-xs font-black text-white">1,423</span></div>
-                         <div className="flex justify-between items-center"><span className="text-[9px] font-black text-gray-600 uppercase">AVG BANDWIDTH</span><span className="text-xs font-black text-white">4.2 Gbps</span></div>
-                         <div className="flex justify-between items-center"><span className="text-[9px] font-black text-gray-600 uppercase">UNIQUE ASSETS</span><span className="text-xs font-black text-white">84</span></div>
+                      <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 space-y-3">
+                         <div className="flex justify-between items-center">
+                           <span className="text-xs font-bold text-zinc-500 uppercase">Active Sessions</span>
+                           <span className="text-sm font-semibold text-white">1,423</span>
+                         </div>
+                         <div className="flex justify-between items-center">
+                           <span className="text-xs font-bold text-zinc-500 uppercase">Avg Bandwidth</span>
+                           <span className="text-sm font-semibold text-white">4.2 Gbps</span>
+                         </div>
+                         <div className="flex justify-between items-center">
+                           <span className="text-xs font-bold text-zinc-500 uppercase">Unique Assets</span>
+                           <span className="text-sm font-semibold text-white">84</span>
+                         </div>
                       </div>
 
                       <div className="space-y-3">
-                         <p className="text-[9px] font-black text-gray-400 uppercase tracking-[0.2em]">Protocol Breakdown</p>
+                         <p className="text-xs font-bold text-zinc-500 uppercase tracking-wide">Protocol Breakdown</p>
                          {['HTTPS (82%)', 'SMB (12%)', 'RDP (4%)', 'Other (2%)'].map(p => (
                             <div key={p} className="flex items-center gap-3">
-                               <div className="h-1 flex-1 bg-[#1e1e20] rounded-full overflow-hidden">
-                                  <div className="h-full bg-[#00D4AA]" style={{ width: p.split('(')[1].replace('%)', '') + '%' }} />
+                               <div className="h-1 flex-1 bg-zinc-900 rounded-full overflow-hidden">
+                                  <div className="h-full bg-[#00D4AA] transition-all" style={{ width: p.split('(')[1].replace('%)', '') + '%' }} />
                                </div>
-                               <span className="text-[9px] font-bold text-gray-500 uppercase">{p}</span>
+                               <span className="text-xs text-zinc-500 font-medium">{p}</span>
                             </div>
                          ))}
                       </div>
 
-                      <div className="pt-6 border-t border-[#1e1e20] space-y-4">
-                         <p className="text-[9px] font-black text-gray-400 uppercase tracking-widest">Recent Connections</p>
+                      <div className="pt-6 border-t border-[#1e1e20] space-y-3">
+                         <p className="text-xs font-bold text-zinc-500 uppercase tracking-wide">Recent Connections</p>
                          {[1, 2, 3].map(i => (
-                            <div key={i} className="p-3 bg-[#1e1e20] rounded-xl border border-[#333] flex justify-between items-center">
-                               <span className="text-[10px] font-mono font-bold text-gray-300">10.0.{i}.42 → 10.0.{i + 2}.1</span>
-                               <span className="text-[8px] font-black text-gray-600 uppercase">2m ago</span>
+                            <div key={i} className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-3 flex justify-between items-center">
+                               <span className="text-xs font-mono text-white">10.0.{i}.42 → 10.0.{i + 2}.1</span>
+                               <span className="text-xs text-zinc-500 font-medium">2m ago</span>
                             </div>
                          ))}
                       </div>
                    </div>
 
-                   <button className="w-full py-3 bg-[#00D4AA] text-black text-[10px] font-black rounded-xl uppercase tracking-widest hover:opacity-80">Download Flow Logs</button>
+                   <button className="w-full bg-[#00D4AA] hover:bg-[#00c399] text-black px-6 py-2 rounded-lg text-xs font-black uppercase tracking-widest transition-all">
+                     Download Flow Logs
+                   </button>
                 </div>
               )}
             </div>
@@ -568,37 +661,39 @@ const NetworkViewPage: React.FC = () => {
 
         {/* --- PROTOCOLS TAB --- */}
         {activeTab === 'protocols' && (
-          <div className="space-y-8 animate-in fade-in duration-300">
+          <div className="space-y-6">
             <div className="grid grid-cols-4 gap-4">
               <StatCard label="TOP PROTOCOL" value="HTTPS (45%)" sub="45% of traffic" icon={Activity} color="text-[#00D4AA]" />
-              <StatCard label="ENCRYPTED" value="78%" sub="TLS/SSL traffic" icon={Lock} color="text-blue-400" />
-              <StatCard label="UNUSUAL DETECTED" value="3" sub="Last 24h" icon={ShieldAlert} color="text-[#e11d48]" />
-              <StatCard label="WEEK CHANGE" value="+12% DNS" sub="vs last week" icon={TrendingUp} color="text-purple-400" />
+              <StatCard label="ENCRYPTED" value="78%" sub="TLS/SSL traffic" icon={Lock} color="text-blue-500" />
+              <StatCard label="UNUSUAL DETECTED" value="3" sub="Last 24h" icon={ShieldAlert} color="text-red-500" />
+              <StatCard label="WEEK CHANGE" value="+12% DNS" sub="vs last week" icon={TrendingUp} color="text-green-500" />
             </div>
 
             <div className="grid grid-cols-3 gap-6">
-               <div className="col-span-2 bg-[#161618] border border-[#1e1e20] rounded-xl p-8 h-[400px] flex flex-col space-y-8">
-                  <h4 className="text-[10px] font-black text-gray-400 uppercase tracking-widest">Protocol Volume (Last 24h)</h4>
-                  <ResponsiveContainer width="100%" height="100%">
-                    <BarChart data={PROTOCOL_STATS}>
-                      <CartesianGrid strokeDasharray="3 3" stroke="#1e1e20" vertical={false} />
-                      <XAxis dataKey="name" axisLine={false} tickLine={false} tick={{fill: '#4b5563', fontSize: 10}} />
-                      <YAxis axisLine={false} tickLine={false} tick={{fill: '#4b5563', fontSize: 10}} />
-                      <Tooltip 
-                         contentStyle={{backgroundColor: '#0c0c0e', border: '1px solid #333', borderRadius: '12px', fontSize: '10px'}}
-                         itemStyle={{color: '#fff'}}
-                      />
-                      <Bar dataKey="value" radius={[4, 4, 0, 0]}>
-                         {PROTOCOL_STATS.map((entry, index) => (
-                           <Cell key={`cell-${index}`} fill={entry.color} />
-                         ))}
-                      </Bar>
-                    </BarChart>
-                  </ResponsiveContainer>
+               <div className="col-span-2 bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-6 h-[400px] flex flex-col">
+                  <h4 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Protocol Volume (Last 24h)</h4>
+                  <div className="flex-1 min-h-0">
+                    <ResponsiveContainer width="100%" height="100%">
+                      <BarChart data={PROTOCOL_STATS}>
+                        <CartesianGrid strokeDasharray="3 3" stroke="#1e1e20" vertical={false} />
+                        <XAxis dataKey="name" axisLine={false} tickLine={false} tick={{fill: '#71717a', fontSize: 10}} />
+                        <YAxis axisLine={false} tickLine={false} tick={{fill: '#71717a', fontSize: 10}} />
+                        <Tooltip 
+                           contentStyle={{backgroundColor: '#0a0a0b', border: '1px solid #27272a', borderRadius: '8px', fontSize: '10px'}}
+                           itemStyle={{color: '#fff'}}
+                        />
+                        <Bar dataKey="value" radius={[4, 4, 0, 0]}>
+                           {PROTOCOL_STATS.map((entry, index) => (
+                             <Cell key={`cell-${index}`} fill={entry.color} />
+                           ))}
+                        </Bar>
+                      </BarChart>
+                    </ResponsiveContainer>
+                  </div>
                </div>
 
-               <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-8 h-[400px] flex flex-col space-y-6">
-                  <h4 className="text-[10px] font-black text-gray-400 uppercase tracking-widest">Global Distribution</h4>
+               <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-6 h-[400px] flex flex-col">
+                  <h4 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Global Distribution</h4>
                   <div className="flex-1 min-h-0">
                     <ResponsiveContainer width="100%" height="100%">
                        <PieChart>
@@ -615,18 +710,18 @@ const NetworkViewPage: React.FC = () => {
                               <Cell key={`cell-${index}`} fill={entry.color} />
                             ))}
                           </Pie>
-                          <Tooltip contentStyle={{backgroundColor: '#0c0c0e', border: '1px solid #333', borderRadius: '12px', fontSize: '10px'}} />
+                          <Tooltip contentStyle={{backgroundColor: '#0a0a0b', border: '1px solid #27272a', borderRadius: '8px', fontSize: '10px'}} />
                        </PieChart>
                     </ResponsiveContainer>
                   </div>
-                  <div className="grid grid-cols-2 gap-4">
+                  <div className="grid grid-cols-2 gap-3">
                      {PROTOCOL_STATS.map((p, i) => (
-                       <div key={i} className="flex justify-between items-center text-[9px] font-black uppercase tracking-tighter">
+                       <div key={i} className="flex justify-between items-center text-xs">
                           <div className="flex items-center gap-2">
                              <div className="w-1.5 h-1.5 rounded-full" style={{backgroundColor: p.color}} />
-                             <span className="text-gray-500">{p.name}</span>
+                             <span className="text-zinc-500 font-medium">{p.name}</span>
                           </div>
-                          <span className="text-white">{(p.value / 100).toFixed(1)}%</span>
+                          <span className="text-white font-semibold">{(p.value / 100).toFixed(1)}%</span>
                        </div>
                      ))}
                   </div>
@@ -634,12 +729,15 @@ const NetworkViewPage: React.FC = () => {
             </div>
 
             <div className="grid grid-cols-1 lg:grid-cols-2 gap-6">
-               <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-10">
+               <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-6">
                   <div className="flex justify-between items-center">
-                    <h4 className="text-[10px] font-black text-gray-400 uppercase tracking-widest">Protocol Trends (Last 7 Days)</h4>
+                    <h4 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Protocol Trends (Last 7 Days)</h4>
                     <div className="flex gap-4">
                        {['HTTPS', 'DNS', 'SMB'].map(p => (
-                          <div key={p} className="flex items-center gap-1.5"><div className="w-1.5 h-1.5 rounded-full" style={{ backgroundColor: PROTOCOL_STATS.find(s=>s.name===p)?.color }} /><span className="text-[8px] font-black text-gray-600 uppercase">{p}</span></div>
+                          <div key={p} className="flex items-center gap-1.5">
+                            <div className="w-1.5 h-1.5 rounded-full" style={{ backgroundColor: PROTOCOL_STATS.find(s=>s.name===p)?.color }} />
+                            <span className="text-xs text-zinc-500 font-medium">{p}</span>
+                          </div>
                        ))}
                     </div>
                   </div>
@@ -647,9 +745,9 @@ const NetworkViewPage: React.FC = () => {
                     <ResponsiveContainer width="100%" height="100%">
                       <LineChart data={PROTOCOL_TRENDS}>
                         <CartesianGrid strokeDasharray="3 3" stroke="#1e1e20" vertical={false} />
-                        <XAxis dataKey="day" axisLine={false} tickLine={false} tick={{fill: '#4b5563', fontSize: 9}} />
-                        <YAxis axisLine={false} tickLine={false} tick={{fill: '#4b5563', fontSize: 9}} />
-                        <Tooltip contentStyle={{backgroundColor: '#0c0c0e', border: '1px solid #333', borderRadius: '12px', fontSize: '10px'}} />
+                        <XAxis dataKey="day" axisLine={false} tickLine={false} tick={{fill: '#71717a', fontSize: 9}} />
+                        <YAxis axisLine={false} tickLine={false} tick={{fill: '#71717a', fontSize: 9}} />
+                        <Tooltip contentStyle={{backgroundColor: '#0a0a0b', border: '1px solid #27272a', borderRadius: '8px', fontSize: '10px'}} />
                         <Line type="monotone" dataKey="HTTPS" stroke="#00D4AA" strokeWidth={2} dot={false} />
                         <Line type="monotone" dataKey="DNS" stroke="#3b82f6" strokeWidth={2} dot={false} />
                         <Line type="monotone" dataKey="SMB" stroke="#f59e0b" strokeWidth={2} dot={false} />
@@ -658,26 +756,34 @@ const NetworkViewPage: React.FC = () => {
                   </div>
                </div>
 
-               <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-8 flex flex-col space-y-6">
-                  <h4 className="text-[10px] font-black text-gray-400 uppercase tracking-widest">Unusual Protocols Detected</h4>
-                  <div className="space-y-4 flex-1">
+               <div className="bg-[#161618] border border-[#1e1e20] rounded-xl p-8 space-y-6">
+                  <h4 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Unusual Protocols Detected</h4>
+                  <div className="space-y-3">
                      {UNUSUAL_PROTOCOLS.map((u, i) => (
-                        <div key={i} className="bg-[#0c0c0e] border border-[#1e1e20] p-4 rounded-lg flex items-center justify-between group hover:border-[#333] transition-all">
+                        <div key={i} className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 flex items-center justify-between group hover:border-zinc-700 transition-all">
                            <div className="flex items-center gap-4">
-                              <div className={`p-2.5 rounded-xl ${u.risk === 'critical' ? 'bg-[#e11d4820] text-[#e11d48]' : u.risk === 'high' ? 'bg-[#f59e0b20] text-[#f59e0b]' : 'bg-[#00D4AA20] text-[#00D4AA]'}`}>
+                              <div className={`p-2.5 rounded-xl ${
+                                u.risk === 'critical' ? 'bg-red-500/10 text-red-500' : 
+                                u.risk === 'high' ? 'bg-orange-500/10 text-orange-500' : 
+                                'bg-yellow-500/10 text-yellow-500'
+                              }`}>
                                  <ShieldAlert size={16} />
                               </div>
                               <div>
-                                 <p className="text-xs font-black text-white uppercase tracking-wide group-hover:text-[#00D4AA] transition-colors">{u.proto}</p>
-                                 <p className="text-[9px] font-bold text-gray-600 uppercase tracking-widest mt-0.5">{u.conns} Connections • {u.firstSeen}</p>
+                                 <p className="text-sm font-semibold text-white uppercase tracking-wide group-hover:text-[#00D4AA] transition-colors">{u.proto}</p>
+                                 <p className="text-xs text-zinc-500 font-medium mt-0.5">{u.conns} Connections • {u.firstSeen}</p>
                               </div>
                            </div>
-                           <button className="p-2 text-gray-700 hover:text-white transition-colors"><MoreVertical size={16}/></button>
+                           <button className="p-1.5 hover:bg-zinc-800 rounded transition-colors">
+                             <MoreVertical size={16} className="text-zinc-600"/>
+                           </button>
                         </div>
                      ))}
                   </div>
                   <div className="pt-4 border-t border-[#1e1e20] text-center">
-                    <button className="text-[10px] font-black text-gray-500 uppercase tracking-widest hover:text-[#00D4AA] transition-colors">View All Unusual Traffic</button>
+                    <button className="text-xs font-medium text-zinc-500 hover:text-[#00D4AA] transition-colors">
+                      View All Unusual Traffic
+                    </button>
                   </div>
                </div>
             </div>
@@ -688,4 +794,4 @@ const NetworkViewPage: React.FC = () => {
   );
 };
 
-export default NetworkViewPage;
+export default NetworkViewPage;
\ No newline at end of file
diff --git a/ui/pages/PlatformHealthPage.tsx b/ui/pages/PlatformHealthPage.tsx
index 9680d78..9221bcd 100644
--- a/ui/pages/PlatformHealthPage.tsx
+++ b/ui/pages/PlatformHealthPage.tsx
@@ -149,7 +149,7 @@ const PlatformHealthPage: React.FC = () => {
                 <h3 className="text-[10px] font-black text-gray-400 uppercase tracking-[0.2em]">Network Sensors Cluster (Zeek)</h3>
                 <span className="text-[9px] font-bold text-[#10b981] bg-[#10b98110] px-2 py-0.5 rounded border border-[#10b98122]">6 NODES ACTIVE</span>
              </div>
-             <table className="w-full text-left text-[11px] font-mono">
+             <table className="w-full text-left text-[11px] ">
                 <thead className="text-[9px] text-gray-600 uppercase tracking-widest bg-[#0c0c0e]/50 border-b border-[#1e1e20]">
                    <tr>
                       <th className="px-6 py-4 font-black">Component</th>
@@ -256,7 +256,7 @@ const PlatformHealthPage: React.FC = () => {
                     ].map(topic => (
                        <div key={topic.name} className="p-4 bg-[#0c0c0e] border border-[#1e1e20] rounded-xl flex items-center justify-between group hover:border-[#333] transition-all">
                           <div>
-                             <p className="text-[10px] font-mono text-gray-500 uppercase font-bold tracking-widest">{topic.name}</p>
+                             <p className="text-[10px]  text-gray-500 uppercase font-bold tracking-widest">{topic.name}</p>
                              <p className="text-[11px] font-black text-white mt-1">{topic.rate} <span className="text-[9px] text-gray-600">INBOUND</span></p>
                           </div>
                           <div className="text-right">
@@ -298,7 +298,7 @@ const PlatformHealthPage: React.FC = () => {
              <div className="p-6 border-b border-[#1e1e20] bg-[#1c1c1e]/30">
                 <h3 className="text-[10px] font-black text-gray-400 uppercase tracking-[0.2em]">Processing Engine (Flink Clusters)</h3>
              </div>
-             <table className="w-full text-left text-[11px] font-mono">
+             <table className="w-full text-left text-[11px] ">
                 <thead className="text-[9px] text-gray-600 uppercase tracking-widest bg-[#0c0c0e]/50 border-b border-[#1e1e20]">
                    <tr>
                       <th className="px-6 py-4 font-black">Job Name</th>
@@ -344,7 +344,7 @@ const PlatformHealthPage: React.FC = () => {
                  <div className="p-6 border-b border-[#1e1e20] bg-[#1c1c1e]/30 flex items-center justify-between">
                     <h3 className="text-[10px] font-black text-gray-400 uppercase tracking-[0.2em]">Detection Performance Breakdown</h3>
                  </div>
-                 <table className="w-full text-left text-[11px] font-mono">
+                 <table className="w-full text-left text-[11px] ">
                     <thead className="text-[9px] text-gray-600 uppercase tracking-widest bg-[#0c0c0e]/50 border-b border-[#1e1e20]">
                        <tr>
                           <th className="px-6 py-4 font-black">Detection Type</th>
diff --git a/ui/pages/SettingsPage.tsx b/ui/pages/SettingsPage.tsx
index 5a144b1..eec70bb 100644
--- a/ui/pages/SettingsPage.tsx
+++ b/ui/pages/SettingsPage.tsx
@@ -105,7 +105,7 @@ const SettingsPage: React.FC<Props> = ({ currentView }) => {
               </div>
               <div className="space-y-1.5">
                 <label className="text-[9px] font-black text-gray-600 uppercase tracking-widest pl-1">Email Address</label>
-                <input type="text" readOnly value="admin@clearflow.security" className="w-full bg-[#161618] border border-[#1e1e20] rounded-xl px-4 py-2.5 text-xs text-gray-500 outline-none cursor-not-allowed font-mono" />
+                <input type="text" readOnly value="admin@clearflow.security" className="w-full bg-[#161618] border border-[#1e1e20] rounded-xl px-4 py-2.5 text-xs text-gray-500 outline-none cursor-not-allowed " />
               </div>
               <div className="grid grid-cols-2 gap-4">
                 <div className="space-y-1.5">
@@ -210,7 +210,7 @@ const SettingsPage: React.FC<Props> = ({ currentView }) => {
 
       <Card title="Active Sessions">
         <div className="overflow-x-auto">
-          <table className="w-full text-left text-[11px] font-mono">
+          <table className="w-full text-left text-[11px] ">
             <thead className="text-[9px] text-gray-600 uppercase tracking-widest bg-[#0c0c0e]/50 border-b border-[#1e1e20]">
               <tr>
                 <th className="px-6 py-4">Device</th>
@@ -492,7 +492,7 @@ const SettingsPage: React.FC<Props> = ({ currentView }) => {
                <div className="h-full bg-[#00D4AA] shadow-[0_0_10px_rgba(0,212,170,0.4)]" style={{ width: '23%' }} />
             </div>
             <div className="grid grid-cols-2 gap-y-4 pt-2">
-               <div><p className="text-[9px] font-black text-gray-700 uppercase mb-0.5">Path</p><p className="text-xs font-bold text-gray-400 font-mono">/data/hot</p></div>
+               <div><p className="text-[9px] font-black text-gray-700 uppercase mb-0.5">Path</p><p className="text-xs font-bold text-gray-400 ">/data/hot</p></div>
                <div><p className="text-[9px] font-black text-gray-700 uppercase mb-0.5">Growth Rate</p><p className="text-xs font-bold text-white">85 GB/day</p></div>
                <div><p className="text-[9px] font-black text-gray-700 uppercase mb-0.5">Days Until Full</p><p className="text-xs font-bold text-[#10b981]">~90 Days</p></div>
                <div><p className="text-[9px] font-black text-gray-700 uppercase mb-0.5">Retention</p><p className="text-xs font-bold text-white">45 Days</p></div>
@@ -514,7 +514,7 @@ const SettingsPage: React.FC<Props> = ({ currentView }) => {
                <div className="h-full bg-blue-500 opacity-60" style={{ width: '65%' }} />
             </div>
             <div className="grid grid-cols-2 gap-y-4 pt-2">
-               <div><p className="text-[9px] font-black text-gray-400 font-mono">ndr-archive</p></div>
+               <div><p className="text-[9px] font-black text-gray-400 ">ndr-archive</p></div>
                <div><p className="text-[9px] font-black text-gray-700 uppercase mb-0.5">Compression</p><p className="text-xs font-bold text-[#10b981]">Parquet (8:1)</p></div>
                <div><p className="text-[9px] font-black text-gray-700 uppercase mb-0.5">Retention</p><p className="text-xs font-bold text-white">365 Days</p></div>
                <div><p className="text-[9px] font-black text-gray-700 uppercase mb-0.5">Retrieval Time</p><p className="text-xs font-bold text-white">2.3s p50</p></div>
@@ -529,7 +529,7 @@ const SettingsPage: React.FC<Props> = ({ currentView }) => {
 
       <Card title="Retention Policies by Log Type" headerAction={<button className="text-[10px] font-black text-[#00D4AA] uppercase tracking-widest hover:underline">+ Add Custom Policy</button>}>
         <div className="overflow-x-auto">
-          <table className="w-full text-left text-[11px] font-mono">
+          <table className="w-full text-left text-[11px] ">
             <thead className="text-[9px] text-gray-600 uppercase tracking-widest bg-[#0c0c0e]/50 border-b border-[#1e1e20]">
               <tr>
                 <th className="px-6 py-4 font-black">Log Type</th>
@@ -623,7 +623,7 @@ const SettingsPage: React.FC<Props> = ({ currentView }) => {
       </div>
 
       <div className="bg-[#161618] border border-[#1e1e20] rounded-lg overflow-hidden shadow-2xl">
-         <table className="w-full text-left text-[11px] font-mono border-collapse">
+         <table className="w-full text-left text-[11px]  border-collapse">
             <thead className="text-[9px] text-gray-600 uppercase tracking-widest bg-[#1c1c1e]/50 border-b border-[#1e1e20]">
                <tr>
                   <th className="px-6 py-4">Timestamp</th>
@@ -734,8 +734,8 @@ const SettingsPage: React.FC<Props> = ({ currentView }) => {
             <div>
               <h4 className="text-sm font-bold text-white uppercase tracking-tight">ClearFlow X Core</h4>
               <div className="flex gap-4 mt-2">
-                <div><p className="text-[8px] font-black text-gray-700 uppercase">Version</p><p className="text-xs font-mono text-[#00D4AA] font-black">v2.4.1</p></div>
-                <div><p className="text-[8px] font-black text-gray-700 uppercase">Build</p><p className="text-xs font-mono text-gray-400 font-bold">847</p></div>
+                <div><p className="text-[8px] font-black text-gray-700 uppercase">Version</p><p className="text-xs  text-[#00D4AA] font-black">v2.4.1</p></div>
+                <div><p className="text-[8px] font-black text-gray-700 uppercase">Build</p><p className="text-xs  text-gray-400 font-bold">847</p></div>
                 <div><p className="text-[8px] font-black text-gray-700 uppercase">Released</p><p className="text-xs text-gray-400 font-bold">2024-01-10</p></div>
               </div>
             </div>
@@ -756,7 +756,7 @@ const SettingsPage: React.FC<Props> = ({ currentView }) => {
                 ].map(comp => (
                   <div key={comp.name} className="flex justify-between items-center p-3 bg-[#0c0c0e] rounded-xl border border-[#1e1e20]">
                     <span className="text-[10px] font-bold text-gray-400 uppercase tracking-tight">• {comp.name}</span>
-                    <span className="text-[9px] font-mono text-gray-600 font-black">{comp.ver}</span>
+                    <span className="text-[9px]  text-gray-600 font-black">{comp.ver}</span>
                   </div>
                 ))}
               </div>
diff --git a/ui/pages/ThreatHuntingPage.tsx b/ui/pages/ThreatHuntingPage.tsx
index 4d943d9..3b6c335 100644
--- a/ui/pages/ThreatHuntingPage.tsx
+++ b/ui/pages/ThreatHuntingPage.tsx
@@ -223,6 +223,7 @@ const MOCK_MATCHES: HuntResult[] = [
 const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detail' | 'results' | 'findings' }> = ({ defaultView = 'history' }) => {
   const [view, setView] = useState<'builder' | 'history' | 'detail' | 'results' | 'findings'>(defaultView);
   const [selectedHunt, setSelectedHunt] = useState<Hunt | null>(null);
+  const [open, setOpen] = useState<boolean>(false);
   
   // Builder State
   const [huntName, setHuntName] = useState('');
@@ -424,7 +425,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
                           : 'hover:bg-zinc-800 border-transparent hover:border-zinc-700'
                       }`}
                     >
-                      <div className="text-[11px] font-bold font-mono text-zinc-300 flex items-center justify-between">
+                      <div className="text-[11px] font-bold  text-zinc-300 flex items-center justify-between">
                         {item.id}
                         {selectedDefaultField === item.id && (
                           <span className="text-blue-400 text-[9px]">→</span>
@@ -459,7 +460,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
                         }}
                         className="p-3 mb-1 rounded-xl hover:bg-zinc-800 cursor-pointer border border-transparent hover:border-blue-700/30 transition-all group"
                       >
-                        <div className="text-[11px] font-bold font-mono text-blue-400">{item.id}</div>
+                        <div className="text-[11px] font-bold  text-blue-400">{item.id}</div>
                         <div className="text-[9px] text-zinc-500 mt-1">{item.desc}</div>
                       </div>
                     ))}
@@ -472,7 +473,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
                         }}
                         className="p-3 rounded-xl hover:bg-blue-600/10 cursor-pointer border border-blue-500/30 hover:border-blue-500/50 transition-all"
                       >
-                        <div className="text-[11px] font-bold font-mono text-zinc-300">
+                        <div className="text-[11px] font-bold  text-zinc-300">
                           Use base field: {selectedDefaultField}
                         </div>
                         <div className="text-[9px] text-zinc-500 mt-1">Select the original field without enrichment</div>
@@ -535,7 +536,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
                           : 'hover:bg-zinc-800 border-transparent hover:border-zinc-700'
                       }`}
                     >
-                      <div className="text-[11px] font-bold font-mono text-zinc-300 flex items-center justify-between">
+                      <div className="text-[11px] font-bold  text-zinc-300 flex items-center justify-between">
                         {item.id}
                         {selectedDefaultField === item.id && (
                           <span className="text-emerald-400 text-[9px]">→</span>
@@ -570,10 +571,10 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
                         }}
                         className="p-3 mb-1 rounded-xl hover:bg-zinc-800 cursor-pointer border border-transparent hover:border-emerald-700/30 transition-all group"
                       >
-                        <div className="text-[11px] font-bold font-mono text-emerald-400">{item.id}</div>
+                        <div className="text-[11px] font-bold  text-emerald-400">{item.id}</div>
                         <div className="text-[9px] text-zinc-500 mt-1">{item.desc}</div>
                         {item.table && (
-                          <div className="text-[8px] text-zinc-600 mt-1 font-mono">Table: {item.table}</div>
+                          <div className="text-[8px] text-zinc-600 mt-1 ">Table: {item.table}</div>
                         )}
                       </div>
                     ))}
@@ -586,7 +587,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
                         }}
                         className="p-3 rounded-xl hover:bg-emerald-600/10 cursor-pointer border border-emerald-500/30 hover:border-emerald-500/50 transition-all"
                       >
-                        <div className="text-[11px] font-bold font-mono text-zinc-300">
+                        <div className="text-[11px] font-bold  text-zinc-300">
                           Use value: {selectedDefaultField}
                         </div>
                         <div className="text-[9px] text-zinc-500 mt-1">Select this common value directly</div>
@@ -654,7 +655,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
           
         </ul>
          
-          <p className="text-xs text-zinc-400 leading-relaxed">
+          {/* <p className="text-xs text-zinc-400 leading-relaxed">
            <span className="text-600">Coverage:</span>  28.4 million events
           </p>
           <h5 className="text-[13px] font-black text-white  tracking-widest ">Why this works:</h5>
@@ -663,7 +664,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
           <li>Honest about data source</li>
           <li>Reads like a mission briefing</li>
           
-        </ul>
+        </ul> */}
           {/* <div className="flex items-center gap-2 text-[10px] text-emerald-400 font-semibold uppercase tracking-widest">
             <ShieldCheck size={12} />
             Coverage: 28.4M events
@@ -673,7 +674,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
         <div className="grid grid-cols-1 lg:grid-cols-3 gap-8">
           <div className="lg:col-span-2 space-y-8">
             {/* IDENTITY & DETECTION LOGIC SECTION */}
-            <section className="bg-zinc-900 border border-zinc-800 rounded-lg p-8 shadow-xl space-y-12">
+            <section className="bg-zinc-900 border border-zinc-800 rounded-lg p-4 shadow-xl space-y-12">
               {/* STAGE 1: Initial Trigger */}
               <div className="space-y-6">
                 <div className="flex items-center justify-between">
@@ -717,7 +718,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
     value={cond.field} 
     onChange={e => updateCondition(logicGroups[0].id, cond.id, { field: e.target.value })} 
     placeholder="id.orig_h"
-    className="w-full bg-zinc-900 border border-zinc-800 rounded-lg pl-3 pr-10 py-3 text-xs font-mono text-zinc-300 outline-none focus:border-blue-500" 
+    className="w-full bg-zinc-900 border border-zinc-800 rounded-lg pl-3 pr-10 py-3 text-xs  text-zinc-300 outline-none focus:border-blue-500" 
   />
   <button
     onClick={() => openFieldModal(logicGroups[0].id, cond.id, 'field')}
@@ -843,7 +844,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
             type="text"
             value={thresholdField}
             onChange={e => setThresholdField(e.target.value)}
-            className="bg-zinc-950 border border-zinc-800 w-24 pl-2 pr-7 py-1.5 rounded-md text-[10px] font-mono text-blue-400 outline-none"
+            className="bg-zinc-950 border border-zinc-800 w-24 pl-2 pr-7 py-1.5 rounded-md text-[10px]  text-blue-400 outline-none"
           />
           <button
             onClick={() => {
@@ -867,7 +868,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
           <input
             type="text"
             defaultValue="destination.ip"
-            className="bg-zinc-950 border border-zinc-800 w-24 pl-2 pr-7 py-1.5 rounded-md text-[10px] font-mono text-purple-400 outline-none"
+            className="bg-zinc-950 border border-zinc-800 w-24 pl-2 pr-7 py-1.5 rounded-md text-[10px]  text-purple-400 outline-none"
           />
           <button
             onClick={() => {
@@ -893,7 +894,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
     {/* Right Section - Global Window & Wait Window Stacked */}
     <div className="flex flex-col gap-2 flex-shrink-0">
       {/* Global Window */}
-      <div className="flex items-center gap-2">
+      {/* <div className="flex items-center gap-2">
         <span className="text-[10px] font-black text-zinc-500 uppercase tracking-widest whitespace-nowrap">
           Global Window
         </span>
@@ -902,7 +903,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
           defaultValue="5m"
           className="bg-zinc-950 border border-zinc-800 w-14 py-1 rounded-md text-[10px] text-center font-bold outline-none"
         />
-      </div>
+      </div> */}
 
       {/* Wait Window */}
       <div className="flex items-center gap-2">
@@ -976,7 +977,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
                                 value={cond.field} 
                                 onChange={e => updateCondition(logicGroups[1].id, cond.id, { field: e.target.value })} 
                                 placeholder="id.orig_h"
-                                className="w-full bg-zinc-900 border border-zinc-800 rounded-lg pl-3 pr-10 py-3 text-xs font-mono text-zinc-300 outline-none focus:border-red-500" 
+                                className="w-full bg-zinc-900 border border-zinc-800 rounded-lg pl-3 pr-10 py-3 text-xs  text-zinc-300 outline-none focus:border-red-500" 
                               />
                               <button
                                 onClick={() => openFieldModal(logicGroups[1].id, cond.id, 'field')}
@@ -1103,7 +1104,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
 
           <div className="space-y-8">
             {/* HUNT IDENTITY SECTION */}
-            <section className="bg-zinc-900 border border-zinc-800 rounded-lg p-8 shadow-xl space-y-6">
+            <section className="bg-zinc-900 border border-zinc-800 rounded-lg p-4 shadow-xl space-y-6">
               <h3 className="text-xs font-black text-white uppercase tracking-widest">Hunt Definition</h3>
               <div className="space-y-5">
                 <div className="space-y-1.5">
@@ -1216,7 +1217,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
               <span className="text-sm text-zinc-400">{hunt.author}</span>
             </div>
             <div className="col-span-2 flex items-center">
-              <span className="text-xs text-zinc-500 font-mono whitespace-nowrap">
+              <span className="text-xs text-zinc-500  whitespace-nowrap">
                 {new Date(hunt.createdAt).toLocaleString('en-US', { 
                   year: 'numeric',
                   month: '2-digit', 
@@ -1271,7 +1272,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
           </div>
         </div>
 
-        <div className="bg-zinc-900 border border-zinc-800 rounded-lg p-8">
+        <div className="">
           <div className="flex items-start justify-between mb-8">
             <div>
               <h1 className="text-2xl font-black text-white mb-2">{selectedHunt.name}</h1>
@@ -1293,9 +1294,9 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
           </div>
 
           {/* CORRELATION FLOW SECTION - UPDATED TO MATCH SCREENSHOT */}
-         <section className="bg-zinc-950 border border-zinc-800 rounded-xl p-8 mb-8">
+         <section className="bg-[#0f0f10] border border-zinc-800 rounded-xl p-6 mb-8">
   {/* Header */}
-  <div className="mb-10">
+  <div className="mb-6">
     <h3 className="text-sm font-bold text-white uppercase tracking-wide mb-2">How this hunt works</h3>
     <p className="text-xs text-zinc-500">
       This hunt looks for an initial suspicious pattern and confirms it by correlating related activity.
@@ -1310,9 +1311,9 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
     <div className="grid lg:grid-cols-2 gap-8 lg:gap-40 relative">
       {/* Stage 1 - DNS.LOG */}
       <div className="relative">
-        <div className="bg-gradient-to-b from-zinc-900/50 to-black/50 border border-zinc-800 rounded-xl p-6 backdrop-blur-sm">
+        <div className="bg-gradient-to-b from-zinc-900/50 to-black/50 border border-zinc-800 rounded-xl p-4 backdrop-blur-sm">
           {/* Step Badge */}
-          <div className="inline-flex items-center gap-2 mb-5">
+          <div className="inline-flex items-center gap-2 mb-2">
             <div className="w-7 h-7 rounded-lg bg-emerald-500/20 border border-emerald-500/40 flex items-center justify-center">
               <span className="text-emerald-400 font-black text-sm">1</span>
             </div>
@@ -1320,19 +1321,19 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
           </div>
           
           {/* Title */}
-          <h4 className="text-base font-bold text-white mb-6 uppercase tracking-tight">
+          <h4 className="text-base font-bold text-white mb-3 uppercase tracking-tight">
             Suspicious DNS activity
           </h4>
 
           {/* Condition */}
-          <div className="mb-4 p-4 bg-black/40 border border-zinc-800/60 rounded-lg">
+          <div className="mb-4 p-3 bg-black/40 border border-zinc-800/60 rounded-lg">
             <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-wider mb-2">
               Condition:
             </div>
-            <div className="font-mono text-xs text-zinc-300">
-              <span className="text-emerald-400">DNS queries</span>
+            <div className=" text-xs text-zinc-300">
+              <span className="">DNS queries</span>
               <span className="text-zinc-500 mx-2">matching</span>
-              <span className="text-pink-400">"*.top"</span>
+              <span className="">"*.top"</span>
             </div>
           </div>
 
@@ -1341,10 +1342,10 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
             <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-wider mb-2">
               Observed when:
             </div>
-            <div className="text-xs text-white font-mono">
-              <span className="font-bold">More than 50 </span> 
+            <div className="text-xs text-white ">
+              <span className="">More than 50 </span> 
               <span className="text-zinc-500 mx-1">queries within </span>
-              <span className="font-bold">5 minutes</span>
+              <span className="">5 minutes</span>
             </div>
           </div>
         </div>
@@ -1362,9 +1363,9 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
       {/* Stage 2 - HTTP.LOG */}
       {selectedHunt.stages.length > 1 && (
         <div className="relative">
-          <div className="bg-gradient-to-b from-zinc-900/50 to-black/50 border border-zinc-800 rounded-xl p-6 backdrop-blur-sm">
+          <div className="bg-gradient-to-b from-zinc-900/50 to-black/50 border border-zinc-800 rounded-xl p-4 backdrop-blur-sm">
             {/* Step Badge */}
-            <div className="inline-flex items-center gap-2 mb-5">
+            <div className="inline-flex items-center gap-2 mb-2">
               <div className="w-7 h-7 rounded-lg bg-emerald-500/20 border border-emerald-500/40 flex items-center justify-center">
                 <span className="text-emerald-400 font-black text-sm">2</span>
               </div>
@@ -1372,19 +1373,19 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
             </div>
             
             {/* Title */}
-            <h4 className="text-base font-bold text-white mb-6 uppercase tracking-tight">
+            <h4 className="text-base font-bold text-white mb-3 uppercase tracking-tight">
               Suspicious outbound HTTP behavior
             </h4>
 
             {/* Condition */}
-            <div className="mb-4 p-4 bg-black/40 border border-zinc-800/60 rounded-lg">
+            <div className="mb-4 p-3 bg-black/40 border border-zinc-800/60 rounded-lg">
               <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-wider mb-2">
                 Condition:
               </div>
-              <div className="font-mono text-xs text-zinc-300">
-                <span className="text-emerald-400">HTTP POST </span>
+              <div className=" text-xs text-zinc-300">
+                <span className="">HTTP POST </span>
                 <span className="text-zinc-500 mx-2">requests</span>
-                <span className="text-pink-400">observed</span>
+                <span className="">observed</span>
               </div>
             </div>
 
@@ -1393,10 +1394,10 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
               <div className="text-[10px] font-bold text-zinc-500 uppercase tracking-wider mb-2">
                 Threshold:
               </div>
-              <div className="text-xs text-white font-mono">
-                <span className="font-bold">More than </span> 
+              <div className="text-xs text-white ">
+                <span className="">More than </span> 
                 <span className="text-zinc-500 mx-1">10 requests </span>
-                <span className="font-bold">within 10 minutes</span>
+                <span className="">within 10 minutes</span>
               </div>
             </div>
           </div>
@@ -1417,9 +1418,9 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
   </div>
 
   {/* Footer - Correlation Info */}
-  <div className="mt-10 pt-6 border-t border-zinc-800">
+  <div className="mt-4 pt-4 border-t border-zinc-800">
     <div className="text-center">
-      <div className="text-xs font-bold text-zinc-500 uppercase tracking-wider mb-2">
+      <div className="text-xs font-bold text-zinc-500 uppercase tracking-wider mb-1">
         How activities are linked
       </div>
       <div className="text-xs text-zinc-600">
@@ -1430,11 +1431,11 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
 </section>
 
           {/* EXECUTION HISTORY */}
-          <section className="bg-zinc-950 border border-zinc-800 rounded-lg p-6">
+          <section className="bg-[#0f0f10] border border-zinc-800 rounded-lg p-6">
             <h3 className="text-sm font-black text-white uppercase tracking-widest mb-4">Hunt Runs</h3>
             
             <div className="space-y-2">
-              <div className="grid grid-cols-12 gap-4 px-4 py-2 text-xs font-bold text-zinc-600 uppercase">
+              <div className="grid grid-cols-12 gap-4  px-4 py-2 text-xs font-bold text-zinc-600 uppercase">
                 <div className="col-span-3">Run Time</div>
                 <div className="col-span-3">Time range</div>
                 <div className="col-span-2">Status</div>
@@ -1442,8 +1443,8 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
                 <div className="col-span-2 text-right">Action</div>
               </div>
               
-              <div className="grid grid-cols-12 gap-4 px-4 py-4 bg-zinc-900 rounded-lg items-center hover:bg-zinc-800/50 transition-colors">
-                <div className="col-span-3 text-sm font-mono text-zinc-400">
+              <div className="grid grid-cols-12 gap-4 px-4 py-4 bg-black rounded-lg items-center hover:bg-zinc-800/50 transition-colors">
+                <div className="col-span-3 text-[13px]  text-zinc-400">
                   {new Date(selectedHunt.createdAt).toLocaleString('en-US', { 
                     month: '2-digit', 
                     day: '2-digit',
@@ -1452,18 +1453,18 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
                     hour12: false 
                   })}
                 </div>
-                <div className="col-span-3 text-sm text-zinc-400">{selectedHunt.timeRange}</div>
+                <div className="col-span-3 text-[13px] text-zinc-400">{selectedHunt.timeRange}</div>
                 <div className="col-span-2">
-                  <span className="px-3 py-1 bg-emerald-500/10 border border-emerald-500/30 text-emerald-400 text-xs font-bold uppercase rounded flex items-center gap-2 w-fit">
+                  <span className="px-3 py-1 bg-emerald-500/10 border border-emerald-500/30 text-emerald-400 text-[13px] font-bold  rounded flex items-center gap-2 w-fit">
                     <div className="w-2 h-2 rounded-full bg-emerald-500" />
                     {selectedHunt.status}
                   </span>
                 </div>
-                <div className="col-span-2 text-lg font-black text-emerald-400">{selectedHunt.matchesFound}</div>
+                <div className="col-span-2 text-[13px] font-black text-emerald-400">{selectedHunt.matchesFound}</div>
                 <div className="col-span-2 text-right">
                   <button 
                     onClick={() => setView('findings')}
-                    className="text-emerald-400 text-xs font-bold uppercase hover:text-emerald-300 transition-colors flex items-center gap-2 ml-auto"
+                    className="text-emerald-400 text-[13px] font-bold  hover:text-emerald-300 transition-colors flex items-center gap-2 ml-auto"
                   >
                     View Matches <ArrowRight size={14} />
                   </button>
@@ -1505,133 +1506,467 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
         </div>
 
         {/* Correlation Key Set Cards */}
-        <div className="space-y-4">
-          {/* First Entity - 10.0.8.115 */}
-          <div className="bg-zinc-900 border border-zinc-800 rounded-2xl py-4 px-8 hover:border-zinc-700 transition-all">
-            <div className="flex items-center justify-between">
-              <div className="space-y-4">
-                <div className="flex items-center gap-8">
-                  <div>
-                    <p className="text-[10px] font-black text-zinc-600 uppercase tracking-widest mb-2">Affected Entity</p>
-                    <div className="flex items-center gap-3">
-                      {/* <span className="px-3 py-1.5 bg-zinc-800 border border-zinc-700 rounded-lg text-[10px] font-black text-zinc-400 uppercase tracking-widest">
-                        Entity Cluster
-                      </span> */}
-                      <span className="text-lg font-black font-mono text-white tracking-tight">Host: 10.0.8.115</span>
-                    </div>
-                    <p className="text-xs text-zinc-600 mt-2 font-mono">UID: 9F3C2A77...</p>
-                  </div>
+        <div className="space-y-3">
+      {/* First Entity - 10.0.8.115 */}
+      {/* <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl py-3 px-6 hover:border-cyan-600/40 transition-all">
+        <div className="flex items-center justify-between">
+          <div className="space-y-3">
+            <div className="flex items-center gap-6">
+              <div>
+                <p className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-1.5">Affected Entity</p>
+                <div className="flex items-center gap-3">
+                  <span className="text-base font-black text-white tracking-tight">Host: 10.0.8.115</span>
+                </div>
+                <p className="text-xs text-zinc-600 mt-1">UID: 9F3C2A77...</p>
+              </div>
 
-                  <div className="h-16 w-px bg-zinc-800" />
+              <div className="h-12 w-px bg-[#1e1e20]" />
 
-                  <div>
-                    <p className="text-[10px] font-black text-zinc-600 uppercase tracking-widest mb-2">Signals Observed</p>
-                    <div className="flex items-center gap-2">
-                      <span className="w-8 h-8 rounded-lg bg-blue-500/10 border border-blue-500/30 text-blue-400 text-xs font-black flex items-center justify-center">
-                        01
-                      </span>
-                      <span className="w-8 h-8 rounded-lg bg-red-500/10 border border-red-500/30 text-red-400 text-xs font-black flex items-center justify-center">
-                        02
-                      </span>
-                    </div>
-                  </div>
+              <div>
+                <p className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-1.5">Signals Observed</p>
+                <div className="flex items-center gap-2">
+                  <span className="w-7 h-7 rounded-lg bg-cyan-900/30 border border-cyan-600/40 text-[#00D4AA] text-xs font-black flex items-center justify-center">
+                    01
+                  </span>
+                  <span className="w-7 h-7 rounded-lg bg-cyan-900/30 border border-cyan-600/40 text-[#00D4AA] text-xs font-black flex items-center justify-center">
+                    02
+                  </span>
+                </div>
+              </div>
 
-                  <div className="h-16 w-px bg-zinc-800" />
+              <div className="h-12 w-px bg-[#1e1e20]" />
 
-                  <div>
-                    <p className="text-[10px] font-black text-zinc-600 uppercase tracking-widest mb-2">Observed Activity Window</p>
-                    <div className=" flex items-center gap-2">
-                      <p className="text-xs font-mono text-zinc-400">
-                        <span className="text-emerald-400 font-black">08:02</span> → <span className="text-red-400 font-black">08:34</span>
-                      </p>
-                      <p className="text-[10px] pt-1 text-zinc-600 uppercase font-black">(32 minutes)</p>
-                    </div>
-                  </div>
+              <div>
+                <p className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-1.5">Observed Activity Window</p>
+                <div className="flex items-center gap-2">
+                  <p className="text-xs text-zinc-400">
+                    <span className=" font-black text-white">08:02</span> → <span className="text-white font-black">08:34</span>
+                  </p>
+                  <p className="text-[10px] pt-1 text-zinc-600 uppercase font-black">(32 minutes)</p>
+                </div>
+              </div>
 
-                  <div className="h-16 w-px bg-zinc-800" />
+              <div className="h-12 w-px bg-[#1e1e20]" />
 
-                  <div>
-                    <p className="text-[10px] font-black text-zinc-600 uppercase tracking-widest mb-2">Finding Confidence</p>
-                    <div className="flex items-baseline gap-2">
-                      <span className="text-lg font-black text-red-500">HIGH</span>
-                    </div>
-                  </div>
+              <div>
+                <p className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-1.5">Finding Confidence</p>
+                <div className="flex items-baseline gap-2">
+                  <span className="text-base font-black text-white">HIGH</span>
                 </div>
               </div>
+            </div>
+          </div>
 
-              <button 
-                onClick={() => setView('results')}
-                className="bg-emerald-500 hover:bg-emerald-400 text-black px-4 py-2 rounded-xl text-[12px] font-black uppercase tracking-wider transition-all"
-              >
-                View Finding
-              </button>
+          <button 
+            onClick={() => setView('results')}
+            className="bg-[#00D4AA] hover:bg-[#00c399] text-black px-6 py-2 rounded-lg text-xs font-black uppercase tracking-widest transition-all"
+          >
+            View Finding
+          </button>
+        </div>
+      </div> */}
+
+      {/* Second Entity - 10.0.12.88 */}
+      <div className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl py-3 px-6 hover:border-cyan-600/40 transition-all">
+        <div className="flex items-center justify-between">
+          <div className="space-y-3">
+            <div className="flex items-center gap-6">
+              <div>
+                <p className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-1.5">Affected Entity</p>
+                <div className="flex items-center gap-3">
+                  <span className="text-base font-black text-white tracking-tight">Host: 10.0.12.88</span>
+                </div>
+                <p className="text-xs text-zinc-600 mt-1">UID: 7A4B9E12...</p>
+              </div>
+
+              <div className="h-12 w-px bg-[#1e1e20]" />
+
+              <div>
+                <p className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-1.5">Signals Observed</p>
+                <div className="flex items-center gap-2">
+                  <span className="w-7 h-7 rounded-lg bg-cyan-900/30 border border-cyan-600/40 text-[#00D4AA] text-xs font-black flex items-center justify-center">
+                    01
+                  </span>
+                  <span className="w-7 h-7 rounded-lg bg-cyan-900/30 border border-cyan-600/40 text-[#00D4AA] text-xs font-black flex items-center justify-center">
+                    02
+                  </span>
+                </div>
+              </div>
+
+              <div className="h-12 w-px bg-[#1e1e20]" />
+
+              <div>
+                <p className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-1.5">Observed Activity Window</p>
+                <div className="flex items-center gap-2">
+                  <p className="text-xs text-zinc-400">
+                    <span className="text-white font-black">09:15</span> → <span className="text-white font-black">09:42</span>
+                  </p>
+                  <p className="text-[10px] pt-1 text-zinc-600 uppercase font-black">(27 minutes)</p>
+                </div>
+              </div>
+
+              <div className="h-12 w-px bg-[#1e1e20]" />
+
+              <div>
+                <p className="text-[10px] font-black text-zinc-500 uppercase tracking-widest mb-1.5">Finding Confidence</p>
+                <div className="flex items-baseline gap-2">
+                  <span className="text-base font-black text-white">MEDIUM</span>
+                </div>
+              </div>
             </div>
           </div>
 
-          {/* Second Entity - 10.0.12.88 */}
-          <div className="bg-zinc-900 border border-zinc-800 rounded-2xl py-4 px-8 hover:border-zinc-700 transition-all">
-            <div className="flex items-center justify-between">
-              <div className="space-y-4">
-                <div className="flex items-center gap-8">
-                  <div>
-                    <p className="text-[10px] font-black text-zinc-600 uppercase tracking-widest mb-2">Affected Entity</p>
-                    <div className="flex items-center gap-3">
-                      {/* <span className="px-3 py-1.5 bg-zinc-800 border border-zinc-700 rounded-lg text-[10px] font-black text-zinc-400 uppercase tracking-widest">
-                        Entity Cluster
-                      </span> */}
-                      <span className="text-lg font-black font-mono text-white tracking-tight">Host: 10.0.8.115</span>
-                    </div>
-                    <p className="text-xs text-zinc-600 mt-2 font-mono">UID: 7A4B9E12...</p>
-                  </div>
+          {/* <button 
+            onClick={() => setView('results')}
+            className="bg-[#00D4AA] hover:bg-[#00c399] text-black px-6 py-2 rounded-lg text-xs font-black uppercase tracking-widest transition-all"
+          >
+            View Finding
+          </button> */}
+           <button  onClick={() => setOpen(prev => !prev)}
+            
+            className="bg-[#00D4AA] hover:bg-[#00c399] text-black px-6 py-2 rounded-lg text-xs font-black uppercase tracking-widest transition-all"
+          >
+           {open ? "Hide Finding" : "View Finding"}
+          </button>
+          
+        </div>
+        {open && (  <div className="animate-in fade-in duration-500 space-y-8 mt-4">
+      {/* Header */}
+      {/* <div className="flex items-center gap-4">
+        <button 
+          onClick={() => setView('findings')} 
+          className="p-3 bg-zinc-900 border border-zinc-800 rounded-lg text-zinc-500 hover:text-white transition-all"
+        >
+          <ArrowLeft size={20}/>
+        </button>
+        <div className="flex-1">
+          <div className="flex items-center gap-4 mb-2">
+            <h1 className="text-2xl font-black text-white">{selectedHunt.name}</h1>
+            <span className="px-3 py-1 bg-blue-500/10 border border-blue-500/30 text-blue-400 text-xs font-bold uppercase rounded">
+              ZEEK ANALYZED
+            </span>
+          </div>
+          <div className="flex items-center gap-4 text-sm text-zinc-500">
+            <span className="">HUNT ID: {selectedHunt.id}</span>
+            <span>•</span>
+            <span>Executed 2 hours ago</span>
+            <span>•</span>
+            <div className="flex items-center gap-2">
+              <div className="w-2 h-2 rounded-full bg-emerald-500" />
+              <span>Network.Live</span>
+            </div>
+          </div>
+        </div>
+        <div className="flex items-center gap-3">
+          <button className="px-4 py-2 bg-zinc-900 border border-zinc-800 rounded-lg text-sm font-bold text-zinc-300 hover:bg-zinc-800 transition-all">
+            Last 24 Hours
+          </button>
+          <button className="px-4 py-2 bg-emerald-500 text-black rounded-lg text-sm font-bold hover:bg-emerald-400 transition-all">
+            Actions
+          </button>
+        </div>
+      </div> */}
+
+        <div className="grid grid-cols-1 lg:grid-cols-3 gap-4">
+      {/* Left Column - Main Content */}
+      <div className="lg:col-span-2 space-y-4">
+        {/* Hunt Definition */}
+        <section className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl p-4">
+          <div className="flex items-center gap-2 mb-3">
+            <FileText size={16} className="text-[#00D4AA]" />
+            <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Hunt Definition</h3>
+          </div>
+          <p className="text-sm text-zinc-300 leading-relaxed mb-4">
+            {selectedHunt.hypothesis}
+          </p>
 
-                  <div className="h-16 w-px bg-zinc-800" />
+          <div className="grid grid-cols-2 gap-3">
+            {/* Signal 1: DNS Activity */}
+            <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+              <div className="flex items-center justify-between mb-2">
+                <span className="text-xs font-black text-[#00D4AA] uppercase tracking-widest">Signal 1: DNS Activity</span>
+                <span className="px-2 py-0.5 bg-cyan-900/30 border border-cyan-600/40 text-[#00D4AA] text-[10px] font-bold uppercase rounded">
+                  Active
+                </span>
+              </div>
+              <div className="space-y-1.5">
+                <div className="flex items-center justify-between">
+                  <span className="text-[10px] text-zinc-500 font-bold uppercase">Field:</span>
+                  <span className="text-xs text-zinc-300">query</span>
+                </div>
+                <div className="flex items-center justify-between">
+                  <span className="text-[10px] text-zinc-500 font-bold uppercase">Match:</span>
+                  <span className="text-xs text-[#00D4AA]">*.top</span>
+                </div>
+                <div className="mt-2 pt-2 border-t border-[#1e1e20]">
+                  <span className="text-[10px] text-zinc-500 font-bold uppercase block mb-1">Threshold:</span>
+                  <span className="text-xs text-zinc-300">More than 50 events within 5 minutes</span>
+                </div>
+              </div>
+            </div>
 
-                  <div>
-                    <p className="text-[10px] font-black text-zinc-600 uppercase tracking-widest mb-2">Signals Observed</p>
-                    <div className="flex items-center gap-2">
-                      <span className="w-8 h-8 rounded-lg bg-blue-500/10 border border-blue-500/30 text-blue-400 text-xs font-black flex items-center justify-center">
-                        01
-                      </span>
-                      <span className="w-8 h-8 rounded-lg bg-red-500/10 border border-red-500/30 text-red-400 text-xs font-black flex items-center justify-center">
-                        02
-                      </span>
-                    </div>
-                  </div>
+            {/* Signal 2: HTTP Activity */}
+            <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+              <div className="flex items-center justify-between mb-2">
+                <span className="text-xs font-black text-white uppercase tracking-widest">Signal 2: HTTP Activity</span>
+                <span className="px-2 py-0.5 bg-zinc-700/50 border border-zinc-600/40 text-zinc-300 text-[10px] font-bold uppercase rounded">
+                  Active
+                </span>
+              </div>
+              <div className="space-y-1.5">
+                <div className="flex items-center justify-between">
+                  <span className="text-[10px] text-zinc-500 font-bold uppercase">Field:</span>
+                  <span className="text-xs text-zinc-300">method</span>
+                </div>
+                <div className="flex items-center justify-between">
+                  <span className="text-[10px] text-zinc-500 font-bold uppercase">Value:</span>
+                  <span className="text-xs text-white">POST</span>
+                </div>
+                <div className="mt-2 pt-2 border-t border-[#1e1e20]">
+                  <span className="text-[10px] text-zinc-500 font-bold uppercase block mb-1">Threshold:</span>
+                  <span className="text-xs text-zinc-300">More than 10 events within 10 minutes</span>
+                </div>
+              </div>
+            </div>
+          </div>
 
-                  <div className="h-16 w-px bg-zinc-800" />
+          {/* Correlation Info */}
+          <div className="mt-3 pt-3 border-t border-[#1e1e20] flex items-center gap-2">
+            <Link size={14} className="text-[#00D4AA]" />
+            <span className="text-xs text-zinc-500 font-bold">Signals correlated by</span>
+            <span className="text-xs text-[#00D4AA]">Source Host</span>
+            <div className="ml-auto flex items-center gap-2 text-xs text-zinc-600">
+              <span>Global Window:</span>
+              <span className="font-bold text-zinc-400">5 Minutes</span>
+            </div>
+          </div>
+        </section>
 
-                  <div>
-                    <p className="text-[10px] font-black text-zinc-600 uppercase tracking-widest mb-2">Observed Activity Window</p>
-                    <div className="flex items-center gap-2">
-                      <p className="text-xs font-mono text-zinc-400">
-                        <span className="text-emerald-400 font-black">09:15</span> → <span className="text-red-400 font-black">09:42</span>
-                      </p>
-                      <p className="text-[10px] pt-1 text-zinc-600 uppercase font-black">(27 minutes)</p>
-                     
-                    </div>
-                  </div>
+        {/* Signals Observed */}
+        <section className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl p-4">
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-3">Signals Observed</h3>
+          
+          <div className="space-y-2">
+            <div className="grid grid-cols-3 gap-4 px-3 py-2 text-[10px] font-bold text-zinc-500 uppercase tracking-wider">
+              <div>Signal Name</div>
+              <div>Matches</div>
+              <div>Execution Window</div>
+            </div>
 
-                  <div className="h-16 w-px bg-zinc-800" />
+            <div className="grid grid-cols-3 gap-4 px-3 py-2.5 bg-zinc-900/30 border border-[#1e1e20] rounded-lg items-center">
+              <div className="text-sm font-bold text-white">DNS Activity</div>
+              <div className="text-sm font-bold text-[#00D4AA]">5 matches</div>
+              <div className="text-xs text-zinc-500">13:48 - 13:55</div>
+            </div>
 
-                  <div>
-                    <p className="text-[10px] font-black text-zinc-600 uppercase tracking-widest mb-2">Finding Confidence</p>
-                    <div className="flex items-baseline gap-2">
-                      <span className="text-lg font-black text-yellow-500">MEDIUM</span>
-                    </div>
-                  </div>
+            <div className="grid grid-cols-3 gap-4 px-3 py-2.5 bg-zinc-900/30 border border-[#1e1e20] rounded-lg items-center">
+              <div className="text-sm font-bold text-white">HTTP Activity</div>
+              <div className="text-sm font-bold text-zinc-400">2 matches</div>
+              <div className="text-xs text-zinc-500">13:48 - 14:00</div>
+            </div>
+          </div>
+        </section>
+
+        {/* Observed Activity Timeline */}
+        <section className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl p-4">
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-4">Observed Activity Timeline</h3>
+          
+          <div className="space-y-3 relative pl-8">
+            {/* Timeline line */}
+            <div className="absolute left-[11px] top-3 bottom-3 w-0.5 bg-[#1e1e20]" />
+
+            {/* Timeline Event 1 */}
+            <div className="relative">
+              <div className="absolute left-[-30px] top-1 w-5 h-5 rounded-full bg-[#00D4AA] border-4 border-[#0f0f10] z-10" />
+              <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+                <div className="flex items-center justify-between mb-1.5">
+                  <span className="text-sm font-bold text-white">13:48 DNS Signal Matched</span>
+                  <span className="text-xs text-zinc-500">13:48</span>
                 </div>
+                <p className="text-xs text-zinc-400">
+                  Initial high-entropy query threshold reached from <span className="text-[#00D4AA]">192.168.1.45</span>.
+                </p>
               </div>
+            </div>
 
-              <button 
-                onClick={() => setView('results')}
-                className="bg-emerald-500 hover:bg-emerald-400 text-black px-4 py-2 rounded-xl text-[12px] font-black uppercase tracking-wider transition-all"
-              >
-                View Finding
-              </button>
+            {/* Timeline Event 2 */}
+            <div className="relative">
+              <div className="absolute left-[-30px] top-1 w-5 h-5 rounded-full bg-[#00D4AA] border-4 border-[#0f0f10] z-10" />
+              <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+                <div className="flex items-center justify-between mb-1.5">
+                  <span className="text-sm font-bold text-white">13:46 DNS Signal Repeated</span>
+                  <span className="text-xs text-zinc-500">13:46</span>
+                </div>
+                <p className="text-xs text-zinc-400">
+                  Subsequent queries to domain <span className="text-[#00D4AA]">update.srv-log</span> identified.
+                </p>
+              </div>
+            </div>
+
+            {/* Timeline Event 3 */}
+            <div className="relative">
+              <div className="absolute left-[-30px] top-1 w-5 h-5 rounded-full bg-zinc-500 border-4 border-[#0f0f10] z-10" />
+              <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+                <div className="flex items-center justify-between mb-1.5">
+                  <span className="text-sm font-bold text-white">13:48 HTTP Signal Matched</span>
+                  <span className="text-xs text-zinc-500">13:48</span>
+                </div>
+                <p className="text-xs text-zinc-400">
+                  Outbound POST request detected, initiating correlation sequence.
+                </p>
+              </div>
+            </div>
+
+            {/* Timeline Event 4 */}
+            <div className="relative">
+              <div className="absolute left-[-30px] top-1 w-5 h-5 rounded-full bg-white border-4 border-[#0f0f10] z-10" />
+              <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+                <div className="flex items-center justify-between mb-1.5">
+                  <span className="text-sm font-bold text-white">14:00 Correlation Window Completed</span>
+                  <span className="text-xs text-zinc-500">14:00</span>
+                </div>
+                <p className="text-xs text-zinc-400">
+                  Final execution facts summarized. Correlation confirmed across <span className="font-bold text-white">7 specific</span> matches.
+                </p>
+              </div>
+            </div>
+          </div>
+        </section>
+      </div>
+
+      {/* Right Column - Sidebar */}
+      <div className="space-y-4">
+        {/* Entities Involved */}
+        <section className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl p-4">
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-3">Entities Involved</h3>
+          
+          <div className="space-y-2">
+            {/* Primary Entity */}
+            <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+              <div className="flex items-center gap-2 mb-1.5">
+                <Monitor size={14} className="text-zinc-400" />
+                <span className="text-base font-black text-white">192.168.1.45</span>
+              </div>
+              <div className="flex items-center gap-2 mb-2">
+                <span className="text-[10px] text-zinc-500 uppercase font-bold">Source System: WS-FRAN</span>
+              </div>
+              <span className="px-2 py-0.5 bg-cyan-900/30 border border-cyan-600/40 text-[#00D4AA] text-[9px] font-bold uppercase rounded">
+                Critical Asset
+              </span>
+            </div>
+
+            {/* Secondary Entity */}
+            <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+              <div className="flex items-center gap-2 mb-1">
+                <User size={14} className="text-zinc-400" />
+                <span className="text-sm font-bold text-white">FVLAN</span>
+              </div>
+              <div className="text-[10px] text-zinc-500 uppercase font-bold">
+                Network System Involved
+              </div>
+            </div>
+
+            {/* Destinations */}
+            <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+              <div className="flex items-center gap-2 mb-1">
+                <Globe size={14} className="text-zinc-400" />
+                <span className="text-sm font-bold text-white">3 Destinations</span>
+              </div>
+              <div className="text-[10px] text-zinc-500 uppercase font-bold">
+                Countries Entities Contacted
+              </div>
+            </div>
+          </div>
+        </section>
+
+        {/* Hunt Results Summary - Compact */}
+        <section className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl p-4">
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-3">Hunt Results Summary</h3>
+          
+          <div className="space-y-3">
+            {/* Compact Grid Layout */}
+            <div className="grid grid-cols-2 gap-3">
+              {/* Correlated Matches */}
+              <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3 text-center">
+                <div className="text-2xl font-black text-[#00D4AA] mb-1">{selectedHunt.matchesFound}</div>
+                <div className="text-[9px] text-zinc-500 uppercase font-bold tracking-widest">Matches</div>
+              </div>
+
+              {/* Total Activity */}
+              <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3 text-center">
+                <div className="text-2xl font-black text-white mb-1">32m</div>
+                <div className="text-[9px] text-zinc-500 uppercase font-bold tracking-widest">Time Span</div>
+              </div>
+            </div>
+
+            {/* Signals Satisfied */}
+            <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+              <div className="flex items-center justify-between mb-2">
+                <span className="text-[10px] font-bold text-zinc-400 uppercase">Signals Satisfied</span>
+                <span className="text-sm font-black text-[#00D4AA]">2 of 2</span>
+              </div>
+              <div className="w-full h-1.5 bg-zinc-800 rounded-full overflow-hidden">
+                <div className="h-full bg-[#00D4AA]" style={{ width: '100%' }} />
+              </div>
+            </div>
+          </div>
+        </section>
+
+        {/* Next Actions */}
+        <section className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl p-4">
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-3">Next Actions</h3>
+          
+          <div className="space-y-2">
+            <button className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-2.5 text-left hover:border-cyan-600/40 transition-all group">
+              <div className="flex items-center justify-between">
+                <span className="text-sm font-bold text-white">Create investigation case</span>
+                <ArrowRight size={14} className="text-zinc-600 group-hover:text-[#00D4AA] transition-colors" />
+              </div>
+            </button>
+
+            <button className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-2.5 text-left hover:border-cyan-600/40 transition-all group">
+              <div className="flex items-center justify-between">
+                <span className="text-sm font-bold text-white">Review affected entities</span>
+                <ArrowRight size={14} className="text-zinc-600 group-hover:text-[#00D4AA] transition-colors" />
+              </div>
+            </button>
+
+            <button className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-2.5 text-left hover:border-cyan-600/40 transition-all group">
+              <div className="flex items-center justify-between">
+                <span className="text-sm font-bold text-white">Re-run hunt with adjustments</span>
+                <ArrowRight size={14} className="text-zinc-600 group-hover:text-[#00D4AA] transition-colors" />
+              </div>
+            </button>
+          </div>
+        </section>
+      </div>
+    </div>
+
+      {/* Footer Stats */}
+      <div className="bg-zinc-900 border border-zinc-800 rounded-xl p-4">
+        <div className="flex items-center justify-between text-xs text-zinc-500">
+          <div className="flex items-center gap-6">
+            <div className="flex items-center gap-2">
+              <Database size={14} className="text-emerald-400" />
+              <span className="font-bold uppercase">Total Data: 2.6 GB</span>
+            </div>
+            <div className="flex items-center gap-2">
+              <Clock size={14} className="text-blue-400" />
+              <span className="font-bold uppercase">12:1</span>
+            </div>
+            <div className="flex items-center gap-2">
+              <Shield size={14} className="text-purple-400" />
+              <span className="font-bold uppercase">45 MB/s</span>
             </div>
           </div>
         </div>
       </div>
+    </div>    )}
+        
+      </div>
+    </div>
+    
+      </div>
     );
   };
 
@@ -1656,7 +1991,7 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
             </span>
           </div>
           <div className="flex items-center gap-4 text-sm text-zinc-500">
-            <span className="font-mono">HUNT ID: {selectedHunt.id}</span>
+            <span className="">HUNT ID: {selectedHunt.id}</span>
             <span>•</span>
             <span>Executed 2 hours ago</span>
             <span>•</span>
@@ -1676,282 +2011,280 @@ const ThreatHuntingPage: React.FC<{ defaultView?: 'builder' | 'history' | 'detai
         </div>
       </div>
 
-      <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
-        {/* Left Column - Main Content */}
-        <div className="lg:col-span-2 space-y-6">
-          {/* Hunt Definition */}
-          <section className="bg-zinc-900 border border-zinc-800 rounded-xl p-6">
-            <div className="flex items-center gap-2 mb-4">
-              <FileText size={16} className="text-emerald-400" />
-              <h3 className="text-xs font-black text-zinc-400 uppercase tracking-widest">Hunt Definition</h3>
-            </div>
-            <p className="text-sm text-zinc-300 leading-relaxed mb-6">
-              {selectedHunt.hypothesis}
-            </p>
-
-            <div className="grid grid-cols-2 gap-4">
-              {/* Signal 1: DNS Activity */}
-              <div className="bg-zinc-950 border border-zinc-800 rounded-lg p-4">
-                <div className="flex items-center justify-between mb-3">
-                  <span className="text-xs font-black text-blue-400 uppercase tracking-widest">Signal 1: DNS Activity</span>
-                  <span className="px-2 py-1 bg-blue-500/10 border border-blue-500/30 text-blue-400 text-[10px] font-bold uppercase rounded">
-                    Active
-                  </span>
+        <div className="grid grid-cols-1 lg:grid-cols-3 gap-4">
+      {/* Left Column - Main Content */}
+      <div className="lg:col-span-2 space-y-4">
+        {/* Hunt Definition */}
+        <section className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl p-4">
+          <div className="flex items-center gap-2 mb-3">
+            <FileText size={16} className="text-[#00D4AA]" />
+            <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Hunt Definition</h3>
+          </div>
+          <p className="text-sm text-zinc-300 leading-relaxed mb-4">
+            {selectedHunt.hypothesis}
+          </p>
+
+          <div className="grid grid-cols-2 gap-3">
+            {/* Signal 1: DNS Activity */}
+            <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+              <div className="flex items-center justify-between mb-2">
+                <span className="text-xs font-black text-[#00D4AA] uppercase tracking-widest">Signal 1: DNS Activity</span>
+                <span className="px-2 py-0.5 bg-cyan-900/30 border border-cyan-600/40 text-[#00D4AA] text-[10px] font-bold uppercase rounded">
+                  Active
+                </span>
+              </div>
+              <div className="space-y-1.5">
+                <div className="flex items-center justify-between">
+                  <span className="text-[10px] text-zinc-500 font-bold uppercase">Field:</span>
+                  <span className="text-xs text-zinc-300">query</span>
                 </div>
-                <div className="space-y-2">
-                  <div className="flex items-center justify-between">
-                    <span className="text-[10px] text-zinc-500 font-bold uppercase">Field:</span>
-                    <span className="text-xs font-mono text-zinc-300">query</span>
-                  </div>
-                  <div className="flex items-center justify-between">
-                    <span className="text-[10px] text-zinc-500 font-bold uppercase">Match:</span>
-                    <span className="text-xs font-mono text-pink-400">*.top</span>
-                  </div>
-                  <div className="mt-3 pt-3 border-t border-zinc-800">
-                    <span className="text-[10px] text-zinc-500 font-bold uppercase block mb-1">Threshold:</span>
-                    <span className="text-xs text-zinc-300">More than 50 events within 5 minutes</span>
-                  </div>
+                <div className="flex items-center justify-between">
+                  <span className="text-[10px] text-zinc-500 font-bold uppercase">Match:</span>
+                  <span className="text-xs text-[#00D4AA]">*.top</span>
+                </div>
+                <div className="mt-2 pt-2 border-t border-[#1e1e20]">
+                  <span className="text-[10px] text-zinc-500 font-bold uppercase block mb-1">Threshold:</span>
+                  <span className="text-xs text-zinc-300">More than 50 events within 5 minutes</span>
                 </div>
               </div>
+            </div>
 
-              {/* Signal 2: HTTP Activity */}
-              <div className="bg-zinc-950 border border-zinc-800 rounded-lg p-4">
-                <div className="flex items-center justify-between mb-3">
-                  <span className="text-xs font-black text-red-400 uppercase tracking-widest">Signal 2: HTTP Activity</span>
-                  <span className="px-2 py-1 bg-red-500/10 border border-red-500/30 text-red-400 text-[10px] font-bold uppercase rounded">
-                    Active
-                  </span>
+            {/* Signal 2: HTTP Activity */}
+            <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+              <div className="flex items-center justify-between mb-2">
+                <span className="text-xs font-black text-white uppercase tracking-widest">Signal 2: HTTP Activity</span>
+                <span className="px-2 py-0.5 bg-zinc-700/50 border border-zinc-600/40 text-zinc-300 text-[10px] font-bold uppercase rounded">
+                  Active
+                </span>
+              </div>
+              <div className="space-y-1.5">
+                <div className="flex items-center justify-between">
+                  <span className="text-[10px] text-zinc-500 font-bold uppercase">Field:</span>
+                  <span className="text-xs text-zinc-300">method</span>
                 </div>
-                <div className="space-y-2">
-                  <div className="flex items-center justify-between">
-                    <span className="text-[10px] text-zinc-500 font-bold uppercase">Field:</span>
-                    <span className="text-xs font-mono text-zinc-300">method</span>
-                  </div>
-                  <div className="flex items-center justify-between">
-                    <span className="text-[10px] text-zinc-500 font-bold uppercase">Value:</span>
-                    <span className="text-xs font-mono text-pink-400">POST</span>
-                  </div>
-                  <div className="mt-3 pt-3 border-t border-zinc-800">
-                    <span className="text-[10px] text-zinc-500 font-bold uppercase block mb-1">Threshold:</span>
-                    <span className="text-xs text-zinc-300">More than 10 events within 10 minutes</span>
-                  </div>
+                <div className="flex items-center justify-between">
+                  <span className="text-[10px] text-zinc-500 font-bold uppercase">Value:</span>
+                  <span className="text-xs text-white">POST</span>
+                </div>
+                <div className="mt-2 pt-2 border-t border-[#1e1e20]">
+                  <span className="text-[10px] text-zinc-500 font-bold uppercase block mb-1">Threshold:</span>
+                  <span className="text-xs text-zinc-300">More than 10 events within 10 minutes</span>
                 </div>
               </div>
             </div>
+          </div>
 
-            {/* Correlation Info */}
-            <div className="mt-4 pt-4 border-t border-zinc-800 flex items-center gap-2">
-              <Link size={14} className="text-emerald-400" />
-              <span className="text-xs text-zinc-500 font-bold">Signals correlated by</span>
-              <span className="text-xs font-mono text-emerald-400">Source Host</span>
-              <div className="ml-auto flex items-center gap-2 text-xs text-zinc-600">
-                <span>Global Window:</span>
-                <span className="font-bold text-zinc-400">5 Minutes</span>
-              </div>
+          {/* Correlation Info */}
+          <div className="mt-3 pt-3 border-t border-[#1e1e20] flex items-center gap-2">
+            <Link size={14} className="text-[#00D4AA]" />
+            <span className="text-xs text-zinc-500 font-bold">Signals correlated by</span>
+            <span className="text-xs text-[#00D4AA]">Source Host</span>
+            <div className="ml-auto flex items-center gap-2 text-xs text-zinc-600">
+              <span>Global Window:</span>
+              <span className="font-bold text-zinc-400">5 Minutes</span>
             </div>
-          </section>
+          </div>
+        </section>
 
-          {/* Signals Observed */}
-          <section className="bg-zinc-900 border border-zinc-800 rounded-xl p-6">
-            <h3 className="text-xs font-black text-zinc-400 uppercase tracking-widest mb-4">Signals Observed</h3>
-            
-            <div className="space-y-3">
-              <div className="grid grid-cols-3 gap-4 px-4 py-2 text-[10px] font-bold text-zinc-600 uppercase tracking-wider">
-                <div>Signal Name</div>
-                <div>Matches</div>
-                <div>Execution Window</div>
-              </div>
+        {/* Signals Observed */}
+        <section className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl p-4">
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-3">Signals Observed</h3>
+          
+          <div className="space-y-2">
+            <div className="grid grid-cols-3 gap-4 px-3 py-2 text-[10px] font-bold text-zinc-500 uppercase tracking-wider">
+              <div>Signal Name</div>
+              <div>Matches</div>
+              <div>Execution Window</div>
+            </div>
 
-              <div className="grid grid-cols-3 gap-4 px-4 py-3 bg-zinc-950 border border-zinc-800 rounded-lg items-center">
-                <div className="text-sm font-bold text-white">DNS Activity</div>
-                <div className="text-sm font-bold text-blue-400">5 matches</div>
-                <div className="text-xs font-mono text-zinc-500">13:48 - 13:55</div>
-              </div>
+            <div className="grid grid-cols-3 gap-4 px-3 py-2.5 bg-zinc-900/30 border border-[#1e1e20] rounded-lg items-center">
+              <div className="text-sm font-bold text-white">DNS Activity</div>
+              <div className="text-sm font-bold text-[#00D4AA]">5 matches</div>
+              <div className="text-xs text-zinc-500">13:48 - 13:55</div>
+            </div>
 
-              <div className="grid grid-cols-3 gap-4 px-4 py-3 bg-zinc-950 border border-zinc-800 rounded-lg items-center">
-                <div className="text-sm font-bold text-white">HTTP Activity</div>
-                <div className="text-sm font-bold text-red-400">2 matches</div>
-                <div className="text-xs font-mono text-zinc-500">13:48 - 14:00</div>
-              </div>
+            <div className="grid grid-cols-3 gap-4 px-3 py-2.5 bg-zinc-900/30 border border-[#1e1e20] rounded-lg items-center">
+              <div className="text-sm font-bold text-white">HTTP Activity</div>
+              <div className="text-sm font-bold text-zinc-400">2 matches</div>
+              <div className="text-xs text-zinc-500">13:48 - 14:00</div>
             </div>
-          </section>
+          </div>
+        </section>
 
-          {/* Observed Activity Timeline */}
-          <section className="bg-zinc-900 border border-zinc-800 rounded-xl p-6">
-            <h3 className="text-xs font-black text-zinc-400 uppercase tracking-widest mb-6">Observed Activity Timeline</h3>
-            
-            <div className="space-y-4 relative pl-8">
-              {/* Timeline line */}
-              <div className="absolute left-[11px] top-3 bottom-3 w-0.5 bg-zinc-800" />
-
-              {/* Timeline Event 1 */}
-              <div className="relative">
-                <div className="absolute left-[-30px] top-1 w-5 h-5 rounded-full bg-blue-500 border-4 border-zinc-900 z-10" />
-                <div className="bg-zinc-950 border border-zinc-800 rounded-lg p-4">
-                  <div className="flex items-center justify-between mb-2">
-                    <span className="text-sm font-bold text-white">13:48 DNS Signal Matched</span>
-                    <span className="text-xs font-mono text-zinc-500">13:48</span>
-                  </div>
-                  <p className="text-xs text-zinc-400">
-                    Initial high-entropy query threshold reached from <span className="font-mono text-blue-400">192.168.1.45</span>.
-                  </p>
+        {/* Observed Activity Timeline */}
+        <section className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl p-4">
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-4">Observed Activity Timeline</h3>
+          
+          <div className="space-y-3 relative pl-8">
+            {/* Timeline line */}
+            <div className="absolute left-[11px] top-3 bottom-3 w-0.5 bg-[#1e1e20]" />
+
+            {/* Timeline Event 1 */}
+            <div className="relative">
+              <div className="absolute left-[-30px] top-1 w-5 h-5 rounded-full bg-[#00D4AA] border-4 border-[#0f0f10] z-10" />
+              <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+                <div className="flex items-center justify-between mb-1.5">
+                  <span className="text-sm font-bold text-white">13:48 DNS Signal Matched</span>
+                  <span className="text-xs text-zinc-500">13:48</span>
                 </div>
+                <p className="text-xs text-zinc-400">
+                  Initial high-entropy query threshold reached from <span className="text-[#00D4AA]">192.168.1.45</span>.
+                </p>
               </div>
+            </div>
 
-              {/* Timeline Event 2 */}
-              <div className="relative">
-                <div className="absolute left-[-30px] top-1 w-5 h-5 rounded-full bg-blue-500 border-4 border-zinc-900 z-10" />
-                <div className="bg-zinc-950 border border-zinc-800 rounded-lg p-4">
-                  <div className="flex items-center justify-between mb-2">
-                    <span className="text-sm font-bold text-white">13:46 DNS Signal Repeated</span>
-                    <span className="text-xs font-mono text-zinc-500">13:46</span>
-                  </div>
-                  <p className="text-xs text-zinc-400">
-                    Subsequent queries to domain <span className="font-mono text-blue-400">update.srv-log</span> identified.
-                  </p>
+            {/* Timeline Event 2 */}
+            <div className="relative">
+              <div className="absolute left-[-30px] top-1 w-5 h-5 rounded-full bg-[#00D4AA] border-4 border-[#0f0f10] z-10" />
+              <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+                <div className="flex items-center justify-between mb-1.5">
+                  <span className="text-sm font-bold text-white">13:46 DNS Signal Repeated</span>
+                  <span className="text-xs text-zinc-500">13:46</span>
                 </div>
+                <p className="text-xs text-zinc-400">
+                  Subsequent queries to domain <span className="text-[#00D4AA]">update.srv-log</span> identified.
+                </p>
               </div>
+            </div>
 
-              {/* Timeline Event 3 */}
-              <div className="relative">
-                <div className="absolute left-[-30px] top-1 w-5 h-5 rounded-full bg-orange-500 border-4 border-zinc-900 z-10" />
-                <div className="bg-zinc-950 border border-zinc-800 rounded-lg p-4">
-                  <div className="flex items-center justify-between mb-2">
-                    <span className="text-sm font-bold text-white">13:48 HTTP Signal Matched</span>
-                    <span className="text-xs font-mono text-zinc-500">13:48</span>
-                  </div>
-                  <p className="text-xs text-zinc-400">
-                    Outbound POST request detected, initiating correlation sequence.
-                  </p>
+            {/* Timeline Event 3 */}
+            <div className="relative">
+              <div className="absolute left-[-30px] top-1 w-5 h-5 rounded-full bg-zinc-500 border-4 border-[#0f0f10] z-10" />
+              <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+                <div className="flex items-center justify-between mb-1.5">
+                  <span className="text-sm font-bold text-white">13:48 HTTP Signal Matched</span>
+                  <span className="text-xs text-zinc-500">13:48</span>
                 </div>
+                <p className="text-xs text-zinc-400">
+                  Outbound POST request detected, initiating correlation sequence.
+                </p>
               </div>
+            </div>
 
-              {/* Timeline Event 4 */}
-              <div className="relative">
-                <div className="absolute left-[-30px] top-1 w-5 h-5 rounded-full bg-emerald-500 border-4 border-zinc-900 z-10" />
-                <div className="bg-zinc-950 border border-emerald-800 rounded-lg p-4">
-                  <div className="flex items-center justify-between mb-2">
-                    <span className="text-sm font-bold text-emerald-400">14:98 Correlation Window Completed</span>
-                    <span className="text-xs font-mono text-zinc-500">14:98</span>
-                  </div>
-                  <p className="text-xs text-zinc-400">
-                    Final execution facts summarized. Correlation confirmed across <span className="font-bold text-emerald-400">7 specific</span> matches.
-                  </p>
+            {/* Timeline Event 4 */}
+            <div className="relative">
+              <div className="absolute left-[-30px] top-1 w-5 h-5 rounded-full bg-white border-4 border-[#0f0f10] z-10" />
+              <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+                <div className="flex items-center justify-between mb-1.5">
+                  <span className="text-sm font-bold text-white">14:00 Correlation Window Completed</span>
+                  <span className="text-xs text-zinc-500">14:00</span>
                 </div>
+                <p className="text-xs text-zinc-400">
+                  Final execution facts summarized. Correlation confirmed across <span className="font-bold text-white">7 specific</span> matches.
+                </p>
               </div>
             </div>
-          </section>
-        </div>
+          </div>
+        </section>
+      </div>
 
-        {/* Right Column - Sidebar */}
-        <div className="space-y-6">
-          {/* Entities Involved */}
-          <section className="bg-zinc-900 border border-zinc-800 rounded-xl p-5">
-            <h3 className="text-xs font-black text-zinc-400 uppercase tracking-widest mb-4">Entities Involved</h3>
-            
-            <div className="space-y-3">
-              {/* Primary Entity */}
-              <div className="bg-zinc-950 border border-zinc-800 rounded-lg p-4">
-                <div className="flex items-center gap-2 mb-2">
-                  <Monitor size={14} className="text-zinc-400" />
-                  <span className="text-lg font-black font-mono text-white">192.168.1.45</span>
-                </div>
-                <div className="flex items-center gap-2">
-                  <span className="text-[10px] text-zinc-600 uppercase font-bold">Source System: WS-FRAN</span>
-                </div>
-                <div className="mt-2 pt-2 border-t border-zinc-800">
-                  <span className="px-2 py-1 bg-red-500/10 border border-red-500/30 text-red-400 text-[9px] font-bold uppercase rounded">
-                    Critical Asset
-                  </span>
-                </div>
+      {/* Right Column - Sidebar */}
+      <div className="space-y-4">
+        {/* Entities Involved */}
+        <section className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl p-4">
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-3">Entities Involved</h3>
+          
+          <div className="space-y-2">
+            {/* Primary Entity */}
+            <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+              <div className="flex items-center gap-2 mb-1.5">
+                <Monitor size={14} className="text-zinc-400" />
+                <span className="text-base font-black text-white">192.168.1.45</span>
+              </div>
+              <div className="flex items-center gap-2 mb-2">
+                <span className="text-[10px] text-zinc-500 uppercase font-bold">Source System: WS-FRAN</span>
               </div>
+              <span className="px-2 py-0.5 bg-cyan-900/30 border border-cyan-600/40 text-[#00D4AA] text-[9px] font-bold uppercase rounded">
+                Critical Asset
+              </span>
+            </div>
 
-              {/* Secondary Entity */}
-              <div className="bg-zinc-950 border border-zinc-800 rounded-lg p-4">
-                <div className="flex items-center gap-2 mb-2">
-                  <User size={14} className="text-zinc-400" />
-                  <span className="text-sm font-bold text-white">FVLAN</span>
-                </div>
-                <div className="text-[10px] text-zinc-600 uppercase font-bold">
-                  Network System Involved
-                </div>
+            {/* Secondary Entity */}
+            <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+              <div className="flex items-center gap-2 mb-1">
+                <User size={14} className="text-zinc-400" />
+                <span className="text-sm font-bold text-white">FVLAN</span>
+              </div>
+              <div className="text-[10px] text-zinc-500 uppercase font-bold">
+                Network System Involved
               </div>
+            </div>
 
-              {/* Destinations */}
-              <div className="bg-zinc-950 border border-zinc-800 rounded-lg p-4">
-                <div className="flex items-center gap-2 mb-2">
-                  <Globe size={14} className="text-zinc-400" />
-                  <span className="text-sm font-bold text-white">3 Destinations</span>
-                </div>
-                <div className="text-[10px] text-zinc-600 uppercase font-bold">
-                  Countries Entities Contacted
-                </div>
+            {/* Destinations */}
+            <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+              <div className="flex items-center gap-2 mb-1">
+                <Globe size={14} className="text-zinc-400" />
+                <span className="text-sm font-bold text-white">3 Destinations</span>
+              </div>
+              <div className="text-[10px] text-zinc-500 uppercase font-bold">
+                Countries Entities Contacted
               </div>
             </div>
-          </section>
+          </div>
+        </section>
 
-          {/* Hunt Results Summary */}
-          <section className="bg-zinc-900 border border-zinc-800 rounded-xl p-5">
-            <h3 className="text-xs font-black text-zinc-400 uppercase tracking-widest mb-6">Hunt Results Summary</h3>
-            
-            <div className="space-y-6">
+        {/* Hunt Results Summary - Compact */}
+        <section className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl p-4">
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-3">Hunt Results Summary</h3>
+          
+          <div className="space-y-3">
+            {/* Compact Grid Layout */}
+            <div className="grid grid-cols-2 gap-3">
               {/* Correlated Matches */}
-              <div className="text-center">
-                <div className="text-5xl font-black text-emerald-400 mb-2">{selectedHunt.matchesFound}</div>
-                <div className="text-xs text-zinc-500 uppercase font-bold tracking-widest">Correlated Matches</div>
+              <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3 text-center">
+                <div className="text-2xl font-black text-[#00D4AA] mb-1">{selectedHunt.matchesFound}</div>
+                <div className="text-[9px] text-zinc-500 uppercase font-bold tracking-widest">Matches</div>
               </div>
 
               {/* Total Activity */}
-              <div className="text-center pt-6 border-t border-zinc-800">
-                <div className="text-4xl font-black text-white mb-2">32m</div>
-                <div className="text-xs text-zinc-500 uppercase font-bold tracking-widest">Total Activity Span</div>
+              <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3 text-center">
+                <div className="text-2xl font-black text-white mb-1">32m</div>
+                <div className="text-[9px] text-zinc-500 uppercase font-bold tracking-widest">Time Span</div>
               </div>
+            </div>
 
-              {/* Signals Satisfied */}
-              <div className="pt-6 border-t border-zinc-800">
-                <div className="flex items-center justify-between mb-2">
-                  <span className="text-xs font-bold text-zinc-400 uppercase">Signals Satisfied</span>
-                  <span className="text-sm font-black text-emerald-400">2 of 2</span>
-                </div>
-                <div className="w-full h-2 bg-zinc-950 rounded-full overflow-hidden">
-                  <div className="h-full bg-emerald-500" style={{ width: '100%' }} />
-                </div>
-                <p className="text-[10px] text-zinc-600 mt-2">
-                  All configured scoring criteria were associated output.
-                </p>
+            {/* Signals Satisfied */}
+            <div className="bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-3">
+              <div className="flex items-center justify-between mb-2">
+                <span className="text-[10px] font-bold text-zinc-400 uppercase">Signals Satisfied</span>
+                <span className="text-sm font-black text-[#00D4AA]">2 of 2</span>
+              </div>
+              <div className="w-full h-1.5 bg-zinc-800 rounded-full overflow-hidden">
+                <div className="h-full bg-[#00D4AA]" style={{ width: '100%' }} />
               </div>
             </div>
-          </section>
+          </div>
+        </section>
 
-          {/* Next Actions */}
-          <section className="bg-zinc-900 border border-zinc-800 rounded-xl p-5">
-            <h3 className="text-xs font-black text-zinc-400 uppercase tracking-widest mb-4">Next Actions</h3>
-            
-            <div className="space-y-2">
-              <button className="w-full bg-zinc-950 border border-zinc-800 rounded-lg p-3 text-left hover:bg-zinc-800 transition-all group">
-                <div className="flex items-center justify-between">
-                  <span className="text-sm font-bold text-white">Create investigation case</span>
-                  <ArrowRight size={14} className="text-zinc-600 group-hover:text-emerald-400 transition-colors" />
-                </div>
-              </button>
+        {/* Next Actions */}
+        <section className="bg-[#0f0f10] border border-[#1e1e20] rounded-xl p-4">
+          <h3 className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-3">Next Actions</h3>
+          
+          <div className="space-y-2">
+            <button className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-2.5 text-left hover:border-cyan-600/40 transition-all group">
+              <div className="flex items-center justify-between">
+                <span className="text-sm font-bold text-white">Create investigation case</span>
+                <ArrowRight size={14} className="text-zinc-600 group-hover:text-[#00D4AA] transition-colors" />
+              </div>
+            </button>
 
-              <button className="w-full bg-zinc-950 border border-zinc-800 rounded-lg p-3 text-left hover:bg-zinc-800 transition-all group">
-                <div className="flex items-center justify-between">
-                  <span className="text-sm font-bold text-white">Review affected entities</span>
-                  <ArrowRight size={14} className="text-zinc-600 group-hover:text-emerald-400 transition-colors" />
-                </div>
-              </button>
+            <button className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-2.5 text-left hover:border-cyan-600/40 transition-all group">
+              <div className="flex items-center justify-between">
+                <span className="text-sm font-bold text-white">Review affected entities</span>
+                <ArrowRight size={14} className="text-zinc-600 group-hover:text-[#00D4AA] transition-colors" />
+              </div>
+            </button>
 
-              <button className="w-full bg-zinc-950 border border-zinc-800 rounded-lg p-3 text-left hover:bg-zinc-800 transition-all group">
-                <div className="flex items-center justify-between">
-                  <span className="text-sm font-bold text-white">Re-run hunt with adjustments</span>
-                  <ArrowRight size={14} className="text-zinc-600 group-hover:text-emerald-400 transition-colors" />
-                </div>
-              </button>
-            </div>
-          </section>
-        </div>
+            <button className="w-full bg-zinc-900/30 border border-[#1e1e20] rounded-lg p-2.5 text-left hover:border-cyan-600/40 transition-all group">
+              <div className="flex items-center justify-between">
+                <span className="text-sm font-bold text-white">Re-run hunt with adjustments</span>
+                <ArrowRight size={14} className="text-zinc-600 group-hover:text-[#00D4AA] transition-colors" />
+              </div>
+            </button>
+          </div>
+        </section>
       </div>
+    </div>
 
       {/* Footer Stats */}
       <div className="bg-zinc-900 border border-zinc-800 rounded-xl p-4">
diff --git a/ui/pages/UseCaseDetailPage.tsx b/ui/pages/UseCaseDetailPage.tsx
index 7af4f62..5f75ea1 100644
--- a/ui/pages/UseCaseDetailPage.tsx
+++ b/ui/pages/UseCaseDetailPage.tsx
@@ -1,27 +1,9 @@
 import React, { useState } from 'react';
-import { 
-  ArrowLeft, Layers, AlertTriangle, Shield, CheckCircle2, 
-  ChevronDown, ChevronRight, Clock, Database, FileText
+import {
+  ArrowLeft, Layers, AlertTriangle, Shield, CheckCircle2,
+  ChevronDown, ChevronRight, Clock, Database, FileText, Activity
 } from 'lucide-react';
 
-interface Stage {
-  id: number;
-  name: string;
-  purpose: string;
-  inputDependency: string;
-  dataSource: string;
-  fieldsUsed: string[];
-  conditions: string[];
-  thresholdLogic: string;
-  output: string;
-  status: 'active' | 'triggered' | 'pending';
-}
-
-interface Props {
-  useCaseId: string | null;
-  onBack: () => void;
-}
-
 const MOCK_USE_CASE = {
   id: 'UC-001',
   name: 'Ransomware Detection',
@@ -32,7 +14,7 @@ const MOCK_USE_CASE = {
   confidence: 'HIGH'
 };
 
-const MOCK_STAGES: Stage[] = [
+const MOCK_STAGES = [
   {
     id: 1,
     name: 'Behavioral Anomaly',
@@ -43,7 +25,7 @@ const MOCK_STAGES: Stage[] = [
     conditions: [
       'outbound_connection_count > (host_baseline + 3σ)',
       'upload_bytes > 5 * daily_average',
-      'activity_time between 00:00-05:00 local'
+      'activity_time between 00:00–05:00 local'
     ],
     thresholdLogic: 'baseline_window = 14 days\nwindow_size = 5 minutes',
     output: 'STAGE-1 SIGNAL EMITTED (LOW CONFIDENCE)',
@@ -53,7 +35,7 @@ const MOCK_STAGES: Stage[] = [
     id: 2,
     name: 'File System Pressure',
     purpose: 'Identify rapid file operations characteristic of encryption.',
-    inputDependency: 'stage_1 and stage_2 signals triggered within 15 minutes window',
+    inputDependency: 'stage_1 signal within 15 min window',
     dataSource: 'OSQUERY: FILE_EVENTS',
     fieldsUsed: ['hostname', 'action', 'target_path', 'timestamp'],
     conditions: [
@@ -69,7 +51,7 @@ const MOCK_STAGES: Stage[] = [
     id: 3,
     name: 'Context Correlation',
     purpose: 'Combine behavioral and system indicators for high-confidence detection.',
-    inputDependency: 'stage_1 and stage_2 signals triggered within 15 minutes window',
+    inputDependency: 'stage_1 and stage_2 within 15 min window',
     dataSource: 'MULTI-SOURCE',
     fieldsUsed: ['all_previous_stages', 'threat_intel', 'user_context'],
     conditions: [
@@ -83,262 +65,265 @@ const MOCK_STAGES: Stage[] = [
   }
 ];
 
-const UseCaseDetailPage: React.FC<Props> = ({ useCaseId, onBack }) => {
-  const [expandedStages, setExpandedStages] = useState<number[]>([1]);
+const statusColor = (status) => ({
+  active:    { bg: 'bg-green-500/10',  border: 'border-green-500/20',  text: 'text-green-500', dot: 'bg-green-500' },
+  triggered: { bg: 'bg-blue-500/10', border: 'border-blue-500/20', text: 'text-blue-500', dot: 'bg-blue-500' },
+  pending:   { bg: 'bg-zinc-900' , border: 'border-[#1e1e20]', text: 'text-zinc-500', dot: 'bg-zinc-500' }
+}[status]);
+
+export default function UseCaseDetailPage({ useCaseId, onBack }) {
+  const [expandedStages, setExpandedStages] = useState([1]);
 
-  const toggleStage = (stageId: number) => {
-    setExpandedStages(prev => 
-      prev.includes(stageId) 
-        ? prev.filter(id => id !== stageId)
-        : [...prev, stageId]
+  const toggleStage = (id) =>
+    setExpandedStages(prev =>
+      prev.includes(id) ? prev.filter(s => s !== id) : [...prev, id]
     );
-  };
 
   return (
-    <div className="max-w-[1300px] mx-auto space-y-4 pb-12">
-      
-      {/* Compact Header */}
-      <div className="flex items-center justify-between gap-8 py-3">
-        <div className="flex items-center gap-4">
-          <button 
-            onClick={onBack} 
-            className="p-2 bg-[#161618] border border-[#1e1e20] rounded-lg text-zinc-500 hover:text-white transition-all"
-          >
-            <ArrowLeft size={18} />
-          </button>
-          <div>
-            <h2 className="text-lg font-black text-white uppercase tracking-tight">{MOCK_USE_CASE.name}</h2>
-            <p className="text-[9px] font-bold text-zinc-600 uppercase tracking-wider">
-              {useCaseId || 'UC-001'} • {MOCK_USE_CASE.description}
-            </p>
+    <div className="min-h-screen">
+      <div className="max-w-[1300px] mx-auto px-4 pb-32 pt-6 space-y-6">
+
+        {/* COMPACT HEADER */}
+        <div className="flex items-center justify-between gap-8">
+          <div className="flex items-center gap-4">
+            <button
+              onClick={onBack}
+              className="p-1.5 hover:bg-zinc-800 rounded transition-colors"
+            >
+              <ArrowLeft size={18} className="text-zinc-400 hover:text-white transition-colors" />
+            </button>
+            <div>
+              <h2 className="text-xl font-bold text-white uppercase tracking-tight">{MOCK_USE_CASE.name}</h2>
+              <p className="text-xs text-zinc-500 font-medium uppercase tracking-wide mt-1">
+                {useCaseId || 'UC-001'} • {MOCK_USE_CASE.description}
+              </p>
+            </div>
+          </div>
+          <div className="flex items-center gap-2">
+            <span className="px-3 py-1.5 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg text-xs font-bold uppercase text-zinc-400 flex items-center gap-1.5">
+              <Layers size={12} className="text-[#00D4AA]" /> {MOCK_USE_CASE.stages}
+            </span>
+            <span className="px-3 py-1.5 bg-[#0a0a0b] border border-[#1e1e20] rounded-lg text-xs font-bold uppercase text-zinc-400 flex items-center gap-1.5">
+              <AlertTriangle size={12} className="text-zinc-500" /> {MOCK_USE_CASE.signals}
+            </span>
+            <div className="inline-flex px-3 py-1.5 rounded-lg border bg-blue-500/10 border-blue-500/20">
+              <span className="text-xs font-bold uppercase text-blue-500">ML</span>
+            </div>
+            <div className="inline-flex px-3 py-1.5 rounded-lg border bg-green-500/10 border-green-500/20">
+              <span className="text-xs font-bold uppercase text-green-500">{MOCK_USE_CASE.confidence}</span>
+            </div>
           </div>
         </div>
-        
-        {/* Inline Meta Info */}
-        <div className="flex items-center gap-2">
-          <span className="px-2.5 py-1 bg-[#0a0a0b] border border-zinc-800 rounded text-[9px] font-black uppercase text-zinc-400 flex items-center gap-1.5">
-            <Layers size={10} className="text-[#00D4AA]" />
-            {MOCK_USE_CASE.stages}
-          </span>
-          <span className="px-2.5 py-1 bg-[#0a0a0b] border border-zinc-800 rounded text-[9px] font-black uppercase text-zinc-400 flex items-center gap-1.5">
-            <AlertTriangle size={10} className="text-amber-400" />
-            {MOCK_USE_CASE.signals}
-          </span>
-          <span className="px-2.5 py-1 bg-emerald-500/10 border border-emerald-500/30 rounded text-[9px] font-black uppercase text-emerald-400">
-            ML
-          </span>
-          <span className="px-2.5 py-1 bg-red-500/10 border border-red-500/30 rounded text-[9px] font-black uppercase text-red-400">
-            {MOCK_USE_CASE.confidence}
-          </span>
-        </div>
-      </div>
 
-      {/* Why This Alert Was Triggered */}
-      <div className="bg-[#0a0a0b] border border-zinc-800 rounded-lg p-4">
-        <h3 className="text-[11px] font-black text-white uppercase tracking-tight mb-2">
-          Why This Alert Was Triggered
-        </h3>
-        
-        <p className="text-[10px] text-zinc-400 leading-relaxed mb-4">
-          This alert was triggered because the system detected <span className="text-white font-semibold">sustained abnormal outbound data transfer behavior</span> that deviated significantly from the host's historical baseline.
-        </p>
+        {/* WHY THIS ALERT */}
+        <div className="bg-[#161618] border border-[#1e1e20] rounded-xl overflow-hidden shadow-sm">
+          <div className="flex items-center gap-2 px-6 py-4 bg-[#0a0a0b] border-b border-[#1e1e20]">
+            <Activity size={14} className="text-[#00D4AA]" />
+            <span className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Why This Alert Was Triggered</span>
+          </div>
 
-        <div className="grid grid-cols-3 gap-6">
-          
-          {/* Detection Stages */}
-          <div>
-            <h4 className="text-[9px] font-black text-[#00D4AA] uppercase tracking-widest mb-2">
-              Detection stages:
-            </h4>
-            <div className="space-y-1.5">
-              <div className="flex items-start gap-2">
-                <span className="text-white font-bold text-[10px] min-w-[14px]">1.</span>
-                <p className="text-[10px] text-zinc-400 leading-relaxed">
-                  <span className="text-white font-semibold">Anomaly detected</span> – Initial abnormal outbound activity was identified compared to normal behavior.
-                </p>
-              </div>
-              <div className="flex items-start gap-2">
-                <span className="text-white font-bold text-[10px] min-w-[14px]">2.</span>
-                <p className="text-[10px] text-zinc-400 leading-relaxed">
-                  <span className="text-white font-semibold">Behavior sustained</span> – The abnormal behavior persisted across multiple observation intervals.
-                </p>
-              </div>
-              <div className="flex items-start gap-2">
-                <span className="text-white font-bold text-[10px] min-w-[14px]">3.</span>
-                <p className="text-[10px] text-zinc-400 leading-relaxed">
-                  <span className="text-white font-semibold">Alert threshold exceeded</span> – Combined signal confidence crossed the alert threshold, resulting in alert generation.
-                </p>
+          <div className="p-6 space-y-4">
+            <p className="text-sm text-zinc-400 leading-relaxed max-w-2xl">
+              This alert fired because the system detected{' '}
+              <span className="text-white font-semibold">sustained abnormal outbound data transfer behavior</span>
+              {' '}that deviated significantly from the host's historical baseline.
+            </p>
+
+            <div className="grid grid-cols-3 gap-4">
+              {/* Detection Stages */}
+              <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 space-y-3">
+                <div className="flex items-center gap-1.5">
+                  <div className="w-1.5 h-1.5 rounded-full bg-[#00D4AA]" />
+                  <span className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Detection Stages</span>
+                </div>
+                {[
+                  ['Anomaly detected', 'Initial abnormal outbound activity identified vs. normal behavior.'],
+                  ['Behavior sustained', 'Abnormal behavior persisted across multiple observation intervals.'],
+                  ['Threshold exceeded', 'Combined signal confidence crossed the alert threshold.']
+                ].map(([title, desc], i) => (
+                  <div key={i} className="flex items-start gap-2">
+                    <span className="text-xs font-bold text-zinc-600 min-w-[14px] leading-tight">{i + 1}</span>
+                    <div>
+                      <span className="text-xs font-semibold text-white">{title}: </span>
+                      <span className="text-xs text-zinc-500">{desc}</span>
+                    </div>
+                  </div>
+                ))}
               </div>
-            </div>
-          </div>
 
-          {/* Key Contributing Factors */}
-          <div>
-            <h4 className="text-[9px] font-black text-[#00D4AA] uppercase tracking-widest mb-2">
-              Key contributing factors:
-            </h4>
-            <div className="space-y-1.5">
-              <div className="flex items-start gap-2">
-                <span className="text-[#00D4AA] text-xs">•</span>
-                <p className="text-[10px] text-zinc-400 leading-relaxed">
-                  Sustained outbound volume spike
-                </p>
+              {/* Key Factors */}
+              <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 space-y-3">
+                <div className="flex items-center gap-1.5">
+                  <div className="w-1.5 h-1.5 rounded-full bg-white" />
+                  <span className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Key Factors</span>
+                </div>
+                {[
+                  'Sustained outbound volume spike over baseline window.',
+                  'Abnormal upload-to-download ratio detected.',
+                  'Activity concentrated in off-hours (00:00–05:00).',
+                  'No corresponding authorized process found.'
+                ].map((item, i) => (
+                  <div key={i} className="flex items-start gap-2">
+                    <span className="text-[#00D4AA] mt-0.5 text-xs">▸</span>
+                    <span className="text-xs text-zinc-400 leading-relaxed">{item}</span>
+                  </div>
+                ))}
               </div>
-              <div className="flex items-start gap-2">
-                <span className="text-[#00D4AA] text-xs">•</span>
-                <p className="text-[10px] text-zinc-400 leading-relaxed">
-                  Abnormal upload-to-download ratio
+
+              {/* Context */}
+              <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-4 space-y-3">
+                <div className="flex items-center gap-1.5">
+                  <div className="w-1.5 h-1.5 rounded-full bg-zinc-500" />
+                  <span className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">Context</span>
+                </div>
+                <p className="text-xs text-zinc-400 leading-relaxed">
+                  Activity was observed consistently over a defined time window and was <span className="text-white font-semibold">not</span> a single transient spike. Host had no scheduled maintenance or backup activity during the flagged period.
                 </p>
+                <div className="flex gap-3 pt-3 border-t border-[#1e1e20]">
+                  <div>
+                    <p className="text-[10px] text-zinc-500 uppercase tracking-tight font-bold">Window</p>
+                    <p className="text-xs font-bold text-white">15 min</p>
+                  </div>
+                  <div className="w-px bg-[#1e1e20]" />
+                  <div>
+                    <p className="text-[10px] text-zinc-500 uppercase tracking-tight font-bold">Baseline</p>
+                    <p className="text-xs font-bold text-white">14 days</p>
+                  </div>
+                  <div className="w-px bg-[#1e1e20]" />
+                  <div>
+                    <p className="text-[10px] text-zinc-500 uppercase tracking-tight font-bold">Conf.</p>
+                    <p className="text-xs font-bold text-[#00D4AA]">HIGH</p>
+                  </div>
+                </div>
               </div>
             </div>
           </div>
-
-          {/* Additional Context */}
-          <div>
-            <h4 className="text-[9px] font-black text-[#00D4AA] uppercase tracking-widest mb-2">
-              Context:
-            </h4>
-            <p className="text-[10px] text-zinc-400 leading-relaxed">
-              The activity was observed consistently over a defined time window and was not a single transient spike.
-            </p>
-          </div>
-
         </div>
-      </div>
 
-      {/* All Stages in Single View - Maximum Columns */}
-      <div className="space-y-3">
-        {MOCK_STAGES.map(stage => (
-          <div
-            key={stage.id}
-            className="border border-zinc-800 rounded-lg overflow-hidden"
-          >
-            {/* Ultra Compact Stage Header */}
-            <button
-              onClick={() => toggleStage(stage.id)}
-              className="w-full px-4 py-2 flex items-center justify-between bg-zinc-900/30 hover:bg-zinc-900/50 transition-colors border-b border-zinc-800"
-            >
-              <div className="flex items-center gap-4">
-                <div className="flex items-center justify-center w-8 h-8 rounded bg-zinc-900 border border-zinc-800">
-                  <span className="text-sm font-black text-white">{stage.id}</span>
-                </div>
-                <div className="text-left">
-                  <span className="text-xs font-black text-white uppercase">{stage.name}</span>
-                  <span className="text-[10px] text-zinc-500 ml-2">— {stage.purpose}</span>
+        {/* DETECTION STAGES */}
+        <div className="space-y-0">
+          {MOCK_STAGES.map((stage, idx) => {
+            const col = statusColor(stage.status);
+            const open = expandedStages.includes(stage.id);
+            return (
+              <div key={stage.id} className="relative flex">
+                {/* timeline rail */}
+                <div className="flex flex-col items-center" style={{ width: 42 }}>
+                  <div
+                    className={`relative z-10 mt-[18px] rounded-full flex items-center justify-center text-xs font-bold border-2 border-[#1e1e20]`}
+                    style={{ width: 30, height: 30 }}
+                  >
+                    {stage.id}
+                  </div>
+                  {idx < MOCK_STAGES.length - 1 && (
+                    <div className="flex-1 w-px bg-[#1e1e20]" style={{ minHeight: 28 }} />
+                  )}
                 </div>
-              </div>
 
-              <div className="flex items-center gap-3">
-                <span className={`px-2 py-0.5 rounded text-[8px] font-black uppercase ${
-                  stage.status === 'active' ? 'bg-[#00D4AA]/10 text-[#00D4AA]' :
-                  stage.status === 'triggered' ? 'bg-amber-500/10 text-amber-400' :
-                  'bg-red-500/10 text-red-400'
-                }`}>
-                  {stage.status}
-                </span>
-                <ChevronDown 
-                  size={16} 
-                  className={`text-zinc-600 transition-transform ${
-                    expandedStages.includes(stage.id) ? '' : '-rotate-90'
-                  }`}
-                />
-              </div>
-            </button>
-          
-            {/* Ultra Compact Content - 4 Column Grid */}
-            {expandedStages.includes(stage.id) && (
-              <div className="px-4 py-3 bg-[#0a0a0b]">
-                <div className="grid grid-cols-4 gap-x-6 gap-y-3">
-                  
-                  {/* Column 1: Input & Data Source */}
-                  <div className="space-y-3">
-                    <div>
-                      <h4 className="text-[8px] font-black text-zinc-600 uppercase tracking-widest mb-1">Input Dependency</h4>
-                      <code className="text-[10px] text-zinc-300 font-mono">{stage.inputDependency}</code>
+                {/* card */}
+                <div className="flex-1 mb-2">
+                  <button
+                    onClick={() => toggleStage(stage.id)}
+                    className="w-full flex items-center justify-between px-4 py-3 rounded-t-lg border border-[#1e1e20] bg-[#161618] hover:border-[#00D4AA] transition-all"
+                  >
+                    <div className="flex items-center gap-3">
+                      <span className="text-sm font-semibold text-white uppercase tracking-tight">{stage.name}</span>
+                      <span className="text-xs text-zinc-500">— {stage.purpose}</span>
                     </div>
-                    <div className="pt-2 border-t border-zinc-800">
-                      <h4 className="text-[8px] font-black text-zinc-600 uppercase tracking-widest mb-1">Data Source</h4>
-                      <div className="flex items-center gap-1.5">
-                        <Database size={10} className="text-purple-400" />
-                        <code className="text-[10px] text-purple-300 font-mono font-semibold">{stage.dataSource}</code>
+                    <div className="flex items-center gap-2.5">
+                      <div className={`inline-flex px-3 py-1 rounded border ${col.bg} ${col.border}`}>
+                        <span className={`text-[10px] font-bold uppercase tracking-tight ${col.text}`}>
+                          {stage.status}
+                        </span>
                       </div>
+                      <ChevronDown
+                        size={14}
+                        className="text-zinc-500 transition-transform duration-200"
+                        style={{ transform: open ? 'rotate(0deg)' : 'rotate(-90deg)' }}
+                      />
                     </div>
-                  </div>
+                  </button>
 
-                  {/* Column 2: Fields Used */}
-                  <div>
-                    <h4 className="text-[8px] font-black text-zinc-600 uppercase tracking-widest mb-2">Fields Used</h4>
-                    <div className="flex flex-wrap gap-1">
-                      {stage.fieldsUsed.map((field, idx) => (
-                        <span
-                          key={idx}
-                          className="px-1.5 py-0.5 bg-zinc-900 border border-zinc-800 rounded text-[9px] font-mono text-zinc-400"
-                        >
-                          {field}
-                        </span>
-                      ))}
-                    </div>
-                  </div>
+                  {open && (
+                    <div className="border border-t-0 border-[#1e1e20] rounded-b-lg bg-[#161618] px-4 py-4">
+                      <div className="grid grid-cols-4 gap-4">
 
-                  {/* Column 3: Conditions - Box for Important Info */}
-                  <div>
-                    <h4 className="text-[8px] font-black text-zinc-600 uppercase tracking-widest mb-2">Detection Conditions</h4>
-                    <div className="bg-zinc-900/50 border border-zinc-800 rounded-lg p-2 space-y-1">
-                      {stage.conditions.map((condition, idx) => (
-                        <div key={idx} className="flex items-start gap-1.5">
-                          <span className="text-[#00D4AA] text-xs">•</span>
-                          <code className="text-[9px] text-zinc-300 font-mono leading-tight flex-1">{condition}</code>
+                        {/* col 1 – source */}
+                        <div className="space-y-3">
+                          <div>
+                            <p className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-1.5">Input Dependency</p>
+                            <div className="text-xs text-zinc-300 font-medium">{stage.inputDependency}</div>
+                          </div>
+                          <div>
+                            <p className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-1.5">Data Source</p>
+                            <div className="flex items-center gap-1.5">
+                              <Database size={12} className="text-[#00D4AA]" />
+                              <div className="text-xs text-[#00D4AA] font-semibold">{stage.dataSource}</div>
+                            </div>
+                          </div>
+                        </div>
+
+                        {/* col 2 – fields */}
+                        <div>
+                          <p className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-1.5">Fields Used</p>
+                          <div className="flex flex-wrap gap-1.5">
+                            {stage.fieldsUsed.map((f, i) => (
+                              <span key={i} className="px-2 py-0.5 bg-[#0a0a0b] border border-[#1e1e20] rounded text-[10px] text-zinc-400 font-medium">{f}</span>
+                            ))}
+                          </div>
+                        </div>
+
+                        {/* col 3 – conditions */}
+                        <div>
+                          <p className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-1.5">Detection Conditions</p>
+                          <div className="bg-[#0a0a0b] border border-[#1e1e20] rounded-lg p-3 space-y-2">
+                            {stage.conditions.map((c, i) => (
+                              <div key={i} className="flex items-start gap-1.5">
+                                <span className="text-[#00D4AA] text-sm leading-tight">•</span>
+                                <div className="text-xs text-zinc-300 leading-tight font-medium">{c}</div>
+                              </div>
+                            ))}
+                          </div>
+                        </div>
+
+                        {/* col 4 – threshold + output */}
+                        <div className="space-y-3">
+                          <div>
+                            <p className="text-[10px] font-black text-zinc-400 uppercase tracking-widest mb-1.5">Threshold Logic</p>
+                            <pre className="text-xs text-zinc-400 whitespace-pre-wrap font-mono">{stage.thresholdLogic}</pre>
+                          </div>
+                          <div className={`p-3 rounded-lg border ${col.bg} ${col.border}`}>
+                            <p className="text-[10px] font-bold text-zinc-500 uppercase tracking-tight mb-1.5">Output Signal</p>
+                            <div className="flex items-center gap-1.5">
+                              <CheckCircle2 size={13} className={col.text} />
+                              <div className={`text-xs font-semibold ${col.text}`}>{stage.output}</div>
+                            </div>
+                          </div>
                         </div>
-                      ))}
-                    </div>
-                  </div>
 
-                  {/* Column 4: Threshold & Output - Box for Important Info */}
-                  <div className="space-y-3">
-                    <div>
-                      <h4 className="text-[8px] font-black text-zinc-600 uppercase tracking-widest mb-1">Threshold Logic</h4>
-                      <pre className="text-[9px] text-zinc-400 font-mono">{stage.thresholdLogic}</pre>
-                    </div>
-                    <div className={`p-2 rounded-lg border ${
-                      stage.status === 'active' ? 'bg-[#00D4AA]/10 border-[#00D4AA]/30' :
-                      stage.status === 'triggered' ? 'bg-amber-500/10 border-amber-500/30' :
-                      'bg-red-500/10 border-red-500/30'
-                    }`}>
-                      <h4 className="text-[8px] font-black text-zinc-600 uppercase tracking-widest mb-1">Output Signal</h4>
-                      <div className="flex items-center gap-1.5">
-                        <CheckCircle2 size={11} className={
-                          stage.status === 'active' ? 'text-[#00D4AA]' :
-                          stage.status === 'triggered' ? 'text-amber-400' :
-                          'text-red-400'
-                        } />
-                        <code className={`text-[9px] font-mono font-bold ${
-                          stage.status === 'active' ? 'text-[#00D4AA]' :
-                          stage.status === 'triggered' ? 'text-amber-400' :
-                          'text-red-400'
-                        }`}>
-                          {stage.output}
-                        </code>
                       </div>
                     </div>
-                  </div>
-
+                  )}
                 </div>
               </div>
-            )}
-          </div>
-        ))}
-      </div>
+            );
+          })}
+        </div>
 
-      {/* Compact Triggered When Section */}
-      <div className="bg-amber-500/10 border border-amber-500/30 rounded-lg p-3 flex items-center gap-3">
-        <AlertTriangle size={16} className="text-amber-400" />
-        <div>
-          <h3 className="text-[8px] font-black text-amber-400 uppercase tracking-widest">Triggered When:</h3>
-          <p className="text-[10px] text-zinc-300 font-mono">stage_1 signal exists for same host and time difference &lt; 15 minutes</p>
+        {/* TRIGGERED WHEN */}
+        <div className="flex items-center gap-4 border border-[#1e1e20] rounded-xl overflow-hidden bg-[#161618] shadow-sm">
+          <div className="flex items-center justify-center px-4 py-4 bg-[#0a0a0b]">
+            <AlertTriangle size={20} className="text-[#00D4AA]" />
+          </div>
+          <div className="py-3 flex-1">
+            <span className="text-xs font-bold text-[#00D4AA] uppercase tracking-wide">Triggered When: </span>
+            <span className="text-sm text-zinc-300 font-medium">
+              stage_1 signal exists for same host &amp;&amp; time_diff {'<'} 15 minutes
+            </span>
+          </div>
         </div>
+
       </div>
     </div>
   );
-};
-
-export default UseCaseDetailPage;
\ No newline at end of file
+}
\ No newline at end of file
diff --git a/ui/pages/UseCasesCatalogPage.tsx b/ui/pages/UseCasesCatalogPage.tsx
index 2b3d367..ccc16bb 100644
--- a/ui/pages/UseCasesCatalogPage.tsx
+++ b/ui/pages/UseCasesCatalogPage.tsx
@@ -56,8 +56,8 @@ const CATEGORIES = [
   { id: 'ALL', label: 'All Categories', color: 'zinc' },
   { id: 'MALWARE', label: 'Malware', color: 'red' },
   { id: 'EXFILTRATION', label: 'Exfiltration', color: 'blue' },
-  { id: 'LATERAL_MOVEMENT', label: 'Lateral Movement', color: 'purple' },
-  { id: 'RECONNAISSANCE', label: 'Reconnaissance', color: 'amber' }
+  { id: 'LATERAL_MOVEMENT', label: 'Lateral Movement', color: 'orange' },
+  { id: 'RECONNAISSANCE', label: 'Reconnaissance', color: 'yellow' }
 ];
 
 interface Props {
@@ -80,35 +80,35 @@ const UseCasesCatalogPage: React.FC<Props> = ({ onSelectUseCase }) => {
   };
 
   return (
-    <div className="animate-in fade-in duration-500 max-w-[1300px] mx-auto space-y-8 pb-32">
+    <div className="animate-in fade-in duration-500 max-w-[1300px] mx-auto space-y-6 pb-32 px-4">
       
       {/* Header */}
       <div className="space-y-3">
-        <h1 className="text-xl font-black text-white uppercase tracking-tight">Detection Catalog</h1>
-        <p className="text-xs text-zinc-500 font-medium">Review architectural logic and multi-stage behavioral detection modules.</p>
+        <h1 className="text-xl font-bold text-white uppercase tracking-tight">Detection Catalog</h1>
+        <p className="text-sm text-zinc-400">Review architectural logic and multi-stage behavioral detection modules.</p>
       </div>
 
       {/* Search and Filters */}
       <div className="flex items-center gap-4">
         {/* Search Bar */}
-        <div className="flex-1 relative group">
-          <Search size={18} className="absolute left-4 top-1/2 -translate-y-1/2 text-zinc-600 group-focus-within:text-cyan-400 transition-colors" />
+        <div className="flex-1 relative">
+          <Search size={18} className="absolute left-4 top-1/2 -translate-y-1/2 text-zinc-400 z-10 pointer-events-none" />
           <input
             type="text"
             placeholder="Search use cases..."
             value={searchQuery}
             onChange={(e) => setSearchQuery(e.target.value)}
-            className="w-full bg-zinc-900/60 border border-zinc-800 rounded-lg pl-12 pr-4 py-3.5 text-xs text-white outline-none focus:border-cyan-600 transition-colors"
+            className="w-full bg-zinc-900/60 backdrop-blur-md border border-white/10 rounded-lg pl-12 pr-6 py-3 text-sm text-zinc-200 outline-none focus:border-[#00D4AA] transition-all placeholder:text-zinc-500"
           />
         </div>
 
         {/* Category Filter */}
         <div className="flex items-center gap-3">
-          <Filter size={14} className="text-zinc-600" />
+          <Filter size={14} className="text-zinc-500" />
           <select
             value={selectedCategory}
             onChange={(e) => setSelectedCategory(e.target.value)}
-            className="bg-[#0a0a0b] border border-zinc-800 text-[10px] font-black text-zinc-400 uppercase tracking-widest px-6 py-3.5 rounded-lg outline-none cursor-pointer hover:border-zinc-700 transition-colors"
+            className="bg-[#0a0a0b] border border-[#1e1e20] text-xs font-bold text-zinc-400 uppercase tracking-wide px-6 py-3 rounded-lg outline-none cursor-pointer hover:border-zinc-700 transition-all"
           >
             {CATEGORIES.map(cat => (
               <option key={cat.id} value={cat.id}>{cat.label}</option>
@@ -118,7 +118,7 @@ const UseCasesCatalogPage: React.FC<Props> = ({ onSelectUseCase }) => {
       </div>
 
       {/* Results Count */}
-      <div className="text-[10px] text-zinc-600 uppercase tracking-widest font-black">
+      <div className="text-[10px] text-zinc-500 uppercase tracking-widest font-bold">
         Showing {filteredUseCases.length} use case{filteredUseCases.length !== 1 ? 's' : ''}
       </div>
 
@@ -131,55 +131,57 @@ const UseCasesCatalogPage: React.FC<Props> = ({ onSelectUseCase }) => {
             <div
               key={useCase.id}
               onClick={() => handleUseCaseClick(useCase.id)}
-              className="bg-[#0a0a0b] border border-zinc-800 rounded-xl p-3 hover:border-[#00D4AA] transition-all cursor-pointer group relative overflow-hidden shadow-xl"
+              className="bg-[#161618] border border-[#1e1e20] rounded-xl p-6 hover:border-[#00D4AA] transition-all cursor-pointer group relative overflow-hidden shadow-sm space-y-4"
             >
               {/* Category Badge */}
               <div className="absolute top-4 right-4">
-                <span className={`px-2.5 py-1 rounded text-[8px] font-black uppercase tracking-widest border ${
-                  useCase.category === 'MALWARE' ? 'bg-red-500/10 text-red-400 border-red-500/30' :
-                  useCase.category === 'EXFILTRATION' ? 'bg-blue-500/10 text-blue-400 border-blue-500/30' :
-                  useCase.category === 'LATERAL_MOVEMENT' ? 'bg-purple-500/10 text-purple-400 border-purple-500/30' :
-                  'bg-amber-500/10 text-amber-400 border-amber-500/30'
+                <div className={`inline-flex px-3 py-1 rounded border ${
+                  useCase.category === 'MALWARE' ? 'bg-red-500/10 text-red-500 border-red-500/20' :
+                  useCase.category === 'EXFILTRATION' ? 'bg-blue-500/10 text-blue-500 border-blue-500/20' :
+                  useCase.category === 'LATERAL_MOVEMENT' ? 'bg-orange-500/10 text-orange-500 border-orange-500/20' :
+                  'bg-yellow-500/10 text-yellow-500 border-yellow-500/20'
                 }`}>
-                  {category?.label.toUpperCase()}
-                </span>
+                  <span className="text-[10px] font-bold uppercase tracking-tight">
+                    {category?.label}
+                  </span>
+                </div>
               </div>
 
               {/* Icon */}
               <div 
-  className="text-[#00D4AA] " 
-  dangerouslySetInnerHTML={{ __html: useCase.icon }}
-/>
+                className="text-[#00D4AA]" 
+                dangerouslySetInnerHTML={{ __html: useCase.icon }}
+              />
 
               {/* Content */}
               <div className="space-y-3">
-                <h3 className="text-base font-black text-white group-hover:text-[#00D4AA] transition-colors tracking-tight">
+                <h3 className="text-sm font-semibold text-white group-hover:text-[#00D4AA] transition-colors">
                   {useCase.name}
                 </h3>
-                <p className="text-xs text-zinc-400 leading-relaxed line-clamp-2">
+                <p className="text-sm text-zinc-400 leading-relaxed line-clamp-2">
                   {useCase.description}
                 </p>
               </div>
 
               {/* Stats */}
-              <div className="flex items-center gap-6 mt-5 pt-5 border-t border-zinc-800">
+              <div className="flex items-center gap-6 pt-4 border-t border-[#1e1e20]">
                 <div className="flex items-center gap-2">
-                  <Layers size={12} className="text-zinc-600" />
-                  <span className="text-[10px] text-zinc-500 font-black uppercase tracking-widest">
+                  <Layers size={12} className="text-zinc-500" />
+                  <span className="text-[10px] text-zinc-500 font-bold uppercase tracking-tight">
                     {useCase.stages} Stages
                   </span>
                 </div>
                 <div className="flex items-center gap-2">
-                  <AlertTriangle size={12} className="text-zinc-600" />
-                  <span className="text-[10px] text-zinc-500 font-black uppercase tracking-widest">
+                  <AlertTriangle size={12} className="text-zinc-500" />
+                  <span className="text-[10px] text-zinc-500 font-bold uppercase tracking-tight">
                     {useCase.signals} Signals
                   </span>
                 </div>
               </div>
 
               {/* Hover Arrow */}
-              <div className="absolute bottom-4 right-4 opacity-0 group-hover:opacity-100 transition-opacity">
-                <ChevronRight size={18} className="text-cyan-400" />
+              <div className="absolute bottom-4 right-4 opacity-0 group-hover:opacity-100 transition-all">
+                <ChevronRight size={18} className="text-[#00D4AA]" />
               </div>
             </div>
           );
@@ -188,12 +190,12 @@ const UseCasesCatalogPage: React.FC<Props> = ({ onSelectUseCase }) => {
 
       {/* Empty State */}
       {filteredUseCases.length === 0 && (
-        <div className="text-center py-24">
-          <Shield size={48} className="text-zinc-800 mx-auto mb-4" />
-          <p className="text-[10px] text-zinc-600 font-black uppercase tracking-widest">
+        <div className="flex flex-col items-center justify-center py-24 opacity-30">
+          <Shield size={48} className="text-zinc-600 mb-4" />
+          <h3 className="text-sm font-bold text-zinc-500 uppercase tracking-wider mb-2">
             No use cases found
-          </p>
-          <p className="text-xs text-zinc-700 mt-2">
+          </h3>
+          <p className="text-xs text-zinc-600">
             Try adjusting your filters or search query
           </p>
         </div>