New tiles for SecureX

Designed actionable, informative tiles that help security analysts find and squash threats faster.

Internship project for Cisco SecureX | Aug 2021 - Jan 2022

 

Background

As part of my internship with the UX Design team at Cisco SecureX, I was tasked with creating a set of new tiles for the SecureX dashboard, a tool that helps security analysts protect their company’s network from malicious attacks and bad actors. To complete this project, I collaborated with product managers, developers, and customers to bring new & relevant information from Cisco Secure Endpoint to SecureX’s tile dashboard.

From conducting interviews and feedback sessions with customers to creating & iterating on the tile designs, I was fortunate to ship the design to production in January of 2022 with the help of my team and our trusty beta customers.

Time: Aug 2021 - Jan 2022

Role: UI/UX Designer

Team:

Product managers: Eduardo Stumpf Silva, Petr Cernohorsky

Design managers: Chloe Cooke-Warren, Brian Maloney

Tools:

Figma

Skills:

UX research

UI design

Prototyping

Cross-product collaboration

The problem

 

Most users didn’t find the Secure Endpoint tiles in SecureX actionable.

Secure Endpoint had tiles available in SecureX, but in customers calls, users told us that the tiles were more helpful for management higher-ups, and didn’t help security analysts and incident responders target everyday threats. Since SecureX is meant to be the central hub for detecting cyberattacks, we knew that it was time for a redesign.

Process

A bit of context

I was interning with SecureX, Cisco’s cybersecurity product that acts as a central hub to synthesize data from other security products, one of which being Secure Endpoint. Secure Endpoint specializes in protecting endpoints (devices like laptops, desktops, and phones) in a network from cyberattacks. 

To deliver this project, I collaborated with PM’s, engineers, and designers from both SecureX and Secure Endpoint to design tiles that live in SecureX, powered by information from Secure Endpoint. 

 

SecureX

Secure Endpoint

Defining the problem

 

User research on existing SecureX customers showed that:

  • About 68% of users interacting with Secure Endpoint Tiles were either Incident Responders, Security Analysts, or Security Engineers (the people in the trenches, protecting their networks from daily cyberattacks).

  • Users’ highest priorities in SecureX were to improve cyber hygiene, reduce threat detection time, and reduce threat response time (they wanted to find and fix problems, faster).

  • Users wanted to view and take action on top compromised devices.

Secure Endpoint’s tiles on the SecureX dashboard showed broad, overarching figures and facts that helped the upper-level management of our customers understand what was going on. However, those figures and facts weren’t actionable, and didn’t help the analysts target individual threats and attacks.

 

The original Secure Endpoint tiles; overarching figures, but doesn’t show the analyst what they should do next.

The goal

 

Design actionable, informative tiles that help security analysts find and squash threats faster.

The process

 

Collaboration is key

The design process for this project was HIGHLY collaborative - I led over 15 interviews with our beta customers to collect opinions and feedback on my designs. I also collaborated with around 20 engineers, designers, and product managers from SecureX and Secure Endpoint to understand logistical constraints and company best practices.

Iterate, iterate, iterate

Most of the design process was spent iterating on customer and expert feedback, and I had regular 1:1’s with PM’s to ensure the design was headed in the right direction. Although we faced some technical and logistical constraints, we eventually were able to land on a great design!

 Deliver

Highlight what’s important

To help the security analysts identify the biggest and baddest threats in their inboxes, we included a variety of tiles that highlighted the most urgent and recent security compromises.

 

Incident manager

An incident manager tile was requested multiple times by our users, and we delivered. This widget brings critical information and and links from Cisco’s Threat Response into SecureX, giving analysts another look into how to start their day.

Enhanced visibility with MITRE Tactics & Techniques

To further enrich the analysts’ experience, we included MITRE Attacks and Tactics information for each endpoint compromise to further inform the severity and type of compromise that occurred.

 

I learned…

 

  • Don’t be afraid to ask questions! In a broad and highly technical field like cybersecurity, asking the right questions is critical to understanding the problem space.

  • There are often multiple stakeholders involved in any project - talk to as many of them as possible, as soon as possible.

If I had more time, I would…

 

  • Gather more requirements and constraints from engineers to further refine the tile design.

  • Conduct more in-depth usability studies after the beta customers have integrated the new tiles into their dashboards.

The purpose of this write-up is to document my design process and experience, and does not reflect Cisco or their products.