Security Alert Center

My role: Product and UX Design, Design System Implementation | Industry: Cybersecurity, SaaS

Background

The Security Command Center (SCC) serves as the customer portal for monitoring alerts and threats, as well as determining if these indicators escalate into incidents. However, its UI/UX have resulted in significant friction, alert fatigue, and a pervasive sense of disorientation within the product.

Case Study

View my in depth analysis of the Security Alert Center case study.

Discovery,Design,Validate, and Refine

In partnership with the Executive Leadership Team and other key stakeholders, we strategically decomposed this initiative into four distinct phases, outlined below.

Goal

To enhance the UI, streamline alert triaging, and optimize the incident management workflow from the perspectives of L1 and L2 analysts, this initiative focuses on improving overall UI hygiene and standardization.

Discovery

Research, Tech Assessment, Competitive Landscape, Heruistic’s

We started with knowledge share, SME interviews , observational assessments, and customers interviews. During sessions with analysts, the target users address needs and pain point using the current versions of SCC.

  1. A Better Hierarchy & Selection Model
    in Order to Help Reduce Cognitive Load

  2. A Clear Starting Point & Workflow
    for L1 & L2 Analysts

  3. Apply New Brand + Design Language

  4. Clean Up the Application of Design Conventions
     & Address Visual Clutter

10

Subject Matter Interviews

The old version of the Security Command Center (SCC)

13

Customer Interviews

Design

The design phase consisted of whiteboard sessions, journey maps, UX Wireframes, visual design and building prototype's.

Whiteboard session with key stakeholders.

Dashboard (aka Stacks) Wireframe

Dashboard (aka Stacks) Wireframe

Alert Detail Wireframe

Alert Detail Wireframe

Bulk Incident Creation Wireframe

Bulk Incident Creation Wireframe

Validation

Reducing Cognitive Load

Like that they don’t have to go into a lot of tabs. “It’s a lot easier to keep track where you are.
— Kelly, L3 Analyst

Improving Hierachy

I can already see there’s filtering going on here on the left. Oh, OK. I can modify stacks and it’s going to apply to the alert list. Yes, this makes sense. Very initiative.
— Johana, Engineering Lead

Starting point for L1+L2 Analysts

This is better than SCC 1.0 , so yes!…I think it could help with triaging incidents and alerts more easily and with less time.
— Daniel, L3 Analyst

Refinement & Delivery

Alerts Detail

Alerts Detail

View as Violators Detail

View as Violators Detail

Dark Mode Alerts Detail

Dark Mode Alerts Detail

Stacks Dashboard Dark Mode

Stacks Dashboard Dark Mode

Next

AI Search and AI Incident Response