PRODUCT DESIGN
VISUAL DESIGN
APR 2022 — OCT 2022

Optimizing the User Experience of Vulnerability Management in a Cybersecurity Hub

Optimizing the User Experience of Vulnerability Management in a Cybersecurity Hub

Collaborated With

Monsoonfish Studio, Pune

HivePro, California

The team

Project Manager, Lead UX Designer, 2 Visual Designers, Client Team (2 Heads of Products)

Role

Product Designer; Lead UX Designer

scope of work

Experience Strategy, UX Design, Visual Design

My Responsibilities

Stakeholder Engagement

UX Design & Architecture

Visual Design

Overview

Kronos is a cybersecurity solution for mid-sized and large organizations, offering a unified platform to streamline security operations. It consolidates fragmented processes into an end-to-end workflow for investigating, discovering, and addressing vulnerabilities, providing a comprehensive view of an organization’s safety standpoint.

Kronos is a cybersecurity solution for mid-sized and large organizations, offering a unified platform to streamline security operations. It consolidates fragmented processes into an end-to-end workflow for investigating, discovering, and addressing vulnerabilities, providing a comprehensive view of an organization’s safety standpoint.

Kronos is a cybersecurity solution for mid-sized and large organizations, offering a unified platform to streamline security operations. It consolidates fragmented processes into an end-to-end workflow for investigating, discovering, and addressing vulnerabilities, providing a comprehensive view of an organization’s safety standpoint.

Built specifically for Security Operations Center (SOC) teams, Kronos implements role-based permissions during onboarding, ensuring secure and customized access for each user. Recent development efforts focused on enhancing the prominence and functionality of vulnerability management—a cornerstone of effective cybersecurity operations.

Built specifically for Security Operations Center (SOC) teams, Kronos implements role-based permissions during onboarding, ensuring secure and customized access for each user. Recent development efforts focused on enhancing the prominence and functionality of vulnerability management—a cornerstone of effective cybersecurity operations.

Built specifically for Security Operations Center (SOC) teams, Kronos implements role-based permissions during onboarding, ensuring secure and customized access for each user. Recent development efforts focused on enhancing the prominence and functionality of vulnerability management—a cornerstone of effective cybersecurity operations.

IMPROVED FEATURE

IMPROVED FEATURE
IMPROVED FEATURE

The new features and updates focused on two key areas: enhancing customization options and introducing new dashboards with fresh data visualizations and distinct information sets.

The new features and updates focused on two key areas: enhancing customization options and introducing new dashboards with fresh data visualizations and distinct information sets.

The new features and updates focused on two key areas: enhancing customization options and introducing new dashboards with fresh data visualizations and distinct information sets.

Enhancing Vulnerability Management with Advanced Customization Tools

Enhancing Vulnerability Management with Advanced Customization Tools
Enhancing Vulnerability Management with Advanced Customization Tools

Vulnerability lists are a core feature of the platform, providing an overview of all vulnerabilities based on priority, status, and other criteria.

To address the challenge of managing the large number of lists generated by the platform, we implemented a robust system for grouping, filtering, and sorting. This functionality allows users to organize lists based on relevant factors, making it easier to locate and manage specific items.

To address the challenge of managing the large number of lists generated by the platform, we implemented a robust system for grouping, filtering, and sorting. This functionality allows users to organize lists based on relevant factors, making it easier to locate and manage specific items.

To address the challenge of managing the large number of lists generated by the platform, we implemented a robust system for grouping, filtering, and sorting. This functionality allows users to organize lists based on relevant factors, making it easier to locate and manage specific items.

Vulnerability Lists

Building on existing interfaces and data visualizations, we enhanced the system to empower users to categorize and classify vulnerabilities according to their specific needs and organizational objectives. This includes an elaborate rule-based system that allows users to set specific parameters for classification, offering granular control. These enhancements introduced greater customization, enabling auto-generated lists while delivering a more tailored and user-friendly experience.

Building on existing interfaces and data visualizations, we enhanced the system to empower users to categorize and classify vulnerabilities according to their specific needs and organizational objectives. This includes an elaborate rule-based system that allows users to set specific parameters for classification, offering granular control. These enhancements introduced greater customization, enabling auto-generated lists while delivering a more tailored and user-friendly experience.

Building on existing interfaces and data visualizations, we enhanced the system to empower users to categorize and classify vulnerabilities according to their specific needs and organizational objectives. This includes an elaborate rule-based system that allows users to set specific parameters for classification, offering granular control. These enhancements introduced greater customization, enabling auto-generated lists while delivering a more tailored and user-friendly experience.

Editing a Classification Rule

Applying New Rules

Prioritization Settings

NEW FEATURE

NEW FEATURE
NEW FEATURE

Improved Flexibility in Report and Scan Scheduling

Improved Flexibility in Report and Scan Scheduling
Improved Flexibility in Report and Scan Scheduling

Reports and scans are essential, recurring actions for any cybersecurity platform. In the updated version, we expanded the customization options for generating and scheduling scans or reports, allowing for one-time or recurring generation, specifying frequency, and determining report distribution.

Additionally, the list interface was enhanced to include proper segregation, along with options to view, edit, and access previous versions of any scheduled or generated reports and scans.

Scanning Task Flow

Scan Schedule - Setting Up Custom Scan

One Time Scan - Recurring Scan

Edit Scheduled Scan

Scan in Progress

Reports featured predesigned categories in the form of templates that could be generated based on the data. Users could schedule reports and share them with a specified list of recipients on a recurring basis, with the flexibility to edit these settings at any time.

Reports Schedule - Previous Reports

Scheduling Reports

NEW FEATURE

NEW FEATURE
NEW FEATURE

Prioritized Dashboards for Critical Data

Prioritized Dashboards for Critical Data
Prioritized Dashboards for Critical Data

One of the client requirements was to introduce a set of dashboards that clearly highlight key data points, categorized by data type, to help users focus on high-priority information.

The vulnerability prioritization dashboard, in particular, needed to showcase the most critical vulnerabilities in the system. It was designed to maintain consistency with the previous dashboard structures, while also standing out as a distinct model that emphasized urgency and severity.

We explored a series of wireframes and data visualizations to design an efficient interface that displayed all key information within a single screen fold, eliminating the need for scrolling.

Wireframes

To enhance the user experience, the dashboard was made dynamic: users could hover over data points to reveal additional context about the criticality of each vulnerability, such as its impact and likelihood. This interactive feature allowed users to gain deeper insights without overwhelming them with too much information at once.

30+ Iterations

Data visualization was achieved primarily through graphs, and careful attention was given to ensure that graphs with multiple datasets remained clear and easy to interpret, avoiding unnecessary complexity while conveying all relevant details.

Final Dashboard

TV Mode

Reflections
Key-Takeaways & Learnings

Iterate, iterate, iterate. These dashboard wireframes were among the most complex visualizations I’ve created. From sketches to low-fidelity wireframes to high-fidelity versions, each variation and graph I experimented with deepened my understanding of the data. Through this, we eventually arrived at a solution that truly works.

Iterate, iterate, iterate. These dashboard wireframes were among the most complex visualizations I’ve created. From sketches to low-fidelity wireframes to high-fidelity versions, each variation and graph I experimented with deepened my understanding of the data. Through this, we eventually arrived at a solution that truly works.

Iterate, iterate, iterate. These dashboard wireframes were among the most complex visualizations I’ve created. From sketches to low-fidelity wireframes to high-fidelity versions, each variation and graph I experimented with deepened my understanding of the data. Through this, we eventually arrived at a solution that truly works.

Understanding the data is crucial for effective analysis, prioritization, and visualization. Not only did I need to understand the specific data points cybersecurity experts require, but I also realized that having a basic working knowledge of the domain is essential for designing solutions that genuinely help the user.

Understanding the data is crucial for effective analysis, prioritization, and visualization. Not only did I need to understand the specific data points cybersecurity experts require, but I also realized that having a basic working knowledge of the domain is essential for designing solutions that genuinely help the user.

Understanding the data is crucial for effective analysis, prioritization, and visualization. Not only did I need to understand the specific data points cybersecurity experts require, but I also realized that having a basic working knowledge of the domain is essential for designing solutions that genuinely help the user.

What could be done differently?

Stress testing with real-world scenarios would have been useful to run the product through simulated real-world cybersecurity scenarios to see how it performs under pressure. This could have identified potential gaps and allowed for more focused refinement.

Stress testing with real-world scenarios would have been useful to run the product through simulated real-world cybersecurity scenarios to see how it performs under pressure. This could have identified potential gaps and allowed for more focused refinement.

Stress testing with real-world scenarios would have been useful to run the product through simulated real-world cybersecurity scenarios to see how it performs under pressure. This could have identified potential gaps and allowed for more focused refinement.

You’ve reached the end. Thank you for stopping by.

Back to Top

Get in Touch

LinkedIn

Work

After Hours

About

Resume

You’ve reached the end. Thank you for stopping by.

Back to Top

Get in Touch

LinkedIn

Work

After Hours

About

Resume

You’ve reached the end. Thank you for stopping by.

Back to Top

Get in Touch

LinkedIn

Work

After Hours

About

Resume