Case Study > In 30s

The Problem
Security and development teams are overwhelmed by a flood of vulnerabilities and misconfigurations. With limited time and resources, they struggle to prioritize what matters most—and often don’t know which issues pose the highest risk.

The Solution
We introduced a feature called Risks, which gives customers a single page view of the most critical attack paths likely to be exploited by malicious actors. Users can also define their own custom risks to detect organization-specific conditions. To accelerate decision-making, we visualized these paths, helping teams quickly understand the affected resources and issues. We prioritized which specific findings of the path we suggest a team focus on fixing, to further help take action.

The Impact
Risk and Custom Risk have become some of the most heavily used features in our platform. Customers have requested more features because of its heavy usage. It is a first stop page for teams needing to prioritize work.

My Role
I led the end-to-end UX strategy and rollout. I designed the UX/UI for the Risks page, the custom risk creation flow, and the attack path visualizations using the React Flow library. My work on the flow component’s behavior was adopted and scaled by other teams across the product.

***

About the Company:

• What we do: SaaS cybersecurity for mid-size and enterprise companies

• Size: 600 employees, still startup-minded

• Design team: 10 Design Team Members, 4 Designers on my team. I am an IC and Director

• Shift in users: Market shifted so personas shifted > from DevOps engineers to security teams focused on outcomes, not fixes

• Product Background: Engineering-led roots caused UX issues as users became less technical

• Customer goals our product solves:

  • Don’t get hacked

  • Don’t break laws

  • Ship features fast