jose

Securonix

Dec 2023 - January 2024

Reducing response time and damage for threats

Enhancing primary KPIs in search.

Role

Product Designer
User Research, Interaction, Visual Design, Prototyping & Testing

team

Senior Designer (Me)
Product Manager

Setting the stage

The search query feature in a SIEM platform allows security analysts to sift through large volumes of security data to identify and mitigate potential threats. It enables security teams to tailor their searches and proactively hunt for signs of threats, reducing response time and minimizing damage.

Identifying the core challenges

I knew from previous qualitative research sessions our users where experiencing these challenges:

  • Slow loading time: The search query system was taking more than five minutes to complete complex queries leaving users in the dark, with no way of knowing the status, increasing frustration resulting in a drop in usage.

  • Overwhelming complexity: The feature had an excessive amount of poor quality data, which created noise and information paralysis for users, making it harder to make decisions, resulting in increased time on task and frustration.

Validating User Sentiments:
The Role of Analytics

By setting up segments and funnels I could identify pain points and less used features, validating our assumptions about user frustration.

What I found:

  • Underused high-cost feature

  • Filters as a pain point

  • Slow loading time

Redesigning the Search Query Page

Guided by analytics and previous research, I redesigned the search page for enhanced usability, inspired by B2C models and competitive insights. The interface now offers streamlined navigation and quick data access, thanks to new filters, a better layout, and simplified sections. These improvements aim to reduce user frustration, boost conversion rates, and lower bounce rates.

Search loading time

To combat the slow loading times and lack of feedback to provide context I introduce a loading bar and a fast mode. This provided context and set the expectations, and most of all gave users a choice to run queries faster reducing frustration, bounce rate, and encouraging users to make more use of the search.

Before

After

  • 1. Minimum System Status: Took over 5 mins to load, with no feedback during and after the process.

  • 2. High bounce rate: While waiting users would open another tab and forget about it.

  • 1. Visibility and anticipating needs: Provides a loading status for better understanding and notifies when done. No more forgetting.

  • 2. Provide a choice: Visual trade off for instant load, useful for corroboration and validation use cases .

Visibility and anticipating needs: Provides a loading status for better understanding and notifies when done. No more forgetting.

Provide a choice: Visual trade off for instant load, useful for corroboration and validation use cases .

Making sense and streamlining the experience

To tackle complexity I improved the navigation's information architecture, move underused features, streamline design elements, prioritizing recent queries, adding personalization features, and incorporating powerful filters. These changes aim to simplify interactions, increase satisfaction, and boost conversion rates.

Before

After

  • 1. Complexity turned frustration: Confusing navigation with overlapping features and unclear wording causing uncertainty.

  • 2. Reducing overhead: Following research and analysis, the underused high-cost feature has been shifted to the "Dashboards" for on-demand access, improving cost-efficiency.


1. Complexity turned frustration: Confusing navigation with overlapping features and unclear wording causing uncertainty.

2. Reducing overhead: Following research and analysis, the underused high-cost feature has been shifted to the "Dashboards" for on-demand access, improving cost-efficiency.


  • 1. Narrow the focus: To boost conversion rates I simplify and unify elements, use familiar language, and reduce cognitive load in the IA of the navigation.

  • 2. Respect the mental model: Prioritizing recent queries enhances user experience by providing a familiar reference point, streamlining task completion, and increasing satisfaction.

1. Narrow the focus: To boost conversion rates, simplify and unify elements, use familiar language, and reduce cognitive load.

2. Respect the mental model: Prioritizing recent queries enhances user experience by providing a familiar reference point, streamlining task completion, and increasing satisfaction.

  • 1. Navigating the data flood : Users find themselves with overwhelming unhelpful data, leaving them to search for meaning.

  • 2. Looks like a filter, it's not a filter: This feature cause confusion as it didn't met user's expectations of a common filter pattern, resulting in frustration.

1. Navigating the data flood : Users find themselves with overwhelming unhelpful data, leaving them to search for meaning.

2. Looks like a filter, it's not a filter: This feature cause confusion as it didn't met user's expectations of a common filter pattern, resulting in frustration.

  • 1. Make it my own: Allowing users to select fields and save views that are important to them made the data more relevant through personalization, reducing time on task and increase satisfaction.

  • 2. Provide a choice: Powerful filters let users easily zoom in and out in their investigation, while keeping them in control.

1. Make it my own: Allowing users to select fields and save views that are important to them made the data more relevant through personalization, reducing time on task and increase satisfaction.

2. Provide a choice: Powerful filters let users easily zoom in and out in their investigation, while keeping them in control.

Impact

By focusing on the core user needs and employing a strategic redesign, it was possible to transform a slow and cumbersome query system into a fast, efficient, and user-friendly platform.

The new design improve bounce (68%) and conversion rates (44%), and improved users’ satisfaction.

Improved key business KPIs like Mean Time to Detect (MTTD) in 24% and Mean Time to Remediate (MTTR) in 17%.

" You can't find all the holes in the network, but you can be responsible for the ones you are aware of - This changes makes being aware easier " - Cybersecurity Analyst

How this exploration lead to reinventing the whole platform as an AI First product.

AI for a more human experience

How can we leverage AI to lower the entry barrier and be more inclusive.

While we have made significant strides in enhancing the query speed and user experience, the next step is to reduce the starting barrier by implementing AI to translate simple language to query language as well as a compare feature for a smoother transition between searching for information and taking action. These features started exploration but where deprioritized due to development debt and the deadline.

Search for All

Empowering everyone with AI: The idea is simple but powerful, offer simple language to query translation reducing the entry barrier and helping users understand query language.

Filter for All

Find data your way: Use simple language to create advance filtering, reducing the entry barrier and filter complexity .

Don't be shy, say hi!

Let's Connect

Don't be shy, say hi!

Let's Connect

Nav

Home

About