Threat Hunting

Role

App Design

User Research

FTUX Design

Team

1 Product Manager

2 Frontend Engineers

Timeline

April 2022 - Aug 2022

Searching for cyber threats inside company backup data with ease

Context

I worked as the sole designer for Rubrik's new threat hunting feature. It was a project spanning 6 months from conception to implementation. I conducted research, ideation, and designed the feature in 3 months.

What is Threat Hunting?

Recently companies are being targeted by ransomware attacks. With time, attacks are becoming more and more advanced. Ransomware can be dormant for months in a company's data - known as a payload. Threat Hunting helps discover payloads and any malicious actors in the data and can quarantine them.

Scope

Given the constraints of the project, we were not able to conduct initial user research. But I worked with the PM to fully understand the scope of the project and the intended user flows for Threat Hunting. I summarized all the features we were going to implement and the user flow in Figjam.

Persona

One thing we had to consider was how our typical Rubrik user would handle this new feature. Rubrik is primarily a backup tool and Threat Hunting is more a security tool. The backup admins will have to be introduced to the new feature properly.

Design Goal

How can we make a security tool that backup admins can use?

Design

With the scope and goal in mind, I began to work on the designs. I designed a rough draft for the first version so we could do quick usability testing. Note: I am leaving out some details here since the workflow and domain space is a bit complicated to explain. If you are interested in this project, I can discuss it with you in person!

Usability Testing

I conducted and moderated 5 usability tests with a Figma prototype of the MVP designs. The feedback was mixed since the backup admins were a bit hesitant about the feature due to its complexity.

Key Findings

Users would like to have a guide throughout the workflow since it is complex.
Users did not understand some of the column headers in the results. They felt it could be reworded
Users wanted the process to be more automated with suggestions if possible.

I adjusted the designs based on the feedback while considering the engineering limitations. The key improvements I made were including a Learn More section in most steps of the modal and updated the table columns to be simpler with additional filters.

Designing Complete Flow

With the findings addressed, I worked on designing the rest of the feature flows. There were many steps, states, and flows that had to be considered so this took a while.

Final Designs

Unfortunately there was no more user testing done due to the engineering timeline. However, the sales engineering team did give positive feedback on the feature. Below are some of the key screens in the final product currently in production.

Impact

The feature was received well among our users. We managed to get 125+ users in the first year of its launch and have had great feedback on its use.

Reflection

This project was one of the most detailed projects I have worked on at Rubrik. It was challenging to lead a brand new feature but I learned a lot. Some of my takeways:

It's up to the designer to push for research. I had to advocate and lead the usability testing because I felt it was necessary.
States and edge cases are crucial. There are always things to be aware of while working such as failures, in-progress things, and first time experiences.

↑ POOF.CASH

SPOTIFY PODCASTS ↑