Noise cancellation eliminates irrelevant and duplicate alerts, allowing CyberOps team to prioritize the threats that truly matter. With less noise to contend with, analysts can dedicate their time and expertise to investigating and remediating high-risk incidents.
The overview
During the review of the Q3 2023 survey, I noticed a recurring theme in the feedback: "too many inefficient policies." I promptly brought this to the attention of the Product Manager, and after further research, we discovered that this has been an ongoing issue for the past few quarters that has yet to be addressed.
My Role
In my role as the UX Designer for this project:
I conducted user interviews to better understand the problem.
I performed A/B Testing to validate ideas a collect additional feedback
Scaled it from 5 to 200+ enterprise customer.
Team
Product Manager
Data Scientist
2 Engineers
Technical Writer
UX Designer (me)
The why
User interviews with 2 of our largest enterprise customers and over 20 analysts uncovered many inefficient policies.
15 %
Out of the total number of policies were found to be ineffecient.
~ 1 hour
Spent on investigating alerts triggered by inefficient policies by analysts
The How
The Data Science team developed a model to identify and track inefficient policies. There was a need for a comprehensive experience that allows users to gain a high-level understanding of these policies while also enabling a deep dive into the specifics to understand the underlying issues.
Easy to digest data
Combining data visualization and tables to create an experience that make it easy to digest multiple data points.
The potential value add
Tracking and eliminating inefficient policies will enhance the efficiency of analysts' workflows.
For Users
Reduction in the number of ineffecient policies will allow analysts to be more effecient
For Securonix
Competitive advantage as none of our direct competitors have this capability.
User testing provided more insights
I conducted A/B test with multiple customers to understand what analysts really expected from an experience like noise cancellation.
The solve
An experience that highlights the most important information first and let’s the user decide if they want to view more details about a noisy policy.
Results and Impact
50% reduction
In the number of ineffecient policies improving policy efficiency.
30 min - 1 hour
Of estimated analyst time back to focus to critical threats.
The Growth
I created an introductory feature flow to expand the solution to all customers, providing user value with minimal friction. Also, added tooltips to cover important information and make it easier for the users.
What lies ahead
AI insights assist analysts in understanding the context of a noisy policy more effectively and offer several recommendations for users to better address this noisy policy.
Below is an exploration we are considering to incorporate AI insights while our engineers work on perfecting the model.
Valuable learnings
When working with 0 to 1 features it is common to have multiple subjective opinions about design due to the ambiguity. But with this project since we conducted multiple tests and collected feedback it was easy to justify design decisions with data to stakeholders.
Moreover we prioritized the core feature which is capturing the inefficient policies in the MVP to provide a solution to the problem in a shorter time frame and later added value add features like actions.
Here are few more projects you might be interested in.