Duration of user research: 4 weeks
Role: team of one
Status: work in progress
Hi-fi prototype: online
I want to tell that first this is the case of my first product redesign and it is a great professional challenge because it is an application without user research.
Case Summary
The goal is to redesign the application. It is an application that performs penetration testing on any software. I use the design thinking process. I am in the testing and validation stage with the client and using the qualitative method because I want to analyze thematic data and find possibilities for usability improvements. I am the communication bridge between both teams, design and product development.
Design Thinking Process​​​
Attack Surface Manager: UX & UI Case Study
About the project
Attack Surface Manager is a platform that scans the code of any software to find vulnerabilities. Its main functions are to measure the remediation rate and the closure of vulnerabilities in an organization. The main business of the application is composed of two services called Continuous Hacking and One-shot Hacking. The Continuous Hacking service has a team of hackers who start and end a linear cycle where the different teams ensure that the client's product goes into production in the safest way.​​​​​​​
The most important challenge is being one team member. I started working for the company when the marketing team joined. There are no precedents for user interface and experience design. The company has a development and hacking team with which I maintain a close relationship.
Define a Design System: I came across an application with no hierarchies and an unfriendly color palette. Attack Surface Manager development progresses every day at a very agile speed so I have no much time to do some usability test.
Communication and improvement: The most frequent challenges are poor communication and acceptance of UX and UI improvements from experts users. In this challenge I incorporate the creation of new user flows to simplify tasks and make the platform easier to use. Heuristic evaluations were also important criteria in defining my design process.
UX Designer
As a UX Designer my role is to carry out user research through the qualitative method. I developed questionnaires to learn about the experiences related to the Attack Surface Manager and how they interact. 
UI Designer
As UI Designer I developed as a first task an atomic style system for the company's product. Create the front of the look based on the Tachyons framework that the company currently uses.
Graphic Designer
I developed illustrations to support visual communication. Creating these resources are essential for new users who need to support themselves through analogies during their navigation and interaction with the platform.​​​​​​​
Stage 1: Empathize
I made observations of the application since July 2020. When I first logged in I tried to understand the functions but I got frustrated. I couldn't clearly understand what the primary tasks were. I also did research on the competition but they don´t use free demos. This seems interesting to me because unlike the competition, the Attack Surface Manager, has a free demo version that does not require authentication. 
The company has the philosophy of open source and free use. The most important value of the Attack Surface Manager is the human intervention. Continuous Hacking and pentesting are the main services of the company.
Research Plan
According to user reviews who signed up for Delighted App, many users have complained about the interface design, the server response, and most of the ratings are published without feedback. Many of the problems are related to lack of hierarchies, system visibility, misused components, lack of communication and tutorials to help use the product. Therefore, as a designer, I must solve these problems to generate value, understand the journey that a user takes, and redesign the product for a correct, desirable and intuitive use.
- Find out behaviors of stakeholders and expert users while using the Attack Surface Manager App
- Find out the pain points that users face when using the app
- Find out how users feel after using the app
- Download report of Organization
- Download report of Group
- Sign in and Log out
- Give a treatment to a new vulnerability
- Create new group in the Organization
Through the stakeholders interviews I design this empathy map:
Stage 2: Define
The purpose of design user persona is to know all the user profiles that interact with the application. The Attack Surface Manager has organizational and group level roles for the customer, but it also has many internal roles for the different teams within the company that are also users.
It was not an easy task. The biggest challenge I had was getting elaborate and communicative responses. The questions were demographic, about their routine and their interaction with the platform.
Stage 3: Ideate
Stage 4 - Prototype

Current Design
New Design

You may also like

Back to Top