Work Summary
Integrations | Notifications
Cisco
XDR
What is XDR?
Cisco XDR is a cloud based extended detection and response cybersecurity product. XDR uses telemetry data to deliver visibility into data across networks, clouds, endpoints, and applications while applying analytics and automation to detect, analyze, hunt, and remediate threat's to user’s networks.
Integrations
My Role
I started as a UX Designer on the team that designs for the Cisco XDR Product. Recently I transitioned to a team the focuses on the Cisco Breach Protection Suite. This suite includes eight different security products that my team aims to build a cohesive experience across all platforms.
I collaborate with cross functional teams like UX Research, Product Management, and Engineering to help plan, test, and bring features to life.
My Work
Cisco XDR relies heavily on integrations to power the product. They help provide users with insight, enrich the database, port over data and simplify user workflows. Often-times it is the first place administrators go after getting access to their account to start processing data.
The Problem
The problem with security integrations are often complex and require lengthy configurations where errors can easily occur. There is also very little consistency product to product as every company has a different way of doing things.
The Solution
My job was to identify user pain points with integrations and develop a schema and patterns that would make configuration simpler, faster, and more enjoyable.
I analyzed research conducted by other product teams to hear from their users and used those insights to develop a unique system for XDR Integrations that our users would love. Our users are highly-technical users who are sensitive to malware, so I was careful when designing experiences with third-party products to make sure users never thought their systems were being compromised.
I worked closely with development teams both inside and outside of Cisco to ensure that our integrations work and our design system team to create new accessible patterns we could add to the integrations page. Certain products required special health-check screen or data logs that had to be designed and configured for XDR. The result is an integrations experience that works for our users and elevates the greater experience of the product.
Notifications
Alerts and notifications are critical in a security setting where often responding to an event as soon as possible can make a monumental difference for our Incident Responders. Notifications are out users first touch point with a security incident.
The Problem
Prior to this initiative XDR had no way of alerting users when something was happening in their environment without manual intervention by the user. We needed a way to alert users to security events, administrative tasks, and usage limits all within the application.
The Solution
First, I needed to decide what the function of these notifications would be. Should they be purely informational or actionable? Our users value speed and efficiency, so after working with the Product team we decided that each of our notifications should allow users to take some sort of action directly from the alert. Whether that be deploying a workflow or simply marking the notification was read, they should be more than text.
Second, I gathered a list of all the notifications we would be launching and mapped out actions that would make sense for each notification type. Once all the types were mapped I began the process of creating new design components for our design system. We did not have a pattern for alerts, so it was a really unique experience to get to build components from scratch.
We went through several iterations of design for this project, testing and tweaking things along the way. The result is a mature notification system that allows or users better visibility, faster response times, and now supports email notifications, as well as third-party messaging apps like Slack and Teams.