Due to an NDA, I am unable to post any of the wireframes and artifacts. However, I am happy to discuss my process and learnings upon request.

WHITEHAT Sentinel

Overview: Sentinel is a SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) product by WhiteHat. This means that it allows companies to check their web applications for vulnerabilities and security threats during various stages of production, including both before and after the app goes live.

Users: Security team, developers

What I did:
• Conducted user research to understand requirements for new features
• Organized brainstorming sessions with team members to figure out best solutions to the problems at hand
• Created rough sketches of UI to gather feedback from team
• Iterated based on feedback and created wireframes and mockups for features and additions to the product
• Conducted user testing to validate designs.
• Worked very closely with engineering team throughout the process to ensure proper implementation of designs

Takeaways:

Working on this product was an amazing experience as it allowed me to work with a very involved and passionate user-base. When it comes to security, users don’t want any kinds of issues, and that includes the disruption of work that a sudden change in the UI can cause.

While this allowed us to successfully find candidates for user testing and research, it also taught me how to handle the results of testing. It taught me to always stop and ask my PM why a certain requirement had suddenly come through- was there one extra-loud user making their opinion known? Did any of our other users have the same opinion? And lastly, how did this tie-in with the business goals? Were we inadvertently catering to a small subset of our users, making changes that would negatively impact the vast majority?

Needless to say, this was a huge learning experience.

My Process:

• First, my PM would approach me with a feature that was on the roadmap for the coming months.

• I then took some time to understand the problem and the “why” behind it.

• I would make an effort to learn everything I could about this feature. This involved multiple meetings with engineering leads, security experts, customer success managers and whoever else I needed to speak to in order to gain adequate understanding. It was important when working with an application that was over 10-15 years old, to understand why certain decisions had been made in the past, and how these would impact us today.

• This was followed by white-boarding and sketching of ideas. I made sure to involve the engineering team early on, as we were always working with technical restrictions and it was important to have their buy-in. Not to mention, they often came forth with some great ideas on how to solve the problems at hand.

• At this point I would create wireframes and high fidelity mockups, showing progress to the team constantly, and iterating based on their feedback.

• Often, we would also conduct user testing on the mocks during this process.

• I worked very closely with the engineering team to ensure smooth and accurate implementation of the designs.

• Once a feature was released, I worked with customer service and other such teams to monitor user feedback, and act quickly when required to make any kinds of changes.