An open-source SOAR (Security Orchestration and Automation Response) platform
With increasing compute and cloud deployments, the security and privacy of an organization are getting more focus in organizations than ever before. For the multiple aspects of security issues that these organizations face, there are very few solutions available in the industry. Security Orchestration and Automation Response (SOAR) platform is one possible solution to the issue. SOAR is a solution stack of compatible software programs that allow an organization to collect data about security threats from multiple sources and respond to low-level security events without human assistance.
A Lead Security Engineer working out of the SF Bay Area approached me with an idea to design an iOS application for an open-source SOAR platform (OpenSOAR). Phase one for the app includes creating the executive level views for the mobile application. Executive-level views will consist of graphical reports of security incidents generated based on different scenarios that will be available for them to view at their fingertips.
GOALS AND OBJECTIVES
To create branding for the platform so that it can be visually appealing and recognizable.
To create a prototype and perform usability tests for the executive level view in the mobile application.
To create an iOS application design keeping in mind the executive views and the key features that enables senior management to view detailed incidents, email reports, and get updates on their fingertips.
ROLE UX/UI Design
TOOLS Figma - Design & Prototype
TIMELINE 5 Weeks
Designing mobile application for open source
Security Orchestration and Automation Response (SOAR) platform
THE DESIGN PROCESS
Customer Interviews and Contextual Inquiry:
I interviewed 4 participants. I reached out to professionals in the tech industry who have some exposure to data analysis dashboards or incident reporting tools, professionals who have experience with developing/ collating reports/data analysis, or are fairly senior in their organization to have some good insights. The aim was to understand the extent and depth of information in incident reports and SOAR platforms that decision-makers prefer to have visibility on which in turn will provide the capability to perform actions to mitigate incidents as they arise.
Competitive Analysis and study of trends online:
I started learning more about the SOAR platform, their target user base, and what each of these user types aim to get out of the application. I did research about the currently available SOAR platform in the industries explored their websites, features, strengths, and weaknesses.
INSIGHTS FOR INNOVATION
After conducting user interviews, contextual inquiry and analyzing the gathered data, four common insights emerged.
To better understand the target audience, to create empathy, and to give the user base a more ‘human’ feel, I created a persona. By synthesizing data from the research debriefs through 1-1 interviews and combining it with the client's requirements, I created a fictional but realistic representation of the target user group.
To better understand the content, its hierarchy, and its placement, I created the sitemap. The elements listed here are keeping in mind the limited scope and one target user base.
USER AND TASK FLOWS
Created User Flows helped visualize how John, and eventually the target user audience, might interact with the website to complete various tasks based on different scenarios:
Task 1: The Director recently received the budget for the quarter. He has to devise the investment strategy and give the VP his recommendations. To be able to draft the same, he wants to generate a report on the number of false-positive incidents per tool.
Task 2: The Director wants to generate and email report for the ongoing customer-facing data breach incident with the code name 'San Francisco'
At this point in the design process, I began creating low-fidelity to mid-fidelity wireframes. To begin the product, I tried to emphasize priorities that arose from the user research and the client brief.
BRANDING AND UI KIT
Once the wireframes were created it was then time to work on visuals on the OpenSOAR brand. The essence of the logo and the brand style was to maintain a darker, serious, and professional feel. The logo, typography, color palette, and other UI elements were worked out.
Thereafter, based on the principles of Atomic Design by Brad Frost the idea was to define/design the small, independent - atomic - parts, to help build the large molecular structures.
Defined the UI elements such as icons, spacing, navigation patterns, grids, and other similar elements for the OpenSOAR Brand.
Source: Atomic Design Icons
by Marivi Carlton - Dribbble
Logging in to the OpenSOAR platform and navigating to the home screen
Task: Director recently received the budget for the quarter. He has to devise the investment strategy and give the VP his recommendations. To be able to draft the same, he wants to generate a report on the number of false-positive incidents per tool.
Task: The Director wants to generate and e-mail himself report for the ongoing customer-facing data breach incident with the code name 'San Francisco'
OpenSOAR is an open-source Security Orchestration and Automation Response platform (OpenSOAR). The phase one for the app was to create the executive level views for the application. The scope of this project was to create two unique user flows that will form a part of the sales pitch for this product. If/when OpenSOAR is productized, there will be a larger engagement from a UX/UI design perspective for the end-to-end product development.