top of page

Company:

Logo.png

Platform:

Cybersecurity dashboard
(Web platform)

Role:

Lead Product Designer

Duration:

6 weeks (Q1 2019)

Team:

Product Manager

2 Engineers

UX/UI Designer (me)

Incident Response Dashboard

A real-time dashboard built to help security teams detect, investigate, and respond to threats faster. Designed for clarity, speed, and seamless integration with existing workflows.

What this dashboard achieved

  • 32K+ incidents reviewed — strong feature adoption

  • 1,320 hours saved — reduced manual investigation work

  • 2,500+ requests submitted via the dashboard

  • 120 malicious incidents resolved efficiently

  • 407 active investigations monitored live

Continue reading by scrolling down click to read more about me
Overview

Facing a surge in security incidents, our team was tasked with creating a centralized dashboard to help customers monitor and respond to threats in real time. The goal was to build a clear, efficient system that provides high visibility, integrates seamlessly with existing infrastructure, and empowers teams to act quickly.

My Role

As the product designer, I led the UX research, interface design, and usability validation. I worked closely with engineering and security analysts to ensure the solution aligned with technical constraints and real user workflows.

My role
✅ TL;DR Overview:​ ​
Real-time dashboard for tracking and managing security incidents. Enabled fast, visible, and coordinated response.
The Challenge & Goal

Customers needed a way to detect and resolve security threats quickly. The challenge was to create a dashboard that provided live updates, prioritized incident severity, and supported fast action, all while fitting into their existing tools and workflows.

✅ TL;DR The Problem:​ ​
Build a real-time system with clear visibility and fast incident handling.
Research

We interviewed key customers to map out their current incident workflows. Common pain points included lack of real-time data, difficulty prioritizing cases, and time wasted switching tools. We benchmarked leading IR platforms and noted best practices like severity color coding, timeline visualization, and user audit trails.

Design Process

The design prioritized clarity and actionability. We used a card-based system to represent incidents with real-time status updates, severity indicators, and direct links to investigation steps. By structuring the interface around user roles and typical tasks, we reduced cognitive load and helped teams triage incidents faster.

Design focused on:

  • Color-coded incident cards with live updates

  • Severity filters and search to help teams prioritize

  • Integrated investigation history for each case

  • Simple, clean UI aligned with accessibility standards

 

Design Highlights:

  • User Activity Breakdown: Color-coded bar charts support quick accountability tracking.

  • Time Series Analysis: Line graphs surface patterns and trends in request volume.

  • KPI Summary Panel: Bold metrics and charts deliver instant visibility into performance and effort saved.

User-Based Activity Breakdown

  • At-a-glance KPIs include total incidents reviewed, hours saved, and breakdowns of incident types.

  • The use of large, bold numbers with supporting context communicates value clearly to both technical and executive audiences.

  • Donut charts visualize the proportion of open cases and time distribution, aiding comprehension of system performance and remaining workload.

Number of Incidents Reviewed Over Time:

  • A line graph shows trends in requests over time, supporting retrospective analysis and capacity planning.

  • A tooltip on hover offers precise request counts for specific days, enhancing interactivity without cluttering the default view.

  • Consistent use of orange for request count reinforces visual language across the dashboard.

User-Based Activity Breakdown

  • Horizontal bar chart clearly distinguishes between approved and declined investigations per user using color-coded segmentation.

  • Top 5 users are displayed based on activity, allowing SOC managers to track engagement and accountability.

  • Clean hierarchy and spacing make the data scannable even at a glance.

✅ TL;DR The Design:​ ​
Intuitive UI built for speed, clarity, and real-time action.
Development

The engineering team built a backend data stream and connected it to the customer's Perception Point accounts. I collaborated with devs to QA components, implement interaction states, and verify live-data behaviors.

Testing

We ran the dashboard in a controlled production environment, verifying accuracy, system performance, and load stability. Feedback from power users led to fine-tuning interaction flows and adjusting severity thresholds.

Results & impact

The dashboard was fully adopted across key customer accounts, enabling faster response, clearer visibility, and consistent security workflows.
 

  • 📊 32,378 Incidents Reviewed

  • ⏱️ 1,320 Hours Saved (estimated via avg. review time)

  • 🔎 2,500 User-Requested Investigations → 250 hours saved

  • 🧼 8,000 Incidents Found Clean → 80 hours saved

  • ⚠️ 120 Confirmed Malicious Incidents → Faster IR

  • 📈 High customer satisfaction and retention

  • 📆 Stable production use for several weeks without regressions

✅ TL;DR Impact:​ ​
Increased engagement, reduced support dependency, improved clarity, and set the stage for future inline messaging.
Key takeaways

  • Real-time systems must minimize noise and surface what matters.

  • Deep user research shapes scalable design decisions.

  • Integrating with existing tools increases adoption and trust.

Other Projects

Perception Point Scan History 

Real-Time Detection Features to the CDR Dashboard

Image-1.png
time filter.jpg
Choose another project or click to read more about me
bottom of page