IBM Security Data Explorer
Leading evaluative research of IBM Cloud Pak for Security's Data Explorer application to resolve usability issues
June - August 2019
Design Researcher
Heuristic Evaluation / Cognitive Walkthrough / Survey & Interview / Mural / Agile Methodology
Story
During my internship at IBM, I was the Design Researcher within the Security Design team, where I got to lead evaluative research of Cloud Pak for Security Platform's Data Explorer application to resolve usability issues before launch. Data Explorer is a platform application that enables security workers to run federated data searches across hybrid, multi-cloud environment in a single workflow. Platform as a whole aims to search for threat indicators across multiple cloud and on-premises infrastructure. Our goal as a team was to reduce complexity and increase visibility of siloed security data for security analysts. I also collaborated closely with the leads of Design, Development, and PM during daily scrum meetings in addressing the high to low severity usability issues to target for crafting stories into sprints.
Having this chance to work with an extremely talented team and research leads, I learned to target prioritized research findings for sprint planning and had the chance to present research playbacks to IBM Security Design Executive and different stakeholders to align the team's understanding of our end users' needs. 💭
Research Impact Team accepted 7+ recommendations on improving the process of searching on query builder, viewing active queries, getting started experience, and also committed to adding stories to address these issues for sprint planning before design freeze
Though I'm unable to share all of the details due to confidentiality, I am happy to chat about my experience over the summer - so feel free to contact me! 😊
Here’s a quick snapshot of my internship experience. 🎉
Overview
Impact Product has been released as of November 2019 🎉🎉Check it out here!
Team IBM Security Design
Data Explorer for IBM Cloud Pak Platform
IBM Cloud Pak is a collection of tools that helps security analysts identify and isolate security threats on their networks. Analysts can add data sources that generate data from their own platforms (AWS is an example) and connect them to Cloud Pak. From there, Cloud Pak compiles and organizes all data in a searchable format so that analysts can easily perform a federated search on any specific threat identifiers that they’re looking for. With this information, they are best equipped to handle the threat properly.
Data Explorer is one of Cloud Pak’s application platforms and is the primary area where security analysts perform their search for threats. By using in-house query builder, analysts can specify certain criteria, such as identifying hash markers, timestamps, or IP addresses and isolate any incidents that may have happened on their platform.
Data Explorer puts together the collected data to create data visualizations that make performing analysis and properly identifying threats easier than the current process, which fails to effectively solve the problem of scattered and fragmented data sources.
Clipping Highlight Reels
Providing highlight reels from studies with clear documentation of timestamped issues to help developers recreate the problems using consistent environment and session info, and use to playback research insights
Search results for query
Sharing Highest Priority Usability Issues
Delivering a prioritized list of high severity usability issues that must be fixed in order for the product to be usable for the users by documenting violated heuristics based on feedback from heuristic evaluations for each of the feature components, including the query builder, search results graph, active queries, and filters
Creating Emotional Journey Mapping
Mapping out the emotional journey of users interacting with the product based on series of tasks and goals across the phases of Essential Experiences, starting from discovering the Data Explorer on platform to getting started and utilizing queries for everyday use
Developing Research Repository
Documenting a library of raw analysis, synthesized materals, and recordings of final playbacks for teams to refer back to my research findings throughout development process and sprint plannings before release