SlideShare a Scribd company logo

Design talk

Kate Hanson, profile picture
Kate Hanson

This document discusses design challenges for cybersecurity products. It notes that many security products are designed by engineers and focus more on technical functionality than user experience. This can lead to products with inconvenient or confusing interfaces. The document advocates for giving design equal priority to technical aspects in security products. It provides examples of how poor user experience, like generating too many alerts or making multi-factor authentication annoying, can reduce security by causing users to disable protections. The document concludes that great design can differentiate enterprise security products and actually make the online world safer by enabling usability of security mechanisms.

Devices & Hardware
1 of 20
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
cybersecurity product design challenges Jen  Andre
about me • not  Dus)n  Webber   • not  a  designer   • developer/entrepreneur   • co-­‐founded  Threat  Stack   • formerly  Mandiant,  Symantec   • @fun_cuddles,  jandre@gmail.com
previously @ threat stack *  the  work  of  my  talented  co-­‐founder,  Dus)n  Willis  Webber,  from  whom  I  learned  the   importance  of  good  design  even  in  a  B2B/enterprise  product.
challenges • many  cybersecurity  products  are  technical  products   • helping  find  or  prevents  aKacks  and  breaches.   • helping  developers  write  safer  code
security is seen as inconvenient
… a lot of these products are designed by engineers.
Design talk
challenges for startups • Higher  level  of  product  maturity  is  expected  from   security  products.   • Sales  require  credibility.    Customers  are  relying  on   you  to  supplement  security  exper)se.    
great design can make up for both of these.
key success factors • Subject  ma<er  exper>se  plus   • Good  UX  plus   • Good  design  polish  from  the  start  ins)lls  confidence   in  your  company  and  product.
the consequences of bad UX
real life examples • Mul>-­‐factor  auth  too  annoying?    Users  will  not  use  it.   • Too  many  alarms  generated?    Users  stop  looking  at   them.   • Crypto  too  hard  to  use?      No  one  uses  crypto.   • Performance  too  slow?  Users  disable  the  security   mechanisms.
emotional design factors credible fun practical security productconsumer products B2B productcute reliablecreative
Design talk
beware of alarm fatigue
challenge for designer: avoiding alarm fatigue • Some  ideas:   • Rollup  repeated  events.   • Is  this  alert  really  cri)cal?     • If  you  are  making  the  user  take  ac)on,  be  specific.
it’s ok to tell the user things are fine
challenge for designers: too much data The  sad  state  of  many  security  event  management  consoles.  :(
It’s possible to make this information beautiful and engaging! *  cybereason.com
in conclusion • Design  is  a  first  class  ci>zen.  For  B2B/Enterprise   products,  great  design  is  a  differen)ator.       • You  can  make  an  impact.  Great  design  and  usability   in  a  security  product  actually  can  make  the  online   world  safer.

More Related Content

PDF
Design Sprints
Kate Hanson
 
PPTX
Difference between traditional and agile software development
DeepaThirumurugan
 
PPTX
Pragmatic guide to AB testing - Agile and Automation days 2019
Jakub Kurcek
 
DOCX
Defining Test Competence
Johan Hoberg
 
PPTX
Testers developers think differently
Kishen Simbhoedatpanday
 
PPTX
Engineer - Mastering the Art of Software
Cristiano Diniz da Silva
 
PDF
Software Defect Prevention
Swapnil Kumar
 
PPS
CS101- Introduction to Computing- Lecture 24
Bilal Ahmed
 
Design Sprints
Kate Hanson
 
Difference between traditional and agile software development
DeepaThirumurugan
 
Pragmatic guide to AB testing - Agile and Automation days 2019
Jakub Kurcek
 
Defining Test Competence
Johan Hoberg
 
Testers developers think differently
Kishen Simbhoedatpanday
 
Engineer - Mastering the Art of Software
Cristiano Diniz da Silva
 
Software Defect Prevention
Swapnil Kumar
 
CS101- Introduction to Computing- Lecture 24
Bilal Ahmed
 

What's hot (20)

PDF
Graham Thomas - Software Testing Secrets We Dare Not Tell - EuroSTAR 2013
TEST Huddle
 
PPTX
Test automation: do we still need test specialists?
Håkan Rönngren
 
DOCX
Why all deadlines are bad for quality
Johan Hoberg
 
PPTX
While You Are Coding
Zeynep Düzyurt
 
ODP
Test Aided Development - A gateway drug to TDD
Ádám Turcsán
 
PDF
Testing is a team problem
Janet Gregory
 
PDF
Id camp x dicoding live : persiapan jadi software engineer hebat 101
DicodingEvent
 
PDF
ANI | Agile Mindset Day @Gurugram | Agile Planning: Effective Practices and C...
AgileNetwork
 
PPT
Founder Institute Product Development Workshop
Sergey Sundukovskiy
 
PPT
Hsu2 engdesignprocessbv
Kawaldeep Singh
 
PDF
I Don't Code, Am I No Longer Useful
Maaret Pyhäjärvi
 
PDF
Holistic testing in DevOps
Janet Gregory
 
PDF
Acm productivity-webinar-2016-slides
Gail Murphy
 
PDF
Tips sukses berkarir sebagai developer dan programmer 2021
DicodingEvent
 
PDF
Using your testing mindset to explore requirements
Janet Gregory
 
PDF
Bad metric, bad!
Centric Consulting
 
PPTX
Pertanyaan dan jawaban (graham et.al 2011) part 1
ikhwana luthfi
 
PPTX
A Test Manifesto 2014.03.26
Julio Ramirez
 
PDF
How I learned to stop worrying and love to deploy
Mohan Krishnan
 
PDF
Dont be a tool
Martin Sandholt
 
Graham Thomas - Software Testing Secrets We Dare Not Tell - EuroSTAR 2013
TEST Huddle
 
Test automation: do we still need test specialists?
Håkan Rönngren
 
Why all deadlines are bad for quality
Johan Hoberg
 
While You Are Coding
Zeynep Düzyurt
 
Test Aided Development - A gateway drug to TDD
Ádám Turcsán
 
Testing is a team problem
Janet Gregory
 
Id camp x dicoding live : persiapan jadi software engineer hebat 101
DicodingEvent
 
ANI | Agile Mindset Day @Gurugram | Agile Planning: Effective Practices and C...
AgileNetwork
 
Founder Institute Product Development Workshop
Sergey Sundukovskiy
 
Hsu2 engdesignprocessbv
Kawaldeep Singh
 
I Don't Code, Am I No Longer Useful
Maaret Pyhäjärvi
 
Holistic testing in DevOps
Janet Gregory
 
Acm productivity-webinar-2016-slides
Gail Murphy
 
Tips sukses berkarir sebagai developer dan programmer 2021
DicodingEvent
 
Using your testing mindset to explore requirements
Janet Gregory
 
Bad metric, bad!
Centric Consulting
 
Pertanyaan dan jawaban (graham et.al 2011) part 1
ikhwana luthfi
 
A Test Manifesto 2014.03.26
Julio Ramirez
 
How I learned to stop worrying and love to deploy
Mohan Krishnan
 
Dont be a tool
Martin Sandholt
 
Ad

Viewers also liked (19)

DOCX
Rincian minggu efektif
antopanser
 
PPTX
Orbex webinario il primo passo al trading intraday
Orbex Ltd
 
PDF
Offline first solutions highland web group - december 2015
Glynn Bird
 
PPTX
The Human Body and Reprodution
JoseAngelSotocaPulpon
 
PPT
Chapter 2 demand &amp; supply new
Janaela Paula Cuadrillero
 
DOC
Ashley J Dalessandri 2016
Ashley Dalessandri
 
PPTX
Unit 5 ecosystems
JoseAngelSotocaPulpon
 
PDF
Catalogo biella 2016 ok 2
Clara Crosa Galant
 
PDF
Wood and multi fuel stoves brochure - Docherty Group
Docherty Group
 
DOCX
інформатика 5 клас урок 7
Iren50
 
PPT
10-Minute PhD
Jake Habgood
 
PPTX
Unidad 1 Los Paisajes de España
JoseAngelSotocaPulpon
 
PDF
GBT Group Prezentacja
GBT Group
 
PDF
самоосвіта завуч
Елена Оносова
 
PDF
David Chen at Rubinstein
David, Congwei Chen
 
PPTX
Unidad 1 Los Paisajes de España
JoseAngelSotocaPulpon
 
PDF
CV_Lone Bredgaard Thuesen_rev_07102015
Lone Bredgaard Thuesen
 
PPTX
tecnología?
colegio cisneros
 
PPTX
LAS DROGAS_99
bryan_99
 
Rincian minggu efektif
antopanser
 
Orbex webinario il primo passo al trading intraday
Orbex Ltd
 
Offline first solutions highland web group - december 2015
Glynn Bird
 
The Human Body and Reprodution
JoseAngelSotocaPulpon
 
Chapter 2 demand &amp; supply new
Janaela Paula Cuadrillero
 
Ashley J Dalessandri 2016
Ashley Dalessandri
 
Unit 5 ecosystems
JoseAngelSotocaPulpon
 
Catalogo biella 2016 ok 2
Clara Crosa Galant
 
Wood and multi fuel stoves brochure - Docherty Group
Docherty Group
 
інформатика 5 клас урок 7
Iren50
 
10-Minute PhD
Jake Habgood
 
Unidad 1 Los Paisajes de España
JoseAngelSotocaPulpon
 
GBT Group Prezentacja
GBT Group
 
самоосвіта завуч
Елена Оносова
 
David Chen at Rubinstein
David, Congwei Chen
 
Unidad 1 Los Paisajes de España
JoseAngelSotocaPulpon
 
CV_Lone Bredgaard Thuesen_rev_07102015
Lone Bredgaard Thuesen
 
tecnología?
colegio cisneros
 
LAS DROGAS_99
bryan_99
 
Ad

Similar to Design talk (20)

PDF
Security And Usability Designing Secure Systems That People Can Use Lorrie Fa...
timeogeury
 
PPT
Chapter 1 id2e_slides
oopscrash1
 
PPTX
Security Snake Oil Cycle 2019
Dave Cole
 
PDF
Re-Thinking BYOD Policy.pptx
tmbainjr131
 
PPTX
Leveraging Human Factors for Effective Security Training, for ISSA Webinar Ma...
Jason Hong
 
PPT
Chapter-10.pptytfjyjrdjrtjfdthdfrthrdthrd
chanchanmendez5
 
PPT
Chapter-1 (1).pptdydidydydy6dydyyfydyuyd
GianCarlosGumatay3
 
PDF
The 5 Layers of Security Testing by Alan Koch
QA or the Highway
 
PDF
The 5 Layers of Security Testing by Alan Koch
QA or the Highway
 
PDF
Threat modelling & apps testing
Adrian Munteanu
 
PPTX
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins
 
PPTX
Lecture 1 _ Introduction to ID and HCI.pptx
clement swarnappa
 
PDF
Building security into the internetofthings
Prayukth K V
 
PDF
Getting users to care about security
Alison Gianotto
 
PPTX
Practical SME Security on a Shoestring
NCC Group
 
PPT
What Is Interaction Design
Graeme Smith
 
PPTX
CS_UNIT 2(P3).pptx
GaytriDhingra1
 
PPTX
Challenges2013
Lancope, Inc.
 
PPT
Maloney Slides
ecommerce
 
PPTX
ARC's Bob Mick's Cyber Security Standards Presentation at ARC's 2008 Industry...
ARC Advisory Group
 
Security And Usability Designing Secure Systems That People Can Use Lorrie Fa...
timeogeury
 
Chapter 1 id2e_slides
oopscrash1
 
Security Snake Oil Cycle 2019
Dave Cole
 
Re-Thinking BYOD Policy.pptx
tmbainjr131
 
Leveraging Human Factors for Effective Security Training, for ISSA Webinar Ma...
Jason Hong
 
Chapter-10.pptytfjyjrdjrtjfdthdfrthrdthrd
chanchanmendez5
 
Chapter-1 (1).pptdydidydydy6dydyyfydyuyd
GianCarlosGumatay3
 
The 5 Layers of Security Testing by Alan Koch
QA or the Highway
 
The 5 Layers of Security Testing by Alan Koch
QA or the Highway
 
Threat modelling & apps testing
Adrian Munteanu
 
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins
 
Lecture 1 _ Introduction to ID and HCI.pptx
clement swarnappa
 
Building security into the internetofthings
Prayukth K V
 
Getting users to care about security
Alison Gianotto
 
Practical SME Security on a Shoestring
NCC Group
 
What Is Interaction Design
Graeme Smith
 
CS_UNIT 2(P3).pptx
GaytriDhingra1
 
Challenges2013
Lancope, Inc.
 
Maloney Slides
ecommerce
 
ARC's Bob Mick's Cyber Security Standards Presentation at ARC's 2008 Industry...
ARC Advisory Group
 

Recently uploaded (20)

PPTX
rorakshsjppaksvsjsndjdkndjdbdidndjdbdjom.pptx
WarungApk
 
PPTX
Entre CHtzyshshshshshshshzhhzzhhz 4MSt.pptx
Eyob262486
 
PPTX
Computers and mobile device: Evaluating options for home and work
4mqw9zch22
 
PPTX
"Fundamentals of Digital Image Processing: A Visual Approach"
anandy7345
 
PDF
Printing Presentation to show beginners.
John306149
 
PDF
20A LG INR18650HJ2 3.6V 2900mAh Battery cells for Power Tools Vacuum Cleaner
PERMA Tech Co., Ltd.
 
PDF
Dozuki_Solution-hardware minimalization.
kurtaku1
 
PDF
2_STM32&SecureElements2_STM32&SecureElements
AbrahamGutierrez59
 
PDF
Maxon CINEMA 4D 2025 Crack Free Download Latest Version
mubashar0malik
 
PPTX
Wireless and Mobile Backhaul Market.pptx
ashishjadhav559203
 
PDF
SAHIL PROdhdjejss yo yo pdf TOCOL PPT.pdf
akansharohilla2002
 
PDF
Topic-1-Main-Features-of-Data-Processing.pdf
Moises Tenyosa
 
PDF
Tcl Scripting for EDA.pdf
Ahmed Abdelazeem
 
PPTX
Subordinate_Clauses_BlueGradient_Optimized.pptx
AngadSingh427299
 
PPTX
5. MEASURE OF INTERIOR AND EXTERIOR- MATATAG CURRICULUM.pptx
MelanieEstebanVentur1
 
PPTX
A Clear View_ Interpreting Scope Numbers and Features
Eurooptic Ltd
 
PPT
Lines and angles cbse class 9 math chemistry
cuteprincessmisty
 
PDF
PakistanCoinageAct-906.pdfdbnsshsjjsbsbb
toyin38280
 
PPTX
Group 4 [BSIT-1C] Computer Network (1).pptx
gevenharold
 
PPTX
AI_ML_Internship_WReport_Template_v2.pptx
deepanshkalra5185
 
rorakshsjppaksvsjsndjdkndjdbdidndjdbdjom.pptx
WarungApk
 
Entre CHtzyshshshshshshshzhhzzhhz 4MSt.pptx
Eyob262486
 
Computers and mobile device: Evaluating options for home and work
4mqw9zch22
 
"Fundamentals of Digital Image Processing: A Visual Approach"
anandy7345
 
Printing Presentation to show beginners.
John306149
 
20A LG INR18650HJ2 3.6V 2900mAh Battery cells for Power Tools Vacuum Cleaner
PERMA Tech Co., Ltd.
 
Dozuki_Solution-hardware minimalization.
kurtaku1
 
2_STM32&SecureElements2_STM32&SecureElements
AbrahamGutierrez59
 
Maxon CINEMA 4D 2025 Crack Free Download Latest Version
mubashar0malik
 
Wireless and Mobile Backhaul Market.pptx
ashishjadhav559203
 
SAHIL PROdhdjejss yo yo pdf TOCOL PPT.pdf
akansharohilla2002
 
Topic-1-Main-Features-of-Data-Processing.pdf
Moises Tenyosa
 
Tcl Scripting for EDA.pdf
Ahmed Abdelazeem
 
Subordinate_Clauses_BlueGradient_Optimized.pptx
AngadSingh427299
 
5. MEASURE OF INTERIOR AND EXTERIOR- MATATAG CURRICULUM.pptx
MelanieEstebanVentur1
 
A Clear View_ Interpreting Scope Numbers and Features
Eurooptic Ltd
 
Lines and angles cbse class 9 math chemistry
cuteprincessmisty
 
PakistanCoinageAct-906.pdfdbnsshsjjsbsbb
toyin38280
 
Group 4 [BSIT-1C] Computer Network (1).pptx
gevenharold
 
AI_ML_Internship_WReport_Template_v2.pptx
deepanshkalra5185
 

Design talk

  • 2. about me • not  Dus)n  Webber   • not  a  designer   • developer/entrepreneur   • co-­‐founded  Threat  Stack   • formerly  Mandiant,  Symantec   • @fun_cuddles,  jandre@gmail.com
  • 3. previously @ threat stack *  the  work  of  my  talented  co-­‐founder,  Dus)n  Willis  Webber,  from  whom  I  learned  the   importance  of  good  design  even  in  a  B2B/enterprise  product.
  • 4. challenges • many  cybersecurity  products  are  technical  products   • helping  find  or  prevents  aKacks  and  breaches.   • helping  developers  write  safer  code
  • 5. security is seen as inconvenient
  • 6. … a lot of these products are designed by engineers.
  • 8. challenges for startups • Higher  level  of  product  maturity  is  expected  from   security  products.   • Sales  require  credibility.    Customers  are  relying  on   you  to  supplement  security  exper)se.    
  • 9. great design can make up for both of these.
  • 10. key success factors • Subject  ma<er  exper>se  plus   • Good  UX  plus   • Good  design  polish  from  the  start  ins)lls  confidence   in  your  company  and  product.
  • 12. real life examples • Mul>-­‐factor  auth  too  annoying?    Users  will  not  use  it.   • Too  many  alarms  generated?    Users  stop  looking  at   them.   • Crypto  too  hard  to  use?      No  one  uses  crypto.   • Performance  too  slow?  Users  disable  the  security   mechanisms.
  • 13. emotional design factors credible fun practical security productconsumer products B2B productcute reliablecreative
  • 15. beware of alarm fatigue
  • 16. challenge for designer: avoiding alarm fatigue • Some  ideas:   • Rollup  repeated  events.   • Is  this  alert  really  cri)cal?     • If  you  are  making  the  user  take  ac)on,  be  specific.
  • 17. it’s ok to tell the user things are fine
  • 18. challenge for designers: too much data The  sad  state  of  many  security  event  management  consoles.  :(
  • 19. It’s possible to make this information beautiful and engaging! *  cybereason.com
  • 20. in conclusion • Design  is  a  first  class  ci>zen.  For  B2B/Enterprise   products,  great  design  is  a  differen)ator.       • You  can  make  an  impact.  Great  design  and  usability   in  a  security  product  actually  can  make  the  online   world  safer.