VMware Security Recommendations
Identifying the problem
The VMware Carbon Black Cloud (CBC) is the company’s flagship security product. It is a B2B application designed to protect against security threats on employee-assigned devices, like laptops and mobile phones, as well as servers, USB devices, and Kubernetes containers.
Users of the CBC range from highly experienced security professionals dedicated to keeping their environment safe to less experienced teams that manage security part-time in addition to many other general IT responsibilities.
The process of tuning security settings on the CBC requires advanced technical knowledge and is often very time consuming, even for highly skilled security teams. This means that, although the CBC is a high-end security tool, if teams lack security knowledge and/or do not dedicate many resources towards maintaining their settings, they could still be vulnerable to attacks.
Given this, the team began thinking of ways we could automate the tuning process and reduce the time users spend managing their security settings.
The team
The team evolved as the initiative formed. Key team members included:
Senior UX Designer (me!)
Product Manager
UX Content Writer
UX Researcher
Technical Product Manager
Engineering Manager
Engineering Architect
Machine Learning Engineer
3 Full-Stack Engineers
QA Engineer
Finding our north star
After carefully conducted research and many discussions, we identified our north star: a recommendations experience that continuously guides users in managing their security based on patterns in their environment and industry best practices. Recommendations would provide support for ongoing security settings maintenance, alert resolution management, setup guidance, and more.
In the spirit of being agile, as a first step towards our north star, we decided to focus on recommendations that improved daily management of security settings for teams of all skill levels. This would help reduce the time spent dedicated to researching new threats and would also resolve existing gaps in our customers’ security settings.
Design jams inspired ideas
I facilitated two design jams which brought together a diverse group of people from across the organization.
The ideas that came from the design jams were then used to come up with some initial sketches and workflow ideas.
Sketches became more organized and evolved into wireframes
After producing some concepts, there were some questions about the best place to see recommendations in the product. We came up with two options:
Research informed the next steps
During the first round of user research, our goal was to settle on the UX direction. The UX Content Writer, Product Manager, and I worked with a UX Researcher to build a study and create a moderator’s guide. At the end of the study, the key takeaways were:
Participants saw value in the types of recommendations provided
Recommendations were preferred in a single location for ease of use (Option 1)
Participants indicated that trust was not implicit and were skeptical of implementing recommendations without detailed data-driven reasons -- we needed to first build their confidence in our recommendations
For the same reason, participants expressed major hesitation around auto-approving recommendations, and wanted control of what was implemented in their environment
And a workflow was defined
Along with more wireframes
Then it was time to test the experience with users again
This time we had a Figma prototype that allowed users to interact with the experience. During this round of user research, our goals were to determine if we provided enough context for the user to trust and apply a recommendation, discover usability flaws, and validate the workflow.
Once again, the UX Content Writer, Product Manager, and I worked with a UX Researcher to build a study and create a moderator’s guide. At the end of this study, we identified:
Users take careful consideration when choosing security rules and may want to further validate the recommendations on their own before applying
Participants wanted to understand the impact a recommendation would have on their environment
The additional data provided helped built trust in the recommendation’s value and increased adoption rates
Users expected that the order of recommendations indicated value or impact
Feedback was translated into designs
After the second round of research, I worked very closely with the UX Content Writer to improve the designs based on our findings.
Feature development began
Once an Engineering team was assigned to the initiative, we worked very closely throughout the entire development process. I attended daily stand-ups, grooming, and regularly conducted design reviews of the completed work.
The release plan
Phase 1: Beta
This feature went to beta at the end of February 2021 and is still in progress.
Beta will run for two months with a group of early adopters who showed interest during research. The Technical Product Manager is conducting bi-weekly check-ins with each early adopter to gather feedback and address concerns. At the end of beta, each early adopter will also complete a survey to tell us about their experience.
I defined UX success metrics to evaluate and measure the feature’s impact during beta.
Phase 2: GA
Before releasing to all customers, several feature enhancements will be iteratively introduced in addition to any changes that come from the beta feedback.
Phase 3: Post-GA enhancements
We will continue iterating on the feature using both feedback and our north star as a guide. This will include incorporating recommendations into the security settings experience, making it easier to configure settings from the start.
Looking forward
As we see how users interact with the recommendations feature, we’ll be able to better identify how it should be implemented throughout the product. Long term, the goal is to improve all configuration and alert resolution management with the recommendations experience.