Twistlock - Cybersecurity Cloud Containers (Twistlock 18.11 Radar v4)
1.1 Twistlock Overview
Twistlock was founded in December of 2015. It was the first container cybersecurity platform. The company was acquired by Palo Alto Networks in July 2019 for almost half a billion dollars. This case study focuses on the Cloud Containers Radar.1.2 Case Study Overview
Cloud Containers Radar is the primary interface for monitoring and understanding environments. The 18.11 version is demonstrated in the case study.
1.3 Problem Statement
Main goal was to improve value for our users. Mainly to the CISO teams (mostly security engineers, also called SecOps). Prior to developing this version for the radar, the data was very basic, only showing clusters, and there was no way to investigate a specific entity in terms of its vulnerabilities. I conducted a qualitative UX research. A poll was sent to our (at the time) 10 customer success managers (CSM). Every CSM handled at least 30 clients. They were then interviewed in depth. The results were dramatic.
1.4 Roles & Responsibilities
My responsibilities included UX and UI. As mentioned above, work included a qualitative UX research. I worked closely with PM and DEV (FrontEnd and BeckEnd).
My responsibilities included UX and UI. As mentioned above, work included a qualitative UX research. I worked closely with PM and DEV (FrontEnd and BeckEnd).
1.5 Scope & Constraints
This was part of a 3-month release we had. Work was in SCRAM method.
This was part of a 3-month release we had. Work was in SCRAM method.
1.6 Outcomes & Lessons
X/UI improvements are included in this version to enable DevOps and SecOps to truly understand their environments and to navigate easily throughout all the data. The Radar canvas not only provides users with a visual representation of all microservice connections, but they can also drill into a per-layer vulnerability analysis, check for compliance, and investigate incidents without leaving the canvas. Everything can now be accessed directly from Radar. Twistlock has changed its product. Security engineers, in particular, loved the radar. Later on, we developed other radars as well.
Preliminary information per entity
This version allows the user to have focused information on vulnerabilities issues, compliance issues, and many more data after it was scanned by the Twistlock defenders.
Drilled down information
This version has the ability to go even deeper and show relevant information, supporting the investigation, and connectivity to other sections of the Twistlock product.
Wireframe 1 – General view of the Radar
This wireframe was created on Axure, and was changed at least 6 times before we even started to work on the UI. Discussions included developers, product, and me.
Wireframe 2 – Zoom in on a namespace
The challenge was to create value for the user, whether it is the dev-ops or the CISO.
Wireframe 3 – Zoom out on a namespace
The main value was actually to allow the user to see a wide-angle on the current situation.
Twistlock Radar 18.11 animation
Thanks for watching my work :)
cover photo by: Geoffrey Whiteway
