Designing a New User Experience for Vulnerability Prioritization

Launching the new Unified VRM gave us an opportunity to redesign the vulnerability management experience from the ground up. As a designer coming fresh into InfoSec, I was intrigued to find that InfoSec analysts were grappling with the same problems that users in other technical industries are also struggling with. Sift through the huge amounts of data, antiquated technologies and the limitations of spreadsheets.  Drawing on my previous experience in FinTech and learning from all of you industry insiders, allowed us to take a fresh new look at vulnerability management and build a tool that uses design principles and cutting-edge technology to make prioritization easier.

Function Over Form

The function over form principle in UX Design means that first and foremost the product needs to do what it is supposed to do and if it does, then the form (or “beauty”) will naturally follow. And not vise versa.

For a vulnerability prioritization tool, that means that Unified VRM needs to first and foremost help our clients prioritize their vulnerabilities. If it doesn’t make life easier for the InfoSec team, then it doesn’t matter how beautiful it is. People aren’t going to use it if it doesn’t work.

That is why we focused first on creating a flexible table of vulnerabilities that can reduce your workload from days to minutes. The simplicity of switching views from top to bottom in seconds  feels elegant and beautiful in itself. Every color, every line, every icon has a specific meaning and was carefully chosen to help you focus on your goal: prioritization.

Reducing noise without losing data

Here at NopSec our goal is to bring all your data together and show it to you in one pane of glass.

This means that we integrate with Qualys, SecurityCenter, Nessus and Tenable.io to bring you your infrastructure vulns in the same view as your webapp and pentest findings. And we couple that with asset information and ticketing workflows from ServiceNow and Jira (Atlassian). Giving you a truly holistic view of your vulnerability risk.

But, with millions of rows of data and tons of sources, how do you sift through all that noise?

We use our machine learning prioritization algorithm and design principles to organize it all into digestible bits. Our prioritization engine reduces the unactionable, removes the duplicates and automatically lists them in order of importance. That alone reduces the noise by allowing you to focus on the important items first. We then careful and purposeful designed the rest of the data, so that you have the right context for each individual view (by asset group, by asset, by vulnerability and by vuln instance). By purposefully choosing the data points for each type of view, we help you focus on just what you need at that moment. The rest is all still there (we don’t remove anything). We just let you choose when it to see it, so that you can prioritize for your individual needs.

Intuitive Workflows

After talking with analysts in the field, it quickly became apparent that they were tired of cumbersome tools that promised a lot of features, but buried them all deep in UI. Making their workflows harder, not easier. We immediately resolved to build a tool that would be intuitive and easy.

We put the whole analyst workflow in one screen. You can sort, search, filter, summarize and drill into vulnerability details without ever leaving the page.

Not only that but, you can easily use the same view to track vulnerability by their natural life cycle. See pending vulnerabilities that were just found, track the progress of vulnerabilities that are in the process of being remediated and get access to every resolved, risk accepted or mitigated vulnerability in your environment. By understanding your needs, we designed an experience that makes each analyst’s unique prioritization workflow simple and intuitive.

Conclusion

Vulnerability Prioritization isn’t an easy task, but that doesn’t mean that the tools you use to do it shouldn’t be elegant and easy to use. The new Unified VRM focuses on function, reduces noise and streamlines workflows so that you can improve your prioritization and reduce your risk.

We are always looking for more ways to streamline your workflows and bring you the best in class vulnerability management tools and are always looking to you for feedback. So, if you have any ideas or would like to test out our beta features, feel free to contact me below or join our live webinar on April 18th, 2019.

Niki Nichols

Senior Product Designer

nnichols@nopsec.com