Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
GitLab / Govern:Threat Insights Features & Demos / 2 Aug 2022
GitLab / Govern:Threat Insights Features & Demos / 2 Aug 2022
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: FY23 Threat Insights UX Roadmap walkthrough

Description

Becka Lippert, Sr Product Designer for Secure: Threat Insights, walks through the FY23 UX Roadmap for Threat Insights. Epic: https://gitlab.com/groups/gitlab-org/-/epics/7607

A

Hey everyone: this is becca, I'm the senior product designer for threat, insights um under the secure stage umbrella, and I just wanted to quickly walk through um the uh fiscal year. 23 ux road mapping workshop outcome, so essentially um in ux. We want to have a roadmap to make sure that we are working strategically and not just responding to all of the incoming requests from issues opened internally or from our account managers or customers.

A

We want to make sure that we are building out threat, insights and vulnerability management features in a strategic way, that's delivering the most value first and foremost, but also in a way that is complementary um to other things that we're working on that can build off of each other and play off of each other design, wise anyways. From from this perspective, because we are talking about the ux roadmap here.

A

So essentially, um what happened um in a nutshell is it was led by andy who's, a staff product designer insecure and um our um our manager justin mandel. So we all got together um with matt wilson, uh who's, the product manager for threat insights as well, and we defined um the the goals that we have in threat.

A

Insights, uh some vision prompts um some of some themes that we've identified, um like flexibility, efficiency and situational awareness, just kind of collecting what we know about what's important to our stage, our persona um and where, where we want to take the threat, insights features in git lab so starting off at that really high level and then looking at what are all of the issues that we currently have out there that were kind of categorized in different epics and spread across the product and we're just trying to organize them and do what we call an affinity diagram.

A

So here's all the stuff out there that we have issues open for whether or not it's in the backlog or it has a milestone. um What are the themes that we can start to identify?

A

So that was this step of the workshop, where we started to identify commonalities and then from there we went into step three, which is refining those themes and getting further clarification on who benefits from this theme. What is the need? What is the outcome? Business objective and what are the what's, the confidence level that we have in um in these problems to solve and I'll include links as well?

A

All of this will be um available for anybody that wants to dig in a little bit deeper, but once we had these themes identified and um you know who we're designing it for and what does it look like? If, if it's successful, we then had to prioritize the themes, and so we did that in the final step here step four um we gave it, you know confidence rating, um what's the reach or impact, and then the effort, and so we then prioritized all of these themes and carried it over into this ux roadmap issue.

A

Where, if you scroll down, um you can see that what we're working on now, what we're working on next and then you know going forward from there. So what we're working on now um is is kind of two two themes which have issues that make up those themes. So the first is to reduce this uh reduce security teams, effort by automating time, time-consuming, triage tasks.

A

So what this manifests, as in terms of features, is policies, so we've been working on designs for an auto dismiss policy and an auto resolve policy, so you can dig into those more um by going into that theme and then, as we're wrapping up those designs, um we're also simultaneously working on this one, which is to increase the security team's efficiency when triaging vulnerabilities at scale- and these are things like advanced filter filtering on the vulnerability report, customizable views where you can save those filters and easily access them without having to interact with the filters every time, vulnerability groups so seeing the vulnerabilities grouped on the vulnerability report by some attribute, like identifier um or date detected or tool, etc, and that will make um bulk triage and remediation a lot more efficient and then some other things in here as well, enhanced bulk actions etc.

A

So um that's those are our focus. That's our focus right now, um followed by enable security teams to collaborate more efficiently. So in here we're really digging into the vulnerability detail page.

A

um You know changing status with a comment changing severity, with a comment, um richly formatted comments, maybe looking at to do's or notifications for security, things, um attaching multiple vulnerabilities to a single issue, etc, etc, so um feel free to dig in to these themes and let matt or I know if you have any questions, you can ping us in any of these issues or in this roadmap um high level roadmap issue.

A

uh Last thing I wanted to say is: this: is a living breathing thing, so um at any point we may decide to pivot, to reprioritize um or to either scope down or up these themes.

A

So if there's any major changes, I will make another video announcing those changes, but this is what we're going to try to stick with, for the most part, also there's a lot of one-off issues that pop up and you may see, matt and I try to fit some of those issues into themes so that we can continue to work a little bit more strategically and and, like I mentioned earlier, if, if I'm, if we're working on a design or doing usability testing on designs that can complement each other, then it makes sense to work on those at the same time.

A

So this helps us really work more strategically and less um responsively to things that pop up, because otherwise it can feel like whack-a-mole. So you may see matt or I um in issues try to fit an issue into one of these themes. That's going to help us with prioritization and also just working on things. You know that are complementary to one another.

A

um There are going to be things that are one-offs that don't fit into a theme, but that we do think should be prioritized before a theme on the roadmap. So you may see that as well, but just let us know if you have any questions and thanks again to andy and justin for leading this ux workshop.

A

um It's been incredibly helpful to feel like we have some a plan, um at least from the ux perspective, um and then the development roadmap may be like, hopefully, is somewhat aligned to this, um so that we can take a design and move it into development and then work through anything that comes up in the implementation breakdown, um but this roadmap is focused on the ux, so research and um design specifically, so just keep that in mind.

A

Okay, let me know if you have any questions. Thank.