Rapid7 wants to help organizations leverage all their data to gain powerful insights into their data security, find and fix exposures that lead to compromise. The User Experience (UX) team at Rapid7 designed a set of tools that help users handle the volume and complexity of their data to make it simple to analyze and remediate on time. But this wasn’t a simple task; it took us about a year and a long process of discovery, analysis, strategy, research, design, and production to deliver Nexpose Now’s designs. We are talking about designing for BIG data. So, how did we manage to keep the user experience simple and effective?
Nexpose Now’s Liveboards (aka Dashboards) were designed with the goal of making big data easy to digest. Each default Liveboard contains data cards that provide analytics which help users answer questions they didn’t even know they had. We show just what users need, no more and no less. But they can expand into their cards to reveal more information, explore, apply custom filter queries, etc.
Users can save and re-use queries across multiple data cards, which basically gives them the ability to
create endless, different data visualizations.
The visual design and information architecture helps users find what they need to focus on. In Nexpose Now Liveboards, which are very visual, color helps communicate risks and problem areas with clarity. There is meaning and relationship among elements that share one color. This helps the user navigate and understand the data that is shown in every data card within their Liveboards and every graph/chart in the UI.
Users rely on the relationship between elements, consistency in flows, paradigms and features, but also rely on the veracity of the information. Nexpose Liveboards and all the available data cards reflect the current state of exposure, the latest and greatest information about the user’s vulnerabilities, assets, risks, asset groups, sites, teams, credentials, etc. In other words, Liveboards are built for users to feel confident to take immediate action. Users can create multiple views and even share them with other team members knowing that the data is clear and up to date.
A new Asset Details page allows you to see a timeline / comparison of asset risk over any date range
you choose. This is one of the UX mocks.
At Rapid7, we work with User Personas that were built using the Proto-Persona method. Understanding our user’s problems and needs allow us to offer better, accurate, and more focused solutions.
One of the Personas we focus on when designing for Nexpose Now is the Security lead/analyst. We analyze the needs of the person in this role and aim to help him/her improve their security, assess and report their security posture, have visibility into their organization’s environment, measure progress, and the success of their security team. For more information on this topic, read “Information Security Application Design: Understanding Your Users” from Ranjan Bhattarai, Ger Joyce, and Saurabh Dutta.
In summary, Nexpose Now’s features allow these types of users to take a look into what is wrong and find an easy way to solve it. The way we have implemented Remediation Projects into Nexpose Now is a good example of good and effective problem solving.
Nexpose Now is powered by Rapid7’s Insight Platform in the cloud. This means new features and capabilities will be continuously released.We are unceasingly working to improve, innovate and provide amazing experiences for our users. It shouldn’t come as a surprise—after all, two of Rapid7’s core values involve listening to our customers and innovation, continuous evolution.
Thanks for reading!
UX Designer II, Rapid7