Project Type: UI/UX Design, UX Research

My Role: Lead UX designer and Researcher

Team: 2 Product Managers, 8 Engineers

Timeline: March 2021 - March 2022

 

Brief

VMware’s NSX-T Malware Prevention is a core feature of the NSX Advanced Threat Prevention (ATP) solution. It detects and analyzes malicious files in a sandboxed environment, providing security teams with insights to monitor and prevent threats in real time. This feature played a pivotal role in winning the Goal Prize in Cybersecurity Excellence Award in 2022 & 2023 as part of the ATP solution.

 

Problem

Designing for cybersecurity introduces distinct UX challenges, as Malware Prevention was a relatively new security feature lacking established design patterns.

The need is crucial to align complex backend requirements (e.g., malware detection techniques, security logs) with intuitive data visualizations.

Additionally, engineering priorities sometimes conflicted with business goals, creating ambiguity in design scope.

 

With primary internal research conducted with 14 participants. We synthesized the following feedback from two major user personas.

 
 
 

Solution Overview

Overview Page

Detailed Event View

Multiple Inspections

Customized Report

 

Approach & Strategy

To solve these challenges, I collaborated with key stakeholders on potential ways to empower security professionals to navigate and respond to threats with confidence, and led the design strategy through a structured three-phase approach:

  • Phase 1 - Manage Complexity: Prioritized progressive disclosure for streamlined decision-making.

  • Phase 2 - Visual Hierarchy: Defined a hierarchical structure for primary actions (monitoring, allowlisting) and secondary tools (filters, reports).

  • Phase 3 - Actionable Insight: Worked with PMs to refine scope incrementally rather than attempting to solve all problems at once.

 
 
 

Measuring Success

To validate the effectiveness of the design on aligning with both user needs and business goals, I collaborated with PMs and engineer leads to define key success metrics from both business and engineering perspectives:

  • Number of clicks required to access key insights (reduce cognitive load & interaction cost).

  • Average time spent on advanced filtering (improve discoverability & efficiency).

  • User satisfaction ratings from internal security teams (ensure the UI meets the needs of real-world analysts).

 
 
 

Design Solution 2 - Scatter Plot

Pros:

  • Impact score reflecting verdict in colors

  • Filter by customizable timeline

Cons:

  • Limited mouse-hover interaction space

  • No clear criteria to distinguish verdict

  • Not ideal for multiple inspections on a same timestamp

 

Design Iteration 1- Stacked Bar Chart

Pros:

  • View and filter detections in all categories

  • Showing total detections in single category

Cons:

  • Unable to view verdict score in chart

  • Lack of association between chart and detail panel

  • Time range filter is not supported in chart

 
 

Design Solution 3 - Timeline Visualization

Pros:

  • More balanced space for interactions

  • Use sizing to distinguish affected VMs

  • Filter timeline chart by verdict type

Cons:

  • A11y issues of event icon (color, size)

  • No multiple detections at same timestamp

 

Final Implementation

a. Mouse-over on legend will give a quick overview of detection type, malware family, verdict and etc.

c. Expandable card depicting detailed information of malware traffic trace flow.

b. On-click on legend pops up a list of unique file inspections showing multiple detections on a single timestamp.

d. Filter unique inspections by customizing timeline bar.

 

Impact

  • Security Design System Contribution – Created a reusable widget library with other designers for security-related & empty state pattern.

  • Feature Adoption & Onboarding – Designed an onboarding experience to help security teams understand the new workflows.

  • Industry Recognition – My design solution contributed to NSX ATP winning Gold Prize at the Cybersecurity Excellence Award in 2022 & 2023.

Security Widgets Pattern Library

Empty State Pattern Library

 

Learnings & Reflections

  • Designing for security requires balancing highly technical backend constraints with usability best practices—a challenge that pushed me to collaborate more deeply with engineers and PMs than ever before.

  • Iterative design and usability testing with real users were critical in refining the data visualization approach.

  • A11y in security UIs is often overlooked; I initiated discussions on improving contrast ratios & alternative representations for color-coded threat indicators.