AI-Powered Data Intelligence
Turning alert noise into actionable AI insights security teams can trust and act on
Role
Product Designer
Team
Co-founders, Engineering
Tools
Figma Make
Timeline
1 Month
Role
Product Designer
Team
Co-founders, Engineering
Tools
Figma Make
Timeline
1 Month
Context
The customers' security teams were drowning in alert noise. 10,000 alerts a day, with 40 to 60 percent false positives and real attacks hidden in the pile. I designed an AI-native investigation flow where AI handles triage, allowing security analysts to focus on judgment and taking action.
Problem
Security analysts are shown AI analyzed alerts at every step. The challenge is designing an experience they can trust and act on.
As the sole designer, I owned the full product from information architecture and dashboard design to the incident investigation experience and AI reasoning presentation. The core challenge was how to help users trust AI generated analysis and act on it confidently.
To address this, I spoke to customers, PM, and engineering and identified 3 design principles to ensure the investigation experience is transparent and trustworthy.
Designing for trust
Presented AI reasoning in plain English so analysts could act without interpreting raw data.
Surfacing transparency
Showed what the AI was confident about and where the uncertainty came from.
Feedback on AI claims
Let analysts ask follow-up questions and flag hallucinations directly in the side panel.
7 in 10 analysts resolved incidents without cross-checking raw logs
๐งฉMy Approach
Understanding how analysts use and trust AI analysis during investigation
I mapped the full investigation workflow to understand where analysts needed context, where they made decisions, and where uncertainty slowed them down.
๐กResearch Insight
Analysts want transparency and the ability to verify AI analysis
Analysts weren't skeptical of AI in general. They were skeptical of verdicts they couldn't validate. Transparency wasn't a nice to have. It was the condition for trust.
๐ฏDesign Decision
A two part drill down: plain English verdict first, full evidence in the side panel
I designed a verdict first experience with AI confidence score and floating cards, and users can drill down in the side panel.
๐งชUser Testing
When analysts could ask questions and flag errors, they acted faster
Giving analysts a way to challenge AI claims reduced hesitation significantly. The side panel was not just transparency. It was a confidence mechanism.
๐งฉMy Approach
Understanding how analysts use and trust AI analysis during investigation
I mapped the full investigation workflow to understand where analysts needed context, where they made decisions, and where uncertainty slowed them down.
๐กResearch Insight
Analysts want transparency and the ability to verify AI analysis
Analysts weren't skeptical of AI in general. They were skeptical of verdicts they couldn't validate. Transparency wasn't a nice to have. It was the condition for trust.
๐ฏDesign Decision
A two part drill down: plain English verdict first, full evidence in the side panel
I designed a verdict first experience with AI confidence score and floating cards, and users can drill down in the side panel.
๐งชUser Testing
When analysts could ask questions and flag errors, they acted faster
Giving analysts a way to challenge AI claims reduced hesitation significantly. The side panel was not just transparency. It was a confidence mechanism.
๐ฏ Solution
An AI-native investigation flow where analysts move from alert triage to confident action
SOC risk dashboard
Active incidents list
Incident detail with AI summary and event timeline
AI confidence walkthrough โ step-by-step reasoning
AI reasoning panel with drill-down evidence