UI/UX Design
Signal Over Noise
A SecOps Dashboard for Threat Monitoring & Investigation
Responsive
Blue Cat
Cyber Security
My Role: A UX Designer in the team of 3 designers, working in agile sprints. I handled UX process an d wireframes.
Tools: Figma, Figma Make, Miro, Notion, Power BI
Got few seconds only..?
Quickly get context of what we did
SecOps teams face alert overload where critical threats get buried. This dashboard unifies severity, confidence, asset risk, and threat flow—enabling faster triage and clearer incident response.
(A fictional analogy)
Like a watchtower in Middle-earth, the dashboard rises above the noise, offering a clear, central view.
From the tower, the horizon is always watched—early movement spotted before threats reach the gates.
The map below reveals the land—critical assets, connections, and the paths threats may take.
Distant red glows signal danger beyond the mountains, visible before the battle begins.
What’s happening in Middle-earth?
The scenario
👩💻
Riya monitors the network, spots a critical spike, checks system confidence, follows the source-to-destination path, and identifies the affected asset. With everything visible in one place, she quickly decides whether to block, investigate, or escalate—without second-guessing.
Riya
Threat Analyst
Dashboard → 🚨 Multiple alerts → ❓Unclear severity → ❓Low trust in signal → 🔀 Switch tools → 🔍 Manually cross-check source & asset → ⏳ Delayed decision → 😵 Stress & uncertainty
Meet Riya
Primary Goal
Quickly identify real threats and respond before they impact critical systems.
Challenges
Faces alert overload where everything feels urgent, struggles to trust which signals matter, and loses time switching tools during investigations.
👩
Needs
Needs clear threat severity and confidence, visibility into source-to-destination paths, and immediate insight into asset impact.
Success
Success means faster triage, fewer false positives, and confident decisions under pressure.
Problem Statement
How might we help SecOps analysts cut through alert noise to quickly trust, investigate, and act on the most critical threats—without slowing down under pressure?
Ideation
For this enterprise SecOps dashboard, I used task-based ideation supported by before–after task flows and information hierarchy mapping to design for speed, trust, and decision-making under pressure.
Severity+Confidence Driven Triage
What?
Combines threat severity with system confidence to help analysts instantly trust which alerts need action.
Why?
Prevents critical threats from getting lost in alert noise and reduces time spent second-guessing false positives.
Source-to-Destination Threat Flow
What?
Visually traces threats from external sources, through firewall decisions, to internal assets.
Why?
Helps analysts understand how an attack is moving—not just that it exists—making investigation faster and more intuitive.
Asset Risk & Classification System
What?
Groups assets by criticality, environment, and exposure, with clear risk scores and active threat indicators.
Why?
Allows teams to prioritize response based on business impact, not just alert count.
