FireEye SIEM Research
—
The Company
FireEye is a world leader in supplying cyber security solutions to businesses and governments across the globe. Modern networks require a huge set of hardware and software to protect, monitor and defend critical infrastructure that we rely on everyday, from banking to healthcare and everywhere in between.
The Challenge
As IT & Security solutions move further towards cloud networks and away from on-premise (hardware) appliances and products, FireEye and many providers like it are looking to revolutionize their tools to work in the new world. Part of this transition is allowing customers to aggregate and monitor data from dozens of existing products into one visible layer, commonly referred to as a SIEM.
The Role
My role as Sr. UX Designer was to lead the exploration of this transformation period through user research and synthesis that could impact on our products and strategy for moving customers towards the cloud.
Chris Befeld - Sr. UX Designer
Grant Poock - Sr. UX Designer
Sakura Lim - UX Designer
Cristian Benavides - UX Designer
FireEye at a glance:
8200 +
Global Customers (2M + Daily Users)
8%
Cyber Security Market Share
Laying a design foundation,
Cartography
—
Mapping the System
FireEye’s legacy products each include combined hundreds of functionalities that we’re looking at pruning & combining into easier to use, SaaS use cases.
The first step in this process is to take account of what exists, deep dive cartography into dozens of products.
Research
—
Challenging Old Assumptions
Talking to real users is the only way to validate and define our users problems, we work closely with PM teams to engage existing users and industry experts to help drive the understanding of who our users really are, and what challenges they face using FireEye products.
Innovation
—
Leveraging Strengths
Building the next generation of tools isn’t just about catch up, it’s about finding the unique strengths a business already possesses, and building on top of those strengths to create a competitive advantage.
Cartography & Research
FireEye’s legacy products each include combined hundreds of functionalities that we’re looking at pruning & combining into easier to use, SaaS use cases. The first step in this process is to take account of what exists, deep dive cartography into dozens of products.
Persona Development and Customer Journey Definition
This process took us on a journey across FireEye’s vast product portfolio, and exposed us to a wide array of internal teams and resulting customer experiences.
From this research we could start to build a view of who our users were and how we could cater towards these user types in our next gen cloud SIEM.
Persona development was a big part of how we planned to communicate our insights to stakeholders and strategists at the company, we needed a clear cut picture of who our users really were, and how transforming to a cloud business would impact them.
Research Synthesis : Deployment User Blueprints
After defining who our users we’re, we needed to define the timeline and interaction these users and customers would have with our new products and SIEM, so we relied heavily on service blueprint documents to help communicate with stakeholders how the process of signing up and using cloud solutions could work for new customers, as well as existing on-prem customers that would be transferring over to new tools.
These documents allow us to explore the multiple layers of a customers experience, including decision points, touchpoints with FireEye software and employees, and stage by stage processes of the purchasing, deployment and setup experiences.
This process allowed us to dig in and describe the hairy, back-office processes that are needed for existing purchases and deployments, especially in more complex engagements where customers are referred through partnership agreements with parent groups etc.
From there, we could start to identify how to simplify and streamline these processes with new cloud native experiences, and smooth a costly, lengthy process into an intuitive consumer-product like experience that increases product sales and deployment success.
Key Areas of Focus for Next Gen Security Platform:
While ongoing, our project has started to uncover a few key areas that can have a massive impact on FireEye’s next generation products and business in general, we’ve simplified these results into a few digestible principles for the transition:
Onboarding should be modeled after a consumer SaaS product.
seamless for smaller and smaller companies to gain access to enterprise grade security tools. Just because FireEye is a big company doesn’t mean our sign up has to feel like it.
The most imperative aspect of getting new cloud user and existing customers moved over, is the onboarding experience. It is absolutely critical that our sign up and sales flows mimic that of competitive cloud solutions who focus on ease of trial and purchasing makes it
Integration should be as easy as the app store.
Having unique interfaces and sign-ins for half a dozen products means customers aren’t actually seeing the value in the cross pollination of this data. We should strive to work more closely to a google app suite or Microsoft office style environment with smooth transitions and pre-wired API’s & connectors.
One of the strengths of the FireEye portfolio as it stands it it’s vast solution library that covers all aspects of an enterprise grade deployment from SIEM to Email, Endpoint and Network. But these tools are only as good as how they are integrated.
Identity & user management has to happen in a single place.
manage complex permissions and control access to various aspects of the tools. Knowing who our users are, and allowing them simple and powerful control over accounts and permissions will be imperative to the success of next-gen FireEye products.
The cornerstone of both of these features is great, modern user access management, this goes all the way from a down market small business signing up for a trial quickly, efficiently and securely, all the way to multi-customer partner deployments where security managers need to