XM Cyber

A Cyber attack simulation and vulnerability management platform.

Background

XM Cyber is a cybersecurity platform designed to revolutionise how organisations identify and address cyber risks. It automates the discovery of potential attack paths to critical devices and assets by simulating cyber attacks.

Challenge

As this was the first version of the application, my role as Design Lead involved balancing functionality, feasibility, and user needs in a complex environment. A primary challenge was translating technical cybersecurity processes into an intuitive user interface, which required intensive collaboration with Subject Matter Experts (SMEs) and exploratory research.

Furthermore, high-quality design in cybersecurity software is rare, limiting our ability to draw on existing examples for inspiration. We had to innovate, leading to a design that introduced new concepts and metaphors. We mitigated risks through research, workshops with SMEs, and extensive user testing. The positive user feedback and commercial success affirm that these efforts were fruitful.

Design Priorities

  • Dashboard: Provides a comprehensive view of security alerts and key performance metrics.

  • Scenario Setup: Enables users to configure attack simulations, including selection of key devices, assets, and compromise/reconnaissance methods.

  • Battleground: Represents the core of our design effort. This main view functions like a dynamic canvas, similar to Google Maps, where users can zoom in to see individual devices or zoom out for an overview of entire networks. It offers insights into potential attack paths and vulnerabilities by visualising the results of simulations.

Role

Design Lead

Role

Design Lead

Concept sketching with subject matter experts.

Production: The Battleground displaying a cyber attack simulation.

UI Design: Expanded timeline view with assets pinned.

The Approach

I lead a team of 1 x UI and 2 x UX designers and we collaborated closely with XM Cyber’s development team.

  • User-Focused Design: I began with desk research and user interviews to gain a deeper understanding of the users' needs and existing workflows. This helped us understand the users' mental models and the visual metaphors they currently use to conceptualise cybersecurity attacks.

  • Development Collaboration:

    • Iteratively designed and prototyped, with ongoing refinement based on user and stakeholder feedback.

    • Collaborated closely with the development team and SME's to ensure technical feasibility as we ideated and designed.

    • Conducted user feedback sessions to refine and iterate the design.

Result

The platform launched with much commercial, client and user success.

  • Funding success: The company successfully raised over $32 million in Series A funding.

  • Industry Awards: The design and innovation of XM Cyber were recognised with the Australian Fintech Award.

  • Impact on Users: The platform received positive pre and post-launch user-feedback for its design, ease of use and efficiency in helping security teams identify and understand security vulnerabilities.


Visit the XM Cyber website.

Interested in the full journey? Contact me for a full case study presentation.

UI Design: A highlighted attack path being investigated.

Created robust documentation to support a multilingual and internationally distributed team.