IBM Security

Accelerating data ingestion configuration:
Bulk operations of data sources in threat management

The bulk operation on data sources empowers Security Administrators to efficiently manage multiple data sources simultaneously, eliminating the repetitive and tedious manual data entry.

As a UX designer working in a team of 3 designers alongside the solution architect and development lead, we re-architected the bulk adding, editing, and deleting workflows for the IBM QRadar Suite SIEM. I led the migration of 10+ years old legacy UI from the Device Support Module (DSM), addressing 5 major user pain points enhancing the bulk editing experience.
Product
IBM Security QRadar Suite SaaS
Team
Development, Architect, Product Management
Role
I worked in a team of 3 designers to lead the delivery of the bulk editing workflow.
Timeline
2022 Q4
Highlights

Reduced task completion time

From hours to minutes

Introduced capability to bulk edit

1000+ data sources

Reduced task completion time

From hours to minutes
Context

Introducing the bulk operation in the QRadar+ Suite SIEM product

IBM has rearchitected its market-leading threat detection and response portfolio to maximize speed and efficiency, addressing the evolving needs of today's security analysts. My team focused on the cloud-native log management capability, which led to the consolidation of multiple acquired products into a unified interface, offering shared insights and connected workflows.

I collaborated in a team of three designers, including two new members whom I onboarded and guided throughout the project. Each designer specialized in bulk add, bulk edit, and bulk delete experiences, enabling us to deliver the end-to-end bulk operations workflows for the initial launch of the IBM QRadar+ Suite.
Approach

The Journey from Understanding to Delivery

The design process was structured into three phases - understand, explore, and deliver.
  • Understand: The team of 3 designers collaborated on competitor research and conducted UX audit of DSM. We streamlined entry points and aligned with stakeholders to ensure the low-fidelity workflows met user and business needs, and that the backend requirements are clear.
  • Explore: We worked closely with the 4IAB leads to prioritize identified user pain points and assess the feasibility of design explorations.
  • Delivery: High-fidelity design prototypes and redlines were delivered to the development lead. The final design solution offers clear affordances for bulk actions, flexible use of variables, and reliable error recovery mechanisms.
Outcome

Introducing the bulk operation in the QRadar+ Suite SIEM product

The redesigned bulk management of data sources significantly improved the efficiency and productivity of Security Administrators within the IBM QRadar+ Suite SIEM. By addressing legacy UI issues and introducing streamlined workflows, the project successfully optimized data source management while upholding user-centric design principles.
  • Legacy UI migration: Modernized UI to align with IBM’s Carbon Design System
  • Clear affordance: Provided intuitive indications of available bulk actions.
  • Enhanced efficiency: Offered flexibility and efficiency in assigning unique values.
  • User freedom: Enabled users to seamlessly continue tasks during data processing.
  • Reliable error recovery: Implemented reliable error recovery through downloadable summary reports.

In-depth case study available.

Reach out to christinamentors@gmail.com.