EdgeHawk -
Edge protect
Redesigning a cybersecurity platform into an intuitive, scalable, market ready SaaS product
Role: Product Designer
Platform: Web-based SaaS
Tools: Figma, MUI
Overview
Edge Protect was designed to manage and protect network infrastructures (Protected Objects) for large enterprise NOC and IT teams. The original system was built years ago without a clear information hierarchy, design system, or cohesive user experience.
The objective was to execute a full redesign including UX restructuring, a new design system, and a market ready MVP for demos and real clients.
Today, the platform is actively used by seven paying customers and deployed as part of Cisco and Radware's solution bundles
My role -
Product design
Led the entire end-to-end design process
Defined UX strategy and product structure
Conducted competitor and business needs research
Designed user journeys and workflows
Built a new design system based on MUI
Managed close design QA with development teams
Validated iterations through real user feedback
The challenge
The previous system exhibited significant foundational usability and experience shortcomings that impacted user efficiency and operational clarity
Insufficient visual hierarchy between critical data and secondary information, making it difficult to prioritize actions
Navigation flow is overly complex, leading to frequent and unnecessary transitions between screens
Missing real time feedback mechanisms for user actions, resulting in uncertainty and reduced confidence in system responsiveness
Limited transparency during active attack scenarios, preventing users from clearly understanding the system’s state and mitigation progress
The goal was to redesign the Experience Architecture
to support real time decision making and reduce cognitive load
The Platform Before
The Platform After
User Personas
Max Gochberg
Senior Software Engineer
Biography
Meet Max, a senior software engineer in the R&D team with 25 years of professional experience, including 4 years in cybersecurity at EdgeHawk. He investigates network alerts, correlates logs, and refines detection rules. Max joined EdgeHawk to gain hands on control over low level infrastructure and aims to progress into a senior technological strategist role.
Frustration
When components fail and he cannot efficiently identify the root cause due to fragmented interfaces or disconnected logs.
Solution
A unified user interface with clear mapping between configurations, detectors, mitigation logs, and real time indicators gives Max better visibility, faster insights, and improved operational control.
Professional Experience
25 years in the industry
Tenure at EdgeHawk:
4 years
Personal Goals at EdgeHawk
Learn new technologies, expand his expertise into cybersecurity, and advance professionally.
Workplace Frustrations
Unhealthy relationships between colleagues and lack of opportunities for learning new skills.
How He Copes
Maintains positive relationships with peers and continuously learns new technologies.
Research & Insights
Methods Used
User interviews via internal company channels
Competitive analysis versus Arbor and Radware
Heuristic review of the legacy interface
Brainstorm sessions with PM, DevOps, and QA teams
Key Insights
Users needed instant visibility on protection status (Active / Idle / Failed)
Required an all in one dashboard aggregating multiple modules
UI caused a high cognitive load with a poor reading hierarchy
Users preferred a data analytics style experience
Problem & Goals
Problem Statement
Users need a fast and clear way to understand protection status and act upon it; current information is scattered and not reflected in real time.
Design Goals
User interviews via internal company channels
Establish a consistent information hierarchy across all screens
Reduce cognitive load through progressive disclosure
Design data-driven operational UX
Business Goals
50%
Faster response time
40%
Fewer support tickets
30%
Higher user
engagement
87%
Improved transparency
and user trust
Ideation & Flow Design
Through Design Thinking workshops, I led multiple brainstorming and Crazy 8s sessions with product and dev teams. Over 30 ideas were generated five were refined and two fully implemented:
Protected Object Editor
Unified three separate editing flows into a single, real-time, task-oriented screen.
Users can now view the object state and take actions without leaving the page
Nested Drill-Down Table
Introduced a hierarchical table structure supporting up to four levels (Parent → Child → Sub-child), with breadcrumb navigation for constant context.
Information Architecture
Rebuilt the IA around three main modules:
Analytics
Status and trend analysis
Mitigation
Defense management
Detection
Real time attack identification
Each module received a clear hierarchy of entities and states with consistent navigation, labeling, and status indicators.
Wireframes
& Prototyping
Two wireframing phases were completed: Low Fidelity for structure and spatial hierarchy testing, and High Fidelity for usability testing with real data. A click through Figma prototype was used to validate flow integrity and design system alignment.
High Fidelity Wireframe
Low Fidelity Wireframe
Developed a new visual language optimized for data-heavy environments,
providing clarity and control
UI & Design System
Functional color palette - Traffic (green/blue) vs. Threat (red/orange)
Typography - Poppins / Inter with high contrast for accessibility
Grid & Layout - Golden ratio with consistent spacing
Micro-interactions - Subtle hover, loading, and state transitions
Core Elements
Design System
Built on MUI with Cisco-specific customizations. Included new components such as KPI Cards, Hierarchical Tables, and Status Badges. Ensured visual consistency across all screens (Dashboard / Objects / Settings)
Headers
Graphs
Buttons icons
Validation & Testing
Multiple rounds of usability and QA testing were conducted, including internal usability testing with NOC teams, A/B performance comparisons between dashboard versions, and real-data validation during simulated attacks
Results & Impact
Business Goals
42%
Reduction in task completion time
35%
Fewer QA tickets
52%
Increase in daily active users
75%
Clicks per task
17%
Higher retention
Issues and Solutions
Critical events misinterpretation
Users struggled to distinguish between critical and non critical security events at a glance
1.
Solution
Introduced clearer color hierarchy
Action state confusion
No clear feedback when users initiated protection actions or configuration changes
2.
Solution
Added toast notifications and real-time KPI updates
Table data overload
Overwhelming amount of data displayed in tables caused cognitive overload and slow task completion
3.
Solution
Implemented smart pagination
Learnings & Takeaways
What Worked
Tight collaboration with PM and dev teams
Continuous iterative validation
Bridging UX thinking with measurable business metrics
Challenges
Legacy tech stack limitations
Scope changes during development
Balancing data depth with performance
What I'd Do Differently
Validate critical flows earlier
Define measurable KPIs upfront
Involve NOC users earlier in the research phase
Looking Ahead
Future Features
Smart Query Assistant (AI-powered suggestions), Correlated Incident View, Anomaly Insights Dashboard, Collaborative Query Library, and Automated Rule Generator
Vision
EdgeHawk is evolving from a reactive interface into a proactive and predictive system where UX is not just a display layer but a data-driven operational tool enabling intelligent automated responses
Edge Network Analytics Main Dashboard
Future Features Vision
EdgeHawk - Edge protect
Redesigning a cybersecurity platform into an intuitive, scalable, market-ready SaaS product
Role: Product Designer
Platform: Web-based SaaS
Tools: Figma, MUI
Overview
Edge Protect was designed to manage and protect network infrastructures (Protected Objects) for large enterprise NOC and IT teams. The original system was built years ago without a clear information hierarchy, design system, or cohesive user experience.
The objective was to execute a full redesign including UX restructuring, a new design system, and a market-ready MVP for demos and real clients.
Today, the platform is actively used by seven paying customers and deployed as part of Cisco and Radware's solution bundles
My role - Product design
Led the entire end-to-end design process
Defined UX strategy and product structure
Conducted competitor and business needs research
Designed user journeys and workflows
Built a new design system based on MUI
Managed close design QA with development teams
Validated iterations through real user feedback
The challenge
The previous system exhibited significant foundational usability and experience shortcomings that impacted user efficiency and operational clarity
Insufficient visual hierarchy between critical data and secondary information, making it difficult to prioritize actions
Navigation flow is overly complex, leading to frequent and unnecessary transitions between screens
Missing real time feedback mechanisms for user actions, resulting in uncertainty and reduced confidence in system responsiveness
Limited transparency during active attack scenarios, preventing users from clearly understanding the system’s state and mitigation progress
The goal was to redesign the Experience Architecture
to support real-time decision making and reduce cognitive load
The Platform Before
The Platform After
Research & Insights
Methods Used
User interviews via internal company channels
Competitive analysis versus Arbor and Radware
Heuristic review of the legacy interface
Brainstorm sessions with PM, DevOps, and QA teams
Key Insights
Users needed instant visibility on protection status (Active / Idle / Failed)
Required an all in one dashboard aggregating multiple modules
UI caused high cognitive load with poor reading hierarchy
Users preferred a data analytics style experience
User Personas
Max Gochberg
Senior Software Engineer
Biography
Meet Max, a senior software engineer in the R&D team with 25 years of professional experience, including 4 years in cybersecurity at EdgeHawk. He investigates network alerts, correlates logs, and refines detection rules. Max joined EdgeHawk to gain hands on control over low level infrastructure and aims to progress into a senior technological strategist role.
Frustration
When components fail and he cannot efficiently identify the root cause due to fragmented interfaces or disconnected logs.
Solution
A unified user interface with clear mapping between configurations, detectors, mitigation logs, and real time indicators gives Max better visibility, faster insights, and improved operational control.
Professional Experience
25 years in the industry
Tenure at EdgeHawk
4 years
Personal Goals at EdgeHawk
Learn new technologies, expand his expertise into cybersecurity, and advance professionally.
Workplace Frustrations
Unhealthy relationships between colleagues and lack of opportunities for learning new skills.
How He Copes
Maintains positive relationships with peers and continuously learns new technologies.
Problem & Goals
Problem Statement
Users need a fast and clear way to understand protection status and act upon it; current information is scattered and not reflected in real time.
Design Goals
User interviews via internal company channels
Establish consistent information hierarchy across all screens
Reduce cognitive load through progressive disclosure
Ensure visual consistency aligned with Cisco branding
Design data-driven operational UX
Business Goals
50%
Faster response time
40%
Fewer support tickets
30%
Higher user
engagement
87%
Improved transparency and user trust
Ideation & Flow Design
Through Design Thinking workshops, I led multiple brainstorming and Crazy 8s sessions with product and dev teams. Over 30 ideas were generated five were refined and two fully implemented:
Protected Object Editor
Unified three separate editing flows into a single, real-time, task oriented screen.
Users can now view the object state and take actions without leaving the page
Nested Drill-Down Table
Introduced a hierarchical table structure supporting up to four levels (Parent → Child → Sub-child), with breadcrumb navigation for constant context.
Information Architecture
Rebuilt the IA around three main modules
Detection
Real time attack identification
Mitigation
Defense management
Analytics
Status and trend analysis
Each module received a clear hierarchy of entities and states with consistent navigation, labeling, and status indicators.
Wireframes & Prototyping
Two wireframing phases were completed: Low Fidelity for structure and spatial hierarchy testing, and High Fidelity for usability testing with real data. A click-through Figma prototype was used to validate flow integrity and design system alignment.
Low Fidelity Wireframe
High Fidelity Wireframe
UI & Design System
Developed a new visual language optimized for data-heavy environments,
providing clarity and control
Core Elements
Functional color palette - Traffic (green/blue) vs. Threat (red/orange)
Typography - Poppins / Inter with high contrast for accessibility
Grid & Layout - Golden ratio with consistent spacing
Micro-interactions - Subtle hover, loading, and state transitions
Design System
Built on MUI with Cisco-specific customizations. Included new components such as KPI Cards, Hierarchical Tables, and Status Badges. Ensured visual consistency across all screens (Dashboard / Objects / Settings)
Headers
Graphs
Buttons icons
Validation & Testing
Multiple rounds of usability and QA testing were conducted, including internal usability testing with NOC teams, A/B performance comparisons between dashboard versions, and real-data validation during simulated attacks
Results & Impact
Quantitative
42%
Reduction in task completion time
35%
Fewer QA tickets
52%
Increase in daily active users
75%
Clicks per task
17%
Higher retention
Issues and Solutions
1.
Users struggled to distinguish between critical and non critical security events at a glance
Critical events misinterpretation
Introduced clearer color hierarchy
Solution
2.
No clear feedback when users initiated protection actions or configuration changes
Action state confusion
Added toast notifications and real-time KPI updates
Solution
3.
Overwhelming amount of data displayed in tables caused cognitive overload and slow task completion
Table data overload
Implemented smart pagination
Solution
Learnings & Takeaways
What Worked
Tight collaboration with PM and dev teams
Continuous iterative validation
Bridging UX thinking with measurable business metrics
Challenges
Legacy tech stack limitations
Scope changes during development
Balancing data depth with performance
What I'd Do Differently
Validate critical flows earlier
Define measurable KPIs upfront
Involve NOC users earlier in the research phase
Looking Ahead
Future Features
Smart Query Assistant (AI-powered suggestions), Correlated Incident View, Anomaly Insights Dashboard, Collaborative Query Library, and Automated Rule Generator
Vision
EdgeHawk is evolving from a reactive interface into a proactive and predictive system where UX is not just a display layer but a data-driven operational tool enabling intelligent automated responses
Edge Network Analytics Main Dashboard - Future Features Vision