top of page

LogRhythm Axon, a ground-breaking cloud-native SaaS platform built for security teams, hired me, a architect-turned-ux designer, to focus on building out the analyst workflow and a new integrated system-wide panel architecture.

Product | UX
Research
UI

Designing a next-gen enterprise SIEM software

scroll down to view the project

Disclaimer: Due to confidentiality agreements, the materials involved in this project are limited. I'd be glad to walk-through my process in more detail on a call.

SIEM-demo-securing-hybrid-environments-2024_sd_10fps.webp

This is a video from LogRhythm's website showcasing the default view of Axon

Limited workspace flexibility, complex security workflows, and scattered threat data made security analysts' jobs extremely challenging.

 

Teams were struggling to efficiently manage and respond to security threats due to disconnected tools and workflows. When I joined LogRhythm's Axon platform team, I saw an opportunity to revolutionize how analysts interact with security data.

How might we help security analysts quickly detect and respond to threats while reducing cognitive load?

What will help analysts work more efficiently?

Prior solutions focused heavily on technical capabilities but lacked deep understanding of analysts' workflows and mental models. We needed to better understand how analysts actually work to make informed design decisions.

Panel Workflow Axon.png

This is the primary concept of the panel architecture in Cybersecurity

What I noticed

  • Security analysts were struggling with disconnected workflows that didn't match their mental models

  • Critical threat data was scattered across multiple views and areas of the platform, forcing constant context switching

  • The existing interface design didn't align with how analysts actually investigate and respond to threats

What LogRhythm needed

  • To make security workflows feel natural and intuitive for analysts by aligning with their investigation patterns

  • Present more contextual threat data while highlighting critical signals, patterns, and relationships

  • Make threat investigation and response as streamlined as possible to reduce analyst fatigue and improve accuracy

SSI.gif

This is a view of analyst investigative workflow and panel architecture implementation

How do we help analysts see and respond to threats more effectively?

Presenting Security Design Solution: Panel-based workspaces proved valuable for security analysis, but the implementation needed refinement. The challenge was balancing comprehensive feature implementation with focused, task-relevant views. I studied how analysts work across various security tools and drew inspiration from their natural investigation patterns.

Design Process

Working in security software taught me that great design isn't just about interfaces – it's about creating a reliable foundation where exploration and craft come together to serve complex security needs.

  • Thorough research into security workflows before proposing solutions

  • Close collaboration between design, product, and security engineering teams

  • Rapid iteration balanced with careful attention to security requirements

  • Continuous feedback loops with security analysts and stakeholders

  • Strong design ethics in handling sensitive security data

This methodology proved particularly effective when developing our panel architecture and case management systems, where each stage built upon analyst insights while maintaining high security standards.

Development Strategy Axon.png

My general design process and approach

My approach to security UX design centers on three core elements:

deep collaboration

iterative development

user-focused solutions

I believe successful security software design emerges from the intersection of exploration, craft, and critical design thinking. This belief was reinforced during my work on LogRhythm's Axon platform, where each project cycle moved through clear stages of understanding, discovery, iteration, implementation, and continuous learning.

Design Beliefs Axon.png

My general design responsibilities

Throughout my work on LogRhythm's SIEM platform, I've navigated several critical challenges.

Navigating Complex Security Design Challenges

Designing for Evolving Threats

Security threats evolve rapidly, creating a constant need to design for unknown scenarios. I embraced this challenge by developing flexible frameworks that could adapt to emerging threats while maintaining usability. When designing our case management system, I used a phased approach - breaking down complex security workflows into strategic components that delivered immediate analyst value while building toward a comprehensive threat response solution.

Accessing Security Users

The sensitive nature of cybersecurity operations meant direct access to security analysts was often restricted. I developed alternative research channels by:

  • Working closely with security engineers who understood analyst pain points

  • Collaborating with sales engineers who had deep customer relationships

  • Leveraging internal security teams to validate workflow assumptions

  • Creating rapid feedback loops with available users to test critical assumptions

Technical Architecture Complexity

During the case management project, we faced a significant challenge when our lead engineer departed. Rather than let this derail our progress, I:

  • Deepened collaboration with the remaining engineering team

  • Found creative solutions that preserved our architectural vision

  • Balanced technical constraints with user needs

  • This experience reinforced that close designer-developer partnership is crucial for complex security software

Navigating Enterprise Security Dynamics

Leading projects like the panel architecture and integrations marketplace required careful stakeholder management. I regularly coordinated between product managers defining strategy, engineers handling technical constraints, sales teams bringing customer insights, and executives focused on business value.

What made this uniquely challenging in security software was balancing urgent threat response needs with long-term architectural goals. 

Takeaways

Success came from turning this stakeholder complexity into strength - each perspective refined our solution while keeping analyst needs central.

Despite the fast-paced and often ambiguous nature of security software development, these challenges pushed me to create innovative solutions like the panel architecture and investigative workflow that made a real difference in how security teams operate. Through each project, I learned that thoughtful design can bring clarity to complexity, turning sophisticated security operations into powerful, user-friendly tools.

Major features worked on

Company awards won

Want to see more?

I am happy to talk through my research and design work for LogRhythm during a scheduled call, as this work is confidential and cannot be showcased publicly.

 

Ask me about my process for any of these features:

Panel Architecture & Research

Case Management 

Entity Enrichment & Response

Notifications Rule Builder

Integration Marketplace

AI-Integrated Security Posture 

Analyst Workflow Optimization

Mobile Scurity Interface Design

Authentication and System Configuration Workflows

bottom of page