Case Study - Building a Ticketing System for a Managed Detection & Response Platform

Project Overview

Binary Defense is a managed security service provider that specializes in managed detection and response solutions. While in my role as UX Architect at Binary Defense, we have been building a platform that will become our customers' primary touchpoint for their Managed Detection and Response serivce. With a quick go-to-market strategy, the platform was expected to reach general audience in Q2 2024. To make this happen, the BD Platform scope was reduced to a MVP version with a focus on the investigation (ticketing) feature.

The Challenge

In exploratory research, it was found that customers had frustrations with using an external ticketing system which caused more steps than necessary to escalate and manage their tickets. Furthermore, customers using the current MDR platform (BD Vision) have a separate system into which they login, but it does not link to the ticketing system. Both of these scenarios are unacceptable because we do not own the third-party ticketing system and cannot control the user experience. Our primary user, security analyst, wants to be able to respond to escalated alerts within the same system in which they are notified of escalation.

Solutions & Goals

While in the planning phase of the BD Platform and using initial research, I built quick workflows using my comprehensive design system and reviewed it internally with team members and leaderhip. Here, we understood our challenges, roadblocks, and problems to be solved. We compiled a large amount of user feedback and built out personas according to the type of users that will use our new platform. It was felt that our findings were important and should be addressed with efforts including:

• Providing customers with valuable metrics that they can access when they want and customize as they need.
• Creating a unified ticket workflow experience that supports key use cases.
• Allow internal access to manage and onboard accounts and their users.
• Reducing overall cognitive load and improving workflow.
• Capturing requirements for a intial release with a quick quick go-to-market strategy, while providing enough value.

Providing Valuable Metrics

During a few research studies, I interviewed our SOC Analysts and SOC Leadership to understand the most crucial metrics that need to be available to our customers. Along with a few customer interviews, we compiled a list of metrics we can display on the dashboard as well as on the other feature pages. Our goal for these metrics is to give our customers insights into their environment and be able to understand where they need to take action.

Unified Ticketing Workflow

As mentioned earlier, instead of using a third-party ticketing system, we integrated our own into the platform, pulling in data through api's. After understanding the SOC workflow, integrations, and limits, I designed a in-depth workflow of the ticketing feature. Our goal for this feature is to allow customers to respond directly to tickets, change statuses, follow the timeline of events, and access the escalated alert information linking to the sourced alert information on BD Vision.

Internal Account Management

In order to manage accounts and their users, we needed to think about a few internal processes. First, we need to be able to onboard tenants to the platform and manage the users on their behalf. We created a System Admin persona that ideally will perform these actions. After a few passes and a fully interactive prototype, I performed a usability study with a few key IT Admins. We found out that, overall, the feature was easy to use and provided positive feedback about the workflow. There were a few things that posed to be problematic that we addressed and implemented into the final version.

Outcomes and Impacts

Today, we contine to build upon BD Platform's features and developed a product roadmap to address the needs and wants of our customers through countless interviews, feature feedback, and quarterly business reviews. After months of building, testing, and QA, we launched the initial version of the BD Platform in Q2 of 2024. The platform was well receieved by our leadership as well as countless customers who onboarded as soon as they heard.

Later in 2024, Binary Defense was invited to participate in the Forrester Wave™ demo to be judged against the competition. In short, the Forrester Wave™ is a guide for buyers considering their purchasing options in a technology marketplace and is based on their analysis and opinion. In this report, it was stated that Binary Defense is "punching above our weight" and that we scored high in many categories about our offerings.