Intel Enhanced
UX Redesign for Google's Threat Intelligence Platform
Summary
I led the UX design for a new threat intelligence platform that transformed how Google's Trust & Safety Intel team detects and responds to online threats. By streamlining workflows, improving collaboration, and leveraging automation, this platform significantly boosted agent efficiency and data quality, ultimately enhancing Google's ability to protect users.
Note: Given the confidential nature of Google's internal intelligence tools, I've chosen to use Google ImageFX to create visuals in a 16th-century woodcut style, reminiscent of Holbein. Similar to how alchemists sought to unveil hidden truths, this platform unveils strategic value from raw data. These illustrations portray that process of unveiling, demonstrating the platform’s capacity to convert complex information into strategic insights for leadership, while protecting sensitive information. Each woodcut corresponds to a specific project phase, from problem definition to impact assessment.
My Role
As lead UX designer, I drove the design of this critical platform from initial research and ideation through to final visual design and handoff to engineering. This included collaborating closely with OSINT agents, threat analysts, and engineers to understand their needs, translate them into intuitive interfaces, and ensure a smooth development process.
Problem
Imagine a team of highly skilled intel agents, overwhelmed by a deluge of threat data, struggling with clunky tools, and facing the risk of burnout. This was the reality for Google's Trust & Safety Intel team. Their reliance on outdated systems and manual processes hindered their ability to effectively detect and respond to emerging threats. Spreadsheets were overflowing, data was fragmented, collaboration was limited, and valuable time was lost in the struggle. This situation not only impacted agent well-being but also posed a significant risk to Google's ability to protect its users.
Solution
To combat this, we designed a centralized threat intelligence platform with two core components: the Intel Collections Tool and the Tactical Intel Platform.
Intel Collections Tool
We replaced error-prone spreadsheets with an intuitive UI that streamlined log collection, reducing collection time by 10%. Features like typed fields, data validation, and automated workflows ensured data integrity and minimized errors. We also fostered seamless collaboration between OSINT agents and response teams through auto-generated alerts and a searchable log list.
Tactical Intel Platform
We empowered analysts with a "Suggestions Engine" that automatically parsed data and generated actionable insights, saving over 500 hours annually. By integrating the Knowledge Graph, we enabled automated curation of entities and proactive suggestions, further boosting efficiency. Enhanced filtering and sorting capabilities within the UI allowed analysts to quickly pinpoint crucial information within vast datasets.
Trade Offs
Designing within the constraints of internal tooling presented some challenges.
While we couldn't conduct formal user testing after the design phase, we mitigated risk by deeply involving users and experts throughout the design process. This ensured alignment with their expectations and needs.
To prioritize rapid deployment and address urgent needs, we opted for a more streamlined UI, compromising on some advanced interactions and visual polish for the MVP.
However, we also provided a vision for future enhancements with more modern UI libraries, given additional resources and time.
Lessons Learned
This project reinforced the importance of resourcefulness when faced with limited research capabilities and insights into balancing diverse needs and functionalities within a single tool while managing the associated risks.
I learned to wear many hats, patiently guide partners unfamiliar with UX processes, and navigate the complexities of consolidating disparate tools into a unified platform.
This experience highlighted the value of close collaboration with cross-functional stakeholders and end-users to gather insights and ensure alignment.
Impact
The new threat intelligence platform has significantly enhanced Google's ability to detect and respond to online threats. By addressing agent experience, tool functionality, and security, this project has had a substantial impact on the efficiency, effectiveness, and overall success of the Watchdog OSINT program.
“This new UI is transformative for Intel’s work and facilitates T&S’s ability to protect Google users and stay ahead of emerging threats and risks.”
“This will save ~500+ hours a year (~20 workdays) of analyst time... Moreover, it creates various possibilities for considering suggestions from other Intel sources...”