Security Stack Reporting

About stack sim

Design lead: lo to high fidelity mockups and prototypes, conducted usability testing with internal and external candidates.

Results: new market possibilities for self service security evaluation; reduced effort to manually generate reports while saving cost for existing customers; achieved efficiencies in design process and collaboration with the front and backend engineers.

StackSim Lab Overview

Problem: Security teams lack a complete picture of their stack efficacy. Facing tightening budgets and great accountability, they need to maximize coverage by their stack of security tools and provide high level reporting in addition to detailed analysis.

This level of sophisticaed analysis was previously available only to select enterprise organizations willing to pay for professional level services to conduct lengthly manual assessments. Because of the cost and effort required, this type of assessment was rarely conducted, leaving teams vulnerable to overspending on tools they did not need or failing to procure or properly configure the tools they needed most.

Hearing customer feedback in this area, we identified seven popular security tools to integrate into a fully self-service solution for running realistic threat scenarios against a high-fidelity cyber range. We used our existing manual reports that were popular with customers as a basis for prototypes used to gather additional input. I conducted internal reviews with cyber sercurity experts from across our organization and heard from external customers and potential users about what they needed most out of this exercise.

Edit CrowdStrike Test Credentials

Users did not want to discover a tool failed to capture the correct data after waiting several hours for attacks to complete. We created a two path solution: a manual test users could perform anytime and an automated pre-flight check that would ping each endpoint when a user initiated the first attack. If all endpoints responded with an OK status, the lab would continue.