Design at Horangi: The Human Element in Cybersecurity

A look into my process and principles for designing human-centered security products at Horangi.

Setting the Stage: About Horangi & Warden

I design at Horangi, a B2B cybersecurity company founded in Singapore in 2016 with a mission to make enterprise-grade security accessible to other businesses. In 2023, they became part of Bitdefender, a global cybersecurity leader, which has allowed us to scale our impact even further. My primary focus has been on our flagship product, Warden, a Cloud Security Posture Management (CSPM) platform.

Warden’s job is to continuously monitor a company's cloud infrastructure, identify critical misconfigurations, and check them against global compliance standards. But its core purpose, and my core design challenge, is to provide clear, actionable guidance that helps teams fix these issues without needing to be security experts themselves.

My Role

When I was hired, I was the sole Product Designer for Warden, in charge of delivering all designs from end-to-end. In this technical, B2B environment, my role is to be the advocate for the user in every conversation. I am responsible for the entire design process, which involves understanding user needs through research, defining problems, and crafting solutions that are both effective and intuitive. This means I spend my time creating user flows, wireframes, and high-fidelity prototypes, and then working closely with engineers and product managers to ensure the vision is executed to the highest standard. For a product like Warden, my role is crucial in making sure that we don't just build a powerful tool, but a usable one that truly solves our users' problems.

The Challenge I Embrace

Cybersecurity is an inherently complex domain, filled with jargon, abstract threats, and high stakes. My challenge is to cut through this noise. I design for users who are often under pressure and time-constrained, from security analysts triaging critical alerts to developers needing to fix vulnerabilities quickly. My work is to provide them with a sense of control and clarity in a landscape that can often feel overwhelming.

A prime example of this complexity is cloud security misconfiguration. In the fast-paced world of cloud computing, critical settings can be easily overlooked. An S3 bucket left public, a database unencrypted, or an access key exposed—these are not just minor errors; they are significant security vulnerabilities that can lead to data breaches. Many organizations lack the specialized expertise to navigate this landscape, making it difficult to even know what questions to ask. My design challenge is to bridge this knowledge gap, making it simple for any user to spot these risks and secure their cloud environment effectively.

How I Approach Design

When I first entered the world of cybersecurity, I had no background in the field. It was a steep learning curve, and I had to sit down with our security experts to understand the complex jargon and technical terminologies before I could even begin designing. This personal experience became the foundation of my design approach. Because I know what it feels like to be overwhelmed by data and unsure of where to begin, I focus on cutting through that noise for our users. I design by putting myself in their shoes, aiming to create clear, guided paths that transform confusion into confidence. My goal is to build tools that feel less like a complex system to be managed and more like a trusted partner in securing their environment.

My Design Principles

To guide my work, I adhere to a set of core principles:

1. Clarity Over All: I prioritize clear communication above everything. I strive to present the right information, at the right time, in the most understandable way. This means simplifying complex concepts, establishing clear visual hierarchies, and using language that is direct and unambiguous.

2. From Insight to Action: It's not enough for me to show users a problem; I must guide them to the solution. My designs are built to be actionable, providing clear, step-by-step pathways to remediate risks and improve security posture. I aim to empower, not just inform.

3. Empathy for the User: I build for real people with real-world challenges. Through continuous research, interviews, and testing, I immerse myself in the user's context. This deep empathy allows me to design solutions that are not just functional but are truly aligned with their workflows and mental models.

4. System-Minded Craftsmanship: I help build and maintain a cohesive design system that ensures consistency, quality, and efficiency across our entire product suite. This systematic approach allows me to focus on solving unique user problems while ensuring a seamless and predictable experience.

My Objectives

My main objective at Horangi is to bridge the gap between complex security data and the people who need to act on it. For Warden, this meant my goal was to create a product that empowers, rather than overwhelms. I aimed to design an experience that provides a clear, prioritized view of security risks, making it easy for even non-experts to understand their compliance posture. Ultimately, my objective was to build a guided pathway within the product—one that leads users seamlessly from discovering a vulnerability to understanding its context and successfully resolving it, thereby making cloud security accessible to all.

My Approach to Warden

A cornerstone project that embodies these principles is Warden, our Cloud Security Posture Management (CSPM) tool. My overarching approach was to ensure the product experience was guided, clear, and actionable. I focused on the following:

• Creating a "Single Pane of Glass": Designing an intuitive dashboard that provides immediate clarity on an organization's security and compliance posture.

• Democratizing Data: Making complex security information accessible and understandable for non-experts.

• Moving Beyond Alerting: Shifting the focus from simply flagging problems to guiding users toward a resolution.

• Designing a Complete User Journey: Building a clear path for users that takes them from identifying a vulnerability, to understanding its impact, and finally to implementing the fix.

• Prioritizing Actionable Guidance: Providing clear, step-by-step instructions to make remediation as straightforward as possible.

How I Work

My design process is deeply collaborative and iterative. I work in close partnership with product managers, engineers, and security experts from the very beginning of a project.

• Discover & Define: I start by deeply understanding the problem space and the user's needs through research and discovery.

• Ideate & Prototype: I explore a wide range of solutions through sketching, wireframing, and interactive prototyping.

• Test & Iterate: I relentlessly test my assumptions with real users, gathering feedback to refine and improve my designs.

• Deliver & Support: I work hand-in-hand with engineering to ensure a high-quality implementation and continue to monitor and improve features after they launch.

Why I Design at Horangi

Designing at Horangi allows me to tackle the exact challenges that first drew me to this field, but it's the people and culture that make it truly special. My own experience learning cybersecurity from scratch was made possible by a team that was always willing to exchange ideas and knowledge. Working alongside people from such diverse nationalities in a fun, start-up environment was an eye-opening experience. I find deep satisfaction in knowing that our collaborative work has a tangible impact, empowering businesses worldwide to protect themselves from real threats. At its core, my role here is about making cybersecurity more human, and I'm proud to be part of a team that is so deeply committed to that mission.