Vulnerability Management
When I joined Cast AI, the product already included a vulnerability management experience. The interface surfaced detailed insights about vulnerabilities, but something felt off: most of the information was geared toward developers, even though the intended persona was SecOps.
Security workflows rarely belong to a single role. Developers build the applications, DevOps teams manage infrastructure, and security teams monitor risk and coordinate remediation. Yet the product was designed broadly “for everyone,” which made the experience fragmented and unclear.
Introducing Personas
To bring clarity to the problem space, I organized a persona and user journey workshop with the team.
Rather than creating personas from scratch, I revived personas previously used in other security products and refreshed them to match Cast AI’s context. Since the team had already spoken with many users, they were able to enrich these personas with real-world insights.
The goal wasn’t documentation—it was alignment. Establishing shared personas helped the team start speaking a common language about users.
Understanding Collaboration
Once we had personas defined, the next question was: how do these roles collaborate when dealing with vulnerabilities?
Security incidents require coordination between multiple teams. The SecOps team identifies risks, developers evaluate the application impact, and platform engineers assess infrastructure constraints.
To understand this process, we mapped user journeys that reflected the full collaboration cycle, from vulnerability discovery to resolution.
Exploring the Product Vision
With these journeys in place, we began shaping a broader vision for the vulnerability management experience.
We mapped features from the roadmap onto the user journeys and explored how each persona would interact with them. Instead of jumping into high-fidelity designs, we created small thumbnail sketches to illustrate possible entry points, workflows, and touchpoints between users.
This allowed us to quickly explore how the product could support collaboration across teams.
validation
To validate our assumptions, I conducted a series of usability sessions focused on the existing vulnerability funnel feature.
Participants interacted with the product while approaching tasks from their respective roles. This helped us understand how different users interpreted vulnerability data and what information they needed to move forward.
The sessions revealed both usability issues and deeper workflow gaps, while also uncovering new user needs we hadn’t previously considered.
Redesigning the Experience
Using these insights, we redesigned the vulnerability management flow to support a more structured investigation process.
The new experience focused on empowering SecOps users with the context and insights needed to understand vulnerabilities before involving engineering teams. From there, they could initiate investigations and collaborate with developers and platform engineers to determine the best course of action.
Outcome
The redesigned experience created a clearer path from vulnerability discovery to resolution.
SecOps users could now investigate vulnerabilities with confidence, while developers and platform engineers were engaged at the right moments to evaluate impact and remediation options.
Most importantly, the product began to reflect how security work actually happens: through collaboration across teams.