Case Studies
API Security
Overview
The project focused on redesigning a decentralized financial platform used for asset management, trading, liquidity provision, and analytics. Over time the product expanded into multiple modules including Wallet, Swap, Pools, Bonds, Governance, and Analytics.
Because these areas evolved separately, the interface became fragmented and difficult to navigate. The redesign aimed to unify the experience, simplify financial workflows, and create a clearer structure for interacting with DeFi tools.
My role:
As a Product Designer, I handle research, structure, user flows, and prototyping. I led UX for key platform parts, making complex security data easy work with.
domain:
CYBERSECURITY
Format:
ENTERPRISE SAAS
Teammates:
PM, backend, Frontend, QA, designers
Problem
Many organizations run hundreds or even thousands of APIs across different environments, and a lot of them end up undocumented or poorly tracked—leaving security gaps.
Security teams often deal with scattered data, missing API inventories, and complicated logs that make investigations slow and difficult. Most tools just show raw technical info, but don’t really help teams understand risks or decide what to tackle first.
Workflow
users
The platform is used by technical security roles.
Security engineers analyze vulnerabilities and attacks. DevSecOps engineers integrate security into infrastructure and CI/CD pipelines. Platform engineers manage API gateways and system architecture.
All users operate in environments where speed and clarity are critical for responding to incidents.
Research
Research included interviews with security engineers and analysis of real attack investigations.
Key insights showed that engineers rely heavily on logs but struggle to correlate signals across systems. Most investigations begin with traffic anomalies, and tools that reduce investigation time are highly valued. This led to a core principle: security data must show risk and context together.
Key findings
Key product areas
The interface includes several areas supporting the security workflow.
— Threat prevention dashboards show normal and malicious traffic patterns.
— Attack investigation tools provide details about incidents and attack sources.
— API discovery builds an inventory of endpoints with risk levels.
— Abuse detection identifies suspicious behavioral patterns such as scraping or automated attacks.
Key UX decisions
Several design decisions shaped the interface.
— A unified risk scoring system prioritizes critical findings.
— Investigation views include contextual metadata such as IP, request patterns, and affected endpoints.
— Logs were translated into visual analytics like charts and anomaly graphs.
— Progressive disclosure keeps advanced details accessible without overloading the main interface.
Design process
The design work began with mapping the workflows security engineers use when investigating incidents.
This helped identify which data is essential at each stage of the investigation.
Based on this understanding, the interface structure for monitoring dashboards and investigation tools was modeled. Prototypes were created to test different approaches to visualizing security data.
These prototypes were reviewed with engineers and security researchers. Their feedback helped refine interaction patterns, data grouping, and visualization techniques.
Key results
Outcome
The redesigned UX of platform enables security teams to discover undocumented APIs, detect threats faster, and investigate incidents more efficiently.
Structured dashboards provide visibility into attack patterns and risk exposure, turning complex telemetry into actionable security insights.
Next Project
