Nov 14, 2019 - Emily von Hoffmann    

How you can help shape the future of securing applications with GitLab

We want to provide the best experience in keeping your application safe after your code is in production.

This blog post was originally published on the GitLab Unfiltered blog. It was reviewed and republished on 2019-12-09.

As part of our vision to deliver the entire DevOps lifecycle in a single application, we’re designing an experience that will allow security professionals to collaborate directly with developers. We need your help to make it the best it can be!

Our newest product stage is Defend, and it’s an exciting time as we continue to define our strategy and roadmap. The Defend UX team’s goal is to provide the best experience in keeping your application safe after your code is in production. This includes all features that help you defend your applications and cloud infrastructure by giving you the ability to identify, catalogue, manage, and remediate threats, vulnerabilities, and risks.

Some of the new categories we’re planning for in 2020 include Runtime Application Self Protection, Threat Detection, User Entity and Behavioral Analytics and more.

GitLab First Look Get invites to usability tests, interviews, surveys, and more. Sign up Arrow

We have a ton of UX research planned to help us learn more about this new category, and we hope you consider adding your voice.

Our users' jobs to be done

From what we know so far, the Defend user is responsible for maintaining the security of their company’s environments and applications. They seem to have a wide variety of job titles, including security analyst and SecOps engineer.

We aim to understand our different users’ motivations and goals by identifying their primary jobs to be done. For the Defend user, these include things like:

When I make sure my company’s applications aren’t vulnerable to bad actors, I want to monitor the traffic coming to my application and detect the possibility of an attack (SQL injection attempts, XSS attempts, vulnerability scanners, etc.) so I can know what parts of the application I need to protect better.

Our recruiting challenge

Perhaps because we’re best known for our origins in source code management, we usually have an abundance of participants who fit our software developer persona when we’re recruiting for studies. Newer personas like our Defend users have been more elusive by comparison — we’ve attempted studies where we couldn’t find a single human to speak with.

This is a real problem for us, as we believe strongly in evidence-based design. We want to build for your actual wants and needs as opposed to our assumptions about them.

How you can help

If any of this sounds like you, please sign up to our research program, GitLab First Look! When you join, you can indicate exactly which product areas and types of research you’re interested in. We’ll send you invitations to participate when you match with studies.

Questions? Reach out to me on twitter.

Sam Kerr and Tali Lavi contributed to this post.

Cover image by Rashid Khreiss on Unsplash.

Try all GitLab features - free for 30 days

GitLab is more than just source code management or CI/CD. It is a full software development lifecycle & DevOps tool in a single application.

Try GitLab for Free
GIT is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license

Try GitLab risk-free for 30 days.

No credit card required. Have questions? Contact us.

Gitlab x icon svg