Secure tools help your team follow and enforce security best practices effortlessly as part of the DevOps cycle. The Secure UX team’s goal is to provide the best experience in taking pre-emptive security measures before deploying your code, while the Govern UX team’s goal is to provide the best experience in keeping your application safe after your code is in production. See the Sec UX page for more about our team and how our two teams work together.
We have different user types we consider in our experience design effort. Even when a user has the same title, their responsibilities may vary by organization size, department, org structure, and role. Here are some of the people we are serving:
Generally, developers are the users of the vulnerability reports in the MR/pipeline while security professionals are the users of the Security Dashboards.
In order to improve transparency and collaboration, we maintain single sources of truth (SSOT) for the product areas included inside of the Secure Stage. SSOT files include current mocks, primary flows, edge cases, and other assets that may be helpful when contributing to these areas.
Note not all of the categories have correlating SSOT Figma Files.
|Area||SSOT design file||More info|
|Security Dashboards||Figma file||Documentation|
|Vulnerability Reports||Figma file||Documentation|
|Vulnerability Details||Figma file||Documentation|
|MR Secuirty Widget||Figma file||Documentation|
|Security Configuration||Figma file||Documentation|
Our Secure and Govern UX YouTube channel includes UX Scorecard walkthroughs, UX reviews, group feedback sessions, team meetings, and more.