Rule Builder
Company: Cisco Year: 2024
The Rule Builder enables users to create and customize system rules using various engines. It allows them to provide detailed information, conduct testing, and receive real-time results.
The Rule Builder is a new page in the system, integrated within the Policies section.
The Rule Builder is a new page in the system, integrated within the Policies section.
The Problem
In today’s cloud environments, organizations face challenges such as misconfigurations, vulnerabilities, and compliance gaps. Security controls are difficult to enforce without structured policy management, leading to increased risks of breaches, unauthorized access, and disruptions, while weakening compliance monitoring across multiple clouds.
The Goal
A policy management system, that enhances security across cloud environments by enabling consistent controls and reducing risks. It empowers users to customize rules, maximizing system potential and improving compliance and threat response.
The Challenge
Designing a code-focused environment in a technical context was a challenge. The Rule Builder had to balance complex rule creation and testing with a user-friendly interface, ensuring a smooth experience without overwhelming technical complexity.
My Role
1. Research
I conducted research, including competitor analysis and inspiration from security systems, to ensure usability and competitiveness.
2. Collaboration with Stakeholders, Product Management, and R&D Team
I worked with stakeholders, product managers, and developers to align goals, gather feedback, and refine designs.
3. Leading the design feature
I led the design process, creating an intuitive user experience and a prototype to ensure team alignment.
The Process
1. Gather definitions
I consulted with the product manager to clarify project requirements and objectives, ensuring a clear understanding of the goals and scope.
2. Competitor research and benchmarking
I analyzed competitors and collected design inspiration to identify opportunities for improvement and establish industry best practices.
3. Sketch and design
I Created sketches and multiple design versions to explore different concepts and solutions.
4. Feedback
I shared the last version of the design and prototype with the product manager and engineering teams to gather their insights and suggestions. This collaborative review helped identify areas for improvement and ensure the design aligned with technical and user requirements before finalization.
5. Final design
I designed the final version based on feedback from the product and engineering teams. I enhanced usability and ensured alignment with the technical requirements raised during the review of the previous design.
6. Handoff meeting
We conducted a Handoff meeting where I presented the complete and final flow to the product team, development team, and stakeholders for alignment and implementation.
Personas
Maya | Cloud Security Engineer
Pain Points:
* Struggles with securing multi-cloud environments and customizing policies.
* Faces challenges in identifying and addressing vulnerabilities effectively.
Pain Points:
* Struggles with securing multi-cloud environments and customizing policies.
* Faces challenges in identifying and addressing vulnerabilities effectively.
Goals:
* Needs tools to enforce consistent controls and gain real-time insights.
* Seeks efficient workflows to reduce manual oversight.
* Needs tools to enforce consistent controls and gain real-time insights.
* Seeks efficient workflows to reduce manual oversight.
Jake | Chief Information Security Officer (CISO)
Pain Points:
* Lacks a clear overview of policies across teams and environments.
* Struggles with maintaining compliance in multi-cloud setups.
Goals:
* Seeks a unified system to ensure policy consistency.
* Aims to align security policies with business priorities while minimizing risks.
* Lacks a clear overview of policies across teams and environments.
* Struggles with maintaining compliance in multi-cloud setups.
Goals:
* Seeks a unified system to ensure policy consistency.
* Aims to align security policies with business priorities while minimizing risks.
Competitors Analysis
I reviewed competing systems to understand how they approach rule creation and the features they offer. This analysis revealed key functionalities-such as step-by-step workflows, real-time testing, and error handling-that informed my design. By leveraging industry insights, I created a Rule Builder that balances technical depth with user-friendly design.
Key insights
Through competitor analysis, I realized that simplicity is key in rule building interfaces. While systems provide extensive customization options, they prioritize clarity and ease of use.
This insight guided my design approach for the Rule Builder, focusing on a clean, intuitive layout to make complex customization straightforward and accessible.
The Design Solution
I created a Rule Builder form within the 'Policies' page, allowing users to create and customize their own rules, giving them greater flexibility and control over the system.
Rule Builder
In order to create a rule, the user initiates the process by selecting an engine, such as the Compliance engine. Following this selection, the user proceeds to choose a native type, input the Rego* code in the Rule logic section, test the rule for validity, specify the action to be taken, and provide detailed information.
Default page of the rule builder
Prototype
Mockups
Default page of the Rule Builder
Rego code added
Test completed
Editor
By clicking the Editor button within Rule Builder, users can open an interface where they can add or edit Rego code, view the native type code, receive real-time error notifications, conduct tests within their environment, and review the outcomes.
Default state of the Editor
Prototype
States
Default state
Syntax valid state
Test completed state
Syntax error state
Test failed state
Outcome
The Rule Builder project expanded Panoptica’s flexibility by enabling users to create and test custom rules, solving a core limitation, and giving users control to tailor the system to their workflows.
As lead designer, I led the end-to-end process from research through final design, ensuring an intuitive, user-friendly interface. The resulting feature streamlined rule creation and testing, enhancing productivity and independence within the platform. This experience reinforced the importance of designing adaptable, user-centered solutions -an approach I’ll continue applying in future projects.