Skip to the main content.

6 min read

Designing AIR – A peak behind the curtain of UI/UX design at Binalyze

Featured Image

As a Sr. Product Designer within the Product team here at Binalyze, I believe that the best design solutions and product improvements come from listening to our customers. 

Sometimes this might be users’ sharing their feedback on how something could be improved or how a design tweak could make the user experience of AIR even better.

Our goal as Product managers and Product designers is to strive for the best possible user experience that answers our users’ needs and will help them do their job efficiently and without any problems. 

To answer that need, our Product team’s mission is to look at every part of AIR’s design from a user-centric position with a few key points of focus:

Paired structure

Our Product teams work in pairs, made up of a Product manager (PM) and a Product designer (PD). The idea of pairing is to create a working partnership to develop and refine the product experience. 

The PM’s primary responsibility is understanding and refining our user’s feedback into defined problem statements, while the PD creates the solutions to these problem statements. The fruit  of this collaborative partnership is a continually evolving, living product like AIR - that’s fully aligned with the end users’ needs. 

(Tom Blumenthal and Dana Nof at a recent meetup )

Tom Blumenthal, my partnered Product Manager for AIR explains: “One of the requests we received from our users was the ability to collect evidence from assets that cannot be connected to AIR.

I interviewed a number of users directly to understand best why they actually needed to do that and found that, in some cases, the target devices may be isolated on an air-gapped network for security reasons. So, this requirement came about due to very specific environmental factors  instead of merely being a preference.״

At this point, I’d start to think about the solution for this particular problem. I wanted to try and replicate the same familiar experience of acquiring evidence from multiple sources, that had proved so popular, and brought so many of our users to the AIR platform in the first place. 

The challenge was that this had to be a manual process. I believe that although we’re designing an enterprise-level solution, it’s essential to look at the individual user sitting in front of their workstations.

Therefore, in any feature that we design, I’ll look for inspiration in the day-to-day products we all use. Most people will have shared pictures with friends and family or uploaded files to a cloud drive. These are all common tasks, and we’re used to a defined process and typical way of doing it. Our AIR users are no different, and uploading evidence from hundreds of assets shouldn’t be more difficult or complex than these kinds of everyday tasks.

We broke the process into three steps:

  1. Creating a task
  2. Running the task
  3. Importing the data back to AIR

And, we wanted each step to be as streamlined and convenient as possible.

Our users already know how to start an acquisition in AIR, so instead of trying to reinvent the wheel, we kept the behavior of the first step the same as any other acquisition in AIR.

The second step is being performed away from AIR’s UI, which makes it harder to control the overall user experience, so we wanted to keep the execution package as small as possible and designed it so all the user has to do is double-click the executable.

The third step was the biggest challenge, as here we had to create a new process. Our focus was to make this experience feel very familiar. (As highlighted above, we wanted the process of a user uploading 10 files to AIR to feel materially no different than a user sharing 10 photos to their family - both should be intuitive 🙂) 

We wanted to achieve this goal without compromising on the powerful flexibility and lightning-fast speeds that are AIR’s trademark. Based on positive customer feedback to our solution, we can be confident we achieved just that.


Customer interview sessions 

As we’ve explained, listening to our customers is super important to our design process. We’re always wanting to better understand who the different users of our product are, what their roles are and how they feel when they use our platform. To tackle this need, we conduct regular user interviews. 

At these sessions, we’ll trial improvements to the fit and finish of AIR’s design or check on the responses to an existing feature and how we might make meaningful improvements to it in the future. 

We look at all of our customers as collaborative partners. They’re a critical part of our existence, and they’re very much with us on the journey of building the world's best DFIR product.

Tom and I are jointly responsible for finding the users and scheduling the meetings with them. It’s very important for us to meet personally with each user and not a few users together (even if they’re working in the same company) - we believe each individual can give us different information that makes for such valuable feedback.  

In case we’re checking an existing feature - Tom will build a demo AIR environment and give the user different scenarios to demonstrate how they might use it.

It’s enlightening to see how different users do the same task in such different ways.

We’ll then prepare prototypes so that users can use them like it’s a real products. In doing this, we can explore the user’s reaction to a new design and how intuitive it is for them.

There are a few different UX testing methods that we use, like the 5-second test, card sorting, and prototype testing

Voice of the customer

Every month, we have a scheduled meeting between the Product team and the Sales team. The purpose of the meeting is to hear from every Binalyzer who is customer-facing, and to capture every comment or request that is shared. From this point, we can move quickly to discuss and evaluate this feedback - taking action as and when required.

For example - from these meetings, we understood that our management-level users (CISO and SOC manager of both Enterprise and MSSP) want to know if and how much value they’re getting from Binalyze AIR. 

To answer this request - we designed a new dashboard that will provide insights into how AIR is being utilized by its users. We designed it in a way that the user would be able to filter the data so that the graphs would provide a clear and relevant picture of their usage.

In addition, the data can be exported in a PDF format so that this usage can be tracked against their specific business goals or KPIs In every project - after we make a release, we then take some time to evaluate our users' reactions and feedback.  In the future - we plan to add more metrics and widgets that’ll include more granular data and some calls to action.

“God is in the details.” (Ludwig Mies van der Rohe)

The design solutions that we come up with, can be big or, in some cases, very small (development-wise), but they’re all equally important for our users!

We want to create this intangible magic feeling that drives the experience for users. All changes need to help the user feel more at ease when they use our product. Ideally, we want users to not even consciously notice that we’ve changed something. It should all just feel very intuitive - when we achieve that, it’s a big win for us.

To share an example, here is a small change that we’ve just actioned:

When users decide to create a new acquisition within the AIR console, they’ll usually check the existing profiles, and if they don’t have the right one, they’ll create a new profile. 

The button to create a new profile was outside of the profiles dropdown, which some users struggled with. So, acting on our UX research, we decided to put this inside the dropdown as a sticky button. This way, the user can scroll in the dropdown and, in a very intuitive way, click the “add new profile” button.

Designing for the future

Software products are living-breathing things, and to survive in today's competitive landscape, they must continually grow and adapt. Our focus is on making AIR the absolute best product we can for our customers.

In our design process, we’ve interviewed users from many different sectors to observe how they use AIR today and identify any obstacles that may slow them down.

We’ll then create two separate concepts and test and validate them with more users. We’ll extract the most successful ideas to combine them into the final design.

This sits well with our product vision and wider strategy of revolutionizing the way DFIR investigations are being conducted by democratizing once-complex investigation tools. We want to make AIR super-easy and useful for even novice practitioners whilst still being a powerful solution in the hands of an expert.

Making the experience intuitive, accessible and comfortable will ultimately make the work of DFIR universally faster, more efficient and hopefully less stressful as well.

To that end, we’re currently busy working on a substantial design update for AIR, which will feature an improved navigation and enhanced user experience. It’s been designed not only to make the end user's job easier to complete but also to make it feel more comfortable and enjoyable to get work completed.

(Co-authored by Tom Blumenthal)

Every voice matters

Would you like to shape the future of Binalyze AIR? As we continue to iterate and evolve our AIR platform, your feedback is one of the most important resources for us.

Joining our Product Advisory Board has many benefits including:

  • You’ll gain exclusive early access to in-development prototypes and test builds.

  • Be hands-on in setting our agenda for future roadmap development

  • Drive the conversation around refining key features

  • Get in the loop - having direct interactions with our talented product and design teams

To join our Product Advisory Board click here to apply.