Knowledge Bases
Copilot for Security
Providing security analysts a way to enrich and train Copilot for Security with their own custom sets of baseline files, links, and other resources to better respond to prompts.
Knowledge Bases
Knowledge bases are repositories of information and data, which includes an organization's proprietary information (e.g. wikis, playbooks, policies, procedures, KQL libraries), as well as public repos (e.g. learning documentation, NIST). Through user research, our customers have expressed a keen desire to bring in their organization’s knowledge into Copilot for Security.
PRODUCT DESIGN @ MICROSOFT
PROCESS SUMMARY
Quick design sprint & fast turnaround: This project started a few months before our general availability date, and I was given the timeline of a week and a half to coordinate with PMs and devs, finish iterations, and polish a final MVP experience.
TEAM
Managers — Hayley Steplyk, Sunder Srinivasan
Product Designers — Amy Zhang, Electra Szmuckler
Product Manager — Sherie Pan
FINAL MVP
A new member of the security team.
KB integrations and capabilities are a critical step towards advancing Security Copilot to become a single pane of glass for our users. Users are able to get responses from Security Copilot that are more relevant, specific and customized to their needs. By bringing security data and signals from users’ security stack together with knowledge of their organization’s context and processes, Security Copilot becomes closer to functioning as more than just an intelligent security productivity tool, but rather as an intelligent team member.
FILE STATUS
There are various states for uploads, documented below:
File is uploading and indexing
File is uploaded and ready to use, toggled off
File is uploaded and ready to use, toggled on
Toggle is on by default once uploaded
Upload failed after the uploading stage
Delete button on hover
FILE TYPES
Here are all of the file types that Copilot for Security can handle in our knowledge base and their respective display icons.
NEW MODAL
For this feature, we created a new modal that includes both plugins and files (knowledge) in the same location.
TOOL TIPS
We designed tool tips to explain parts of this feature to users that may not be familiar with our tool.
DISCOVERY
Competitive audit
The first step in our design process was to conduct a thorough audit of various websites and perform a competitive analysis of all the sites that already utilize AI and knowledge bases. This helped us gain a better understanding of the current trends and identify the strengths and weaknesses of our competitors. By analyzing the features and functionalities of these websites, we were able to develop a comprehensive plan for our own knowledge base that would stand out in the and provide the best user experience to our customers.
File upload interfaces
After analyzing the requirements for our new project, the next step was to examine file upload interfaces to ensure that we gathered inspiration from various sources to design a solution without having to reinvent the wheel.
DESIGN EXPLORATIONS
Where to begin?
Our initial design step involved pinpointing the optimal placement for the knowledge base entry point within our current product. We identified the pros and cons to each entry point.
User flows
We designed user flows for a typical security analyst's interactions with both permanent and temporary knowledge bases using the persona "Mona", who is a senior security analyst at a large cybersecurity company.
TEMPORARY KB
The temporary knowledge base use case occurs when the security analyst wants to reference a file for one session only.
PERMANENT KB
The permanent knowledge base stores files that analysts want to continue using, such as company-wide knowledge, playbooks, and other important references.
ITERATIONS
Narrowing down designs
Based on our initial entry points, our design team narrowed down our explorations to two main options: the full page experience with the navigation menu entry point and introducing a new tab to the plugins modal. At this point, we decided to start low-fi iterations to evaluate the benefits of each option and how they align with our product's goals to make an informed decision.
FULL PAGE EXPERIENCE
The full page experience allows users to manage all their sources in a table format. Link to prototype (Recommended viewing experience is opening prototype in a fit to screen view)
PLUGINS TAB
There are two main options for integrating knowledge bases into the plugins tab - using horizontal tabs maintains the shape and style of the original plugins modal, but vertical tabs allows for more additions to the modal in the future.
Prompt bar upload
Prompt bar upload was the solution best suited to tackle temporary knowledge bases. Analysts want to be able to add a file to ask questions about within a single session.
Animating the experience
The prototype below shows the high-fidelity flow of prompt bar upload before the final visual and content design touches. Link to the prototype (Recommended viewing experience is opening prototype in a fit to screen view)
FINAL DESIGNS
Design handoff
After conducting a Responsible AI audit, meeting with our talented content designers and visual designers, and tightening up the design details, I created the final design to be released. This feature was a two-week endeavor to be produced and ready by Copilot for Security's general availability date, so the completed designs were a great feat for my team.
PLUGINS TAB
MANAGE SOURCES
Delete icon appears on hover
Search bar expands on on click
Accessibility & reflow
Our final step after design handoff was to consider web accessibility and make sure the break points made sense at each window size.
TAKEAWAYS
Key insights
The knowledge bases project was the first design feature I launched at Microsoft, which required me to learn about the Fluent design system, the design process at a larger company, and how to collaborate with specialized roles such as content designers, visual designers, and RAI specialists.
DESIGN PATTERNS WITHIN A SYSTEM
Microsoft, and specifically the security org, has a very established design system, so adding new patterns required an in-depth understanding about current patterns and how they work.
TIGHT DEADLINES
This feature was given to me on very short notice due to a last minute priority shift, which meant I only had around two weeks to deliver the MVP. I learned to adapt to this schedule and worked efficiently with the team to deliver a good result.
WORKING WITH DIFFERENT ROLES
Because Microsoft is a large tech company with many resources, the product designers are fortunate to have access to team members who specialize in many different things like content, visuals, accessibility, and responsible AI, allowing for a better final result. Through the process of working with these different specialized talents, I gained a lot of insight regarding each specific piece of the design puzzle.
Congrats! You made it to the end of this page.
Hope you enjoyed coming along for the ride, and I truly appreciate you taking the time to check out my work! You can reach me at amyzh425@gmail.com — I'd love to chat with you.