IBM’s Data Explorer – A Unified Threat Data Experience
As the Lead UX Designer for IBM’s Cloud Pak for Security, I led the end-to-end design strategy and execution for Data Explorer—a federated search and exploration interface that empowers security analysts to query threat data across disparate sources without needing to move or duplicate it. Our goal was to make cross-platform threat investigation seamless, intuitive, and fast.
Security operations centers (SOCs) often work with fragmented environments—SIEMs, EDRs, cloud logs, and threat intel tools—all storing critical data in silos. Analysts faced a steep learning curve and wasted time jumping between interfaces, reformatting queries, and manually stitching together insights.
IBM needed a single pane of glass to query, visualize, and interact with data from different sources—all while respecting data sovereignty and performance
Leading the design of Data Explorer was a highlight of my time at IBM. It showcased the power of federated thinking in cybersecurity and the impact of well-executed UX leadership. By uniting data exploration into a cohesive experience, we helped analysts move from signal to understanding with confidence and speed.
If you’re curious about our process or want to learn more about the solutions we explored, feel free to dig a little deeper with the process here. Here are some screens for a view of Data Explorer.
Company
IBM
Data Explorer - IBM Cloud Pak for Security
Roles
I was Lead Senior Designer and led a team of designers.
Concept / UX / Prototyping / Storytelling / Cyber-Security domain
Year
2022-2023
Running a query, filtering and pivoting on an interesting IP.
Search results w/ logs, analytics, enrichments, exporting and saving results.
Component library for Data Explorer. We had many new components created for IBM’s Carbon design system
Animation of STIX Query being pulled back into the system with the dotted lines representing the data sources. As the system finds new alerts they show while the sources complete.