TL;DR
Led the 0-to-1 design of PlexTrac's CTEM experience — the first unified workflow for Continuous Threat Exposure Management, connecting discovery, prioritization, remediation, and validation in one product. The work contributed to PlexTrac being named in the 2025 Gartner® Magic Quadrant™ for Exposure Assessment Platforms and expanded the platform's relevance to CISOs and enterprise security leaders.
My Role
Lead Designer + Research Lead
01
Research & discovery lead
Led all user interviews, persona development, and journey mapping across red team, blue team, and risk manager segments.
02
UX architecture
Owned the overall interaction design and information architecture for the full CTEM lifecycle — scoping through mobilization.
03
Design direction
Collaborated with other designers on execution of specific feature areas while maintaining system-wide consistency.
04
Cross-functional impact
Developed a customer journey map adopted by sales and marketing as a shared reference for how security teams experience exposure management.
Research
User Personas
Personas were built from interviews across enterprise, MSSP, and consultancy segments. Pete the Pentester and Manuel the Manager are our primary heroes in the CTEM experience.
PP
Pete the Pentester
Wins
- Finding critical vulnerabilities for clients and sharing where they were exposed to sustain their security posture
Hurdles
- Keeping accurate notes and documentation for reports
- No intuitive way to store all findings per client
Delighters
- Easy upload of assessment and vulnerability tool data
- A library of frequent findings and recommendations
Most used PlexTrac tools
- Reporting · Parser Actions
MM
Manuel the Manager
Wins
- Sharing analytic data highlighting team impact
- Showing risk posture and progress against their framework
Hurdles
- Job is on the line in the event of a breach — needs a paper trail for due diligence
- Never enough people despite automation; prioritizing and quantifying risks
Delighters
- Any way to make the team more efficient
- Quantifying the impact of identified risks
Most used PlexTrac tools
- Analytics · Priorities
Design Approach
Three principles shaped every decision
1
Reduce cognitive load
Surface what matters most rather than everything at once. Security teams are drowning in findings — the UI needed to help them focus, not add noise.
2
Connect context across handoffs
Teams should never have to re-explain the same exposure in a different tool. Context travels with the finding from discovery through remediation.
3
Make validation first-class
Confirming a fix is not an afterthought. We closed the loop on a workflow that previously had no defined end state.
The Solution
View clickable prototype in Figma
Key Screens
Six core screens spanning the full CTEM lifecycle — from the assignment dashboard through analytics and SLA tracking.
Dashboard — assignment view
Central view of all active assessments and assignments, with finding counts and priority indicators surfaced for each team member.
Priorities list
Structured list of all active priorities with owner, severity, progress, and status — replacing spreadsheet-based tracking for the first time.
Link findings to priority
Asset-filtered linking interface that connects raw findings directly to prioritized exposures — establishing the critical relationship between discovery and remediation.
Findings detail view
Deep-dive per finding with assignment history, asset associations, and direct links to remediation ticketing and collaboration tools.
Analytics — trends & SLAs
Mean time to close by severity, findings opened vs. closed over time, and SLA snapshot with current breach counts — giving managers the posture visibility they lacked.
Analytics — priorities
Findings burndown, Gantt view, and severity-by-priority breakdown — enabling program-level reporting to CISOs and leadership.
Outcomes
What this work delivered
Designed a unified operational workflow bringing manual assessment data and security tool outputs into one experience for the first time at PlexTrac
Enabled security teams to prioritize exposures by business impact rather than raw finding volume — a fundamental shift in how teams had previously worked
Reduced remediation friction by connecting findings directly to ticketing and collaboration tools, cutting manual handoff steps between security and engineering
Customer journey map became a cross-functional resource, adopted by sales and marketing to communicate product value to prospects
Expanded the platform's relevance to CISOs and enterprise security leaders by delivering the lifecycle automation they needed
Gartner Recognition
PlexTrac was named in the 2025 Gartner® Magic Quadrant™ for Exposure Assessment Platforms. The CTEM experience this work helped define was a direct contributor to that recognition.
"
PlexTrac's new risk-based prioritization capabilities will help us shift from point-in-time testing to more continual engagements — enabling us to provide deeper value to each client by customizing a contextual risk scoring equation that clearly communicates their highest impact risks on an ongoing basis.
Dahvid S.
Director of Offensive Security, Echelon Risk + Cyber
Reflection
What I'd do differently
The biggest challenge wasn't the design itself — it was building shared understanding of a complex, emerging security workflow across a team that was new to the CTEM space. Investing heavily in journey mapping and persona work upfront paid off: it gave designers, PMs, engineers, and go-to-market teams a common language for the problem.
If I were doing it again, I'd push earlier for an analytics integration to establish baseline metrics before launch. The qualitative signal from research was strong, but having quantitative data tied to specific workflow improvements would have made the post-launch story a lot more concrete.