The outcome

Defendify became known as one of the first platforms to unify people, process, and tools for cybersecurity, not just for IT experts, but for everyday businesses. The design approach helped differentiate it in a crowded, technical market, garnering multiple awards since launch.

Product Design

Defendify

Powering providers, protecting businesses.

Project summary

P R O J E C T  S U M M A R Y

The product

Defendify is a cybersecurity solution that protects businesses from online threats. It caters to small and midsize companies and organizations without security teams, including IT and technology providers across all industries.

Defendify offers an integrated suite of cybersecurity tools for prevention, detection, and response.

Client
Defendify, 2018-2020
Role

UX/UI Principal Designer
Market Researcher
UX Researcher

Responsibilities
  • User research
  • Competitive audits
  • Ideation workshops
  • User flows & info architecture
  • Low fidelity wireframing
  • Prototyping
  • High fidelity UI mockups
  • Critique presentations
  • Usability testing
  • Design systems
  • Accessibility
  • Brand identity
  • Foundational visual elements

The mission

To make cybersecurity possible for all organizations, regardless of size, by providing a comprehensive, easy-to-use platform that continuously improves security posture without requiring deep technical expertise.

P R O J E C T  S U M M A R Y

The problem

The main challenge lies in the fact that the process begins with a set of services delivered within a brief timeframe, followed by services that are provided both intermittently and continuously.

Additionally, the initial services that are performed over a short period of time are not a one-time service. While these services will be the first set of services done when starting a new program, said services will occur at the beginning of each year (the nature of the work will be slightly different, but the same services are required to start each year).

User Sentiment
1

Time and effort to create and maintain services
2

Not well-versed in cybersecurity or it's available services.
3

Unaccustomed to industry standards and needs
4

Inconsistencies between various platforms and offerings
P R O J E C T  S U M M A R Y

The solution

Defendify provides each of its customers with a running program of cybersecurity that includes three key layers of security: Foundation, Culture, and Technology. A “program” can be characterized as follows:

User Needs
1

Runs annually; day 1 being the annual renewal date
2

Includes at least one component of each of the three layers (Foundation, Culture, Technology)
3

Includes one or more components that happen intermittently (quarterly or monthly)
4

Includes one or more components that are always-on
P R O J E C T  S U M M A R Y

Design process

Being the principal designer I approached this design challenge using two distinct types of thinking:

  • Divergent: I kept an open mind to explore a wide range of ideas.
  • Convergent: I then collaborated to narrow down our options and identify the best solution.

User insight

U S E R  I N S I G H T

User interviews

I carried out preliminary research with Defendify base users to gain deeper insights into their needs and challenges within the current flow.

Research type
Moderated usability study
Location
  • US North-East small business
  • remote
Participants (7)
  • 2 IT Manager/Director
  • 1 IT Support Specialist
  • 3 Business Owner/Entrepreneur
  • 1 Network Administrator
Participants
  • ~45 minutes session
U S E R  I N S I G H T

Competitive Landscape

Defendify’s core differentiation lies in comprehensive integration across Culture, Foundation, and Technology. In a fragmented cybersecurity market filled with point solutions, Defendify offers a unified, user-friendly platform designed for businesses without large IT teams. This positions it well for SMBs seeking broad protection without complexity, setting it apart from competitors who are often narrowly focused.

🔹 Culture (Human Behavior + Awareness Training)

These companies focus on security awareness training, phishing simulations, and behavior change:

  • KnowBe4

  • Cofense

  • NINJIO

  • Gophish

Defendify competes by embedding culture-focused tools into its platform, positioning itself as an alternative to pure-play awareness vendors.

🔹 Foundation (Risk Management + Compliance Frameworks)

This segment includes organizations that emphasize policies, governance, training, and risk assessment:

  • Survive Cyber

  • CRONUS

  • SANS Institute

  • Center for Internet Security (CIS)

  • Coalition

  • Corvus

Defendify overlaps by offering foundational modules like risk assessments, policy templates, and compliance guidance, which competitors often deliver as standalone services.

🔹 Technology (Security Tools + Threat Protection)

These companies specialize in endpoint protection, threat intelligence, vulnerability scanning, and password management:

  • Dark Cubed

  • LastPass

  • Tenable

  • SpyCloud

  • Fortinet

  • Norton by Symantec

Defendify differentiates itself by incorporating select technological tools (e.g., vulnerability scanning, device monitoring) into a broader platform, without requiring IT or deep security expertise.

U S E R  I N S I G H T

Key insights

I carried out preliminary research with Defendify base users to gain deeper insights into their needs and challenges within the current flow.

“I was completely overwhelmed by the complexity of the cybersecurity solutions available. The technical jargon made it hard to understand what I was actually getting, and I felt lost trying to compare different products.”

- confused Compliance Officer

“The costs associated with cybersecurity platforms are outrageous! I was shocked by the hidden fees and subscription models. It feels like I’m paying a fortune just to keep my business safe.”

- bewildered Business Owner/Entrepreneur

“The amount of training required for my team to effectively use the cybersecurity tools was overwhelming. It took time away from our core work, and I felt like we were losing productivity.”

- overwhelmed Chief Technology Officer (CTO)

7/7 rated: Ease of Use

Users value intuitive interfaces and straightforward navigation that simplify the setup and management of cybersecurity tools, allowing them to focus on their core responsibilities without getting bogged down by complexity.

6/7 preferred: Customization

The ability to tailor security features and settings to meet specific business needs and industry requirements is highly valued, allowing organizations to implement solutions that align with their unique risk profiles.

6/7 wanted: Transparency

Users prefer clear and transparent pricing models that outline all costs associated with the cybersecurity platform, helping them budget effectively and avoid unexpected expenses while ensuring they receive good value for their investment.

Incident Management User Flow
U S E R  I N S I G H T

User flow

Mapping the path taken by a typical user to complete their task from start to finish helped me anticipate user needs at each step as they interact with the product.

U S E R  I N S I G H T

User personas

Fictional personas were built using data gathered from user research interviews. Their goals and characteristics represent the needs of a larger group of users. This helped me build empathy, identify patterns of behavior, stress-test designs and humanize user groups.

Problem statement 01
Gene owns an inherited family business with around 20 employees – a furniture store, restaurant, or construction company. He’s 63, and not especially tech-savvy. He most likely gets his industry information from trusted contacts and trade magazines rather than the internet.
Business Owner

Gene Thompson

Age: 63
Gender: Male
Location: Small town USA

By understanding Gene’s persona, businesses can better tailor their cybersecurity offerings to meet the needs of traditional business owners like him, helping them navigate the complexities of modern technology while safeguarding their legacies.

Business Overview

Gene runs a family-owned store that has been in his family for three generations. With around 20 employees, catering to local customers and building a loyal community following. Gene takes pride in the quality of his products and the personal relationships he has developed with his customers over the years.

Background

Gene inherited the business from his father and has been running it for over 30 years. He has a deep understanding of the industry and values traditional business practices. While he is well-respected in his community and has a strong network of trusted contacts, he is not particularly tech-savvy and prefers face-to-face interactions over digital communication.

Motivations

  • Gene is motivated by a desire to protect his family legacy and ensure the business thrives for future generations.
  • He values the trust and loyalty of his customers and wants to maintain a reputation for reliability and quality.

Information Sources

Gene stays informed about industry trends and best practices through trade magazines, local business associations, and conversations with fellow business owners. He rarely uses the internet for research, relying instead on his established network for advice and insights.

Business Goals

  • Maintain Profitability: Gene aims to keep the business financially healthy by managing costs and exploring new revenue streams like online sales and custom furniture orders.
  • Build Brand Loyalty: He focuses on exceptional customer service and high-quality products to foster customer loyalty and enhance the store’s community reputation.

Cybersecurity Point of View

Gene believes cyberattacks and data breaches mainly impact larger corporations, thinking his small, family-run business is unlikely to be targeted. He assumes that if he has IT staff or resources, cybersecurity is adequately managed.

Perspective

Although Gene lacks in-depth knowledge of cybersecurity, he recognizes the growing importance of technology in business. He understands the need for data protection but feels overwhelmed by the technical details. He often thinks, “If it ain’t broke, don’t fix it,” and is reluctant to invest time and money in what he sees as unnecessary.

Challenges

  • Lack of Awareness: Ignorance of cyber threats’ risks and consequences fosters complacency.
  • Limited Tech Savvy: Difficulties in engaging with solutions or understand their importance.
  • Resource Allocation: Hesitant to invest in new tech, prioritizing resources for areas deemed more critical to immediate success.

Potential Solutions

  • Education and Awareness: Delivering clear, relatable information on risks and best practices aligned with traditional values.
  • Consultation Services: Offering personalized assessments and recommending practical, cost-effective solutions.
  • User-Friendly Tools: Providing easy-to-use tools that require minimal technical knowledge, ensuring Gene’s comfort in implementation.
U S E R  I N S I G H T

Journey map

I developed a journey map to examine the interactions between the user and the product. This allowed me to better understand the user’s perspective, identify frustrations, and uncover opportunities for improvement.

Initial Design

I N I T I A L  D E S I G N

Ideation workshop

The primary objective of this session is to establish a safe environment that fosters innovation and encourages creativity among all members of the cross-functional team.

I N I T I A L  D E S I G N

Applying UX Laws

I explored key UX principles for user interface design, using psychological insights to better understand user expectations and enhance the overall experience.

Fitt’s Law

Large buttons placed in the thumb zone ensure users can quickly, easily and accurately access major functions

Gestalt Principles

  • Similarity: cards that look similar have the same function
  • Proximity: elements that are close together are more related
  • Common region: elements located in the same area are grouped together
  • Simplicity: abstract symbols and icons require more mental effort

Hick’s Law

Highlight compulsory fields to avoid overwhelming users, and place optional fields in separate location

Jakob’s Law

Use familiar UI patterns for input fields such as dropdowns, error states, etc to leverage existing mental models

Von Restorff Effect

The blend of light blue and orange brand colors helps users navigate each step of the core task flow.

Zeigarnik Effect

Stepper indicators at the top clearly indicate progress, encouraging users to complete their tasks.
I N I T I A L  D E S I G N

Information architecture

I organized all content that outlines main sections, subpages, and content, and arranged them to highlight marketing, sales, customer onboarding, support, and product education.

I N I T I A L  D E S I G N

Low fidelity wireframes

I developed low-fi wireframes in Figma to establish the marketing core user flow, outline the basic structure of the app and arranged content blocks logically.

I N I T I A L  D E S I G N

Team Feedback

I shared draft designs with my cross-functional team to gather their feedback. By encouraging input from others in the design process, I can leverage their specialized expertise and identify potential errors early on.

User insight

U S E R  I N S I G H T

Usability testing

I carried out a usability study to evaluate the ease with which users could accomplish key tasks within the design. The findings from the study were analyzed, and the insights gained were utilized to refine the designs.

Research type
Moderated usability study
Location
  • US North-East small business
  • remote
Participants (7)
  • 2 IT Manager/Director
  • 1 IT Support Specialist
  • 3 Business Owner/Entrepreneur
  • 1 Network Administrator
Participants
  • 30 minutes session
I N I T I A L  D E S I G N

Key insights

7/7 rated: Ease of Use

Users value intuitive interfaces and straightforward navigation that simplify the setup and management of cybersecurity tools, allowing them to focus on their core responsibilities without getting bogged down by complexity.

6/7 preferred: Brand palette

Users often associate blue in a cybersecurity brand with trust, while orange adds energy, making the brand appear approachable. However, too much orange may make the brand seem less serious, potentially undermining its credibility in this critical field.

6/7 wanted: Transparency

Users prefer clear and transparent pricing models that outline all costs associated with the cybersecurity platform, helping them budget effectively and avoid unexpected expenses while ensuring they receive good value for their investment.

K E Y  T A K E-A W A Y S

Impact isn't ❌ just about
metrics and numbers

I took sole ownership of designing the end-to-end cybersecurity platform experience for Defendify, focused on making security approachable for small and midsize businesses. Collaborating closely with a cross-functional team, I ensured the solution aligned with user needs, business goals, and technical feasibility, delivering a streamlined product that simplified complex security concepts into clear, actionable steps.

Discovery

  • Simplicity is strategic: The biggest value wasn’t new features, it was removing fear and friction.

  • Language is also UX: Changing a label from “Risk Management Audit” to “Quick Risk Check” drastically improved conversion.

  • Cross-functional collaboration is critical: Working closely with engineering, product marketing, and compliance helped us speak with both user and business.

  • Early feedback saves time: Low-fidelity prototypes caught flow issues that would’ve cost weeks in dev.

Improvements

  • Earlier stakeholder alignment: Clearer alignment between product, compliance, and marketing could have prevented scope shifts and reduced rework during the design-to-dev handoff.

  • More diverse user testing pool: Most usability sessions focused on tech-savvy SMBs; expanding to less digitally fluent users earlier could have uncovered accessibility and comprehension issues sooner.

  • Stronger analytics integration at MVP: Post-launch insights were somewhat limited by the lack of granular usage tracking. Embedding better analytics earlier would have allowed for more data-driven iteration.

  • Scalability considerations in UI: Some layout decisions worked well for the MVP’s 13-tool dashboard, but required rethinking once the platform began scaling with more features and partner integrations.