The National Vulnerability Intelegence Platform (NVIP) is a DOD funded project intended to make it easier for software security professionals to find security vulnerabilities.
My Role: User ExperienceUser Interface
How it Works
An Automated Approach
NVIP is automated system that helps users find potential security vulnerabilities. The software uses a variety of techniques to discover potential vulnerabilities and exploits. NVIP can help security experts by helping them find and mitigate security vulnerabilities.
Who it's For
Computer Security Professionals
NVIP is a website that is intended to be used by computer security professionals. Previously professionals look at the Common Vulnerbility Enumeration (CVE) database conduct empirical studies as well as develop and validate their techniques. The software is intended to simplify the process of finding vulnabilities.
How I Helped
Gather the Functionalities Needed
The project team approached me with an initial version of the application. Although the version was technically functional, it was aestically unappealing and difficult to use. Due to the complexity of the project, it is essential that the tool be easy to be organized and easy to understand.
UX
The homepage needs to allow users to access all information about each CVE. My initial approach was to include everything on one page, however, it became apparent that it was too much information on a single page.
>
UX Changes
Visual Simplification
I realized that all of the information would not fit well on the page and recommended a solution to by including quick access to informaiton via a drop down option - allowing a user to expand and hide CVE detail overviews. The user can then click further to view the CVE details if interested.
UI
Simple and Clean
I wanted to approach the design in a way that was legible and easy on the eyes. The website is mostly white, text in black. I used pops of color of dark blue and orange to call emphasize on the navigation and other actions.
Site Navigation
An Intuitive Navigation
The UI is appears simple, clean and easy to navigate. The login feature was chosen as the main call to action button in the navigation, and when hovered over it appears in a highly contrasted burnt orange. The website search feature is intuitive and allows for the user to search globally.
Design Decisions
Visual Organization
Each CVE can be independantly opened and closed to save space and avoid becoming overwhelmed with information. The active CVE is is highlighted in orange to draw attention to the current CVE.
