Bringing clarity to cloud data security
DSPM is a solution for organizations that need data security and governance across cloud environments. I redesigned how teams understand the lifecycle and posture of their sensitive assets.
Research, design, wireframing, iconography, prototyping, user flows and design system.
Figma, Miro, Maze, Photoshop, Illustrator, Jira, Confluence.
1 Product Design Lead
1 Product Manager
1 Technical UX Writer
4 Full Stack Developers
The problem
Analyzing sensitive assets in cloud environments requires giving users visibility into the lifecycle and posture of those assets. Across the existing product, that visibility was fragmented and hard to act on.
For a data security product, clarity is the product. If users can't quickly see which assets are exposed and why, the tool fails at its core job — so reducing noise and surfacing priorities was essential to the product's value, not just its look.
- Users lacked a clear understanding of why assets were marked as sensitive, and needed more diagnostic context.
- Finding security incidents or sensitive content required navigating multiple views and was time-consuming.
- Dashboards were overloaded with data, making it hard to identify priorities and grasp broader insights.
The challenges
The core challenge was turning large volumes of complex security data into something clear, fast to scan, and aligned with how security teams actually work.
The challenges
- Identifying the most significant risks and assets
- Presenting large volumes of information clearly
- Delivering meaningful insights quickly and efficiently
Trade-offs
- Chose inline filters over hidden menus — busier on first load, but users can start filtering without knowing what to look for
- Replaced trend line graphs with severity bars — less visual richness, but answers "what do I act on now?"
- Removed opening text notification — it added context but competed with the dashboard's primary job
Research and user needs
Research happened in two phases. First, through the Blackhat conference and design partners, I gathered early insights on how security teams use the DSPM overview. Then, through usertesting.com, I ran sessions with 10 security engineers to test improvements before release — asking what they understood from the overview, how they read the charts, and whether grouping by policy made sense.
Exploring solutions
I explored three directions for the main dashboard, each making a different bet on how to balance information density with speed to action. The key question was: how much should the system decide for the user upfront, versus giving them control to filter and explore?
The final design
The final design organizes the full alert landscape into four data categories — Overexposed, Unprotected, Misplaced, and Redundant — giving users an immediate read on the type of risk before they drill down. Inline filters, severity bars, and grouped views replace the flat alert list, so the path from posture overview to a specific asset is direct and fast.
"Laminar does a great job of showing what we should do and where we are, what our problems are, and what we should work on — and all that information is in one central place." — NBA's security engineer
Results & Adoption
In October 2022, the DSPM launched to help security teams efficiently manage security and compliance across cloud environments. The system performs continuous data analysis and monitors cloud environments to detect changes to existing assets.
The redesign shipped with a design system built on the Laminar Design Language — giving the team reusable components, consistent patterns, and a shared visual language that reduced design-dev friction going forward.
- +86% customer logins to Laminar's DSPM following the redesign
- +16% of users had their violations remediated through the product