An April 2022 Forrester report: Analyst Experience (AX): Security Analysts Finally Escape The Shackles Of Bad UX explains how the analyst experience is becoming increasingly pertinent to organizations' perceptions around cybersecurity solutions. Forrester defines AX as "security analysts' perception of their interactions with a particular security product, service, and process across various workstreams."

The idea of AX centers on usability, or how straightforward it is for a cybersecurity analyst to use the security solution to do their job effectively. Though this might sound synonymous to user experience (UX) and customer experience (CX), AX is about actually adding value to the different SOC functions. A huge tech stack with abundant dashboards and overflowing information might constitute a great UX or UI. Still, it may not improve the value added at each touchpoint of the security analyst's everyday routine, which may lead to a less-than-ideal AX. The security product used should aid each stage of the workflow, that is, the process a cybersecurity analyst follows in their role of threat detection and response.

One undeniable factor from the Forrester research is how focusing on AX can ease staffing challenges associated with training and employee turnover—especially with the demand for security analysts increasing while the skill gap is widening.

The following are some ways that vendors can align their products to enhance AX:

  • Providing a seamless experience with different integrations. This reduces the complexity of the tech stack deployed and helps in better visibility over the network and analytics of data from across different sources. The solution has to be all-encompassing as well as functional at the granular level. One example is bringing various solutions such as SIEM, SOAR, and UEBA under one console and making them work in tandem to expedite threat detection and response.
  • Making the product easy to use for starters and not just for experts skilled in a particular scripting language or technology stack. This will let analysts with varying backgrounds work with the tools, helping them quickly gain expertise and focus on what really matters in their job. Low-code interfaces, for instance, offer ease of use for analysts, especially beginners.
  • Avoiding redundant features and mapping product workflows with practical SOC functions. As an important function of their role, security analysts trace the tactics and techniques used by attackers to infiltrate their network. Out-of-the-box reports and alerts on such attack patterns can be a significant help. One example could be mapping product characteristics to the established MITRE ATT&CK framework.

SOCs are constructed around the security solutions they employ. When security executives or CISOs evaluate products for their SOCs, AX might constitute a strong criterion.

  • Please enter a business email id
  • By clicking 'Read the ebook', you agree to processing of personal data according to the Privacy Policy

Get the latest content delivered
right to your inbox!

Thank you for subscribing.

You will receive regular updates on the latest news on cybersecurity.

  • Please enter a business email id
    By clicking on Keep me Updated you agree to processing of personal data according to the Privacy Policy.

Expert Talks


© 2021 Zoho Corporation Pvt. Ltd. All rights reserved.