Overview
Streamline the onboarding experience for Sonatype’s new cloud offerings, ensuring a faster, simpler, and more intuitive process that reduces friction for new customers and trial users.
Repository Firewall is a Sonatype product that acts as a first line of defense, using AI/ML to analyze open-source components and block the download of malicious packages or components that violate a company's security policies.
As the lead designer for Repository Firewall, I drove the onboarding redesign for Sonatype's new SaaS offerings by aligning stakeholders, facilitating and participating in the initial design sprint, conducting user interviews, creating user journeys, prototype iterations and final designs for implementation.
Problem
Revisiting A Broken Onboarding Experience
Onboarding is complex, time-consuming and error-prone initially designed by developers, for developers. Users must rely on help documentation, switch between products, and seek Customer Success assistance, often taking 6+ hours or multiple days to complete.
With the release of Sonatype's new SaaS offerings, the current state of onboarding doesn't offer a great first impression.
😵💫
Fragmented Experience
A significant portion of the onboarding for Repository Firewall occurs in a separate product (Nexus Repository), leading to a disjointed and confusing experience for users.
😒
Manual and Error-Prone Setup
Companies with large numbers of repositories must manually enable Firewall features for each individual repository, which is both time-consuming and prone to errors.
🤨
Outdated and Inefficient Forms
Onboarding begins with an outdated form that requires information from multiple sources, often forcing users to rely on help documentation or external support.
😟
Lack of Clarity
Companies with large numbers of repositories must manually enable Firewall features for each individual repository, which is both time-consuming and prone to errors.
Discovery
Building A Team
Although we are building the onboarding experience for Repository Firewall, the repositories we are protecting live in another Sonatype product- Repository Manager. I facilitated a Design Sprint to get all the right perspectives in the room.
I included Product Managers, Designers, Engineers & Customer Success Advocates from both products, as well as the Senior VP, Product to share the long term vision of Sonatype SaaS offerings.
Creating A Shared Vision
We kicked things off with "Ask the Expert" sessions. Senior leadership stakeholders shared their vision for Repository Firewall SaaS, product managers shared insights from competitor analyses and engineers shed light on the technical intricacies of today's experience.
😌
Balance
Providing enough context for new users without overwhelming them.
🤩
Value
Showcasing the product's value from the very start.
😃
Empowerment
Enabling decision-making while building trust in Sonatype's expertise.
Collaborating on a User Journey
Experts from Design, Marketing, Engineering, and Customer Success weighed in on user journeys, storyboards, and engaged in open discussions. After three days of sprint workshops and ongoing discussions on Slack, we joined together around a final user journey – a shared vision for a streamlined onboarding experience.
Design
From Blueprint to Reality
With the user journey as our guide, I collaborated closely with product and engineering to translate this vision into tangible mockups. Early iterations featured a WIP visionary set of design system components to help the team envision the future of Repository Firewall SaaS.
Refinement Through User Testing and Iteration
To ensure we were on the right track, we conducted two rounds of customer interviews and async stakeholder reviews with a design revision cycle in between.
These feedback cycles provided invaluable insights into the level of context and explanation needed at each step, ways to further streamline the process and overall UX enhancements.
I want to know what the recommended custom policies are.
Repo Administrator
Customer Interview
Numbering the steps would make it clearer these aren't features, but a sequence of steps.
DevOps
Customer Interview
It could take hours to load audit preview data.
Engineer
Stakeholder Review
I don't understand Firewall's "proxy" stage. It's unclear that these selections are being made for "proxy" repositories.
DevOps
Customer Interview
If I don't know Firewall and am asked to select/deselect repositories, I want to know what's happening and have more reassurance that I'm not screwing anything up
Customer Success
Stakeholder Review
Access link could act as token during authentication, so "Connect" step could be automatic
Engineer
Stakeholder Review
I might spend too much time trying to tweak the protection level at this stage.
Customer Success
Stakeholder Review
I want more explanation as to what is being automatically enabled.
Repo Administrator
Customer Interview
Final Solution
A 5-step guided experience that equips repository administrators with adequate knowledge on Firewall features and highlights security best practices as the happy path.
