Scott Nichols Scott Nichols
MENU
Projects
- Vulnerability Remediation
MENU

Vulnerability Remediation

Reducing vulnerability remediation complexity by designing around user tasks

Client: ConnectWise
My Role: Research, UX Architecture, Interaction Design, Usability Testing
Timeline: 6 weeks
The project

This project redesigned the Vulnerability Remediation experience in the ConnectWise Asio security platform. Although labeled “Vulnerability Management,” the existing system was structured around vulnerability scans, forcing users to navigate system hierarchy before taking action.

I led a shift from a scan-centric architecture to a vulnerability-first workflow, allowing users to assess risk and deploy remediation directly without drilling through scans, sites, or devices.

The result reduced navigation depth, lowered cognitive load during time-sensitive security work, and established remediation as a first-class platform capability rather than a byproduct of scanning.

Core user problem

Users needed a fast, clear way to remediate vulnerabilities across devices, but the platform forced them to work backwards through scan data, organizational structures, and device hierarchies. This turned urgent security response into a navigation exercise, increasing the likelihood of delayed remediation and missed vulnerabilities. Remediation actions were buried behind scan details, increasing cognitive load and turning a time-sensitive security task into a navigation problem.

Before-and-after flow diagrams showing a complex scan-based vulnerability remediation process compared to a simplified vulnerability-first remediation workflow.
Comparison of the previous scan-driven remediation flow and the redesigned vulnerability-first workflow, illustrating how multiple layers of navigation were collapsed into a single remediation decision point.

Constraints and challenges that shaped the work

Scan-first architecture

The platform’s underlying data model was organized around scans rather than vulnerabilities, requiring a structural UX shift rather than incremental UI changes.

Fragmented remediation tooling

Patch deployment already existed elsewhere in the platform. The new experience needed to feel intuitive and aligned without duplicating or conflicting with the existing patching workflow, all while operating with limited API access during MVP.

Top-down dashboard decisions

Leadership mandated that security features be consolidated into categorized dashboard tabs. The redesign needed to fit within this framework while still solving core usability problems.

My role, scope, and collaborators

I led UX design for the remediation experience, owning information architecture, task flows, responsive layouts, and remediation workflows. I produced user flows, interactive Figma prototypes, and usability tests, and worked closely with a product manager and an embedded scrum team.

Throughout the project, I partnered with engineering to validate designs against the design system, API availability, and MVP constraints, ensuring the solution was both usable and buildable.

Accessibility & Inclusive Design Constraints

Because vulnerability remediation often occurs under time pressure and cognitive load, accessibility was treated as a functional requirement rather than a visual enhancement.

Design decisions prioritized:

  • Reducing reliance on deep navigation and memory recall
  • Clear prioritization and predictable interaction patterns
  • Minimizing context switching during remediation tasks
  • Supporting efficient keyboard and non-precise input interaction where possible

By collapsing remediation into a vulnerability-first workflow, the experience reduced cognitive burden, improved task focus, and made critical actions more discoverable for users with varying levels of expertise, attention, and working memory capacity.

Qualitative insights

I gathered continuous feedback from early access users who consistently expressed frustration with deep navigation, lack of visibility into impacted devices, and uncertainty about where to begin remediation.

Stakeholders echoed these concerns, emphasizing the need for clearer prioritization and faster paths to action.

Quantitative Data

Several years of behavioral data from Pendo and other analytics tools showed low engagement with scan-level pages and significant drop-off during remediation flows.

Users rarely explored scan details unless forced, confirming that scans were not a meaningful decision surface for remediation tasks.

Design Approach

Designing around the vulnerability, not the scan

The core design decision was to make vulnerabilities the primary unit of work. Instead of asking users to navigate through scans, companies, sites, and devices, the redesigned dashboard aggregates vulnerabilities up front and supports remediation directly from that context.

Users were asked to keep track of their remediation status by toggling each listed vulnerability. not only was this not scalable, it created confusion and frustration.
the architecture required techs to drill in and out of scans when remediating a single vulnerability.
Balancing consistency with platform constraints

Because patch deployment existed elsewhere in the platform, the remediation flow was designed to feel familiar without being identical. Component usage, language, and interaction patterns aligned with the broader system while accommodating API and MVP limitations.

Reduce navigation and decision fatigue
Remediation workflows were intentionally collapsed into a single decision point to reflect how technicians actually respond to security issues under time pressure. This collapsed multiple repetitive flows into one clear action, reducing context switching and cognitive load.

A screenshot of an interface

Placing scans in the background
The vulnerability scans were folded into the setup process. Users could still view individual scans and set the cadence. Once scans were set up though, we observed that the schedule controls were rarely accessed.

Outcome/Reflection

Lessons learned
The redesigned vulnerability remediation experience became the primary way users move from detection to action within the platform. This work repositioned vulnerability remediation from a secondary workflow into a primary security action, aligning the platform more closely with how technicians prioritize and resolve real-world risk.

By shifting the workflow to a vulnerability-first model, the experience reduced navigation depth, clarified decision-making, and aligned remediation with real-world security tasks.

The work established a clearer, more scalable foundation for vulnerability management and helped position remediation as a core capability.