AI-Augmented VPC Protection Workflow

As cloud environments scale, securing them becomes more complex. In Aviatrix CoPilot, users analyze high volumes of traffic across VPCs/VNets and translate insights into firewall policies.

THE CHALLENGE

This work focused on three key UX problems:

Proliferation of Web Groups and Smart Groups
Complexity of making effective traffic-blocking decisions
Inability to easily apply rules across multiple or all VPCs

CONSTRAINTS

No direct access to users (due to privacy restrictions)
Regulatory compliance requirements from the start
Tight timeline with limited UX infrastructure
Engineering team new to UX processes

IMPACT

Reduced Web Group and Smart Group sprawl through reuse
~20% improvement in user productivity
Faster decision-making enabled by AI-driven traffic insights

RESEARCH & DISCOVERY

This project was driven by a central question: How might we make traffic protection more intuitive, scalable, and insight-driven? 

To answer this, I grounded the problem in the realities of the users- Network Security Engineers in larger organizations and Cloud/Platform Engineers in smaller teams. 

User Context: Greenfield vs. Brownfield Environments

Beyond user roles, I identified that workflows and decision-making varied significantly based on the maturity of the user’s environment, specifically whether they were operating in a greenfield or brownfield setup.

This distinction had a direct impact on how users approach traffic protection.

With a clearer understanding of user behavior, I mapped the end-to-end journey—from traffic observation → decision-making → enforcement.

DESIGN STRATEGY

AI-INTEGRATED WORKFLOW

Instead of introducing a standalone conversational chatbot, AI was embedded directly into the workflow at critical decision points.

The goal was to assist users in interpreting traffic insights, making informed blocking decisions, and navigating complex scenarios, while improving overall efficiency.

This approach positioned AI as a decision-support layer, guiding users contextually rather than requiring separate interaction.

DESIGN CONSTRAINTS & CONSIDERATIONS

Design decisions were shaped by both accessibility requirements and a highly specialized user base:

Reduced emphasis on aggressive or persuasive CTAs to avoid biased actions
Maintained a neutral, utility-focused visual language aligned with security workflows
Prioritized clarity, readability, and low cognitive load for expert users operating in high-stakes environments

CROSS-FUNCTIONAL COLLABORATION FRAMEWORK

To embed UX into a fast-moving, engineering-led environment, I established lightweight but consistent processes:

Weekly design workshops with Product, Legal, and Engineering to align on constraints and decisions
Parallel design and development tracks to maintain speed without blocking progress
Structured design reviews encouraging critical feedback and edge-case exploration
Integration of UX checkpoints into existing scrum ceremonies to ensure continuous alignment

IDENTIFIED PROBLEMS & SOLUTIONS

#1 AUTO-SELECTION OF ENTRY POINT MODEL

Problem: Previously, users were limited to selectively blocking FQDNs (Allow all, deny few model), which can lead to fragmented rule creation and is more suitable to greenfield or new-to-security brownfield users.

Solution: By introducing an explicit choice of entry point model to a more structured approach, enabling greater flexibility while reducing the number of rules required to manage undesired traffic.

The workflow begins with a foundational choice:

Adopting a Zero Trust posture, enforcing strict access controls by default
Allowing baseline traffic with selective enforcement, where only high-risk FQDNs are blocked

#2 GROUP PROLIFERATION

CONDITIONS

The user already has existing web groups.
Some domains being selected are already included in other web groups.

SCENARIOS

The user wants to choose a web group where many of the selected domains already exist.
The user wants to edit the closest matching web group and add any remaining domains.

SOLUTION

Display a message informing the user that “Some of these domains already exist in other web groups.”
System generated closest matches for the WebGroup being created to a WebGroup that already exists, showcasing if selecting an existing WebGroup we will need to add domains to fulfill all domains in the selection.

#3 APPLY RULES ACROSS VPC'S

While monitoring, you might discover an issue in one VPC that should be addressed everywhere. For example, if you detect traffic to torrent domains in a single VPC, you may want to block that traffic across all VPCs not just the one being monitored.

Solution: To support this, users should be able to create rules that apply to one, multiple, or all VPCs after identifying risky domains.

IMPLEMENTATION

Engineering Collaboration

Trained full-stack and backend developers on UX implementation:

Design handoff processes using detailed specifications
Component-based thinking for scalable development
Usability heuristics integrated into code review

LESSONS LEARNED

WORKING WITH AMBIGUITY

This project required navigating unclear requirements by:

Exploring multiple hypotheses in parallel
Relying on SME input as a proxy when direct user access wasn’t available
Creating early and frequent feedback loops with pilot customers

DESIGNING WITH CONSTRAINTS

This work reinforced how constraints can shape better solutions:

Neutral design patterns can still be clear and engaging
Accessibility-first thinking improves the experience for all users

STARTUP UX LEADERSHIP

As an early UX hire in a new site, this role went beyond design execution and required shaping how UX operates within the team:

Advocating for UX processes alongside delivering design work
Delivering quick wins to build trust and establish credibility in a new site
Balancing strategic thinking around product–market fit with hands-on execution

AI-Augmented VPC Protection Workflow

Team

STATUS

THE CHALLENGE

This work focused on three key UX problems:

Proliferation of Web Groups and Smart Groups

Complexity of making effective traffic-blocking decisions

Inability to easily apply rules across multiple or all VPCs

CONSTRAINTS

No direct access to users (due to privacy restrictions)

Regulatory compliance requirements from the start

Tight timeline with limited UX infrastructure

Engineering team new to UX processes

IMPACT

Reduced Web Group and Smart Group sprawl through reuse

~20% improvement in user productivity

Faster decision-making enabled by AI-driven traffic insights

RESEARCH & DISCOVERY

This project was driven by a central question: How might we make traffic protection more intuitive, scalable, and insight-driven?

To answer this, I grounded the problem in the realities of the users- Network Security Engineers in larger organizations and Cloud/Platform Engineers in smaller teams.

User Context: Greenfield vs. Brownfield Environments

Beyond user roles, I identified that workflows and decision-making varied significantly based on the maturity of the user’s environment, specifically whether they were operating in a greenfield or brownfield setup.

This distinction had a direct impact on how users approach traffic protection.

With a clearer understanding of user behavior, I mapped the end-to-end journey—from traffic observation → decision-making → enforcement.

DESIGN STRATEGY

Instead of introducing a standalone conversational chatbot, AI was embedded directly into the workflow at critical decision points.

The goal was to assist users in interpreting traffic insights, making informed blocking decisions, and navigating complex scenarios, while improving overall efficiency.

This approach positioned AI as a decision-support layer, guiding users contextually rather than requiring separate interaction.

Design decisions were shaped by both accessibility requirements and a highly specialized user base:

Reduced emphasis on aggressive or persuasive CTAs to avoid biased actions

Maintained a neutral, utility-focused visual language aligned with security workflows

Prioritized clarity, readability, and low cognitive load for expert users operating in high-stakes environments

To embed UX into a fast-moving, engineering-led environment, I established lightweight but consistent processes:

Weekly design workshops with Product, Legal, and Engineering to align on constraints and decisions

Parallel design and development tracks to maintain speed without blocking progress

Structured design reviews encouraging critical feedback and edge-case exploration

Integration of UX checkpoints into existing scrum ceremonies to ensure continuous alignment

IDENTIFIED PROBLEMS & SOLUTIONS

Problem: Previously, users were limited to selectively blocking FQDNs (Allow all, deny few model), which can lead to fragmented rule creation and is more suitable to greenfield or new-to-security brownfield users.

Solution: By introducing an explicit choice of entry point model to a more structured approach, enabling greater flexibility while reducing the number of rules required to manage undesired traffic.

The workflow begins with a foundational choice:

Adopting a Zero Trust posture, enforcing strict access controls by default

Allowing baseline traffic with selective enforcement, where only high-risk FQDNs are blocked

The user already has existing web groups.

Some domains being selected are already included in other web groups.

The user wants to choose a web group where many of the selected domains already exist.

The user wants to edit the closest matching web group and add any remaining domains.

Display a message informing the user that “Some of these domains already exist in other web groups.”

System generated closest matches for the WebGroup being created to a WebGroup that already exists, showcasing if selecting an existing WebGroup we will need to add domains to fulfill all domains in the selection.

While monitoring, you might discover an issue in one VPC that should be addressed everywhere. For example, if you detect traffic to torrent domains in a single VPC, you may want to block that traffic across all VPCs not just the one being monitored.

Solution: To support this, users should be able to create rules that apply to one, multiple, or all VPCs after identifying risky domains.

IMPLEMENTATION

Trained full-stack and backend developers on UX implementation:

Design handoff processes using detailed specifications

Component-based thinking for scalable development

Usability heuristics integrated into code review

LESSONS LEARNED

This project required navigating unclear requirements by:

Exploring multiple hypotheses in parallel

Relying on SME input as a proxy when direct user access wasn’t available

Creating early and frequent feedback loops with pilot customers

This work reinforced how constraints can shape better solutions:

Neutral design patterns can still be clear and engaging

Accessibility-first thinking improves the experience for all users

As an early UX hire in a new site, this role went beyond design execution and required shaping how UX operates within the team:

Advocating for UX processes alongside delivering design work

Delivering quick wins to build trust and establish credibility in a new site

Balancing strategic thinking around product–market fit with hands-on execution

nice to meet you

let's work together

I'm actively looking for roles, let's connect

gunjan.ux@gmail.com

This project was driven by a central question: How might we make traffic protection more intuitive, scalable, and insight-driven? 

To answer this, I grounded the problem in the realities of the users- Network Security Engineers in larger organizations and Cloud/Platform Engineers in smaller teams. 