Tony Corneto
← Work
HackerOne · 2023

HACKI: an AI security assistant

Security teams were drowning in vulnerability data. I led the design of HACKI, an AI assistant that lets them ask the data questions and get trustworthy answers in plain language, in any language.

Role
Head of Product Design
Year
2023
Tools & methods
Figma, FigJam, OpenAI, Participatory design, Usability testing

Overview

HACKI is a conversational AI assistant layered over HackerOne's enterprise security platform. As Head of Product Design I owned it end to end: problem framing, research, the conversational interaction model, the interface, and the rollout, partnering closely with engineering and product. It is the case study of bringing an AI-native assistant into an established enterprise product, and earning a security team's trust in it.

The problem

Security teams on HackerOne were drowning. Vulnerability data was scattered across dashboards, reports arrived faster than analysts could triage them, and non-English-speaking teams lost time translating findings before they could act. In security, slow interpretation is expensive: it means missed threats and delayed response.

Problem · from reading everything to asking anything
The old way · drowning in data
01Jump between scattered dashboards
02Reports arrive faster than anyone can triage
03Translate findings before non-English teams can act
04Read everything, hope nothing critical slips
noise hides the threat
The HACKI way · ask and answer
Ask the data a plain-language question
Get a grounded answer that cites its sources
Read it in any language, inline
One question, a trustworthy answer, in seconds.
In security, slow interpretation is expensive: it means missed threats and delayed response. The job was never to add another dashboard, it was to let people ask the data questions and trust the answer.

Research & discovery

I ran task-analysis and participatory-design sessions with analysts and security leads to map where time was actually lost, not where we assumed it was. That research reframed the work. The goal was never another dashboard. It was a way to ask the data questions and get answers people could act on without second-guessing.

Insights: the reframe

  • We assumed teams needed a better dashboard. Research showed they needed to stop reading and start asking. The unlock was a question-and-answer model, not another set of charts.
  • Trust came from transparency. People believed an answer only when they could see where it came from, so HACKI had to cite its sources and show its reasoning.
  • Translation was a hidden tax. Global teams were spending real time turning findings into their own language before they could even start.

Exploration & iteration

Exploration · what I tried and killed
TriedKilled
A smarter dashboard
Still made analysts read and hunt. We were adding to the noise, not cutting through it.
TriedKilled
A static report generator
Tidy, and a dead end. No way to ask the follow-up question that actually mattered.
TriedKilled
A generic chatbot
Confident answers with no grounding and no sources. Security teams will not trust that.
Shipped
A conversational assistant that shows its work.
Ask in plain language, get an answer grounded in the team’s live data, with the sources it drew from. Trust comes from transparency.
Each dead end taught the same lesson: an answer a security analyst cannot verify is worthless. What survived was a conversational assistant grounded in HackerOne data, that shows its work.

Testing: what changed

Testing · what sessions revealed → what I changed
What sessions revealed
What I changed
Analysts would not trust an answer they could not verify.
Made HACKI cite its sources and show how it reached each answer.
Security jargon and raw data slowed people down.
Answers in plain language, plus auto-generated summaries of long reports.
Non-English teams lost time translating findings before acting.
Inline multilingual support, so global teams read findings in their own language.
I ran participatory-design and usability sessions with real analysts and security leads. The recurring theme was trust, and every change traces back to earning it.

The solution

HACKI lets a security team ask its own data anything, in plain language.

Solution · ask in plain language
hackerone.com
What security teams actually ask HACKI, in plain language.

It answers in context, grounded in the team's live data, and shows where each answer came from.

Product · HACKI
hackerone.com
HACKI answers in context, grounded in the team’s live data, and shows where the answer came from.

The scattered dashboards became unified views, and long reports became auto-generated summaries that read in any language.

Product · HACKI
hackerone.com
Unified views replaced the scattered dashboards analysts used to jump between.
Product · HACKI
hackerone.com
Public Experiments: auto-generated, plain-language summaries of publicly disclosed reports.
Auto-generated summaries turned disclosed reports from a wall of text into something a team could scan and act on.

Impact

HACKI shipped inside HackerOne's enterprise platform. It turned scattered, jargon-heavy data into answers anyone on the team could act on: faster, more confident decisions, and global teams no longer paying a hidden translation tax to read their own findings. I designed the interaction model and the interface and led it from problem framing through rollout.

Reflection

The lesson that carried into everything since: an AI feature is only as good as the trust it earns. People did not want a smarter black box, they wanted to see the work. Grounding every answer in real data and its sources is what turned a clever demo into something a security team would actually rely on.

Next case study
Customer Archetypes