← Work
HackerOne · 2023

HACKI: an AI security assistant

Security teams were drowning in vulnerability data. I led the design of HACKI, an AI assistant that lets them ask the data questions and get trustworthy answers in plain language, in any language.

Role
Head of Product Design
Year
2023
Tools & methods
Figma, FigJam, OpenAI, Participatory design, Usability testing

Overview

HACKI is a conversational AI assistant designed for HackerOne's enterprise security platform. As Head of Product Design I owned the exploration end to end: problem framing, research, the conversational interaction model, and the interface, partnering closely with engineering and product. It is the case study of working out how an AI-native assistant earns a security team's trust, the model that went on to shape the customer-centric AI agents I designed next.

The problem

Security teams on HackerOne were drowning. Vulnerability data was scattered across dashboards, reports arrived faster than analysts could triage them, and non-English-speaking teams lost time translating findings before they could act. In security, slow interpretation is expensive: it means missed threats and delayed response.

Problem · from reading everything to asking anything
The old way · drowning in data
01Jump between scattered dashboards
02Reports arrive faster than anyone can triage
03Translate findings before non-English teams can act
04Read everything, hope nothing critical slips
noise hides the threat
The HACKI way · ask and answer
Ask the data a plain-language question
Get a grounded answer that cites its sources
Read it in any language, inline
One question, a trustworthy answer, in seconds.
In security, slow interpretation is expensive: it means missed threats and delayed response. The job was never to add another dashboard, it was to let people ask the data questions and trust the answer.

Research & discovery

I ran task-analysis and participatory-design sessions with analysts and security leads to map where time was actually lost, not where we assumed it was. That research reframed the work. The goal was never another dashboard. It was a way to ask the data questions and get answers people could act on without second-guessing.

Insights: the reframe

  • We assumed teams needed a better dashboard. Research showed they needed to stop reading and start asking. The unlock was a question-and-answer model, not another set of charts.
  • Trust came from transparency. People believed an answer only when they could see where it came from, so HACKI had to cite its sources and show its reasoning.
  • Translation was a hidden tax. Global teams were spending real time turning findings into their own language before they could even start.

Exploration & iteration

Exploration · what I tried and killed
TriedKilled
A smarter dashboard
Still made analysts read and hunt. We were adding to the noise, not cutting through it.
TriedKilled
A static report generator
Tidy, and a dead end. No way to ask the follow-up question that actually mattered.
TriedKilled
A generic chatbot
Confident answers with no grounding and no sources. Security teams will not trust that.
The direction
A conversational assistant that shows its work.
Ask in plain language, get an answer grounded in the team’s live data, with the sources it drew from. Trust comes from transparency.
Each dead end taught the same lesson: an answer a security analyst cannot verify is worthless. What survived was a conversational assistant grounded in HackerOne data, that shows its work.

Testing: what changed

Testing · what sessions revealed → what I changed
What sessions revealed
What I changed
Analysts would not trust an answer they could not verify.
Made HACKI cite its sources and show how it reached each answer.
Security jargon and raw data slowed people down.
Answers in plain language, plus auto-generated summaries of long reports.
Non-English teams lost time translating findings before acting.
Inline multilingual support, so global teams read findings in their own language.
I ran participatory-design and usability sessions with real analysts and security leads. The recurring theme was trust, and every change traces back to earning it.

The solution

HACKI lets a security team ask its own data anything, in plain language.

Solution · ask in plain language
hackerone.com
What security teams actually ask HACKI, in plain language.

It answers in context, grounded in the team's live data, and shows where each answer came from.

Product · HACKI
hackerone.com
HACKI answers in context, grounded in the team’s live data, and shows where the answer came from.

The scattered dashboards became unified views, and long reports became auto-generated summaries that read in any language.

Product · HACKI
hackerone.com
Unified views replaced the scattered dashboards analysts used to jump between.
Product · HACKI
hackerone.com
Public Experiments: auto-generated, plain-language summaries of publicly disclosed reports.
Auto-generated summaries turned disclosed reports from a wall of text into something a team could scan and act on.

Impact

HACKI was an early exploration for HackerOne's enterprise platform: a concept for turning scattered, jargon-heavy vulnerability data into answers anyone on the team could act on, in plain language, with every answer citing its sources. It did not ship, but the model it proved out, an AI that shows its work so people trust it, became the foundation for the customer-centric AI agents I designed next. I owned the problem framing, the interaction model, and the interface.

Reflection

The lesson that carried into everything since: an AI feature is only as good as the trust it earns. People did not want a smarter black box, they wanted to see the work. Grounding every answer in real data and its sources is the difference between a clever demo and something a security team would actually rely on, and it became the through-line of the AI work that followed.