Making runtime web security a little more friendly.


  • Front-End Web Development
  • SaaS
  • UX Design

Monitoring runtime security of a web application or website can be challenging endeavor, otto wants to change that.



The goal of the user experience for ottoBox was to make the application as simple to work with as an email client, which we opted to keep as a visual metaphor while designing and developing the first version of this product.


Of primary importance is the fact that the user may not always understand what it is they are looking at, so providing them with the most rich data possible is key. Another important factor is understanding that the product sometimes works silently. It is a good thing to be able to login and not see anything in the inbox, but how do we show that we are still providing value led us to adding a "pageviews" count and keeping the items that were automatically blocked by the system in a separate "drawer."  When the user logs in, they can see that we are still monitoring and have provided value by blocking known issues without the user doing anything.

Another complex issue we wanted to solve was dealing with Content Security Policies. CSPs can be a headache to manage, especially on larger websites that make hundereds or thousands of 3rd party web requests. The platform was designed to make managing and deploying CSPs easy and seamless. The user is given a simple visual layout of the CSP rules, making it easy to add found violations to the policy, quickly save, preview and deploy.


Taking complex, high risk issues like Cyber Security and turning them into pleasant and simple user experiences has taken a lot of research, conceptualizing, and revision to get us to a place where we have a deployable product that is delighting users already.