top of page

LITAL BAR NOY

Screenshot 2025-11-09 at 19.43.35.png

To solve these challenges, I led the UX effort to consolidate CyberX’s product surfaces into a consistent Microsoft experience. This included:

  • Translating OT security concepts
    into a unified Microsoft taxonomy that aligned with Defender, Sentinel, and Azure conventions.

  • Redesigning CyberX’s core interfaces
    using the Microsoft Fluent Design System to ensure visual and interaction consistency.

  • Standardizing controls, components, and layout patterns
    so that complex industrial data was displayed clearly and predictably.

  • Ensuring hybrid deployment workflows matched Azure mental models, while preserving the depth required for OT practitioners.

This consolidation delivered a seamless experience that integrated CyberX technology into the broader Microsoft security ecosystem, reducing cognitive load and improving cross-product usability.

Design Response: A Unified Experience Built on Fluent

IoT Security

Microsoft

Microsoft Defender for IoT provides comprehensive threat detection for IoT and OT environments, supporting cloud, on-premises, and hybrid industrial networks. It enables security teams to monitor devices, detect anomalies, and respond to operational threats across highly diverse infrastructures.

c7ce060e-9922-48b4-931d-329bd42b194d_rw_1920 (1).png

Microsoft Defender for IoT delivers comprehensive threat detection across IoT/OT environments with flexible cloud, on-premises, and hybrid deployments. When Microsoft acquired the Israeli cybersecurity firm CyberX, it introduced advanced OT security capabilities but also a major design alignment challenge. I led the consolidation effort, translating CyberX’s complex UI and OT concepts into Microsoft’s Fluent Design System and redesigning core interfaces for seamless integration into the Azure portal.

Overview

The acquisition of CyberX brought OT threat detection capabilities into Microsoft’s security ecosystem, but also introduced major UX challenges:

  • CyberX and Azure had completely different design systems

  • OT security workflows were highly specialized and didn’t map cleanly onto existing Microsoft conventions.

  • Investigations required switching between products, increasing cognitive load and making it harder for operators to form a complete threat picture.

  • Terminology and taxonomies were inconsistent, creating gaps in understanding for customers already using Microsoft’s security stack.

This fragmentation created friction, slowed triage workflows, and limited adoption across enterprise and industrial customers.

Two Products, Two Design Languages, One User Base

Frame 2018777104.png

How Microsoft Microsoft Defender
for IoT uses the IoT Hub

bottom of page