IBM Security - Bulk Operations of Data Sources
Creating a more efficient, design system compliant and better user experience for IBM QRadar NGLM (Next Gen Log Management)
Context: Next-Generation Log Management (NGLM) is an enterprise security product within IBM Security QRadar for threat detection workflows.
Problem: Security admins struggled to efficiently integrate and manage multiple data sources due to a fragmented bulk workflow that required extensive manual steps and poor affordance.
Role: Lead UX Designer on a three-designer team (research, prototyping, delivery).
Constraints: Legacy platform dependencies, strict internal design system (Carbon), complex user workflows.
Outcome: Redesigned bulk operations flow that improves efficiency, reduces cognitive load, and aligns with design system standards, these all resulted in measurable reductions in task friction and clearer user guidance.
The core challenge wasn’t simply “redesigning UI screens.” It was that enterprise security operators were spending excessive time on repetitive setup tasks that should scale. This undermines productivity and increases operational risk. Traditional bulk upload tooling (CSV download/edit/upload) introduced error-prone steps and lacked clear recovery paths for failures.
It all starts with research and knowing yourself & your competitors
During the understand and explore phases, I conducted competitive research on five major competitors and performed audits of the current IBM NGLM experience within QRadar. Several key areas for improvement in the process were identified based on my findings.
Competitors - Shopify
Embeded bulk editor (instead of downloading .csv file and uploading back to the platform)
Current NGLM experience - Naming templates
Template use is mandatory but hard to find/use in the current nested tooltip.
Current NGLM experience -Error prevention
Explorations needed to understand what is required, what does the checkbox do, how can we make the name template more accessible.
Working within the IBM Carbon design system was both a constraint and opportunity — it ensured future scalability across other security modules and improved developer handoff clarity.
Instead of patching quick UI fixes, I categorized elements into:
Re-use as-is Carbon components
Modified components for workflow context
New patterns required for bulk state management
This categorization helped the engineering team plan accurate effort estimates and improved implementation quality.
Key Decisions Made
-
Instead of reinforcing the old pattern of external CSV manipulation (which increased context switching and error risk), we prioritized in-product bulk actions such as inline selection and batch edit affordances.
Impact: Operators no longer had to leave the interface or manage external files — significantly reducing task time and error surface.
-
Previous workflows hid critical context like actionable bulk status and variable assignment options behind nested tooltips. We redesigned these to be explicit, predictable, and consistent with enterprise mental models.
Impact: Reduced cognitive load and accelerated confidence in task progress. -
Rather than leaving users on a loading screen with minimal feedback, we introduced downloadable summaries and clear recovery steps for error states. This respected real admin work patterns where failed operations still convey value and require follow-up action rather than abandonment.
Final design for NGLM bulk add process delivered to developers.
Deliver
- Hi-fidelity clickable prototype to demonstrate the bulk add/edit/delete workflow.
- UI Copy with accurate content.
- Handover document with library of Carbon components, typography, spacing reference guide for Development team.
Impact
5 major user pain points addressed
Lack of visibility on which data sources are actionable as bulk operation
Bring efficiency to bulk adding workflow with reduced steps
Bring efficiency to bulk adding workflow with reduced steps
Variables to assign unique names are hidden
Would like to preview configuration details in the product UI before saving
Would like to save result to address any errors
4 key UX and usability improvements
Clear affordance of available bulk actions on select data sources
Flexibility and efficiency of use of variables
Freedom to continue other tasks instead of being stuck on loading
Error recovery through downloadable summary reports