Designing Better Entry Points for AI Security Workflows

Exploring how security practitioners move from a blank input to meaningful investigations in Neo.

Project Summary

Role
Product Designer
Duration
8–10 weeks
Team
Product Designer, Founder, Product Manager, 2 Engineers
Platform
Web · AI-native Security Platform
Tools
  • Cursor
  • Figma
  • Claude Code
  • GitHub
  • Vercel
Scope
AI UX · Design Engineering · Prototyping · Frontend Implementation.
Validation
Internal design reviews, engineering feedback, and demo conversations at RSAC

Context and problem

The way we use software is changing. Instead of navigating through buttons, menus, tabs, and workflows, users can now simply describe what they want in natural language. As products become AI-native, interfaces are shifting from clicks to conversations and open-ended intreactions.

Neo is an AI-native security platform by ProjectDiscovery that helps security engineers and researchers identify vulnerabilities, investigate security findings, and audit code using natural language.

Image: Neo task screen with an empty chat input and no workflow guidance.

An open-ended/conversational interface gives users the freedom to ask or do anything, but very little context on what and how they should ask. Without clear examples or starting points, users were left to discover Neo's capabilities through trial and error, often resulting in false positives and inconsistent outcomes.

In a technical product where prompt quality directly influences the quality of the analysis, getting started became one of the biggest UX challenges.

Research

Before exploring solutions, I studied how AI-native technical/developer tools help users move from a blank input to meaningful work.

Image: Competitive research on how AI-native tools handle blank-state entry points.

Across these products, a common pattern emerged. Very few relied on a completely blank starting experience - most combined conversational input with examples, suggested actions, or structured entry points to help users get started.

Process

I worked directly in Neo's development branch, using Cursor to prototype ideas before refining them through design reviews and engineering feedback. This workflow let me iterate quickly and validate interactions before they shipped.

Workflow from neo master and dev branch through prototyping, design reviews, and code review in Shubham's playground.

Giving users a starting point

0:00
Video: Surfacing common workflows as quick-start prompt cards.

The first thing I tackled was the blank state. I surfaced common security workflows directly below the input. Clicking any card instantly prefilled the chat input with the full prompt, ready to run or customize. For users who wanted to go deeper, an "Explore Prompts" button below opened a full sidebar panel.

The sidebar worked well initially, but as the prompt library grew, it became harder to organize, browse, and discover workflows.

Organizing by category

To address the growing prompt collection, I removed the sidebar experience and brought the prompt collection directly into the main experience.

0:00
Video: Category tabs to filter workflows by intent.

I introduced categories below the chat input, helping users browse workflows more efficiently.

As prompts became central to Neo, we moved beyond discovery and focused on prompt creation, management, and sharing.

From suggestions to a library

As the library grew, I redesigned it around browsing instead of categories. Prompts were displayed in a searchable grid with filters, visibility controls, and support for private, team, and public prompts. Users could also fork existing prompts, customize them, and save them as their own.

0:00
Video: Prompt library with creation, visibility, and sharing.

The library was starting to feel less like a collection of suggestions and more like a shared knowledge base where teams could capture, reuse, and build on proven workflows.

The Pivot

RSAC 2026 gave us the opportunity to watch security practitioners use Neo in real-world scenarios. The Prompt Library helped users discover Neo's capabilities, but customer demos revealed a different problem. New users weren't struggling to find prompts. They were struggling to know where to begin.

ProjectDiscovery team demoing Neo at RSAC in front of the booth.
Image: ProjectDiscovery team at RSAC 2026.

Most security workflows required repositories, credentials, authentication tokens, and other context before Neo could produce meaningful results. Experienced users navigated this comfortably, but first-time users often found the growing library overwhelming.

We discussed the feedback internally and concluded that the Prompt Library exposed too much of Neo too early. We narrowed the experience to Neo's three most common workflows: Penetration Testing, Vulnerability Triage, and Code Audit.

Guided workflows

We redesigned the experience around user intent, letting users start with what they want to accomplish instead of choosing from a library of prompts.

0:00
Video: Guided workflow entry with progressive context collection.

Each workflow guides users through a short setup, collecting the repositories, credentials, scope, and other context Neo needs to run an investigation. The prompts still exist under the hood, but users no longer have to read, edit, or understand them.

Outcomes

🚀 Reduced time to value

Users start an investigation by choosing a workflow instead of searching, reviewing, and editing prompts.

🧠 Reduced cognitive load

Users focus on the investigation while Neo guides them through the information each workflow requires.

📈 Scalable experience

New capabilities fit into the same workflow model without expanding a growing library of prompts.

What I Learned

This project changed how I think about AI interfaces. I started by making prompts easier to discover and finished by making them almost invisible.

The project also reminded me that designing AI products isn't about replacing buttons with prompts. It's about helping people complete work without asking them to understand how the system works.

The best interaction isn't always the one users see, sometimes it's the complexity you decide to remove.