Fugue

At Fugue, I led the user experience design and frontend implementation for an enterprise cloud security and compliance platform used by security engineers and DevSecOps teams. As the primary designer and frontend engineer, I crafted intuitive, scalable interfaces that enabled users to import, navigate, and analyze large data sets, giving them a clearer view of their cloud security posture and helping them manage it more effectively.

Below, is a closer look at how I designed and implemented a key feature to improve usability and efficiency.

Rule Waivers

Understanding the Problem

Cloud compliance relies on rule sets to enforce recommended security guidelines, but not every rule applies universally. Most organizations have rules that don’t align with their policies, while others may want to exclude specific resources from scan results. Without a way to ignore these irrelevant findings, security engineers are overwhelmed by noise, making it harder to identify real security risks quickly.

Research & Design

Through customer research, we determined that rule waivers needed to focus on patterns that applied to groups of resources, rather than individual exclusions. This led us to designing a system where users could create pattern-based waivers (using Rego syntax) to apply waivers to resources of a specific type, provider, environment, or tag—ensuring they could effectively reduce noise at scale.

We did not show low fidelity prototypes to users at Fugue, so often I started with paper sketches to quickly explore ideas before moving to digital prototypes. Old school? Yes. Fast and effective? Also yes.

Initially, I considered using textboxes for manual pattern entry, providing a fast input method for users familiar with Rego syntax. However, since not all users were comfortable with Rego and many common patterns were used—such as waiving all resources of a certain type (e.g., Azure.Storage.Account), all resources from a specific provider (e.g., Azure.Storage.*), or all resources regardless of type (e.g. *) while relying on other criteria—I opted for dropdown-based selections for faster, more structured inputs. This approach required an extra click or two, but ultimately reduced manual errors and improved usability.

To validate the design, I experimented with Maze, a remote user testing tool that allowed us to gather insights asynchronously. While this limited stream-of-consciousness feedback, it provided valuable usability data. 88% of users successfully completed the test scenarios, confirming the dropdown order and navigation flow. The biggest takeaway was the need for clearer confirmation messages, leading me to implement toasts and page notes for better feedback.

Implementation

Since I had previously built reusable form components for other features, implementing rule waivers was straightforward. The waiver creation panel and management page shared the same modular form structure, ensuring a consistent user experience. One of the trickier challenges was handling provider-specific dropdowns, as cloud providers use different resource type structures and we supported various infrastructure-as-code options, which had additional syntax variations (e.g., AWS.S3.Bucket, aws_s3_bucket, AWS::S3::Bucket). However, it was a fun pattern challenge to make sure I accurately handled the various conditionals without bloating the code.

Outcome & Reflection

Pattern-based rule waivers had been a highly requested feature, and its release was well received. Most users found the dropdown-based selections intuitive, while power users who preferred manual entry utilized the API.

Looking ahead, I would have liked to add a direct Rego input option within the panel for advanced users, making it more accessible without needing the API. Additionally, a quick-reference section with common pattern syntax would have reduced reliance on external documentation.

Overall, this MVP successfully helped users reduce noise, allowing them to focus on real security risks more efficiently. I was proud of how the solution balanced usability and flexibility for different user needs.

Additional Feature Samples