Personas are powerful tools in the realm of user-centred design, helping us understand and empathise with the diverse individuals who engage with our project. They provide us with fictional yet highly detailed representations of real-world users and contributors. By crafting personas, we can gain deep insights into the motivations, needs, and challenges that these individuals face.
For Thread, personas are instrumental in shaping pathways for both contributors and users. They help us tailor our project's features, documentation, and community engagement efforts to cater to the unique requirements of various stakeholders. Personas ensure that Thread is not a one-size-fits-all solution but a versatile platform that can be embraced and enriched by a wide range of cybersecurity professionals. Ultimately, these personas empower us to create a more inclusive, supportive, and user-friendly ecosystem around Thread.
Background: Garnet is a seasoned CTI analyst with a strong background in cybersecurity. She works for a global corporation specialising in threat analysis and intelligence. Garnet holds a master's degree in cybersecurity and has several industry certifications.
Motivations and Needs: Garnet is highly motivated to stay ahead of emerging cyber threats and vulnerabilities. She seeks tools and platforms that can streamline the process of mapping threat intelligence to MITRE ATT&CK®. Her primary need is access to accurate and up-to-date threat data to enhance her customer's security posture.
Pathway for Garnet:
- Discovery: Garnet discovers Thread through professional cybersecurity forums and recommendations from industry peers.
- First Contact: She visits the Thread website, explores its features, and reads user testimonials.
- Participation: Garnet decides to use Thread as a supplementary tool for threat intelligence mapping. She downloads the software and starts analysing reports.
- Sustained Participation: Impressed with Thread's efficiency, Garnet becomes a regular user and engages in the community discussions to share her experiences and insights.
- Networked Participation: Garnet collaborates with other CTI analysts within her organisation, encouraging them to incorporate Thread into their workflows.
- Leadership: Recognising her expertise, Garnet contributes to Thread's development by providing feedback, sharing best practices, and possibly contributing to the open source project.
Solutions for Garnet:
-
Stumbling Block: Learning Curve
-
Solution: Thread offers comprehensive documentation, tutorials, and a supportive community to assist Garnet in quickly becoming proficient in using the platform.
-
Stumbling Block: Integration Challenges
-
Solution: Thread provides integration guides and support for seamlessly incorporating its capabilities into Garnet's existing threat intelligence tools and systems.
Background: Vivi works as a SOC analyst at a mid-sized financial institution. Although not specialised in CTI, Vivi is responsible for monitoring security alerts and responding to potential threats. A bachelor's degree in cybersecurity backs up Vivi's knowledge.
Motivations and Needs: Vivi seeks efficient tools to enhance threat detection and incident response capabilities. While not a dedicated CTI analyst, Vivi understands the value of MITRE ATT&CK® and wants an accessible solution to map threat intelligence.
Pathway for Vivi:
- Discovery: Vivi comes across Thread while researching tools suitable for SOC environments.
- First Contact: Vivi explores Thread's user-friendly website and watches introductory videos to understand its benefits.
- Participation: Intrigued by Thread's capabilities, Vivi downloads and installs the software to start mapping TTPs to incoming reports.
- Sustained Participation: Vivi integrates Thread into the SOC workflow, using it regularly to enhance threat detection capabilities and expedite incident response.
- Networked Participation: Vivi shares insights about Thread's value with colleagues in the SOC team, encouraging them to adopt it.
- Leadership: Over time, Vivi becomes a resource within the SOC team for utilising Thread effectively and contributes to the user community with tips and advice.
Solutions for Vivi:
-
Stumbling Block: Limited CTI Knowledge
-
Solution: Thread offers user-friendly features and resources tailored to SOC analysts, simplifying the learning curve for users like Vivi.
-
Stumbling Block: Integration with Existing Tools
-
Solution: Thread provides integration guides and compatibility with common SOC tools to ensure seamless adoption.
Background: Beatrix works as an IT administrator at a medium-sized manufacturing company. Her role involves managing the organisation's network and ensuring its security. Beatrix has a strong technical background but is not a cybersecurity expert.
Motivations and Needs: Beatrix needs accessible cybersecurity tools that can assist her in identifying potential threats within the organisation's network. While she is not a dedicated CTI analyst, she values solutions that can enhance security.
Pathway for Beatrix:
- Discovery: Beatrix stumbles upon Thread while researching cybersecurity solutions suitable for her role.
- First Contact: Beatrix visits the Thread website and finds user-friendly guides on how the platform can support IT administrators in threat detection.
- Participation: Beatrix decides to try Thread to analyse a recent report of a cyber security incident a competitor suffered, appreciating its user-friendly interface.
- Sustained Participation: Impressed with Thread's assistance in identifying TTPs, Beatrix incorporates it into her regular routine.
- Networked Participation: Beatrix shares her experience with fellow IT administrators in her network management community.
- Leadership: Beatrix becomes a valuable resource for IT administrators looking to bolster network security and contributes insights to the Thread user community.
Solutions for Beatrix:
-
Stumbling Block: Lack of Cybersecurity Expertise
-
Solution: Thread provides simplified threat intelligence mapping features and resources tailored to IT professionals not working solely in IT security, making it accessible for users like Beatrix.
-
Stumbling Block: Compatibility with Existing IT Tools
-
Solution: Thread offers integration support and guides for seamless implementation within Beatrix's existing environment.