Cloud security onboarding was broken in four distinct ways — AWS, Azure, and GCP each had their own wizard, their own mental model, their own failure modes. Security engineers were abandoning setup mid-flow. I led research across four enterprise personas to find the root cause, then designed a single unified modal that collapsed provider complexity into three consistent steps.
Role: Principal Product Designer — user research, competitive strategy, and design direction across 4 personas, collaborating with Product, Engineering, and Customer Success to define a unified onboarding standard at Palo Alto Networks.
12 research interviews across Cloud Security Engineers, IT Operations, Super Admins, and System Administrators. Every session surfaced the same truth — onboarding wasn't just complex, it was broken in four distinct ways.
Cloud accounts, repositories, and security modules were disconnected. Users navigated between systems for tasks that should have lived in one unified place.
AWS required up to 10 steps. Azure up to 8. GCP up to 10. Each provider had its own wizard, its own terminology, its own mental model to learn.
Users didn't know how to configure features after signing up. Security Foundations and Advisories were buried — there was no guided path forward.
When configuration failed — and it often did — there was no clear recovery path. Error messages required domain expertise just to parse, let alone fix.
"Users delay onboarding when the value is unclear. Show what they can accomplish in 3 steps — and the cognitive friction disappears."— Core psychology insight, validated across all 4 personas · Research synthesis, 2023
Each persona had different triggers and success metrics — but all shared the same underlying frustration: too much to figure out, too little guidance upfront.
Cloud Security Engineer
Needs control with clarity. Motivated by speed to deployment and validation. Wants confidence the system is working — not hand-holding through every step.
Cloud Security IT Operations
Manages multi-cloud governance across teams. Driven by operational efficiency and compliance. Can't afford to context-switch between four separate onboarding flows.
Super Admin
Central platform owner across all modules. Needs visibility and permissions in one place — frustrated by controls scattered across separate provider flows.
System Administrator
Hands-on executor. Requires clear step-by-step guidance and unambiguous error messaging. Stops the moment a step is unclear — and doesn't always know who to call.
Design Principle — Unification reduces cognitive load. When users build one mental model instead of four — "Activate my cloud, configure security, review" — they become confident faster. This principle shaped every decision and influenced how future onboarding is built at Palo Alto Networks.
The breakthrough didn't come from the first sketch — it came from mapping every provider's failure mode side by side. Three phases of thinking, each narrowing toward a single unified answer.
Mapped the full first-time user journey: CSP Marketplace → Confirmation Email → Dashboard → Platform. Users lacked immediate gratification. Security Foundations, Advisories, and Cloud Accounts were all disconnected entry points with no coherent thread.
AWS: 8–10 steps. Azure: 6–8 steps. GCP: 8–10 steps. Each with different terminology, different error patterns, different mental models. Four personas, twelve interview rounds, one clear finding: visibility of options was the single biggest friction point across all providers.
A single modal, accessible from any page. Cards for security modules. Three steps: Get Started → Configure Details → Review Status — identical across AWS, Azure, and GCP. Required API rewrites and stakeholder alignment across five product owners. Built collaboratively with Engineering Head and UI Managers to ensure the vision survived implementation.
"My idea was to have a unified design to onboard all providers. Getting all product owners to agree was the hardest design problem I solved on this project."— Design decision rationale, Prisma Cloud Onboarding · Palo Alto Networks, 2023
WIZ solved step count — two steps, clear labels, fast ingestion via CloudTrail. They own simplicity. Our differentiation was the cognitive model: where WIZ shows options, Prisma Cloud guides decisions. Unified permissions, progressive disclosure, and built-in error recovery gave us an edge that step-count reduction alone couldn't replicate.
The redesigned 3-step modal was measured against every cloud provider deployment type. Every metric moved in the right direction.
| Provider | Deployment | Wizards Before → After | Reduction | Clicks Before → After | Reduction |
|---|---|---|---|---|---|
| AWS | Standalone | 5 → 3 | 40% | 10 → 6 | 40% |
| Organization | 6 → 3 | 50% | 15 → 6 | 60% | |
| GCP | Project | 6 → 3 | 50% | 11 → 6 | 45% |
| Organization | 7 → 3 | 57% | 17 → 9 | 47% | |
| Azure | Subscription | 6 → 3 | 50% | 16 → 10 | 38% |
| Tenant | 7 → 3 | 57% | 19 → 8 | 58% |
All cloud deployments now share the same 3-step modal experience — no more learning different interaction patterns per provider.
"This is exactly what builds our confidence in Prisma Cloud, we really feel Prisma Cloud is listening to customers and improving what matters to us. This simplifies our effort as we plan to add more accounts in the next few months."Informatica
"We currently have a 10-step onboarding checklist for each cloud type and based on what we see currently, I can reduce that to just a couple for each cloud. This is a huge improvement for us in terms of how we enable different capabilities Prisma Cloud offers."Unacademy
"Unified Onboarding experience in PCEE was very positive experience. Everything just worked."NVIDIA POC Team
Internal recognition from Engineering leadership, Product, and UX teams across multiple regions:
Complete case study PDF with detailed research findings, design iterations, and competitive analysis available upon request.
Research artifacts, design iterations, and stakeholder feedback included.
Enter the password to download the full PDF with wireframes and research findings.