Optimizing Search

Company Overview

Bolster AI uses AI to automate the detection, analysis, and takedown of threats across lookalike domains, social media, app stores, and the dark web. Our solutions safeguard organizations of all sizes from startups to big companies in varies industries such as Roblox, LinkedIn, Dropbox, and Uber. Backed by Microsoft's venture fund.

Our most common personas include teams in Security Engineer, Chief Information Security Officer, SOC Analyst, Security Engineer, and additionally Legal and Marketing teams that are also involved in brand protection.

I was the 1st Growth hire building Product-Led Growth (PLG) strategy and roadmap from scratch, focusing on new user acquisition, activation, engagement, and monetization/pricing for our community freemium product CheckPhish.

Context

Our product supports Security Professionals with two key use cases. The typosquat monitoring feature is a new addition to support our Product-Led Growth (PLG) strategy.

1. URL Scanner: Determines if a link is phishing, clean, or a scam. This feature attracts both professionals and personal users.

2. Typosquat Domain Monitoring: Identifies lookalike domains impersonating a brand.

Problem

Through post-launch data analysis, I identified that many users were inputting long URLs into the Domain Monitoring tool, indicating confusion between the URL Scanner and Domain Monitoring features. This required deeper investigation to reduce resource strain on non-intent domains and improve user clarity.

User Research and Insights:

Data Insights:

After releasing the new domain monitoring feature on both web and app, I noticed around ~13% of in-app users and ~80% of web visitors mistakenly using the Domain Monitoring input for phishing link checks, causing confusion between the URL Scanner and Domain Monitoring Use Cases.

The higher error rate among website visitors suggested that users were coming for the URL check use case and mistakenly using the Domain Monitoring search bar.

Qualitative Insights:

I set up an in-app user survey, which confirmed that most registered users were primarily interested in the Scan URL use case, with fewer users engaging with the typosquat domain monitoring feature, validating my hypothesis.

Challenges and Cross-Functional Collaboration

After identifying the user input issues, I presented the findings to the product design and engineering teams.

Initial Solutions

• The product and design teams proposed a single search action to simplify the user experience, providing one outcome for both URL checks and typosquat searches.

Engineering Constraints:

• Engineering highlighted the need to know user intent due to detection limitations. For example, "newamazon.com" could be either a phishing site or a real domain someone wants to check for lookalikes, requiring different actions based on intent.

Guidance-Focused Solution:

• We agreed to focus on guiding users to the correct use case, reducing errors and ensuring relevant results.

Solutions

Implement targeted guide messages for both web and in-app users to direct them correctly between Domain Monitoring and URL Scanner features. Aim to reduce URL Path errors by improving the overall user experience and feature clarity.

1. Optimize web homepage for visitor use cases

3. Auto-Detected Guidance

Impact

• Lowered URL input errors to <3%, improving domain monitoring efficiency and reallocating resources more effectively

• Leading to more accurate domain monitoring and a 4.3/5 user satisfaction rating for the new feature