ESO | Yashika Saxena

Open Source compliance management

Project Overview

Code scan is a web-based application for analysing software source code to - identify open source components and dependencies, check for licence compliance and detect security vulnerabilities.

Client: ESO

Industry: Developer Tools, Legal tech

Product Type: Web application

Team: 1 Product Manager, 6 Engineers, 1 UX Designer

My Role: UX Designer

My Responsibilities

Collaborated with the users (Legal, Management and Development teams) to gather requirements and align on product objectives.
Translated business and legal requirements into user-centered flows.
Redesigned legacy screens to improve accessibility, clarity, and overall user experience.
Conducted UI reviews and provided iterative improvements to maintain design quality and consistency.

Major Tools used

AXURE RP 11
Design and Prototyping

Jira, Confluence, Monday.com, Miro
Collaboration and brainstorming

Project Context

As the organization expanded its use of open-source software, managing license and copyright documentation became increasingly complex and time-consuming. A centralized, user-friendly system was needed to streamline compliance workflows, improve accuracy, and ensure legally compliant disclaimer generation.

Key Challenges

Highly technical flows. (Licence data, dependency trees, compliance results)

Challenge

Overwhelming, cluttered, confusing interfaces can lead to missed information.

UX Issue

Solution

- Used clear visual hierarchies
- HIghlighted actionable issues.

Scans generated large number of findings

Users can face alert fatigue if everything seemed equally important.

Categorize alert by severity.
Provide clear remediation steps.

Collaboration and communication between different user groups.

This may lead to a complete failure of the product.

- Establishing efficient links between all user groups.
- Status tracking, task assigments

ECS2.0 implementation

Screen below represents the Legal section where the legal team can review, edit and comment on the selected disclaimes. This was one of the most important steps for them.

Overview

Disclaimer full text

Package info tab helps them to have a complete overview of all the submitted packages and number of matches, copyrights and licenses found.

Vulnerability assessment report of the packages with the CVE scores are used by the Security Manager to standardize tracking, enable chain transparency and guide risk management.

Overall score

This project is subject to a Non-Disclosure Agreement (NDA), so I’m unable to share additional details at this time.
If you’re interested in learning more, please feel free to reach out directly, and I’d be happy to discuss further

But the fun i had while working here - that does not come under any NDA.

Behind the Scenes: Office Edition

20241213_204839_anonymized (1)_edited.jp

YS.

Open Source compliance management

Project Overview

Code scan is a web-based application for analysing software source code to - identify open source components and dependencies, check for licence compliance and detect security vulnerabilities.

Client: ESO

Industry: Developer Tools, Legal tech

Product Type: Web application

Team: 1 Product Manager, 6 Engineers, 1 UX Designer

My Role: UX Designer

My Responsibilities

Major Tools used

AXURE RP 11
Design and Prototyping

Jira, Confluence, Monday.com, Miro
Collaboration and brainstorming

Project Context

Key Challenges

Highly technical flows. (Licence data, dependency trees, compliance results)

Challenge

Overwhelming, cluttered, confusing interfaces can lead to missed information.

UX Issue

Solution

- Used clear visual hierarchies
- HIghlighted actionable issues.

Scans generated large number of findings

Users can face alert fatigue if everything seemed equally important.

Categorize alert by severity.
Provide clear remediation steps.

Collaboration and communication between different user groups.

This may lead to a complete failure of the product.

- Establishing efficient links between all user groups.
- Status tracking, task assigments

ECS2.0 implementation

Screen below represents the Legal section where the legal team can review, edit and comment on the selected disclaimes. This was one of the most important steps for them.

Overview

Disclaimer full text

Package info tab helps them to have a complete overview of all the submitted packages and number of matches, copyrights and licenses found.

Vulnerability assessment report of the packages with the CVE scores are used by the Security Manager to standardize tracking, enable chain transparency and guide risk management.

Overall score

This project is subject to a Non-Disclosure Agreement (NDA), so I’m unable to share additional details at this time.
If you’re interested in learning more, please feel free to reach out directly, and I’d be happy to discuss further

Behind the Scenes: Office Edition

Thank you for reading through.

Open Source compliance management

Project Overview

Code scan is a web-based application for analysing software source code to - identify open source components and dependencies, check for licence compliance and detect security vulnerabilities.

Client: ESO Industry: Developer Tools, Legal tech Product Type: Web application Team: 1 Product Manager, 6 Engineers, 1 UX Designer My Role: UX Designer

My Responsibilities

Major Tools used

AXURE RP 11 Design and Prototyping

Jira, Confluence, Monday.com, Miro Collaboration and brainstorming

Project Context

Key Challenges

Highly technical flows. (Licence data, dependency trees, compliance results)

Challenge

Overwhelming, cluttered, confusing interfaces can lead to missed information.

UX Issue

Solution

- Used clear visual hierarchies - HIghlighted actionable issues.

Scans generated large number of findings

Users can face alert fatigue if everything seemed equally important.

Categorize alert by severity. Provide clear remediation steps.

Collaboration and communication between different user groups.

This may lead to a complete failure of the product.

- Establishing efficient links between all user groups. - Status tracking, task assigments

ECS2.0 implementation

Screen below represents the Legal section where the legal team can review, edit and comment on the selected disclaimes. This was one of the most important steps for them.

Overview

Disclaimer full text

Package info tab helps them to have a complete overview of all the submitted packages and number of matches, copyrights and licenses found.

Vulnerability assessment report of the packages with the CVE scores are used by the Security Manager to standardize tracking, enable chain transparency and guide risk management.

Overall score

This project is subject to a Non-Disclosure Agreement (NDA), so I’m unable to share additional details at this time. If you’re interested in learning more, please feel free to reach out directly, and I’d be happy to discuss further

Behind the Scenes: Office Edition

Thank you for reading through.

Client: ESO

Industry: Developer Tools, Legal tech

Product Type: Web application

Team: 1 Product Manager, 6 Engineers, 1 UX Designer

My Role: UX Designer

AXURE RP 11
Design and Prototyping

Jira, Confluence, Monday.com, Miro
Collaboration and brainstorming

- Used clear visual hierarchies
- HIghlighted actionable issues.

Categorize alert by severity.
Provide clear remediation steps.

- Establishing efficient links between all user groups.
- Status tracking, task assigments

This project is subject to a Non-Disclosure Agreement (NDA), so I’m unable to share additional details at this time.
If you’re interested in learning more, please feel free to reach out directly, and I’d be happy to discuss further