Smokescreen builds simple and intuitive solutions that enable companies to predict threats, detect attacks, and respond to breaches. The Smokescreen products have helped security teams around the world detect threats where others have failed.

Before Smokescreen, the founding team ran high-end red team and breach readiness assessments for some of the world’s largest companies, showing them how their security systems could be bypassed.

8 Months

UX, visual design


The Project

Smokescreen wanted a full scale, phased revamp of their flagship product IllusionBLACK. This means the entire design architecture would undergo a redesign, both in terms of experience and visuals.

The customers are financial institutions like banks, stock exchanges where data security is extremely important.


One of the strongest USP for Smokescreen was the fact that they run off a custom console, the box, instead of a remote server which is unlike any of the projects I had ever worked on. And this essentially became the biggest challenge to tackle. It meant we only had one shot to make everything right, before it is shipped to customers. Any failure would mean a very expensive callback, of actual devices, from customers’ premises.

This also brings another challenge, which is iterations. The tech products I had previously worked on were released in controlled phases, even the release demographics were controlled in some. This allowed us to keep a close watch on the usage, behaviours, detect small issues and deploy rapid iterations/fixes before any major problems occur. Even in case of a massive failure, this gives us the option to quickly rollback to a previous ‘version’ until we fix it.

With Smokescreen it was impossible. Not just because the software was shipped in a closed, self-contained device, but also the kind of customers they have. The primary customers were data-sensitive industries & the devices were installed at highly secure locations like banks and financial institutions. This is also the reason why we couldn’t afford to risk making mistakes.

Design process

The personas were already figured out and were pretty robust, that gave me a good headstart on designing wireframes. Because of the nature of the product, the design architecture was unique too. Unlike traditional apps, this product was more likely to be projected on large screens. It had one unified, complex yet extremely powerful dashboard screen which did all the heavylifting for the product.

IllusionBLACK uses machine learning and data-science to study a network and automatically create thousands of fake ‘pots of gold’ (traps) or mimics of an original system for a hacker to go after, keeping the assets of the main system untouched. It layers deception on endpoints, on servers, and practically anywhere the hackers might possibly attack. Sahir claims that these traps are so realistic that they can engage a hacker for days while the security team learns everything about the attack.

The product needed to be a one-stop solution for targeted threats, lateral movement detection, web application attacks, malware-less attacks, social engineering, threat intelligence, and ransomware. The decoys are created for Internet of Things (IoT) systems, supervisory control and data acquisition (SCADA), industrial control systems, as well as for specialised environments such as SWIFT servers in banking.

As you can see in the wireframes above, the user interface needed to let security teams visually reconstruct exactly what the attacker is doing in real-time.


Throughout the project we kept talking around a basic concept of the fight between truth and evil. The visual designs needed to be bold and impactful to represent the simplified concept.

The way the product works, in theory, is pretty simple. The client has their sensitive data (documents, devices, emails etc) in their premises connected to the internet. That’s the good part. The hackers know where to find them using their IP addresses and other means. Those are the bad guys (represented with bots).

What Smokescreen does is it creates bots which masquerade as those datapoints and stay online, mixed up with the real devices. When a hacker hits them thinking they’re hitting the devices, they raise flags and run commands which perform complex, customised operations to ward off the predators. The whole process is pretty much a victory of good over evil.

“While deception has been around for a while, it was still mostly academic and experimental due to the complexity of making it work at scale. But the idea stuck.
We began hand-crafting digital traps for highly targeted organisations that could not afford a breach; places where other defences had regularly been defeated. It worked — and how! They caught things that were invisible to ‘state-of-the-art’ products.”


IllusionBLACK now protects some of the most highly-targeted organisations globally, including leading financial institutions, critical infrastructure, and Fortune 500 companies. For its innovative offering, Smokescreen recently bagged the NASSCOM-DSCI Excellence Award for Security Product Company of the Year, won the CISO Platform Top Indian Startup of the year, and has also been recognised by Gartner as a Cool Vendor in Artificial Intelligence.

Want to know more about the Smokescreen project?