The age of the design hacker

Venita Subramanian is a Design lead within Microsoft Security UX where she spearheads Secure by Design, a company-wide initiative focused on blending creativity, craft, and frameworks to make security a natural part of every experience from the start.

The idea of an “ethical design hacker” may sound outlandish, like some kind of digital-era Robin Hood that exploits a system to protect the people. But to thrive in today’s UX landscape, where product makers aren’t just crafting interfaces but shaping entire systems in real time, ethical hacking is a mindset shift that can empower us to flip the role of design from reactive to anticipatory. By applying the same creativity, curiosity, and persistence attackers use, we can spot vulnerabilities before they do, strengthening and protecting the products we create. 

This is critical as UX enters an era of unprecedented speed and scale. The way we design, build, and deliver products is accelerating, collapsing timelines that once defined our craft. Following a recent talk I did at Design Week, Microsoft’s largest design conference, the theme was unmistakable: AI isn’t just another tool. It is reshaping how we work, what customers expect, and how quickly we are expected to deliver. 

Meanwhile, the same technology fueling innovation is creating new vulnerabilities at an equally unprecedented pace. Microsoft now tracks over 1,500 unique threat groups, from nation-state actors to cybercrime syndicates—many already using the very tools we rely on to create. The ground beneath us is shifting fast, and UX design’s role isn’t shrinking in response. It’s expanding, and we are actively shaping the systems, behaviors, and safeguards that determine whether products are trusted or exploited. 

Secure by Design: a cultural shift

When we launched Secure by Design: UX last November, we grounded it in guidelines, frameworks, and tools that helped teams anticipate vulnerabilities before code was written. From the start, the ambition was cultural transformation: making security a shared part of design practice. That goal remains unchanged. What has and keeps shifting is both the UX and threat landscape; the tension we face today looks different from even just twelve months ago. 

Craft and human-centered design remain our foundation, but speed now dominates. Those shaping experiences have always been taught to slow down, to test, to refine with intention. Today’s timelines often see those practices as obstacles—even though security, another cornerstone, cannot be overlooked. UX design is no longer separate from making. We are writing code, building flows, and shaping systems that go straight into production. That means our influence on security outcomes is immediate and undeniable. The way forward is not more gates or process. It is a mindset shift: we are no longer only UX designers, researchers, and content specialists responding to risks after they appear. We are ethical design hackers, anticipating risks before they surface. 

What does it mean to think like an ethical design hacker?

To think like an ethical design hacker is to look at a product the way an adversary might, but through the lens of UX design. It means scanning flows and interactions for places where small gaps could cascade into bigger risks and experimenting with safeguards that make resilience part of the experience. Where ethical hackers stress-test code, teams shaping experiences can stress-test the user journey, anticipating how vulnerabilities emerge not only from technical flaws but from the ways people interact with systems. In this mindset, we are not only creating products; we are protecting the people who use them. And because technology, threats, and user expectations move too quickly for static rules alone to keep pace, what endures are the mindsets we bring to our craft. They help us approach problems from new angles, anticipate risks earlier, and design with both innovation and responsibility in mind. 

A great example of this is EchoLeaks, the name of a flaw in Microsoft 365 Copilot that security researchers uncovered earlier this year. On the surface, it looked like an ordinary email, but hidden instructions in the background formatting silently turned Copilot into an attack tool. With no clicks and no warnings, sensitive data was quietly sent out, invisible to the user. The Copilot team moved quickly to address the issue, and no customers were impacted. Still, EchoLeaks highlights a broader challenge we see across many AI systems: hidden inputs driving visible actions without cues or controls for the user. 

Attacks like prompt injection, data leakage, and feature abuse are emerging in many forms across AI-powered products. In each instance, the weak point is the same: invisible automations, ambiguous interactions, and users left without visibility or control. These are not engineering problems alone—they are UX problems. And they show why adopting the mindset of an ethical design hacker is no longer optional. That shift comes to life through six design mindsets: practical ways to reframe our craft so we design not only for usability, but for resilience. 

6 mindsets that shape ethical design hacking 

Mindset 1: Always anticipate misuse

UX practitioners are trained to think about the ideal path, how something should work. Attackers think the opposite. They look for the cracks: vague prompts, gray areas, edge cases where the system behaves in ways no one expected. In AI systems, that ambiguity is everywhere. A single open-ended question can pull in more information than a user intended or expose data that was never meant to be surfaced. 

Anticipating misuse flips the script. It asks us to pause and ask: How could this feature be twisted, stretched, or chained with something else? By designing for the worst-case alongside the best-case, we build systems that hold up under pressure. When users can trust that our products will not fail them in messy, unpredictable moments, teams earn the freedom to innovate and move faster. 

Mindset 2: Don’t let the details tell the story

Attackers rarely need full access to break a system. They often stitch together fragments—one confirmation here, a count of results there, a subtle change in how content loads—and use them to infer something bigger. What feels like harmless detail to us can become a breadcrumb trail that gives away the whole picture. 

Think about what happens when a system refuses a request. If the response explains why, hinting that the information exists but is restricted, it has already revealed something sensitive. Even a small confirmation can help attackers map what is behind the wall. Multiply those hints across multiple interactions, and suddenly the system is telling a story it was never meant to. 

For UX, this means asking not just what we are showing, but what story could someone tell if they put these pieces together. Designing securely is not about hiding everything; it is about being intentional with the signals we expose. When details are managed with care, we preserve utility for users while denying attackers the narrative they are trying to construct. 

Mindset 3: Guard against feature abuse

Features designed to help can just as easily be turned against us. Autocomplete, previews, or sharing options seem harmless, but in the wrong hands they can be manipulated to extract sensitive data, mislead users, or bypass intended safeguards. What delights in one context can become an attack vector in another. 

Guarding against this does not mean shutting down functionality. It means stress-testing features with the mindset of an adversary: asking how they might string together outputs, manipulate defaults, or exploit convenience. Sometimes the fix is as simple as limiting exposure, adding a confirmation step, or tightening defaults so that power is not handed over too easily. 

When we design with feature abuse in mind, we are not only protecting systems; we are protecting trust. 

Mindset 4: Know the why behind the AI

Designing experiences without understanding how AI makes decisions is like working in the dark. If product makers do not know what data the system is drawing from, what logic shapes its answers, or what conditions trigger a response, they cannot anticipate how users will experience it. That gap leaves teams unprepared when the system behaves in ways that feel random, inconsistent, or even unsafe. 

The fix is not for UX teams to master every technical detail. It is to ask the right questions. What data is the model using? What hidden rules shape its behavior? Are we surfacing outputs we cannot fully explain? Working side by side with engineering, security, and data science partners turns the system from a black box into something we can design for with intention. Transparency makes our decisions sharper, and it makes users’ experiences more trustworthy. 

Mindset 5: Anonymize by default

Names, IDs, and personal markers sneak into more designs than we realize. A status dashboard might show who triggered an alert. A collaborative tool might reveal which teammate last opened a file. A system log might record far more than is necessary to troubleshoot an issue. Each of these details can seem harmless, but together they create risk by exposing personal or sensitive data that attackers can use to target individuals or map relationships. 

Anonymizing by default flips the starting point. Instead of asking “what information should we hide?” the question becomes “what information do we truly need to show?” Sometimes the answer is none. Other times, anonymized or aggregated data serves the same purpose for the user without exposing individuals. 

This mindset does not mean stripping away context or accountability. It means designing with care so that people remain protected while systems remain usable. By minimizing exposure up front, we reduce the chance that our designs leak more than they should. 

Mindset 6: Build security together

Security is a team sport, built through shared responsibility across disciplines. Designers, researchers, content writers, engineers, product managers and security experts all have a part to play in spotting risks and shaping safeguards. The strongest defenses emerge when these perspectives come together, not when they operate in silos. 

The most effective way to do this is through reuse. Instead of every team inventing its own fixes, we can rely on established security patterns, frameworks, and guidance. Reusing and evolving these shared solutions makes products more consistent, reduces duplication, and helps secure practices scale across an organization. 

For UX, this collaboration is especially powerful. When patterns are reused, they do not just make systems safer; they make them easier to use. Consistent safeguards become invisible helpers instead of frustrating obstacles. By building security together, we create cohesive, resilient experiences that protect users without slowing them down. 

Great UX has always meant usable and delightful. Now it must also mean trustworthy products people can rely on even when adversaries are testing their limits. The true mark of ethical design hacking is not in avoiding failure, but in ensuring users never encounter it. The Secure Future Initiative is advancing this mindset across Microsoft, bringing together product makers to build experiences that earn and sustain trust. To learn more about this approach, explore the Secure Future Initiative.  

Grateful to Sabine Roehl (CVP, Microsoft Security UX) for her pioneering leadership in Secure UX, to Charlie Bell (EVP, Security) and the Secure Future Initiative leadership for driving this vision across Microsoft, and to Joel Williams (Design Director, Identity Design) for his partnership and commitment to this mission. Deep appreciation to the extended teams across Microsoft for bringing Secure by Design UX to life through their dedication and collaboration.