Security Rapids - Test Round Details - Bulk Resolution

Rapid Validation for Security - Test Round Details

This is to manage an individual test round for Rapid Validation Research for Security Concepts.

Team

• Title: Agentic Bulk Vulnerability Resolution
• Designer(s): @acummins9
• Additional stakeholder(s): @khornergit
• ReOps: @marianacardinali
• UXR: @nshechtmann

Session Timeline

• Session moderator & attendee: @nshechtmann @acummins9
• Session dates: 8 to 10th of October, 2025
• Number of sessions: 6 Sessions
  • Please keep in mind that we do not cancel sessions without a reasonable reason. Even if the numbers and feedback collected is achieved, to keep GitLab good image and great participants' experience, all the scheduled sessions needs to be completed.
• Main profile for this round: See below

Recruitment Criteria for this Test Round

• Screener: Rapid Validation for Security FY26 - Screener - Bulk Resolution
• We are aiming for a mix of 3 Developers + 3 App Sec Engineers
  • App Sec
    • Same criteria General Recruitment Criteria for Security Rapid Concept Validation
      • Role includes performance of application security tasks
      • Uses GitLab for application security
      • Can specify security JTBD performed in GitLab
      • Can specify GitLab security features used in everyday work
  • Developers
    • Developer familiar with security tools and working with AppSec personas
    • Criteria used in prior AI Rapid incorportated into screener

Key Documents

Templates	Documents for this Test Week
General screener for rapid validation Security Validations [link: Security Concept Validation - Screener] Research design [link: Security Concept Validations - Research Design] Test script template [link: Security Concept Validations - Test Script Template] Findings doc template [link: Security Concept Validations - Report Template]	Screener: Rapid Validation for Security FY26 - Screener - Bulk Resolution Research Design: Bulk Resolution - Research Design Test Script: Bulk Resolution - Test Script Findings: link coming soon

Task Tracker

Date	Tasks
Intake & Design (1-2 weeks before the test week)	PD: Create a research request comment [link to completed request: Original Context Comment] on the Security Rapids Main Issue that includes: description of the design/concept, the 1-3 specific aspects you're unsure about, context on timing/urgency, and target user segments PD + Research: Meet to walk through early prototype ideas and begin to align on testing goals, participant recruitment criteria, and timeline for sessions, script, and design materials. Set up meeting week before testing to review script and design materials. Research: Create this dedicated research issue linked to main issue to track operations for testing Research: Draft Test Round Research Design [link: Test Round Research Design], including refined Context Comment, research goals, research questions, recruitment criteria, and task specifications PD + other stakeholders: Review and confirm agreement with Test Round Research Design Research: Draft Test Session Script [link: Test Session Script] and share with PD and other stakeholders
ReOps Preparation (1-2 weeks before the test week)	PD + Research: confirm dates and availability for sessions with ReOps (recorded above). Select ~2-3 days, ensure at least 6 sessions x 60 min can be accommodated, ideally with some buffer time to offer flexible scheduling options for participants. Must specify timezone and ensure calendar is updated for those days. Research: Confirm recruitment criteria and screener with ReOps (recorded above). ReOps: Provide project Rally link to team Rally (Internal Panel): https://app.rallyuxr.com/gitlab/study/cmfz4z35d3ehmi9lj9x3i69qp/builder/plan Rally + Respondent: https://app.rallyuxr.com/gitlab/study/cmfmcz7k68a30i3ll4ymj6dzp/builder/plan
Prepare for Testing (week before testing)	PD: Prepare materials for testing (e.g. prototype, wireframes, sketches, concept description, etc.) - deadline: Thursday before testing [link(s): session materials] ReOps: Begin scheduling sessions Research + PD: Meet to review test materials and test script PD + other stakeholders: Review and confirm agreement with Test Session Script
Testing Week	Research: Finalize test script adjustments  PD: Finalize testing materials Research: Set up note taking template Research: Moderate user sessions, ensuring insights on key metrics are captured on notes (either live or from recordings) PD: Observe sessions and support note-taking
After Testing	ReOps: Process incentives Research: Analyze data and write report draft [link: Report Draft] PD + other stakeholders: Review and provide input on Report Draft PD: Define and commit to 1-3 specific actions based on research recommendations, adding them to the designated section of the report Research: Finalize report, based on feedback  Research: Add final report to the research issue Research: Share insights summary in Slack (#ai-rapid-research and ux_research_reports)