Microsoft: Who Hacked?

Project Overview

Background

Who Hacked? is a cybersecurity role-playing simulation created as part of Microsoft Learn’s Cloud Games initiative. The goal: give IT professionals a fun, risk-free environment to apply technical skills in a real-world scenario.
‍
In the game, participants form teams of three to solve a simulated ransomware breach at the fictional e-retailer Best for You Organics. Using real Microsoft tools like Azure, Sentinel, and Defender, players must detect the intrusion, remediate threats, and protect sensitive data—all while collaborating across roles like incident responder, security architect, and compliance officer.

This pilot was a way for Microsoft to test and see if gamified learning could help accelerate skill acquisition and retention through play.

Goals + Opportunties

Goal

1

Simulate Real-World Incidents

Craft a story-driven cyber-incident scenario that mirrors the types of threats IT professionals tackle daily.

Goal

2

Immersive Learning

Blend game mechanics with knowledge checks and role-based challenges.

Goal

3

Role-Based Collaboration

Let learners rotate through various roles to develop cross-functional understanding and teamwork.

Design Process

Discovery

We partnered with Microsoft stakeholders to define the foundation for the game. Because this was a pilot program, they gave us creative space early on.

We created moodboards exploring tone and style, then developed potential interactive screens to help Microsoft visualize how the experience might unfold. As a final step to help drive the experience, I created a demo prototype connecting over 60 screens together. The prototype featured both cinematic visuals as well as interactive click through options.

Define

Microsoft was really taken with our detective pitch. We ended up structuring the scenario as a “whodunit” mystery within a corporate breach.

We proceeded to map out the player journey. Learning objectives, such as log analysis or identity remediation, were weaved into learner’s checkpoints within the narrative. We created an experience flow that layered story, decision points, and technical challenges into one seamless arc.

In parallel, I was creating prototypes from the low-fi wireframes in order to internally test and validate the flow and user experience.

Develop

Collaboration across LX, product design, and development was intense. While LX scripted the scenario, I focused on:
• building the style guide,
• designing page patterns for common interactions (role assignment, evidence review, remediation choices), and
• prototyping flows in Figma to share with stakeholders and developers.

Outcome

Conclusion

Who Hacked? successfully transformed cybersecurity practices into a collaborative game-based experience that helps learners practice using real tools and strategies for threat mitigation.

Impact Highlights:
• The game was adopted across universities and professional development programs as part of Microsoft’s Cloud Games initiative.
• Participants gained hands-on proficiency with Microsoft Sentinel and Defender in a safe, simulated environment.
• Role rotation fostered stronger collaboration skills and empathy between security roles.

Designing Who Hacked? has taught me how effective narrative and interactivity can be in professional learning. We created an experience that shows how serious technical training can be both engaging and fun.

Get in Touch

Please reach out if you have any questions or comments you'd like to discuss.

I'm currently available for consultation, freelance, and full-time work.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Explore Other Works