Why inaccessible cybersecurity is a security risk: our path to accessibility

In cybersecurity, an inaccessible tool isn’t just a nuisance: it’s a vulnerability. With the European Accessibility Act tightening regulations across Sweden and the EU, “good enough” design is now a legal and security risk. At Detectify, we’re rebuilding our front-end from the ground up to eliminate any “usability tax” that could lead to missed alerts. From WCAG-compliant contrast to neuro-inclusive UX, we’re ensuring that the world’s most critical security tools are built for everyone. Because when a dashboard is a barrier, the tool itself becomes part of the attack surface.

This is the first blog in a series deep-diving into how we’re tackling accessibility. Stay tuned for upcoming write-ups and examples from our design system overhaul.

Beyond the “checklist”

We’ve all heard the line: “The internet is broken.” At Detectify, when we say “broken,” we’re usually talking about vulnerabilities and exploits. But there’s another way the internet is broken: it wasn’t built for everyone. Accessibility (a11y) is often treated like a compliance checklist, something you “fix” at the end of a project with a few ARIA tags and a prayer. 

But with 16% of the world’s population living with a disability [1], accessibility isn’t a niche edge case. It’s the baseline.

The world is finally catching up. In Sweden, public sector websites have been under the microscope since 2019 [2], and with the European Accessibility Act kicking in this past summer, the legal “screws” are tightening for even more organisations [3]. But as a designer, I don’t want us to do this because a regulator told us to. I want us to do it because it makes our product better.

Accessibility affects everyone 

Accessibility is just inclusivity in practice. And inclusivity is just high-level usability.

When we say a product is “accessible,” we mean that it works not only for individuals who use screen readers but also enhances usability for everyone. Consider the example of a “curb cut” on a sidewalk: although it was designed for wheelchair users, it is also beneficial for people with strollers, heavy suitcases, and bicycles.

In cybersecurity, where we manage vast amounts of critical data, design should not merely be “on brand.” It must function as a tool that facilitates navigation through complexity without causing confusion.

Ethics over compliance

Detectify was built by hackers who wanted to fix broken things. We believe a UI that excludes people is a “broken” UI. But let’s be even more blunt: An inaccessible security tool can be a threat. When a dashboard is cluttered, low-contrast, or non-intuitive, it creates a “usability tax” that leads to fatigue. In cybersecurity, fatigue leads to missed alerts. Missed alerts lead to breaches. If your team can’t see the signal through the noise because of poor design, the tool you bought to protect you has officially become a part of your attack surface.

While many companies are scrambling to comply with new regulations out of fear, our approach is different. We aren’t waiting for a mandate. We are prioritizing accessibility because our users are exhausted. They are overworked, staring at screens for many hours a day, and under constant pressure. The last thing they need is a tool that fights them.

Why accessibility is a cybersecurity problem

The security industry has some unique demographics that make accessibility especially critical:

• The color blindness reality: Most people in cyber identify as men. Statistically, 1 in 8 men has some form of color vision deficiency. If our platform relies solely on “Red vs. Green” to show what’s burning, we are failing 12% of our user base. High contrast signals aren’t design decorations, they’re essential for threat detection.
• The neurodiversity superpower: The tech and security world is full of neurodivergent, brilliant minds. Estimates show that while 15-20% of the general population is neurodivergent [4], that number spikes in technical roles up to 50% [5].

For an autistic user or someone with ADHD, accessibility means lowering the cognitive noise. It means predictable navigation and a “one-task-at-a-time” flow. By stripping away the UI clutter, we aren’t just making it prettier; we’re reducing the risk of human error. We want to make sure that a critical vulnerability isn’t missed because of a loud or misleading dashboard.

Keep an eye out for our next update, where we’ll get under the hood of the specific design choices and shifts shaping the new Detectify experience.

Ready to see a more accessible, actionable view of every asset across your attack surface and test your web apps and APIs? Try Detectify for free or reach out to our team to discuss how we’re building a more inclusive future for security.