[Views are my own. Not legal or compliance advice.]

Match Discovery to Risk and Use AI to Do It Better

Most product teams over-rely on the same few discovery methods:

• User and customer interviews
• Usability tests
• Surveys
• A validation prototype or a mock-up
• Maybe a beta

It’s familiar. It’s safe. It’s fast. And under pressure, it becomes the default. But default ≠ deliberate. And in many cases, it’s unexamined shortcuts.

The Pattern

• Big bet? “Let’s talk to some customers.”
• New concept? “Let’s build a prototype.”
• 3 months later? “Why didn’t we catch this earlier?”

This isn’t incompetence. It’s structural: time pressure, ingrained habits, shallow method literacy, and little to no tooling. It’s like karaoke with your top 5 songs: it works until it doesn’t. Then it just feels off-key.

Discovery Is Not a Ritual

Discovery is a decision engine. Its job is to reduce uncertainty so we can move faster, with more confidence.

We often refer to the four classic product risks, popularized by Marty Cagan:

• Value/Desirability - Will the customer buy it, or will the user choose to use it?
• Feasibility - Can we build it?
• Viability - Can the stakeholders support the solution?
• Usability - Can the user use it?

A few years ago, Marty also proposed a fifth one (that was originally seen as part of business viability):

• Ethical Risk - Should we build it?

That framing still isn’t widely adopted, but it’s more relevant than ever.

With the pace of GenAI development, AI ethics is becoming a major risk area in its own right, touching everything from explainability and data transparency to unintended harm, manipulation, and regulatory exposure.

Moreover, in many industries, ethics is only half the story. Given today’s regulatory climate, compliance has become just as critical and as much of a blocker if ignored.

So in practice, we’re dealing with a broader, fifth risk: Compliance & Ethics: Are we putting the company or users at legal or ethical risk? Could this feature be misused or manipulated? Are we transparent and fair in how we use data? Are we even allowed to build it? And should we?

Think: GDPR, AI governance, EU AI Act, accessibility, algorithmic bias, platform restrictions. These are not theoretical. They kill deals, block launches, and damage trust after you’ve already invested. In regulated or enterprise contexts, this risk comes first.

Takeaway: Treat compliance and ethics as a first-class risk. Not a footnote.

Discovery Should Match the Moment

There are 40+ legitimate discovery techniques. Most teams use 3-5. That’s the real problem (and no, you do not have to use ALL of them).

You don’t need a PhD in research. But you do need to match method to:

• Type of risk
• Stage of the product
• Access to users
• Context: B2B vs B2C, regulated vs non-regulated

Start with a few questions:

• What risk are we trying to reduce?
• Are we in the problem space or solution space?
• Are we at explore, validate, or optimize stage?
• Do we have direct user access or not?

Examples:

• Don’t spend 5 days on a design sprint when a fake door test can validate the idea in 1.
• Don’t launch a 3-month beta if a 2-week concierge test gives stronger insight
• Don’t over-interview when analytics already tell the story

Familiar ≠ fit-for-purpose. Method mismatch leads to waste, delay, and blind spots.

Map It. Teach It. Scale It.

Build a simple method map like: [Risk] → [Stage] → [Recommended Methods]. Build this map based on team expertise, resources, product type, company type, and specific unknowns, ensuring it is kept lightweight, teachable, and visible.

Match discovery to risk, not habit. 

Use this as scaffolding not dogma. Train teams. Build shared language. Give them method literacy, not just freedom.

This is what separates “we talked to 10 users” from actual discovery maturity.

Where AI Actually Helps

AI won’t decide what to test. But it does accelerate how you do it.

Already, top teams use AI to:

• Cluster qualitative themes from interviews
• Summarize open-text survey feedback
• Draft usability tasks and test plans
• Extract objections from sales calls
• Flag early signs of regulatory risk
• Simulate user responses to copy or flows
• Generate prompts for assumption testing
• Detect behavioral patterns in product funnels

This is augmentation, not automation. AI doesn’t replace judgment, but it compresses time-to-signal. Used right, it frees up teams to focus on framing the right questions not just running tests.

Guardrails: “AI in discovery: allowed vs prohibited”

What’s Next

Expect discovery tools to evolve fast in the next 12-18 months:

• Tools that map your context + risk + timeline → and recommend matching discovery methods
• Dynamic systems that learn across projects → to improve recommendations
• From static playbooks to adaptive decision engines

This is where discovery is going. And it’s badly needed.

Stop Defaulting. Start Matching.

If your discovery feels slow, repetitive, or toothless, it’s probably not your team. It’s your method.

The best teams aren’t just fast. They’re deliberate. They don’t start with “what tool are we comfortable with?” They start with “what uncertainty are we killing?”

As leaders, it’s on us to:

• Build shared language around risks and discovery goals
• Map methods to use cases
• Fund experimentation
• Model better defaults

Your Turn

👉 What discovery methods do you actually use?

👉 How are you integrating AI into your process?

Let’s stop playing the same 5 songs. Let’s build a smarter, risk-matched, AI-accelerated discovery system.

Non-exhaustive list of techniques - for reference:

PAQ (Probably Asked Questions)