Cyber-aware automation studio

Cyber-awareautomationanddatatoolingforsmallbusinesses

Practical Python tools, ecommerce data extraction workflows, and security-aware automation for businesses that need cleaner data, fewer manual tasks, and better operational visibility.

Start an EnquiryView ServicesView Proof
View GitHubView LinkedInDownload Resume
automation proof
CLI
data workflows
CSV
risk-aware
Cyber
Python AutomationEcommerce DataCyber-aware WorkflowsCSV / JSON CleanupProduct Image ExtractionSmall Business Ops

Early-stage and founder-builder oriented. No fake dashboards, no fake client claims, just practical static proof and small fixed-scope workflows.

Services

Cyber-aware automation and data workflows for small business operations.

Practical automation, data extraction, and cyber hygiene support for small businesses, ecommerce operators, and technical teams.

Ecommerce Data & Image Extraction

Extract product data and image assets from sitemap-listed ecommerce pages for migration, SEO audit, product catalogue review, and asset inventory workflows.

Useful for

ecommerce migrationsSEO auditsproduct catalogue reviewsasset inventoryShopify/WooCommerce preparation

Automation & Data Workflow Builds

Build lightweight scripts and workflows that reduce repetitive data collection, cleanup, reporting, and operational admin.

Useful for

CSV cleanupreporting workflowsinternal data toolsbusiness process automationAI-ready knowledge base preparation

Cyber Hygiene & Risk Review

Review basic security practices across accounts, access, MFA, backups, password handling, and operational risk exposure.

Useful for

small business cyber hygienerisk registersaccess reviewcontrol gap summariessecurity documentation

Operational Problems

Problems I can help with

Focused workflow support for ecommerce data, product assets, CSV/JSON cleanup, automation, and basic security review.

Migrating ecommerce product data

Organising product images and assets

Cleaning CSV/JSON data

Reviewing basic cyber hygiene

Building lightweight automation scripts

Preparing business data for AI workflows

Featured Project Evidence

Evidence-backed project work across automation, security monitoring, and cyber risk.

Repositories and case studies demonstrating practical automation, security monitoring, structured exports, detection logic, and risk documentation.

2026

Sitemap Product Image Scraper

Python CLI for ecommerce product data extraction and image inventory workflows

Practical Python CLI / portfolio engineering project

Case study available

Repository available

Python CLI for extracting ecommerce product data and image assets from sitemap-listed pages, with Playwright rendering, JSON-LD preference, fallback extraction, SHA-256 deduplication, and CSV/JSON export.

Problem: Ecommerce migration, SEO audit, product-data review, and asset inventory workflows often require product information and image assets to be collected from many product pages. Manual review is slow, inconsistent, and difficult to organise.

Approach: Reads sitemap.xml URLs, filters likely product pages, renders pages with Playwright, extracts product data through structured and fallback sources, downloads images, deduplicates files with SHA-256 hashes, and exports CSV/JSON files.

Outcome: Demonstrates Python scripting, browser automation, data extraction, fallback logic, file organisation, documentation, and ethical-use awareness.

Tools / frameworks

Python 3.11+PlaywrightBeautifulSoupCSV exportJSON exportSHA-256 hashing

Proof points

Python CLIPlaywright renderingJSON-LD Product schema extractionHTML/Open Graph/Twitter fallback extractionimage downloadingSHA-256 deduplicationCSV/JSON exportethical-use documentation
PythonPlaywrightData ExtractionCSV/JSONAutomationEthical Scraping
View Case StudyView GitHub

2026

Enterprise Cybersecurity Risk Assessment

ISO/IEC 27001:2022-aligned risk assessment based on a public company scenario

Structured portfolio / academic-style assessment project

Case study available

Artefacts coming soon

Structured ISO 27001-aligned risk assessment demonstrating risk identification, likelihood-impact scoring, control treatment planning, and governance-ready reporting.

Problem: Broad cyber threats needed to be translated into clear risk statements, prioritised exposure, and governance-ready treatment options.

Approach: Identified eight material risks, assessed likelihood and impact, then linked treatments to ISO/IEC 27001:2022-aligned control areas including MFA, EDR, PAM, vendor risk governance, cloud security posture management, awareness training, incident response readiness, and access review.

Outcome: Produced a governance-ready risk register and treatment summary showing how eight cyber risks could be prioritised and reduced through ISO 27001-aligned controls.

Tools / frameworks

ISO/IEC 27001:2022Risk matrixControl treatmentAssurance writing

Proof points

risk identificationrisk prioritisationcontrol treatment planninggovernance-ready written analysis
GRCISO 27001Risk AssessmentCloud SecurityIAMVendor Risk
View Case Study

2026

Log Analysis & Threat Detection Tool

Practical security monitoring and SIEM-style detection concepts

Portfolio lab / academic-style project

Case study available

Repository available

Python CLI for parsing Linux SSH authentication logs, detecting brute-force and suspicious login patterns, exporting structured alerts, generating SVG reports, and supporting local dashboard review.

Problem: Junior SOC work depends on recognising suspicious activity, triaging alerts, and explaining why a log pattern matters.

Approach: Worked with log sources and detection concepts commonly used in SIEM environments. Practised alert review, triage, escalation, suspicious activity identification, and connecting technical observations to broader security risk themes.

Outcome: Demonstrates the ability to interpret logs, identify suspicious patterns, and communicate findings in a security operations context.

Tools / frameworks

Log analysisDetection logicAlert triageSecurity monitoring

Proof points

SSH auth log parsingbrute-force detectionJSON/CSV alert exportsSVG reportinglocal dashboard review
Threat DetectionLog AnalysisSIEM ConceptsAlert TriageSecurity Monitoring
View Case StudyView GitHub

Additional Lab

SOC Copilot Detection Lab

A concept lab for summarising alerts, documenting analyst decisions, and improving detection review workflows.

SOCDetectionAI Support

Additional Lab

Zero Trust Cloud Access Lab

A cloud access lab exploring IAM weakness, least privilege, MFA, privileged access, and policy review patterns.

CloudIAMZero Trust

Additional Lab

LLM Red Team Lab

A concept lab for AI-specific risk mapping, prompt injection awareness, guardrail testing, and secure AI workflow notes.

ConceptAI Security

How This Works

Small fixed-scope workflows with clear files, notes, and next steps.

A practical enquiry path for reviewing the problem, defining a useful pilot, and delivering documented outputs.

  1. 1

    You send a project enquiry

    Share the workflow, website, dataset, or operational task that is slowing things down.

  2. 2

    I review the workflow, website, or data problem

    I identify a practical scope, useful outputs, constraints, and any permission or data-quality limits.

  3. 3

    I suggest a small fixed-scope pilot

    The pilot defines inputs, outputs, limitations, and what a useful first version should produce.

  4. 4

    I build or document the workflow

    The output may be a Python script, extraction workflow, CSV/JSON export, risk summary, or documentation pack.

  5. 5

    You receive files, documentation, and next-step recommendations

    The final handoff focuses on usable files, repeatable steps, and clear recommendations.

Role Alignment

Roles This Portfolio Supports

Project evidence aligned to entry-level and cyber-adjacent roles across security operations, GRC, automation, and technical support.

SOC Analyst

Supported by SSH log analysis, detection rules, alert exports, reporting, and SOC-style investigation workflow.

SSH log analysisAlert exportsDetection workflow

GRC Analyst

Supported by ISO 27001-aligned risk assessment, risk register structure, likelihood-impact scoring, and control treatment planning.

Risk registerISO 27001Control treatment

Automation / Python Scripting

Supported by CLI tooling, sitemap parsing, browser automation, CSV/JSON export, image organisation, and documented ethical-use boundaries.

Python CLIPlaywrightCSV/JSON export

Junior Cybersecurity Analyst

Supported by practical security monitoring, cyber risk documentation, automation tooling, and clear project artefacts.

Log analysisRisk documentationAutomation tooling

Technical Support / Cyber-adjacent Roles

Supported by troubleshooting-oriented tooling, structured documentation, customer-aware communication, and operational workflow thinking.

Workflow documentationData cleanupSupport context

Technical Capability Matrix

Security capabilities mapped to practical project evidence.

A focused view of risk analysis, security operations, automation, cloud identity, and technical foundations.

Technical fluency

hands-on
Python CLI designPlaywright automationBeautifulSoupCSV exportJSON exportSHA-256 deduplicationDocumentationSitemap parsingProduct URL filteringImage extractionAsset inventoryShopify preparationWooCommerce preparationISO/IEC 27001:2022Risk assessmentRisk matrixControl treatmentPolicy analysis

Automation & Data

Python scripting and data extraction workflows for operational, ecommerce, audit, and technical support contexts.

Python CLI designPlaywright automationBeautifulSoupCSV exportJSON exportSHA-256 deduplicationDocumentation

Ecommerce Workflows

Product data extraction, product image inventory, asset review, and migration-oriented data preparation.

Sitemap parsingProduct URL filteringImage extractionAsset inventoryShopify preparationWooCommerce preparation

Risk & Governance

Structured analysis and clear security writing for assurance, compliance, and risk discussion.

ISO/IEC 27001:2022Risk assessmentRisk matrixControl treatmentPolicy analysisVendor riskAssurance writing

Security Operations

Log analysis, suspicious activity review, alert export, reporting, and escalation context.

SSH authentication logsAlert triageSIEM conceptsThreat detectionSuspicious activity reviewIncident escalationDetection logic

Technical Foundations

Practical fundamentals that support troubleshooting, investigation, documentation, and collaboration.

Networking fundamentalsWindows troubleshootingActive Directory conceptsLogs and permissionsGitHubDocumentation

About / Studio Direction

A cybersecurity graduate building practical automation tools for small business workflows.

I’m a cybersecurity graduate and automation builder focused on practical software tools for ecommerce, data extraction, cyber hygiene, and AI-ready workflows. My background combines cybersecurity study, customer operations, team leadership, and hands-on Python project work.

I’m building towards a cyber-aware automation studio that helps small businesses reduce manual work and improve operational visibility without pretending this is a finished SaaS company.

Cybersecurity study

Customer operations

Team leadership

Python project work

Written documentation

Contact

Start a small automation, data, or cyber hygiene enquiry.

This site is static and backend-free. Email is the main contact path; GitHub shows the public project proof. No fake form submission, no payment flow, and no self-serve dashboard.

Email: ming.tan898@gmail.comStart an enquiryView GitHubgithub.com/catahaiConnect on LinkedInLinkedIn profileDownload ResumeDOCX file