4 Projects · Built & Deployed · 2026

Real systems.
Real metrics. Real deployments.

One deployed and running. Three in active development. Here's what we're building.

9,200+
Lines of code shipped
54
Files across projects
1
Deployed · 3 in progress
19–49×
ROI delivered

What We've Built

One deployed production system. Three in active development across document AI, managed security, and penetration testing.

AI Workflow Customer Intelligence

BOLDR Customer Intelligence Engine

Self-improving customer support and marketing intelligence system for a Singapore watch micro-brand

The Problem

BOLDR Supply Co. — a 3-person support team handling 70+ tickets/week across email, WhatsApp, Instagram DM, and web chat. Every enquiry manual. Same questions recurring. Customer signals disappearing into inboxes instead of feeding marketing strategy.

What We Built

A self-improving customer intelligence engine that closes the loop between support and marketing:

  • Classify and answer recurring questions automatically (71% auto-answer rate)
  • Detect knowledge gaps and auto-draft new KB entries for human approval
  • Cluster emerging customer themes and generate weekly marketing intelligence briefs
  • Human-in-the-loop approval on every AI-drafted reply and KB update
  • PII stripping (8 patterns, GDPR/PDPA-compliant), audit logging, confidence scoring
71%
Tickets auto-answered
88.6%
Intent classification accuracy
S$1,080
Monthly CS cost savings
19–49×
ROI
Ingest
Email · WA · IG · Web
Classify
Intent + Persona
Retrieve
Vector + KB
Draft Reply
Confidence-scored
Human Review
Send + Learn
Gap Detection
Auto-draft KB
Theme Cluster
Marketing Briefs

Deliverables

31
REST API endpoints
5
n8n workflows (active)
9
Dashboard tabs (Streamlit)
54
Files · ~9,200 LOC
7
Buyer personas
13/13
E2E tests
48h
Build time
1 cmd
docker compose up

Tech Stack

GLM-5.1 (Ollama) n8n ChromaDB FastAPI Streamlit Docker Compose WhatsApp Business API Instagram Graph API Gmail IMAP

Reusability

This is a reusable architecture pattern — the classify → retrieve → draft → approve → learn cycle applies to any product brand. We can re-skin for specialty food, cosmetics, outdoor gear, or any Shopify-based niche in days, not weeks. Operating cost: S$22–57/month. No per-seat SaaS fees.

In Progress Document AI RAG

LBaaS — Living Brain as a Service

Graph-augmented RAG platform for enterprise document intelligence

The Problem

Organisations have policy documents, SOPs, compliance standards, and incident response plans — but no way to semantically connect them. Traditional search returns chunks by keyword. Staff can't find "How does our incident response process relate to our compliance requirements?" because the answer spans multiple documents and requires understanding relationships.

What We Built

Phase 1 prototype of a graph-augmented RAG platform:

  • Structural chunking for policy documents (headers, sections, tables)
  • Hybrid retrieval: vector similarity (Qdrant) + BM25 keyword (OpenSearch)
  • Reciprocal Rank Fusion to merge and rank results from both retrievers
  • REST API: /v1/ingest, /v1/ingest/directory, /v1/search, /v1/health
  • Full Docker Compose stack — one command to deploy

Phase 2 (Planned)

  • Entity extraction (spaCy/GLiNER) for people, systems, controls, and processes
  • Knowledge graph (Neo4j) connecting entities across documents
  • Graph traversal for multi-hop reasoning ("How does X relate to Y?")
  • BGE-Reranker-v2 for precision retrieval improvement
6
Infrastructure services
4
API endpoints
3
Sample doc types
2
Retrieval methods fused

Tech Stack

FastAPI Qdrant (Vector DB) OpenSearch (BM25) PostgreSQL Redis TEI Embedding Server Docker Compose Neo4j (Phase 2) spaCy / GLiNER (Phase 2)

Vision

LBaaS makes organisational knowledge discoverable, connected, and actionable — not through search, but through understanding. A user asks a question; LBaaS traverses the knowledge graph connecting SOPs, compliance controls, past incidents, and team responsibilities — with full citation chains and zero hallucination.

In Progress Cybersecurity Managed Service

Agentic Managed Security Service AI Team

AI-augmented, human-in-the-loop managed security delivered

The Problem

SMEs can't afford enterprise SIEM. Consumer security products don't do monitoring. Parents want parental controls but also want enterprise-grade protection. No competitor combines both at a consumer price point.

What We Built

A managed security service platform with two product lines:

  • Wazuh 4.14 SIEM+XDR for endpoint detection, log analysis, and threat response
  • OpenClaw agent architecture: primary agent + 3 subagents (Wazuh Bridge, Parental Control, Billing & Subscriber)
  • Cron jobs for alert polling, parental monitoring, device health, weekly reports, subscription checks
  • AI-augmented analysis: automated threat triage with human escalation

Differentiator

Supplement Blue Team MSS with a 24x7 Agentic AI Team plus Human-in-the-Loop (HITL) for an enterprise-grade security monitoring.

10+
Start from 10 and scale up
3
OpenClaw subagents
5
Cron job monitors
Contact Us
Customisation to Fit your Business Needs

Tech Stack

Wazuh 4.14 (SIEM+XDR) OpenClaw Python Docker
In Progress VAPT Cybersecurity

Agentic Red Teaming for VAPT Services

CREST-quality vulnerability assessments, delivered faster through AI automation

The Problem

Singapore VAPT market is expensive (S$4,500+ for standard assessments) and slow (2–4 weeks). SMEs need CREST-quality assessments at a price point that makes security testing routine, not a luxury. The Cybersecurity Act 2024 requires CSRO licensure — raising the barrier but also creating a market for compliant providers.

What We're Building

Positions as "CREST-quality assessments, delivered faster, because AI handles the tedious parts while human experts focus on what matters."

  • AI-assisted reconnaissance, enumeration, and vulnerability scanning
  • Human experts (OSCP, CREST CRT certified) focus on exploitation and analysis
  • Standardised reports: executive summary, risk matrix, remediation priority, re-test with revision tracking
  • Productised remediation advice — consultant credits purchased separately
  • Cyber Trust Mark Promoter Level 3+ compliance target by Dec 2026

In-House Credentials

CISSP, CCSP, AWS Security Specialty, Azure Security Engineer, PDPA Practitioner, MITRE ATT&CK, Purple Teaming, AWS AI Practitioner — compliance and cloud advisory already covered.

Competitive
VAPT Pricing - Below SG market price
56%
Below SG market price
8
Certifications in-house
Contact Us
Customisation to Fit your Business Needs

Tech Stack & Approach

AI-assisted recon Automated scanning Manual exploitation Cloudflared tunnels OpenClaw MITRE ATT&CK Purple Teaming

Your project could be next.

Book a strategy call. Tell us what you're trying to solve. We'll show you how.

Back to Home