Dec 2024 — Nov 2025 · Project Manager & Lead Product Designer
T-Mamori — AI Security Advisory Platform
Turning an enterprise-grade SIEM into an AI security advisory platform that non-specialists can use — converging complex monitoring features, integrating a conversational AI assistant with handoff to human support, and building a modular architecture configurable per client.
As project manager and lead product designer, I carried this 0-to-1 B2B SaaS project through 6 core version iterations. The client’s initial premise: traditional enterprise-grade SIEM (Security Information and Event Management) systems have complex interfaces and steep learning curves, so the IT teams at SMEs and in finance, healthcare, and the public sector struggle to bear the cost of adoption — which also generates a heavy support burden.
On design, my job was to turn a complex security system into an AI advisory platform that even non-security-specialists could pick up intuitively. Key decisions included:
- Converging the complex monitoring features into two core modules: “incident monitoring” and “AI assistant”
- Designing an AI assistant that can hand off seamlessly to human support as the product’s core differentiator
- Planning a modular architecture configurable per client account, establishing a scalable business model for the product.
As PM, I jointly decided the core problem each version should solve together with the CTO, and coordinated resources across design, development, and sales.
The final product was successfully listed on the government e-procurement site, selected for the SME and Startup Administration (MOEA) “Startup Select,” exhibited at the Meet Taipei startup expo, and attracted proactive interest from investors, with 3+ clients requesting expanded custom modules.
Read on for the project details ↓
Project Background
Traditional enterprise-grade SIEM (Security Information and Event Management) systems have complex interfaces and steep learning curves. The IT teams at SMEs and in finance, healthcare, and the public sector often can’t bear the cost of adoption, and without a professional security team to assist with the rollout, they frequently run into problems like alert fatigue and excessive support workload.
The client who came to us had a clear goal: design an AI security advisory platform that can be adopted quickly and that even non-security-specialist IT staff can pick up intuitively, while reducing the support burden. My task was to turn this requirement into a product that could land from 0 to 1 and keep expanding.

My Role Gave Me Two Perspectives
I served as both project manager and lead product designer. What best represents my value on this project: I used a product designer’s angle to analyze and simplify the complex interface, and a PM’s angle to converge the project scope and help shape the product direction and business model.
As PM, I jointly decided the core problem each version should solve together with the CTO, coordinated resources across design, development, and sales, and led several iterations of the core versions.
As a designer, I was responsible for translating the complex SIEM features into an interface non-specialists could use. Below I explain across two dimensions — “design decisions” and “project management.”
Design Decisions: Converging Enterprise-Grade Complexity into an Interface Non-Specialists Can Use
1. From dozens of monitoring features to two core modules
Traditional SIEMs offer dozens of monitoring features and interfaces — and that’s exactly the source of their steep learning curve and tendency to cause alert fatigue. My core judgment was: for non-security-specialist IT staff, “feature completeness” is actually a burden; “knowing where to look first” is the value.
I converged the complex monitoring features into two core modules — “incident monitoring” and “AI assistant” — and introduced three designs to lower cognitive load: team-curated charts, a system security risk index, and a customizable important-incidents interface. These let non-specialist users focus on key threats first instead of being drowned in a flood of alerts.

2. Designing a flexible AI assistant: three input modes covering different contexts
The AI assistant is the core of this product. My key consideration when designing it was: the amount of information a security worker has on hand differs by context — sometimes there’s only a vague question, sometimes they already have a precise event ID.
So I designed three input modes: natural-language questions, directly bringing in an event ID, and selecting an incident from a table. From “something feels off but I can’t quite describe it” to “I want to look up this specific event,” all can be covered by the same assistant. This makes the AI assistant not a tool that can only answer a specific format, but an advisor that adapts to the user’s current state.

3. Designing a seamless AI → human-support handoff mechanism
AI can’t cover every situation. When the AI judges that it’s hit a complex case, or when a client raises a personalized request, I planned a mechanism that can hand off to human support while carrying the full conversation context — the user doesn’t have to re-describe the problem, support doesn’t have to start from scratch, and at the same time it eases the support team’s burden of repeatedly answering simple questions.
This mechanism later became the product’s core differentiator: it makes T-Mamori not just an AI tool, but a complete service experience of “AI blocks the repetitive questions, humans handle the complex judgments” — which directly drove clients to keep discussing custom modules.
Project Management: From Requirement Clarification to Validated Delivery
Facilitating requirement interviews, breaking abstract premises into executable scope
Project requirements often come with a concrete big direction and abstract small details. Newly moved into the PM role, my first job was to facilitate the requirement-interview meetings, guiding the client to gradually clarify vague expectations into concrete feature scope.
I didn’t take a “build whatever the client says” approach. Instead, I broke down requirements from a modular angle and defined short-, mid-, and long-term goals — this both made the client feel their needs were fully considered and gave the development team a reasonable timeline.
Facing security, a professional domain I wasn’t originally familiar with, I’d use an AI tool (NotebookLM) before interviews to synthesize multiple security documents and quickly build basic knowledge, so I could have effective conversations with clients and the engineering team in meetings — rather than having design skills but being unable to understand the requirements.
Analyzing requirement priorities, converging the goal of each iteration
The requirements gathered after interviews were usually quite divergent. My approach was to assess each requirement along three dimensions — feasibility, importance, and development difficulty — and then triage accordingly: core, necessary features went into the current iteration; large-scope or brand-new requirements were re-evaluated and scheduled for later phases. This requirement analysis and prioritization was the key to steadily advancing a 0-to-1 product without being dragged down by endless requirements, and it laid the foundation for me to later take on and run client work independently.
Planning a modular architecture configurable per client account
This is the integration point of design and business thinking. I designed the system as an architecture where modules can be individually enabled and configured per client account, so clients in different industries (SMEs, finance, healthcare, public sector) could combine the features they needed.
This decision served two purposes at once:
- For users, it avoided stuffing every client with a pile of features they don’t use
- For business considerations, it let clients keep purchasing additional custom modules after validating the system’s value, building a scalable, growable business model for the product.
The actual results bore out this direction: after launch, the product attracted multiple clients who proactively requested expanded custom modules.
Cross-functional coordination and product presentations to investors and clients
I coordinated resources across design, development, and sales, and led the product introduction presentations and demos for investors and prospective clients, explaining the product’s value in language each audience could understand.
- For investors, I emphasized market positioning and a scalable business model
- For prospective clients, I focused on “which pain point of yours it solves after adoption.” The on-site demo at the Meet Taipei startup expo was also my responsibility — presenting the product directly to an audience from different industries.
- For the development team, I have basic development knowledge, which let me assess technical feasibility at the planning stage and turn the design into a reasonable scope the development team could actually handle.
Turning client feedback into the input for the next iteration
Launching the product isn’t the finish line. I treated the client feedback collected from demos and actual use as the core input for the next round of iteration — this is exactly the precondition that makes “build the minimum viable version first, then expand based on feedback” work. Each time feedback came in, I’d assess it with the same standard as before (feasibility, importance, development difficulty) to decide whether it belonged in the current period or a later one, then return to jointly deciding with the CTO “the core problem the next version should solve.” This loop of “present → collect feedback → assess priority → converge the iteration goal” let the product keep growing tightly against real needs, and it became the basis for multiple clients later being willing to keep discussing expanded custom modules.
Outcomes
- The product launched from 0 to 1, successfully turning an enterprise-grade SIEM into a streamlined, easy-to-use AI security advisory platform, listed on the government e-procurement site, serving the IT teams of SMEs and finance, healthcare, and public-sector organizations
- Selected for the SME and Startup Administration (MOEA) “Startup Select” and exhibited at the Meet Taipei startup expo
- Attracted proactive interest from investors, with 3+ clients requesting expanded custom modules
- The “AI assistant” module became the product’s core differentiator, driving clients to keep discussing custom modules
Reflection
This project made me realize that making a complex system “simple” is far harder than making it “complete” — the real design work isn’t adding features, but judging which features should be converged, which should be hidden, and which should be pushed in front of the user.
And the decision around modular architecture also showed me how design and business model can meet on the same structure: a good architectural decision can simultaneously solve the user’s cognitive load and the product’s growth path.