Information security and business continuity advisor, IT leader, programmer, and applied researcher focused on secure, resilient, and digitally governed institutions.

I work with organizations operating in regulated and complex environments where technology, risk, continuity, learning systems, and institutional growth need clear governance and practical execution.

• Information security governance, cyber risk, compliance, and assurance
• Business continuity management, crisis readiness, and operational resilience
• Digital transformation and learning technology strategy in education
• Applied AI and machine learning for security, learning, and operations
• IoT and smart systems security, including practical hardening and assessment
• Academic research, publication, review, and research translation

My GitHub presence is focused on practical resources that connect research, governance, and implementation:

• MCP Agent Security Kit Practical audit CLI, threat model, control matrix, and launch checklist for securing MCP servers and agentic AI tool access.

• Multilingual Certificate Issuer Secure PHP/MySQL platform scaffold for Arabic/English certificate design, PDF/A generation, encrypted SMTP delivery, and throttled distribution queues.

• AI Security Governance Toolkit
  Practical governance controls, templates, evidence registers, playbooks, and policy-as-code examples for AI, LLM, agentic, EdTech, and regulated environments.

• PiCar-X Security Baseline Toolkit
  Read-only security baseline checks and documentation for Raspberry Pi / PiCar-X style robotics labs.

• DOCX to Speech for Learning Content
  A Python workflow for converting Word documents into narrated audio for accessibility, revision, and learning-content use cases.

• Blackboard Quiz Generator
  A C# project for converting text-based questions into Blackboard LMS import formats.

Recent work is focused on security tooling, governance documentation, LMS developer workflows, and practical hardening:

• WPScan: hardened default runtime file paths to reduce shared temporary directory risk.
• Totara Docker Dev: added PHP container locales, Composer workflow support, and image smoke checks.
• Wazuh documentation: improved deployment and Windows log path documentation.
• OWASP projects: contributed AI security, SAMM, and cheat sheet improvements.
• NVIDIA garak: improved local Hugging Face model path handling.

My research and academic work spans cybersecurity, machine learning, IoT, communication systems, digital systems, and educational technology.

Selected topics include:

• SQL injection attack detection using machine learning
• Drive-by download attack detection using machine learning
• IoT development board assessment and hardening
• Smart metering system security
• Zigbee-based wireless smart home systems
• DVB-T receiver performance and signal-processing techniques

See my publications and Google Scholar profile for the full list.

I am interested in projects that improve real-world security and resilience, especially where open-source artifacts can help education, public sector, and regulated organizations adopt better practices.

Good collaboration areas:

• Security governance tools for small and mid-sized institutions
• Business continuity and incident-readiness documentation
• Education technology automation and accessibility
• IoT and robotics lab security baselines
• Applied AI workflows for security, learning, and operations
• Research companion repositories for cybersecurity and EdTech publications

• Website: musaab.info
• Professional profile: musaab.info/professional
• Insights: musaab.info/insights
• LinkedIn: engmusaabhasan