EN / ES Write us
SOVEREIGN STACK // OPEN SOURCE // SENSITIVE ENVIRONMENTS

Technologies we operate.

This is not a decorative catalog. These are technologies we use in architecture, deployment, hardening or operation of sensitive environments. The stack is entirely open source with a single formal partnership — Filigran, around OpenCTI — and runs on-premise, with no hyperscaler dependency.

STACK

Stack we design, deploy and operate.

Intelligence and case management

Identity, credentials and access

Secure collaboration

Infrastructure and delivery

Detection and response

Automation, backup and observability

USES

What we use each block for.

  1. 01

    Intelligence and cases

    OpenCTI as the CTI core with MISP for open-source enrichment, and TheHive for incident response when a full case lifecycle is needed.

  2. 02

    Identity and credentials

    Authentik as a sovereign SSO/IdP with Active Directory federation; Vaultwarden for team secrets and credentials, without going through third-party SaaS.

  3. 03

    Encrypted collaboration

    Matrix with Element for E2E-encrypted internal channels; coturn for NAT-traversal connectivity; Mattermost when the client prefers a more classical model.

  4. 04

    Infrastructure and delivery

    Proxmox for on-premise virtualization, Pangolin as secure edge/access, Komodo for container orchestration, self-hosted GitLab for CI/CD and repositories.

  5. 05

    Detection and response

    Wazuh as the baseline SIEM/HIDS, integrated with OpenCTI for contextual enrichment; CrowdSec at the edge for collaborative defense.

  6. 06

    Day-2 operations

    n8n for runbook automation, Backrest for verified backup policy, Gatus for black-box observability of internal SLAs.

ARCHITECTURE AND PARTNERSHIP

A formal partnership. Sovereignty across the rest.

Filigran (OpenCTI) is our formal platform partnership — with deal registration and direct technical coordination with their Customer Success team. Around it, the stack is open source: deployed and operated by our team, with no proprietary dependencies in the sovereignty layer. We do not act as generic installers: we engage when the platform is already critical, sensitive or hard to operate.

Is your platform in this stack?

Tell us what you have and where it's stuck. If it fits, we open a conversation.

Write us