Berlin · Worldwide

Infrastructure underyour control.

Production-ready, auditable, built to last.

For Cloud Architects, Platform Leads, and CTOs in regulated enterprises. Kubernetes platforms, migrations, and sovereign infrastructure. Target architecture, implementation, handover.

Infrastructure

Platform

Intelligence

InfrastructurePlatformIntelligence

10+ Years · 1,200 Teams · BSI IT-Grundschutz

Enterprise Scale · AI-Native · Defense-Tested

Book a 30-minute sparring call

Response within 24 hours.

Capabilities

From bare metal to production AI.

infrastructure

The layer everything else depends on.

Compute, GPU clusters, and sovereign cloud engineered for long-term operational autonomy. Your AI runs where your data lives, on infrastructure you control.

Bare metal & GPU provisioning in weeks, not quarters
Sovereign cloud with EU data residency, no hyperscaler lock-in
Multi-cloud architecture built for cost optimization
BSI-compliant infrastructure for regulated industries

See infrastructure capabilities

Track Record

Enterprise infrastructure, cloud migration, and security architecture. The systems behind the numbers.

Enterprise CI/CD & Cloud Migration

1,200teams migrated

1.5 PBdata transferred

<2hdowntime

Three on-prem to cloud migrations for one of the world's largest software companies. Every team moved. Every byte transferred. No surprises.

On-prem to cloud migration for 1,200 development teams
Binary artifact management at petabyte scale
PR-based staging, release cycles from days to hours
Zero unplanned downtime across all migrations

Sovereign Hybrid Cloud

0drift

100%EU hosted

~70%cost vs. hyperscaler

Sovereign Kubernetes on European bare metal. Full EU data residency, fully declarative operations, zero configuration drift.

Automated bare metal provisioning and lifecycle
Fully declarative, reproducible across environments
Compute, storage, and networking in production
GPU-ready compute for AI inference workloads

Security Architecture

German Security StandardsBSI IT-Grundschutz · Air-Gapped · Classified Workloads

Designed and built security architectures for classified government workloads following BSI IT-Grundschutz, from zone models to cross-domain data exchange.

Built zone-based architectures for classified environments
Deployed air-gapped OpenShift for defense workloads
Designed cross-domain gateways for secure data exchange
Protection requirement analysis and security concepts

Let's build yours

Choose your starting point.

Start with a short diagnostic. Move into delivery or ongoing advisory when the scope is clear.

30-Minute Sparring

Free

Bring a target architecture, a current setup, or a specific risk. Leave with an honest assessment, 2 to 3 next steps, and clear direction.

Book a sparring call

Best first step

Architecture Second Opinion

5 days · assessment

Hands-on review of your platform. Written assessment, compliance snapshot, and risk matrix. A defensible starting point for your next decision.

Start a second opinion

Scoped Build

6 to 12 weeks

Defined platform build or migration against an agreed target architecture, with milestones, documented deliverables, and a transition-ready setup.

Request a scoped proposal

Architecture Advisory

Monthly · 3+ months

Recurring architecture reviews, decision support, and written recommendations for platform changes, vendor choices, and delivery risks.

Discuss ongoing support

How I work.

Four principles that shape every engagement. Less about process, more about what clients can rely on from the first call through years of operation.

Book a call

Regulated environments, tested patterns

Work shaped by years inside BSI-aligned, air-gapped, and classified-workload contexts. Security zones, compliance boundaries, and operational constraints treated as design inputs, not afterthoughts. Patterns that have already held up under real audits and real load.

Target architecture first

Every engagement starts with a clear picture of where the platform needs to go. Network topology, cluster shape, data flows, identity and secrets, AI inference paths. Documented before anything gets built, so delivery is a translation of decisions already made in the open.

Access, documentation, and runbooks stay with you

You always have the keys, the diagrams, and the operational context to run the platform without me. No hidden configuration, no proprietary glue, no dependency on a single head. Independence is the default, not an exit option.

Long-term operational autonomy

Platforms designed to stay under your control for years, not quarters. Stable foundations, clear upgrade paths, and deliberate choices about where to build, buy, or use hyperscaler services. Optionality for whatever comes next, without accidental lock-in along the way.