Services
Six ways we build. Every range explained.
From a Claude-powered agent that runs your back office to a mesh network that stitches your sites together privately — each service shows what the low end of the range buys and what the high end buys, so the proposal you get already makes sense.
AI agents & automation
Claude-powered agents and automations that do real work — reading, deciding, drafting and acting across your existing tools, with guardrails and a human in the loop where it matters.
What the low end buys
- A single high-value automation (e.g. inbox triage, quote drafting, report generation)
- Connected to one or two systems you already use
- Guardrails, logging and a simple approval step — plus handover docs
What the high end buys
- Multi-agent systems that orchestrate whole workflows end to end
- Deep integration with your CRM, ERP, ticketing and databases
- Evaluation harnesses, monitoring, and staff training so the team owns it
Why the range
The spread is integration depth and trust. A self-contained automation is days of work; wiring an agent safely into live business systems — with evaluation, guardrails, fallbacks and audit trails — is weeks. We scope precisely so you pay only for the depth you need.
Private & local AI
Your own AI, running on your own hardware. On-prem or air-gapped inference, retrieval over your private documents, and fine-tuned open-weight models — so nothing sensitive ever leaves the building.
What the low end buys
- A private assistant answering over one corpus (contracts, wiki, manuals)
- Open-weight model deployed on a single server or workstation you control
- A clean web interface and the runbook to operate it
What the high end buys
- Fine-tuned or domain-evaluated models for your specific work
- GPU cluster deployment with high availability and monitoring
- Air-gapped setups for regulated or classified environments
Why the range
Running a model is the easy part; making it reliable, private and genuinely useful is not. The range reflects hardware scale, whether you need fine-tuning, and the retrieval and evaluation work that turns a chatbot into a tool your team trusts.
Custom software & web
Applications, internal tools, APIs and websites built from scratch — fast, accessible and free of the template look and the template baggage. In Rust, PHP, Python or whatever the job actually calls for.
What the low end buys
- A hand-built marketing site or landing presence (like this one)
- A focused internal tool or automation script
- Clean, fast, accessible, self-hostable anywhere
What the high end buys
- Full applications: accounts, payments, dashboards, real-time features, APIs
- Native desktop and cross-platform tools, and performance-critical systems in Rust
- Load-tested, security-reviewed and documented for handover
Why the range
Pages are cheap; systems are not. The range tracks how much of the work is presentation versus business logic, data modelling, and the testing that keeps money-touching software trustworthy.
Offensive security & red team
We find the holes before someone else does. Authorised network scanning, penetration testing and adversary simulation across your apps, networks and devices — reported in plain language, with fixes you can act on.
What the low end buys
- A focused pentest of one app, network segment or device fleet
- Live vulnerability and CVE detection, prioritised — not a scanner dump
- A clear, ranked fix-list your own developers can execute
What the high end buys
- Full-scope red-team engagements simulating a real attacker
- Wireless, IoT and camera/RTSP assessments; internal and physical vectors
- Re-testing after remediation, plus an executive-ready report
Why the range
Scope drives cost: one login page and one afternoon versus an estate of services, wireless, and devices — each needing testing, re-testing after fixes, and documentation. We'd rather do a tight scope properly than a broad one shallowly.
Defensive security & hardening
The other side of the coin: locking systems down, watching for intrusion, and making a breach survivable. LAN auditing that catches cleartext credentials, hardening, monitoring and incident-readiness.
What the low end buys
- A hardening pass on one site, server or network segment
- A LAN audit that flags cleartext passwords and insecure devices
- Backups, logging and an update path your team can follow
What the high end buys
- Continuous monitoring, alerting and intrusion detection across your estate
- Recurring audits with re-testing, and hardening implemented for you
- Incident-readiness: response runbooks, disaster-recovery drills, tabletop exercises
Why the range
A one-off hardening pass is a fixed piece of work; standing defence across a whole estate — monitored, drilled and kept current — is an ongoing engineering commitment. The range reflects how much of your surface you want watched, and how continuously.
Secure networking & remote access
Private networks that just work. Mesh overlays and UDP hole-punching to connect machines behind NAT with no open ports, encrypted remote desktop and file transfer, and clean HTTPS routing for every service you host.
What the low end buys
- Secure remote access to one machine or site — no port-forwarding, no exposed ports
- Encrypted remote desktop / file transfer set up and documented
- A single clean HTTPS name for a service you self-host
What the high end buys
- A full mesh overlay spanning offices, homes and cloud as one private LAN
- Self-hosted VPN and remote-desktop platform replacing per-seat SaaS
- Redundant relays, DNS-and-reverse-proxy routing, and monitoring
Why the range
Connecting one machine securely is a clean afternoon's work. Building a resilient private mesh across many sites — with NAT traversal, encrypted relays, routing and failover — is systems engineering. The range reflects how many endpoints and how much resilience you need.
Not sure which line your project falls under? Most good ones span two or three. That's what the scoping call is for.