Engineered for
production

Three engineering disciplines that keep platforms secure, online, and connected — operated by the team that runs the Devolar group's own infrastructure.

Security Managed IT API Gateway
Security Engineering

Attack surface,
minimised.

We harden every layer — from the edge proxy to the database socket. Our security stack runs in production across the entire Devolar group: WAF with the full OWASP Core Rule Set, aggressive rate limiting, IP reputation filtering, and audit trails on everything that matters.

WAF engine Coraza + OWASP CRS, custom rules
Edge protection Rate limiting, geo/IP allowlisting, TLS 1.3
Internal traffic WireGuard mesh, mTLS service-to-service
Secrets HashiCorp Vault, auto-rotation
WAF Tuning Pen-test Remediation Zero-trust Network SIEM Integration Incident Response
Edge — Public Internet
TLS 1.3
Coraza WAF
Rate Limiter
IP Filter
↓ filtered traffic only
Application Layer
Reverse Proxy
AuthZ / RBAC
Audit Log
↓ mTLS / WireGuard
Private Backend
App Servers
Databases
Vault
Object Store
Managed IT & Cloud

Infrastructure without
the drama.

We favour boring, reliable, single-node simplicity over over-engineered complexity. Bare-metal servers with LXD containers, ZFS storage pools, WireGuard private networks — infrastructure you can reason about at 3 AM, monitored around the clock.

Compute Bare-metal, VPS, GPU nodes (EU)
Containers LXD / LXC system containers
Storage ZFS pools, S3-compatible object storage
Databases MariaDB, PostgreSQL, MongoDB, Redis
24/7 Monitoring Backup & DR Migration Projects Git-ops Workflows Self-hosted Tooling
🖥
Bare Metal
───►
📦
LXD Containers
───►
🔒
WireGuard Mesh
💾 ZFS snapshots
🔄 Automated backup
📊 Metrics & alerting
🗄 Managed databases
🔑 Vault secrets
🌍 EU data centres
API Gateway

Every request,
accounted for.

Multi-tenant API gateways with OAuth2/OIDC issuance, per-tenant rate limits, and full request observability. OpenAPI-first: your contract is the source of truth, and client SDKs, documentation, and validation all derive from it.

Auth OAuth2, OIDC, per-tenant issuers, RBAC in JWT
Throughput 100k+ req/s per gateway node
Contract OpenAPI 3.1, generated SDKs & docs
Observability Structured logs, traces, per-key metrics
Multi-tenant Quota Management Key Provisioning Request Transform Developer Portal
JWT tenant: acme·prod
Quota used this hour
62,140 / 100,000
Scopespayments:write ledger:read
Rate limit1,000 req/min
Status✓ Authorised
Latency p9911 ms

Let's scope your infrastructure.

From a single hardened server to a full multi-tenant platform — tell us what you're building.