We build systems where the absence of an external database is not a limitation, but a design requirement.
Deterministic routing, immutable containers, compliance built in from the ground up.
Two open-source products for organizations storing billions of files and years of logs.
Each product solves a specific engineering problem: consolidating small files, archiving logs, long-term metrics archival, and cross-product access audit. What unites them is the same architecture — statelessness and S3 as the only source of truth.
Consolidate billions of small files into immutable .vera containers. Deterministic routing without a lookup database. Range-GET instead of full reads. Built-in GDPR tombstones.
Log archive with entity index and cryptographic integrity. The missing layer between hot search and cold archive. Searchable, immutable, dormant until needed.
Long-term metrics archive with PromQL-compatible index. Gorilla compression, D+1 compaction, hibernatable query layer. No permanent 24/7 cluster.
Cross-product access audit over VERA, ELSA, MILA. Who read which data and when. One console for GDPR Art. 17, one audit trail, regulatory reports in one click.
The common DNA of our products. Every system we build starts from the same architectural assumptions — proven in production, not invented in a spec document.
No external lookup database is not a limitation — it is a design goal. Deterministic functions like locate_shard(uid, ts) replace mapping tables. Every worker runs independently, no coordinator.
Everything else — Redis, caches, indexes, manifests — is a materialized view. You can wipe it and rebuild in minutes. No vendor lock-in; AWS S3, MinIO, and Ceph/RGW compatibility is a primary feature, not an add-on.
S3 Object Lock, chain-hashed audit trail, GDPR tombstones, per-entity legal hold — first-class concepts of the system, not late-stage configuration. SEC 17a-4, HIPAA, GDPR Art. 17, NIS2, DORA, KNF — architecture, not checkboxes.
Append-only containers, WORM via S3 Object Lock, cryptographic chain hash in the audit log. Data mutations are documented, never hidden. An auditor sees what happened, when, and why — not a broken chain, but a readable trace.
Beyond our open-source products, we offer implementation services, architecture consulting, and support for organizations building their own regulated data systems.
Design and rollout of object-storage systems at billion-file scale. Deterministic routing, sharding, lifecycle policies, multi-region disaster recovery.
Implementation of SEC 17a-4, HIPAA, GDPR, NIS2, DORA, KNF requirements at the architecture level. WORM, audit trail, legal hold, GDPR tombstones, auditor-ready reports.
Safe migrations of billions of files from existing systems (PostgreSQL, MySQL, NFS) to modern storage. Watermark migration, zero-downtime, integrity validation.
Data analysis, predictive models, operational dashboards. Long-standing experience in finance, telecom, and public administration.
Production deployment: Helm charts, HPA, CronJobs, PodDisruptionBudget. Full observability with Prometheus + Grafana, structured logging, SLO-driven alerting.
OpenBao / Vault, dynamic credentials, MFA for break-glass, SSH-style PKI (Ed25519/RSA). Zero-downtime key rotation, access auditing, no hardcoded secrets.
Reach out to discuss a VERA or ELSA deployment, evaluate integration with your existing system, or ask about consulting services for regulated data architecture.