Skip to content

Technology

The stack, per practice, plus the cross-cutting plumbing.

Open-source first across every practice. We adopt commercial software only where the licence buys something we'd otherwise engineer ourselves. Each section below is what we actually run — not what we could run if a project asked for it.

Per-practice stack

What runs in each practice.

Four practice-specific stacks. The fifth practice — AI-native film production — composes the generative-media stack with editorial integrations; we list those under media.

Safety & CV

Read the practice →

Edge inference

  • NVIDIA Triton Inference Server
  • ONNX Runtime
  • TensorRT
  • CUDA 12.x

Streaming

  • MediaMTX (RTSP/RTMP/SRT router)
  • GStreamer pipelines
  • ONVIF profile-S/T cameras

Data plane

  • Apache Kafka
  • PostgreSQL 16
  • MinIO (S3-compatible)
  • Redis

Identity

  • Keycloak with OIDC/SAML federation
  • SCIM provisioning to client IdP

Application

  • React + TypeScript Ops Console
  • Node 20 LTS services

Agentic Systems

Read the practice →

Orchestration

  • LangGraph
  • CrewAI
  • Temporal (long-running workflows)
  • Custom Python/TS runtimes

Models

  • Anthropic Claude
  • OpenAI GPT family
  • Google Gemini
  • Open-weights via vLLM / TGI / Ollama

Tool integration

  • Model Context Protocol (MCP) servers + clients
  • OpenAPI-derived tool wrappers
  • Auth-aware connectors (OAuth, mTLS, signed-JWT)

Memory & retrieval

  • Postgres + pgvector
  • Qdrant
  • Redis for short-term state
  • OpenSearch for hybrid retrieval

Eval & observability

  • Langfuse / Helicone / custom dashboards
  • Promptfoo / DeepEval / bespoke eval harnesses
  • Structured tracing via OpenTelemetry

Cost governance

  • Per-team and per-workflow token budgets
  • Circuit breakers on cost spikes
  • Per-model fallback policies

Generative Media

Read the practice →

Generative model runtimes

  • ComfyUI workflow runtime
  • Stable Diffusion XL, Flux, Wan 2.x, Stable Video Diffusion
  • Custom LoRA / adapter training (per show, per asset)

DCC integrations

  • Nuke gizmos (Python + Blink)
  • Houdini HDAs
  • Maya plugins
  • Blender add-ons

Pipeline & orchestration

  • Deadline / OpenCue / Tractor render farms
  • Pixar USD for asset interchange
  • OpenColorIO (ACES) for colour
  • S3-compatible object stores (MinIO on-prem, AWS S3 in cloud-burst)

Editorial & post

  • Avid Media Composer, DaVinci Resolve, Adobe Premiere integrations
  • Per-language voice / dubbing toolchains
  • Unreal Engine 5 for virtual production

Provenance

  • Per-asset model + prompt + approval metadata
  • Immutable consent and approvals log
  • C2PA-compatible content credentials where required

Custom ML & Research

Read the practice →

Training & adaptation

  • PyTorch
  • JAX where appropriate
  • HuggingFace ecosystem
  • Ray for distributed training

Experiment & data

  • Weights & Biases
  • DVC and Git LFS for data versioning
  • Bespoke eval harnesses per project

Deployment

  • ONNX, TensorRT, GGUF for edge artefacts
  • vLLM / TGI for self-hosted inference
  • Triton for general serving

Cross-cutting

What every practice depends on.

Observability, delivery, and security baselines that apply regardless of practice. We don't ship without these.

Observability

  • Prometheus + Grafana
  • OpenTelemetry traces
  • Loki for log aggregation

Delivery

  • Docker + docker-compose
  • Ansible for fleet config
  • Git-flow with environment promotion
  • GitHub Actions / GitLab CI

Security baseline

  • mTLS service-to-service
  • Vault / SOPS for secrets
  • Per-environment IAM scoped to least privilege

Reference architecture · Safety practice

Edge inference, integration plane, central NOC.

Three lanes, left-to-right data flow. This is the safety-vision reference — the practice where edge autonomy is non-negotiable. Agentic and media practices use different topologies; ask during scoping.

Reference architecture Three lanes — edge site, integration plane, and central NOC. Cameras and sensors feed the edge inference engine; the integration plane brokers events to client systems; the NOC provides cross-site oversight. EDGE SITE INTEGRATION PLANE CENTRAL NOC Cameras IP, RTSP, ONVIF FRS, ANPR, audio MediaMTX stream router Triton + TensorRT edge inference RTX PRO 6000 / L40S MinIO + NVR 30-day hot WORM audit Site Ops Console React · runs even if WAN down Keycloak Identity SSO · OIDC · SCIM Kafka + Postgres events · audit log Integration Adapters SMS · HR · fire panel · IdP Consent + Alert Routing DPDP workflow · escalation chains Cross-site dashboards Trust / chain rollups SLA reporting monthly · per module · per site Model registry versioned · rollback-safe On-call NOC business hours base

Hardware OEMs · Safety practice

Who we specify for safety-vision deployments, and how we work with you on procurement.

Default model: we specify; you procure directly from the OEM. No mark-up, no working-capital lock-in. We also handle hardware sales when a client prefers single-vendor procurement — commercial terms agreed transparently in Discovery. Either way, we pre-verify every part against the design spec when it lands. Other practices have minimal hardware footprint — agentic and media workloads run on the client's existing GPU compute or cloud, sized during Discovery.

Compute & GPU appliances

Dell PowerEdge R760 / XR series HPE ProLiant DL3xx Gen11 Lenovo ThinkSystem SR-series Supermicro SuperServer (specific edge SKUs)

GPU class: NVIDIA RTX PRO 6000 / L40S / L4 — sized to camera count, module mix, and frame rate.

Cameras and NVRs

Hikvision Dahua CP Plus Axis (for high-end ANPR) Hanwha (for sensitive deployments)

We are camera-agnostic — your existing estate is the starting point. Only when modules need higher pixel density or specific anti-spoofing do we recommend replacements.

FRS terminals

Anviz Matrix ZKTeco (specific anti-spoof SKUs)

Depth + IR anti-spoofing is mandatory at perimeter terminals. We do not deploy 2D-only terminals at gates.

Networking and access

Cisco Meraki / Catalyst MikroTik (cost-optimised deployments) Ubiquiti UniFi (where appropriate) PoE+/PoE++ switches sized to camera draw

Camera segregation onto a dedicated VLAN with policy-based isolation from corporate LAN is baseline.

Audio analytics

Axis network audio Cisco audio-capable IP devices Bespoke PoE analytic microphones

All audio analytics inference is local. No cloud upload of audio.

Want the full reference architecture document?

The detailed reference architecture — including sizing tables, network design, and integration patterns — is shared during Discovery.

Request a Discovery Call See our approach