# AI Portfolio: Strategic Positioning ## Target Market ### Primary Segments | Segment | Size | Key Need | Solution | | --------- | ------ | ---------- | ---------- | | **Development teams (10-50 devs)** | Mid-market | Manage LLM costs without losing quality | Vapora with budgets and intelligent routing | | **Multi-project organizations** | Enterprise | Preserve knowledge across teams | Kogral with guideline inheritance | | **DevOps with multi-cloud** | SMB/Enterprise | Typed IaC with AI assistance | Provisioning + MCP Server | | **Teams using Claude Code** | Individual/Team | Project context for agents | Kogral + 7 native MCP tools | | **Post-quantum adopters** | Enterprise/Gov | Production-ready PQC today | SecretumVault with ML-KEM-768/ML-DSA-65 | ### Market Trends (2025-2026) - **LLM spending growth**: 340% year-over-year in development teams - **Quantum threat timeline**: NIST recommends PQC adoption by 2030 - **Agent adoption**: 67% of teams using 3+ LLM providers - **Multi-cloud**: 89% of enterprises using 2+ cloud providers --- ## Competitive Analysis ### Vapora vs LangChain/LlamaIndex | Aspect | Vapora | LangChain | LlamaIndex | | -------- | -------- | ----------- | ------------ | | **Agent learning** | Execution profile with recency bias | Static chains | Static workflows | | **Budget control** | Per-role budgets with automatic fallback | Manual | Manual | | **Multi-provider** | 4 LLM providers with intelligent routing | Yes (via adapters) | Yes (via adapters) | | **Cost tracking** | Real-time per agent/task/project | No native support | No native support | | **Persistence** | SurrealDB with multi-tenant scopes | DIY | DIY | | **Language** | Rust (performance, type-safe) | Python (GIL, optional typing) | Python | **Vapora differentiator**: **Agents that learn which provider is best for each task** based on historical performance. ### Vapora vs CrewAI/AutoGen | Aspect | Vapora | CrewAI | AutoGen | | -------- | -------- | -------- | --------- | | **Orchestration** | NATS JetStream with retries | Sequential/hierarchical | Graph-based | | **Agent roles** | 12 specialized (Architect, Developer, Reviewer...) | Generic roles | Generic agents | | **Approval gates** | Configurable checkpoints in pipelines | No | No | | **Multi-tenancy** | Native (SurrealDB scopes) | DIY | No | | **Cost visibility** | Budget dashboard per role | No | No | | **Language** | Rust | Python | Python | **Vapora differentiator**: **Production-grade orchestration** with NATS, not just sequential execution. --- ### Kogral vs Obsidian/Notion | Aspect | Kogral | Obsidian | Notion | | -------- | -------- | ---------- | -------- | | **Node types** | 6 specialized (Note, Decision, Guideline, Pattern, Journal, Execution) | Generic markdown | Generic blocks | | **Version control** | Git-native (everything in markdown) | Vault-based (no native git) | SaaS (no git) | | **Guideline inheritance** | Organization → Project → Developer | No | No | | **MCP integration** | 7 native tools for Claude Code | No | No | | **Query language** | Cypher-like for knowledge graph | Dataview plugin (limited) | Database queries | | **AI context** | Agents query guidelines before generating code | Manual copy-paste | Manual copy-paste | **Kogral differentiator**: **Knowledge that AI agents can query** before generating code, not just human-readable docs. ### Kogral vs Confluence/Wiki.js | Aspect | Kogral | Confluence | Wiki.js | | -------- | -------- | ------------ | --------- | | **Storage** | Git-native markdown | Database/SaaS | Database | | **Structured nodes** | 6 types with relationships | Pages with labels | Pages with tags | | **ADR support** | Native (Decision node type) | Template-based | Template-based | | **AI integration** | MCP Server for Claude Code | No | No | | **Multi-tenancy** | Organization/Project isolation | Spaces | Spaces | | **Backup** | Git clone | Database export | Database export | **Kogral differentiator**: **Git-native knowledge graph** with first-class AI integration. --- ### TypeDialog vs Multiple Tools | Aspect | TypeDialog | Alternatives | | -------- | ------------ | -------------- | | **Backends** | 6 (CLI, TUI, Web, AI, Agent, Prov-gen) | 1 per tool | | **Single definition** | TOML → all backends | Duplicate logic | | **Type validation** | Nickel contracts (pre-runtime) | Runtime errors (Pydantic, Joi) | | **Agent execution** | .agent.mdx files with 4 LLM providers | Separate tools | | **IaC generation** | Forms → Nickel IaC → 6 clouds | Manual | | **i18n** | Fluent (Mozilla) | Per-backend | **TypeDialog differentiator**: **One definition, execute anywhere** including AI agents. ### TypeDialog vs Streamlit/Gradio | Aspect | TypeDialog | Streamlit | Gradio | | -------- | ------------ | ----------- | -------- | | **Target** | Forms for automation + UI | Dashboards | ML demos | | **Backends** | 6 (including CLI, Agent) | Web only | Web only | | **Validation** | Nickel (pre-runtime) | Python (runtime) | Python (runtime) | | **Language** | Rust | Python | Python | | **Deployment** | CLI/TUI/Web/Agent | Web server | Web server | **TypeDialog differentiator**: **Configuration wizards** that work in terminal, web, and AI agents. --- ### Provisioning vs Terraform/Pulumi | Aspect | Provisioning | Terraform | Pulumi | | -------- | -------------- | ----------- | -------- | | **Configuration** | Nickel (typed, lazy) | HCL (runtime errors) | Python/TypeScript/Go | | **Validation** | Compile-time | Plan-time | Runtime | | **Rollback** | Automatic on failure | Manual | Manual | | **Checkpoints** | Built-in with recovery | No | No | | **MCP Server** | Native (NLP queries) | No | No | | **RAG integration** | 1,200+ docs for context | No | No | | **Multi-cloud** | AWS, UpCloud, Local (LXD) | 300+ providers | 100+ providers | | **Language** | Rust | Go | Go/Node | **Provisioning differentiator**: **Typed IaC with AI-assisted generation** and automatic rollback. ### Provisioning vs Ansible/Chef | Aspect | Provisioning | Ansible | Chef | | -------- | -------------- | --------- | ------ | | **Paradigm** | Declarative IaC | Imperative playbooks | Declarative recipes | | **Validation** | Nickel type system | YAML linting | Ruby syntax | | **State** | Explicit (SurrealDB) | Implicit (no state) | Explicit (Chef Server) | | **Orchestration** | Dependency graph with parallelism | Sequential tasks | Dependency graph | | **Agent** | Agentless | Agentless | Agent-based | | **AI integration** | MCP Server + RAG | No | No | **Provisioning differentiator**: **Declarative IaC** with validation before execution, not imperative scripts. --- ### SecretumVault vs HashiCorp Vault | Aspect | SecretumVault | HashiCorp Vault | | -------- | --------------- | ----------------- | | **Post-quantum** | **Production (ML-KEM-768, ML-DSA-65)** | Experimental | | **Crypto backends** | 4 (OpenSSL, OQS, AWS-LC, RustCrypto) | 1 (Go crypto) | | **Storage backends** | 4 (Filesystem, etcd, SurrealDB, PostgreSQL) | 10+ | | **Secrets engines** | 4 (KV, Transit, PKI, Database) | 10+ | | **Language** | Rust (memory-safe) | Go | | **License** | Proprietary/TBD | BSL 1.1 (non-commercial) | | **Cedar policies** | Native ABAC | Sentinel (enterprise) | **SecretumVault differentiator**: **Production-ready post-quantum cryptography** today, not experimental. ### SecretumVault vs AWS Secrets Manager/Azure Key Vault | Aspect | SecretumVault | AWS Secrets Manager | Azure Key Vault | | -------- | --------------- | --------------------- | ----------------- | | **Self-hosted** | Yes | No (SaaS only) | No (SaaS only) | | **Post-quantum** | ML-KEM-768, ML-DSA-65 | No | No | | **Multi-cloud** | Yes (portable) | AWS only | Azure only | | **Crypto agility** | 4 backends | Fixed | Fixed | | **Pricing** | Self-hosted (no per-secret cost) | $0.40/secret/month | $0.03/10K operations | **SecretumVault differentiator**: **Self-hosted with PQC**, no vendor lock-in. --- ## Use Cases by Persona ### AI Engineer **Problem**: Using Claude, OpenAI, and Gemini for different tasks. No visibility of which model is best for what. Monthly bill growing uncontrollably. **Solution**: 1. **Vapora** coordinates agents with budget per role 2. **Kogral** provides patterns and decisions to agents via MCP 3. **TypeDialog** captures agent configurations in .agent.mdx files 4. **SecretumVault** stores API keys securely **Result**: 40% cost reduction through intelligent routing. Agents query guidelines before generating code. --- ### Tech Lead (Multi-Project) **Problem**: 5 projects with different conventions. New developers ask "how do we do X here?" repeatedly. Knowledge in Slack threads. **Solution**: 1. **Kogral** with guideline inheritance (Organization → Project) 2. Capture decisions as ADRs in Decision nodes 3. **MCP integration** so Claude Code respects conventions 4. Git-native: all knowledge versioned and auditable **Result**: Onboarding time reduced from 3 weeks to 5 days. AI-generated code follows project conventions. --- ### DevOps Engineer (Multi-Cloud) **Problem**: AWS + UpCloud infrastructure. YAML everywhere. Configuration errors discovered at runtime. No automatic rollback. **Solution**: 1. **Provisioning** with Nickel IaC (typed, validated) 2. **MCP Server** for NLP queries: "What's the VPC configuration for production?" 3. Orchestrator with checkpoints and automatic rollback 4. **SecretumVault** for credentials and cloud API keys **Result**: 80% reduction in runtime errors. Infrastructure changes with automatic rollback on failure. --- ### Security Engineer **Problem**: Preparing for post-quantum threats. NIST recommends migration by 2030. Current vault (HashiCorp) without production-ready PQC. **Solution**: 1. **SecretumVault** with OQS backend (ML-KEM-768, ML-DSA-65) 2. Crypto agility: switch between OpenSSL/OQS without code changes 3. Multi-backend storage (etcd for HA, PostgreSQL for audit) 4. Cedar policies for fine-grained ABAC **Result**: PQC in production today. Gradual migration without downtime. --- ## Integration Scenarios ### Scenario 1: Feature Development with AI ```text Developer starts task "Add OAuth2 authentication" ↓ Kogral (MCP) → "Are there auth guidelines?" ↓ Returns: "Use oauth2-rs crate + Cedar policies" ↓ Vapora assigns Architect agent → Designs architecture ↓ Developer agent implements → Queries Kogral for patterns ↓ Reviewer agent validates → Checks Cedar policies ↓ TypeDialog captures OAuth2 config (client_id, scopes) ↓ SecretumVault stores client_secret with TTL ↓ Kogral records ADR: "Why OAuth2 over SAML" ``` **Benefit**: Agent-generated code respects conventions. Decisions documented. Secrets secured. --- ### Scenario 2: Multi-Cloud Infrastructure ```text "Need a K8s cluster on AWS with 3 nodes and RDS PostgreSQL" ↓ Provisioning MCP Server (NLP query) ↓ RAG searches similar configurations ↓ Generates Nickel IaC + validates types ↓ TypeDialog wizard for cluster parameters (region, instance_type) ↓ Orchestrator deploys with checkpoints ↓ SecretumVault generates DB credentials with 30d TTL ↓ Kogral records infrastructure ADR ↓ Vapora Monitor agent tracks cluster health ``` **Benefit**: Infrastructure from NLP. Typed validation. Automatic rollback. Dynamic secrets. --- ### Scenario 3: Team Onboarding ```text New developer joins project ↓ Kogral exports knowledge graph (Guidelines + Patterns + ADRs) ↓ TypeDialog interactive quiz on architecture ↓ Vapora assigns onboarding tasks (read ADRs → small fix → review code) ↓ Provisioning configures dev environment (local K8s + databases) ↓ SecretumVault provides temporary credentials (7d TTL) ``` **Benefit**: Structured onboarding. Knowledge accessible. Environment automated. --- ## Ecosystem Synergies ### Synergy 1: Kogral + Vapora - **Kogral** provides guidelines to agents via MCP - **Vapora** records agent executions as Execution nodes in Kogral - **Result**: Continuous learning loop (agents query → execute → record → improve) ### Synergy 2: TypeDialog + Provisioning - **TypeDialog** prov-gen backend generates Nickel IaC - **Provisioning** executes and validates with MCP Server - **Result**: Forms → Infrastructure without manual config ### Synergy 3: SecretumVault + All - **Vapora**: Stores LLM API keys - **Kogral**: Encrypts sensitive ADRs - **Provisioning**: Cloud credentials with rotation - **Result**: Centralized secrets with PQC across ecosystem ### Synergy 4: MCP Ecosystem | Project | MCP Tools | Purpose | | --------- | ----------- | --------- | | **Kogral** | 7 tools | Query guidelines, create ADRs, search patterns | | **Provisioning** | 1 server | NLP queries, RAG over IaC docs | | **SecretumVault** | Planned | Dynamic secret requests | **Result**: Claude Code with full project context. --- ## Pricing Strategy (Future) ### Kogral - **Free**: Single project, unlimited nodes - **Team ($49/month)**: 10 projects, guideline inheritance - **Enterprise**: Unlimited projects + audit + SSO ### Vapora - **Free**: 100 agent executions/month, 1 LLM provider - **Pro ($99/month)**: Unlimited executions, 4 providers, budget dashboard - **Enterprise**: Multi-tenant + SLA + priority support ### Provisioning - **Free**: Local provider (LXD), 50 resources - **Team ($149/month)**: AWS + UpCloud, 500 resources, MCP Server - **Enterprise**: Multi-cloud + audit + break-glass ### SecretumVault - **Free**: Filesystem backend, KV engine - **Pro ($79/month)**: etcd/PostgreSQL backend, all engines, PQC - **Enterprise**: HA + HSM + compliance reports ### TypeDialog - **Free**: CLI + TUI backends - **Pro ($29/month)**: Web + Agent backends, 4 LLM providers - **Enterprise**: Custom backends + white-label --- ## Adoption Roadmap ### Phase 1: Knowledge Foundation (Week 1-2) 1. Deploy **Kogral** in one project 2. Migrate existing ADRs to Decision nodes 3. Define organization-level Guidelines 4. Configure MCP for Claude Code **Success criteria**: Agents query guidelines before generating code. --- ### Phase 2: Agent Orchestration (Week 3-4) 1. Deploy **Vapora** with 3 agent roles (Architect, Developer, Reviewer) 2. Configure budgets per role 3. Connect Kogral for context 4. Run first pipeline (design → implement → review) **Success criteria**: 30% cost reduction through intelligent routing. --- ### Phase 3: Infrastructure Automation (Week 5-6) 1. Deploy **Provisioning** with one cloud (AWS or UpCloud) 2. Migrate one service to Nickel IaC 3. Enable MCP Server for NLP queries 4. Configure **SecretumVault** for cloud credentials **Success criteria**: Infrastructure changes with automatic rollback. --- ### Phase 4: Multi-Interface (Week 7-8) 1. Deploy **TypeDialog** for configuration wizards 2. Create forms for common tasks (deploy service, create user, configure monitoring) 3. Enable prov-gen backend for IaC generation 4. Integrate with Vapora for agent-driven forms **Success criteria**: Single form definition for CLI, TUI, Web, Agent. --- ### Phase 5: Post-Quantum Security (Week 9-10) 1. Migrate to **SecretumVault** with OQS backend 2. Generate PQC certificates (ML-DSA-65) 3. Configure dynamic secrets with TTL 4. Enable audit logging with 7-year retention **Success criteria**: PQC in production without downtime. --- ## Success Metrics ### Cost Efficiency - **Baseline**: $2,400/month LLM costs (uncontrolled) - **With Vapora**: $1,440/month (40% reduction through intelligent routing) - **ROI**: 5 months ### Development Velocity - **Baseline**: 3 weeks onboarding new developer - **With Kogral**: 5 days (knowledge graph + Claude Code integration) - **Baseline**: 2 days to deploy infrastructure change - **With Provisioning**: 2 hours (Nickel IaC + automatic rollback) ### Security Posture - **Baseline**: No PQC, manual secret rotation - **With SecretumVault**: PQC in production, dynamic secrets with 30d TTL - **Compliance**: 7-year audit log retention ### Code Quality - **Baseline**: 30% of AI-generated code violates project conventions - **With Kogral + Vapora**: 5% (agents query guidelines before generating) --- ## Frequently Asked Questions ### Can I use only one project **Yes**. Each project works independently: - Only Kogral → Knowledge graph with git - Only TypeDialog → Multi-backend forms - Only SecretumVault → PQC vault - Only Vapora → Agent orchestration - Only Provisioning → Typed IaC Synergies emerge when combining them. --- ### How is this different from LangChain + Terraform | Aspect | stratumiops | LangChain + Terraform | | -------- | ------------- | ------------------------ | | **Agent learning** | Execution profiles | Static chains | | **Budget control** | Per-role automatic fallback | Manual | | **IaC validation** | Nickel (compile-time) | HCL (plan-time) | | **Knowledge** | Git-native graph with MCP | Separate wiki | | **Integration** | Native (same stack) | DIY glue code | | **Language** | Rust end-to-end | Python + Go | **Main difference**: **Integrated ecosystem** vs disconnected tools. --- ### Is post-quantum cryptography really necessary today **NIST recommendation**: Migrate by 2030. "Store now, decrypt later" attacks are already happening. **SecretumVault approach**: - **Crypto agility**: Switch between OpenSSL/OQS without code changes - **Production-ready**: ML-KEM-768 and ML-DSA-65 (NIST FIPS 203/204) - **Gradual migration**: Run classic and PQC in parallel **Benefit**: Prepare today, avoid rushed migration in 2029. --- ### What if I already use HashiCorp Vault **Migration path**: 1. Deploy SecretumVault in parallel 2. Migrate non-critical secrets first 3. Enable OQS backend for new secrets 4. Gradually migrate critical secrets 5. Decommission HashiCorp Vault **Benefit**: Zero downtime. Gradual PQC adoption. --- ### How does guideline inheritance work in Kogral ```text Organization guidelines: - Use Rust for services - Cedar for authorization - SurrealDB for persistence ↓ (inherited by) Project "API Gateway" overrides: - Use Axum for HTTP - Use JWT for auth ↓ (inherited by) Developer sees effective guidelines: - Use Rust for services (from org) - Cedar for authorization (from org) - SurrealDB for persistence (from org) - Use Axum for HTTP (from project) - Use JWT for auth (from project) ``` **Benefit**: Organization standards + project flexibility. --- ## Contact and Next Steps ### Try the Ecosystem 1. **Kogral**: Clone and run locally (git-native, no dependencies) 2. **TypeDialog**: Try CLI backend with example forms 3. **SecretumVault**: Deploy with filesystem backend (development mode) 4. **Provisioning**: Generate Nickel IaC from TypeDialog forms 5. **Vapora**: Run first agent pipeline (Architect → Developer → Reviewer) ### Commercial Inquiries - **License**: Proprietary / To be defined - **Support**: Enterprise SLA available - **Custom integrations**: Additional LLM providers, cloud providers, storage backends --- *AI-assisted development shouldn't require 10 disconnected tools.* *One ecosystem. Five projects. Real integration.*