jesus/stratumiops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
stratumiops/docs/en/ia/ia-stratumiops-projects-positioning.md
Jesús Pérez 1680d80a3d
Some checks failed
Rust CI / Security Audit (push) Has been cancelled
Details
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Details
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
Details
Nickel Type Check / Nickel Type Checking (push) Has been cancelled
Details
chore: Init repo, add docs
2026-01-22 22:15:19 +00:00

19 KiB
Raw Blame History

AI Portfolio: Strategic Positioning

Target Market

Primary Segments

Segment Size Key Need Solution
Development teams (10-50 devs) Mid-market Manage LLM costs without losing quality Vapora with budgets and intelligent routing
Multi-project organizations Enterprise Preserve knowledge across teams Kogral with guideline inheritance
DevOps with multi-cloud SMB/Enterprise Typed IaC with AI assistance Provisioning + MCP Server
Teams using Claude Code Individual/Team Project context for agents Kogral + 7 native MCP tools
Post-quantum adopters Enterprise/Gov Production-ready PQC today SecretumVault with ML-KEM-768/ML-DSA-65

Market Trends (2025-2026)

  • LLM spending growth: 340% year-over-year in development teams
  • Quantum threat timeline: NIST recommends PQC adoption by 2030
  • Agent adoption: 67% of teams using 3+ LLM providers
  • Multi-cloud: 89% of enterprises using 2+ cloud providers

Competitive Analysis

Vapora vs LangChain/LlamaIndex

Aspect Vapora LangChain LlamaIndex
Agent learning Execution profile with recency bias Static chains Static workflows
Budget control Per-role budgets with automatic fallback Manual Manual
Multi-provider 4 LLM providers with intelligent routing Yes (via adapters) Yes (via adapters)
Cost tracking Real-time per agent/task/project No native support No native support
Persistence SurrealDB with multi-tenant scopes DIY DIY
Language Rust (performance, type-safe) Python (GIL, optional typing) Python

Vapora differentiator: Agents that learn which provider is best for each task based on historical performance.

Vapora vs CrewAI/AutoGen

Aspect Vapora CrewAI AutoGen
Orchestration NATS JetStream with retries Sequential/hierarchical Graph-based
Agent roles 12 specialized (Architect, Developer, Reviewer...) Generic roles Generic agents
Approval gates Configurable checkpoints in pipelines No No
Multi-tenancy Native (SurrealDB scopes) DIY No
Cost visibility Budget dashboard per role No No
Language Rust Python Python

Vapora differentiator: Production-grade orchestration with NATS, not just sequential execution.

Kogral vs Obsidian/Notion

Aspect Kogral Obsidian Notion
Node types 6 specialized (Note, Decision, Guideline, Pattern, Journal, Execution) Generic markdown Generic blocks
Version control Git-native (everything in markdown) Vault-based (no native git) SaaS (no git)
Guideline inheritance Organization → Project → Developer No No
MCP integration 7 native tools for Claude Code No No
Query language Cypher-like for knowledge graph Dataview plugin (limited) Database queries
AI context Agents query guidelines before generating code Manual copy-paste Manual copy-paste

Kogral differentiator: Knowledge that AI agents can query before generating code, not just human-readable docs.

Kogral vs Confluence/Wiki.js

Aspect Kogral Confluence Wiki.js
Storage Git-native markdown Database/SaaS Database
Structured nodes 6 types with relationships Pages with labels Pages with tags
ADR support Native (Decision node type) Template-based Template-based
AI integration MCP Server for Claude Code No No
Multi-tenancy Organization/Project isolation Spaces Spaces
Backup Git clone Database export Database export

Kogral differentiator: Git-native knowledge graph with first-class AI integration.

TypeDialog vs Multiple Tools

Aspect TypeDialog Alternatives
Backends 6 (CLI, TUI, Web, AI, Agent, Prov-gen) 1 per tool
Single definition TOML → all backends Duplicate logic
Type validation Nickel contracts (pre-runtime) Runtime errors (Pydantic, Joi)
Agent execution .agent.mdx files with 4 LLM providers Separate tools
IaC generation Forms → Nickel IaC → 6 clouds Manual
i18n Fluent (Mozilla) Per-backend

TypeDialog differentiator: One definition, execute anywhere including AI agents.

TypeDialog vs Streamlit/Gradio

Aspect TypeDialog Streamlit Gradio
Target Forms for automation + UI Dashboards ML demos
Backends 6 (including CLI, Agent) Web only Web only
Validation Nickel (pre-runtime) Python (runtime) Python (runtime)
Language Rust Python Python
Deployment CLI/TUI/Web/Agent Web server Web server

TypeDialog differentiator: Configuration wizards that work in terminal, web, and AI agents.

Provisioning vs Terraform/Pulumi

Aspect Provisioning Terraform Pulumi
Configuration Nickel (typed, lazy) HCL (runtime errors) Python/TypeScript/Go
Validation Compile-time Plan-time Runtime
Rollback Automatic on failure Manual Manual
Checkpoints Built-in with recovery No No
MCP Server Native (NLP queries) No No
RAG integration 1,200+ docs for context No No
Multi-cloud AWS, UpCloud, Local (LXD) 300+ providers 100+ providers
Language Rust Go Go/Node

Provisioning differentiator: Typed IaC with AI-assisted generation and automatic rollback.

Provisioning vs Ansible/Chef

Aspect Provisioning Ansible Chef
Paradigm Declarative IaC Imperative playbooks Declarative recipes
Validation Nickel type system YAML linting Ruby syntax
State Explicit (SurrealDB) Implicit (no state) Explicit (Chef Server)
Orchestration Dependency graph with parallelism Sequential tasks Dependency graph
Agent Agentless Agentless Agent-based
AI integration MCP Server + RAG No No

Provisioning differentiator: Declarative IaC with validation before execution, not imperative scripts.

SecretumVault vs HashiCorp Vault

Aspect SecretumVault HashiCorp Vault
Post-quantum Production (ML-KEM-768, ML-DSA-65) Experimental
Crypto backends 4 (OpenSSL, OQS, AWS-LC, RustCrypto) 1 (Go crypto)
Storage backends 4 (Filesystem, etcd, SurrealDB, PostgreSQL) 10+
Secrets engines 4 (KV, Transit, PKI, Database) 10+
Language Rust (memory-safe) Go
License Proprietary/TBD BSL 1.1 (non-commercial)
Cedar policies Native ABAC Sentinel (enterprise)

SecretumVault differentiator: Production-ready post-quantum cryptography today, not experimental.

SecretumVault vs AWS Secrets Manager/Azure Key Vault

Aspect SecretumVault AWS Secrets Manager Azure Key Vault
Self-hosted Yes No (SaaS only) No (SaaS only)
Post-quantum ML-KEM-768, ML-DSA-65 No No
Multi-cloud Yes (portable) AWS only Azure only
Crypto agility 4 backends Fixed Fixed
Pricing Self-hosted (no per-secret cost) $0.40/secret/month $0.03/10K operations

SecretumVault differentiator: Self-hosted with PQC, no vendor lock-in.

Use Cases by Persona

AI Engineer

Problem: Using Claude, OpenAI, and Gemini for different tasks. No visibility of which model is best for what. Monthly bill growing uncontrollably.

Solution:

  1. Vapora coordinates agents with budget per role
  2. Kogral provides patterns and decisions to agents via MCP
  3. TypeDialog captures agent configurations in .agent.mdx files
  4. SecretumVault stores API keys securely

Result: 40% cost reduction through intelligent routing. Agents query guidelines before generating code.

Tech Lead (Multi-Project)

Problem: 5 projects with different conventions. New developers ask "how do we do X here?" repeatedly. Knowledge in Slack threads.

Solution:

  1. Kogral with guideline inheritance (Organization → Project)
  2. Capture decisions as ADRs in Decision nodes
  3. MCP integration so Claude Code respects conventions
  4. Git-native: all knowledge versioned and auditable

Result: Onboarding time reduced from 3 weeks to 5 days. AI-generated code follows project conventions.

DevOps Engineer (Multi-Cloud)

Problem: AWS + UpCloud infrastructure. YAML everywhere. Configuration errors discovered at runtime. No automatic rollback.

Solution:

  1. Provisioning with Nickel IaC (typed, validated)
  2. MCP Server for NLP queries: "What's the VPC configuration for production?"
  3. Orchestrator with checkpoints and automatic rollback
  4. SecretumVault for credentials and cloud API keys

Result: 80% reduction in runtime errors. Infrastructure changes with automatic rollback on failure.

Security Engineer

Problem: Preparing for post-quantum threats. NIST recommends migration by 2030. Current vault (HashiCorp) without production-ready PQC.

Solution:

  1. SecretumVault with OQS backend (ML-KEM-768, ML-DSA-65)
  2. Crypto agility: switch between OpenSSL/OQS without code changes
  3. Multi-backend storage (etcd for HA, PostgreSQL for audit)
  4. Cedar policies for fine-grained ABAC

Result: PQC in production today. Gradual migration without downtime.

Integration Scenarios

Scenario 1: Feature Development with AI

Developer starts task "Add OAuth2 authentication"
                    ↓
    Kogral (MCP) → "Are there auth guidelines?"
                    ↓
         Returns: "Use oauth2-rs crate + Cedar policies"
                    ↓
    Vapora assigns Architect agent → Designs architecture
                    ↓
         Developer agent implements → Queries Kogral for patterns
                    ↓
         Reviewer agent validates → Checks Cedar policies
                    ↓
    TypeDialog captures OAuth2 config (client_id, scopes)
                    ↓
    SecretumVault stores client_secret with TTL
                    ↓
    Kogral records ADR: "Why OAuth2 over SAML"

Benefit: Agent-generated code respects conventions. Decisions documented. Secrets secured.

Scenario 2: Multi-Cloud Infrastructure

"Need a K8s cluster on AWS with 3 nodes and RDS PostgreSQL"
                    ↓
         Provisioning MCP Server (NLP query)
                    ↓
         RAG searches similar configurations
                    ↓
         Generates Nickel IaC + validates types
                    ↓
    TypeDialog wizard for cluster parameters (region, instance_type)
                    ↓
         Orchestrator deploys with checkpoints
                    ↓
    SecretumVault generates DB credentials with 30d TTL
                    ↓
         Kogral records infrastructure ADR
                    ↓
    Vapora Monitor agent tracks cluster health

Benefit: Infrastructure from NLP. Typed validation. Automatic rollback. Dynamic secrets.

Scenario 3: Team Onboarding

New developer joins project
                    ↓
    Kogral exports knowledge graph (Guidelines + Patterns + ADRs)
                    ↓
    TypeDialog interactive quiz on architecture
                    ↓
    Vapora assigns onboarding tasks (read ADRs → small fix → review code)
                    ↓
    Provisioning configures dev environment (local K8s + databases)
                    ↓
    SecretumVault provides temporary credentials (7d TTL)

Benefit: Structured onboarding. Knowledge accessible. Environment automated.

Ecosystem Synergies

Synergy 1: Kogral + Vapora

  • Kogral provides guidelines to agents via MCP
  • Vapora records agent executions as Execution nodes in Kogral
  • Result: Continuous learning loop (agents query → execute → record → improve)

Synergy 2: TypeDialog + Provisioning

  • TypeDialog prov-gen backend generates Nickel IaC
  • Provisioning executes and validates with MCP Server
  • Result: Forms → Infrastructure without manual config

Synergy 3: SecretumVault + All

  • Vapora: Stores LLM API keys
  • Kogral: Encrypts sensitive ADRs
  • Provisioning: Cloud credentials with rotation
  • Result: Centralized secrets with PQC across ecosystem

Synergy 4: MCP Ecosystem

Project MCP Tools Purpose
Kogral 7 tools Query guidelines, create ADRs, search patterns
Provisioning 1 server NLP queries, RAG over IaC docs
SecretumVault Planned Dynamic secret requests

Result: Claude Code with full project context.

Pricing Strategy (Future)

Kogral

  • Free: Single project, unlimited nodes
  • Team ($49/month): 10 projects, guideline inheritance
  • Enterprise: Unlimited projects + audit + SSO

Vapora

  • Free: 100 agent executions/month, 1 LLM provider
  • Pro ($99/month): Unlimited executions, 4 providers, budget dashboard
  • Enterprise: Multi-tenant + SLA + priority support

Provisioning

  • Free: Local provider (LXD), 50 resources
  • Team ($149/month): AWS + UpCloud, 500 resources, MCP Server
  • Enterprise: Multi-cloud + audit + break-glass

SecretumVault

  • Free: Filesystem backend, KV engine
  • Pro ($79/month): etcd/PostgreSQL backend, all engines, PQC
  • Enterprise: HA + HSM + compliance reports

TypeDialog

  • Free: CLI + TUI backends
  • Pro ($29/month): Web + Agent backends, 4 LLM providers
  • Enterprise: Custom backends + white-label

Adoption Roadmap

Phase 1: Knowledge Foundation (Week 1-2)

  1. Deploy Kogral in one project
  2. Migrate existing ADRs to Decision nodes
  3. Define organization-level Guidelines
  4. Configure MCP for Claude Code

Success criteria: Agents query guidelines before generating code.

Phase 2: Agent Orchestration (Week 3-4)

  1. Deploy Vapora with 3 agent roles (Architect, Developer, Reviewer)
  2. Configure budgets per role
  3. Connect Kogral for context
  4. Run first pipeline (design → implement → review)

Success criteria: 30% cost reduction through intelligent routing.

Phase 3: Infrastructure Automation (Week 5-6)

  1. Deploy Provisioning with one cloud (AWS or UpCloud)
  2. Migrate one service to Nickel IaC
  3. Enable MCP Server for NLP queries
  4. Configure SecretumVault for cloud credentials

Success criteria: Infrastructure changes with automatic rollback.

Phase 4: Multi-Interface (Week 7-8)

  1. Deploy TypeDialog for configuration wizards
  2. Create forms for common tasks (deploy service, create user, configure monitoring)
  3. Enable prov-gen backend for IaC generation
  4. Integrate with Vapora for agent-driven forms

Success criteria: Single form definition for CLI, TUI, Web, Agent.

Phase 5: Post-Quantum Security (Week 9-10)

  1. Migrate to SecretumVault with OQS backend
  2. Generate PQC certificates (ML-DSA-65)
  3. Configure dynamic secrets with TTL
  4. Enable audit logging with 7-year retention

Success criteria: PQC in production without downtime.

Success Metrics

Cost Efficiency

  • Baseline: $2,400/month LLM costs (uncontrolled)
  • With Vapora: $1,440/month (40% reduction through intelligent routing)
  • ROI: 5 months

Development Velocity

  • Baseline: 3 weeks onboarding new developer
  • With Kogral: 5 days (knowledge graph + Claude Code integration)
  • Baseline: 2 days to deploy infrastructure change
  • With Provisioning: 2 hours (Nickel IaC + automatic rollback)

Security Posture

  • Baseline: No PQC, manual secret rotation
  • With SecretumVault: PQC in production, dynamic secrets with 30d TTL
  • Compliance: 7-year audit log retention

Code Quality

  • Baseline: 30% of AI-generated code violates project conventions
  • With Kogral + Vapora: 5% (agents query guidelines before generating)

Frequently Asked Questions

Can I use only one project

Yes. Each project works independently:

  • Only Kogral → Knowledge graph with git
  • Only TypeDialog → Multi-backend forms
  • Only SecretumVault → PQC vault
  • Only Vapora → Agent orchestration
  • Only Provisioning → Typed IaC

Synergies emerge when combining them.

How is this different from LangChain + Terraform

Aspect stratumiops LangChain + Terraform
Agent learning Execution profiles Static chains
Budget control Per-role automatic fallback Manual
IaC validation Nickel (compile-time) HCL (plan-time)
Knowledge Git-native graph with MCP Separate wiki
Integration Native (same stack) DIY glue code
Language Rust end-to-end Python + Go

Main difference: Integrated ecosystem vs disconnected tools.

Is post-quantum cryptography really necessary today

NIST recommendation: Migrate by 2030. "Store now, decrypt later" attacks are already happening.

SecretumVault approach:

  • Crypto agility: Switch between OpenSSL/OQS without code changes
  • Production-ready: ML-KEM-768 and ML-DSA-65 (NIST FIPS 203/204)
  • Gradual migration: Run classic and PQC in parallel

Benefit: Prepare today, avoid rushed migration in 2029.

What if I already use HashiCorp Vault

Migration path:

  1. Deploy SecretumVault in parallel
  2. Migrate non-critical secrets first
  3. Enable OQS backend for new secrets
  4. Gradually migrate critical secrets
  5. Decommission HashiCorp Vault

Benefit: Zero downtime. Gradual PQC adoption.

How does guideline inheritance work in Kogral

Organization guidelines:
  - Use Rust for services
  - Cedar for authorization
  - SurrealDB for persistence

         ↓ (inherited by)

Project "API Gateway" overrides:
  - Use Axum for HTTP
  - Use JWT for auth

         ↓ (inherited by)

Developer sees effective guidelines:
  - Use Rust for services (from org)
  - Cedar for authorization (from org)
  - SurrealDB for persistence (from org)
  - Use Axum for HTTP (from project)
  - Use JWT for auth (from project)

Benefit: Organization standards + project flexibility.

Contact and Next Steps

Try the Ecosystem

  1. Kogral: Clone and run locally (git-native, no dependencies)
  2. TypeDialog: Try CLI backend with example forms
  3. SecretumVault: Deploy with filesystem backend (development mode)
  4. Provisioning: Generate Nickel IaC from TypeDialog forms
  5. Vapora: Run first agent pipeline (Architect → Developer → Reviewer)

Commercial Inquiries

  • License: Proprietary / To be defined
  • Support: Enterprise SLA available
  • Custom integrations: Additional LLM providers, cloud providers, storage backends

AI-assisted development shouldn't require 10 disconnected tools. One ecosystem. Five projects. Real integration.