Everything we deploy, audit, back up and keep running.

The most widely deployed language in French SMEs. Both legacy stacks to take over and modern stacks (PHP 8.4) to build.

The reference PHP framework for robust business apps: Eloquent, queues, Horizon, Octane, Inertia.

When the architecture demands more rigour: Messenger, API Platform, Doctrine. Ideal for complex, long-lived IT systems.

Server-side JavaScript runtime for real-time APIs, microservices and high-performance internal tools.

Strict typing on front and back. All our new projects are in TypeScript by default.

UI library for modern SPAs, admin dashboards and complex data-entry interfaces.

Full-stack React framework with SSR, ISR and App Router. Our choice for SEO-critical sites.

A lightweight alternative to React, ideal for adding dynamics to existing sites.

Full-stack Vue: SSR, static generation, all-in-one modules. Excellent for showcase sites and e-commerce.

Utility-first CSS for consistent UI without legacy CSS to maintain.

SPA + Laravel bridge with no REST API to build. Dev productivity × 2 on modern monolithic projects.

Dynamic components on the Laravel side with no JS to write. Perfect for internal back-offices.

Automation scripts, data processing, AI agents, ad-hoc business integrations.

Python framework for high-performance APIs with auto-generated OpenAPI. Our choice for AI microservices.

For CLI tools, system agents and services that must run as a single binary with no dependencies.

The ubiquitous SQL engine in French SMEs. We audit it, tune it, and replicate it master/slave when needed.

Open-source fork of MySQL, often better for modern workloads. Compatible but autonomous.

The most complete relational DBMS: JSONB, partitioning, extensions. Our default on new projects.

Embedded database, perfect for internal tools, prototyping and mobile apps.

In-memory cache and lightweight queues. Our standard for Laravel Horizon, sessions and rate-limiting.

NoSQL document database for specific cases: heterogeneous catalogues, log ingestion, flexible content.

Full-text search, product indexing, analytical aggregations. Paired with Kibana for visualisation.

Lightweight alternative to Elasticsearch, ultra-fast to deploy. Ideal for e-commerce and business-app search.

Systematic versioning of all code, including infra (IaC). Conventional commits and trunk-based development by default.

Our main forge: repos, CI/CD, Docker registry, issues. Self-hostable for code sovereignty.

For open-source projects or when the client prefers it. Actions, Codespaces, Packages.

Systematic containerisation of all our applications. Optimised multi-stage images, build cache, private registry.

Multi-service orchestration in local and simple prod. Our default before moving to Kubernetes.

For workloads that truly warrant it: multi-tenant, automatic scaling, blue/green deployments.

Server configuration automation: provisioning, updates, CIS hardening. Idempotent and readable.

Multi-cloud Infrastructure as Code: VPS, DNS, buckets, certificates. State versioned in GitLab.

Open-source fork of Terraform following HashiCorp's licence change. 100% compatible.

Declarative YAML pipelines, smart cache, self-hosted runners. Tests, build, deploy, security audits in one commit.

Pipelines for projects on GitHub. Reusable workflows and custom DYB actions.

High-throughput reverse proxy and web server. Our default for Laravel, Next.js and any site under real traffic.

Still present on legacy hosting. We migrate to Nginx or Caddy when relevant.

Modern web server with automatic TLS (native Let's Encrypt). Minimal configuration, perfect for microservices.

Cloud-native reverse proxy with automatic Docker/Kubernetes service discovery.

Ultra-high-performance L4/L7 load balancer for critical architectures with strong SLA requirements.

CDN, WAF, anti-DDoS, managed DNS. We put it in front of SEO sites and exposed applications.

Our reference distribution. Stable, predictable, audit-friendly. Hosts the majority of our infrastructure.

For Cloud and AI workloads (CUDA, recent drivers). LTS only in production.

Community successor to CentOS, RHEL compatible. For IT systems that require the Red Hat ecosystem without the bill.

Alternative to Rocky, backed by CloudLinux. Identical RHEL binary compatibility.

When your software vendor or your compliance demands it. We manage subscriptions and patches.

AD, RDS, fileserver, IIS. We administer, harden (CIS) and patch Windows Server from 2003 through 2025.

Ultra-light musl/busybox distribution. Our choice for production Docker images.

Daily system scripting: automation, runbooks, emergency operations.

Open-source hypervisor based on KVM + LXC. Our reference for on-premise virtualisation since 2018.

We administer vCenter, ESXi, vSAN. And we migrate when the Broadcom turn becomes untenable.

Hypervisor integrated into Windows Server. SCVMM, Failover Cluster, Live Migration. We administer and we migrate.

The mainstream Linux virtualisation engine. Under the hood of Proxmox and most clouds.

System containers (vs Docker = application containers). Ideal for persistent services like DBs or CI runners.

Global deduplication backup, infinite incrementals, encryption. Included with Proxmox.

Transactional file system with snapshots, deduplication, compression. The foundation of our storage pools.

Distributed object/block/file storage. Open-source alternative to vSAN, natively integrated in Proxmox.

Network file shares between Linux and Windows servers. AD or Kerberos authentication.

Block storage over IP for low-cost SANs. We deploy on dedicated arrays or on ZFS.

Enterprise VM backup, multi-hypervisor support (VMware, Hyper-V, and now Proxmox).

Encrypted, incremental CLI backup. Our choice for Linux server backups and homedirs.

Strong client-side deduplication backup. Ideal for nomadic workstations and isolated servers.

Sovereign alternative to Microsoft 365 / Google Workspace. Files, calendars, mail, video.

Catalyst switches, ISR routers, Meraki access points. IOS/IOS-XE and SD-WAN configurations.

Managed and ProSafe switches for SMEs. Excellent value for LANs under 200 ports.

AOS-CX switches and Wi-Fi 6/6E access points for multi-site enterprise networks.

RouterOS routers and switches. Very flexible for demanding networks on tight budgets.

UniFi: mesh Wi-Fi, PoE switches, gateways, cameras. Ideal for SMEs and modern offices.

Managed Wi-Fi and PoE switches for very small businesses and SMEs, cloud or self-hosted controller.

Modern minimalist VPN, ultra-fast. Our default choice for remote work and inter-site.

Battle-tested VPN, compatible with almost anything. Still relevant when WireGuard is not an option.

Open-source firewall based on FreeBSD. Our reference on isolated sites and secure-architecture PoCs.

A more active, modern fork of pfSense. Our default for new open-source firewall deployments.

Fortinet firewalls: NGFW, VPN, IPS, SD-WAN. For structured SMEs and regulatory compliance.

French NGFW firewall, ANSSI certified. Sovereign choice for critical operators and sensitive sectors.

Sophos NGFW with Sophos Central synchronisation. Good feature/price ratio.

High-performance open-source IDS/IPS. We deploy it in monitor or inline mode with ET Open rules.

The reference directory in Windows SMEs. We deploy, harden (Tiering, LAPS), and integrate with Linux.

Cloud AD (formerly Azure AD). Conditional Access, Intune, MFA, Privileged Identity Management.

Open-source directory for Linux or multi-OS environments without Microsoft dependency.

Open-source identity suite: LDAP + Kerberos + DNS + PKI. Our AD alternative for Linux estates.

Open-source SSO and IdP. OIDC, SAML, social brokering, MFA. We put it in front of your internal apps.

Modern Python-based IdP, a lightweight alternative to Keycloak. Our choice for SSO on smaller stacks.

Migration from on-prem Exchange, advanced anti-spam, DKIM/SPF/DMARC, legal archiving.

Collaborative sites, document management, intranets. Thought-through information architecture.

Voice, video, chat, integration with your business apps. Direct Routing telephony as an option.

MDM/MAM for Windows and mobile devices. Policies, compliance, Autopilot rollout.

EDR, XDR, Office 365 anti-phishing. An M365 security suite few SMEs use to its full potential.

Total automation of M365 and Windows Server. Audit, provisioning and remediation scripts.

Open-source SIEM/HIDS. We deploy it to monitor tens to thousands of endpoints.

Log centralisation and analysis. Fast search, alerting, operational dashboards.

ELK stack for SOCs: ingestion, correlation, threat hunting. For structured teams.

Network IDS and flow analysis. We monitor your network traffic to detect what EDRs miss.

Vulnerability scanners. Recurring audits, prioritisation by real exploitability.

Packet capture and analysis. To really understand what's happening on the wire.

The reference web pentest tool. Application penetration tests: injection, auth, business logic.

Exploitation framework for internal pentests. Validation of identified vulnerabilities.

Pentest distribution. Our standard workstation for audit/red-team engagements.

Hash cracking for AD and application password audits. Prioritised reports.

Open-source alternative to Fail2ban with community blocklists. Ideal for public-facing servers.

Our main monitoring stack in managed services: lightweight agents, business templates, powerful alerting.

Time-series database and scraper for containerised and cloud-native environments.

Unified dashboards for Prometheus, Loki, Zabbix, MySQL, etc. Our visualisation standard.

Cloud-native log centralisation. Grafana Loki + Promtail for the full pipeline.

French monitoring solution derived from Nagios. Sovereign choice for substantial IT systems.

Lightweight self-hosted external monitoring. For public sites, status pages and user notifications.

Ultra-detailed real-time metrics with auto-alerting. Excellent for ad-hoc diagnostics.

htop on steroids, CLI and Web. Our go-to for quick checks.

French sovereign hosting. Public Cloud, Bare Metal, Private Cloud VMware/HCI. Our main FR partner.

Developer-oriented French cloud. Object Storage, Kubernetes Kapsule, Serverless.

Excellent value bare metal and VPS. Datacentres in Germany and Finland.

Swiss, environmentally responsible cloud. Sovereign M365 (kSuite), good email + collaboration trade-offs.

When truly necessary (specific managed services). We avoid addictions and optimise.

AKS, App Service, M365/Entra integrations. When the stack is already at Microsoft.

BigQuery, Cloud Run, Vertex AI. For very specific data or AI workloads.

Local LLM runtime: we deploy Mistral, Llama, Qwen, DeepSeek in your infra with an OpenAI-compatible API.

CPU- and GPU-optimised LLM inference. Under the hood of Ollama and most open-source stacks.

High-performance inference server for LLMs in production. Throughput × 5 vs stock HuggingFace.

High-performance French LLM, open-weights models (Mistral 7B, Mixtral, Magistral). Our sovereign AI default.

The most used open-weight models. Llama 3.x, 4.x. We fine-tune them on your business data.

When the client accepts the US cloud. GPT-5, Embeddings, Whisper, Realtime API.

Claude API (Sonnet 4.6, Opus 4.7). Excellent for code, document analysis and agents.

LLM orchestration frameworks: RAG, agents, memory, tool-use. For complex AI workflows.

Visual workflow automation: connects ERP, CRM, mail, AI. Self-hostable.

Open-source OCR for large-scale document processing (invoices, contracts, forms).

Vector databases for semantic search and RAG. pgvector if you're already on Postgres.

Our main task tracker. Fast, opinionated, integrated with GitHub/GitLab.

When the client already has one. We adapt our method to your Atlassian process.

Project documentation, runbooks, shared knowledge base. DYB–client collaboration space.

Real-time communication. Mattermost when self-hosting is required.

Application error tracking and performance monitoring. We catch errors before your users report them.

Automated end-to-end tests on real browsers. Non-regression guarantee on critical journeys.

Unit and integration tests. Real coverage, not just decorative.

PHP static analysis at level 9. Bugs detected before prod, without execution.