Munich-based · MSc Info Security · Trusted by Cisco DevNet
We help enterprise NetOps and SOC teams ship AI agents that actually run in production — readiness assessments, hands-on team training, and 8-week pilots co-built with a network architect who hosts the Cisco DevNet podcast.
The gap we close
Most enterprise AI projects in network and security operations stall at the same three walls. We've shipped past each of them with real customers running real production traffic.
Vendor demos win the board meeting. Six months later there's no integration with your CMDB, your SIEM, or your change management. We build to your stack from day one.
Ansible playbooks and Python scripts don't translate to agent-based architectures, MCP, or LLM orchestration. We retrain your existing team — no replacement, no consultant dependency.
Every pilot we run includes a verification loop and explicit guardrails. Your engineers stay in the approval path. We don't sell magic; we ship metrics.
Three ways to engage
Every engagement is fixed-scope and timeline-bound. No retainers, no scope creep, no consultant-by-the-hour billing.
Readiness assessment, vendor selection, and an AI-NetOps roadmap your board can defend.
Production pilot in your NOC or SOC, co-built with your team, success metrics agreed in writing.
Custom team training on Claude Code, AI agents, and NetOps automation — for the engineers who'll own the system.
Proof, not promises
We don't ask for trust on a vendor's word. The system in the talk below resolves an OSPF outage in 8 seconds — recorded, unedited.
Eduard Dulharu walks through a real multi-agent troubleshooting workflow using ACP, A2A, and MCP standards — on the official Cisco DevNet podcast.
AutoCon 5 · Munich · June 9, 2026
A 4-hour intensive at the Network Automation Forum's flagship event. Attendees operate a live 5-agent system against a real multi-vendor EVE-NG topology, inject production-grade faults, and trace the full agent reasoning chain end-to-end.
Built on the A2A protocol, a Neo4j knowledge graph, and a LangChain RAG layer. Participants extend the system by wiring their own specialist agent using provided scaffolding — you leave with code that runs.
Who the workshop is for
What you leave with
How a pilot actually runs
Concrete steps. Each one ends with a deliverable you keep.
Two workshops with your NetOps/SOC leads. We leave with a one-page scope, success metrics in writing, and a data-access checklist.
Agent architecture stood up in your lab or staging. CMDB, SIEM, and ticketing integrations wired with read-only access first.
Agents shadow your team on real production incidents. We refine prompts, guardrails, and approval flows weekly with your engineers in the loop.
System runs autonomously within guardrails. Your team owns it — runbooks, observability, retraining playbooks transferred. We're available, not required.
Pre-built agent capabilities
Every pilot starts from one or more of these — composed, customized, and integrated into your environment.
Real-time CVE correlation, automated risk scoring, compliance reporting that holds up in audit.
Test network changes against a live replica before they touch production. Zero-risk what-if simulation.
24/7 design guidance grounded in your topology, vendors, and standards. Not generic chatbot advice.
Autonomous monitoring, predictive maintenance, and self-healing patterns with human approval gates.
Plain-English queries across your CMDB, SIEM, and telemetry. One-click remediation with rollback.
Self-assessment · 5 minutes
12 questions covering data, tooling, team skills, and risk tolerance. You'll get a numeric score, the L1–L4 maturity band you sit in, and a one-page playbook for the next 90 days. Built from 200+ enterprise assessments.
No demo follow-up unless you ask for one. We hate that pattern too.
Free · 19 lessons · 3 tiers · basic → advanced · self-paced
From "3 AM, 14,000 log lines" to a production multi-agent NOC copilot. Three tiers, twenty lessons, written for engineers who already run real networks. Start free, go deep when you're ready.
When the math is enough
It's 3 AM and 14,000 log lines.
Cluster 200 syslog lines into 5 groups; surface the anomalies with k-means + TF-IDF.
When the machine needs to understand
LLMs hallucinate my config syntax.
Tokenize Cisco configs, embed networking phrases, watch synonyms cluster in vector space.
When the base model is half-blind to your network
My network's vocab isn't in any model.
LoRA-fine-tune DistilBERT on a synthetic 5-class log-intent dataset; watch accuracy climb from random to 90%+.
When the model needs to look things up
10,000 config files, no way to search them.
Hand-build a RAG pipeline over 20 device configs — chunking, embedding, retrieval, optional generation.
When the model needs to act
Automating broken processes at high speed.
Run a tool-using agent loop with 5 tools and two safety patterns: dry-run + confirmation token.
The protocol that makes your tools portable
Vendor APIs are inconsistent; tool reuse is impossible.
Build MCP-shaped tools that hide Cisco / Juniper / Arista differences behind a unified interface.
The daily-driver container for everything we built
Now that I know AI, what do I use daily?
Set up Claude Code with CLAUDE.md, skills, hooks, and an MCP server. Run an on-call workflow end-to-end.
Ship something your team can click on
I'm a CLI engineer, not a developer.
Streamlit web dashboard for semantic device search; expose via ngrok. Share with one teammate.
When the keyboard isn't enough
I can't SSH into 50 boxes one at a time anymore.
Back up running-configs from 20 IOS/NX-OS/Junos devices with netmiko; retry on timeout, commit each version to Git.
When the counter is the truth
My 32-bit interface counter rolled over and the dashboard lied.
Detect BGP flaps across 30 days of state-change logs from 50 routers; rank the worst offenders with a 1-hour rolling window.
When the model has to defend itself
The model says P1 with 95% confidence and it's wrong half the time.
Train an XGBoost severity classifier on 50K incidents; calibrate with isotonic regression; explain a single prediction with SHAP.
When the model needs the runbook
The LLM doesn't know my topology and won't admit it.
Stand up a hybrid RAG over 500 runbooks + 6 months of postmortems; beat BM25 by 40% on MRR with cross-encoder reranking.
When the LLM has to act
I want an agent to fix BGP without rebooting the wrong router.
Build a 3-agent Analyzer/Planner/Executor crew in CrewAI with 5 tools, Pydantic guardrails, and HITL on state-changing actions.
When the demo meets 100 operators
The notebook worked. The 100-user load test didn't.
Front the M5 crew with a FastAPI gateway, tiered routing, Redis prompt cache, and PostgresSaver; cut cost-per-query 60-80%.
When the framework is on the interview
Every vendor pitch and hiring loop assumes I read LangGraph code.
Port the C1 CrewAI crew to a LangGraph StateGraph with checkpointer and interrupt_before; match eval scores; deploy via LangServe.
When sequential isn't enough
Crew(Process.sequential) hits a wall the day production does.
Replace a sequential Crew with a Flow using @start/@listen/@router; add AgentOps traces and a VCR-based regression test that catches a 10% quality drop.
When the retriever needs to be a citizen
My retriever is a Python import; no other agent can call it.
Wrap the M4 GraphRAG retriever as a FastMCP server with 4 tools + 2 resources; wire it into the M5 crew; benchmark direct vs MCP vs MCP+cache on 20 scenarios.
When five tenants share one model
Tenant A's cache hit just answered tenant B's question.
Ship a FastAPI gateway with per-tenant cache namespaces, token-bucket quotas, tiered routing, and circuit breakers; load-test 100 operators across 4 routing strategies.
When the hiring manager wants to see the trace
I have a notebook and no story about cost, drift, or rollback.
QLoRA fine-tune Llama-3.1-8B on 5,000 incident summaries; serve via Ollama as a local_ft tier; wire Opik traces gateway-to-MCP; ship a CI eval gate that blocks regressions.
Chapter 01 hits your inbox now · chapters 02–08 weekly · notebook with each. No spam, GDPR-compliant.
Or book a 30-min call with Eduard before you start.
Free · 90 minutes · Live + Q&A
The exact agent architecture from the Cisco DevNet demo — how it's designed, what each agent does, and how to deploy a minimal version in your own lab. No PhD required, no vendor pitch, no sales follow-up.
Honest fit check
The fastest way to a good engagement is being honest about a bad one. Here's how we filter.
Who you'll work with
20+ years in enterprise networking, MSc Information Security. Featured on the Cisco DevNet Create Live podcast demonstrating production AI agents resolving OSPF incidents in seconds. Author of the Medium piece "From 4-Hour Outages to 8-Second Resolutions" on real multi-agent system design.
Pilots and assessments are led personally. Training cohorts include senior collaborators — network architects and enterprise solutions architects with deep multi-vendor experience. No outsourcing, no bait-and-switch to junior staff.
Private 1:1 mentorship for CEOs and Board members building an AI-first operating model. Strategic roadmap, vendor evaluation, organizational design, and accountability check-ins. Not a course; an advisory relationship.
Pre-empting the obvious
Next step · 30 minutes
No deck, no qualifying-questions interrogation. You describe your environment, your timeline, and what your board is asking for. We tell you whether a pilot, an assessment, or honestly someone else is the right fit.