PROJECT 01

AI-Powered MSP Knowledge Platform

Six acquisitions. Six tech stacks. Six data silos. One private AI layer to connect them, designed, built, and shipped to production in a week, on infrastructure the business owns.

VIRTUALIZATIONDATABASE ENGINEERINGMODEL FRAMEWORKSAGENT FRAMEWORKSLLM INFERENCEZTNA / CYBERSECURITYPII SCRUBBINGFEDRAMP FILTERS

THE PLATFORM

HOVER TO SEE THE OUTPUT

$5,717

MRR

+2.1%

TICKETS · 12M

+19 Dec

100%

SLA COMPLIANCE

0 BREACHES

34.6h

ENG HOURS

$164/hr EFFECTIVE

65.5%

WIN RATE

19 / 29 OPPS

TICKET VOLUME · 12 MONTHS

AI-DETECTED RISKS

HIGH

Escalator clause not enforced

Ticket #709550 open 96 days. Agreement renewal window closing.

MED

96 days since last contact

Churn signal. No outreach logged since 2026-01-01.

OPP

No signed MSA on file

5 active agreements, no expiration governance. Consolidation opportunity.

QBR RECOMMENDATION · AUTO-GENERATED

NEXT ACTION

Schedule QBR within 14 days via Outlook. Lead with SLA performance (100%, 0 breaches). Enforce the agreement escalator before renewal. Propose MSA consolidation.

QBR READY RENEWAL RISK UPSELL SIGNAL

CLIENT HEALTH REPORT

Problem

A managed service provider that had grown through six acquisitions. Six companies, six tech stacks, six data silos, and no shared intelligence layer connecting any of it. The portfolio spanned clients across legal, manufacturing, nonprofit, education, and enterprise, all of whom were about to start asking about AI. The question was not whether to build. It was whether the business would own the stack or rent it from a vendor at a multiple, and whether a single person could actually wire six disconnected environments together in time to matter.

What I built

End-to-end private AI infrastructure, architected and delivered by one person in roughly a week:

A cluster of self-hosted MCP microservices that give agents scoped, audited access to business tools without exposing credentials
Two separate knowledge bases (one for developer reference, one for vendor and platform documentation) with retrieval tuned per use case
Automated BizDev pipeline that enriches, researches, and drafts personalized outreach, with a human approval gate before anything goes out
AI-driven SIEM alert triage that reads raw security events and posts a labelled, prioritized summary to the operations channel
Zero-shot classification of historical support tickets on local GPU, giving the business a clean taxonomy of what it actually gets paid to fix
PII scrubbing and FedRAMP exclusion filters between data ingestion and the model layer, so regulated content never touches the AI pipeline
Private mesh networking and a self-hosted secrets manager so the whole thing runs without a single hardcoded credential or open inbound port

What I learned

The hard part was not the AI. It was the operating discipline. Vector indexes, agent access control, credential hygiene, network segmentation, and lifecycle management are all unforgiving at production scale. Shipping AI in a week meant I had already solved those problems for twenty years. The AI just rode on top.

The data existed. Six companies worth of it. But data from six separate acquisitions is not a knowledge base, it is a pile. Before the AI could do anything useful, the data had to make sense: cleaned, structured, chunked, embedded, and indexed in a way that retrieval could actually trust. That work is invisible when it is done right and catastrophic when it is skipped. Most people skip it and wonder why their RAG pipeline hallucinates.

Technical architecture

ARCHITECTURE

On-prem compute cluster, segmented VLANs, WireGuard mesh for remote access. Zero inbound ports exposed to the internet.

RETRIEVAL

Hybrid dense and sparse search across two knowledge domains: a developer reference corpus and a vendor documentation corpus. Quantization tuned so the full stack runs on hardware the business already owned.

AGENTS

MCP microservices with per-role access control, bearer-token auth, and managed lifecycle. Agents get only the tools they need, nothing more.

AUTOMATION

Dedicated automation instances by department. BizDev, operations, service desk, and marketing each run isolated workflows with their own credentials and audit trails.

OPERATIONS

AI-driven SIEM alert triage and support ticket classification running on local inference. Analysts see a pre-labelled queue, not a raw firehose.

COMPLIANCE

PII scrubbing and FedRAMP exclusion filters sit between raw data ingestion and the AI layer. Regulated and sensitive content is stripped before it touches a model, keeping the platform viable for clients in government-adjacent and compliance-heavy verticals.

KEY NUMBERS

Acquisitions Unified

Tech Stacks Connected

One person

Build Team

One week

To Production

All work-> Start a conversation