Patch Tuesday · Cycle 2026-Q1
-
14:00AIInventory pulled
-
14:02AIRisk classified
-
14:05HumanStaging approved
-
14:10AITest ring rolled out
-
14:25AITest ring validated
dynexo has been building and operating large security and network environments for two decades — from mid-market to critical platforms of national reach. Built on the leading components in the field: Cisco, Check Point, Palo Alto Networks, Fortinet. AI- and ML-driven detection and automation have been part of our day-to-day operations for years — not on a roadmap.
We don't recommend a component we haven't solved tickets with. We know the strengths, quirks and failure modes of the leading vendors — because we run them in production.
Configuration, hardening, audit. Operated in large mandates for more than two decades.
Edge security, zero-trust access, inspection for hybrid workforces.
Site interconnect, app-aware routing, integrated with security policy.
Cisco ACI as the single source of truth for datacenter segmentation — large mandates, 100% automated.
Content filtering, SSL inspection, DLP pre-hooks, e-mail security (DMARC enforce).
High-availability publishing, TLS offload, WAF integration, application delivery.
Lifecycle, federation, conditional access, sign-in risk, service accounts.
Just-in-time, session audit, four-eyes for admin access.
Splunk operations in large estates. Correlation, detection engineering, runbooks.
Safe bridges between IT and OT. Detection rather than blind blocking.
Architecture reviews, pentests and red-team exercises — Burp, Metasploit and Nmap, paired with LLM-driven recon and reporting where customers allow.
Vendor-neutral in advice, hardened in practice. Network & security: Cisco · Check Point · Palo Alto · Fortinet · Versa · CATO · VMware NSX · Arista · HPE Aruba. Edge & SSE: Netskope · Zscaler · Cloudflare · Cisco Umbrella. Identity & PAM: Microsoft Entra · Okta · Auth0 · CyberArk · Teleport · BeyondTrust. SIEM: Splunk · IBM QRadar · FortiSIEM. OT: Claroty · Nozomi · Dragos · Cisco IE.
We learned it on large Cisco ACI mandates: 100% automation and AI only hold up when a single, versioned source of truth lies beneath them. We encode security and business rules as code — one source. Processes, automation and agents move inside those rules.
Security and business rules live in code, versioned. No Excel exports, no shadow configurations, no drift. Diffable, auditable, traceable.
Every workflow references the policy it checks against. We always know why a decision went one way and not the other.
AI can act, but never past policy. Vendor changes cost time, not control. The rules outlive the tooling.
Every agent action traces back to the rule that authorised it. No black-box behaviour, no scrambling for an explanation in front of an auditor.
def on_request(req):
if req.contains_pii() and not req.user.has_role("dpo"):
return deny("PII without DPO approval")
if req.tokens > budget.daily_remaining(req.tenant):
return route("fallback-model")
return allow()Security vendors are not allowed to name clients. What we can name are the patterns — and the outcomes. Two examples from our practice.
We designed the security overlay and implemented a modern security standard for industrial environments. The standard has held under active attack across multiple mandates — industrial and critical power-supply infrastructures. The most prominent: a DACH industrial group hit several times during the migration. Everything already migrated stayed available.
Security architecture and network platform built on the leading security and network components, enhanced by our own AI/ML layer for detection and automation. Two years of operations by dynexo. Clean hand-over in 2022 — the customer has run it independently since.
More detailed reports from our mandates are on the »About« page.
An industry shift that already happened in software engineering — and is just as inevitable for IT operations.
The model isn't "small vendor vs large vendor." The model is different.
Async, distributed, fully audited. Not a script with an LLM API behind it, but a real platform with message bus, observability and safety layer.
Each module is usable on its own — or as a full system run by our team.
Our own layer in front of every model. Guardrails, input/output normalisers, model tuning, budgets, rate-limits, full audit log.
Agents that connect to your business systems — ERP, CRM, ticketing, mail, file systems. Not private chat toys; integrated into real operations.
Autonomous agents on your clients. You can go home — the client keeps working: answering requests, running routines, solving problems.
Years of curated sys-ops knowledge. Endpoint Agents get answers that would otherwise be scattered across forums — contextual and direct.
Distributed and resilient. Agents work in parallel and communicate reliably. No SSE bottleneck, no lost actions.
Every action, every LLM call, every tool use — structured, searchable, exportable. Your audit trail stays with you.
Sovereignty here isn't marketing — it's architecture. Every layer is designed so you stay in control, including over us.
A real, anonymised sequence. Three human decisions, the rest by the agent fleet. Every action in the audit log inside your system.
Routine IT operations is exhausting: triage tickets, push patches, create accounts, scroll logs, answer the same question a thousand times. The work matters — but nobody trained for it, it's nobody's calling.
We build agents that take it over. Not perfect on day one, but better every day. Every action grows the knowledge base. Every piece of feedback tunes the model.
What remains is the interesting work: designing architecture, investigating hard incidents, talking to people. The reason most IT experts started in the first place.
45-minute live demo of the platform against your use-cases. No sales deck — we show the actual modules, the actual audit log, the actual message bus. You decide whether a pilot makes sense.