dynexo
Book a call
About us

Security operations, with substance.

dynexo is a team of security and network practitioners with more than two decades of production experience. We operate the leading components of the field every day. AI and ML methods are part of our operational toolkit and have been for years — the order remains: security first, automation as leverage.

Security practice · since 1999 Large mandates · regulated sectors DACH + EU customer base
Leadership

Who runs the company.

For initial conversations, audit preparation or strategic questions, please book a meeting through our office.

Florian Reinholz
Florian Reinholz
Founder & Managing Director

Florian Reinholz holds degrees in mathematics and information technology and has been a hacker for more than three decades. CCIE Security since 2005. Ten-plus years building production security automation — bots, intelligent agents and orchestration in chaotic, live environments — with his own tooling in Go, Python, C and Nim. Security is not something he applies to technology; it is the lens through which he sees technology. He founded dynexo in 2014 and turned it into part of DISION Technologies Group in 2023, the holding to which dynexo belongs as the operations company. His operating conviction: simplification and standardisation are how security scales; AI is the layer that makes it adaptive, not the layer that replaces it. He deliberately builds small, senior teams with high autonomy, treats security as architecture rather than a control layer, and runs the company on the same principle: clear scope, clear ownership, no theatre. His focus today is architecture, product strategy, and oversight of mandate responsibility — the operational depth sits with the team.

  • Mathematics & information technology
  • CCIE Security since 2005 · hacker for 30+ years
  • 10+ years building security automation (Go, Python, C, Nim)
  • Founder of dynexo (2014) and DISION Group (2023)
Book a meeting LinkedIn ↗

Initial conversations are scheduled through our office.

What guides us

Four principles, non-negotiable.

Sovereignty

Data, logs and models stay with you. We don't build back doors into your infrastructure.

AI-first

80–90% of the routine is handled by the agent fleet. We design for that reality, not against it.

No lock-in

The whole Nova9 platform fits in a VM. You can take over whenever you want.

Operator depth

We are sys-ops practitioners with 15+ years of experience — we solved tickets before we wrote software.

Why we exist

We replace dull work. So humans can do interesting things.

Routine IT operations is exhausting: triage tickets, push patches, create accounts, scroll logs, answer the same question a thousand times. The work matters — but nobody trained for it, it's nobody's calling.

We build agents that take it over. Not perfect on day one, but better every day. Every action grows the knowledge base. Every piece of feedback tunes the model.

What remains is the interesting work: designing architecture, investigating hard incidents, talking to people. The reason most IT experts started in the first place.

The team

A few experts. Scaled by AI.

A deliberately small core team — we build agents so that a team needs few people, not 30+. We sell what we live internally.

  • Sys-Ops
    15+ years
    Managed-service experience across regulated industries — financial services, healthcare, KRITIS.
  • AI platform
    End-to-end
    LLM gateways, agent frameworks, distributed message buses. We have built it twice before.
  • Compliance
    NIS2 · DORA
    We read the regulation before we write the code. Security is architecture, not stickers.
Field Record

What we have done at mandates.

We are not allowed to name our customers — that is the rule of the industry. What we name are the patterns and the outcomes.

DACH industrial group · multi-site environment · migration to a modern security standard for industrial environments

Active ransomware against the group. Where the overlay had landed, nothing broke.

In 2020/2021 we designed and rolled out a security overlay for a multi-site industrial environment — network segmentation, a hardened identity layer, our own detection stack and the escalation runbook. Migration ran by maturity tier, site by site. During the roll-out, the group was hit by active ransomware operations more than once — the reporting on those events is public. Everything that had already been migrated onto our overlay stayed operational. The parts not yet migrated were among the impacted. The same pattern held in further mandates across industrial environments and critical power-supply infrastructures. That is the proof — not a marketing claim.

Availability of migrated sites
100%
Encrypted systems in scope
0
Ransom discussion
none
Industrial Ransomware Segmentation Overlay OT/IT
Utility · critical platform with national reach

Platform built, secured, operated — and handed over clean.

Build began in 2020: architecture, network platform, security layers — on the leading components in each class. We owned operational responsibility for two years, including detection, response and maintenance. Our own AI/ML layer drove anomaly detection and response automation — four years before the industry made buzzwords of those terms. In 2022 the planned hand-over happened: documentation, training, transition plan. The customer has operated without us since. No open incident across the entire operating period.

Platform live
since 2020
Operational ownership
2 years
Hand-over without incident
2022
Customer operating
self-sufficient
Utility Critical infrastructure AI/ML Hand-over
Stations

A long line.

  1. 1999

    Roots in security & network operations

    Our founding team's practice begins — designing and operating large security and network environments for regulated mandates.

  2. 2014

    dynexo GmbH founded

    Braunschweig. Bootstrapped, funded from engagements — no venture capital, no obligations against your data. Founded by Florian Reinholz.

  3. 2017

    AI/ML in production

    First production use of AI/ML for detection and automation — years before the market made buzzwords of those terms.

  4. 2020–2022

    National utility platform

    Architecture, network platform, security layers, enhanced by our own AI/ML. Two years of operational responsibility, followed by a clean hand-over to the customer.

  5. 2020/2021

    Industrial security overlay

    Modern security standard for an industrial multi-site environment. Held under active ransomware during the migration — see the field record.

  6. 2023

    Part of DISION Technologies Group

    Florian Reinholz founds DISION Technologies Group as the parent holding. dynexo joins as the operations company; group structure carries sister entities and shared tooling.

  7. 2025 · Q1

    Nova9 AgentOS v1

    The AI layer we built internally for years, now available as a product to mandates.

  8. 2025 · Q3

    Endpoint Agents GA

    Autonomous clients in production environments. First clone hand-over to a customer.

  9. 2026 · Q1

    Knowledge Base public

    Sys-ops knowledge base usable as a module. NIS2 and DORA mappings shipped.

Where we have delivered

Sectors we have built and operated in.

Customer names stay confidential — that is the rule of our industry. The sectors don't. The list below summarises two decades of mandates carried by dynexo and, prior to founding, by our team.

  • 01
    Electricity transmission & distribution

    National and regional DSOs across federal and Länder reach. KRITIS scope, ISMS, OT/IT segmentation, audit-ready operations.

  • 02
    Federal sovereign infrastructure

    Federal-grade production environment for identity documents — sovereign components, hardened operations.

  • 03
    Industrial manufacturing

    Multi-site industrial groups — among them the security overlay that held under active ransomware.

  • 04
    International logistics & freight

    Global freight network. Multi-region availability, audit trail, segmentation across operating countries.

  • 05
    Technical inspection & certification

    Sovereign certification body — ISMS, audit trail, compliance perimeter.

  • 06
    Regulated financial services

    Automotive captive financial-services arm — BaFin-regulated, DORA-grade controls and reporting.

  • 07
    Multi-site retail

    Distributed retail estate — endpoint operations and detection at scale across hundreds of sites.

Most mandates are KRITIS or otherwise regulated; the majority sit in energy transmission and distribution. Reference details on request, under NDA.

Where we work

Sovereign, from Germany.

  • Headquarters
    Braunschweig
    Willy-Brandt-Platz 19, 38102 Braunschweig — Lower Saxony.
  • Group
    DISION Technologies Group
    dynexo is part of the DISION Technologies Group. Sister company DISION Technologies Limited Company in Vietnam delivers software development and selected operational services for our own tooling.
  • Customer data
    stays in the EU
    Tenant data and audit logs do not leave the EU. Vietnam operations work on software and tooling, not on customer data — a clear line, anchored contractually.
  • Models
    EU · DE · On-prem
    We run models where you need them — from an EU-cloud region to air-gapped.
  • Customer base
    DACH + EU
    Focus on regulated industries: BaFin, KRITIS, B3S, BSI baseline, TISAX.
Talk to the team directly hallo@dynexo.de
Next step

See Nova9 in action.

45-minute live demo of the platform against your use-cases. No sales deck — we show the actual modules, the actual audit log, the actual message bus.

Book a demo Request the datasheet