Audits, Sprints, Retainers
Combotto helps teams audit the gateway, MQTT, ingest, identity, and observability path under the most pressure right now.
Consulting services
These consulting services start with one edge-to-cloud path already carrying pressure. The audit creates a shared baseline, the sprint targets the highest-impact hardening work, and the retainer keeps system drift visible as the architecture changes.
Why teams bring me in
Fast audit clarity when launch pressure or customer scrutiny arrives before the architecture story is fully defensible.
System-level review across gateway, broker, ingest, identity, TLS, buffering, and telemetry paths.
Evidence-backed findings with owners, verification steps, and a clear next move for leadership and engineering.
Fast clarity
A focused review of the selected edge-to-cloud path so your team can see where security, reliability, and telemetry risk is concentrated first.
Best first step when the architecture story needs proof
Targeted hardening
A focused hardening pass on the issues most likely to hurt uptime, customer trust, or future scale.
Drift control
An evidence-backed review cadence for teams that want visibility after the audit and first hardening pass.
References / Client Case Studies
Start with the Rust gateway hardening case, then review the wider proof library for more examples of how Combotto turns system pressure into evidence, backlog, and a practical next move.
· 8 min read
Indoor Climate Field Proof
Engineering case study of integrating an SCD4x CO2 sensor with an STM32 B-L475E-IOT01A2 over I2C, publishing CO2, temperature, and humidity through MQTT with live room-state visibility and configurable CO2 alarms.
· 8 min read
Audit -> Sprint -> Retainer
How a before-hardening audit exposed four gateway and ingest findings, a focused sprint fixed them, and the after-hardening check created a clear reference point for ongoing review.
Security & Reliability Audit
A comprehensive reliability and security audit of Combotto's secure edge IoT Gateway, identifying strengths, architectural bottlenecks, and a 90-day roadmap toward production-grade resilience.
Flagship gateway path
This proof comes from Combotto's own reference Rust IoT gateway: the full Audit -> Sprint -> Retainer case is documented in the flagship gateway case study, with supporting context in the Raspberry Pi 5 migration note, the 24/7 gateway operations write-up, and the audit engine article that makes repeat runs and delta reviews possible.
On that same Raspberry Pi gateway path, the audit turned a vague gateway concern into a concrete finding set, the sprint fixed the highest-impact issues and proved the fixes held, and the retainer turned the hardened state into a reusable reference point.
Turn one pressured path into a concrete finding set the team can act on.
Fix the highest-impact issues on the same path and prove the rerun held.
Keep later releases anchored to the hardened state with a reusable comparison point.
Leadership could immediately see that the path was exposed. Engineering could see which controls were failing, why they mattered, and what to fix first.
Why it matters
The posture was visibly exposed, the failing controls were easy to identify, and the next remediation steps were already tied to evidence.
After the hardening work, the same path was checked again. The posture moved from exposed to healthy, the findings cleared, and the proof stayed tied to the same system slice.
Why it matters
The improvement stayed visible on the exact audit surface that triggered the work instead of drifting into a softer, wider scope.
The comparison report shows what improved, confirms there were no regressions, and gives the team a durable reference point for release reviews or monthly check-ins.
Why it matters
Future releases can be checked against a known-good state instead of relying on memory, reassurance, or guesswork.
Field Notes / Expertise Proof
Articles on gateway, MQTT, identity, and telemetry risk patterns that often become the starting point for an audit conversation.
If one of these pressure patterns already matches your system, prefer direct guidance on your current setup: Start the audit conversation.
· 8 min read
Notes from designing a functional prototype enclosure for the STM32 `B-L475E-IOT01A2` before field testing: which board details mattered, how documentation and real measurements shaped the print, and why service access, transport, and fast reprints mattered more than visual polish.
· 7 min read
A planning note for the next Combotto field demo: two B-L475E-IOT01A2 devices with SPSGRF-868 radios transmitting over 868 MHz, one receiver bridged by serial into a Raspberry Pi 5, and a longer-range telemetry path than Wi-Fi alone usually gives inside and around buildings.
· 7 min read
A practical look at IoT Cyber Resilience Act readiness: public security reporting, release evidence, dependency review, and a clearer path from one serious issue to verified fixes.
Send the asset or message path, what is creating pressure, and your timeline. You’ll get a recommended starting scope and the next practical step.
Direct contact
Senior IoT Consultant
What happens next
You’ll get a direct reply with the likeliest starting scope and next practical step before any call is needed.