DevOps & Platform Engineering

Build secure, automated and production-ready delivery platforms

Sunesis helps organizations build reliable DevOps and platform engineering foundations for secure, automated and production-grade software delivery — designing and improving CI/CD pipelines, GitOps workflows, infrastructure as code, Kubernetes and OpenShift platforms, cloud environments, security controls and observability.

Our work supports enterprise digital platforms, API ecosystems, cloud-native applications, workflow automation platforms and AgenticAI solutions that must operate reliably in real production environments.

Built for organizations that need reliable software delivery, secure platforms and production-grade operations.

1 Ibm
2 Nlb
3 Akrapovic
4 Petrol
5 Sava
6 Otp
7 Flare
8 Generali
9 Oracle
9 Snaga
Cybergrid
Ebcont
Energetika Ljubljana
Gen I
Giz
Ministry Justice
Ministry Public Admin
Riko
1 Ibm
2 Nlb
3 Akrapovic
4 Petrol
5 Sava
6 Otp
7 Flare
8 Generali
9 Oracle
9 Snaga
Cybergrid
Ebcont
Energetika Ljubljana
Gen I
Giz
Ministry Justice
Ministry Public Admin
Riko

From delivery automation to enterprise platform engineering

Modern software delivery needs much more than a build pipeline. It needs reliable environments, automated delivery, secure infrastructure, secrets management, policy enforcement, observability and auditability — working together as a coherent platform.

Sunesis establishes these foundations across cloud, hybrid, on-premise and multi-cluster Kubernetes environments, so delivery is consistent and controlled wherever workloads run.

We build platforms that development teams can use with confidence and operations teams can trust in production — combining automation, security and governance into a single delivery foundation.

Sunesis builds enterprise DevOps and platform engineering foundations that help teams deliver software faster, safer and with stronger production control.

What we build and operate

We provide the technical foundations development teams need to deliver software quickly and reliably — without bypassing security, governance or operational control.

CI/CD pipeline engineering

Design and improvement of continuous integration and delivery pipelines that automate build, test and release while enforcing quality and security gates.

Key capabilities

  • GitLab CI/CD
  • Azure DevOps pipelines
  • GitHub Actions
  • Build and test automation
  • Security and quality gates

Infrastructure as Code

Version-controlled, repeatable infrastructure provisioning and configuration that reduces drift and manual operations.

Key capabilities

  • Terraform provisioning
  • Ansible configuration automation
  • Reusable modules
  • Version-controlled changes
  • Drift reduction

GitOps and continuous delivery

Declarative, Git-driven deployment workflows that make releases consistent, reviewable and easy to roll back.

Key capabilities

  • Argo CD
  • Declarative deployment
  • Helm and Kustomize
  • Multi-cluster GitOps
  • Rollback and drift detection

Kubernetes and OpenShift platforms

Architecture and operation of container platforms across data centers and clusters, with secure multi-tenant models.

Key capabilities

  • Kubernetes and OpenShift platform architecture
  • On-premise and multi-cluster
  • Namespace and tenant models
  • Networking and ingress
  • Kubernetes security

Cloud platform engineering

Cloud-native platform foundations on major providers, with automated infrastructure and integrated cloud identity.

Key capabilities

  • Microsoft Azure
  • Google Cloud
  • AKS
  • GKE
  • Cloud identity integration and infrastructure automation with Terraform

Security, identity and policy-as-code

Security, identity and policy controls embedded directly into the delivery platform rather than added afterward.

Key capabilities

  • Keycloak and Microsoft Entra ID
  • HashiCorp Vault secrets management
  • Open Policy Agent
  • Kyverno admission control
  • Cerbos authorization and Wultra where relevant

Observability and production operations

End-to-end visibility into platforms and applications, with the operational practices needed to run them reliably.

Key capabilities

  • OpenTelemetry
  • Instana APM
  • Centralized logging
  • Distributed tracing
  • Alerting, SLO and production readiness

Platform engineering for development teams

Internal developer platforms that make the secure and supported delivery path the easiest one for teams to follow.

Key capabilities

  • Developer platform design
  • Golden paths
  • Reusable CI/CD templates
  • Self-service environments
  • Guardrails instead of bottlenecks

DevOps for AgenticAI and AI platforms

Platform engineering and operations for AI services and AgenticAI deployments, with the security and visibility these workloads require.

Key capabilities

  • Platform engineering for KumuluzAI deployments
  • Secure deployment of AI assistants and agents
  • Secrets for model providers
  • Observability for AI services
  • Cost and usage visibility

DevOps for API and workflow platforms

Delivery foundations for API ecosystems and workflow automation, with automated configuration and controlled releases.

Key capabilities

  • Deployment foundations for API platforms
  • CI/CD for APIs and integration services
  • Gateway configuration automation
  • Temporal and Camunda platform integration
  • Release governance

Platform scenarios we support

We help organizations build and operate the delivery platforms behind a wide range of cloud, on-premise and hybrid environments.

Cloud-native delivery platforms

End-to-end delivery platforms for cloud-native applications, from pipelines to GitOps-driven Kubernetes operations.

Relevant capabilities: CI/CDGitOpsKubernetesOpenShiftTerraformAnsibleObservabilitySecurity

On-premise Kubernetes platforms

Container platforms in the data center, with the networking, storage and security needed for production workloads.

Relevant capabilities: KubernetesOpenShiftNetworkingStoragePlatform securityGitOpsMonitoring

Multi-cluster Kubernetes environments

Consistent governance and operations across many clusters and environments through multi-cluster GitOps.

Relevant capabilities: Multi-cluster GitOpsEnvironment governanceCluster lifecycleObservabilityPolicy enforcement

Enterprise CI/CD modernization

Modernized pipelines that standardize build, test and release across teams with strong quality and security checks.

Relevant capabilities: GitLab CI/CDAzure DevOpsGitHub ActionsPipeline templatesQuality gatesSecurity checks

Secure platform foundations

Identity, secrets, policy and authorization controls built into the platform so security is consistent by default.

Relevant capabilities: KeycloakMicrosoft Entra IDHashiCorp VaultCerbosKyvernoOpen Policy AgentWultraRBAC

Observability and operations enablement

Metrics, logs, traces and dashboards that give teams the visibility needed to operate platforms with confidence.

Relevant capabilities: OpenTelemetryInstanaMetricsLogsTracingDashboardsAlertingSLOs

AgenticAI platform operations

Secure, observable delivery and operations for AgenticAI workloads running on Kubernetes.

Relevant capabilities: KumuluzAIKubernetesSecrets managementModel provider configurationAudit loggingUsage visibility

API and workflow platform delivery

Delivery foundations for API gateways and workflow engines, with GitOps-driven operations and observability.

Relevant capabilities: Kumuluz APIAPI gatewaysTemporalCamundaCI/CDGitOpsObservability

Deep expertise in Microsoft Azure and Google Cloud

We design and operate cloud platforms on both major providers, and help organizations stay portable across clouds and on-premise environments.

Microsoft Azure

Azure platform architecture, AKS, Azure DevOps, Microsoft Entra ID, Terraform, CI/CD, cloud security and hybrid integration.

Google Cloud

GCP platform architecture, GKE, Terraform, CI/CD and GitOps, cloud networking and monitoring.

Hybrid and provider-neutral delivery

Workload portability, multi-cloud deployment, Kubernetes and OpenShift across environments, exit-strategy awareness and consistent identity, security and observability.

Security and governance built into delivery

Security and governance are part of the platform from the start, not controls added after delivery is already in place.

Identity and access management

Keycloak, Microsoft Entra ID and RBAC for consistent, role-based access across the platform.

Secrets management

HashiCorp Vault for centralized handling of credentials and API keys.

Policy-as-code

Open Policy Agent and Kyverno to enforce policies automatically across the platform.

Application authorization

Cerbos for fine-grained, policy-based application authorization.

Security integration

Wultra where relevant for stronger authentication and security requirements.

Pipeline security

Security checks, approvals, artifact controls and policy gates built into delivery pipelines.

Container and workload security

Image handling, workload isolation and namespace policies for secure container operations.

Auditability

Traceable records of infrastructure changes, deployments, approvals and access.

Production visibility and operational excellence

We give teams the visibility they need to operate platforms and applications reliably, from instrumentation through to incident support.

Observability is built into the platform across infrastructure, applications, APIs, workflows and AgenticAI services.

OpenTelemetry instrumentationInstana APM and observabilityMetrics and monitoringCentralized system loggingEnterprise audit loggingDistributed tracingCorrelation IDsPlatform dashboardsDeployment and release visibilityAlerting and incident supportKubernetes and OpenShift observabilityAPI and workflow observabilityAgenticAI platform observabilitySLO and production readiness

Make the right delivery path the easiest path

Platform engineering helps teams move fast within safe boundaries by making the secure, supported path the default choice.

Golden paths

Proven, supported delivery paths that teams can follow without reinventing infrastructure each time.

Reusable templates

Reusable CI/CD and infrastructure templates that standardize delivery across teams.

Self-service environments

On-demand environments that let teams provision what they need without manual handoffs.

Secure defaults

Secure-by-default configurations so the right choices require no extra effort.

Developer onboarding

Smooth onboarding so teams become productive on the platform quickly.

Governance guardrails

Guardrails that keep teams within policy and security boundaries without slowing them down.

DevOps for complex and critical environments

We work where reliability, security and traceability matter — across regulated industries and demanding enterprise platforms.

Enterprise digital platformsFinancial services and insurance environmentsEnergy and utilities systemsPublic sector platformsCloud-native business applicationsBlockchain and Web3 infrastructureAPI management and integration platformsWorkflow automation platformsAI and AgenticAI platformsMulti-team software delivery organizations

Accelerated by Kumuluz and proven platform patterns

Sunesis has a long history of building cloud-native, microservice, API-based and AI-enabled platforms through the Kumuluz product family. This experience shapes our DevOps approach with reusable building blocks, automated deployment, cloud-native foundations and platform governance.

It strengthens our ability to build and operate platforms for digital solutions, APIs, Business APIs, workflow automation and AgenticAI — on a foundation that is already proven in production.

KumuluzAI Platform

Platform foundation for deploying and operating agents, assistants and AI services securely and observably.

Kumuluz API

API management and gateway platform with delivery, configuration and operations patterns for API ecosystems.

Kumuluz Digital Platform

Engineering foundation for building and delivering services, APIs and cloud-native integrations.

Kumuluz Business APIs

Reusable business capabilities delivered and operated as governed, production-ready services.

Kumuluz Crowdsensing

Platform for distributed sensing and data collection, operated on cloud-native foundations.

How we deliver DevOps and platform engineering

We help organizations move from their current delivery setup to a reliable, automated and secure platform through a structured, engineering-driven approach.

1

Assess current delivery and platform maturity

We review existing pipelines, infrastructure, environments, security and operations to understand the starting point.

2

Define the target platform model

We define the target architecture, delivery model and governance approach for the platform.

3

Automate infrastructure and environments

We automate provisioning and configuration with infrastructure as code for repeatable, version-controlled environments.

4

Implement CI/CD and GitOps workflows

We build pipelines and GitOps workflows that make delivery consistent, reviewable and easy to roll back.

5

Integrate security and policy controls

We embed identity, secrets, policy-as-code and authorization controls directly into the delivery platform.

6

Enable observability and operations

We implement metrics, logging, tracing, alerting and SLOs to operate the platform reliably.

7

Create developer platform patterns

We design golden paths, reusable templates and self-service environments so teams can deliver within safe boundaries.

8

Support teams and evolve the platform

We support teams in adopting the platform and continuously evolve it as needs grow.

Technology expertise

CI/CD

GitLab CI/CD, Azure DevOps, GitHub Actions and pipeline templates.

Infrastructure as Code and automation

Terraform, Ansible and reusable modules.

GitOps and delivery

Argo CD, Helm, Kustomize and multi-cluster GitOps.

Container platforms

Kubernetes and OpenShift, on-premise and multi-cluster.

Cloud platforms

Microsoft Azure, Google Cloud, AKS, GKE and hybrid environments.

Security and identity

Keycloak, Microsoft Entra ID, HashiCorp Vault, Cerbos, Kyverno, Open Policy Agent and Wultra.

Observability

OpenTelemetry, Instana, metrics, logging, tracing and SLOs.

Platform engineering

Developer platforms, golden paths, reusable templates and self-service.

AI and API platform operations

KumuluzAI, Kumuluz API, API gateway operations and workflow platform operations.

DevOps and platform engineering in practice

We already apply DevOps and platform engineering across demanding enterprise and innovation environments.

Reference

Flare

DevOps and platform engineering for a large blockchain infrastructure project.

Reference

Kumuluz platforms

Cloud-native platform experience through the Kumuluz product family.

Reference

AgenticAI Platform — Zavarovalniška skupina Sava

Platform engineering, Kubernetes-based delivery, security and governance for an enterprise AgenticAI platform.

Reference

Enterprise digital platforms

DevOps across banking, insurance, energy and enterprise environments.

Reference

Research and innovation platforms

Platform engineering from international research and innovation projects.

Why Sunesis for DevOps and platform engineering

1

We build production platforms, not only pipelines

We deliver complete platforms that run reliably in production, not just isolated automation.

2

Strong Kubernetes and OpenShift expertise

Deep experience architecting and operating container platforms across environments.

3

Deep Azure and Google Cloud knowledge

Hands-on expertise across both major cloud providers and hybrid deployments.

4

Security and governance awareness

Identity, secrets, policy-as-code and auditability built into the delivery foundation.

5

Enterprise observability experience

End-to-end visibility with OpenTelemetry, Instana, logging, tracing and SLOs.

6

Developer experience and platform thinking

Golden paths, reusable templates and self-service that help teams deliver within safe boundaries.

7

AgenticAI and API platform readiness

Delivery and operations expertise for AgenticAI, API ecosystems and workflow platforms.

8

Experience in demanding environments

Proven in regulated and complex industries where reliability and traceability matter.

Need a stronger foundation for software delivery?

Whether you are modernizing CI/CD, building a Kubernetes or OpenShift platform, automating infrastructure, introducing GitOps, strengthening security, improving observability or preparing an enterprise platform for APIs, workflows and AgenticAI, Sunesis can help you design and implement a reliable DevOps and platform engineering foundation.