David Wolf · Project Use Case
AI SECURITY · PRODUCT SECURITY · CONFIDENTIAL CONSULTING CLIENT
Confidential Consulting Client
Sovereign AI Mattermost Agentic Services Platform
A private AI collaboration stack combining Mattermost, a custom MFE app, Ollama, LocalAI, GitLab service workflows, model benchmarking, audit trails, and...
Designed and deployed a sovereign AI collaboration and agentic services platform using Mattermost, a custom micro-frontend Mattermost app, Ollama, LocalAI, multiple local/open models, GitLab-backed service workflows, chat-based...
Client
Confidential Consulting Client
Engagement Type
Consulting buildout
Period
2025–2026
Role
AI Security Architect / Sovereign AI Engineer / Agentic Workflow Consultant
Focus Areas
Sovereign AI, Mattermost Deployment, Custom Mattermost MFE, Ollama Integration
The Research Narrative
Strategic Problem
The challenge was not running a chatbot. It was designing a governed service platform where agents could help remediate bugs, support delivery work, preserve a trail of activity, and remain reviewable under...
What David Did
Deployed Mattermost as the collaboration and chat surface for private, team-based AI workflows.
What Became Clearer
The result was a sovereign AI collaboration and services platform that made private AI useful for real delivery work. It combined local models, enterprise chat, GitLab-backed execution,...
Consulting Proof
This is evidence of turning messy security telemetry into explainable dashboards, alert-quality improvements, and executive-ready operating views.
The Context
The client needed AI-assisted service delivery without losing sovereignty, privacy, control, or auditability. Mattermost became the collaboration surface, GitLab became the work system of record, and local AI backends provided private model execution.
The Challenge
The challenge was not running a chatbot. It was designing a governed service platform where agents could help remediate bugs, support delivery work, preserve a trail of activity, and remain reviewable under ISO 42001 and OWASP-style AI security expectations.
What I Did
- •Deployed Mattermost as the collaboration and chat surface for private, team-based AI workflows
- •Designed and implemented a custom micro-frontend Mattermost app to embed AI workflow functionality directly into the collaboration experience
- •Implemented sovereign AI integrations using local and privately controlled inference backends including Ollama and LocalAI
- •Benchmarked multiple models against different service use cases to determine practical fit for remediation, summarization, classification, code assistance, workflow support, and governance-oriented tasks
- •Designed chat-based agentic workflows that could assist with bug remediation, service work, issue analysis, task routing, and guided technical execution
- •Integrated GitLab as the system of record for service work, bugs, remediation tasks, code changes, review status, and audit trail
- •Created workflow patterns where agent output could be reviewed, scored, linked to issues, and tied to explicit acceptance criteria
- •Designed a trail-of-work model so human and AI-assisted activity could be reconstructed for review, governance, and operational accountability
The Outcome
The result was a sovereign AI collaboration and services platform that made private AI useful for real delivery work. It combined local models, enterprise chat, GitLab-backed execution, bug remediation, and governance evidence into a practical operating model.
Research Outcomes
Signal Quality
Improved the trustworthiness of operational security signals
Operational Clarity
Translated complex security data into clearer operating views
Stakeholder Visibility
Made technical risk and status easier to explain
Operational Impact
Turned raw telemetry into actionable security intelligence
Capabilities Demonstrated
Operational Reporting
Actionable views for security operations
Security Analytics
Signal investigation and event analysis
IAM / Access Control
Identity telemetry and access insights
SIEM Alert Debugging
Noise reduction and signal validation
Dashboard Development
Operational and executive views
Executive Reporting
Security data translated for leadership
Telemetry Normalization
Consistent and trusted data
Public-Safe Evidence
Shareable insights without sensitive data
Key Deliverables
- •Mattermost deployment and configuration
- •Custom Mattermost micro-frontend application
- •Sovereign AI integration architecture
- •Ollama integration
- •LocalAI integration
- •Model benchmark matrix for service-specific use cases
- •Chat-based agentic workflow design
- •GitLab-backed bug remediation workflow
Tools & Technologies
Consulting Translation
The reusable pattern is not Disney-specific: normalize fragmented security telemetry, debug low-signal alert behavior, build trusted operating views, and give leadership evidence they can act on without exposing sensitive systems.