Consultant-led audit work

Work directly with the engineer who reviews the system, explains the risk, and helps land the fix.

Combotto is Thomas Bonderup's consulting practice for engineering-led teams that need a sharper read on edge-to-cloud risk before customer scrutiny, release pressure, or operational drift turns into a bigger problem.

The value is not another layer between strategy and delivery. It is direct technical judgment on the architecture, evidence-backed findings, and a clear path from audit to remediation.

Start the audit conversationReview the IoT audit offer

Best fit when you already know which system slice is making leadership or engineering uneasy.

Why teams trust the review

Consultant credibility should reduce ambiguity, not add more narrative.

Teams bring me in when the architecture already exists, the stakes are real, and they need someone who can reason across devices, brokers, gateways, observability, and cloud boundaries without turning the review into a generic process exercise.

What that looks like in practice

  • Consultant-led work from first scope call through findings review and implementation follow-through.
  • Experience across telecoms, secure messaging, IoT gateways, observability, and cloud-connected device systems.
  • Hands-on delivery in Rust, Scala, and Python, with production pressure in mind instead of architecture-theater.
  • Small starting scopes designed to clarify where risk sits before teams over-invest in the wrong fixes.

When this page matters

The work usually starts when a team can feel the pressure but cannot yet defend the system with evidence.

Customer or launch pressure is rising

You need an outside read on the asset or message path most likely to create security, uptime, or trust problems.

The system works, but confidence is thin

Incidents, silent data loss, weak TLS posture, or unclear telemetry make it hard to defend the architecture with evidence.

Engineering needs a concrete next step

The goal is not a vague advisory deck. The goal is a scoped audit, a prioritized backlog, and a practical path into remediation.

Direct engagement model

Audit first. Then only the follow-through you actually need.

1

Audit first

We start with the selected assets, message paths, and operational concerns that matter now. The output is evidence, priorities, and a recommended next move.

2

Sprint if needed

If the highest-impact findings need implementation support, I stay close to the system and help harden the agreed problem areas.

3

Retainer for drift control

For teams with ongoing release or customer pressure, the retainer keeps posture visible through refreshed evidence and reprioritization.

References / Client Case Studies

Selected proof of how I work

Use these case studies to see how Combotto scopes real system problems, turns them into concrete findings, and keeps the next step practical.

View all references →
Engineering case study of integrating an SCD4x CO2 sensor with an STM32 B-L475E-IOT01A2 over I2C, publishing CO2, temperature, and humidity through MQTT with live room-state visibility and configurable CO2 alarms.

8 min read ·

STM32 SCD4x CO2 Sensor Indoor Air Quality Case Study: MQTT and I2C Integration

Indoor Climate Field Proof

Engineering case study of integrating an SCD4x CO2 sensor with an STM32 B-L475E-IOT01A2 over I2C, publishing CO2, temperature, and humidity through MQTT with live room-state visibility and configurable CO2 alarms.

stm32indoor air quality monitoringco2 monitoring

Shows the system under pressure, the evidence surfaced, and how Combotto turned that into a practical next move.

Review case study
How a before-hardening audit exposed four gateway and ingest findings, a focused sprint fixed them, and the after-hardening check created a clear reference point for ongoing review.

8 min read ·

Rust IoT Gateway Hardening Case Study: From Plaintext Ingest to Verified TLS

Audit -> Sprint -> Retainer Case Study

How a before-hardening audit exposed four gateway and ingest findings, a focused sprint fixed them, and the after-hardening check created a clear reference point for ongoing review.

rustiot gatewaytls

Shows the system under pressure, the evidence surfaced, and how Combotto turned that into a practical next move.

Review case study
A comprehensive reliability and security audit of Combotto's secure edge IoT Gateway, identifying strengths, architectural bottlenecks, and a 90-day roadmap toward production-grade resilience.

Combotto contributes to optimizing secure edge IoT gateway

Security & Reliability Audit

A comprehensive reliability and security audit of Combotto's secure edge IoT Gateway, identifying strengths, architectural bottlenecks, and a 90-day roadmap toward production-grade resilience.

iotrustgateway

Shows the system under pressure, the evidence surfaced, and how Combotto turned that into a practical next move.

Review case study

Start the audit conversation with Thomas

Send the asset or message path you want reviewed, what is creating urgency, and when you need a recommendation. You’ll get a same-day reply with a clear next step.

Or contact me directly: +45 22 39 34 91 or tb@combotto.io.

Reply to

So the recommended starting scope reaches the right person quickly.

Audit scope

Keep the intake tied to the path, the pressure, and the timing behind the decision.

Choose the closest pressure if one already stands out.

A rough timing window is enough if the date is still moving.

Helpful: the selected path, what is breaking trust or creating pressure, and the deadline attached to that decision.

Required fields are marked with *.

Response expectation

Typical response time: same business day.

Combotto.io - IoT Infrastructure | Security | Reliability Engineering
Security disclosure: /security/