I design, build, host, secure, maintain, and improve custom business applications — from internal tools and dashboards to lead platforms, monitoring systems, CRM workflows, and SaaS-style apps.
Get software designed specifically for your business — not a cookie-cutter application.
These are not cookie-cutter templates with the labels changed. Each application is built around the way a business actually works — the people, the data, the steps, and the decisions that happen every day.
Line-of-business apps shaped to your process instead of forcing your team into someone else's software.
Multi-user, multi-tenant web platforms with their own accounts, roles, and billing-ready structure.
Contacts, deals, tasks, and pipelines wired to the actual stages your business moves work through.
Business discovery, contact intelligence, and data enrichment feeding a clean sales pipeline.
Uptime, service, and device monitoring with local and remote probes and sensible alerting.
Vulnerability awareness, email security, and threat-intelligence tooling built from MSP experience.
Internal control panels that pull scattered data into one place your team can actually use.
Scheduled jobs, scraping, and enrichment that remove repetitive manual work and keep data fresh.
Connect existing software, databases, email, billing, phone, and monitoring systems so they work as one.
Customer, client, vendor, and employee portals built for the exact way each group needs to interact.
Dashboards and reports on top of your own data — searchable, exportable, and built around the numbers you actually track.
Apps designed with hosting, uptime, backups, and recovery in mind from the first line of code.
They need the right software — built around the way they already work, with room to improve. A custom app fits the business instead of asking the business to bend around generic tools.
I don't just hand over code and disappear. I can build the app, host it, secure it, monitor it, back it up, update it, and keep improving it as the business grows.
Workflow mapping, database design, application development, user roles and permissions, dashboards, and admin tooling — shaped around how the work really flows.
Hosting setup, server configuration, security hardening, and SSL/TLS handled cleanly in front by Nginx Proxy Manager while the app stays simple and locked down internally.
Backups for files and databases, monitoring for uptime and health, performance tuning, and deployment/rollback planning so changes are safe to ship.
Patching, updates, dependency review, bug fixes, feature improvements, and ongoing infrastructure support — the part most "we built it and left" projects skip.
My security experience comes from years of protecting real client systems in the MSP world — patching, monitoring, backups, firewalls, access control, and incident prevention — not from a certification binder.
The datacenter environment used for hosted applications maintains major compliance and assurance standards including PCI DSS, SOC 1 Type II, SOC 2 Type II, SOC 3, HIPAA, ISO 27001, SSAE 18, and HITRUST. Application-level compliance depends on the app, its data, users, policies, and the controls each project requires — but the hosting foundation starts with a compliant datacenter environment.
This is different from a front-end-only developer, a generic web designer, or a SaaS reseller. I build the software and operate the systems it runs on — backed by decades of development, MSP ownership, security, and business operations.
My experience goes back to programming in machine language in the 1980s. Since then, I have spent decades building, supporting, securing, hosting, and troubleshooting real business systems. From 1999 until 2023, I owned and operated an MSP, which means I was not just writing code — I was supporting clients, solving operational problems, maintaining infrastructure, securing environments, handling backups, managing vendors, and understanding how businesses actually run.
That background matters. A custom application is not just screens and buttons. It is workflow, data, security, uptime, backups, support, permissions, reporting, and long-term maintainability. The goal is software that fits the business and keeps working after it goes live.
“Custom software is better when the person building it understands the whole environment around it — the users, the workflow, the servers, the security risks, the backups, the support calls, and the business pressure behind the request.”
The difference isn't a longer feature list — it's who builds the software, how it's built, and what happens after it ships. These apps are engineered the way I protected client systems for two decades.
Access control, least-privilege, hardening, and a clear public/private separation are design decisions made on day one — not patches added after something goes wrong.
Your application is not farmed out to an offshore team or a rotating cast of contractors. One accountable builder designs it, writes it, hosts it, and maintains it.
The person who wrote the code is the person who fixes it. No support tier to escalate through, no "that was a different team" — direct answers from someone who knows the system.
No per-user taxes, no feature lockouts, no forced cloud, no losing access to your own data. Export it, back it up, integrate it, and keep using it.
Backups, monitoring, updates, and recovery are part of the build — because an app that can't be operated reliably isn't finished, no matter how it demos.
Clean, supportable architecture and ongoing maintenance, so the app keeps working — and keeps improving — long after it goes live.
Some projects are commercial. Some are built because they should exist. The open-source work is a way to give something back, share useful tools, and show real development in public — the same practical approach used in the commercial projects.
Public repositories, open-source work, experiments, utilities, and development projects — open code you can inspect, learn from, use, and improve.
Open-source, self-hosted MSP operations platform that reduces operational fragmentation by combining documentation, vault access, ticket workflows, asset tracking, procurement, reporting, and client operations into one platform — built by a former MSP owner/operator focused on practical infrastructure, workflow, and operational visibility.
Open-source modern web interface for UrBackup servers, with real-time dashboards, client management, a file browser and restore workflow, storage visibility, and multi-target disaster recovery replication. A proper web interface for the backup tool you already trust.
Open-source, infrastructure-focused Proxmox deployment and control tooling — template management, rapid VM deployment, role-based access, 2FA, audit logging, hardware monitoring, and practical infrastructure workflows that go beyond the native UI.
Centralized management for OPNsense firewalls — automated updates, firewall management, security scanning, and monitoring from a single web GUI across a fleet of devices.
Multi-tenant remote support platform built around RustDesk concepts — remote access and support organized for multiple clients, the kind of tool an MSP actually needs day to day.
Hosted business apps, operational tools, dashboards, custom application projects, MSP consulting, resources, vendor ratings, and operational-efficiency tooling — internal and client-facing applications built and run for real businesses.
Lead generation, business discovery, enrichment, and contact intelligence with AI email intelligence, multi-step campaigns, and a full CRM — built to replace several expensive single-purpose tools with one platform and a clean sales pipeline.
Legal practice management platform for law firms — case management, document drafting, client communications, and IOLTA trust accounting with multi-provider AI integration. A hosted application designed around how a firm actually operates.
Email security gateway with multi-layered protection against spam, malware, phishing, and mail/domain threats — including SPF/DKIM/DMARC enforcement and an optional AI detection layer, with full filter visibility and quarantine management.
Vulnerability scanning and threat-detection platform covering external attack surface, internal networks, and endpoints — correlating findings with threat intelligence and EPSS-driven prioritization, plus honeypot tripwires and NetFlow traffic visibility.
A designed and built custom web presence for EarthBorn Roots — a small-batch jams, botanical apothecary, and handcrafted-goods brand. A public-facing, brand-focused business site and hosted web application with product collections, designed, hosted, and maintained end to end.
Complete monitoring on a dedicated VM, built around practical MSP monitoring needs — servers, websites, network flow, syslog, and dozens of sensor types collected by local and remote probes, visualized on drag-and-drop dashboards and wallboards, with multi-channel alerting and public status pages.
Case management and evidence/workflow builder for organizing cases, records, timelines, documents, notes, and related activity — structured case preparation with everything tracked in one place.
Understand the business, workflow, pain points, users, and goals before writing a line of code.
Turn the real process into screens, roles, automations, data, and reports.
Build a practical first version quickly enough to test with real users and adjust early.
Develop the application, database, permissions, dashboards, integrations, and admin tools.
Deploy internally behind NPM / Nginx Proxy Manager with hardened config, firewalling, backups, and monitoring.
Patch, back up, monitor, fix issues, and add features as the business changes.
A few of the kinds of systems a custom application can replace, combine, or finally make dependable:
No per-user taxes. No endpoint taxes. No artificial feature lockouts. No forced cloud hosting. No enterprise-only bait and switch. No losing access to your own data.
Why pay just for permission to use software, or to access your own data? Custom and open work means you can self-host it, control it, back it up, modify it, integrate it, and keep using it.
The value is in real services — support, hosted deployments, priority assistance, integrations, security work, custom development, sponsored development, migration, and onboarding — not in locking you out of what you already paid for.
How projects run, how they're priced, where AI fits, and exactly how your application and its data are protected.
It starts with a conversation, not a contract. I learn how your business actually operates — the workflow, the people, the pain points, and what "done" looks like — then map that into screens, roles, data, and reports. From there I build a practical first version, refine it with real users, then handle hosting, security, backups, and monitoring before it goes live. After launch I keep patching, improving, and adding features as the business changes.
The short version: discovery → workflow mapping → prototype → build → host & secure → maintain & improve. You're involved at every step, and nothing ships that you haven't seen working.
Every quote follows a short discovery and workflow-mapping step, because an honest number depends on what the application actually has to do — the screens, the data, the integrations, the user roles, and the hosting and security requirements. Once the scope is clear, you get a written estimate tied to that scope.
Larger builds are usually broken into phases so you can see working software early and spread the work out, rather than paying for one large all-at-once delivery. Ongoing hosting, maintenance, and support are quoted separately so you always know what's a one-time build cost and what's recurring. No surprise line items, and no charging you for access to your own software later.
Yes — but as a helper, not the author. AI is used to speed up and automate repetitive work: boilerplate, refactoring, test scaffolding, documentation, and research. The decisions that matter — the layout, the design, how the application actually works, and the security review — are done by a human who understands the whole environment around the app.
AI accelerates the busywork so more time goes into the parts that determine whether the software is actually good: the workflow fit, the data model, the edge cases, and the security posture.
Every application is checked with my own security scanning product, ExploitHound — the same tooling sold commercially is used to vet the code I ship. It's a full-stack check, not just a quick lint of the application code:
Security isn't a box ticked at the end — it's checked from the first design decisions through every update.
Security is built into how each application is hosted and run, not bolted on afterward. Depending on the app, the protections layered in include:
Which layers apply depends on the application and its risk profile, but the goal is always the same: make the easy attacks fail and the rest expensive.
Backups cover application files, databases, and server-level recovery. They're stored on a dedicated backup server I operate, then replicated to additional backup servers so a single failure — hardware, location, or otherwise — doesn't put your data at risk. Backups are validated as part of ongoing maintenance, because a backup you've never restored is just a hope, not a recovery plan.
Yes. We can structure the agreement so you own the application outright and can take it — and your data — with you anytime you choose to leave. No per-user taxes, no feature lockouts, no forced cloud, and no losing access to what's yours.
Or you can keep it hosted with us, where security scanning, backups, and uptime are all automated and handled for you. Either way the choice is yours, and it's yours to change later — the value is in the real services around the software, not in trapping you behind recurring access fees.
Whether you need a private internal tool, a hosted SaaS-style platform, a lead system, a monitoring dashboard, or a secure workflow application, I can help design, build, host, maintain, secure, back up, update, and improve it.
Tell me a bit about what you're trying to do and I'll get back to you. Prefer email? agit8or@agit8or.net