Languages & runtimes
Managed Node.js — production from day one.
From a single Express service to a fleet of NestJS microservices. We package, scan, run, observe and roll-out — and we have read every npm advisory you should have.
What we manage
Process management
PM2 / systemd / Kubernetes pod patterns, clustering for multi-core, graceful shutdown on SIGTERM, request-draining during deploys.
Memory & GC diagnostics
Heap snapshots, --max-old-space-size tuning, V8 inspector profiling, memory-leak hunting via clinic.js / 0x.
Container packaging
Multi-stage Dockerfiles with reproducible installs, layer caching, distroless / Alpine bases, signed images.
Supply-chain security
npm audit / Snyk / Socket continuous scanning, lockfile hygiene, prevention of typo-squat packages, signed releases for internal packages.
Concurrency & cost
Worker-thread vs cluster decisions, autoscaling triggers based on event-loop lag, right-sized compute to avoid GC pressure.
Observability
OpenTelemetry instrumentation, structured logging with pino / winston, distributed tracing across HTTP / Kafka / gRPC, /healthz and /readyz endpoints.
Compatible across every cloud we manage
Same playbook on AWS, Google Cloud, Microsoft Azure and DigitalOcean — pick the cloud, we'll run the stack.
How we engage
1. Assess
Two-week audit of your current cloud setup against the provider's Well-Architected / Architecture Framework. Concrete findings, no fluff.
2. Stabilise
We close the top security, reliability and cost gaps before going into steady-state operations.
3. Operate
24/7 monitoring, on-call, change management, monthly reviews and a roadmap for the next quarter.
DIY guides & field notes
Build it yourself — or have us do it for you
Short articles, runbooks and field notes from our engineers. Each one starts here as a snippet and continues on Medium.
May 28, 20261 min read
OpenTelemetry for Node.js — the wiring that actually works in production
OpenTelemetry has won the distributed tracing argument. Here's how we instrument Node services, how we export to OTLP, and the mistakes we've already made so you don't have to.
Read snippetMay 26, 20261 min read
The npm supply chain in 2026 — lockfiles, sigstore, Socket, and the attacks we've seen
npm is the largest software supply chain in history and the most attacked. Here's the threat model in 2026 and the controls we ship on every managed Node.js stack.
Read snippetMay 23, 20261 min read
PM2 vs cluster vs containers — how we run Node.js in 2026
PM2 was the right answer in 2018. The cluster module was the right answer before that. In 2026 the answer depends on what you're optimising for.
Read snippetMay 21, 20261 min read
The Node.js memory leak playbook — heap snapshots, clinic.js, and the four patterns we keep finding
Most Node.js memory leaks aren't exotic. They're the same handful of patterns appearing in production again and again. Here's how we diagnose them.
Read snippet
Ready to take the operational load off your team?
Book a 30-minute discovery call. We will audit your current cloud setup and show you exactly where we add value.