This document reproduces every detail from the Technology Landscape and Resource Assessment with inline provenance tags. Each fact is marked as one of:
- SOURCED — directly from a file on the Cloudcore website, with the file path noted
- INFERRED — a reasonable conclusion drawn from sourced material, but not explicitly stated
- INVENTED — created for the brief; plausible and non-contradictory, but not in the repo
Current Technology Stack
Infrastructure and Operations
| VMware vSphere |
Virtualisation (~2,500 VMs) |
SOURCED |
david_wilson_cloud_infrastructure_architect.md |
| VMware deployed ~2014 |
Deployment date |
INVENTED |
Company founded 2010; virtualisation would be early infrastructure |
| AWS |
Public cloud partner, US-East Ohio default |
SOURCED |
david_wilson_cloud_infrastructure_architect.md; region from docs/policies/ |
| AWS deployed ~2018 |
Deployment date |
INVENTED |
Hybrid cloud partnership likely mid-growth |
| Azure |
Secondary cloud partner |
SOURCED |
david_wilson_cloud_infrastructure_architect.md |
| Azure deployed ~2019 |
Deployment date |
INVENTED |
Secondary to AWS; slightly later adoption |
| Terraform |
IaC, ~70% of new deployments |
SOURCED |
david_wilson_cloud_infrastructure_architect.md |
| Terraform deployed ~2020 |
Deployment date |
INVENTED |
Modern IaC, mid-maturity adoption |
| Legacy systems outside IaC |
30% gap |
SOURCED |
Same file (“70% automation coverage; legacy systems manually configured”) |
| Ansible |
Configuration automation |
SOURCED |
david_wilson_cloud_infrastructure_architect.md; docs/interviews/system_administrator.qmd |
| Ansible deployed ~2019 |
Deployment date |
INVENTED |
Replacing Chef; more modern |
| Some overlap with Chef |
Relationship between tools |
INFERRED |
Both confirmed present; overlap is reasonable assumption |
| Chef |
Legacy configuration management |
SOURCED |
docs/policies/configuration_change_management.qmd |
| Chef deployed ~2015, being phased out |
Deployment date and status |
INVENTED |
Early config tool; phase-out inferred from Ansible adoption |
| Salt |
Secondary configuration automation |
SOURCED |
Same policy document |
| Salt deployed ~2016 |
Deployment date |
INVENTED |
Between Chef and Ansible chronologically |
| Retained for specific legacy workloads |
Usage scope |
INVENTED |
Plausible reason for keeping a secondary tool |
| Kubernetes |
Container orchestration, limited adoption |
SOURCED |
michael_thompson_lead_software_developer.md |
| Kubernetes deployed ~2022 |
Deployment date |
INVENTED |
Recent, limited adoption suggests recent deployment |
| Used for internal apps, not client-facing |
Usage scope |
SOURCED |
Same file (internal microservices) |
| Prometheus + Grafana |
Monitoring and alerting |
SOURCED |
mark_gonzalez_cto.md |
| Deployed ~2020 |
Deployment date |
INVENTED |
Modern stack, mid-maturity |
| Feeds PagerDuty for on-call |
Integration |
SOURCED |
mark_gonzalez_cto.md (PagerDuty mentioned) |
Security
| Splunk SIEM |
Log aggregation, 500-800 daily alerts |
SOURCED |
mark_gonzalez_cto.md; alert count from docs/policies/ |
| Splunk deployed ~2021 |
Deployment date |
INVENTED |
Security build-up period |
| CrowdStrike |
EDR across endpoints |
SOURCED |
mark_gonzalez_cto.md |
| CrowdStrike deployed ~2022 |
Deployment date |
INVENTED |
Security maturation phase |
| Feeds into Splunk |
Integration |
INFERRED |
Standard EDR-SIEM integration; both confirmed present |
| Palo Alto firewalls |
Network perimeter, load-balanced pair |
SOURCED |
mark_gonzalez_cto.md, carlos_mendes_networks_specialist.md |
| Deployed ~2017 |
Deployment date |
INVENTED |
Pre-dates security build-up |
| Rule base reviewed quarterly post-breach |
Review cadence |
INFERRED |
Post-breach remediation includes firewall review; “quarterly” is assumed |
| Cisco switches |
Network infrastructure, 802.1x |
SOURCED |
carlos_mendes_networks_specialist.md; docs/interviews/network_engineer.qmd |
| Deployed ~2014 |
Deployment date |
INVENTED |
Core networking from early data centre |
| Segmentation improved post-breach |
Status |
SOURCED |
carlos_mendes_networks_specialist.md |
| Tenable.io |
Weekly vulnerability scans, 15-day patching |
SOURCED |
docs/policies/configuration_change_management.qmd |
| Deployed ~2021 |
Deployment date |
INVENTED |
Same security build-up period |
| Auth0 |
Identity provider, SSO |
SOURCED |
docs/policies/access_control.qmd |
| Migrated from Okta Dec 2023 |
Migration date |
SOURCED |
Same policy document |
| Some policies still reference old IdP |
Documentation gap |
SOURCED |
Same policy document (multiple sections reference “Okta”) |
Business Applications
| HubSpot |
CRM, email marketing, lead tracking |
SOURCED |
tom_bradley_marketing_manager.md |
| Deployed ~2022 |
Deployment date |
INVENTED |
CRM migration story context |
| Limited integration with operational systems |
Gap |
SOURCED |
jamal_al_sayed_data_analyst.md (data silos confirmed) |
| ServiceNow |
Change management (PRODCM) |
SOURCED |
docs/policies/change_management.qmd |
| Deployed ~2023 |
Deployment date |
INVENTED |
Recent deployment |
| Not yet integrated with monitoring |
Gap |
INVENTED |
Plausible given siloed systems |
| JupiterOne |
IT asset management, CMDB |
SOURCED |
docs/policies/asset_management.qmd |
| Deployed ~2022 |
Deployment date |
INVENTED |
Asset management maturation |
| AWS automated discovery |
Feature |
SOURCED |
Same policy document |
| Atlassian (Jira, Confluence) |
Project management |
SOURCED |
docs/policies/approved_software.qmd |
| Deployed ~2016 |
Deployment date |
INVENTED |
Mid-stage adoption |
| Ticket data not connected to analytics |
Gap |
INFERRED |
No integration between Jira and BI tools is mentioned anywhere |
| Office 365 |
Email, productivity |
SOURCED |
docs/policies/approved_software.qmd |
| Deployed ~2015 |
Deployment date |
INVENTED |
Standard early adoption |
| Slack |
Team communication |
SOURCED |
Same file |
| Deployed ~2018 |
Deployment date |
INVENTED |
Mid-growth adoption |
| Some alerting integrations |
Feature |
INFERRED |
Common Slack usage pattern; not explicitly confirmed |
Development
| GitHub Actions |
CI/CD, SAST integrated |
SOURCED |
michael_thompson_lead_software_developer.md |
| ~70% test coverage |
Metric |
SOURCED |
Same file |
| ArgoCD |
GitOps deployment to Kubernetes |
SOURCED |
Same file |
| Used for internal microservices only |
Scope |
SOURCED |
Same file |
| PostgreSQL |
Primary application database |
SOURCED |
Same file |
| Encrypted at rest and in transit |
Security |
SOURCED |
docs/policies/data_protection.qmd |
| Python (FastAPI) |
Backend API, 15+ microservices |
SOURCED |
michael_thompson_lead_software_developer.md |
| React |
Frontend framework |
SOURCED |
Same file |
| Legacy PHP |
Older application components |
SOURCED |
Same file |
| Pre-dates current security standards |
Age context |
SOURCED |
Same file (code “2 years old, pre-current standards” at time of breach) |
Analytics
| Power BI |
BI dashboards |
SOURCED |
jamal_al_sayed_data_analyst.md |
| Manual data imports from multiple sources |
Process |
SOURCED |
Same file |
| Excel |
Ad-hoc analysis |
SOURCED |
Same file |
| Still heavily used for financial/operational reporting |
Usage |
INFERRED |
Backstory describes basic BI tools; Excel is standard fallback |
Notable Gaps
| No data warehouse or data lake |
SOURCED |
jamal_al_sayed_data_analyst.md, mark_gonzalez_cto.md |
| No ML/AI platform |
SOURCED |
mark_gonzalez_cto.md |
| No MLOps or model management |
SOURCED |
Same file |
| No real-time analytics pipeline |
SOURCED |
jamal_al_sayed_data_analyst.md |
| No dedicated ETL platform |
INFERRED |
No ETL tool appears anywhere in the repo |
Data Flow Overview
| The entire diagram structure |
INVENTED |
Repo confirms silos and manual processes; the visual layout is fabricated |
| Infrastructure telemetry flows to Splunk for security only |
INFERRED |
Both systems confirmed; separation of monitoring vs security log use is inferred |
| HubSpot holds marketing/sales data only |
SOURCED |
tom_bradley_marketing_manager.md |
| No integration between operational and customer systems |
SOURCED |
jamal_al_sayed_data_analyst.md |
| Manual export to Excel/Power BI |
SOURCED |
Same file |
| Analyst (Jamal’s team) manually correlates |
SOURCED |
Same file |
| Static weekly/monthly reports |
INFERRED |
Reporting cadence not specified; weekly/monthly is assumed |
Key Data Silos Table
| Infrastructure metrics: Prometheus/Grafana, Martin Nguyen |
SOURCED |
mark_gonzalez_cto.md, cloud_service_operations_manager_martin_nugyen.md |
| Connected to PagerDuty (alerting only) |
SOURCED |
mark_gonzalez_cto.md |
| Security events: Splunk, Sophia Martines |
SOURCED |
sophia_martines_ciso.md |
| Connected to CrowdStrike, firewall logs |
SOURCED |
mark_gonzalez_cto.md |
| Support tickets: internal system, Samantha Wong |
SOURCED |
customer_support_lead_samantha_wong.md |
| Connected to nothing; manual reporting |
INFERRED |
No integration mentioned; “nothing” is editorial |
| Customer records: HubSpot, Lisa Chen |
SOURCED |
lisa_chen_cmo.md, tom_bradley_marketing_manager.md |
| Email campaigns only |
SOURCED |
tom_bradley_marketing_manager.md |
| Billing: internal system, Aisha Rahman |
SOURCED |
aisha_rahman_cfo.md |
| Manual reconciliation |
INFERRED |
Tight margins and manual processes described; “reconciliation” is assumed |
| Service usage: provisioning tools, Martin Nguyen |
SOURCED |
cloud_service_operations_manager_martin_nugyen.md |
| Batch to billing, manual validation |
INVENTED |
Plausible; no integration details exist |
| HR/access: Auth0 + AD, Karen Lee / Raj Patel |
SOURCED |
karen_lee_hr_manager.md, raj_patel_it_manager.md |
| Partial RBAC; ~40% over-provisioned |
SOURCED |
karen_lee_hr_manager.md |
Manual Processes and Gaps
| Billing reconciliation errors |
INVENTED |
No specific error rate or process described |
| Customer health reporting requires manual correlation |
SOURCED |
jamal_al_sayed_data_analyst.md |
| Jamal’s team builds reports from exported CSVs |
INFERRED |
Power BI with manual imports confirmed; CSV format assumed |
| Security-to-operations: no automated ticket creation |
INVENTED |
Plausible gap; not described |
| Access provisioning: manual coordination |
SOURCED |
karen_lee_hr_manager.md |
| ~40% over-provisioned |
SOURCED |
Same file |
| Capacity planning: spreadsheet-based |
INFERRED |
No predictive capability confirmed; spreadsheets are the default tool described |
Resource Availability
Team Capacity Table
| All team names and counts |
SOURCED |
See Brief 2 companion for per-team sources |
| Infrastructure: day-to-day, CSMP, zero trust |
SOURCED |
csmp_project.md, sophia_martines_ciso.md (zero trust planning) |
| Development: CSMP primary, legacy, security remediation |
SOURCED |
csmp_project.md, michael_thompson_lead_software_developer.md |
| Security: post-breach remediation, monitoring, compliance, zero trust |
SOURCED |
sophia_martines_ciso.md |
| Support: 500+ client support, 24/7 |
SOURCED |
sarah_thompson_coo.md |
| Data: operational reporting, ad-hoc analysis |
SOURCED |
jamal_al_sayed_data_analyst.md |
| IT: maintenance, on-call, patching, access management |
SOURCED |
raj_patel_it_manager.md |
| All availability assessments |
INVENTED |
Based on described workloads but no team has stated AI availability |
Competing Commitments
| CSMP consuming most dev capacity |
SOURCED |
csmp_project.md — described as major project |
| CSMP is pathway to enterprise expansion |
SOURCED |
Same file |
| Any AI initiative competes with CSMP |
INFERRED |
Logical given shared resources |
| Post-breach remediation is board-mandated |
SOURCED |
sophia_martines_ciso.md (board requires monthly updates) |
| Post-breach work is non-negotiable |
INFERRED |
Board mandate implies this |
| Post-breach described as “multi-quarter programme” |
INVENTED |
Scope of changes described supports this; not explicitly stated |
| ISO 27001 surveillance audit expected within 6 months |
INVENTED |
Standard ISO practice; not mentioned in repo |
| SOC 2 Type II annual recertification |
INVENTED |
Standard practice; not explicitly stated |
Budget Envelope
| $250,000 proposed |
INVENTED |
See Brief 2 companion |
| ML engineer $180-250K |
SOURCED |
karen_lee_hr_manager.md |
| Cloud AI platform $3-8K/month |
INVENTED |
Based on market rates |
| Budget is tight for hire + platform |
INFERRED |
Arithmetic from sourced salary and invented platform cost |
Timeline Pressures
| Board wants AI positioning |
SOURCED |
marcell_ziemann_ceo.md |
| Competitors marketing AI-powered services |
SOURCED |
Same file |
| CTO: 6-12 months for data engineering |
SOURCED |
mark_gonzalez_cto.md |
| Jamal: 6-12 months for data prep |
SOURCED |
jamal_al_sayed_data_analyst.md |
| CSMP delays would affect enterprise expansion |
INFERRED |
CSMP is described as enterprise pathway; delay impact is logical |
Existing Vendor Relationships
| All vendor names |
SOURCED |
docs/policies/approved_vendors.qmd (DOC-COMP-007) |
| Third-party risk assessment strengthened post-breach |
SOURCED |
sophia_martines_ciso.md |
| All “Relevance to AI” assessments |
INVENTED |
Vendor list is sourced; AI capabilities are real product features but applicability to Cloudcore is assumed |
| Observation about existing AI capabilities not being used |
INFERRED |
Logical given confirmed tools (Splunk, CrowdStrike, HubSpot) with known AI features |
| AWS/Azure provide managed AI without new vendor onboarding |
INFERRED |
Standard cloud partnership benefit |
Previous Change Initiative Outcomes
ISO 27001 Certification (Success)
| Took nearly 2 years |
SOURCED |
sophia_martines_ciso.md |
| Against initial 12-month target |
INVENTED |
Repo says “nearly two years” implying it took longer than planned; 12-month target is fabricated |
| Achieved certification |
SOURCED |
Same file, cloudcore_company_overview.md |
| Strong executive sponsorship |
INFERRED |
CISO led it; CEO supportive per backstories |
| Clear business driver (enterprise clients) |
SOURCED |
marcell_ziemann_ceo.md |
| Sophia as dedicated project lead |
SOURCED |
sophia_martines_ciso.md |
| External auditor managed well |
INVENTED |
Plausible; no audit details in repo |
| Scope underestimated |
INFERRED |
“Nearly two years” implies underestimation |
| Staff resistance to new processes |
INVENTED |
Plausible for a growing company; not stated |
| Documentation burden strained team |
INVENTED |
Plausible given small team; not stated |
| Resource contention with operational work |
INFERRED |
Small team, operational demands confirmed |
| “Lessons for AI” framing |
INVENTED |
Editorial analysis |
Auth0 Migration (Partial Success)
| Migration from Okta to Auth0 |
SOURCED |
docs/policies/access_control.qmd |
| December 2023 timing |
SOURCED |
Same document |
| Policies still reference Okta |
SOURCED |
Same document (multiple sections) |
| Session timeout inconsistencies |
SOURCED |
Same document (conflicting values) |
| Technical migration completed on schedule |
INVENTED |
No timeline details exist |
| Minimal user disruption |
INVENTED |
Not described |
| Auth0 integration worked smoothly |
INVENTED |
Not described |
| On time and within budget |
INVENTED |
Not described |
| No change management plan for docs |
INVENTED |
The gap exists (sourced); the absence of a plan is inferred |
| Training materials not updated |
INVENTED |
Plausible extension of documented policy gap |
| No post-migration review conducted |
INVENTED |
Inferred from ongoing documentation drift |
| Framing as “partial success” |
INVENTED |
The repo shows the gap without characterising it |
| “Lessons for AI” framing |
INVENTED |
Editorial analysis |
CRM Consolidation (Failure)
| This entire story was invented |
INVENTED |
See below for sourced foundations |
| HubSpot is current CRM |
SOURCED |
tom_bradley_marketing_manager.md |
| CRM data has duplicates, missing fields |
SOURCED |
jamal_al_sayed_data_analyst.md |
| No CRM integration with billing/support |
SOURCED |
Same file |
| Sales team adoption incomplete |
INFERRED |
Marketing uses HubSpot fully; sales pipeline tracking not mentioned |
| Prior “legacy contact management system” |
INVENTED |
Something preceded HubSpot; name and nature fabricated |
| Migration as defined project (2021-2022) |
INVENTED |
Timeline fabricated |
| 3 months late, 40% over budget |
INVENTED |
Specific failure metrics fabricated |
| Sales staff using spreadsheets |
INVENTED |
Plausible given low CRM adoption; not confirmed |
| Data quality caused by migration |
INVENTED |
Problems exist (sourced); migration as cause is assumed |
| Post-migration cleanup never resourced |
INVENTED |
Problems persist (sourced); “never resourced” is fabricated |
| “Lessons for AI” framing |
INVENTED |
Editorial analysis |
Summary of Key Constraints
| Data readiness is primary bottleneck |
SOURCED |
jamal_al_sayed_data_analyst.md, mark_gonzalez_cto.md |
| 6-12 months preparation |
SOURCED |
Both files |
| CSMP consumes development capacity |
SOURCED |
csmp_project.md |
| AI needs external resources or delayed timeline |
INFERRED |
Logical given CSMP commitment |
| $250K is tight |
INVENTED (amount) / INFERRED (tightness) |
Budget is invented; tightness is arithmetic |
| Change management is known weakness |
INFERRED |
Auth0 gap is sourced; CRM issues support pattern; “known weakness” is editorial |
| Security governance required first |
SOURCED |
sophia_martines_ciso.md |
| CISO has board backing |
SOURCED |
Same file (monthly board reporting) |
Cross-References
| Support docs at cloudcore.eduserver.au/docs/support/ |
SOURCED — real pages |
| Policies at cloudcore.eduserver.au/docs/policies/ |
SOURCED — real pages |
| Logs at cloudcore.eduserver.au/docs/logs/ |
SOURCED — real pages |
This reference document is for instructor use. It combines sourced facts and invented details into a single annotated view of the Technology Landscape and Resource Assessment.