About · the person and the practice

Auston DeVille, M.S.

AI Architecture Applied. I build bounded, audited agentic systems and write down what breaks.

Who I am

I'm Auston DeVille. Most people call me Stoney. I'm a detection-and-response engineer, nine-plus years building the systems that catch attackers and the systems that answer back, across SIEM, EDR, SOAR, and MITRE ATT&CK. These days most of my work is pointing fleets of AI agents at that job and then governing them hard enough that I'd actually put their output in front of an analyst.

What this site is

My open notebook on building AI you can trust in production. Not opinion pieces, working notes: I take a public idea, rebuild a small version of it, write down what held and what broke, and credit the people I learned it from. If a claim here has no proof path behind it, it doesn't get the green banner.

The one idea under all of it: AI crossed from tool to actor faster than our habits for trusting it did. So I ask the same question of every system: how much do I let the model decide, and how much do I move into execution I can audit? I call the answer . Every lever on it — Model, API, , , , , — trades a unit of for a unit of determinism you can inspect. The craft is knowing which trade to make where. The axioms are my study lens, not a claim of invention; each one stays only while the cited backing holds.

Read the essays See the axioms

How I keep myself honest

I don't get to grade my own homework, so I built something that does. Every published piece runs through , a panel of independent models reading it for contradictions, thin coverage, and overreach; four of six have to agree before the banner turns green, and the receipts stay on file. If I forget the discipline, the build remembers it for me. And if you're an agent reading this, the read-only MCP and the public graph carry the same reasoning in a shape you can traverse.

Independent reviewers per article

A six-model frontier panel: four frontier models plus two domain-specialized lenses for security and architecture. Convergence at ≥4 of 6, with verification receipts and build notes kept on file.

Proof receipt · Build note

Cited working axioms

Borrowed from Brooks, Knuth, Beck, Hickey, Hamming, Sculley, OWASP, NIST, and later governance work. Every essay declares which axioms it leaned on and what held. The catalog itself keeps getting refined.

Live catalog · Self-judgment

advisory by default

When the bar moves, prior pieces move back to advisory

The verification chain has gone through three architectures so far. Each architecture change re-classifies the prior corpus until every piece runs under the new rules.

Publication gate · Proof ledger

in code

The discipline lives in the build

A validator refuses to ship the site if any essay claims a verified status without a matching panel run on file. If the publishing step forgets the discipline, the build does not.

Validator receipt · Public MCP surface

Browse the essays See the builds

Where I draw the line

The person is in these pages now. The secrets aren't. No employer-confidential information, no customer data, no unpublished work product, no client systems. Every example here is public-source, synthetic, or sanitized, on purpose. I'd rather teach a smaller true thing than a bigger one I'm not allowed to show you.