Our marketplace is built for regulated teams that need predictable isolation, verifiable controls, and humans who respond when seconds matter. Below is the security stack that protects GPUs, data, contributors, and billing flows.
Reach the rotation any time via ops@mafutai.co.za or the console > Support menu. Severity 1 incidents wake an engineer, an incident commander, and our compliance officer.
Controls span hardware, software, people, and process so a single failure never compromises our customers.
Bare metal hosts ship with CIS Level 1 baselines, signed updates, and drift detection so customer workloads always boot on a known-good image.
Every provider node sits behind a WireGuard overlay and per-instance firewalls enforced by eBPF, giving us deterministic networking paths and audit trails.
Secrets, telemetry, and chat content move across TLS 1.3 and land inside encrypted storage pools located solely in South Africa.
A pager-backed security desk owns 24/7 monitoring, tabletop-tested runbooks, and joint incident reviews with customers.
Each promise is documented in our contracts and validated by telemetry you can review in real time.
GPU leases are single tenant, and every teardown wipes VRAM, NVMe, and tmpfs before a new workload can boot.
Compute stays inside Johannesburg and Cape Town metros to meet POPIA, CPA, and local data-sovereignty requirements.
Every provider passes KYC, proof-of-hardware checks, and AML screening before their GPUs hit the marketplace.
Customers can stream real-time access logs, console actions, and billing events or request an immutable export for compliance.
Designed for auditors and engineers alike—understand what is enforced by default and where you can plug in your own tooling.
SAML/SCIM integrations, enforced MFA, and role-scoped API keys ensure that only approved operators ever touch production workloads.
Golden container templates, SBOM tracking, and attested kernel modules stop supply-chain drift before it reaches customers.
Fleet metrics, Prometheus exporters, and a managed SIEM feed our SOC so anomaly detection happens within minutes, not hours.
Dedicated POPIA and AML officers partner with engineering to review changes, document controls, and keep audit evidence up to date.
Runbooks follow NIST 800-61 and South African regulatory timelines. Customers are looped in from the very first alert.
Alerts flow into a managed SIEM with machine learning correlation and a human on-call covering 24/7. Target triage time is <5 minutes.
We isolate the affected GPU, revoke API tokens, snapshot volatile evidence, and notify customer owners immediately.
Fresh images are provisioned, Vault material is rotated, and forensic artifacts stay sealed for regulators and customer review.
POPIA/CPA breach windows (72 hours) are baked into our runbooks. We share timelines, mitigations, and next steps after every event.
Choose whichever path suits the severity of your request. Each channel is logged and tracked.
Pager-backed alias for incident response, threat intel, and urgent containment requests.
Email with the subject ‘Security finding’ or file a ticket via the console. We acknowledge within one business day.
Escalate AML, fraud, or contractual security questions directly to MafutaAI command.
