About Mayhem Shield

Buyer-side assurance for enterprise AI: documented findings, evidence requests, and gate-level conditions, without reselling or implementing the product under review.

What Mayhem Shield does

Assess whether controls hold for your deployment: data paths, identities, integrations, workflows, and go-live conditions, documented for approvers.

Architecture-led review, not vendor marketing checklist exercises
Evidence-based control findings and remediation priorities
One assurance model across AI deployment categories
Buyer-side independence with explicit approval criteria

Independence policy

Buyer-side reviews and vendor-side enablement are never mixed for the same tool in the same engagement.

If independence is in doubt, the assessment has no value. We do not combine those roles for one tool in one engagement.

In practice: if we were paid by a vendor to prepare materials for a tool, we will not run a buyer-side review of that tool for an enterprise client, and the reverse. Vendor-side relationships are disclosed before engagement; a current list of affected tools is maintained.

How we handle client information →

Leadership team

Tich Kadandara

Co-Founder / Technical Lead

More than twenty years in enterprise security architecture and engineering, with emphasis on cloud, identity, and AI-related governance. Co-chairs GenAI architectural review boards in large enterprise settings and routinely reviews AI solution designs from vendors, internal teams, and integrators. That enterprise review cadence informed how Mayhem Shield defines scoping, control outcomes, and evidence for client engagements. Background spans Zero Trust and identity architecture, cloud security, and AI security governance across regulated industries.

Gerald Munetsi

Business and Operations Manager

Cambridge MPhil candidate in health data science and Mastercard Foundation Scholar, building on First Class Honours in applied mathematics and economics from the University of Zimbabwe. Former assistant program manager at ZIMCARE Trust and further-education mathematics lecturer in South Africa; AWS Certified Cloud Practitioner and UNSSC SDGs Premier Certificate. At Mayhem Shield he coordinates proposals, delivery timelines, and client engagement logistics, supporting the co-founders.

Danny Hondo

Co-Founder / Technical Lead

More than twenty years in cybersecurity operations, vulnerability management, and cloud security, including public-sector environments: SIEM operations, incident response support, risk assessment, and control validation. On engagements he contributes technical delivery: architecture review, stakeholder interviews, control-gap analysis, and evidence review, with emphasis on how controls behave in live operation, not only as written.

Proof points

Why the model is grounded in enterprise work

Review experience: The framework reflects structured assurance work in large enterprise environments, not a paper-only exercise.
Architecture depth: Technical leads have assessed AI solution designs from vendors, internal teams, and integrators in live governance contexts.
Structured coverage: 84 structured control-gap categories spanning identity through integration security, informed by NIST AI RMF, NIST CSF 2.0, ISO 42001, and OWASP LLM/GenAI guidance; applicability depends on deployment pattern.
Inspectable methodology: Mayhem Shield Framework for independent review.

Deliverables

What a review produces

Documented, defensible material for approvers, scope-dependent:

Architecture and data-flow views with trust boundaries
Findings tracker: current vs. required state, severity, evidence per review area
Remediation roadmap with owners and dates
Written go/no-go with conditions at POC, pilot, production

Ready to start?

Discovery calls take twenty minutes.

We confirm deployment fit, outline review scope, and match you to the right packaged offer. No engagement starts until you decide to proceed.

Book a discovery call →