Documentation
Mentat is easiest to understand as a private workload platform: one control plane, mixed runtimes, and a small operational surface for teams that want isolation and infrastructure control without platform sprawl.
Recommended Reading Order
CLI Reference
Start here if you want to deploy, inspect, scale, and roll back services from the terminal.
Architecture
Understand the control plane, node agent, scheduling model, and service lifecycle.
Runtime Drivers
Choose when to use Firecracker, Docker, or exec for each workload.
Security Profiles
Define how isolation and hardening differ between Firecracker, hardened Docker, legacy Docker, and internal exec workloads.
Deploy Strategies
Pick the rollout model that matches the service and the level of risk.
Infrastructure
See the reference host profile, storage layout, ports, and provisioning model.
Security Case Studies
Real incidents analyzed through Mentat's zero trust model: axios supply chain attack (Sapphire Sleet) and Zyght SaaS breach (6.1TB / 90+ orgs).
Fast Path
If you are evaluating Mentat commercially, read the docs in this order: CLI, Architecture, Drivers, Security Profiles, Deploy Strategies, and Infrastructure. That sequence explains how the product is operated before it dives into implementation details.