SYSTEM · ONLINE·~/jumborca / home
CUSTOMER-FACING · v1.0 · 2026.04
RESILIENCE INTELLIGENCE

2:47 AM. ·
What you need is not a faster backup —
it's a clear-headed decision.

~/jumborca·resilience, by instinct

We don't build backup software.
We build a brain for business continuity: one that can be questioned, replayed, and audited.

Start a 90-day POCWatch a 60-second decision replay
CompanyJumborca PTE LTD
CategoryResilience Intelligence
Deploymenton-prem · private · multi-cloud
Contacthello@jumborca.com
SCROLL
// 01 · self_check.md
~/audit $ ask

Before you read on,
answer five questions honestly.

AWAITING · 0/5Tick what applies. Two or more, and this site is worth reading through.
// 02 · who_we_are.md
Who we are
a software company, built in a war room
A software company that sells no hardware, runs no integration projects, and makes no slogans. One thing only: the decision layer for business continuity.
// one_sentence_version

Traditional DR sells insurance policies.
Jumborca delivers actuaries
before every recovery, we've already done the math.

Our founding team built the DR program at a nationwide commercial bank to the point of "monthly rehearsals, quarterly auditor filings." Through those years inside the war room staring at a dozen screens at midnight, we faced the same question over and over — "Is this self-healing or getting worse? What's the probability the failover actually works? If it fails, who explains it to the board?"

That's never been a question backup software could answer. It's a judgment problem. And for the last 30 years, judgment has been deeply personal and untraceable — riding on a senior engineer's instinct at 2am. Jumborca's core claim: this should be software.

Data resilience, by instinct.
Still water runs deep. Unbreakable under stress.— brand philosophy · 2026
// 03 · where_we_sit.md
Where we sit in the stack
we sit on top. never underneath.
We don't compete with your storage or replication engines. We sit on top of them, and we take over judgment.
// Business Continuity StackJumborca = L5 only · L1-L4 preserved
L5 · Decision
Decision layer SupInsight
decide · explain · audit
NEW
L4 · Orchestration
Orchestration SupDRC / SupMirror Runbook
failover · traffic · dependency
KEPT
L3 · Replication
Replication Oracle DG / Veeam / OEM storage
replica consistency · cross-site sync
KEPT
L2 · Snapshot
Snapshot storage / hypervisor snapshots
point-in-time · WORM · versioning
KEPT
L1 · Storage
Storage your existing hardware & cloud disks
physical placement · redundancy
KEPT
// one sentence for your CIOJumborca does not ask you to rip out storage, kill Veeam, or migrate to the cloud. Jumborca asks for one thing: hand over "failover vs wait" decision authority — from a 6-person war-room to a system that can be trained and audited. Every other investment stays.
// 04 · product_matrix.md
Product matrix
one platform · four apps · one brain
One platform · four apps · one brain. Mix to taste. No bundled lock-in, no hard-sell.
// 01 · SupDRC
Disaster recovery & failover
disaster_recovery_cortex

What it solves:In-city active-active · cross-region DR · business-group failover

Supports:Oracle / DB2 / MySQL / PG / SAP HANA / VMware / K8s

Core capabilities:App-level consistency · failover by business group · graceful rollback

Goal → RTO ≤ 10min · RPO ≤ 10s
View details →
// 02 · SupAI.ONE
unified cloud baas / draas
unified_cloud_protection

What it solves:End-to-end cloud protection for M365 · VMs · endpoints · databases · NAS — one console, many workloads

Supports:Tri-cloud: AWS / Azure / GCP · In-country AWS China + China Telecom · SupEdge appliance

Core capabilities:SupInsight AI-native security · WORM + BYOK + zero-trust · transparent subscription

Goal → Instant VM Power-On < 90s · second-grade RPO
View details →
// 03 · SupVault
Long-term archive & compliance retention
compliance_vault

What it solves:Long-horizon retention for finance / energy / healthcare / gov

Supports:Object storage + WORM + tiered retention + access audit trail

Core capabilities:Pre-wired for CBIRC / CSRC / energy / healthcare

Goal → evidence chain in ≤ 1h
View details →
// 04 · SupDrill
Rehearsal & audit automation
drill_and_audit

What it solves:Rehearsals are too costly, too rare, hard to report, and deviation goes unexplained

Supports:Runbook engine + sandbox targets + auto-generated regulatory reports

Core capabilities:Auto topology · measured RTO · deviation root cause

Goal → 5 days → 2 hours
View details →
// the brain across all products

SupInsight · the decision brain

The four products above answer "what to do".
SupInsight answers "whether to act, when to act, and what happens if you do".
In an era where regulators demand decision explainability, this is the moat of the entire product line.

// 01 · predict

Predict before the event

probabilistic · causal

Causal graph + time-series anomaly detection judge whether today's jitter is self-healing or deteriorating, and whether to proactively fail over. Outputs probability and cost estimates.

// 02 · explain

Explain during the event

replayable · signed

Every decision leaves a "why". Replayable, signed, deliverable to regulators or audit committees. Not a black box.

// 03 · learn

Learn after the event

RLHF · on your history

After each event, your engineers give feedback, and the model keeps improving — on your own history. It only ever understands your site.

// 06 · ransomware_replay.log
02:47 AM — a ransomware replay
60 seconds · three engines · one signed decision
Not a mockup, not a render. This is SupInsight · SupVault · SupDRC coordinating through a real ransomware incident.

02:47 AM —— the core database starts being encrypted. 11m43s later: business resumed, evidence preserved, regulator report sent.

~/jumborca / war-room › diagnose --event 2026-02-14-0247-ransomware
LIVE REPLAYsigned · replayable
- initializing -
engines
SupInsightidle
SupVaultidle
SupDRCidle
business services
payment
HEALTHY
clearing
HEALTHY
risk-ctl
HEALTHY
metrics
elapsed
00:00
confidence
-
rpo
-
rto
-
// 06 · scenarios.md
Four real scenarios
production deployments, anonymized
From customers we've already deployed. All customer names redacted.
SCENARIO A// FINANCIAL
Nationwide joint-stock bank · active-active + remote DR for core banking
core_banking / oracle_dg / vmware / 2 DC + remote site
measured RTO
8min
audit report
45min
SCENARIO B// MANUFACTURING
Large manufacturing group · rebuilding recovery capability after ransomware
sap_hana / mes / air-gap / 3 factory sites
attack → recover
2h47min
clean snapshot
12min
SCENARIO C// MULTI-CLOUD
Internet + legacy hybrid · everyday cross-cloud failover
aliyun + huaweicloud + onprem_vmware / k8s
cross-cloud switch
14min
cloud cost
↓12%
SCENARIO D// ENERGY · SOE
State-owned energy · from annual rehearsal to monthly cadence
regulatory_drill / monthly_cadence / signed_reports
cadence
1/mo
per-run
2h
// 07 · ecosystem.md
What we don't replace
what stays · what we add
Our stance is clear: protect what you've bought. Do not overthrow your stack.
Most DR projects fail not because the tech is weak, but because adoption is too expensive — customers refuse to rip out storage, backup and virtualization they've already paid for. Jumborca's stance: we try to avoid making you re-buy a single box. We integrate, then add one decision layer on top.
// database
Oracle Data Guard · GoldenGate
MySQL MGR · PG Streaming
Cloud RDS (Aliyun / AWS / Azure)
→ kept · SupInsight subscribes to lag
// virtualization
VMware vSphere / SRM
KVM · K8s · OpenShift
Huawei DCS · Sangfor
→ kept · orchestrated through native APIs
// backup
Veeam · Commvault
NBU · local vendors
→ kept · consumed as L3 input
// storage
Huawei / Dell PowerMax
Inspur / NetApp
MinIO · object storage
→ kept · S3 + WORM compatible
// cloud
Azure · AWS · Google
Aliyun · Huawei · Tencent
→ kept · Cloud-Mesh abstracts the differences
// security
EDR · SIEM · SOAR
PAM / bastion
→ integrated · standard decision event push
// itsm
ServiceNow · JIRA
local ITSM
→ integrated · flows into existing tickets
// jumborca · L5
SupInsight
SupDRC / SupMirror
SupVault / SupDrill
→ the only new layer
// 08 · compliance.md
Compliance, security, data sovereignty
evidence, not slogans
No slogans. Just the evidence we can hand over. Nine certifications held. Two in progress.
// 01 · on-prem
On-prem
fully offline · air-gap
Runs fully offline, supports air-gap isolation. Fit for DJCP, finance, energy.
// 02 · private cloud
Private cloud
dedicated vpc
Deploys inside customer VPC. Tenant-isolated. Control plane separable from data plane.
// 03 · multi-cloud
Multi-cloud
cross-cloud control plane
Cross-cloud control plane + local data plane. Azure / AWS / Google / Aliyun / Huawei / Tencent.
// 04 · sovereignty
Data sovereignty
keys stay with you
Customer data can be configured to never leave the boundary. Keys customer-managed. Full audit logging.
// compliance_matrix.mdACTIVEIN PROGRESS
ACTIVE
ITSS®
Cloud Ops Service Capability
MIIT · China
ACTIVE
ISO 9001
Quality Management System
ISO
ACTIVE
ISO 27001
Information Security Management
ISO
ACTIVE
DJCP · Level 3
China Cybersecurity Classified Protection
MPS · mandatory for finance
ACTIVE
HIPAA
Healthcare Data Protection
U.S. HHS
ACTIVE
GDPR
EU Data Protection
European Union
ACTIVE
D-U-N-S®
International Business Registry
Dun & Bradstreet
ACTIVE
Finance Software Cert.
Certified for financial industry
CBIRC · China
2026H2
ISO 27017 / 27018
Cloud Security / Cloud Privacy
ISO · target 2026H2
2027H1
SOC2 Type II
Service Organization Controls
AICPA · target 2027H1
REQUEST
Compliance pack
compliance_pack.zip
Request originals + audit whitepapers →
EMAIL
Talk to compliance
hello@jumborca.com
Direct channel for your audit / security team →
// the auditable AIAny production-affecting decision must be replayable. Every decision carries a unique ID, input snapshot, model version, reasoning path, and signed timestamp. Every edge in the causal graph carries its weight source — historical rehearsal, expert feedback, or public failure database. You can disable AI recommendations at any time and fall back to a traditional rule engine. No lock-in.
// 90_day_poc.md · a test you can say no to

For a decision layer over critical systems,
you must run it, watch it, and challenge it first
before signing anything.

Below is the standard 90-day POC we walk every customer through. At any day within those 90 days, you can terminate the POC with no fee and no explanation owed. We believe: any DR purchase that relies on contract lock-in has already lost.

// week 1-3

Discovery

current-state audit

Core system topology · existing DR inventory · last 12 months of incidents and rehearsals · regulatory scope.

Deliverable: gap diagnosis report

// week 4-9

Pilot

pilot deployment

Pick 1–2 representative systems · deploy SupDRC + SupInsight · weekly sandbox rehearsal · engineer RLHF feedback.

Deliverable: pilot runtime report

// week 10-13

Validate

validate & review

Live failover · compliance review · SLA reconciliation · ROI model · rollout plan.

Decision: continue / expand / terminate

// we put this line on the cover page of every POC agreement
~/poc $ cat policy.txt
At any day within the 90-day POC, the customer may terminate with no fee and no explanation owed.

~/poc $ cat why.txt
// because we believe any DR purchase anchored by contract lock-in has already lost.
// 01 · email
hello@jumborca.com
General inquiries · materials · POC scheduling
// 02 · compliance
compliance@jumborca.com
Audit questionnaires · security due diligence · data residency · 24h response
// 03 · visit
Suzhou · demo center
On-site SupInsight replays + full anonymized lighthouse case library