Skip to main content

Overview

The Zenable Marketplace provides curated requirements from publishers covering security, compliance, best practices, and industry standards. Browse available requirements at zenable.app/requirements.

Using Marketplace Requirements

Marketplace requirements integrate seamlessly with your governance workflow - browse, enable, and customize requirements to fit your needs.

Managing Requirements

You have full control over how marketplace requirements work in your environment:

Extend Requirements

Add custom exclusions, positive/negative examples, or additional context to marketplace requirements without modifying the core definition.

Version Pin

Lock requirements to specific versions to ensure consistent enforcement across your team and prevent unexpected changes. The UI notifies you when newer versions are available.

Disable Requirements

Temporarily or permanently disable requirements that don’t apply to your use case while keeping them available for future use.

Attach Scopes

Define where requirements apply using scopes like product, environment, path patterns, file extensions, repositories, or custom boolean logic combining multiple scope types.

Customization Examples

Positive/Negative Examples Improve enforcement accuracy by providing examples that pass or fail the requirement:
  • Positive example (passes): For “always verify TLS certificates”, show requests.get(url, verify=True)
  • Negative example (fails): For the same requirement, show requests.get(url, verify=False)
File/Directory Exclusions Use scope expressions to exclude paths where requirements shouldn’t apply. Pseudocode example: 
NOT path_pattern:tests/fixtures/**/*.py
This excludes all Python files under tests/fixtures/ from the requirement. Scope expressions support boolean logic (AND, OR, NOT) for complex rules. Scope Attachment Requirements can be scoped to specific contexts. Examples:
  • product:mobile-app - Only apply to mobile app code
  • environment:prod - Only enforce in production
  • file_extension:.py - Only check Python files
  • path_pattern:src/**/*.ts - Only TypeScript in src/ directory
Complex scopes combine rules: (product:mobile-app AND environment:prod) OR path_pattern:critical/**

Becoming a Publisher

Want to share your requirements with the Zenable community? Email [email protected] to apply to become a marketplace publisher. We’re particularly interested in organizations and project maintainers or power users who can contribute:
  • Deterministic static analysis tool integrations
  • Guardrail language implementations
  • Security and compliance frameworks
  • Industry-specific best practices
  • Open source project guidelines
  • Enterprise governance standards

Next Steps