Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.zenable.io/llms.txt

Use this file to discover all available pages before exploring further.

Overview

Security vulnerabilities hide in complex codebases and evolve with new threats. Zenable provides continuous security scanning with context-aware vulnerability detection and remediation, delivering a proactive security posture with significant reduction in vulnerabilities reaching production.

Out-of-the-Box Protection

Zenable automatically detects these security vulnerabilities:

Standard Security Checks

  • OWASP Top 10 - SQL injection, XSS, broken auth, etc.
  • Cryptographic Weaknesses - Weak algorithms, poor randomness
  • Hardcoded Secrets - API keys, passwords, tokens
  • Injection Attacks - Command, LDAP, XML injection
  • Insecure Deserialization - Unsafe object handling
  • Known CVEs - Checks against vulnerability databases

Custom Security Requirements

Enforce your organization’s specific security policies:
“All financial transactions must use our SecurePayment service with dual-approval workflow, all PII must be encrypted with AES-256-GCM, and all external APIs must use mTLS with certificate pinning.”

In Action

# Run comprehensive security scan with both standard and custom checks
zenable check '**/*.{py,js,ts,go,java}'

Custom Security Examples

Example: Financial Services Requirements

Your Policy: “All payment processing must use tokenization and include fraud detection scoring” 
# ❌ AI/developer might write
def process_payment(card_number, amount):
    charge_card(card_number, amount)
    return "success"

# ✅ Zenable enforces your requirements
def process_payment(payment_token, amount, user_context):
    fraud_score = fraud_detection.analyze(user_context, amount)
    if fraud_score > 0.7:
        security_team.alert(user_context, fraud_score)
        return "requires_review"

    result = tokenized_payment.process(payment_token, amount)
    audit_log.record_payment(result, fraud_score)
    return result

Example: Healthcare Data Protection

Your Policy: “All PHI must be encrypted at field level with key rotation every 30 days” 
# ❌ Standard encryption
def store_patient_data(patient_data):
    encrypted = encrypt(json.dumps(patient_data))
    db.save(encrypted)

# ✅ Zenable enforces field-level encryption
def store_patient_data(patient_data):
    encrypted_fields = {}
    for field, value in patient_data.items():
        if field in PHI_FIELDS:
            key = key_manager.get_current_key(field)
            encrypted_fields[field] = field_encrypt(value, key)
        else:
            encrypted_fields[field] = value

    db.save(encrypted_fields)
    key_manager.schedule_rotation()

Example: Zero Trust Architecture

Your Policy: “All internal service calls must use mutual TLS with service mesh integration” 
# ❌ Direct service calls
def get_user_profile(user_id):
    response = requests.get(f"http://user-service/users/{user_id}")
    return response.json()

# ✅ Zenable enforces zero trust
def get_user_profile(user_id):
    response = service_mesh.call(
        service="user-service",
        endpoint=f"/users/{user_id}",
        mtls_cert=get_service_certificate(),
        verify_peer=True,
        timeout=5000
    )
    return response.json()

Benefits

  • Proactive Security Posture - Find vulnerabilities before attackers do
  • Custom Policy Enforcement - Ensure your specific security requirements are met
  • Reduced Security Debt - Prevent vulnerabilities from accumulating
  • Compliance Ready - Meet regulatory security requirements