Zumik
Security & compliance

Vulnerability checklist

The vulnerability classes Zumik continuously verifies as absent across every service, deployment, and dependency, as a reference for security reviews, pen-test scope, and automated scanning.

This is the working checklist behind Zumik's security posture. Each class is verified continuously, not signed off once. Use it as the scope for security reviews, penetration testing, and automated scanning targets.

Access control and tenancy

Cryptography and secrets

Application and input

Configuration and supply chain

Availability and observability

AI-specific

Back to the security overview

How these controls combine into the default posture.

On this page