Vulnerability checklist
The vulnerability classes Zumik continuously verifies as absent across every service, deployment, and dependency, as a reference for security reviews, pen-test scope, and automated scanning.
This is the working checklist behind Zumik's security posture. Each class is verified continuously, not signed off once. Use it as the scope for security reviews, penetration testing, and automated scanning targets.
Access control and tenancy
Cryptography and secrets
Application and input
Configuration and supply chain
Availability and observability
AI-specific
Back to the security overview
How these controls combine into the default posture.
GDPR and CCPA
Data residency, the right to access, erasure, portability, and rectification, consent, the DPA and sub-processor list, and CCPA Do-Not-Sell and Global Privacy Control handling.
Plans
Pay-as-you-go prepaid credits, the control-plane fee that applies on every execution path, the managed-optimization pilot, and BYOC and enterprise contracts.