All use cases

Scheduled Security Control Verification

Zero checks your security configuration on the cadence you set, verifies each control is in place, and reports deviations before audit week.

Zero connects:SlackGitHubNotion

What Zero delivers

Scheduled Security Control Verification — sample output from Zero — screenshot 1

What the problem is

Audits used to be a quarterly all-hands fire drill: screenshots of every firewall rule, every IAM policy, every access review, assembled by hand in the week before the auditor arrives. Controls had drifted without anyone noticing; remediation happened in crisis mode. Continuous Control Verification runs the checks on a steady cadence, and drifts get caught the week they happen, not the week before the audit. The compliance team gets a dated, signed record of every check; engineering gets an alert when something drifts; auditors get evidence that's already organized.

How Zero fixes it

Step 1: Connect your tools

GitHub
GitHub
Required
GitHub. Zero reads branch protection, repo permissions, and 2FA status for all repos in scope. Read access to org settings is required.
Connect
Notion
Notion
Required
Notion. Zero stores the baseline configuration and writes verification results. Read + write access to two databases (baseline and results) is required.
Connect
Slack
Slack
Required
Slack. Zero alerts the compliance channel on drifts and posts a weekly summary. Channel write access required.
Connect

Step 2: Ask Zero

@Zero every Monday at 7am, verify our security controls. Firewall rules match the baseline in Notion, required GitHub branch protection is enabled on `main`, no repo has disabled 2FA. Log results to the Controls database and alert #compliance on any drift.
try it
Zero pulls your current security configuration
Zero reads your source-of-truth controls (branch protection, IAM, firewall rules, access reviews) from the systems where they live. No sampling: every control in scope gets checked each run.
Zero compares to the baseline you defined
Your expected configuration lives in a Notion database. Zero compares current state to baseline, flags any drift, and records pass/fail per control with a timestamp and evidence link.
Zero logs results and alerts on drift
Every run writes a dated record to the Controls database. Any drift triggers a Slack alert tagging the compliance channel and the engineer who owns the control. Auditors get an immutable history.

Step 3: Take it further

Remediate a drift
Have Zero open a ticket or PR to fix the drift automatically.
@Zero for any drift on branch protection, open a PR to restore the protection rules and tag the repo owner.
try it
Expand control coverage
Add a new control family to the verification sweep.
@Zero add GDPR controls to the weekly verification: DPA compliance, deletion-request turnaround, cross-border transfer logs.
try it
Lock the schedule
Move from weekly to daily for high-risk controls.
@Zero run prod database access verification daily, not weekly. Keep the rest on the weekly cadence.
try it

Tips for better results

Keep the baseline in one place: Notion, Drata, or your own CMDB. Scattered baselines drift silently and Zero can't check what isn't documented.
Separate 'drift' from 'exception'. A drift is a control that changed without approval; an exception is a deviation that the team approved. Zero should treat them differently.
Run the summary into audit season. Auditors love continuous logs, and 'we've been doing this weekly for two years' is a much stronger story than 'we ran the checks last week'.