We’re excited to announce that the Zenable MCP server now supports OAuth natively.✅ Your existing config will keep working✅ Most IDEs will no longer rely on the old node dependency✅ You can now setup a new IDE or refer a friend just by just logging in - no API keys requiredUpgrading is easy:uvx zenable installThat one command will detect your IDEs and either install or upgrade your MCP configs automatically. No breaking changes — just a cleaner, more modern setup.If you’re happy with your current setup, no rush. But if you want to future-proof your workflow, and clean up any API keys from config files, now’s the time to run the upgrade.⚠️ Note: If you were using Kiro, we’ve had to drop support for now. Kiro doesn’t currently support secure remote MCP servers, which we require for obvious reasons. We’ll be monitoring the situation closely and will re-enable support as soon as they do.

Want to login with your Google, Microsoft, or GitHub accounts? No problem!We now support a wide range of login options so you can use what’s most convenient (and secure) for you.Not seeing the one you want? Let us know!

Don't have everything as well documented as you'd like? Yeah, you and everyone else that we talk to.But that shouldn't stop you - in fact, now it doesn't! You can add requirements or controls directly through our interface and they will automatically (1) generate policy as code for deterministic enforcement, (2) get deployed into your tenant for use by the MCP server and PR Review bot, and (3) allow edits, disabling, re-enabling with just a click.

One of the things that stands out at Zenable is how extreme we take "ease of use." That's why we just released a new package which installs the Zenable MCP server and hooks for all of your projects, with just ONE command. Just run uvx zenable-mcp install and you're off to the races. Add --recursive if you're really feeling it, and check out the project on pypi to learn moreStay posted for some new features... 😁

That's a great question, we also wanted to know so today we're releasing our public status page. It looks pretty good to us 🤩 Check it out yourself at zenable.io/status

Ever wish it was just that easy to prevent AI generated mistakes? Well now it's even easier, with our graph-based validation steps, now our reviews not only have world-class context engineering and deterministic validation, now they also have built-in double checks from their peers (🤖).

Are you a fan of the Gemini CLI? Yeah, us too. That's why we added first class support to our MCP server, including a managed installation process and full documentation. And get started in no time by running uvx zenable-mcp install gemini!

There are certain types of files that just aren't worth spending the time doing a line-by-line review of. Compiled code, generated files, or lock files are great examples in many cases. But, not everyone has the same files that they'd like to skip. That's why we now support both inclusion and exclusion criteria in our configuration file, so you can make the PR review bot even faster and more focused by telling it what to skip, and what to always pay attention to. Learn more in our docs.

When it comes to AI coding, nobody's better as of July 2025 than Anthropic (in our humble opinion). That's why we upgraded our MCP sever to use Anthropic's Opus and Sonnet models throughout! Now, not everything that our MCP server does uses AI (I know, shocking, right?), but when it does, now you're getting only the best - Anthropic's Opus and Sonnet 4 models.

We've increased our generated conformance tests (also known as Policy as Code) limit to 10KB per policy. Now you can make sure that even the trickiest rules can be enforced deterministically in code, without the toil of writing it by hand, or even needing to sift through your contracts or security policies to find it. Just upload whatever files you expect have requirements, and have us do all the work - we'll find the requirements, refine the details, generate and test the conformance tests, and then executing them throughout your entire Software Development Lifecycle.

Having multiple MCP tools can be confusing for LLMs; they don't know which one to pick. So, we made it easy. Now, all of our features are now available behind a single tool call. Don't worry, you still get 100% of the capabilities you're used to, and we've implemented a token system so even when you run out of premium tool calls, you'll still get unlimited calls to our deterministic conformance tests. Not familiar with conformance tests? Well, let me tell you, they're pretty 🔥. Specifications are the best way to guide AI tools to generate code that meets our expectations, and conformance tests are how we verify that's what's happening. If you're interested to learn more, just reach out! We're always happy to help.

We've revamped our entire onboarding process so now you can get started in minutes. Just install the GitHub App, configure the MCP server, or sign up for one of our paid tiers and you're all set with the full suite of Zenable integrations. Check out our feature deep dive to see all the juicy details

If you've ever heard of TDD (Test Driven Development) and were a fan, you're gonna love Spec-Driven Development. SDD leverages Conformance Tests, which are a way to define the requirements of the end result you'd like to see when working with AI tools, and have it iterate until it conforms to the requirements. You may also hear it referred to as Policy as Code, and it's the #1 way to prevent slop makes it into your code base, but they're not trivial to write. There are dozens of different Domain-Specifics Languages to write them in, which are each great in their own ways... just hard to get started with. That was, until today 🚀 Read more by clicking here :)

Looking for a little more "oomph" from your PR Reviews? Now you've got it; we cut over to Claude 4 and have seen a dramatic improvement in contextual, valuable code reviews. Not only does it find security issues, but it flags functional and business logic issues that linters miss by thoroughly understanding the intent of your code using the PR title, description, commit messages, and corresponding files/comments. Check it out for free with two clicks by going to zenable.io/github and installing our app 🚀

Got something secret 🤫 in your documents? Something not yet ready for release, even to a business partner? Us too, that's why we've provided regex-based text sanitization. Now you can remove or substitute any string from your inputs before it gets processed so you can be sure that your secrets stay safe.

Use Zenable's intelligent document search to find all of the contracts which require you to pass your ISO 27001 certification, encrypt their data, do static code analysis, or maybe even find out that the process that you've always been told is required isn't actually in a single contract. Use this new level of visibility to stop doing work that isn't necessary so you can improve your product, fix real security issues, and maybe even ask your sales team (nicely) to no longer do business with certain... painful customers.

Just import your governance, engineering responsibilities, or any other text document and we'll do the hard work of extracting the roles, responsibilities, and mapping them all together. Then you can just hop into zenable.app and see what those hundreds of pages of documents sign you up to do every day.

Now you can login to zenable.app with your Google account, but only after checking with us first... Interested in some of the Pro and Enterprise features that this unlocks? Check out the details and get an upgrade at zenable.io/pricing

Always wanted to put guardrails in place for each and every one of the requirements in your security policies, contracts, and product requirements? Well now you can, with Zenable's automated guardrails using Policy as Code. Just import your documents and we'll automatically create over 10 different types of Policy as Code that you can use to enforce these guardrails throughout development, in your pipelines, and running in your cloud or kubernetes environments 🚀

We've shipped custom context for Zenable PR reviews; just load in whatever relevant security policies, product requirements, contracts, engineering documentation, or any other text document to our platform and it will automatically be accounted for during your reviews. Now you can be sure that your team is following your company's custom requirements every step of the way from coding to production.

Protect your repositories from AI Slop with our GitHub App; get expert-level reviews of Pull Requests in seconds, not days. Set it up for free today at zenable.io/github

Companies are complicated, and so are their requirements. Skip the 100-page snoozefest and use our chat bot to talk directly to your requirements and figure out what is (and isn't) required.

Looking for a feature that you want but not seeing it? Let us know! We've just shipped our public roadmap - take a look, submit something new, and vote for features you'd like to see at zenable.io/feedback

Our GitHub App will now automatically review your PR title and description for accuracy based on the actual PR contents. When it finds that either don't align well with the actual direction of the PR, it will suggest an alternative! No more needing to painstakingly write a title and description, just drop open a PR, get the feedback, and go from there!

Now you can get all of the power of Zenable directly into over 50 IDEs by using our MCP server! To learn more, see docs.zenable.io

We're now hosting our documentation at docs.zenable.io; go check it out for our quick start, step-by-step setup guides, walkthrough videos, and more!

We now support integration directly into Windsurf! To set it up, see our documentation at docs.zenable.io

We now support integration directly into Cursor! To set it up, see our documentation at docs.zenable.io

You can now configure the GitHub App via a configuration file; clear out some of the noise by skipping reviews of any specialized lock files, binaries, or compressed files, and don't re-review release branches or Dependabot PRs, and more! See how to configure it at docs.zenable.io

Now Zenable can take in arbitrary documents - contracts, security policies, product requirements, or anything else - and persist them into our patent-pending requirements knowledge graph!