ZML Explained

Zerum ZML & Playbooks
The Power of Automation in your hands

The volume and tenacity of cyberattacks are continuously increasing, overburdening cybersecurity professionals with the amount of data which they need to analyze.

With the Zerum Multiprocessing Language, ZML, processing large volumes of data, alerts and events to extract real, actionable information and relevant insights with efficiency and real results becomes routine.

The ZML assists with and eases the building of trustworthy data ingestion and evaluation processes. 

With both flexibility and comprehensiveness in its instructions, the ZML facilitates the creation of Playbooks with specialized functions for each step.


Data Entry


The data entry instructions define and select the sources of data to be analyzed. (e.g.: Lynx, SIEMs, databases, files, APIs, others..)


Data processing and enrichment

With the processing and enrichment instructions, raw data is evaluated, correlated and otherwise contextualized through the use of filters, counters and many more data science tools.


Response, automation and orchestration

Based on the earlier data ingestion and processing, the output instructions respond to the findings, taking actions such as sending e-mail notifications, triggering alerts or activating firewall rules.

ZML in action – Playbooks

Build reliable detection, evaluation and response routines.

Playbooks offer repeatable, reliable processes from data ingestion to incident response, considering all steps of the Cyber Kill Chain*

Robust graphical and code-assistance tools allow the user to build and run their own Playbook, be it constructed from scratch or based on the ample default ZML Playbook library.

Easy to customize, the Playbooks offer a variety of configurations such as frequency and datetime for automatic execution.

All Playbook results are tallied and presented in intuitive screens. Few clicks, all the results

The standard Playbook library covers a variety of use cases, built on ZML scripts that work in concert to deliver the best results.

Composing and testing scripts can be done with ease and speed in the dedicated graphical interface, accelerating the customization and assembly processes of all Playbooks.

Playbooks Catalog

A variety of Playbooks, built and maintained by cybersecurity specialists, ready to use and at the disposal of our clients:

  • Active Directory
  • Brute Force
  • CVE Exploitation
  • CWE Assessment
  • Cryptojacking
  • Data Exfiltration
  • Internal System Errors
  • Malware Transfer
  • OWASP Top 10
  • Outdated Protocols
  • Proxy Usage
  • Ransomware
  • Data Loss Prevention
  • Command Injection
  • Code Injection
  • Scanning
  • DoS – Denial of Service
  • File Injection
  • File Inclusion
  • Tunneling
  • Enumeration
  • Insecure Versions
  • Malwares
  • Phishing
  • Insecure Use
  • TLS Threats
  • Others

Looking for Artificial Intelligence solutions that understand your business?

We’re here to help you.