Welcome to Nabla

Nabla helps teams ship safer software while also generating evidence for key compliance frameworks by evaluating firmware binaries and source packages and testing against clearly defines policies. It produces deterministic, audit‑friendly evidence results in JSON and SARIF you can use locally and in CI to make fast, consistent decisions and present to auditors.

What is Nabla?

• A policy‑driven binary analysis engine that turns deterministic signals into security findings and auditable evidence
• A CLI you can run locally or in CI/CD to gate changes and generate reports.
• A Rhai-script based binary analysis model for selecting policies, scoping inputs, and tuning outputs.

Why teams use it

• Consistent decisions: deterministic rule execution and policy mapping.
• Developer friendly: fast local runs with the same behavior as CI.
• Audit ready: human‑readable summaries and machine outputs (JSON/SARIF).
• Extensible: tailor policies, controls, and rules to your environment.

How it works (at a glance)

1. Discover inputs: repositories, artifacts, binaries, or supplied metadata.
2. Resolve policy: map selected policies to controls and rules for the run.
3. Execute rules: evaluate evidence deterministically with pinned versions.
4. Aggregate results: normalize severities and remediation guidance.
5. Enforce and publish: fail CI when configured and export reports.

Quick start

• Install the CLI: 🔗 Installation
• Understand the moving parts: 🔗 Architecture Overview
• Run and script it: 🔗 CLI Reference

Core concepts

• Rules: atomic checks that evaluate facts.
• Controls: practical requirements implemented by one or more rules.
• Configuration: select policy, scope inputs, set parameters.
• Outputs: summaries, JSON, SARIF, and markdown.

If you have feedback or need help, open an issue in your repo, or reach out through your Nabla support channel.