ZeroNorth, the first provider of risk-based vulnerability orchestration across applications and infrastructure, announced that it raised a $10 million Series A+ funding round led by Crosslink Capital with participation from other existing investors ClearSky, Rally Ventures and Petrillo Capital. In addition, Matt Bigge, partner at Crosslink Capital, joins the ZeroNorth board of directors.
In April 2019, ZeroNorth launched with $10 million in financing to focus on enabling companies to orchestrate vulnerability management and remediation programs across all phases of the software development lifecycle.
By orchestrating the many vulnerability scanning tools organizations use, ZeroNorth bridges the gap between application security, development and security operations. This empowers companies to deliver on the promise of secure DevOps, while reducing risk associated with software and infrastructure vulnerabilities.
“Over the past several years, organizations have come to recognize the critical nature of securing software across the entire development lifecycle. That said, security has proven unable to keep up with the demands of the rapid, continuous DevOps model,” said Bigge.
“ZeroNorth has demonstrated – through its platform today and vision for tomorrow – the ability to bridge that gap for customers. We’re thrilled to partner with the company’s accomplished leadership team and Board to drive the next level of growth.”
In 2019, ZeroNorth increased annual recurring revenue by more than 300% while doubling its customer base. The company also strengthened its leadership team with proven leaders from across the cybersecurity industry.
John Worrall, former CMO at CyberArk and VP and GM of RSA’s Security Intelligence & Event Management business unit, joined as CEO; Karen Higgins, former CFO at Resilient Systems through its acquisition by IBM and then director of IBM security operations joined as CFO; John Steven, founder of Codiscope, co-CTO of Cigital and then senior director of security technology and applied research at Synopsys after it acquired both firms, joined as CTO; and Dave Howell, former marketing VP at Raytheon and Forcepoint, joined as VP of marketing.
This funding will accelerate ZeroNorth’s growth by enabling the company to further expand key functions quickly, including engineering, customer support and sales.
In 2018, businesses spent $1.5 billion on tools to enable DevSecOps, according to Markets and Markets; the firm estimates spending will reach $5.9 billion by 2023. As DevOps and rapid application delivery become the course-of-business for software development, security struggles to keep pace.
ZeroNorth tackles this head-on by enabling customers to centrally orchestrate vulnerability management programs in a way that improves visibility into risk and the organization’s overall security posture.
“Software security has never been more important, but it’s never been this challenging either. Development and security teams are pushed apart by the need for speed, but it doesn’t have to be this way. Security teams can rise to the challenge and speed of DevOps, and orchestration across the development lifecycle is the answer,” said John Worrall, CEO at ZeroNorth.
“The tremendous traction our team achieved over the past year is proof, and this additional funding puts us in a position to make the future even more impressive.”
The ZeroNorth platform enables organizations to embrace critical digital transformation initiatives and increasing development speeds without leaving security behind.
The platform integrates with and orchestrates the many different security scanning tools organizations use and correlates the high-volume of output that otherwise becomes too onerous for teams to manage manually.
By consolidating issues, prioritizing risk based on business context and integrating back into developer workflows through tools they already use, ZeroNorth speeds remediation through continuous development.
This centralized approach reduces the resources required to implement a comprehensive software security program while giving organizations a more complete and consistent view of risk. This single view also dramatically eases reporting for corporate and board-level audit, regulatory compliance and customer assurance.