• Home
  • Press Releases
  • ZeroNorth Achieves 300 Percent ARR Growth, Doubles Customer Base in 2019 and Expands Board of Directors with MassMutual CISO Jim Routh

ZeroNorth Achieves 300 Percent ARR Growth, Doubles Customer Base in 2019 and Expands Board of Directors with MassMutual CISO Jim Routh

Publish Date

Jan 14, 2020

Growth Fueled by Rapid Pace of Digital Transformation, Increased Need for Ensuring Security Across the SDLC

BOSTON – January 14, 2020 –ZeroNorth, the industry’s first provider of risk-based vulnerability orchestration across applications and infrastructure, today highlighted a banner year driven by its ability to help organizations manage security across the software development lifecycle.

MomentumIn addition to subscription revenue and customer growth, ZeroNorth announced expanded leadership at the board level. Specifically, MassMutual’s head of Enterprise Information Risk Management, Jim Routh joined the company’s board of directors. Routh brings more than 25 years of cybersecurity and risk experience to ZeroNorth, having held leadership roles at companies such as Aetna, JP Morgan Chase and American Express.

As companies of all sizes undergo digital transformation initiatives – relying on software as a competitive differentiator – it is critical to ensure security doesn’t impede development. ZeroNorth’s ability to support companies in this context delivered significant results in 2019, including:

  • Revenue growth: ZeroNorth closed 2019 with nearly 300 percent growth in annual recurring revenue (ARR) over 2018. This growth was fueled by new customers, as well as expanded deployments within the company’s installed base.
  • Customer Count: At the end of 2019, ZeroNorth had almost doubled its customer count with organization’s ranging from mid-sized to Fortune 50 companies.

“Software is core to nearly every organization today, and the drive toward digital transformation creates an undeniable need to strengthen security across the software development lifecycle,” said John Worrall, CEO of ZeroNorth. “Risk-based vulnerability orchestration is a proven path forward and the results we achieved in 2019 demonstrate our ability to help customers address this very real challenge.”

Several important milestones enabled the company to attain this growth, including new funding, an expanded leadership team, a growing employee base, advancements within the company’s platform and key partnerships:

  • Series A Funding: In April 2019, ZeroNorth raised a $10 million Series A funding round led by ClearSky Ventures with participation from Crosslink CapitalRally Ventures and existing investor Petrillo Capital.
  • Leadership Expansion: During 2019, ZeroNorth expanded the company’s leadership team. Specifically, former CyberArk CMO and SVP and GM of the security intelligence and event management business unit at RSA, John Worrall, was named CEO; Karen Higgins, who helped guide Resilient Systems through its acquisition by IBM and later held multiple executive roles at IBM Security, joined as CFO; John Steven, formerly senior director at Synopsys, co-CTO at Cigital and co-founder and CTO of Codiscope, was named CTO; and Dave Howell, formerly of RSA, Raytheon and Forcepoint, joined as VP of marketing.
  • Growing Employee Headcount: In addition to growing the company’s leadership team, ZeroNorth grew its overall headcount close to 300 percent over the course of 2019, with additions across all functions, including engineering, sales, marketing and G&A.
  • Platform Innovations: Throughout the year, ZeroNorth continued to add innovative functionality and increase the capabilities of its risk-based vulnerability orchestration platform. This included the introduction of its solution for Rapid Application Security in December, new capabilities that enable developers to more effectively build security into the software development lifecycle and drive actionable risk intelligence in November and features that enhanced the breadth and scalability of the ZeroNorth platform in July.
  • Strategic Partnerships and Integrations: ZeroNorth continued to build its impressive partner ecosystem over the past year through strategic partnerships with organizations including Raytheon and UST Global’s CyberProof that extend the company’s market reach. In addition, integrations with technical partners, including Onapsis and Redlock, helped contribute to the breadth and depth of the ZeroNorth platform.

Additionally, in November, ZeroNorth was recognized as a Representative Vendor in Gartner’s Market Guide for Vulnerability Assessment(1). The report notes that “security and risk management leaders for security operations and vulnerability management who are selecting and operating these solutions should: evaluate VA solutions’ capabilities for aiding in the prioritization of vulnerabilities and how the assessment phase is performed, so they can be more-efficiently managed in the organization.” It also suggests to “assess the workflow, enterprise management and third-party technology integrations VA solutions provide with compensating controls. These include intrusion prevention systems, web application firewalls, patch management solutions and ticketing systems, as well as risk prioritization tools, such as vulnerability prioritization tools, to support general IT and security operations with better insight and efficiency possibilities.”

The ZeroNorth platform enables organizations to embrace critical digital transformation initiatives, such as DevOps, the cloud and microservices, without leaving security behind. By integrating with and orchestrating the many different scanning tools organizations use, correlating the output of these tools and prioritizing risk based on business context, the ZeroNorth platform reduces the resources required to implement comprehensive vulnerability management programs. Ultimately, ZeroNorth gives organizations a more complete and consistent view of risk while improving their overall security posture.

To learn more about how ZeroNorth empowers customers with risk-based vulnerability orchestration across applications and infrastructure, please view its company and platform overview video at https://go.zeronorth.io/TwoMinuteVideoMeetZeroNorth

(1) Gartner, Inc. “Market Guide for Vulnerability Assessment” (Gartner subscription required) by Craig Lawson, Mitchell Schneider, Prateek Bhajanka, and Dale Gardner, November 20, 2019.

Gartner Disclaimer

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About ZeroNorth

ZeroNorth is the first company to deliver risk-based vulnerability orchestration across applications and infrastructure. By orchestrating scanning tools throughout the entire software lifecycle, ZeroNorth provides a comprehensive, continuous view of risk and reduces costs associated with managing disparate technologies. ZeroNorth empowers customers to rapidly scale application and infrastructure security, while integrating seamlessly into developer environments to simplify and verify remediation. For more information, follow ZeroNorth on Twitter (@ZeroNorthSec) or LinkedIn—or visit https://www.zeronorth.io.

eBooks & Research Reports

How DevSecOps Analytics Solve the Biggest Hurdles of AppSec

When it comes to building out a robust AppSec program, and embarking on the journey toward DevSecOps, there is a lot to remember and just as ...

Read Now


Ramp Up Your AppSec Program with ZeroNorth DevSecOps Quick Start

Learn how ZeroNorth DevSecOps Quick Start is ideal for engineering and security teams who need a quick, easy and cost-effective way to jumpstart their AppSec program.

Read Now

The ZeroNorth DevSecOps platform offers options for your DevSecOps journey—getting started with AppSec, finding enterprise visibility or fully integrating security into DevOps.