Connect with us

Hi, what are you looking for?


Security Infrastructure

Zip Raises $7.7 Million to Expand SMB Cybersecurity Business

New York City and Washington DC-based startup Zip Security raised $7.7 million seed financing led by General Catalyst, co-led by Human Capital, and with participation from Box Group.

New York City and Washington DC-based startup Zip Security announced a $7.7 million financing round led by General Catalyst, co-led by Human Capital, and with participation from Box Group.

Zip focuses on bringing advanced cybersecurity capabilities to the SMBs that do not have the resources of bigger firms. SMBs are increasingly targeted by cybercriminals because of their supply chain access to larger firms, while being simultaneously less well defended. And, of course, ransomware targets all firms regardless of size.

“Most of the world assumes that large businesses with industry IP are the sole targets of bad actors,” comments Quentin Clark, MD at General Catalyst. “But that is not the case — ransomware is an issue businesses of all scales face, but it’s also the case that smaller businesses are often sought as a vector of attack to larger businesses.”

And yet, he continues, “smaller businesses don’t have CISOs and an entire security organization deploying and overseeing security software and policies — it’s not economically practical. This is a serious impedance mismatch.”

Zip Security

Our mission, says Josh Zweig, CEO and co-founder of Zip Security announcing the funding, “is to protect those smaller businesses and their customers’ data by making cybersecurity affordable and accessible.” 

Zip offers a SaaS platform and service designed to minimize the in-house resources required for effective security. He uses the recent iLeakage example from October 2023.

“This was a bug around how Safari isolated tabs and the possibility to have one open tab steal data from another open tab,” he told SecurityWeek. “To protect yourself you need to do three things. First, you need to know that this thing exists — most people aren’t reading security news. Second, you must figure out a mitigation. Third, and most importantly, you must implement that mitigation.”

This isn’t something that can be done just once, but needs to be done for all Safari users in the company. Larger companies with established security teams can handle such issues, but it is problematic for SMBs. “I like to call them the Department of One, where you have just one security person or one IT person — or even none. Within a few hours, we surfaced that this happened in our SaaS offering to our customers, and coupled that with ‘Hey, here’s a button you can click to deploy the mitigation.’”

Zip’s philosophy is to put into practice a simple method of implementing law enforcements’ recommendation — get the basics right, and you will mitigate most cyber threats. It does this, says the company, “by integrating across best-in-class security tools including CrowdStrike, Okta, Jamf, and Microsoft Intune, allowing small businesses to run similar security programs to large corporations at a fraction of the time and cost.”

Advertisement. Scroll to continue reading.

“The thing that makes these basics difficult, ” continued Zweig, “is they require weaving together lots of systems. Maybe you have one system to manage your Apple computers and one system to manage your Windows computers and a third system to manage your identities and a fourth system to manage your endpoint threat detection and remediation… Where things get hard with a minimal or non-existent security department, is how do you actually weave all these things together – how do you do the basics really well? We are the glue: we integrate with all these different systems, and we help you deploy, configure, and manage them in order to really nail the basics.”

Zip Security was founded by Josh Zweig (CEO) and Gabbi Merz (CTO). Both are alumni of Palantir, with roots in building security for government, critical industry, and Fortune 500 companies. Zip Security now seeks to bring that level of cybersecurity to SMBs. “We founded Zip,” he says, “with the belief that the cybersecurity market desperately needs a SaaS solution that makes securing a company an easy (and, dare we say, enjoyable?) experience.”

He adds, “We plan to use the new funding to scale up the development of our software product in service of our customers, including building out more advanced capabilities like device trust, automated patch management, and identity threat detection to provide best-in-class security so that customers can spend their time and resources where it matters most: on their mission.”

Related: Top 10 Tactical Recommendations for SMB Cybersecurity

Related: SMBs Exposed to Attacks by Critical Vulnerability in DrayTek Vigor Routers

Related: Ransomware Targets SMBs via RDP Attacks

Related: Strike Security Scores Funding for ‘Perpetual Pentesting’ for SMBs

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Security Infrastructure

Security vendor consolidation is picking up steam with good reason. Everyone wants to improve security efficiency and effectiveness while paying for less.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Security Infrastructure

Instead of deploying new point products, CISOs should consider sourcing technologies from vendors that develop products designed to work together as part of a...

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

Security Infrastructure

While silos pose significant dangers to an enterprise's cybersecurity posture, consolidation serves as a powerful solution to overcome these risks, offering improved visibility, efficiency,...