Zoom is serious about cybersecurity, and Warmly was up for the challenge of meeting Zoom’s security needs by investing early.

Zoom is serious about cybersecurity, and Warmly was up for the challenge of meeting Zoom’s security needs by investing early.

Project overview

Warmly hit the ground running in 2020 and felt instant momentum, thanks to a shared passion across their founding team, the market fit of their idea and a supportive community of users and VCs who loved what they were executing.

While these variables were critical in founding Warmly, they quickly realized that to succeed we would need to excel at something they had not expected: cybersecurity.

A milestone to the growth of Warmly was their ability to earn the trust of Zoom, a publicly traded company with an established cybersecurity program. Zoom was more than a brand partner, they were the core technological component to Warmly’s technology. To work together, Warmly would need to meet Zoom eye-to-eye on cybersecurity, on a budget, and quickly.



Zoom assessed Warmly on three aspects: governance, cybersecurity management and technical implementation of cybersecurity.

To investigate the governance capabilities of Warmly, the Zoom assessment team collected evidence of business structure, operational policies, cybersecurity policies, risk transference tools such as insurance and documentation of organizational structure.

It was important to Zoom to understand from Warmly the way their technology connected to users and the type of information that was collected. Warmly, while early-stage, brought on a CISO via VioletX and accomplished both GDPR and CCPA to meet Zoom’s expectations of enterprise-level data privacy practices.

The technical assessment of Warmly included an evaluation of their attack surface, which included a vulnerability assessment and a penetration test of the Warmly application and web presence.

Zoom and Warmly collaborated on observations that required remediation to align Warmly with the expected security posture of Zoom’s partners. In addition, Warmly provided a detailed architecture of their environment so that Zoom Cloud could clearly visualize the placement of security controls, in addition to the flow of information in and out of the Warmly environment.

Zoom is responsible for the secure communication of billions of meetings across the most prominent companies in the business ecosystem, as the primary platform that hosts the remote-workforce revolution. For this reason, their security process goes beyond that of asking for a SOC2. While many companies today rely simply on documents like a SOC2 report, Warmly was vetted with live data requests and a deep look into their technology.

The level of assurances required to allow a product such as Warmly into the Zoom app ecosystem is an essential part for Zoom to maintain the confidentiality and integrity of its application when integrating with platforms like Warmly.

Project results

The thoroughness of the Zoom process ultimately led Warmly to feel enterprise-ready early in their startup story, a sense of legitimacy to their customers and the confidence to work with other companies who value real-deal cybersecurity.

Zoom wanted to make sure that we they up for the task of protecting their users and they wanted to show them that they were.

Warmly’s investment into hiring a CISO, building a security program and demonstrating their maturity toZoom paid off: In 2021, Warmly was awarded the Zoomtopia award for the best use of the Zoom platform and is a top 3 utilized app in Zoom’s marketplace.

Jason Lee, the Chief Information Security Officer for Zoom states, “Our third-party risk management program allows Zoom to properly assess the risks and make informed decisions on how we allow integration into our environment. The process and participation that organizations such asWarmly go through to be called a Zoom Partner is one that we have specifically designed to allow for the expansion of the Zoom platform while keeping security top of mind for our users.”

By leveling up to Zoom’s standards, Warmly manifested their vision of a more deeply connected remote workforce. They earned a meaningful role in the primary ecosystem that was supporting people towards a modern way of working.

Zoom is serious about cybersecurity, and Warmly was up for the challenge of meeting Zoom’s security needs by investing early.

What our clients say.

Hillary Mohs
First Stop Health

I’ve worked with VioletX across 2 companies now and they’ve provided thorough guidance, documentation and training that has allowed us improve our security policies and process. In healthcare, security is such an important component and VioletX helped us to get a deep, nuanced understanding so we could know where we’re at today and how to enhance our system as our business grows.

Rich Santo

VioletX has been wonderful to work with. They are extremely responsive and professional. VioletX gives us the peace of mind that our data is safe.

Cassio Goldschmidt
Service Titan

An incident response plan is critical for any business to continue operations in the event of an emergency, especially in the case of a cybersecurity attack. Using realistic scenarios, VioletX's insights helped ServiceTitan staff to understand the nuances that result in a successful incident response. One that reduces downtime, maintains public trust, and follows regulatory compliance.

Sara Reents
First Stop Health

Working with VioletX is a great experience. They are responsive, collaborative and knowledgeable during all stages of our engagement. I am very grateful for their willingness to educate not only me but my entire company on the importance of cybersecurity. Ten out of ten would recommend to others!

User Centered - Dev X Webflow Template

VioletX does not try to force fit us into a rigid philosophy. When we found them, we had turned down many vendors. They were the first to say, "We are going to build something that fits you."

Password Protected - Dev X Webflow Template
Director of Security

My leadership team told me that we were
passively shopping to be acquired. Things moved fast and I needed backup.  VioletX professionalized our program in month.

Innovation & Technology - Dev X Webflow Template
DevOps Engineer

Working with a Virtual CISO has given me the opportunity to take on cyber for my company. Vx fills in the blanks of information I don't know and I can take it from there.

User Centered - Dev X Webflow Template

I like to approve of every legal agreement that leaves our company. That said, hiring VioletX has been a huge weight off. I trust them to navigate customer closes for me.