Zoom is serious about cybersecurity, and Warmly was up for the challenge of meeting Zoom’s security needs by investing early.

Warmly hit the ground running in 2020 and felt instant momentum, thanks to a shared passion across their founding team, the market fit of their idea and a supportive community of users and VCs who loved what they were executing. While these variables were critical in founding Warmly, they quickly realized that to succeed we would need to excel at something they had not expected: cybersecurity.

A milestone to the growth of Warmly was their ability to earn the trust of Zoom, a publicly traded company with an established cybersecurity program. Zoom was more than a brand partner, they were the core technological component to Warmly’s technology.

To work together, Warmly would need to meet Zoom eye-to-eye on cybersecurity, on a budget, and quickly.






Navigating Vendor Risk



Zoom assessed Warmly on three aspects: governance, cybersecurity management and technical implementation of cybersecurity. To investigate the governance capabilities of Warmly, the Zoom assessment team collected evidence of business structure, operational policies, cybersecurity policies, risk transference tools such as insurance and documentation of organizational structure. It was important to Zoom to understand from Warmly the way their technology connected to users and the type of information that was collected.

Warmly, while early-stage, brought on a CISO via VioletX and accomplished both GDPR and CCPA to meet Zoom’s expectations of enterprise-level data privacy practices. The technical assessment of Warmly included an evaluation of their attack surface, which included a vulnerability assessment and a penetration test of the Warmly application and web presence.Zoom and Warmly collaborated on observations that required remediation to align Warmly with the expected security posture of Zoom’s partners. I. n addition, Warmly provided a detailed architecture of their environment so that Zoom Cloud could clearly visualize the placement of security controls, in addition to the flow of information in and out of the Warmly environment.

Zoom is responsible for the secure communication of billions of meetings across the most prominent companies in the business ecosystem, as the primary platform that hosts the remote-workforce revolution. For this reason, their security process goes beyond that of asking for a SOC2. While many companies today rely simply on documents like a SOC2 report, Warmly was vetted with live data requests and a deep look into their technology.The level of assurances required to allow a product such as Warmly into the Zoom app ecosystem is an essential part for Zoom to maintain the confidentiality and integrity of its application when integrating with platforms like Warmly.


Warmly and Zoom equally benefitted from this partnership, strengthening a secure ecosystem between Innovators and Enterprises.

Warmly's product was successful and embraced by Zoom users, leading Zoom to include Warmly in a bundle of "essential apps". This allowed Zoom to increase the features and engagement of their product. This allowed Warmly incredible reach and brand recognition. Together, they improved the customer experience, while maintain safety and compliance expected by Zoom customers.