Mobile security vendor Zimperium announced on June 7 that it raised $25 million in a Series C round of funding, bringing total funding to date for the company up to $43.5 million. The company will use the new funding to expand its global operations and invest in new technology development.
Zimperium was founded in 2010 by Israeli security researcher Zuk Avraham and first gained notoriety with the release of its Android Network Toolkit (ANTI), which has since been renamed zANTI, providing mobile penetration capabilities. In July 2015, Zimperium researcher Joshua Drake discovered and reported the Stagefright vulnerabilities in Android, helping to propel the company's brand and its fortunes.
"We believe we have a significant lead on our competition, and we want to invest in new products and spend more on our security as well as research and development," Shridhar Mittal, CEO of Zimperium, told eWEEK.
Zimperium has a good set of customers and is growing, thanks in part to an expanding list of telecom carrier partnerships, including Deutsche Telekom in Germany and Telestra in Australia, Mittal said. While Zimperium does not sell commercial support for its zANTI mobile penetration testing platform, instead offering it as a freely available product, it does sell its zIPS mobile intrusion prevention system and its zIAP in-app protection software.
Stagefright Discovery a Milestone
The Stagefright flaw discovery was a real milestone for Zimperium in many ways. After the Stagefright discovery, customers started to realize how critical mobile security is to the enterprise, said John Michelsen, chief product officer at Zimperium.
"We saw our business go from little league to major league in the third quarter of last year," Michelsen told eWEEK.
A common problem with mobile security is the lack of patching by end users for known vulnerabilities. The promise of Zimperium's technology, however, is to go beyond just patching to protect mobile users. Michelsen noted that the Stagefright vulnerability was exploitable since the Android 2 release in 2009, when the vulnerable code was first introduced. Zimperium's Drake only discovered the flaw in 2015, meaning the flaws could have potentially been left unpatched and exploitable for six years.
"Patching makes us safer, but it doesn't make us safe," Michelsen said. "That's why zIPS and zIAP are important because there is a need for detection of currently unknown vulnerabilities."
Looking forward, Mittal noted that the right foundation is now in place for Zimperium and he's confident he has the right investors too.
"Now it's just a matter of growing the company and executing on our plans," Mittal said.
Zimperium's new round of funding was led by Warburg Pincus and included the participation of Sierra Ventures, Telstra Ventures and Lazarus Israel Opportunities Fund LLLP.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.