Cato Networks orchestrates transparent, compliant procurement with Zip

Challenge

Rapid growth at odds with operational control

For elite cybersecurity companies like Cato Networks, procurement isn’t just about cost and contracts—it’s about protecting the very systems that safeguard client data. In the wake of their explosive growth, the company was beginning to find risky blind spots in their procurement process.

Tom Lazar, Procurement Manager at Cato, arrived with a plan to transform the procurement process before it buckled under the company’s rapid expansion. “Before Zip, the process was scattered everywhere. We had certain thresholds, but no way to supervise what was happening,” he recalled.

The stakes were particularly high during vendor renewal seasons. “We had vendors pushing to get agreements done before their year-end. When the process isn’t organized and you don't have the right information in the request, you can’t approve on time. Then you enter a new quarter, and prices go up,” Tom explained.

Solution

A platform built for rapid growth

As growth continued, Cato Networks needed a platform that could evolve with them. The search led them to Zip for three critical capabilities: unified workflow orchestration, no-code flexibility, and enterprise-grade audit compliance.

“We looked for something that would allow us to create a better process and give us the ability to have everything in one place to see the entire workflow, instead of sending an email to the legal department and another email to the security department," Tom said. Zip’s conditional logic capabilities and no-code interface fit the bill.

What sealed the decision for Tom was Zip’s intuitive, user-friendly design. “I’m not a technical guy, and I can create workflows in Zip easily. It's based on a certain logic. It’s very easy to dive in and create everything yourself. You don't need to be an engineer for it.”

“I can create a condition where I ask the right questions,” said Tom. If someone needs to create an integration, I’m bringing in the right approvers to the workflow.” Finally, procurement could see the full picture before negotiations began–training needs, supporting hours, integration requirements–all captured up front.

The security team now manages vendor assessments through Zip’s vendor portal, creating risk tiers that automatically trigger appropriate approval workflows to support their SOC compliance.

Results

Orchestrating a strategic approach to procurement

The transformation was revelatory. Gaps that had been invisible in the old fragmented system became impossible to ignore, forcing Cato Networks to confront procurement blind spots they didn’t even know existed.

As Tom put it, “A lot of things go under the radar when you don’t have a stable process. Today, working in Zip, if you need a purchase order you must go through legal if your request meets certain conditions. That’s how you find out things like, ‘Hey, we’re working with this vendor and we don’t have an agreement.’”

Beyond surfacing gaps, the new visibility gave managers new insight into team behavior. “Managers can see how many requests their team is submitting. It helps them understand how their team operates, who’s approving on time, who’s splitting requests into smaller pieces.”

Compliance reporting, once a manual burden, now happens instantly. With vendor security assessments, risk tiers, and approval workflows all documented in one system, audit reports generate with a single click. 

Zip enables analysis that goes far beyond basic spend reporting. “I want to know not only how much money we spend on channel marketing, but also in which regions, and how many of those requests were submitted within two days of the effective date. This information, I can filter in Zip.”