There’s something beautifully ironic about naming your cybersecurity startup North Pole Security, because in a world flooded with post-breach excuses and cold comfort solutions, these guys are the ones actually keeping things locked up tight. No jingle bells, just binary approvals and real-time enforcement for the only enterprise OS still pretending it doesn’t need serious protection: macOS.
Today, North Pole Security announced a $4 million seed round led by Andreessen Horowitz, with backing from Royal Hansen and a collection of angel investors who clearly know what it means when Google’s security veterans stop talking and start building. This isn’t another “we-secure-everything” startup chasing headlines with hype. This is Workshop, a prevention-first endpoint protection platform built exclusively for macOS. Read that again. Not an afterthought. Not cross-platform compromise. Built. For. Mac.
It’s a wild stat: macOS now sits on 1 in 5 U.S. business endpoints, and still, enterprise-grade security tools for it feel like a Craigslist free section, awkward, misfitting, and never quite what you need. North Pole Security changes that. Born out of the very minds that built Santa, the open-source allow listing tool Google quietly relied on, Workshop scales what Santa started and wraps it in enterprise muscle. Default-deny architecture. Lightning-fast policy enforcement. Telemetry that doesn’t just observe but anticipates. Workshop isn’t reacting to threats. It’s blocking them before they breathe.
Founders Pete Markowsky (CEO), Russell Hancox (CTO), Tom Burgin, and Matt White aren’t just here to protect endpoints, they’re here to out-engineer every legacy vendor still piecing policy to platforms they never understood. Markowsky helped lead Santa at Google and co-founded Capsule8. Hancox co-wrote Santa, spent 13 years as a Staff Software Engineer at Google, and, fun fact, used to be an Apple Genius. White built the Apple Endpoint Security Framework. Burgin brought Santa to life alongside them. This isn’t a founding team, it’s a source repo with a payroll.
And while others chase compliance checklists, North Pole Security is pushing out process-centric FAA rules, multifactor allowlisting (think CDHash, cert hash, Team ID precision), USB control, and community-voted approval workflows. Oh, and it scales, 100,000+ macOS endpoints? Already demonstrated.
The lesson? Build for the platform. Build with the right people. Build before the industry wakes up. North Pole Security didn’t wait for a trend. They built the future. Now they’re funded to scale it.
