Q1 2026 Zscaler Inc Earnings Call

November 25, 2025

Jay Chaudhry: Good day, and thank you for standing by. Welcome to the Zscaler Q1 2026 earnings call. At this time, all participants are in a listen-only mode. Please be advised that today's conference is being recorded. After the speaker's presentation, there will be a question-and-answer session. To ask a question, please press star 11 on your telephone and wait for your name to be announced. To withdraw your question, please press star 11 again. I would now like to hand the conference over to your speaker today, Ashwin Kesireddy, VP of IR and Strategic Finance.

Operator: Good day, and thank you for standing by. Welcome to the Zscaler Q1 2026 earnings call. At this time, all participants are in a listen-only mode. Please be advised that today's conference is being recorded. After the speaker's presentation, there will be a question-and-answer session. To ask a question, please press star 11 on your telephone and wait for your name to be announced. To withdraw your question, please press star 11 again. I would now like to hand the conference over to your speaker today, Ashwin Kesireddy, VP of IR and Strategic Finance.

Speaker #1: Please be advised that today's conference is being recorded. After the speakers' presentations, there will be a question-and-answer session. To ask a question, please press *11 on your telephone and wait for your name to be announced.

Speaker #1: To withdraw your question, please press *11 again. I would now like to hand the conference over to your speaker today, Ashwin Kesireddy, VP IR and Strategic.

Speaker #1: Finance. Good afternoon, everyone.

Ashwin Kesireddy: Good afternoon, everyone, and welcome to the Zscaler Q1 FY 2026 earnings conference call. On the call with me today are Jay Chaudhry, Chairman and CEO, and Kevin Rubin, CFO. Please note we have posted our earnings release and a supplemental financial schedule to our investor relations website. Unless otherwise noted, all numbers we talk about today will be on an adjusted, non-GAAP basis. You will find the reconciliation of GAAP to the non-GAAP financial measures in our earnings release.

Speaker #2: first quarter fiscal year And welcome to the Zscaler 2026 earnings conference call. On the. Good afternoon, everyone. And welcome to the Zscaler first quarter fiscal year 2026 earnings conference call.

Speaker #2: On the call with me today are Jagtar Chaudhry, Chairman and CEO, and Kevin Rubin, CFO. Please note we have posted our earnings release and a supplemental financial schedule to our Investor Relations website.

Speaker #2: Unless otherwise noted, all numbers we talk about today will be on an adjusted non-GAAP basis. You will find the reconciliation of GAAP to the non-GAAP financial measures in our earnings that today's discussion will contain release.

Ashwin Kesireddy: I'd like to remind you that today's discussion will contain forward-looking statements, including, but not limited to, the company's anticipated future revenue, annual recurring revenue, calculated billings, operating performance, gross margin, operating expenses, operating income, net income, free cash flow, dollar-based net retention rate, future hiring decisions, remaining performance obligations, income taxes, earnings per share, our objectives and outlook, our customer response to our products, our market share, and market opportunity. These statements and other comments are not guarantees of future performance, but rather are subject to risk and uncertainty, some of which are beyond our control. These forward-looking statements apply as of today, and you should not rely on them as representing our views in the future. We undertake no obligation to update these statements after this call.

I'd like to remind you that today's discussion will contain forward-looking statements, including, but not limited to, the company's anticipated future revenue, annual recurring revenue, calculated billings, operating performance, gross margin, operating expenses, operating income, net income, free cash flow, dollar-based net retention rate, future hiring decisions, remaining performance obligations, income taxes, earnings per share, our objectives and outlook, our customer response to our products, our market share, and market opportunity. These statements and other comments are not guarantees of future performance, but rather are subject to risk and uncertainty, some of which are beyond our control. These forward-looking statements apply as of today, and you should not rely on them as representing our views in the future. We undertake no obligation to update these statements after this call.

Speaker #2: including but not limited to forward-looking statements, the company's anticipated future revenue, annual recurring revenue, calculated billings, operating performance, gross margin, operating expenses, operating income, net income, free cash flow, dollar-based net retention rate, future performance obligations, income taxes, earnings per share, our objectives and outlook, our customers' response to our hiring decisions, remaining share, and market opportunity.

Speaker #2: performance. But rather, our I'd like to remind you subject to risk and uncertainty, some of which are beyond our comments are not guarantees of future These statements and other control. statements apply as of today.

Speaker #2: Performance. But rather, I'd like to remind you that our comments are subject to risk and uncertainty, some of which are beyond our control. These statements are not guarantees of future performance.

Speaker #2: And you should not rely on them as representing our views in the future. We undertake no obligation to update these forward-looking statements after this discussion of the risks and earnings release.

Ashwin Kesireddy: For a more complete discussion of the risks and uncertainties, please see our filings with the SEC, as well as in today's earnings release. I also want to inform you that we'll be attending the following conferences: UBS Global Technology and AI Conference on 3 December, Barclays Tech Conference on 11 December, and Needham Growth Conference on 14 January. Before I turn the call over to Jay, I wanted to share that I recently transitioned to a new role as Product Manager of AI Security at Zscaler. This will be my last earnings call as the IR leader. It's been a pleasure engaging with all of our shareholders over the last few years. Kim Watkins, who some of you may know from her tenure at Intuit, will be joining Zscaler in early December to lead investor relations and strategic finance. Please join me in welcoming Kim to Zscaler.

For a more complete discussion of the risks and uncertainties, please see our filings with the SEC, as well as in today's earnings release. I also want to inform you that we'll be attending the following conferences: UBS Global Technology and AI Conference on 3 December, Barclays Tech Conference on 11 December, and Needham Growth Conference on 14 January. Before I turn the call over to Jay, I wanted to share that I recently transitioned to a new role as Product Manager of AI Security at Zscaler. This will be my last earnings call as the IR leader. It's been a pleasure engaging with all of our shareholders over the last few years. Kim Watkins, who some of you may know from her tenure at Intuit, will be joining Zscaler in early December to lead investor relations and strategic finance. Please join me in welcoming Kim to Zscaler.

Speaker #2: As well as in today's 14th. Before I turn the call over to Jay, I wanted to share that I recently transitioned to a new role as Product Manager of AI Security at Zscaler, Inc. Please see our filings with the earnings call as the IR leader.

Speaker #2: I also want to inform you that we'll be attending the following conferences. UBS Global Technology December 3rd, Barclays Tech Conference on December and AI Conference on 11th, Needham Growth call.

Speaker #2: Engaging with all of our shareholders over the last few years has been a pleasure. Kim Watkins, who some of you may know from her tenure at Intuit, will be joining Zscaler in early December to lead investor relations and strategic finance.

Speaker #2: Please join me in welcoming Kim to the call. Over to you.

Ashwin Kesireddy: Now, I'll turn the call over to Jay.

Now, I'll turn the call over to Jay.

Speaker #2: Jay. Thank you, Ashwin.

Jay Chaudhry: Thank you, Ashwin. We had a strong start to our fiscal year. In Q1, annual recurring revenue, or ARR, growth accelerated to 26% year over year, and RPO growth accelerated to 35%. Combining our strong free cash flow margin of 52%, and revenue growth of 26%, we operated at Rule of 78, making us one of the rare companies consistently outperforming the coveted Rule of 40 metric. We are one of the only five enterprise SaaS companies with over $3 billion in ARR, growing at over 25%. The continued success of our three growth pillars, AI Security, Zero Trust Everywhere, and Data Security Everywhere, is driving our strong top-line performance. ARR from these three growth pillars accelerated in the quarter. I'm particularly pleased with our AI Security pillar, which grew over 80% year over year and has already exceeded our FY26 target of $400 million ARR, three quarters earlier than expected.

Speaker #3: We had a strong start to our fiscal year. In Q1, annual recurring revenue, or

Speaker #3: to 26% year over year and RPO growth accelerated to 35%. Combining our strong free cash flow margin of 52% and revenue growth of rule of 78, making us one of the rare companies consistently 26%, we operated at outperforming the coveted rule of 40 metric.

Speaker #3: accelerated in the quarter. I'm particularly pleased with Zscaler.

Speaker #3: which grew over 80% year over year and has already exceeded our FY26 target of $400 million. Now, I'll turn. We are one of ARR, three quarters earlier than expected.

Jay Chaudhry: With the strong demand, I expect AI Security ARR to exceed half a billion dollars by the end of this fiscal year. Diving deeper into our AI Security pillar, while enterprises are leveraging AI to drive innovation and accelerate productivity, the proliferation of AI is also making them increasingly susceptible to attacks. One of the largest AI companies recently reported that a bad actor hijacked its AI coding assistant to autonomously perform a large-scale cyber attack against multiple organizations. This incident highlights two important trends. First, threat actors are using AI to dramatically increase the speed, effectiveness, and blast radius of attacks. We have been predicting an increase in this type of automation by AI agents, and we are now seeing it happen. Second, just like users, organizations' AI agents are also becoming the weakest link in their security.

With the strong demand, I expect AI Security ARR to exceed half a billion dollars by the end of this fiscal year. Diving deeper into our AI Security pillar, while enterprises are leveraging AI to drive innovation and accelerate productivity, the proliferation of AI is also making them increasingly susceptible to attacks. One of the largest AI companies recently reported that a bad actor hijacked its AI coding assistant to autonomously perform a large-scale cyber attack against multiple organizations. This incident highlights two important trends. First, threat actors are using AI to dramatically increase the speed, effectiveness, and blast radius of attacks. We have been predicting an increase in this type of automation by AI agents, and we are now seeing it happen. Second, just like users, organizations' AI agents are also becoming the weakest link in their security.

Speaker #3: strong demand I expect With the AI security ARR to exceed half a billion dollars by the end of this fiscal deeper into our AI security pillar, while enterprises are leveraging AI to drive year.

Speaker #3: The proliferation of AI is also making them increasingly susceptible to attacks. One of the largest AI companies recently reported that a bad actor hijacked its AI coding assistant to autonomously perform a large-scale cyber attack against multiple organizations.

Speaker #3: Highlights two important trends. First, threat actors are using AI to dramatically enhance the effectiveness and blast radius of attacks. We have been predicting an increase in this type of AI agent.

Speaker #3: Increase the speed, and we are now seeing it happen with automation. Second, just like users, an organization's AI agents are also becoming the weakest link in their security.

Jay Chaudhry: It is only a matter of time before millions of AI agents interact with each other across enterprises. Imagine a threat actor hijacking even one of an organization's trusted agents and thereby accessing critical corporate resources and sensitive information, resulting in a serious breach. We have a long history of securing users with our Zero Trust Exchange, which enabled our customers to safely adopt the latest technologies, such as mobile, cloud, and SaaS. Over 45% of Fortune 500 companies and nearly 40% of Global 2,000 companies have adopted our Zero Trust Exchange and trust Zscaler to secure their businesses. With the rise of consumer GenAI applications, including ChatGPT, Perplexity, and more, security issues related to access control, data loss, and content moderation made enterprises cautious about allowing employees access to these popular apps.

It is only a matter of time before millions of AI agents interact with each other across enterprises. Imagine a threat actor hijacking even one of an organization's trusted agents and thereby accessing critical corporate resources and sensitive information, resulting in a serious breach. We have a long history of securing users with our Zero Trust Exchange, which enabled our customers to safely adopt the latest technologies, such as mobile, cloud, and SaaS. Over 45% of Fortune 500 companies and nearly 40% of Global 2,000 companies have adopted our Zero Trust Exchange and trust Zscaler to secure their businesses. With the rise of consumer GenAI applications, including ChatGPT, Perplexity, and more, security issues related to access control, data loss, and content moderation made enterprises cautious about allowing employees access to these popular apps.

Speaker #3: It is only a matter of time before millions of AI agents interact with each other across enterprises. Imagine a threat actor hijacking even one of an organization's trusted agents accessing critical corporate resources and sensitive information, resulting in a serious breach.

Speaker #3: We have a long history of securing users with our Zero Trust Exchange, which enabled our customers to safely adopt the latest technologies such as mobile, cloud, and SaaS.

Speaker #3: Over 10,000 companies and nearly 45% of the Fortune 500, and 40% of global 2,000 companies have adopted our Zero Trust Exchange and trust Zscaler to secure their businesses.

Speaker #3: With the rise of consumer Gen AI applications, including ChatGPT and Perplexity, there are increased security issues related to access control and data loss. This raises concerns about allowing employees access to these popular apps.

Jay Chaudhry: We extended our Zero Trust Exchange to provide visibility into thousands of GenAI apps, enabling enterprises to inspect prompts and responses, and enforce proper guardrails for safe and secure use of GenAI apps. Several large enterprises adopted our GenAI solution in the quarter, including a G2K technology company, a Fortune 500 communications equipment company, and a large healthcare software provider. As AI adoption moved beyond consumer GenAI apps into building and running enterprise AI applications, we introduced solutions in three key categories to secure them. First, AI asset discovery and posture management. AI applications and agents are being developed and deployed today without visibility for IT teams to safeguard them. To provide organizations with visibility and control, last year, we introduced an AI asset discovery solution called AISPM. AISPM can detect unauthorized AI applications, prevent over-permissions for AI agents, and strengthen governance for model deployments.

We extended our Zero Trust Exchange to provide visibility into thousands of GenAI apps, enabling enterprises to inspect prompts and responses, and enforce proper guardrails for safe and secure use of GenAI apps. Several large enterprises adopted our GenAI solution in the quarter, including a G2K technology company, a Fortune 500 communications equipment company, and a large healthcare software provider. As AI adoption moved beyond consumer GenAI apps into building and running enterprise AI applications, we introduced solutions in three key categories to secure them. First, AI asset discovery and posture management. AI applications and agents are being developed and deployed today without visibility for IT teams to safeguard them. To provide organizations with visibility and control, last year, we introduced an AI asset discovery solution called AISPM. AISPM can detect unauthorized AI applications, prevent over-permissions for AI agents, and strengthen governance for model deployments.

Speaker #3: We extended our Zero Trust Exchange moderation, making enterprises cautious to provide visibility into thousands of Gen AI apps, enabling enterprises to inspect prompts and responses.

Speaker #3: And enforce proper guardrails for safe and secure use of Gen AI apps. Several large enterprises adopted our Gen AI solution in the quarter, including a G2K technology company, a Fortune 500 communications equipment company, and a large healthcare software provider.

Speaker #3: As AI adoption moved beyond consumer Gen AI apps into building and running enterprise AI applications, we categorized them to secure them. First, AI asset discovery and posture management.

Speaker #3: AI applications and agents are being deployed without full visibility for IT teams to safeguard them. To provide organizations with developed and deployed solutions, last year we introduced an AI asset discovery solution called AISBM.

Speaker #3: Detect unauthorized AI. AISBM can provide visibility and control for applications, prevent over-permissions for AI agents, and strengthen governance for model deployments. In Q1, several software solution providers, including a leading manufacturer and a leading insurance company, purchased AISBM from Zscaler, serving a global customer base of 2,000.

Jay Chaudhry: In Q1, several customers, including a leading software solution provider, a global 2,000 manufacturer, and a leading insurance company, purchased AISPM from Zscaler. With our recent acquisition of SPLX, we are extending our AISPM capabilities by unifying discovery of LLMs, workflows, and MCP servers. These capabilities enable customers to meet evolving regulatory requirements for AI to be transparent, explainable, among others. The second key area of innovation is AI red teaming. As part of the AI lifecycle, customers need to regularly test their applications for vulnerabilities. With SPLX, we now deliver AI red teaming to enable automated and continuous testing of AI apps at scale. Our AI red teaming solution integrates with customers' CI/CD pipelines, making it easy to test for hallucination, bias, behavior drift, and more. Several customers, including a Fortune 150 transportation company and a Fortune 100 service provider, have already deployed AI red teaming.

In Q1, several customers, including a leading software solution provider, a global 2,000 manufacturer, and a leading insurance company, purchased AISPM from Zscaler. With our recent acquisition of SPLX, we are extending our AISPM capabilities by unifying discovery of LLMs, workflows, and MCP servers. These capabilities enable customers to meet evolving regulatory requirements for AI to be transparent, explainable, among others. The second key area of innovation is AI red teaming. As part of the AI lifecycle, customers need to regularly test their applications for vulnerabilities. With SPLX, we now deliver AI red teaming to enable automated and continuous testing of AI apps at scale. Our AI red teaming solution integrates with customers' CI/CD pipelines, making it easy to test for hallucination, bias, behavior drift, and more. Several customers, including a Fortune 150 transportation company and a Fortune 100 service provider, have already deployed AI red teaming.

Speaker #3: Of SBLX, we are with our recent acquisition extending our AISBM capabilities by unifying the discovery of LLMs, workflows, and MCP servers. These capabilities enable customers to meet evolving regulatory requirements for AI to be transparent and explainable, among others.

Speaker #3: The AI red teaming. As part of the AI lifecycle, customers need to regularly test the applications for the second key area of innovation: vulnerabilities. With SBLX, we now deliver AI red teaming to enable an automated and continuous red teaming solution that integrates with customers' CI/CD pipelines, making it possible to test AI applications at scale.

Jay Chaudhry: The third area of innovation is AI guardrails. Customers need AI guardrails for inline policy enforcement, for acceptable use of AI, for cybersecurity, and for data loss prevention. Inline policy enforcement is one of our key differentiators, which we seamlessly deliver through our Zero Trust Exchange at scale as we process half a trillion transactions daily. Our AI Guard solution leverages the core competency for runtime protection. Zscaler AI Guard sits between the application and LLMs, inspecting prompts and responses inline to enforce customer-defined policies. To share an example, this quarter, a leading consulting firm purchased our AI Guard to secure the use of public AI applications and their private in-house applications, such as AI chatbots and AI agents. With our platform capabilities, we are securing over 90 billion AI/ML transactions per month.

The third area of innovation is AI guardrails. Customers need AI guardrails for inline policy enforcement, for acceptable use of AI, for cybersecurity, and for data loss prevention. Inline policy enforcement is one of our key differentiators, which we seamlessly deliver through our Zero Trust Exchange at scale as we process half a trillion transactions daily. Our AI Guard solution leverages the core competency for runtime protection. Zscaler AI Guard sits between the application and LLMs, inspecting prompts and responses inline to enforce customer-defined policies. To share an example, this quarter, a leading consulting firm purchased our AI Guard to secure the use of public AI applications and their private in-house applications, such as AI chatbots and AI agents. With our platform capabilities, we are securing over 90 billion AI/ML transactions per month.

The third area of innovation is AI guardrails.

Customers need AI guardrails for inline policy enforcement for acceptable use of AI for cybersecurity and for data loss prevention.

Inline policy enforcement is one of our key differentiators, which we seamlessly deliver through our Zero Trust Exchange. At scale, as we process half a trillion transactions daily.

Our AI-driven solution leverages our core competency for runtime protection.

Z killer AI guard 6 between the application and LLMs inspecting prompts and responses in line to enforce customer-defined policies.

To share an example, this quarter, a leading consulting firm purchased our AI guard to secure the use of public AI applications and their private in-house applications, such as AI chatbots and AI agents.

Jay Chaudhry: As AI and AI agents define the next era of transformation, we are further extending our platform to secure AI agents, agentic workflows, and AI applications. In addition to securing the use of AI, we are leveraging AI to deliver agentic operations, including agentic SecOps and agentic IT Ops. In our agentic SecOps, we are making great progress towards delivering an AI-powered SOC that simplifies customers' operations and automatically hunts for threats. In August, we acquired Red Canary to combine the agentic technology with our data fabric technology to deliver actionable SOC insights for our customers. This quarter, a Fortune 500 financial services company, a global 2,000 healthcare equipment company, a global 2,000 energy company, and more, purchased our agentic SecOps solution. In our agentic IT Ops, we are introducing several Zscaler Digital Experience or ZDX innovations to enable faster resolution to application and network performance issues.

As AI and AI agents define the next era of transformation, we are further extending our platform to secure AI agents, agentic workflows, and AI applications. In addition to securing the use of AI, we are leveraging AI to deliver agentic operations, including agentic SecOps and agentic IT Ops. In our agentic SecOps, we are making great progress towards delivering an AI-powered SOC that simplifies customers' operations and automatically hunts for threats. In August, we acquired Red Canary to combine the agentic technology with our data fabric technology to deliver actionable SOC insights for our customers. This quarter, a Fortune 500 financial services company, a global 2,000 healthcare equipment company, a global 2,000 energy company, and more, purchased our agentic SecOps solution. In our agentic IT Ops, we are introducing several Zscaler Digital Experience or ZDX innovations to enable faster resolution to application and network performance issues.

As AI and AI agents, we are defining the next era of transformation. We are further extending our platform to secure AI agents, agentic work, flows, and AI applications.

In addition to securing the use of AI, we are leveraging AI to deliver agentic operations, including agentic SecOps and agentic IT Ops.

In our agentic SecOps, we are making great progress towards delivering an AI-powered SOC that simplifies customers' operations and automatically hunts for threats.

In August, we acquired Red Canary to combine the agentic technology with our data fabric technology to deliver actionable SOC insights for our customers.

And more purchases are agentic SecOps solutions.

Jay Chaudhry: Our innovations, like the ZDX Copilot, continue to resonate with customers and have driven over 80% year-over-year growth in bookings of ZDX Advanced Plus in the last 12 months. I'm very pleased to see continued momentum for our AI security solutions. As I mentioned, we are expecting AI security ARR to surpass half a billion dollars by the end of fiscal 2026. Turning to our second growth pillar, we continue to see strong momentum in Zero Trust Everywhere, which includes Zero Trust users, Zero Trust branch, and Zero Trust cloud. Three quarters ago, we introduced Zero Trust Everywhere and set a goal to secure 390 enterprises with Zero Trust Everywhere by the end of fiscal 2026. I'm delighted to share that we now have over 450 Zero Trust Everywhere enterprises, achieving our goals three quarters ahead of our target date.

Our innovations, like the ZDX Copilot, continue to resonate with customers and have driven over 80% year-over-year growth in bookings of ZDX Advanced Plus in the last 12 months. I'm very pleased to see continued momentum for our AI security solutions. As I mentioned, we are expecting AI security ARR to surpass half a billion dollars by the end of fiscal 2026. Turning to our second growth pillar, we continue to see strong momentum in Zero Trust Everywhere, which includes Zero Trust users, Zero Trust branch, and Zero Trust cloud. Three quarters ago, we introduced Zero Trust Everywhere and set a goal to secure 390 enterprises with Zero Trust Everywhere by the end of fiscal 2026. I'm delighted to share that we now have over 450 Zero Trust Everywhere enterprises, achieving our goals three quarters ahead of our target date.

In our agentic IT Ops, we are introducing several CSR digital experience or ZDX innovations to enable faster resolution of application and network performance issues.

Our innovations, like the ZDX Corps pilot, continue to resonate with customers and have driven over 80% year-over-year growth in bookings of ZDX Advanced Plus in the last 12 months.

I'm very pleased to see continued momentum for our AI Security Solutions.

As I mentioned, we are expecting AI security to surpass $500 million by the end of fiscal 2026.

Turning to our second growth pillar, we continue to see strong momentum in Zero Trust Everywhere, which includes Zero Trust users, Zero Trust branch, and Zero Trust cloud.

Three quarters ago, we introduced Zero Trust Everywhere and set a goal to secure 390 enterprises with Zero Trust Everywhere by the end of fiscal 2026.

I'm delighted to share that we now have over 450 zero trust deployments across enterprises.

Jay Chaudhry: Our Zero Trust Everywhere customers benefit from reduced cost and complexity by eliminating legacy network and security products. This expanded relationship through Zero Trust Everywhere also creates follow-on demand for data security and AI security. One of the key components of Zero Trust Everywhere is Zero Trust Cloud, which allows customers to eliminate VPNs, North, South, and East/West virtual firewalls, express route, and direct connect networks, resulting in far better cybersecurity. To share a customer example, in an eight-figure TCV win, an existing million-dollar-plus Fortune 500 healthcare customer adopted our Zero Trust Cloud solution along with ZDX Advanced Plus, data security modules, and more. Zero Trust Cloud secures workload communication across the VPC or virtual private cloud and SAP RISE cloud-based ERP.

Our Zero Trust Everywhere customers benefit from reduced cost and complexity by eliminating legacy network and security products. This expanded relationship through Zero Trust Everywhere also creates follow-on demand for data security and AI security. One of the key components of Zero Trust Everywhere is Zero Trust Cloud, which allows customers to eliminate VPNs, North, South, and East/West virtual firewalls, express route, and direct connect networks, resulting in far better cybersecurity. To share a customer example, in an eight-figure TCV win, an existing million-dollar-plus Fortune 500 healthcare customer adopted our Zero Trust Cloud solution along with ZDX Advanced Plus, data security modules, and more. Zero Trust Cloud secures workload communication across the VPC or virtual private cloud and SAP RISE cloud-based ERP.

Achieving our goals. Three quarters ahead of our target. Date, our zero. Trust everywhere. Customers benefit from reduced costs and complexity by eliminating legacy network and security products.

This expanded relationships through zero. Trust everywhere also creates a following demand for data security and AI security.

One of the key components of Zero Trust Everywhere is Zero Trust Cloud, which allows customers to eliminate VPNs, north-south and east-west virtual firewalls, ExpressRoute, and Direct Connect networks. This results in far better cybersecurity.

To share a customer example.

In an 8-figure TCV win, an existing million-dollar-plus Fortune 500 healthcare customer adopted our Zero Trust Cloud solution, along with ZDX advanced class data, security modules, and more.

Jay Chaudhry: Without Zero Trust Cloud, the customer would have had to deploy a significant number of North, South, and East/West firewalls, resulting in increased cost and many months of delay. This customer told me that in the last 15 years, they have not been so excited about the solution that not only brought better security, but also was easy to deploy and operate. Just like the migration of Microsoft Exchange to Office 365 was a big tailwind to our business a few years ago, I believe the migration of SAP on-prem to SAP RISE will have a similar impact on our business. We continue to see strong interest from customers for Zero Trust Branch, which is another key component of Zero Trust Everywhere. Zero Trust Branch eliminates the need for legacy point solutions at branches, factories, and campuses.

Without Zero Trust Cloud, the customer would have had to deploy a significant number of North, South, and East/West firewalls, resulting in increased cost and many months of delay. This customer told me that in the last 15 years, they have not been so excited about the solution that not only brought better security, but also was easy to deploy and operate. Just like the migration of Microsoft Exchange to Office 365 was a big tailwind to our business a few years ago, I believe the migration of SAP on-prem to SAP RISE will have a similar impact on our business. We continue to see strong interest from customers for Zero Trust Branch, which is another key component of Zero Trust Everywhere. Zero Trust Branch eliminates the need for legacy point solutions at branches, factories, and campuses.

Zero Trust Cloud. Secours. Workload communication across the VPC or Virtual Private Cloud and SAP Rise cloud-based ERP.

Without a Zero Trust cloud, the customer would have had to deploy a significant number of north-south and east-west firewalls, resulting in increased costs and many months of delay.

This customer told me that, in the last 15 years, they've not been so excited about the solution that not only brought better security, but also was easy to deploy and operate.

Just like the migration of Microsoft Exchange to Office 365 was a big tailwind to our business, a few years ago, I believe the migration of SAP on-prem to SAP RISE will have a similar impact on our business. We continue to see strong interest.

From customers for zero trust, branch, which is another key component of zero trust everywhere.

Jay Chaudhry: To give you an example, in a seven-figure upsell win, a Global 2,000 manufacturing customer more than tripled their ARR and became a Zero Trust Everywhere customer by purchasing our Zero Trust Branch, ZPA, ZDX Advanced Plus, RISC 360, and more. Moving to Data Security Everywhere, we offer a comprehensive data security portfolio with eight modules providing data discovery, data classification, posture management, data loss prevention, and more. Customers are eliminating data security point products in their environment by consolidating data security functionality on our unified platform. To share an example, in a seven-figure new logo ACB win, a large healthcare provider purchased five out of our eight data security modules for their 23,000 users. This enterprise chose Zscaler over a leading CASB vendor due to our integrated platform, which delivers data security across all channels for all types of data.

To give you an example, in a seven-figure upsell win, a Global 2,000 manufacturing customer more than tripled their ARR and became a Zero Trust Everywhere customer by purchasing our Zero Trust Branch, ZPA, ZDX Advanced Plus, RISC 360, and more. Moving to Data Security Everywhere, we offer a comprehensive data security portfolio with eight modules providing data discovery, data classification, posture management, data loss prevention, and more. Customers are eliminating data security point products in their environment by consolidating data security functionality on our unified platform. To share an example, in a seven-figure new logo ACB win, a large healthcare provider purchased five out of our eight data security modules for their 23,000 users. This enterprise chose Zscaler over a leading CASB vendor due to our integrated platform, which delivers data security across all channels for all types of data.

Zero Trust, branch eliminates the need for legacy point solutions at branches, factories, and campuses.

To give you an example in a 7-figure upsell, when a global 2,000 manufacturing customer more than tripled their ARR and became a zero trust everywhere customer by purchasing our Zero Trust Branch, CPA, ZDX Advanced, plus R360 and more.

Moving to data security everywhere.

We offer a comprehensive data security portfolio with eight modules, providing data discovery, data classification, posture management, data loss prevention, and more.

Customers are eliminating data security point products in their environment by consolidating data security functionality on our unified platform. To share an example, in a 7-figure new logo Annual Contract Value (ACV), a large healthcare provider purchased 5 out of our 8 data security modules for their 23,000 users.

Jay Chaudhry: I'm excited to share that our Data Security Everywhere ARR accelerated to approximately $450 million. The growth across our three pillars is powered by our strong go-to-market engine. One of the key initiatives we recently introduced was our Zflex program, which enables customers to commit to a spend and provide flexibility to swap or activate additional modules without undergoing new procurement cycles. Zflex is driving meaningful upsells, reduced sales cycles, and is consistently exceeding my expectations. Zflex generated over $175 million in TCV, growing over 70% quarter over quarter. To share a couple of customer examples, an existing large aerospace customer made a multi-year eight-figure TCV commitment under the Zflex program, increasing their annual spend with us by over 40%.

I'm excited to share that our Data Security Everywhere ARR accelerated to approximately $450 million. The growth across our three pillars is powered by our strong go-to-market engine. One of the key initiatives we recently introduced was our Zflex program, which enables customers to commit to a spend and provide flexibility to swap or activate additional modules without undergoing new procurement cycles. Zflex is driving meaningful upsells, reduced sales cycles, and is consistently exceeding my expectations. Zflex generated over $175 million in TCV, growing over 70% quarter over quarter. To share a couple of customer examples, an existing large aerospace customer made a multi-year eight-figure TCV commitment under the Zflex program, increasing their annual spend with us by over 40%.

For all types of data.

I'm excited to share that our data security everywhere has accelerated to approximately $450 million.

The growth across our three pillars is powered by a strong go-to-market engine.

One of the key initiatives we recently introduced was our Zflex program, which enables customers to commit to a spend and provides flexibility to swap or activate additional modules without undergoing new procurement cycles.

Zflex is driving meaningful upsells and reduced sales cycles and is consistently exceeding my expectations. Cflex generated over $175 million in TCV.

Growing over 70% quarter over quarter.

Jay Chaudhry: As part of the Flex commitment, the customer added nine new modules, including asset exposure management, identity threat detection, unified vulnerability management, email DLP, and expanded commitment for data security. In a seven-figure upsell win, a Fortune 500 business services provider more than doubled their annual spend with us as they expanded adoption of nine modules under the Zflex program. In conclusion, our business is benefiting from the strong tailwinds from the combination of Zero Trust and AI security. The best AI security is built on the foundation of Zero Trust. Our clear leadership in Zero Trust security, combined with our comprehensive AI security offerings, positions us well to capture the large and growing AI security market. With our strong go-to-market engine, we are well positioned to exceed $10 billion in ARR. Now, I'd like to turn over the call to Kevin for our financial results.

As part of the Flex commitment, the customer added nine new modules, including asset exposure management, identity threat detection, unified vulnerability management, email DLP, and expanded commitment for data security. In a seven-figure upsell win, a Fortune 500 business services provider more than doubled their annual spend with us as they expanded adoption of nine modules under the Zflex program. In conclusion, our business is benefiting from the strong tailwinds from the combination of Zero Trust and AI security. The best AI security is built on the foundation of Zero Trust. Our clear leadership in Zero Trust security, combined with our comprehensive AI security offerings, positions us well to capture the large and growing AI security market. With our strong go-to-market engine, we are well positioned to exceed $10 billion in ARR. Now, I'd like to turn over the call to Kevin for our financial results.

To share a couple of customer examples, an existing large aerospace customer made a multi-year, eight-figure TCV commitment under the Zscaler Flex program, increasing their annual spend with us by over 40% as part of the Flex commitment. The customer added nine new modules, including Asset Exposure Management, Identity, Threat Detection, Unified Vulnerability Management, Email DLP, and expanded commitment for Data Security.

In a 7-figure upsell, win a Fortune 500 business, service provider,

more than double the annual spend with us as they expanded adoption of 9 modules under the Zscaler program.

In conclusion, our business is benefiting from the strong tailwinds from the combination of zero trust and AI security. The best AI security is built on the foundation of zero trust.

Our clarity in leadership in zero trust security, combined with our comprehensive AI security offerings, positions us well to capture the large and growing AI security market.

Jay Chaudhry: Thank you, Jay, and good afternoon, everyone. We exceeded our growth targets in Q1 and operated at rule of 78 for the quarter. We ended Q1 with over $3.2 billion in ARR, reflecting approximately 26% year-over-year growth. ARR from each of our three growth pillars accelerated in the quarter, including on an organic basis. Q1 revenue was $788 million, growing 26% year-over-year, 10% sequentially, and exceeding the high end of our guidance. Geographically, the Americas accounted for 58% of revenue, EMEA for 27% of revenue, and APJ for 15% of revenue. Our remaining performance obligation, or RPO, grew approximately 35% year-over-year to $5.9 billion, with approximately 47% classified as current RPO. We closed Q1 with 698 customers generating over $1 million in ARR, and 3,754 customers exceeding $100,000 in ARR, demonstrating the strategic role we play in customers' digital transformation journeys.

Kevin Rubin: Thank you, Jay, and good afternoon, everyone. We exceeded our growth targets in Q1 and operated at rule of 78 for the quarter. We ended Q1 with over $3.2 billion in ARR, reflecting approximately 26% year-over-year growth. ARR from each of our three growth pillars accelerated in the quarter, including on an organic basis. Q1 revenue was $788 million, growing 26% year-over-year, 10% sequentially, and exceeding the high end of our guidance. Geographically, the Americas accounted for 58% of revenue, EMEA for 27% of revenue, and APJ for 15% of revenue. Our remaining performance obligation, or RPO, grew approximately 35% year-over-year to $5.9 billion, with approximately 47% classified as current RPO. We closed Q1 with 698 customers generating over $1 million in ARR, and 3,754 customers exceeding $100,000 in ARR, demonstrating the strategic role we play in customers' digital transformation journeys.

And with our strong go-to-market engine, we are well positioned to exceed $10 billion in ARR. Now, I would like to turn over the call to Kevin for our financial results.

Thank you, Jay, and good afternoon, everyone.

We exceeded our growth targets in Q1 and operated at the rule of 78 for the quarter.

We ended Q1 with over $3.2 billion in ARR, reflecting a 26% year-over-year growth.

ARR from each of our three growth pillars accelerated in the quarter, including on an organic basis.

Q1 revenue was $788 million, growing 26% year-over-year and 10% sequentially, exceeding the high end of our guidance.

Geographically, the Americas accounted for 58% of revenue, while AMIA accounted for 27% of revenue.

And APJ for 15% of revenue.

Our remaining performance obligation, or RPO, grew approximately 35% year-over-year to $5.9 billion, with approximately 47% classified as current RPO.

Jay Chaudhry: Turning to the rest of our Q1 financial performance, our gross margin was 79.9% as compared to 80.6% last fiscal year Q1. I'd like to remind investors that we are introducing new products that are experiencing strong growth and are optimized for faster go-to-market rather than margins. This will continue to influence our gross margins on a quarterly basis. We plan to optimize new products for margins over time as they scale. Operating expenses increased 11% sequentially and 23% year-over-year, reaching $458 million. Operating margin was 21.8% towards the higher end of our long-term range, and growing by approximately 40 basis points year-over-year. Our free cash flow margin for Q1 was 52%, including data center CapEx at 2% of revenue. We ended the quarter with $3.3 billion in cash, cash equivalents, and short-term investments. Next, let me provide our guidance for Q2 and full year fiscal 2026.

Turning to the rest of our Q1 financial performance, our gross margin was 79.9% as compared to 80.6% last fiscal year Q1. I'd like to remind investors that we are introducing new products that are experiencing strong growth and are optimized for faster go-to-market rather than margins. This will continue to influence our gross margins on a quarterly basis. We plan to optimize new products for margins over time as they scale. Operating expenses increased 11% sequentially and 23% year-over-year, reaching $458 million. Operating margin was 21.8% towards the higher end of our long-term range, and growing by approximately 40 basis points year-over-year. Our free cash flow margin for Q1 was 52%, including data center CapEx at 2% of revenue. We ended the quarter with $3.3 billion in cash, cash equivalents, and short-term investments. Next, let me provide our guidance for Q2 and full year fiscal 2026.

We close Q1 with 698 customers generating over $1 million in ARR and 3,754 customers exceeding $100,000 in ARR, demonstrating the strategic role we play in customers' digital transformation journeys.

Turning to the rest of our Q1 financial performance, our gross margin was 79.9% as compared to 80.6% in Q1 of the last fiscal year.

I'd like to remind investors that we are introducing new products that are experiencing strong growth and are optimized for faster go-to-market rather than margins. This will continue to influence our gross margins on a quarterly basis. We plan to optimize new products for margins over time as they scale.

Operating expenses increased 11% sequentially and 23% year-over-year, reaching $458 million.

Operating margin was 21.8%, toward the higher end of our long-term range, and growing by approximately 40 basis points year-over-year.

For Q1, it was 52%, including data center CapEx at 2% of revenue.

We ended the quarter with $3.3 billion in cash, cash equivalents, and short-term investments.

Jay Chaudhry: As a reminder, these numbers are all non-GAAP. For the second quarter, we expect revenue in the range of $797 million to $799 million, reflecting year-over-year growth of approximately 23%. Gross margins to be approximately 80%. Operating profit in the range of $172 million to $174 million. Net other income of approximately $19 million. Earnings per share in the range of $0.89 to $0.90, assuming a 21% tax rate and 170 million fully diluted shares. For the full year fiscal 2026, ARR in the range of $3.698 billion to $3.718 billion, reflecting year-over-year growth of 22.7% to 23.3%. We anticipate approximately 47.8% of net new ARR to be recognized in the first half. Revenue in the range of $3.282 billion to $3.301 billion, reflecting year-over-year growth of 22.8% to 23.5%. Operating profit in the range of $732 million to $740 million.

As a reminder, these numbers are all non-GAAP. For the second quarter, we expect revenue in the range of $797 million to $799 million, reflecting year-over-year growth of approximately 23%. Gross margins to be approximately 80%. Operating profit in the range of $172 million to $174 million. Net other income of approximately $19 million. Earnings per share in the range of $0.89 to $0.90, assuming a 21% tax rate and 170 million fully diluted shares. For the full year fiscal 2026, ARR in the range of $3.698 billion to $3.718 billion, reflecting year-over-year growth of 22.7% to 23.3%. We anticipate approximately 47.8% of net new ARR to be recognized in the first half. Revenue in the range of $3.282 billion to $3.301 billion, reflecting year-over-year growth of 22.8% to 23.5%. Operating profit in the range of $732 million to $740 million.

Next, let me provide our guidance for Q2 and the full year, fiscal 2026. As a reminder, these numbers are all non-GAAP.

Million dollars to $799 million, reflecting year-over-year growth of approximately 23%.

Gross margins to be approximately 80%.

Operating profit in the range of $172 million to $174 million.

Net other income of approximately $19 million; earnings per share in the range of $0.89 to $0.90. Assuming a 21% tax rate and 170 million fully diluted shares.

For the full year, fiscal 2026.

ARR in the range of 3.698 billion to 3.718 billion reflecting year-over-year growth of 22.7% to 23.3%, we anticipate approximately 47.8% of net new ARR to be recognized in the first half.

Revenue is expected to be in the range of $3.282 billion to $3.301 billion, reflecting our growth of 22.8% to 23.5%.

Jay Chaudhry: Earnings per share in the range of $3.78 to $3.82, assuming a 21% tax rate and approximately 170.5 million fully diluted shares. Free cash flow margin to be approximately 26.0% to 26.5%. With a large market opportunity, and customers increasingly adopting the broader platform, we will invest aggressively to position us for long-term growth and profitability. Before moving to Q&A, I'd like to thank Ashwin for his significant contributions to IR and strategic finance, and wish him well as he transitions to his product role. I'm also excited to welcome Kim to Zscaler. With that, operator, you may now open the call for questions. Thank you. As a reminder, to ask a question, please press star 11 on your telephone and wait for your name to be announced. To withdraw your question, please press star 11 again. Please limit yourself to one question. One moment for questions.

Earnings per share in the range of $3.78 to $3.82, assuming a 21% tax rate and approximately 170.5 million fully diluted shares. Free cash flow margin to be approximately 26.0% to 26.5%. With a large market opportunity, and customers increasingly adopting the broader platform, we will invest aggressively to position us for long-term growth and profitability. Before moving to Q&A, I'd like to thank Ashwin for his significant contributions to IR and strategic finance, and wish him well as he transitions to his product role. I'm also excited to welcome Kim to Zscaler. With that, operator, you may now open the call for questions.

Operating profit in the range of $732 million to $740 million. Earnings per share in the range of $3.78 to $3.82. Assuming a 21% tax rate and approximately 170.5 million fully diluted shares, free cash flow margin to be approximately ...

Approximately 26.0% to 26.5%.

With a large market opportunity and customers increasingly adopting the broader platform, we will invest aggressively to position us for long-term growth and profitability.

Thank you. As a reminder, to ask a question, please press star 11 on your telephone and wait for your name to be announced. To withdraw your question, please press star 11 again. Please limit yourself to one question. One moment for questions.

Before moving to Q&A, I'd like to thank Ashwin for his significant contributions to IR and strategic finance, and wish him well as he transitions to his product role. I'm also excited to welcome Kim to Zscaler.

With that operator, you may now open the call for questions.

Jay Chaudhry: Our first question comes from Brad Zelnick with Deutsche Bank. You may proceed. Excellent. Thank you so much, and congrats on such a strong start to the year, and hitting your Zero Trust Everywhere goal three quarters ahead is just amazing. Jay, I wanted to ask about Zero Trust Branch, which we continue to hear good things about. It's showing some nice early adoption. As we look ahead, how much more work needs to be done on the product and/or go-to-market fine-tuning to see real acceleration from here? Thanks. Thanks, Brad. We have done some amazing work on the technology side to build a Zero Trust Branch where each branch is merely an island, no lateral movement that's generally caused by traditional networking with SD-WAN and MPLS. Product is in great shape.

Our first question comes from Brad Zelnick with Deutsche Bank. You may proceed.

Thank you. As a reminder, to ask a question, please press star, 1, and then 1 on your telephone and wait for your name to be announced to withdraw your question. Please press star, 1, and 1 again. Please limit yourself to 1 question. One moment for questions.

Brad Zelnick: Excellent. Thank you so much, and congrats on such a strong start to the year, and hitting your Zero Trust Everywhere goal three quarters ahead is just amazing. Jay, I wanted to ask about Zero Trust Branch, which we continue to hear good things about. It's showing some nice early adoption. As we look ahead, how much more work needs to be done on the product and/or go-to-market fine-tuning to see real acceleration from here?

Our first question comes from Brad Zelnik with Deutsche Bank. You may proceed.

Thanks.

Jay Chaudhry: Thanks, Brad. We have done some amazing work on the technology side to build a Zero Trust Branch where each branch is merely an island, no lateral movement that's generally caused by traditional networking with SD-WAN and MPLS. Product is in great shape.

Excellent, thank you so much and congrats on such a strong start to the year and hitting your zero trust everywhere. Goal 3 quarters ahead is is just amazing J. I wanted to ask about zero Trust branch which we continue to hear good things about. It's showing some nice early adoption but as we look ahead how much more work needs to be done on the product and or go to market fine, tuning to see real acceleration from here, thanks.

Jay Chaudhry: Go-to-market, we put together a specialty team that can actually engage with the right buyers to explain the solutions. The numbers are pretty impressive. I often joke internally that Zero Trust Branch needs no pipeline generation effort because there's so much demand in the customers. I think we shared some numbers. Our Zero Trust Branch customers have now exceeded over 450 customers. A lot of customers start small, they do the smaller rollout, and then they move on to bigger deals. In my prepared remarks, I gave an example of global 2,000 manufacturing customers whose ARR more than tripled. I think there are many, many such examples. We got about 4,400 enterprise-class customers. They only gone to about 10% of them. I see a big opportunity. I think it's an exciting area for us, and it's part of our Zero Trust Everywhere platform. Thank you so much, Jay.

Go-to-market, we put together a specialty team that can actually engage with the right buyers to explain the solutions. The numbers are pretty impressive. I often joke internally that Zero Trust Branch needs no pipeline generation effort because there's so much demand in the customers. I think we shared some numbers. Our Zero Trust Branch customers have now exceeded over 450 customers. A lot of customers start small, they do the smaller rollout, and then they move on to bigger deals. In my prepared remarks, I gave an example of global 2,000 manufacturing customers whose ARR more than tripled. I think there are many, many such examples. We got about 4,400 enterprise-class customers. They only gone to about 10% of them. I see a big opportunity. I think it's an exciting area for us, and it's part of our Zero Trust Everywhere platform.

Thanks, Brad. We have done some amazing work on the technology side to build a Zero Trust branch, where each branch is merely an island with no lateral movement. That's generally caused by traditional networking with SD-WAN and MPLS.

The product is in great shape, ready for market. We put together a specialty team that connects and engages with the right buyers to explain the solutions. The numbers are pretty impressive. I open Jo Jo, and internally, that 0 to Branch needs no pipeline generation effort because there's so much demand from the customers.

I think we shared some numbers that are zero. Trust branch customers have now exceeded over 450 customers.

A lot of customers start small; they do the smaller rollout, and then they...

Move on to bigger deals. In my prepared remarks, I gave an example of a Global 2000 manufacturing customer whose revenue has more than tripled.

I think there are many, many such examples. We have about 4,400 enterprise-class customers, and we've only gone to about 10% of them.

Brad Zelnick: Thank you so much, Jay.

So I see a big opportunity. I think it's an exciting area for us, and it's part of our Zero Trust Everywhere.

Our platform.

Jay Chaudhry: Thank you. Thank you. Our next question comes from Saket Keli with Barclays. You may proceed. Okay, great. Hey, guys. Congrats on the strong start to the year. Thanks for taking my questions, and congrats, Ashwin. Yes. Maybe a little bit of a joint question for you, Jay, and Kevin. The billion dollars in ARR that's coming from the three emerging areas is clearly outgrowing the rest of the business. In fact, I think you said it accelerated, and for good reason. I was wondering if you could help us think about the other $2 billion in ARR. Maybe specifically, is it fair to think about that other tranche as more of à la carte Zero Trust tools like ZIA and ZPA?

Operator: Thank you. Thank you. Our next question comes from Saket Keli with Barclays. You may proceed.

Thank you.

Saket Keli: Okay, great. Hey, guys. Congrats on the strong start to the year. Thanks for taking my questions, and congrats, Ashwin. Yes. Maybe a little bit of a joint question for you, Jay, and Kevin. The billion dollars in ARR that's coming from the three emerging areas is clearly outgrowing the rest of the business. In fact, I think you said it accelerated, and for good reason. I was wondering if you could help us think about the other $2 billion in ARR. Maybe specifically, is it fair to think about that other tranche as more of à la carte Zero Trust tools like ZIA and ZPA?

Thank you. Our next question comes from the secretary with Barclays. You may proceed.

Okay, great. Hey guys, congrats on the strong start to the year. Thanks for taking my questions, and congrats Ashwin.

Yes.

Maybe, maybe, uh, a little bit of a joint question for you, Jay, and Kevin.

Jay Chaudhry: Maybe relatedly, how do you think about the growth rate for that $2 billion versus an emerging bucket that's clearly growing faster than the rest of the business? Yes, it's very true that our three buckets, a billion-dollar ARR, have been growing very well. The remaining $2 billion, yes, a big part of that is ZIA and ZPA. It has been growing quite well. The big opportunity for that business is also to emerge into Zero Trust Everywhere. Remember we said that Zero Trust journey started with users. We've taken it to branches, we've taken it to cloud, and next to IoToT. While other vendors who tried to claim Zero Trust tried to say we got SASE, they're merely sitting with Zero Trust trying to do for users. We have expanded the platform to give a lot of opportunities.

Maybe relatedly, how do you think about the growth rate for that $2 billion versus an emerging bucket that's clearly growing faster than the rest of the business?

Jay Chaudhry: Yes, it's very true that our three buckets, a billion-dollar ARR, have been growing very well. The remaining $2 billion, yes, a big part of that is ZIA and ZPA. It has been growing quite well. The big opportunity for that business is also to emerge into Zero Trust Everywhere. Remember we said that Zero Trust journey started with users. We've taken it to branches, we've taken it to cloud, and next to IoToT. While other vendors who tried to claim Zero Trust tried to say we got SASE, they're merely sitting with Zero Trust trying to do for users. We have expanded the platform to give a lot of opportunities.

But, but I was wondering if you could help us think about the other $2 billion in ARR and maybe specifically is it fair to think about that other tranche as more of a Cart Zero Trust tools, like Ziya and ZPA? And maybe relatedly, how do you think about the growth rate for that $2 billion versus an emerging bucket that's clearly growing faster than the rest of the business?

So, yes, it's very true that our.

3, 3 buckets, a billion-dollar error has been growing very well. The remaining $2 billion. Yes, a big part of that is the ICPA. It has been going quite well, but the big opportunity for that business is also to emerge into zero trust everywhere. Rumble, we said that the 0 to 3 journey started with users.

Jay Chaudhry: The core business by itself will grow at a smaller rate than the rest of the overall business. Our goal is really to take every customer to Zero Trust Everywhere. That's what we are successfully doing. Very helpful. Thanks, guys. Yeah. Thank you. Our next question comes from Meta Marshall with Morgan Stanley. You may proceed. Great. Thank you. Maybe I just wanted to ask a question about Red Canary and just how it's kind of performing towards expectations, given that you guys have been looking at a fair amount of churn within your kind of assumptions for that business. Just any context around that performance would be helpful. Thanks. I'll start with broad comments, and Kevin can go deeper. The integration of Red Canary with Zscaler is going very well. The GNA integration was done right away. The two other main areas were, one, engineering and products.

The core business by itself will grow at a smaller rate than the rest of the overall business. Our goal is really to take every customer to Zero Trust Everywhere. That's what we are successfully doing.

Saket Keli: Very helpful. Thanks, guys.

We're taking it to branches, we're taking it to cloud, and next to IoT. One other vendor who tried to claim Zero Trust tried to say we got SASE; they're merely sitting with Zero Trust, trying to do for users. We have expanded the platform to provide a lot of opportunities. The core business, by itself, will grow at a smaller rate than the rest of the overall business. But our goal is really to take every customer to Zero Trust everywhere, and that's what we are successfully doing.

Jay Chaudhry: Yeah. Thank you.

Very helpful. Thanks guys. Yeah.

Operator: Our next question comes from Meta Marshall with Morgan Stanley. You may proceed.

Thank you.

Meta Marshall: Great. Thank you. Maybe I just wanted to ask a question about Red Canary and just how it's kind of performing towards expectations, given that you guys have been looking at a fair amount of churn within your kind of assumptions for that business. Just any context around that performance would be helpful. Thanks.

Our next question comes from Meta Marshall with Morgan Stanley. You may proceed.

Jay Chaudhry: I'll start with broad comments, and Kevin can go deeper. The integration of Red Canary with Zscaler is going very well. The GNA integration was done right away. The two other main areas were, one, engineering and products.

Great, thank you. Um, maybe I just wanted to ask a question about Red Canary and, just you know, how it's kind of performing towards expectations, given that you guys have been looking at a fair amount of churn within your kind of assumptions for that business. Just any context around that performance would be helpful. Thanks.

Jay Chaudhry: We're integrating Red Canary's agentic AI technology with the Zscaler platform, doing well. Second is go-to-market. Red Canary's go-to-market team has become a security operations specialist team. It's working with our field sales organization, which is uncovering opportunity. We're seeing a vast majority of Zscaler, Red Canary pipeline is now coming from Zscaler customers. Kevin? Yeah. I would just add that Red Canary is trending slightly better than our previous guidance. Keep in mind that we don't believe that Red Canary's contribution is material to our overall business. As we go forward, we don't intend to provide specific color on Red Canary. Great. Thanks. Thank you. Our next question comes from Tal Liani with Bank of America. You may proceed. Hi, guys.

We're integrating Red Canary's agentic AI technology with the Zscaler platform, doing well. Second is go-to-market. Red Canary's go-to-market team has become a security operations specialist team. It's working with our field sales organization, which is uncovering opportunity. We're seeing a vast majority of Zscaler, Red Canary pipeline is now coming from Zscaler customers. Kevin?

I'll start with broad comments and Kevin can go deeper. You know, the integration of Red Canary with Zscaler is going very well. The GN integration is done right away. The two other main areas are engineering and products. We are integrating Red Canary's agent technology with the Zscaler platform, doing well. Second is go-to-market. Red Canary's go-to-market team has become security operations specialist teams. It's working with our field sales organization, which is uncovering opportunities.

Kevin Rubin: Yeah. I would just add that Red Canary is trending slightly better than our previous guidance. Keep in mind that we don't believe that Red Canary's contribution is material to our overall business. As we go forward, we don't intend to provide specific color on Red Canary.

So, seeing a vast majority of Zscaler red. Kennedy pipeline is now coming from ZCore. Customers. Kevin. Yeah, I would just add that Red Canary is trending slightly better than our previous guidance. Um, but keep in mind that, you know, we don't believe that Red Canary's contribution is material to our overall performance.

Meta Marshall: Great. Thanks.

So as we go forward, we don't intend to provide specific color on Red Canary.

Operator: Thank you. Our next question comes from Tal Liani with Bank of America. You may proceed.

Great, thanks.

Thank you.

Tal Liani: Hi, guys.

Our next question comes from Tolani with Bank of America. You may proceed.

Jay Chaudhry: This quarter was stronger than actually we see because if I look at the year-over-year growth in dollars last year, first of all, first quarter last year was very strong. You're growing 26% almost on a very strong quarter. Second, last year, on a year-over-year basis, you added between $122 to 130 million every quarter on a year-over-year basis. This quarter, you're adding $160 million. That means that the growth is strong. I'm trying to understand if you can break down on revenue level, not on ARR level, what is driving the strength. I mean, the stock is down, but the trends beneath the surface seem very strong. I'm trying to understand what is driving it.

This quarter was stronger than actually we see because if I look at the year-over-year growth in dollars last year, first of all, first quarter last year was very strong. You're growing 26% almost on a very strong quarter. Second, last year, on a year-over-year basis, you added between $122 to 130 million every quarter on a year-over-year basis. This quarter, you're adding $160 million. That means that the growth is strong. I'm trying to understand if you can break down on revenue level, not on ARR level, what is driving the strength. I mean, the stock is down, but the trends beneath the surface seem very strong. I'm trying to understand what is driving it.

Hi guys.

um,

this quarter was stronger than than actually you. We see because

if I look at the year-over-year growth in dollars last year,

Um, first of all, the first quarter last year was very strong, so you're growing 26% almost on a very strong quarter.

And second last year on the year-over-year basis, you added between 122 to 130 million every every quarter on a year-over-year basis. And this quarter, you're adding 160.

Jay Chaudhry: If you can break it down, even not in numbers, even if it's just qualitative, to discuss what's happening in the core versus what are the key leading products that are driving this strength. I'll start with a broad product area. As you know, we built a platform, and we are expanding the platform. The three big pillars of our platform have been Zero Trust Everywhere, AI security, and data security. All three areas are growing very well, they're actually accelerating, and that's our part of the strategy. Our strategy is if every customer starts moving to Zero Trust Everywhere, we become very, very differentiated because no one in the market is even coming close to that. They're all trying to figure out how to solve the user side of it.

If you can break it down, even not in numbers, even if it's just qualitative, to discuss what's happening in the core versus what are the key leading products that are driving this strength.

Jay Chaudhry: I'll start with a broad product area. As you know, we built a platform, and we are expanding the platform. The three big pillars of our platform have been Zero Trust Everywhere, AI security, and data security. All three areas are growing very well, they're actually accelerating, and that's our part of the strategy. Our strategy is if every customer starts moving to Zero Trust Everywhere, we become very, very differentiated because no one in the market is even coming close to that. They're all trying to figure out how to solve the user side of it.

So, so that means that the growth is strong and I'm, I'm trying to understand if you can break down on Revenue level, not on our level. What is driving the strength? I mean the stock is down but but the the trends beneath the surface seem very strong and I'm trying to understand what is driving it and if you can break it down, even not in numbers. Even if it's just qualitative to to discuss what's happening in the core versus what are the key leading products that are driving this strength.

I'll start with a broad product area, right? As you know, we built a platform that we're expanding the platform that 3 big pillars of our platform.

Have been.

Cedar trust everywhere.

AI, security and data security.

All 3 areas are.

Growing very well. They're actually accelerating and that's our part of the strategy. Our strategy is if every customer starts, moving to zero trust every year,

Jay Chaudhry: The data security, our customers are basically saying, we are tired of seeing point products, so many point products in data security. We are the best platform. AI security is evolving. It's a new area for us. Agentic operations has done well for us. Security of AI products is young, but it's growing pretty well. I think they're very pleased with the growth we wanted from the three key pillars, and it's beating or it's exceeding our expectations. Kevin, you want to give more color? Yeah. Thanks for the question, Tao. I mean, I think that's, frankly, both the qualitative and the quantitative response, which is we are seeing accelerated growth in our three growth pillars, which is contributing well to the business.

The data security, our customers are basically saying, we are tired of seeing point products, so many point products in data security. We are the best platform. AI security is evolving. It's a new area for us. Agentic operations has done well for us. Security of AI products is young, but it's growing pretty well. I think they're very pleased with the growth we wanted from the three key pillars, and it's beating or it's exceeding our expectations. Kevin, you want to give more color?

Become very very differentiated because no 1 in the market is even coming close to that. They're all trying to figure out how to solve the user side of it.

And the data security. Our customers are basically saying we are tired of seeing Point products. So many point products in data, security and the other best platform.

Kevin Rubin: Yeah. Thanks for the question, Tao. I mean, I think that's, frankly, both the qualitative and the quantitative response, which is we are seeing accelerated growth in our three growth pillars, which is contributing well to the business.

AI security is evolving. It's a new area for us. It can't take operations, has done well for us and security of AI products young, but it's growing pretty well. So I think we are very pleased with that growth. We wanted from the 3 key pillars and it's it's beating or it's exceeding, our expectations, Kevin. You want to give a more

Jay Chaudhry: I also mentioned in my prepared remarks that we saw organic growth come in at similar levels to what we saw last quarter. We are seeing very strong performance. The business did come in better. I was just going to add some color that we did see the business perform better than our internal expectations in the quarter. How is the core business? You have Cisco with a new product, Check Point with a new product, Paolo talking about very strong growth. How is the competitive landscape when it comes to the core business? Competitive landscape hasn't changed a whole lot. If anything else, our brand has gotten bigger. Most of the large enterprises know us very well. We are very well engaged here.

I also mentioned in my prepared remarks that we saw organic growth come in at similar levels to what we saw last quarter. We are seeing very strong performance. The business did come in better. I was just going to add some color that we did see the business perform better than our internal expectations in the quarter.

Call. Yeah, thanks for the question, Paul. I mean, I think that's frankly, um, both the qualitative and the quantitative response, which is we are seeing accelerated growth in our three growth pillars, which is contributing well to the business. Um, I also mentioned in my prepared remarks that, you know, we saw organic growth come in at similar levels to what we saw last quarter. So, uh, we are seeing very strong performance.

And and the business did come in.

Tal Liani: How is the core business? You have Cisco with a new product, Check Point with a new product, Paolo talking about very strong growth. How is the competitive landscape when it comes to the core business?

Oh, I was just going to add some color that, you know, we did see the business perform better than our internal expectations in the quarter.

Jay Chaudhry: Competitive landscape hasn't changed a whole lot. If anything else, our brand has gotten bigger. Most of the large enterprises know us very well. We are very well engaged here.

Uh-huh. And how is the core business? You have Cisco within your product checkpoint with the new product. Paulo talking about very strong growth. How is the competitive landscape when it comes to the core business?

Jay Chaudhry: A number of new entrants who have come in the market in the past year or so, largely some of the firewall companies, we have hardly seen them out there. Compared to landscape, it hasn't really changed much to mention. Got it. Thank you. Thank you. Our next question comes from Joseph Gallo with Jefferies. You may proceed. Hey, guys. Thanks for the question. Jay, I think when some look at the recent massive M&A in the space, they're fearful of the implications for underlying cyber growth. In your conversations with customers, how are they thinking about spending calendar 2026? What are the priority areas that they have as a part of that? Thanks. Customers' priorities for spending? Yeah. Just with the how has the fundamental cyber growth been? How do you expect it next year and what the priorities are?

A number of new entrants who have come in the market in the past year or so, largely some of the firewall companies, we have hardly seen them out there. Compared to landscape, it hasn't really changed much to mention.

Compared to the landscape, it hasn't changed a whole lot. If anything else, our brand has gotten bigger; most of the large enterprises know us very well. We are very engaged here with a number of new entrants.

Who has come into the market in the past year or so, largely from the firewall companies?

Tal Liani: Got it. Thank you.

Jay Chaudhry: Thank you.

We we have hardly seen them out there so compare landscape hasn't really changed much to mention.

Operator: Our next question comes from Joseph Gallo with Jefferies. You may proceed.

Got it. Thank you.

Thank you.

Joseph Gallo: Hey, guys. Thanks for the question. Jay, I think when some look at the recent massive M&A in the space, they're fearful of the implications for underlying cyber growth. In your conversations with customers, how are they thinking about spending calendar 2026? What are the priority areas that they have as a part of that? Thanks. Customers' priorities for spending? Yeah. Just with the how has the fundamental cyber growth been? How do you expect it next year and what the priorities are?

Our next question comes from Joseph. Go with Jeffrey's. You may proceed.

Hey guys, thanks for the question Jay. I think when some look at the recent massive m&a in the space they're fearful of the implications for underlying cyber growth, you know, in your conversations with customers. How are they thinking about spending calendar 2026 and what are the priority areas that they have as a part of that? Thanks.

so customers priorities for spending

Jay Chaudhry: Broadly speaking, there's no significant growth in macro environments. IT budgets remain tight. There is pressure on CIOs. There is far less pressure on the cyber side of it. Cyber is under less pressure. We do see scrutiny for large deals, similar to what we shared in the past. Two areas are still of high interest to customers. One is Zero Trust Security because all these breaches are happening out there, and second is AI security because everyone is trying to do some level of deployments of AI applications because CIOs feel like if they aren't doing anything in this area, they'll be viewed as laggards. That is also a mix. Some of the customers are seeing better results than others in terms of AI. As soon as they start thinking about doing AI applications and models, the security becomes a worry for them.

Yeah, just you know what's the how how is the fundamental cyber growth in? How do you expect it next year and what the priorities are?

Broadly speaking, there's no significant growth in back-through environments; IT budgets remain tight. There is pressure on CIOs that is far less than the pressure on the Cyber side of IT. So, cyber is...

Under less pressure. We do see scrutiny for large deals, similar to what we shared in the past. But two areas are still of high interest to customers: one is zero trust security, because of all the breaches happening out there, and the second is AI security, because everyone is trying to do some level of deployments of AI applications. CIOs feel like if they aren't doing anything in this area, they'll be viewed as laggards.

That is also mixed. Some of the customers are seeing better results than others. In terms of AI,

Jay Chaudhry: We are going in with two leading messages, Zero Trust Everywhere being one, and AI security being two. With that, we're able to get the pipeline created. The second part is to close deals. We must show strong cost takeout, and we can do that as we eliminate a lot of point products. If we are able to do both of those things, that's what's really leading us to deliver these strong results. Also, if I mention that, since our brand has become so much stronger and we've become pretty strategic partners to customers, all these CIOs, CSOs, meetings I do, it's wonderful to see them say, I mean, we moved from Company A to Company B, and we called your team to help us here as well. Look, we are tracking well. We're excited about what lies ahead for us.

We are going in with two leading messages, Zero Trust Everywhere being one, and AI security being two. With that, we're able to get the pipeline created. The second part is to close deals. We must show strong cost takeout, and we can do that as we eliminate a lot of point products. If we are able to do both of those things, that's what's really leading us to deliver these strong results. Also, if I mention that, since our brand has become so much stronger and we've become pretty strategic partners to customers, all these CIOs, CSOs, meetings I do, it's wonderful to see them say, I mean, we moved from Company A to Company B, and we called your team to help us here as well. Look, we are tracking well. We're excited about what lies ahead for us.

But as soon as they start thinking about doing AI applications and models, the security Becomes of of, of worry for them. So we are going in with 2 leading messages zero trust everywhere being 1 and AI security being 2. So with that we're able to get the pipeline created and the second part is to close the deals. We must

I'm not sure strong cost takeout and we can do that as we eliminate a lot of Point products.

so, we are able to

Jay Chaudhry: Thank you. Thank you. Our next question comes from Mike Cikos, Needham. You may proceed. Great. Thanks for taking the question too, guys. I just wanted to come back to the SASE market specifically. Jay, I know you're probably already cringing at the word SASE, but just there was a large security vendor out there last week discussing some success and competitive displacements in the SASE market. I just love to get your feedback specifically on what you're seeing as far as trends from a competitive or pricing discipline standpoint. Appreciate it. Thank you. Yeah. Look, we remain very strong. When it comes to, I will call the Zero Trust market because the SASE word has no meaning. Every vendor claims themselves to be calling SASE. For example, if you do Zero Trust, you don't do SD-WAN.

Joseph Gallo: Thank you.

Operator: Thank you. Our next question comes from Mike Cikos, Needham. You may proceed.

Do both of those things. That's what's really leading us to deliver these strong results. And also, if I mention that, since our brand has become so much stronger and we become pretty strategic Partners to customers all these cios meetings, I do. It's wonderful to see them to say, hey, I mean, we moved from company a to Company B and we called your team to help us here as well. So, look, we are tracking. Well, we're excited about what slide, what lies ahead for us.

Thank you.

Mike Cikos: Great. Thanks for taking the question too, guys. I just wanted to come back to the SASE market specifically. Jay, I know you're probably already cringing at the word SASE, but just there was a large security vendor out there last week discussing some success and competitive displacements in the SASE market. I just love to get your feedback specifically on what you're seeing as far as trends from a competitive or pricing discipline standpoint. Appreciate it. Thank you.

Thank you. Our next question comes from Mike. Psychos with nem, you may proceed.

wanted to come back to the uh, sassy Market specifically and and J, I know you're probably already cringing at the, at the word sassy but just

Jay Chaudhry: Yeah. Look, we remain very strong. When it comes to, I will call the Zero Trust market because the SASE word has no meaning. Every vendor claims themselves to be calling SASE. For example, if you do Zero Trust, you don't do SD-WAN.

There was a lot of security vendors out there last week discussing some successes and competitive displacements in the Sassy market. I'd just love to get your feedback specifically on what you're seeing as far as trends from a competitive or pricing discipline standpoint. Appreciate it. Thank you.

and very strong. When it comes to, I will call the zero trust market, because the SASE word has no meaning. Every vendor claims to be calling it SASE. For example,

Jay Chaudhry: Most of these SD-WAN vendors that were into the SASE space, our expansion in our customer base is because of all the new functionality we are bringing to take Zero Trust Everywhere. Our expansion is happening as we have taken our data security platform and made it much, much bigger. We have done so many innovations in so many spaces. We think in spite of new entrants in the market, the market has already kind of sorted out the winners, and we are creating more distance among a number of other vendors who are entering the space. I feel very strong. Our pipeline remains strong. Our winner rate remains strong. You see our results. They are very, very strong. Terrific. Thank you. Thank you. Our next question comes from Brian Essex with JP Morgan. You may proceed. Hi.

Most of these SD-WAN vendors that were into the SASE space, our expansion in our customer base is because of all the new functionality we are bringing to take Zero Trust Everywhere. Our expansion is happening as we have taken our data security platform and made it much, much bigger. We have done so many innovations in so many spaces. We think in spite of new entrants in the market, the market has already kind of sorted out the winners, and we are creating more distance among a number of other vendors who are entering the space. I feel very strong. Our pipeline remains strong. Our winner rate remains strong. You see our results. They are very, very strong.

If you do zero trust, you don't do SD event, okay? And most of these sdu and vendors could view it into the Sass. He says,

are are

expansion. And our custom based is because of

All that new functionality we are bringing to take Zero Trust every review.

Our expansion is happening, as we had taken the our data security platform and made it much, much bigger. So we've done so many Innovations in so many spaces. So we we think in spite of new entrance in the market,

I think the market has already kind of sorted out the winners and we are creating more distance among the number of the windows. Sorry, among the number of other

Vendors who are entering the space?

Mike Cikos: Terrific. Thank you.

Jay Chaudhry: Thank you.

So I feel very strong about our 500 Main strong; our win rate remains strong, and you see our results. A very, very strong.

Operator: Our next question comes from Brian Essex with JP Morgan. You may proceed.

Terrific. Thank you.

Thank you.

Brian Essex: Hi.

Jay Chaudhry: Good afternoon. Thank you for taking the question. I guess, Kevin, for you, just I understand that you don't want to break out Red Canary, but can you give us a sense for organic net new ARR in the quarter? Maybe one for Jay. With the acquisition of Red Canary and what you've done with Avalor and now SPLX, would love to get your sense of any sense of how you might align with the threat intelligence market and value you might be able to add, given the data visibility, potential for incremental add in terms of the quality of data that you might be ingesting on the platform, and ability to provide better visibility for customers on the threat intelligence side. Thanks. Of course. Yeah. Thanks for the question. I'll go ahead and start.

Good afternoon. Thank you for taking the question. I guess, Kevin, for you, just I understand that you don't want to break out Red Canary, but can you give us a sense for organic net new ARR in the quarter? Maybe one for Jay. With the acquisition of Red Canary and what you've done with Avalor and now SPLX, would love to get your sense of any sense of how you might align with the threat intelligence market and value you might be able to add, given the data visibility, potential for incremental add in terms of the quality of data that you might be ingesting on the platform, and ability to provide better visibility for customers on the threat intelligence side. Thanks.

Our next question comes from Brian S6 with JP Morgan. You may proceed.

Hi, good afternoon. Thank you for taking a question, I guess. Um,

Kevin for you, you know, just just, I understand that you're not want to break out. Um, you know, break Canary but can you give us a sense for organic? Net new are on the quarter and then maybe 1 for J. Um, you know with the acquisition of wrecked Canary and what you've done with avalor and now splx would love to get your sense of um, are you, do you any, any, any sense of how you might align with the threat intelligence market and value? You might be able to add given the data visibility um, potential for

Kevin Rubin: Of course. Yeah. Thanks for the question. I'll go ahead and start.

Incremental add, in terms of the quality of data that you might be ingesting on the platform and the ability to provide better visibility for customers on the threat intelligence side. Thanks.

Jay Chaudhry: As I had previously mentioned, organic growth in Q1 was consistent compared to Q4. As I said, we're very pleased that the organic business came in better than our internal expectations. On the second part, we talked about two acquisitions we have had. Avalor has become our data fabric, which can ingest data from the Zscaler platform and some of the third parties to really create what we call entity relationships. AI is only as good as data. We're able to do some very powerful threat detection intelligence that couldn't be done otherwise. That's the foundation of the platform. The reason for us to get into AI-powered setups is the strength of our data. Avalor gave that stuff. We have the data. Red Canary gave us agentic AI technology on top of it.

As I had previously mentioned, organic growth in Q1 was consistent compared to Q4. As I said, we're very pleased that the organic business came in better than our internal expectations. On the second part, we talked about two acquisitions we have had. Avalor has become our data fabric, which can ingest data from the Zscaler platform and some of the third parties to really create what we call entity relationships. AI is only as good as data. We're able to do some very powerful threat detection intelligence that couldn't be done otherwise. That's the foundation of the platform. The reason for us to get into AI-powered setups is the strength of our data. Avalor gave that stuff. We have the data. Red Canary gave us agentic AI technology on top of it.

Yeah, thanks for the question. I'll go ahead and start. Um, as I had previously mentioned, organic growth in Q1 was consistent compared to Q4. And, uh, again, as I said, we're very pleased that the organic business came in better than our internal expectations.

so, on the second part,

We talked about the 2-2 acquisition. We have had Absar become our data fabric, which can ingest data from the Z comma platform and some of the third parties, really creating what we call entity relationships. You know, we are only as good as our data. So we are able to do some very powerful threat detection intelligence that couldn't be done otherwise. That's the foundation of the platform. The reason for us to get into AI-powered setups is the strength of our data.

Jay Chaudhry: Using some of these smart agents, we can do security operations, what security analysts need to do. The amount of information we are getting, the meaningful intel we're getting is unbelievable. I was talking to the CSO of a Fortune 100 company recently. He said, I have a sizable security operation team, very sophisticated operations. Your solution, in this case, they're taking advantage of Red Canary working with us. It is finding things, a few things every month that we aren't able to find. That's amazing incremental value for them. We think this is only going to get better as our solution evolves. Your second point was SPLX. That's accelerating our completion of our solution for AI security. The market has so many point product solutions and AI security out there. Customers tell me, One, I don't want to deal with 10 vendors, number one.

Using some of these smart agents, we can do security operations, what security analysts need to do. The amount of information we are getting, the meaningful intel we're getting is unbelievable. I was talking to the CSO of a Fortune 100 company recently. He said, I have a sizable security operation team, very sophisticated operations. Your solution, in this case, they're taking advantage of Red Canary working with us. It is finding things, a few things every month that we aren't able to find. That's amazing incremental value for them. We think this is only going to get better as our solution evolves. Your second point was SPLX. That's accelerating our completion of our solution for AI security. The market has so many point product solutions and AI security out there. Customers tell me, One, I don't want to deal with 10 vendors, number one.

Avlon gave that stuff. We have the data that Red Canary gave us each entity a technology on top of it. So using some of these smart agents, we can do security operations, what security analysts need to do. So, the amount of information, we are getting the meaningful. Integ, we're getting is unbelievable. I was talking to the Seesaw, of a 141100 company, recently, he said, I have a sizable security operations, team. Very sophisticated operations.

But your solution in this case, they're taking advantage of Red Canary, working with us. It is finding things a few things every month that we aren't able to find, that's amazing incremental value for them. We think this is only going to get better as our solution evolves.

Jay Chaudhry: Number two, I don't want to share my data with a startup that started 10 months ago to share with them. They're looking for a platform. We have built a number of AI security platforms internally. For example, GenAI Security, AI Guard, AI Discovery, and then SPLX brought Red Teaming technology to us. It has made our portfolio pretty complete. Zero Trust Everywhere is in very great shape. Agentic operations are evolving nicely, and AI security operations are growing very nicely. We feel very comfortable with the portfolio built. Got it. Helpful. Thank you. Thank you. Our next question comes from Shrenik Kothari with RW Baird. You may proceed. Yeah. Thanks for taking my question. Jay, on the AI security tracking $500 million, and you mentioned traction across all the modules, AI Guard, SBM, Red Teaming.

Number two, I don't want to share my data with a startup that started 10 months ago to share with them. They're looking for a platform. We have built a number of AI security platforms internally. For example, GenAI Security, AI Guard, AI Discovery, and then SPLX brought Red Teaming technology to us. It has made our portfolio pretty complete. Zero Trust Everywhere is in very great shape. Agentic operations are evolving nicely, and AI security operations are growing very nicely. We feel very comfortable with the portfolio built.

Security platforms internally, for example, Jenny I security AI guard, AI Discovery, and then SPLX broad red teaming technology to us. So it had made our portfolio pretty complete. So

Zero Trust everywhere in a very great shape.

Brian Essex: Got it. Helpful. Thank you.

Agentic operations are evolving nicely, and AI security operations are growing very nicely. We feel very comfortable with the portfolio.

Kevin Rubin: Thank you.

Operator: Our next question comes from Shrenik Kothari with RW Baird. You may proceed.

Got it helpful. Thank you.

Thank you.

Shrenik Kothari: Yeah. Thanks for taking my question. Jay, on the AI security tracking $500 million, and you mentioned traction across all the modules, AI Guard, SBM, Red Teaming.

Our next question comes from Shrenik Kothari with RW Baird. You may proceed.

Jay Chaudhry: Just can you help us unpack where there's more traction, what's currently driving in terms of use cases? Are most deployments at visibility governance via SBM, or are you seeing CSOs truly prioritizing all the runtime AI with AI Guard as well? A quick follow-up. Yeah. This is a very good question. About two years ago, two-plus years ago, when ChatGPT came on the scene, the number one thing customers wanted to do was visibility into GenAI solutions or, sorry, applications that users are going to go. Since we're sitting in the traffic path, very quickly, we built our first product, GenAI Security. That's being used by quite a large number of Zscaler customers. Next, we launched AI Asset Discovery and Posture Management. Tons of interest because everything starts by understanding AI assets you have. Third, last summer, early summer, we launched AI Guardrails.

Just can you help us unpack where there's more traction, what's currently driving in terms of use cases? Are most deployments at visibility governance via SBM, or are you seeing CSOs truly prioritizing all the runtime AI with AI Guard as well? A quick follow-up.

Jay Chaudhry: Yeah. This is a very good question. About two years ago, two-plus years ago, when ChatGPT came on the scene, the number one thing customers wanted to do was visibility into GenAI solutions or, sorry, applications that users are going to go. Since we're sitting in the traffic path, very quickly, we built our first product, GenAI Security. That's being used by quite a large number of Zscaler customers. Next, we launched AI Asset Discovery and Posture Management. Tons of interest because everything starts by understanding AI assets you have. Third, last summer, early summer, we launched AI Guardrails.

Yeah, thanks for, uh, taking my question. Uh, so chair on, on the AI security, cracking 500 million and Mansion traction across all the modules that AI car sbm with teaming just, can you help us unpack? Uh, where there's more traction. What's currently driving in terms of use cases are most deployments as at visibility governance via SPM, or are you seeing cesos have truly prioritizing all the runtime AI? But, yeah, I got as well. Uh, and then I had a quick follow-up.

Yeah, this is a very good question.

About two years ago, or two plus years ago, when ChatGPT came on the scene, the number one thing customers wanted was visibility into genius solutions, or, sorry, applications that users are going to go to.

Since we were sitting in the traffic pad, very quickly, we built our first product, January Security, that's being used by quite a large number of these kinds of customers.

Next, we launched AI asset discovery and posture management. There was tons of interest because everything starts by understanding AI assets you have.

Jay Chaudhry: When customers are building their internal AI applications and models, they want to use Guardrails to make sure that the models are protected and only the right people with the right kind of prompts can really access them. That's an early stage, but it's growing nicely. The pipeline is growing very well. The fourth thing we brought to the market came through the SPLX acquisition. That's core Red Teaming technology. As applications are being built, customers want to make sure they don't have vulnerabilities. We aren't stopping there. The fifth, extending our platform to agentic exchange so we can have right agent to agent and agent to application communication. All that is proceeding well. I think we are very well positioned. We will keep on investing in these innovations, but we balance our investments with our operating margins. Very helpful, Jay.

When customers are building their internal AI applications and models, they want to use Guardrails to make sure that the models are protected and only the right people with the right kind of prompts can really access them. That's an early stage, but it's growing nicely. The pipeline is growing very well. The fourth thing we brought to the market came through the SPLX acquisition. That's core Red Teaming technology. As applications are being built, customers want to make sure they don't have vulnerabilities. We aren't stopping there. The fifth, extending our platform to agentic exchange so we can have right agent to agent and agent to application communication. All that is proceeding well. I think we are very well positioned. We will keep on investing in these innovations, but we balance our investments with our operating margins.

Third last summer, early summer, we launched AI Guardrails. When customers are building their internal AI applications and models, they want to use guardrails to make sure that the models are protected and only the right people, with the right kind of prompts, can really access them.

That's an early stage but it's growing nicely. The pipeline is growing very well.

And the fourth thing we brought to the market came through splx, acquisition. That's

Core red teaming technology and applications are being built for customers. We want to make sure they don't have vulnerabilities.

And we aren't stopping this effect, extending our platform to a genetic exchange, so we can have right agent to agent to agent to application communication.

Shrenik Kothari: Very helpful, Jay.

All that is that's proceeding well. So I think we are very well positioned. We will keep on investing in these Innovations but we balance our investments with our operating margins.

Jay Chaudhry: Kevin, a quick follow-up on your comment around, of course, these models ramping, as Jay was saying. How are you thinking about the investment horizon overall as you're scaling these computer-rich products, the AI Guard, and how to think about the margins here? Yes. Since the models and things they're using are really on a fairly well-confined set of data, we haven't seen any massive change in gross margins. If these things change over time, I'm sure we'll let you guys know. Yeah. Maybe just to continue on that thread, look, for Q1, we're pleased with the margin profile. We're comfortable with the Q2 guide, and as we look into the back half of the year, you will notice that there's margin expansion in the guide in the back half.

Kevin, a quick follow-up on your comment around, of course, these models ramping, as Jay was saying. How are you thinking about the investment horizon overall as you're scaling these computer-rich products, the AI Guard, and how to think about the margins here?

Wait, a couple—just so Kevin—on a quick follow-up on the comment around, uh,

Kevin Rubin: Yes. Since the models and things they're using are really on a fairly well-confined set of data, we haven't seen any massive change in gross margins. If these things change over time, I'm sure we'll let you guys know.

Because these models ramping, as Joe was saying, how how are you thinking about the investment Horizon overall? And as these as you're scaling these kind of gear Rich products, the AI card and

How to think about the the margins here.

Yes.

Since the models and things we are using are really on a fairly well confined.

Jay Chaudhry: Yeah. Maybe just to continue on that thread, look, for Q1, we're pleased with the margin profile. We're comfortable with the Q2 guide, and as we look into the back half of the year, you will notice that there's margin expansion in the guide in the back half.

Our data shows that we haven't seen any massive change in gross margins. If these things change over time, I'm sure we'll let you guys know.

Jay Chaudhry: We are orientated to growth, but you know that we're also very mindful of the financial model and operating margin. Thank you. Our next question comes from Roger Boyd with UBS. You may proceed. Great. Thanks for taking the question. Jay, I just wanted to go back to Zero Trust Gateway, and I wonder if you could talk a little bit more about the demand you're seeing there. Is that product getting pulled along with increasing AI infrastructure? Some of the firewall vendors have talked about growth in software firewalls in this capacity. How are you thinking about customer buy-in around this approach over kind of that approach of deploying virtual firewalls? Thanks. Sure. As you know, customers traditionally use firewalls everywhere. We've replaced a lot of them when it comes to user protection. They're working on branch, and cloud is pretty simple.

We are orientated to growth, but you know that we're also very mindful of the financial model and operating margin.

Shrenik Kothari: Thank you. Our next question comes from Roger Boyd with UBS. You may proceed.

Yeah, maybe just to continue on that, on that thread. Um, you know, look for for q1, we're, we're pleased with, you know, the margin profile. Uh, we're comfortable with the Q2 guide and then, as we look into the back half of the year, um, you know, you will notice that there's margin expansion, uh, in the guide in the, in the back half, uh, we are orientated to growth, but, you know, that we're also very mindful of the financial model and, uh, operating margin

Thank you.

Roger Boyd: Great. Thanks for taking the question. Jay, I just wanted to go back to Zero Trust Gateway, and I wonder if you could talk a little bit more about the demand you're seeing there. Is that product getting pulled along with increasing AI infrastructure? Some of the firewall vendors have talked about growth in software firewalls in this capacity. How are you thinking about customer buy-in around this approach over kind of that approach of deploying virtual firewalls? Thanks.

Our next question comes from Roger Boyd with UBS. You may proceed.

Jay Chaudhry: Sure. As you know, customers traditionally use firewalls everywhere. We've replaced a lot of them when it comes to user protection. They're working on branch, and cloud is pretty simple.

Great. Thanks for taking the questions. J, I just wanted to go back to zero, trust Gateway. And I wonder if you could talk a little bit more about the demand you're seeing there is that product getting pulled along with increasing AI infrastructure. Um, some of the firewall vendors have talked about growth and software firewalls. And, and this this capacity, um, and how are you thinking about customer Buy in around this approach, over kind of that approach of deploying virtual firewalls thanks?

Sure, as you know, customers in traditionally used firewalls every year, we replace a lot of them when it comes to user protection.

Jay Chaudhry: When traditionally people would go to cloud and build cloud workload, they would do lift and shift. They have lift and shifted northside firewalls to the cloud as VMs. They lift and shifted eastern firewalls to the cloud as VM as well. We go in and say, you do not really need a lot of these firewalls everywhere. Zero Trust Cloud is almost like Zero Trust for internet access, Zero Trust workload to workload communication. All the firewalls go away. Customers do not need to work with all these IP addresses and ACL lists. The cloud gateway simply makes it even more easy to deploy our solution. In the past, they had to deploy a piece of software we called Cloud Connector as a traffic cop. Now we have a cloud gateway that is deployed and managed by Zscaler.

When traditionally people would go to cloud and build cloud workload, they would do lift and shift. They have lift and shifted northside firewalls to the cloud as VMs. They lift and shifted eastern firewalls to the cloud as VM as well. We go in and say, you do not really need a lot of these firewalls everywhere. Zero Trust Cloud is almost like Zero Trust for internet access, Zero Trust workload to workload communication. All the firewalls go away. Customers do not need to work with all these IP addresses and ACL lists. The cloud gateway simply makes it even more easy to deploy our solution. In the past, they had to deploy a piece of software we called Cloud Connector as a traffic cop. Now we have a cloud gateway that is deployed and managed by Zscaler.

Pretty simple. When traditionally people go to the cloud and build cloud workloads, they will do a lift-and-shift. They have left and shifted firewalls to the cloud as VMs. They're lifting and shifting eastward firewalls, all firewalls to the cloud as VMs as well.

We go in and say, you don't really need a lot of these firewalls everywhere.

Zero Trust Cloud is almost like,

Jay Chaudhry: With a simple config change, they say, coin traffic to Zscaler Cloud Gateway, and we enforce policies and we do everything that needs to be done. Deployments that were taking a few hours now can be done in under 10 minutes. That's the kind of innovation we're bringing to make it easier for customers to move away from legacy firewalls and embrace Zero Trust cloud workload communication. Thank you. Our next question comes from Eric Keith with KeyBank. You may proceed. Hey, great. Thanks for taking the question. Jay, maybe to come back to Zero Trust Everywhere, just given how strong and successful it's been thus far. I'm curious to hear how you're thinking about this going forward.

With a simple config change, they say, coin traffic to Zscaler Cloud Gateway, and we enforce policies and we do everything that needs to be done. Deployments that were taking a few hours now can be done in under 10 minutes. That's the kind of innovation we're bringing to make it easier for customers to move away from legacy firewalls and embrace Zero Trust cloud workload communication.

Operator: Thank you. Our next question comes from Eric Keith with KeyBank.

Zero trust for internet access. You don't trust workload to what will communication all the firewalls go away. Customers do not need to work with all these IP addresses and ACL lists. The cloud Gateway. Simply makes it even more easier to deploy our solution in the past. They had to deploy a piece of software we called Cloud connector as a traffic cop. Now we have a cloud Gateway that's deployed and managed by zcore with a simple, config change. They say coin traffic disease, killer Cloud Gateway. And we enforce policies and we do everything that needs to be done deployment. That were taken a few hours now can be done in under 10 minutes. That's the kind of innovation, we're bringing to make it easier for customers to move away from Legacy firewalls and embrace zero trust about workload communication.

Thank you.

You may proceed.

[Analyst] (KeyBank): Hey, great. Thanks for taking the question. Jay, maybe to come back to Zero Trust Everywhere, just given how strong and successful it's been thus far. I'm curious to hear how you're thinking about this going forward.

Our next question comes from Eric Keith with qbank. You may proceed.

Jay Chaudhry: I mean, is the outperformance relative to your expectations because the book of firewall business up for refresh maybe was bigger or earlier than you anticipated, or do you look at the pipeline and see an even bigger opportunity of displacements looking at the calendar 2026? Thanks. Yeah. Overall, our customers are looking for saving money, and making it easier for them to operate and deploy these solutions. Along with that, making sure they have better cyber protection. Number one reason for our customers' interest in the Zero Trust Branch is to eliminate the lateral movement which leads to all kinds of ransomware attacks. Number one. Number two, when we go in and say, by the way, it's also costing a lot more because we can eliminate multiple products in a branch, not just firewall, but SD-WAN. Often they got these DHCP gateways. They often got East-West firewalls.

I mean, is the outperformance relative to your expectations because the book of firewall business up for refresh maybe was bigger or earlier than you anticipated, or do you look at the pipeline and see an even bigger opportunity of displacements looking at the calendar 2026? Thanks.

Jay Chaudhry: Yeah. Overall, our customers are looking for saving money, and making it easier for them to operate and deploy these solutions. Along with that, making sure they have better cyber protection. Number one reason for our customers' interest in the Zero Trust Branch is to eliminate the lateral movement which leads to all kinds of ransomware attacks. Number one. Number two, when we go in and say, by the way, it's also costing a lot more because we can eliminate multiple products in a branch, not just firewall, but SD-WAN. Often they got these DHCP gateways. They often got East-West firewalls.

Hey great. Thanks for taking the question. Um, Jay maybe to come back to to zero. Trust everywhere, just given how strong the how strong and successful it's been thus far. But I'm curious to hear how you're thinking about this going forward. I mean is the outperformance, um, relative to your expectations because the book of firewall, business up for re refresh, maybe was bigger or earlier than you anticipated, or, or do you look at the pipeline and see even bigger opportunity of displacement. So, looking into the calendar 26. Thanks.

Yeah, overall, customers are looking for.

Jay Chaudhry: They got NAC and VLANs kind of stuff. All that goes away. Cost goes down. Operational stuff goes down. That's a driver. The refresh may help, but most of the time, the deals are not waiting for Zscaler to say a refresh is coming. As we present the story to our customers, they kind of say, Wow, this makes sense. There's a lot of ROI to it. Let's get started. Tremendous interest, strong pipeline. We've only done about 450 customers so far. There are millions of branches left out there for us to pursue. Thank you. Our next question comes from Fatima Bulani with Wells Fargo. You may proceed. Oh, good afternoon. Thank you so much for taking my questions.

They got NAC and VLANs kind of stuff. All that goes away. Cost goes down. Operational stuff goes down. That's a driver. The refresh may help, but most of the time, the deals are not waiting for Zscaler to say a refresh is coming. As we present the story to our customers, they kind of say, Wow, this makes sense. There's a lot of ROI to it. Let's get started. Tremendous interest, strong pipeline. We've only done about 450 customers so far. There are millions of branches left out there for us to pursue.

Saving money and making it easier for them to operate and deploy these Solutions. Okay? All right, and along with that, making sure they have better. Cyber protection. Number 1, reason for our in for customers interest in the branch zero. Trust branch is to eliminate the lateral movements which leads to all kind of ransomware attacks number 1. Number 2, when we go in and say, by the way it's it's also costing you a lot more because we can eliminate multiple products on a branch. Not just fly at all. But sd1 often they got these DHCP gateways. They often got East West firewalls they got naked and vans kind of stuff, all that goes away. So cost goes down operational.

Stuff goes down, that's a driver. Now, the refresh may help but most of the time, the deals are not waiting. For these killer to say refresh is coming as we present the story to our customers, they kind of say, wow, this makes sense this a lot of Auto I to do it. Let's get started.

Operator: Thank you. Our next question comes from Fatima Bulani with Wells Fargo. You may proceed.

So, the tremendous interest strong pipeline and we've only done about 450 customers so far. There are millions of branches left out there for us to pursue.

Thank you.

Fatima Boolani: Oh, good afternoon. Thank you so much for taking my questions.

Our next question comes from Fatima, Bulani with City. You may proceed.

Jay Chaudhry: Jay, I wanted to go back to a very specific remark in your script earlier in the call, just with respect to the migration of SAP from on-prem to SAP RISE being an opportunity that would be tantamount to the success and the tailwinds that you saw from Microsoft Exchange going to Microsoft Office 365. I wanted to take the opportunity to have you unpack some of that in terms of how will that manifest in your business across the product lines today, and then specifically with a portfolio that is significantly larger today than you had when the initial Microsoft platform migration was happening. Where do you expect to see sort of, I'll frame it as option value in some of your newer products that frankly didn't exist in the last sort of precedent example? Sure.

Oh, good afternoon. Thank you so much for taking my questions. Um, Jay, I wanted to go back to a very specific remark in your, uh, script earlier in the call, just with respect to the migration of SAP from on-prem to SAP Rise being an opportunity that would be tantamount to the success and the tailwinds that you saw for Microsoft Exchange going to Microsoft Office 365. And so I wanted to take the opportunity to have you unpack some of that in terms of how will that manifest in your business across the product lines today, and then specifically, you know, with the portfolio that is significantly larger today than you had when the initial Microsoft platform migration was happening, uh, where do you expect to see sort of...

Jay Chaudhry: Sure.

Is that a 3 minutes, option value in some of your newer products that frankly didn't exist. Um,

Jay Chaudhry: Customers moved to Office 365 several years ago because Office moved to the cloud or Exchange moved to the cloud. SAP has taken a long time. It's a far more complex application. Now SAP is pushing for deployment of what they call SAP RISE in the cloud and telling customers that you've got to move, and they're giving some incentives as well. If you do it the old way, using the legacy firewall technology and network, you move SAP RISE to the cloud, and you really then deploy all these express routes and direct connects for connectivity. You've got firewalls and all the stuff you deploy to access those applications, the VPN type approach. We go in and say, none of that stuff is needed. No special express routes and direct connects needed.

Customers moved to Office 365 several years ago because Office moved to the cloud or Exchange moved to the cloud. SAP has taken a long time. It's a far more complex application. Now SAP is pushing for deployment of what they call SAP RISE in the cloud and telling customers that you've got to move, and they're giving some incentives as well. If you do it the old way, using the legacy firewall technology and network, you move SAP RISE to the cloud, and you really then deploy all these express routes and direct connects for connectivity. You've got firewalls and all the stuff you deploy to access those applications, the VPN type approach. We go in and say, none of that stuff is needed. No special express routes and direct connects needed.

In the last, uh, sort of precedent example.

Sure. You know, the customers moved to Office 365 several years ago because Office moved to the cloud, or Exchange to the cloud. But SAP has taken a long time. It's a far more complex application, but now SAP is pushing for deployment of what they call.

Jay Chaudhry: You can access SAP RISE applications with Zscaler directly over the internet as you access Office 365 applications. It's a clean, simple, elegant architecture. It gives us two opportunities for us. Number one, some of the cloud, Zero Trust Cloud technology to make sure we got protection and communication for SAP application, SAP RISE itself. Second, for users to access SAP with better and faster experience. Those are the two areas of growth for us, and it helps the customer deploy and get the application running faster, and it eases cost and gives great user experience. Thank you. Our next question comes from Gray Powell with BTIG. You may proceed. Great. Thanks for taking the question. Yeah, it's really interesting this quarter. I mean, I look at the numbers, and overall, everything looks good. I do think there's some confusion on just organic ARR.

You can access SAP RISE applications with Zscaler directly over the internet as you access Office 365 applications. It's a clean, simple, elegant architecture. It gives us two opportunities for us. Number one, some of the cloud, Zero Trust Cloud technology to make sure we got protection and communication for SAP application, SAP RISE itself. Second, for users to access SAP with better and faster experience. Those are the two areas of growth for us, and it helps the customer deploy and get the application running faster, and it eases cost and gives great user experience.

As well. So if you do the old way using the legacy firewall technology, a network, you move SAP RISE to the cloud and you really then deploy all these expert routes and direct connects for connectivity, and you then you've got firewalls and all the stuff you deploy to access those applications into a VPN-type approach. We go in and say none of that stuff is needed, no special access routes and direct connects needed. You can access SAP RISE applications with ZSR directly over the internet as you access Office 365 applications. It's a clean, simple, elegant architecture. So it gives us two opportunities. For us, number one: some of the cloud services, cloud technology, to make sure we’ve got protection and communication.

Operator: Thank you. Our next question comes from Gray Powell with BTIG. You may proceed.

For SAP applications, SAP RISE itself is an important area. Secondly, for users to access SAP, we aim to provide a better and faster experience. These are the two areas that are crucial for us, and they help customers deploy and get the application running faster, improving cost-effectiveness and enhancing user experience.

Thank you.

Gray Powell: Great. Thanks for taking the question. Yeah, it's really interesting this quarter. I mean, I look at the numbers, and overall, everything looks good. I do think there's some confusion on just organic ARR.

Our next question comes from grey Powell with BTIG. You may proceed.

Jay Chaudhry: I guess here's my question. You highlighted $175 million in Flex bookings this quarter compared to RPO bookings at about $940 million. Basically, Flex is now 20% of the mix and almost doubled versus last quarter. Where do you see that going longer term? As Flex becomes a bigger component of bookings, does that give you higher visibility on future period ARR because there's just inherently an installed ramp in those contracts as customers grow out? Yeah, great. I'll start, and Jay can add anything that he may want to share. Look, I appreciate you raising Zflex. It is a program that has gotten a lot of interest and traction from our customer base. To your point, we did see bookings grow over 70% sequentially. It effectively allows customers to commit to spend.

I guess here's my question. You highlighted $175 million in Flex bookings this quarter compared to RPO bookings at about $940 million. Basically, Flex is now 20% of the mix and almost doubled versus last quarter. Where do you see that going longer term? As Flex becomes a bigger component of bookings, does that give you higher visibility on future period ARR because there's just inherently an installed ramp in those contracts as customers grow out?

Great. Thanks for, thanks for taking the question. Um, so so yeah. It's really interesting. This quarter. I mean, I look at the numbers and overall, everything looks good. I do think there's some confusion on just organic ARR. So so I, I guess here's my question, you you highlighted 175 million in Flex bookings, this quarter, um, compares to RPO bookings at about 9:40. So, so basically flexes now, 20% of the mix had almost doubled versus last quarter. Um, where do you see that going longer term? And then I as Flex becomes a bigger component of bookings,

Kevin Rubin: Yeah, great. I'll start, and Jay can add anything that he may want to share. Look, I appreciate you raising Zflex. It is a program that has gotten a lot of interest and traction from our customer base. To your point, we did see bookings grow over 70% sequentially. It effectively allows customers to commit to spend.

Does that give you higher visibility on future periods because there's just inherently an installed ramp in those contracts? Those customers, as customers, you know, grow out.

Jay Chaudhry: We typically see that as a more significant commitment than they would have made on an à la carte basis. It allows them to easily deploy additional modules without having to go through the friction of a negotiation procurement process. It provides them with the flexibility to swap in and out of modules as business dynamics for those customers change. It gives them confidence that they can make more meaningful commitments to us, and generally over longer periods of time. It does not have necessarily a different impact to ARR than any other type of transaction. To your point, it does give us greater visibility over the long term because they are longer contracts. We do understand the nature of those commitments and how they play out in the future.

We typically see that as a more significant commitment than they would have made on an à la carte basis. It allows them to easily deploy additional modules without having to go through the friction of a negotiation procurement process. It provides them with the flexibility to swap in and out of modules as business dynamics for those customers change. It gives them confidence that they can make more meaningful commitments to us, and generally over longer periods of time. It does not have necessarily a different impact to ARR than any other type of transaction. To your point, it does give us greater visibility over the long term because they are longer contracts. We do understand the nature of those commitments and how they play out in the future.

Yeah, great. So I I I'll I'll start and J, can add, um, anything that he, he may want to, to share. Uh, look, I appreciate you, raising zflex. Uh, it is a program that, uh, has uh, gotten a lot of interest and traction from our customer base, uh, to your point. Uh, we did see bookings grossed over 70% sequentially and it effectively allows customers to commit to spend. We typically see that as a as a more significant commitment than they would have made.

I don't know, Avacard basis, it allows them to easily deploy additional modules without having to go through the friction of a negotiation procurement process. And then it provides them with the flexibility to swap in and out of modules as business dynamics for those customers change. And so it gives them confidence that they can make more meaningful commitments to us and generally over longer periods of time. Um, it doesn't have um,

Jay Chaudhry: I would say it's frankly a win-win for both the customer and the flexibility it offers, and us in terms of the visibility going forward. It is a very powerful tool that has gotten pretty significant interest from customers. Yeah. I would say our business has performed very well on all metrics: ARR, cash flow, all areas. We are very pleased with it. Thank you. Our next question comes from Joshua Tilton with Wolfe Research. You may proceed. Hey, guys. Thanks for sneaking me in, and congrats to Ashwin. Just one from me, and apologize if this was addressed already, bouncing back and forth between a few calls. Did your assumption for what Red Canary would contribute to the full year ARR change at all?

I would say it's frankly a win-win for both the customer and the flexibility it offers, and us in terms of the visibility going forward. It is a very powerful tool that has gotten pretty significant interest from customers.

Jay Chaudhry: Yeah. I would say our business has performed very well on all metrics: ARR, cash flow, all areas. We are very pleased with it.

necessarily A, a different impact to ARR than any other type of transaction. But to your point, it does give us greater visibility over the long term, uh, because they are longer contracts. We do understand the nature of those commitments and how they play out in the future. Um, and I would say it's, it's frankly a win-win for both the customer, uh, and the flexibility it offers and us in terms of the visibility going forward. So it is a very powerful tool, uh, that has gotten, uh, you know, pretty significant interest from customers.

Yeah, I would say our business has performed very well on all metrics.

Operator: Thank you. Our next question comes from Joshua Tilton with Wolfe Research. You may proceed.

We are on cash flow in the area, so we're very pleased with it.

Thank you.

Joshua Tilton: Hey, guys. Thanks for sneaking me in, and congrats to Ashwin. Just one from me, and apologize if this was addressed already, bouncing back and forth between a few calls. Did your assumption for what Red Canary would contribute to the full year ARR change at all?

Our next question comes from Joshua, Tilton with wolf research, he may proceed.

Hey guys, thanks for, uh, sneaking me in, and congrats, uh, to Ashwin. Um, just one from me, and I apologize if this was addressed already, bouncing back and forth between a few calls. But, um.

Jay Chaudhry: If not, is it fair to assume that what you raised ARR by for the full year is how much you outperformed organically in the first quarter? Thanks. Yeah. Thank you for the call. I did make a comment earlier. We are seeing Red Canary trend slightly better than our previous guidance. As a reminder, we do not believe that Red Canary's contributions to our overall business are material, so we are not going to be making color commentary with respect to Red Canary going forward. With respect to the outperformance, I mean, we did pass that through the full year guide. I think to further clarify, we said it before, organic growth in Q1 for us was consistent as compared to Q4. Very pleased with it. It beat our internal expectations. Thank you. Our next question comes from Jonathan Ruythoven with Cantor. You may proceed. Yeah. Hi.

If not, is it fair to assume that what you raised ARR by for the full year is how much you outperformed organically in the first quarter? Thanks.

Jay Chaudhry: Yeah. Thank you for the call. I did make a comment earlier. We are seeing Red Canary trend slightly better than our previous guidance. As a reminder, we do not believe that Red Canary's contributions to our overall business are material, so we are not going to be making color commentary with respect to Red Canary going forward. With respect to the outperformance, I mean, we did pass that through the full year guide. I think to further clarify, we said it before, organic growth in Q1 for us was consistent as compared to Q4. Very pleased with it. It beat our internal expectations.

Did your assumption for what Red Canary would contribute to the full year ARR change at all? And if not, is it fair to assume that what you raised by far for the full year is how much you outperformed organically in the first quarter? Thanks.

Yeah, thank you for the call. I, I did make a comment earlier. Um, we are seeing Red Canary, uh, Trends slightly better than our previous guidance. But uh, as a reminder, we don't believe that red Canary's contributions to our overall business or material. Uh so we're going we're not going to be making color commentary with respect to Red Canary, going forward. Um,

Did I pass the, uh, that through the full year guide?

Operator: Thank you. Our next question comes from Jonathan Ruythoven with Cantor. You may proceed. Yeah.

But I think the further clarify you said that before organic growth in Q4 for us was consistent as concrete. We are very pleased with it; it beat our internal expectations.

Thank you.

Jonathan Ruykhaver: Hi.

Jay Chaudhry: Good afternoon. Jay, I'm curious to hear your thoughts on the synergies you see between Red Canary and the data security portfolio. It would seem that you have opportunities around remediation, a possible governance layer for DSP and DLP. Can you just provide an update on that integration strategy and maybe just a little bit of color on how you see that driving differentiation relative to all the other vendors that are touting data security capabilities related to AI? Yes. Very good question. I would mention three points there that set us apart from many others. Number one, we have built a full portfolio of data security. There's no such thing as data security for AI only because data is lost in many ways. Number one, the strongest portfolio is helping us.

Good afternoon. Jay, I'm curious to hear your thoughts on the synergies you see between Red Canary and the data security portfolio. It would seem that you have opportunities around remediation, a possible governance layer for DSP and DLP. Can you just provide an update on that integration strategy and maybe just a little bit of color on how you see that driving differentiation relative to all the other vendors that are touting data security capabilities related to AI?

Our next question comes from Jonathan. Raver with Kenter, you may proceed.

Jay Chaudhry: Yes. Very good question. I would mention three points there that set us apart from many others. Number one, we have built a full portfolio of data security. There's no such thing as data security for AI only because data is lost in many ways. Number one, the strongest portfolio is helping us.

Yeah, hi, good afternoon. Um, Jay, I'm, I'm curious to hear your thoughts on the the synergies. You see between Red Canary and the, you know, the data security portfolio. It would seem that, you know, you have opportunities around remediation, a possible governance layer for DSP of the lp. Can you just provide an update on that integration strategy and and maybe just a little bit of color on how you see that driving differentiation relative to you know, all the other vendors that are touting data security, um capabilities related to AI,

Good question. Uh,

Jay Chaudhry: Number two, AI is helping us doing better data classification, which is important because better classification means better detection. Number three, the other point you made was the Red Canary synergy that is a follow-up. We are able to get all the signals from Zero Trust Exchange to our data fabric platform, where we are able to potentially look for any potential threats or breaches or any of the stuff that's happening. If we're able to do that very quickly, we can do a closed-loop feedback sent to a Zero Trust Exchange if we need to block some kind of data loss that's happening out there. Today, data loss happens. Signals are found days or weeks later.

Number two, AI is helping us doing better data classification, which is important because better classification means better detection. Number three, the other point you made was the Red Canary synergy that is a follow-up. We are able to get all the signals from Zero Trust Exchange to our data fabric platform, where we are able to potentially look for any potential threats or breaches or any of the stuff that's happening. If we're able to do that very quickly, we can do a closed-loop feedback sent to a Zero Trust Exchange if we need to block some kind of data loss that's happening out there. Today, data loss happens. Signals are found days or weeks later.

I would mention three points that set us apart from any others. Number one, we have built a full 4, 4, 4.

AI is helping us do better data classification, which is important because better classification means better detection.

Number 3, the other point you made was the Red Canary, synergy. That is the following.

We are able to get all the signals from Zero Trust Exchange to our data fabric platform, where we are able to potentially look for any potential threats or breaches or any of the stuff that's happening.

Jay Chaudhry: This closed-loop system between our agentic operations and inline function is a clear, clear differentiator for us that should set us apart from many other vendors, whether they're SASE vendors or they are AI security vendors. Thank you. Our last question comes from Matt Hedberg with RBC. You may proceed. Great. Thanks for taking my questions, guys, and congrats on the results, really. I wanted to follow up on, I think it was Gray's question on Zflex. It really does show up in checks. I think, Kevin, you mentioned reducing friction, additional consolidation opportunities. I realize it's difficult, but is there a way to think about what that average Zflex upsell looks like? Maybe just a little bit more color on how do you think about the pipeline of Zflex deals for the rest of fiscal year? Thanks, guys.

This closed-loop system between our agentic operations and inline function is a clear, clear differentiator for us that should set us apart from many other vendors, whether they're SASE vendors or they are AI security vendors.

Operator: Thank you. Our last question comes from Matt Hedberg with RBC. You may proceed.

And if you're able to do that very quickly, we can do a closed-loop feedback sent to a zero total of change. If we need to block some kind of data loss that's happening out there today, data loss happens. Signals are found days or weeks later. This closed-loop system between our agentic operations and inline functions is a clear differentiator for us. That just sets us apart from many other vendors, whether they are the SASE vendors or they are AI security vendors.

Thank you.

Matt Hedberg: Great. Thanks for taking my questions, guys, and congrats on the results, really. I wanted to follow up on, I think it was Gray's question on Zflex. It really does show up in checks. I think, Kevin, you mentioned reducing friction, additional consolidation opportunities. I realize it's difficult, but is there a way to think about what that average Zflex upsell looks like? Maybe just a little bit more color on how do you think about the pipeline of Zflex deals for the rest of fiscal year? Thanks, guys.

And our last question comes from Matt Hedberg with RBC. You may proceed.

Jay Chaudhry: First of all, Zflex was done to give our customers flexibility. It evolved from the traditional ramp deals we had done in the past when we go after large customers. They can't deploy it overnight. If they bought lots of modules, they wanted some ability to say, give me some ramp because I won't be working on it. We have been doing ramp deals for quite some time, but this creates a formal program around it. The second thing it's created for us is the ability to swap modules so they don't have to keep on testing various modules for a long time and delaying the deal. We believe that the ability to close deal has gotten better. Three, ability to do larger deals has gotten better because now they know that they can swap deals, modules, so they can go for a bigger deal.

Great. Thanks for taking my questions, guys. Congrats on the results. Really, um, you know, I wanted to follow up on, I think it was Grace's question on Zscaler Flex. It really does show up in checks, and I think Kevin, you mentioned reducing friction and additional consolidation opportunities. I realize it's difficult, but is there a way to think about what that average Zscaler Flex upsell looks like, and then maybe just a little bit more color on how you think about the pipeline of Zscaler Flex deals for the rest of the fiscal year? Thanks, guys.

So, first of all, Zflex was done to give our customers flexibility. It evolved from the traditional brand deals that were done in the past. When we go after large customers, they can deploy it overnight. And if they bought lots of modules, they wanted some ability to say, 'Give me some ramp because I won't be working on it.' We have been doing these deals for quite some time, but this creates a form of programming around it.

Jay Chaudhry: All these things are happening. I'm not sure we have quantified exactly how much impact it's having, but we are seeing good results of it. We are pleased with the performance. Kevin, you want to add anything? The only thing I would, again, I guess, express is you see growth in customers moving into Zero Trust Everywhere. When you see adoption of Data Security Everywhere and AI security, a lot of that momentum and the facilitation will come from programs like ZFlex that will make it easier for customers to adopt these technologies. For us, we think it's just a stimulus to allow customers to more easily and friction-free adopt more of our technology. Thank you. I would now like to turn the call back over to Jay Chaudhry for any closing remarks. Well, thank you for your time.

All these things are happening. I'm not sure we have quantified exactly how much impact it's having, but we are seeing good results of it. We are pleased with the performance. Kevin, you want to add anything?

The second thing is created for us is the ability to swap modules, so they don't have to keep on testing various modules a long time and delaying the deal. So we believe that the deal, the ability to close deal has gotten better. And 3 ability to do larger deals has gotten better because now they know that they can swap deals modules.

So they can go for a bigger deal.

All these things are happening. I'm not sure we are quantifying exactly how much impact it's having, but we are seeing.

Kevin Rubin: The only thing I would, again, I guess, express is you see growth in customers moving into Zero Trust Everywhere. When you see adoption of Data Security Everywhere and AI security, a lot of that momentum and the facilitation will come from programs like ZFlex that will make it easier for customers to adopt these technologies. For us, we think it's just a stimulus to allow customers to more easily and friction-free adopt more of our technology.

Operator: Thank you. I would now like to turn the call back over to Jay Chaudhry for any closing remarks.

More easily and friction-free adopt more of our technology.

Jay Chaudhry: Well, thank you for your time.

Thank you. I would now like to turn the call back over to Jay Chowdery for any closing remarks.

Jay Chaudhry: We look forward to seeing you at one of us or some of the investor conferences. Thank you. This concludes the conference. Thank you for your participation. You may now disconnect.

Jay Chaudhry: We look forward to seeing you at one of us or some of the investor conferences.

Operator: Thank you. This concludes the conference. Thank you for your participation. You may now disconnect.

Oh, thank you for your time. We look forward to seeing you at one of our investor conferences.

Thank you. This concludes the conference. Thank you for your participation. You may now disconnect.

Q1 2026 Zscaler Inc Earnings Call

Request a DemoDemo

Zscaler

Earnings