Zscaler, Inc.

and welcome to Zscaler fourth quarter 2025 earnings call. At this time, all participants are in a listen-only mode. After the speaker's presentation, there will be a question and answer session. To ask the question during the session, you will need to press star 11 on your telephone. You will then hear an automated message advising your hand is raised. To withdraw your question, please press star 11 again. We ask that you limit yourself to one question only. I would now like to turn the conference over to Ashwin Kesariddy, Vice President of Investor Relations and Strategic Finance. Sir, you may begin.

Good afternoon, everyone, and welcome to the Zscaler Fourth Quarter Fiscal Year 2025 Earnings Conference Call. On the call with me today are Jay Chowdhury, Chairman and CEO, and Kevin Rubin, CFO. Please note, we have posted our earnings release and a supplemental financial schedule to our investor relations website. Unless otherwise noted, all numbers we talk about today will be on an adjusted, non-GAAP basis. You will find a reconciliation of GAAP to the non-GAAP financial measures in our earnings release. I'd like to remind you that today's discussion will contain forward-looking statements, including, but not limited to, the company's anticipated future revenue, annual recurring revenue, calculated billings, operating performance, gross margin, operating expenses, operating income, net income, free cash flow, dollar-based net retention rate, future hiring decisions, remaining performance obligations, income taxes, earnings per share, our objectives and outlook, our customer response to our products, and our market share and market opportunity. are not guarantees of future performance, but rather are subject to risk and uncertainty, some of which are beyond our control. These forward-looking statements apply as of today, and you should not rely on them as representing our views in the future. We undertake no obligation to update these statements after this call. For a more complete discussion of the risks and uncertainties, please see our filings with the SEC, as well as in today's earnings release. I also want to inform you that we'll be attending the following conferences. City Global TMT Conference on September 4th. Truist Securities Technology Symposium on September 4th. Goldman Sachs Communicopia Plus Technology Conference on September 10th. Wolf Research TMT Conference on September 10th. Now, I'll turn the call over to Jay.

Thank you, Ashwin. We had an outstanding Q4, and I am very pleased to share our strong growth, which once again exceeded our guidance. Our revenue grew 21% year over year, and operating margin exceeded 22%, which is a quarterly record for us. We are seeing growing demand for our large and expanding platform, which provides best-in-class cyber and AI security. while eliminating complexity and reducing cost. We are seeing significant customer interest in our powerful AI security solutions, including our new AI Guard and GenAI security offerings. An increasing number of enterprises are choosing Zscaler because of our technology leadership and platform scale. I am pleased to share that Our platform now secures nearly 40% of the global 2000 and over 45% of the Fortune 500 companies. Driven by the strong customer demand, our annual recurring revenue, or ARR, increased about 22% year-over-year and surpassed $3 billion, making us one of the only two pure-play SaaS security vendors to achieve this milestone. For fiscal year 2025, with our revenue growth of 23% and free cash flow margin of 27%, we operated at rule of 50. While many public SaaS companies strive for rule of 40 results, we have consistently exceeded the sought-after industry benchmark. Heading into fiscal 2026, we are accelerating our platform innovations across three growth vectors, AI security, zero trust everywhere, and data security everywhere, which together surpassed $1 billion in ARR in Q4. Let me share more details on our innovations in these three areas, starting with AI security. We have entered an era of omnipresent AI, which is fundamentally transforming enterprises and is leading to an explosive growth of AI ML traffic. The scale of this transformation is truly remarkable. Our Threat Labs report revealed that AI ML transactions on our cloud increased 3,500% in the past year. The adoption of AI at this breakneck pace is creating new security challenges such as model jailbreaking, prompt injection, model poisoning, and more. The growth in AI also increases complexity and creates new cyber risks. To address these emerging security challenges, we are innovating in two primary areas. Security for AI applications. We have delivered solutions to secure AI apps and access to those apps, whether by users or AI agents. To secure AI apps from traditional cyber and emerging intent-based attacks and to battle the new security challenges I just referenced, we recently launched Zscaler AI Guard, which is being tested by a significant number of large customers. We are already the leading vendor for Zero Trust communication between users, workloads, devices, and B2B. Agent-to-agent communication is a natural extension of our proven Zero Trust platform. We are developing Zero Trust solutions to secure agent-to-agent and agent-to-application communication. As an increasing number of software vendors are introducing their own agents, enterprises are looking for a proven vendor-agnostic platform like Zscaler to secure agentic communication using standard protocols like MCP or A2A. Our second area of AI innovations is agentic operations, which includes agentic SecOps and agentic ITOps. I am pleased to see continued strong demand for our agentic operation products, and I expect this portfolio to surpass $400 million in ARR in fiscal year 26. In addition, we're delivering several innovations to continue driving growth in these areas. For example, for security operations, We're building an AI-powered SOC solution to simplify customers' operations, reduce alert fatigue, automatically hunt for threats, discover vulnerabilities, and predict breaches while reducing cost and complexity and eliminating legacy SIMs. We are combining our highly differentiated data fabric with the recently acquired Red Canary's agentic AI technology. to deliver a truly AI-powered SOC. During the quarter, we saw strong demand for our solutions, which drove over 85% year-over-year growth in SecOps ARR. For IT operations, we are introducing several Zscaler digital experience or ZDX innovations to enable faster resolution of IT tickets. To share an example, we are introducing an AI-powered endpoint remediation solution, which will further reduce resolution time of IT tickets. Our current innovations, like the ZDX Co-Pilot, are resonating with customers and draw 58% year-over-year growth in the bookings of ZDX Advanced Plus SKU in fiscal 25. Our second growth factor, Zero Trust Everywhere, which includes Zero Trust Users, Zero Trust Branch, and Zero Trust Cloud, is exceeding our expectations. Two quarters ago, we shared our goal of securing 390 enterprises with Zero Trust Everywhere by the end of fiscal 26. As of the end of fiscal 25, We are already close to reaching this goal with over 350 Zero Trust Everywhere enterprises. Let me share an example of an enterprise that embraced Zero Trust Everywhere. In a seven-figure ACB win, an existing Zero Trust users and Zero Trust cloud enterprise purchased Zero Trust branch to secure over 120 manufacturing plants and become a Zero Trust everywhere enterprise. Zero Trust branch enables this global 2000 enterprise to replace legacy SD-WAN, firewall-based VPNs, and existing OT security solutions, and they expect to realize more than 60% cost savings. Customers are leaning into our vision of a cafe-like branch by eliminating north-south firewalls and SD vans. Furthermore, they're deploying Zero Trust Security inside branches, factories, and campuses and eliminating legacy point products such as network access control and east-west firewalls. With our over 350 Zero Trust Branch enterprise customers, we're just beginning to benefit from the massive opportunity to replace legacy solutions in millions of branches across a wide range of verticals, including finance, insurance, services, retail, healthcare, education, and more. To give you an example, in Q4, we signed our largest ever branch deal with a leading higher ed institution. They purchased our Zero Trust device segmentation to secure around 150,000 devices across more than 400 locations in a seven-figure new logo ACV deal. We are also seeing strong demand for our Zero Trust Cloud the third component of Zero Trust everywhere. Zero Trust Cloud secures workload to workload and workload to the internet communication and provides workload segmentation by design. This eliminates the need for VPNs, north, south, and east, west, virtual firewalls, express routes, and direct connects. The proliferation of AI is driving an urgency to secure the large footprint of enterprise workloads, and I believe our Zero Trust Cloud is the best solution for it. We are seeing strong demand for Zero Trust Cloud, which resulted in an acceleration of its ARR in Q4. To share a customer example, in a seven-figure ACV win, an existing Fortune 10 healthcare enterprise expanded their workload protection from public cloud workloads to data center workloads. This large enterprise chose Zscaler to implement Zero Trust Security and eliminate east-west firewalls. This is our fourth workload expansion deal with this customer, highlighting the large upsell opportunity we have for Zero Trust Cloud. Zero Trust Cloud enables enterprises to safely adopt agentic AI technologies that require workload communication between cloud and data centers, particularly in special retrieval augmented generation or RAG implementations. To drive faster adoption of Zero Trust Cloud, we recently introduced an innovative cloud gateway solution, which reduces the deployment time to under 10 minutes. By simplifying connectivity for distributed workloads across hyperscalers, we are helping customers achieve Zero Trust at global scale, which accelerates their cloud and AI initiatives. With the ongoing growth in AI workloads and the need to secure them, I expect Zero Trust Cloud to continue its strong growth in fiscal 26. Our third growth vector Data Security Everywhere is seeing strong demand as enterprises are consolidating multiple data security point products on our platform. I'm pleased to share that Data Security Everywhere ARR grew to approximately $425 million. Our comprehensive data security capabilities, including data discovery, classification, posture management, and data loss prevention are driving large deal wins. For example, an existing Fortune 500 services enterprise that's also a key global system integrator partner adopted our data security solution in a seven-figure ACV deal for 350,000 users. This customer adopted isolation, email DLP, endpoint DLP, data classification, and encryption and GenAI security, enabling them to consolidate multiple point products. I'm very pleased with the pace of our platform innovations for Zero Trust Everywhere, Data Security Everywhere, and AI Security. And I expect our strong growth in these areas to continue. To accelerate the adoption of our broader platform, we introduced our ZFlex program less than two quarters ago. In Q4, this program generated over $100 million in TCV bookings, representing over 50% sequential growth. Our ZFlex program is becoming the preferred motion for strategic multi-year deals as it enables seamless adoption of new product modules by our customers. To share an example, In a five-year, eight-figure TCV deal, a large enterprise energy customer chose our ZFlex program to increase the number of modules adopted from 14 to 19, including Zero Trust Branch for hundreds of locations. This purchase resulted in an over 100% increase in ARR with us. Customer interest in ZFlex continues to grow. and I expect it to be a meaningful growth driver in fiscal 26. In conclusion, our expanding platform and a stronger go-to-market engine position us well to benefit from the tailwinds of Zero Trust and AI security. With accelerating pace of our Zero Trust and AI innovations, we're still in the early innings of disrupting a large $100 billion security market. Now, I'd like to turn over the call to Kevin for our financial results.

Thank you, Jay, and good afternoon, everyone. Our Q4 results represent a strong finish to Fiscal 25, reinforcing the demand for our solutions and our operational scale. We operated at Rule of 50 in Fiscal 25, demonstrating our commitment to profitable growth. We ended fiscal 25 with over $3 billion in ARR, a milestone that reflects approximately 22% year-over-year growth. Notably, as Jay mentioned, we are one of only two pure play SaaS security companies to surpass this level of ARR. ARR represents the next 12 months revenue from existing customer contracts active at the end of the period. For modeling purposes, quarterly ARR figures from prior year periods are included in the supplemental materials accompanying our Q4 results. Q4 revenue was $719 million, growing 21% year-over-year, 6% sequentially, and exceeding the high end of our guidance. Geographically, the Americas accounted for 55% of revenue, EMEA for 29%, and APJ for 16%. For the full fiscal year, total revenue reached $2.7 billion, representing 23% year-over-year growth and surpassing our guidance. Our remaining performance obligation, or RPO, grew approximately 31% year-over-year to $5.8 billion, with approximately 46% classified as current RPO. We closed fiscal 25 with over 9,400 customers, including 664 customers generating over $1 million in ARR and 3,494 customers exceeding $100,000 in ARR. We now serve nearly 40% of the global 2,000 and over 45% of Fortune 500 companies, demonstrating the strategic role we play in customers' digital transformation journeys. Turning to the rest of our Q4 financial performance, our gross margin was 79.3% as compared to 81.1% last fiscal year Q4. Our gross margin this quarter is lower than our historical target of 80% due to a one-time deployment of a large private cloud in a government customer's data center, which included a hardware component that carries lower gross margins. Given the one-time nature of this shipment, we expect gross margin to move back up to 80% in Q1. Operating expenses increased 3% sequentially and 16% year-over-year, reaching $411 million. Operating margin was 22.1%, exceeding our long-term range and growing by approximately 60 basis points year-over-year. Since Q1 23, Operating margin has expanded by over 1,000 basis points, underscoring the leverage in our model. Our free cash flow margin for Q4 was 24%, including data center CapEx at 8% of revenue. For fiscal 25, data center CapEx represented 6% of revenue, approximately 60 basis points lower than last year due to investment timing. We ended the quarter with $3.6 billion in cash, cash equivalents, and short-term investments, including net proceeds of $1.7 billion from the convertible note we issued during the quarter. Next, let me provide key assumptions driving our Fiscal 26 guidance. On August 1st, we successfully closed the acquisition of Red Canary. We recognized approximately $83 million of ARR at close. Our full year ARR guidance assumes $95 million contribution from Red Canary, and our full year revenue guidance assumes approximately $90 million contribution from Red Canary. Our Red Canary ARR guidance assumes no contributions from customer contracts up for renewal in fiscal 26. Looking ahead, we are shifting our focus from billings to full year ARR as our primary growth metric. Regarding seasonality, we anticipate net new ARR will remain weighted towards the second half of the year, with approximately 46.5 to 47% in the first half, including the contribution from Red Canary, and consistent with historical trend. Finally, we are assuming the macro environment to be relatively unchanged in fiscal 26. With that, let me provide our guidance for Q1 and full year fiscal 26. As a reminder, these numbers are all non-GAAP. For the first quarter, we expect revenue in the range of $772 million to $774 million, reflecting year-over-year growth of approximately 23%. Gross margins to be approximately 80%. I would like to remind investors that we are introducing new products that are experiencing strong growth and are optimized for faster go-to-market rather than margins. This will continue to influence our gross margins. We plan to optimize new products for margins over time as they scale. Operating profit in the range of $166 million to $168 million. Net other income of approximately $18 million. Earnings per share in the range of 85 cents to 86 cents, assuming a 23% tax rate and 167 million fully diluted shares. For the full year fiscal 26, ARR in the range of $3.676 billion to $3.698 billion, reflecting year-over-year growth of 21.9% to 22.7%. Revenue in the range of $3.265 billion to $3.284 billion, reflecting year-over-year growth of approximately 22% to 23%. Operating profit in the range of $728 million to $736 million. Earnings per share in the range of $3.64 to $3.68, assuming a 23% tax rate and approximately 169 million fully diluted shares. Free cash flow margin to be approximately 26 to 26.5%. With a large market opportunity and customers increasingly adopting the broader platform, we will invest aggressively to position us for long-term growth and profitability. With that, operator, you may now open the call for questions.

Thank you. Ladies and gentlemen, as a reminder to ask the question, please press star 11 on your telephone, then wait for your name to be announced. To withdraw your question, please press star 11 again. Please limit yourself to one question only. Please stand by while we compile the Q&A roster. Our first question comes from the line of Saket Khalil with Barclays. Your line is open.

OK, great. Hey, Jay. Hey, Kevin. Thanks for taking my question here. And nice finish to the year. Jay, maybe for you. There were times when SASE was a healthy space in the past, despite firewalls being healthy as well. But now, it seems like firewall appliance growth is starting to slow. And you touched on this a little bit in your prepared remarks, but to what extent do you think SASE is replacing firewall appliances? I think we all know that it's replacing secure web gateway appliances. But what does the velocity look like on firewall appliances?

It's a very good question.

First of all, I basically said that if you want zero trust, you can depend on firewalls for security. So firewalls have to go. Somehow these old boxes take a lot longer to go sometimes than we want them to. First, I think the firewall appliances in the branch are the first to go. And the launch of Zero Trust Branch by Zscutter has been playing an important role. And since we introduced our unified Zero Trust Branch, which combines active segmentation, air gap segmentation, with elimination of firewalls and like, the interest has gone through. In fact, the only two products at Zscutter I've seen that don't require any demand generation because there's so much demand out there. One is data trust branch, and second is AI security. Now, branch will go first. I think data center firewalls will impact the second, and the virtual firewalls will be the third and last. I think it's a matter of time when firewalls will become like mainframes. Now, I'm talking about SASE. Unfortunately, SASE is one of those terms which means anything and everything. SASE includes firewalls. SASE includes SD-WAN. SASE includes SD-WAN. That's why we don't even like to use the term SASE too much. Or if we do, we like to use the term zero trust SASE. With the momentum we are seeing, I think you'll see acceleration in the elimination of branch firewalls with zero trust architecture. If we are serious about zero security, we need to go in zero trust all the way.

I hope it helps.

Thank you. Please stand by for our next question. Our next question comes from the line of Brad Zelnick with Ditcher Bank. Your line is open.

Excellent. Thank you so much for taking my question. And Jay, Kevin, unbelievable. Congrats on a strong close to the year and a very healthy outlook for fiscal 26. Jay, I wanted to ask about ZFlex, 50% sequential growth in TCV bookings, clearly a vehicle for getting more strategic with your customers. Can you talk about how your sales force will use Flex to exceed their goals in fiscal 26? Is it available broadly to everybody in the field? And maybe more generally, what's Mike Rich's playbook coming out of sales kickoff this year? Thanks.

VFlex is an important program that's built upon two very important foundational pieces we put in place before. The first thing was to really eliminate the bunch of point products we end up doing architectural workshops that identify what all should go out. Two, our business value assessment team quantifies if those pieces are removed, when can they be removed, and how much cost can be saved. Then ZFlex come on top of that and say, how do I make pricing flexible to meet the needs of the customer? For example, the customer may select to use, say, six modules. They're not sure if they can use three of them up front or two when and And when do they do the last one? We give them flexibility to use the modules they need to use. There's a term of the deal, which could be three years and often five years, and their ability to add more modules within the window, or we have a rate card to really buy more. So it gives the flexibility for the customers and allows the deal to fit in the budget. So a combination of our architecture, business value, and our ZFlex, makes it easier for us to do larger and better deals. And that's what we're driving. This program is relatively new, only about four, four and a half months old. And we started with a smaller set of larger customers.

Now we're expanding to the next level of customers as well as our partners.

Thank you. Our next question comes from the line of Mike Seacoles with Needham. Your line is open.

Hey, guys. Thanks for taking the questions here. And I'll echo my congrats on the quarter. I wanted to cycle back to the zero trust everywhere stat that we have around customer growth. And Jay, I think you're going to need to update that 390 plus target pretty soon. But I wanted to get a sense first, can you help us think about, I know you've given some customer examples, but what does the average customer look like when they are deemed a zero trust everywhere customer? How does spend materially change? what is the number of modules they're taking on versus the remaining cohort of customers? And then secondly, do sales reps have quota set against the zero trust everywhere metric, or is this more just, hey, the market is coming to Zscaler in this fashion? We'd just like to parse out those different elements. Thank you.

Sure. Very good question. So first of all, as you know, to do full security, you need to make sure you're able to implement Zero Trust, not just for users, but also your branches, so each branch becomes like an intern cafe, as well as cloud workloads, where you can have Zero Trust communication among workloads. Our customers early on started with Zero Trust for users. They've done a very good job in that. The next natural thing for customers to worry about is, how many branches? That should be going to Zero Trust branch. And that's actually eliminating a lot of firewalls and SD vans out there. And cloud is the next big thing. And with AI workloads building up, we see more demand, more adoption of zero trust in the cloud. So it's a natural part of the journey. We're seeing what we expected. So that's the adoption part. Now, what kind of impact can we have? We're seeing a large number of deals where ARR has gone to 2x or 3x and sometimes higher. And as you know, with time, workloads will grow even though users may not grow over time. So we expect this thing to be a very good thing. From incentive point of view, we don't really give our sales team targets for each product, but we do give them additional incentive from time to time for certain new products or new logos type of stuff. But it is true that the demand is pretty good in these areas. And our customer with zero trust users, zero trust branch, and zero trust cloud becomes zero trust everywhere customer. And we're excited with the opportunity we have to take a large installed base of users to the next two pillars.

I hope that helps.

Thank you. Please stand by for our next question. Our next question comes from the line of Meta Marshall with Morgan Stanley. Your line is open.

Great, thanks. Question for you on the AI security front. When customers start looking towards the AI security product adoption, just where are they looking for first, kind of the security for AI with some of the data security or agentic solutions or that AI for security kind of on the security ops side? Thanks.

Sure, thank you. Our customers first started to have secure use of public AI, such as ChatGPT, Gemini of the World. We offered that solution starting about 18 months ago. It's fairly well deployed. The goal is to make sure we secure the data so it doesn't leak out to public applications. The next piece became, how about secure my private applications, my private models that are sitting in a data center, or my public cloud? For that, we recently launched an offering. We call it EI Guardrails. It's early stage, but it is having tremendous interest. From a futuristic point of view, the next big interest is coming from agent-to-agent communication. Zero trust communication with all these agents, and we've got a serious amount of effort going on in this area. And it's a natural area for us to work with. We have been doing zero trust communication among workloads, users, branches, and devices. And this is a natural thing, and we expect it to be a sizable opportunity for us. Thank you.

Thank you. Please stand by for our next question. Our next question comes from the line of Joshua Tilton with Wolf Research. Your line is open.

Hey, guys. Thanks for taking my question. Congrats on a great end to the year. I guess what I'm trying to just get a better handle on is it looks like if you strip out Red Canary from the guide for next year, that you guys are guiding to net new ARR growth, which does scream like it's strong. But I guess what I'm just trying to understand is, is there any way you can give us a sense of what net new ARR grew this year so we can kind of gauge, you know, where you're guiding from? Like, are you guiding to an acceleration? Are you guiding to a deceleration? Is there anything you could help us understand for the trajectory of the net new ARR that you're guiding to for next year?

Yeah, thank you for the question.

We are guiding for single-digit net new ARR growth in fiscal 26 on an organic basis.

Thank you. Please stand by for our next question. Our next question comes from the line of Andy Nowinski with Wells Fargo. Your line is open.

Okay. Congratulations on a strong finish to fiscal 25. I wanted to ask you guys about the data security portfolio. I know $425 million was pretty impressive from an ARR perspective. I think you added about $75 million this quarter alone. And I know that's a standalone suite of solutions, but it seems like Those products go hand in hand with Zero Trust Everywhere solutions. So I'm just wondering if you're seeing customers possibly buying both solutions or if they will, maybe you'll see more of that trend this coming year. Thank you.

So we are seeing data security being bought along with Zero Trust Everywhere and many times even without that. For example, you may have zero trust the users, and if you don't have data security, you could add data security on top of that. Or in many deals, the customer says, I need to save more money and remove a lot of boxes and the branches and the cloud and my data security. So we have done deals where customers are moving to embrace data security and cloud and branch. And now, within data security, we have about eight modules. and there's an opportunity. So many times, customers go from zero to four or two to five or seven, and that module count is going up. To give you a little bit of quantitative idea, only 30% of our data security customers have more than three or more modules, and only 10% have four or more modules. That means that quite a few customers who have bought inline DLP but have the opportunity to do seven additional modules. So we are excited. We think we will have a pretty good growth rate for data security. In fact, if data security business we have were an independent company, standalone company, it'll probably be one of the largest data security companies out there.

Thank you. Please stand by for our next question. Our next question comes from the line of Fatina Buleni with Citi. Your line is open.

Oh, good afternoon. Thank you for taking my questions. Kevin, this one's for you. It's a little bit more tactical with respect to ZFlex, so about four, four and a half months of learning under your belt. But could you clarify for us if this is a vehicle or a conduit for attracting new customers, or is it principally being pitched to to existing customers, whereby if you can sort of talk to us about what the downstream impact on some of your KPIs would necessarily or hypothetically be, say, from a net retention rate perspective, from a billings perspective. So anything you can help us there with regards to ZFlex's impact on the financial model, whether it's for new customers or existing customers porting over to the ZFlex program. Thank you.

Thanks for the question. The truth is that ZFlex is available and applicable to both new logo and existing customers. I think we actually spoke on the last conference call about the fact that ZFlex is not fundamentally changing the financial model in any way. As Jay mentioned, it does have the result of significantly increasing potential deal sizes as customers have the flexibility to deploy multiple models and have price visibility as well. But there isn't any direct consequence to any of the financial metrics as a result of tactically purchasing ZFlex.

If I may add, so we're not dependent on consumption, that's unknown. It's a known amount, PCB, over a certain amount of time. The flexibility we're giving is, for example, there may be some pricing built in if the modules are adopted on the given time. That's number one point. Two, the modules, they can be predefined rates kind of stuff. But overall, it's increasing our TCV as well as our ARR.

Thank you. Please stand by for our next question. Our next question comes from the line of Gary Powell with BTIG. Your line is open.

Oh, great. Thanks for taking the question, and congratulations on the good results. So, yeah, I want to follow up on the earlier questions on zero trust everywhere. If I just look at, like, the components of that pillar, so there's zero trust for users and cloud. Those are more mature components. I would guess they're just for, like, the larger part of it. And then there's zero trust for branch, which is new. It sounds like it's getting a lot of traction. So just like how excited can we get on the potential there? And then is that demand, is it being driven more by like SD-WAN replacement? Is it the segmentation piece or just is it something else? I just want to make sure I'm thinking about that correctly.

Yeah. So thank you. Yes, it is true that user is more mature. Cloud started out with small deployments, and customers are saying, I've never seen anything like Zero Trust Cloud. What is this? Because we are the pioneers, we really introduced the notion in the cloud, and that's growing very nicely. And the branch, we needed to offer a plug-and-play solution, and then with a few capabilities, which we basically evolved over time. Now we have a very secure, wonderful solution. And I mentioned earlier, this is an area where I don't need to do any demand gen because the demand is exceeding all our expectations. So where is it coming from? Customers have a lot of SD vans already deployed on SD. They're finding that they are not easy to manage. There's a lot of operational overhead, roundtable management, but more importantly, SD-WAN enables lateral tech movement. A single infected machine in one branch office can traverse the whole network. It's a mesh network and bring all other things down. That's the biggest problem we fix. That's what our customers are looking for. So we replace SD-WAN or replace whatever old school network they have in place. It's an exciting area for us. I've been personally passionate about eliminating all these firewalls and all these branches I think we're getting closer to it.

Thank you. Please stand by for our next question. Our next question comes from the line of Eric Heath with KeyBank. Your line is open.

Hey, thanks for taking the question. I'll echo my congrats as well. Maybe just to follow on your comments regarding Gray's question on the branch. One thing I wanted to ask you, Jay, is there was a lot of strength in the retail sector coming out of COVID buying branch firewalls. Could you just talk about your exposure to retail and specifically as we think about fiscal 26, calendar 26, how you're thinking about the opportunity for zero trust branch in the retail segment as we kind of come up on that five-year depreciation lifecycle in that sector?

Yes. Retail is a great segment. In fact, if you look at where our customers are going, they want to start from the smaller branches, then to larger, and then to plants and factories. Here's a typical dialogue that goes for me with a customer. Let's start with a simple branch. What's the difference between you sitting in a branch office and you sitting at home? The answer typically is nothing. Second question, do you have an SD card at home? No. Do you have it in the branch office? Yes. Do you have a corporate firewall at home? No. Do you have it in the branch office? Yes. Why? The only reason is we've always done it that way. So we are Starting with the low-end firewalls, which are relatively easy, then we go to the next level. Retail is a fairly easy and simple segment. Yes, there's some very large stores out there, but lots and lots of retail stores are straightforward and simple. They're very similar to each other, so the deployment rollout becomes easier. So we're counting on retail, among other areas, for our business growth for Zero Trust Branch and FY26.

Thank you. Our next question comes from the line of Patrick Colville with Scotiabank. Your line is open.

Thank you for taking my question. This one is for Jay or Kevin. When I look at the metrics you disclosed around the proportion of net new ACV from ZPA, ZIA, and then emerging products, For me, one of the kind of big standouts this fiscal year was the kind of inflection up in emerging products. If I got it right, going from 22% of new ACV to 27. Can you, I guess, just double click on where you think that might go in fiscal 26? And then also, you know, it seems like there's just a lot of health left in ZPA and ZIA. So just talk about like where that continued momentum from those core products is coming from? Thank you.

Yeah, very good question. We have been very pleased with the contribution of emerging products. We delivered good results, very pleased with it. But as we move forward, I think we are shifting our focus on three significant growth vectors to better package rather than leave them as one bucket of emerging products, AI securities, one, zero trust everywhere being two, and data security being three. And these three areas for us are actually a billion dollar in ARR. So we'll be tracking each of these three segments for us to grow. We already talked about data security growing at a very good pace at scale. AI security is somewhat smaller, but we expect it to grow at a faster pace as well. Your ZPA is the heart of all the Zero Trust communication, and so overall strength of ZPA will be good. We added some of the Zero Trust segmentation, micro-segmentation offerings for workloads for ZPA. We expect ZPA to give us good growth as well. So overall, I think our portfolio is growing very rapidly. The main thing I'm personally focused on is to make sure the sales execution, which we did very well in fiscal 25, keep on getting better and better in fiscal 26.

Thank you. Our next question comes from the line of Joseph Gallo with Jefferies. Your line is open.

Hey, guys. Thanks for the question. I wanted to follow up on Josh's earlier question. Kevin, appreciate all the guys' color. Given this is your first fiscal year guidance, can you just talk through your methodology, maybe relative to Zscaler's historical approach, any changes to process, and then just any considerations for macro or fed in your guidance? Thank you.

Yeah, thank you for the question. You know, look, there is no fundamental shift in guidance philosophy. I think we have historically been prudent with how we've set our guidance, and I expect to continue that. Fed in particular was about high single digits as a percentage of the business in 25. We're expecting similar performance going forward. But fundamentally, you should not expect anything, any philosophical or shifts in methodology with respect to guidance. The only obvious change is we are moving from billings to ARR going forward as we believe that's a better that metric is better aligned to our go-to-market and how we're running the business today.

If I may add, regarding the macro, we aren't expecting any meaningful change in macro. Macro pretty much has kind of remained the way it is.

So no changes assumed in that.

Thank you. Our next question comes from the line of Brian Exes with JP Morgan. Your line is open.

Hi, good afternoon, and thank you for taking the question. Jay, I appreciate the comments on agentic SecOps and agentic ITOps. I would love if you could maybe peel back a layer and help us understand some of the conversations that you're having with customers, particularly from the perspective of, you know, are they primarily focused on what you've done combining like Avalor and Red Canary for more of a streaming-based analytics platform, particularly on a SecOps side? Or are they leveraging that to address AI or are they leveraging that to target more kind of like legacy SIM business? I know everyone's kind of pointing their finger at, you know, displacing Splunk and QRadar type business. We'd love to hear a little bit more about your conversations and how you're leveraging into that space.

Yes. So agentic operations for us fall in two broad buckets. One is security operations. Here, we are combining a number of products we built, unified vulnerability management that Avalar brought to us, asset exposure management we built on our data fabric platform, and then we basically are building the SecOps, taking a GenTech technology from Red Cray together. We think this is going to accelerate us to become a leading player in the area. We're in the new world. We don't think customers should be paying for building these data lakes. I think customers should be paying for outcomes, and that's the model we're building towards, based on outcomes, don't charge it, based on how many gigabytes of data is coming to you. That's one part. The second part, what we call it, agentic IT operations. AI and agents can help us to figure out performance issues, and they fall in two buckets. One is user performance. Here, we've taken our CDX product, added a bunch of agentic technology to make sure we can identify and troubleshoot those things very quickly. Next, we are expanding our CDX to known human entities. That's machine to machine. Because as more and more of these agents and models will talk to each other, their detection of performance latency issues will become important. And we are in a good position to detect and identify that. Both ADRs are big opportunities for us, traditional security operations, disruption, as well as performance and troubleshooting that is needed for a lot of these applications and users. I hope that helps.

Thank you. Our next question comes from the line of Sharanik Kothari with Baird. Your line is open.

Yeah, thanks for taking my question. Again, congrats on the great execution. So, Jay, just to double-click onto AI security, right? You mentioned, of course, the key focus areas, securing agentless workloads and user-to-agent. Again, that's quite distinct from the legacy posture. Since AI is evolving fast and the new billion-dollar opportunity, just how can you elaborate how that plays into the new logo focus now, right, that you highlighted at seeing it live and now in light of this new AI security opportunity, just get elaborate on how are you adjusting go-to-market as well across new logo and platform. Thanks a lot.

So, first of all, we have both big opportunities. We have new logos sitting at about 45% of Fortune 500 or nearly 40% of Global 2000. There's plenty of market on the high end of the market where we do it really well. But the platform is so big that we can keep on upselling and upselling. So both opportunities are big. So with that, we don't really focus and say, you've got to do new logos. We do provide some financial incentive for new logos. Now, when it comes to solutions like AI security or some of the new solutions we do, generally, not always, generally, our customer base is much easier to sell because we've got so much credibility. We've got relationship with the cio at the cso level so we're able to go in fact we are able to build some of these solutions with some of these customers as design partners with us so if i just tell you most most of the new stuff we bring in maturity of that will come from upsell opportunities but there are many solutions that are opening doors for new logos as well thank you please stand by for our next question

Our next question comes from the line of Todd Weller with Stevens. Your line is open.

Yes, good afternoon. Thanks for taking the question. Jay, just a follow-up on the SecOps piece of agentic operations. When do you anticipate kind of having that full-fledged kind of next-gen SOC platform available? And then what's your take on kind of filtering pipeline capabilities? At Zenith, one of your SI partners did a presentation where they combined data fabric with Krivel to upgrade a customer to a next-gen platform. And obviously, CrowdStrike just made a move So curious to your thoughts on that.

It's a good question. You know, we look at the overall big picture in the data area in two main buckets. Exposure management is one of them and security operations and threat management is the second one. First of all, this exposure management is a fragmented market today. No one really dominates the market out there. This is where A number of our products built on top of our data fabric are offering good opportunities for us. And this is where your unified vulnerability management comes in. This is where your asset exposure management, attack surface management, as well as RISC-360 comes in. That's one bucket. Fairly well-differentiated, unified, offered by one vendor rather than five different point product vendors. Now I'm moving to the right side, which is a security operations area. Yes, this has been done in a traditional way. Here's my massive data lake or delta lake, and here are my tools on top of that. Our data fabric approach allows us to bring in logs, but synthesize them and really create entity relationships. So I don't really need to keep all these logs. My security analysts don't need to go against a billion logs a day. So architecturally, they're very different. So we're going in an incremental fashion. And I think over the coming few quarters, we'll be able to say we take care of the whole thing. So it's kind of a journey. Even if I had everything today, a customer will take a few quarters to get out of where they need to. But we are moving towards pretty rapidly to offer a solution where you can replace whatever piece you need to replace. But having said that, We are not against the notion that if I got, say, 100 terabytes of data sitting in my old school SIM, if I can take out 50 terabytes of it in the first three or four months, I'm going to cut the cost into half to start with. And it may take a couple of quarters to remove the rest of it. So we look at it as a phased, meaningful approach, working with the customers as a partner. And Red Canary starts playing an important role. I was talking to the CISO, a very large customer, a Z-scaler customer, who a couple of quarters ago bought Red Canary. In fact, they need Red Canary. He said, my current SIM solution can't find some of the threats I can find with the help of Red Canary. So Red Canary can play a very good complementary role there as well. So we think we all got all the key pieces to execute in this market, which is ready to be disrupted.

Thank you. Our next question comes from the line of Adam Borg with Stiefel. Your line is open.

Awesome. Thanks so much for taking the question. Maybe just building off the last question on Red Canary. So obviously, great to see the acquisition close, big part of the agentic operations opportunity. Maybe you could just remind us of the top R&D and sales and marketing priorities as we play out this year. Thanks so much.

Sorry, can you repeat the last statement you made?

Sure, just the top R&D and sales and marketing priorities for fiscal 26.

Overall for Zscaler?

Specifically for Red Canary.

OK.

So number one, the acquisition we made was driven by technology. Our teams are working well together to make sure we can take that agentic technology and they have very sophisticated agent technology for detection and investigation that gets integrated with our data fabric. So we build a strong solution that can be taken to market. Number one. Number two, Red Canary sales team is acting like a specialist team for these security operations and getting leverage from ZSkidder wider sales team that can uncover opportunities And Red Canary team is a specialist team that can close deals and grow business. MDR remains an important part of the business for us at Red Canary, and we keep on focused on serving those customers. Now the data gets better, the brand gets better, opening door gets better. So we are expecting good results on both product integration side as well as go-to-market execution side. And all is going very well so far.

Thank you. Please stand by for our next question. Our next question comes from the line of Andrew De Gasperi with BNP Paribus. Your line is open.

Thanks and congrats on the 3 billion milestone. That's something to be proud of. One question I had is on the guidance for Red Canary contribution for this year. I think on the last earnings call you said it would contribute about half of the $140 million of ARR. I think now you're saying it's about $95 million. I'm just wondering, is that 35% increase driven by anything, or is that what the asset is growing at, or are you doing something different based on the answer to the last question you just made?

Yeah, thanks for the question. The commentary on the last call was with respect to how much we would anticipate recognizing at the close. What we ultimately determined at the closing is that we recognized $83 million of ARR. We are assuming low double-digit growth in the Red Canary business for 26, and so for the guidance for 26, we've assumed $95 million in contribution from Red Canary. The last thing I would just keep in mind is NBR providers have historically had higher churn rates in our business, and this is a new business segment for us. So while we are engaging very closely with Red Canary customers and considering all the different moving parts here, we are taking a prudent approach to how we're treating their ARR.

Thank you. Ladies and gentlemen, due to the interest of time, I would now like to turn the call back over to Jay for closing remarks.

Thank you all for your interest in Zscaler. We look forward to seeing you in many of the investor conferences we plan to attend. Thank you for your time.

Ladies and gentlemen, that concludes today's conference call. Thank you for your participation. You may now disconnect.