Zscaler Q4 2025 Earnings Report

Zscaler EPS Results

• Actual EPS: $0.89
• Consensus EPS: $0.80
• Beat/Miss: Beat by +$0.09
• One Year Ago EPS: $0.88

Zscaler Revenue Results

• Actual Revenue: $719.23 million
• Expected Revenue: $707.15 million
• Beat/Miss: Beat by +$12.08 million
• YoY Revenue Growth: +21.30%

Zscaler Announcement Details

• Quarter: Q4 2025
• Date: 9/2/2025
• Time: After Market Closes
• Conference Call Date: Tuesday, September 2, 2025
• Conference Call Time: 4:30PM ET

Zscaler (NASDAQ:ZS) is a cloud security company that provides a range of services designed to protect enterprises as they transition from traditional data centers to cloud-based architectures. Founded in 2007 and headquartered in San Jose, California, Zscaler pioneered a security model known as Zero Trust Exchange, which assumes no user or device should be trusted by default—even if they are connected to a corporate network. The company offers its platform via a global, multi-tenant cloud infrastructure that delivers security as a service rather than relying on legacy on-premises appliances.

The company’s flagship offerings include Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA). ZIA secures web and internet traffic by enforcing policy-based access controls, data loss prevention, and threat protection at the network edge. ZPA enables secure remote access to internal applications without exposing them to the public internet, leveraging identity-based segmentation to reduce attack surfaces. Zscaler Digital Experience (ZDX) complements these products by providing insights into user experience and application performance across the digital supply chain.

Zscaler serves a broad array of industries—such as financial services, healthcare, manufacturing, and retail—helping organizations in North America, Europe, Asia-Pacific, and beyond to modernize their security architectures. By replacing traditional security stacks with its cloud-native platform, the company aims to simplify management, improve performance, and enhance visibility across distributed workforces. Customers range from small businesses to global enterprises seeking to secure remote users, branch offices, and cloud workloads.

Under the leadership of founder, chairman, and CEO Jay Chaudhry, Zscaler went public on the Nasdaq stock exchange in March 2018. The executive team blends expertise in cybersecurity, cloud networking, and enterprise software. With ongoing investments in threat research and platform innovation, Zscaler positions itself at the forefront of the Secure Access Service Edge (SASE) market, driving adoption of zero trust principles and helping organizations navigate the evolving security landscape.

Zscaler Q4 2025 Earnings Call Transcript

Key Takeaways

• Positive Sentiment: We delivered 21% year-over-year revenue growth to $719 million in Q4, set a record 22.1% operating margin, and surpassed $3 billion ARR, achieving the Rule of 50.
• Positive Sentiment: Our AI Security, Zero Trust Everywhere, and Data Security Everywhere vectors together topped $1 billion in ARR; SecOps ARR grew 85% and ZDX Advanced Plus bookings 58% year-over-year.
• Positive Sentiment: Zero Trust Everywhere now secures over 350 enterprises, driving seven-figure ACV wins that replace legacy firewalls and SD-WAN, including the largest-ever branch deal for 150,000 devices.
• Positive Sentiment: The ZFlex program generated over $100 million in TCV bookings in under two quarters, up 50% sequentially, as customers embrace flexible, multi-module, multi-year contracts.
• Neutral Sentiment: For fiscal 2026, Zscaler guides to ARR of $3.676–3.698 billion (≈22% growth) and revenue of $3.265–3.284 billion (≈22–23% growth), with Q1 revenue of $772–774 million and ~80% gross margin.

[Operator]

Hello, and welcome to the Zscaler Q4 2025 earnings call. At this time, all participants are in a listen-only mode. After the speaker's presentation, there will be a question and answer session. To ask a question during the session, you will need to press *11 on your telephone. You will then hear an automated message advising your hand is raised. To withdraw your question, please press *11 again. We ask that you limit yourself to one question only. I would now like to turn the conference over to Ashwin Kesireddy, Vice President of Investor Relations and Strategic Finance. Sir, you may begin.

[Operator]

Good afternoon, everyone, and welcome to the Zscaler Q4 Fiscal Year 2025 earnings conference call. On the call with me today are Jay Chaudhry, Chairman and CEO, and Kevin Rubin, CFO. Please note we have posted our earnings release and a supplemental financial schedule to our investor relations website. Unless otherwise noted, all numbers we talk about today will be on an adjusted, non-GAAP basis. You will find the reconciliation of GAAP to the non-GAAP financial measures in our earnings release.

[Operator]

I would like to remind you that today's discussion will contain forward-looking statements, including but not limited to the company's anticipated future revenue, annual recurring revenue, calculated billings, operating performance, gross margin, operating expenses, operating income, net income, free cash flow, dollar-based net retention rate, future hiring decisions, remaining performance obligations, income taxes, earnings per share, our objectives and outlook, our customer response to our products, and our market share and market opportunity. These statements and other comments are not guarantees of future performance, but rather are subject to risk and uncertainty, some of which are beyond our control. These forward-looking statements apply as of today, and you should not rely on them as representing our views in the future. We undertake no obligation to update these statements after this call.

[Operator]

For a more complete discussion of the risks and uncertainties, please see our filings with the SEC, as well as in today's earnings release. I also want to inform you that we will be attending the following conferences: Citi Global TMT Conference on September 4th, Truist Securities Technology Symposium on September 4th, Goldman Sachs Communacopia Plus Technology Conference on September 10th, and Wolfe Research TMT Conference on September 10th. Now, I will turn the call over to Jay.

[Operator]

Thank you, Ashwin. We had an outstanding Q4, and I am very pleased to share our strong growth, which once again exceeded our guidance. Our revenue grew 21% year-over-year, and operating margin exceeded 22%, which is a quarterly record for us. We are seeing growing demand for our large and expanding platform, which provides best-in-class cyber and AI security while eliminating complexity and reducing cost. We are seeing significant customer interest in our powerful AI security solutions, including our new AI Guard and GenAI Security offerings. An increasing number of enterprises are choosing Zscaler because of our technology leadership and platform scale. I am pleased to share that our platform now secures nearly 40% of the Global 2000 and over 45% of the Fortune 500 companies.

[Operator]

Driven by the strong customer demand, our annual recurring revenue, or ARR, increased about 22% year-over-year and surpassed $3 billion, making us one of the only two pure-play SaaS security vendors to achieve this milestone. For fiscal year 2025, with our revenue growth of 23% and free cash flow margin of 27%, we operated at Rule of 50. While many public SaaS companies strive for Rule of 40 results, we have consistently exceeded the sought-after industry benchmark. Heading into fiscal 2026, we are accelerating our platform innovations across three growth vectors: AI Security, Zero Trust Everywhere, and Data Security Everywhere, which together surpassed $1 billion in ARR in Q4. Let me share more details on our innovations in these three areas, starting with AI Security. We have entered an era of omnipresent AI, which is fundamentally transforming enterprises and is leading to an explosive growth of AI/ML traffic.

[Operator]

The scale of this transformation is truly remarkable. Our Threat Labs report revealed that AI/ML transactions on our cloud increased 3,500% in the past year. The adoption of AI at this breakneck pace is creating new security challenges, such as model jailbreaking, prompt injection, model poisoning, and more. The growth in AI also increases complexity and creates new cyber risks. To address these emerging security challenges, we are innovating in two primary areas. First, security for AI applications. We have delivered solutions to secure AI apps and access to those apps, whether by users or AI agents. To secure AI apps from traditional cyber and emerging intent-based attacks, and to battle the new security challenges I just referenced, we recently launched Zscaler AI Guard, which is being tested by a significant number of large customers.

[Operator]

We are already the leading vendor for Zero Trust communication between users, workloads, devices, and B2B. Agent-to-agent communication is a natural extension of our proven Zero Trust platform. We are developing a Zero Trust solution to secure agent-to-agent and agent-to-application communication. As an increasing number of software vendors are introducing their own agents, enterprises are looking for a proven vendor-agnostic platform like Zscaler to secure agentic communication using standard protocols like MCP or A2A. Our second area of AI innovations is agentic operations, which includes agentic SecOps and agentic ITOps. I am pleased to see continued strong demand for our agentic operation products, and I expect this portfolio to surpass $400 million in ARR in fiscal year 2026. In addition, we are delivering several innovations to continue driving growth in these areas.

[Operator]

For example, for security operations, we are building an AI-powered SOC solution to simplify customers' operations, reduce alert fatigue, automatically hunt for threats, discover vulnerabilities, and predict breaches while reducing cost and complexity and eliminating legacy SIMs. We are combining our highly differentiated data fabric with the recently acquired Red Canary's agentic AI technology to deliver a truly AI-powered SOC. During the quarter, we saw strong demand for our solutions, which drove over 85% year-over-year growth in SecOps ARR. For IT operations, we are introducing several Zscaler Digital Experience or ZDX innovations to enable faster resolution of IT tickets. To share an example, we are introducing an AI-powered endpoint remediation solution, which will further reduce resolution time of IT tickets. Our current innovations, like the ZDX Copilot, are resonating with customers and drove 58% year-over-year growth in the bookings of ZDX Advanced Plus Queue in fiscal 2025.

[Operator]

Our second growth factor, Zero Trust Everywhere, which includes Zero Trust users, Zero Trust branch, and Zero Trust cloud, is exceeding our expectations. Two quarters ago, we shared our goal of securing 390 enterprises with Zero Trust Everywhere by the end of fiscal 2026. As of the end of fiscal 2025, we are already close to reaching this goal with over 350 Zero Trust Everywhere enterprises. Let me share an example of an enterprise that embraced Zero Trust Everywhere. In a seven-figure ACV win, an existing Zero Trust Users and Zero Trust Cloud enterprise purchased Zero Trust Branch to secure over 120 manufacturing plants and become a Zero Trust Everywhere enterprise. Zero Trust Branch enables this Global 2000 enterprise to replace legacy SD-WAN, firewall-based VPNs, and existing OT security solutions, and they expect to realize more than 60% cost savings.

[Operator]

Customers are leaning into our vision of a café-like branch by eliminating north-south firewalls and SD-WANs. Furthermore, they are deploying Zero Trust security inside branches, factories, and campuses, and eliminating legacy point products such as network access control and east-west firewalls. With our over 350 Zero Trust Branch enterprise customers, we are just beginning to benefit from the massive opportunity to replace legacy solutions in millions of branches across a wide range of verticals, including finance, insurance, services, retail, healthcare, education, and more. To give you an example, in Q4, we signed our largest-ever branch deal with a leading higher-ed institution. They purchased our Zero Trust device segmentation to secure around 150,000 devices across more than 400 locations in a seven-figure new logo ACV deal. We are also seeing strong demand for our Zero Trust Cloud, the third component of Zero Trust Everywhere.

[Operator]

Zero Trust Cloud secures workload-to-workload and workload-to-the-Internet communication and provides workload segmentation by design. This eliminates the need for VPNs, north-south and east-west virtual firewalls, express routes, and direct connects. The proliferation of AI is driving an urgency to secure the large footprint of enterprise workloads, and I believe our Zero Trust Cloud is the best solution for it. We are seeing strong demand for Zero Trust Cloud, which resulted in an acceleration of its ARR in Q4. To share a customer example, in a seven-figure ACV win, an existing Fortune 10 healthcare enterprise expanded their workload protection from public cloud workloads to data center workloads. This large enterprise chose Zscaler to implement Zero Trust security and eliminate east-west firewalls. This is our fourth workload expansion deal with this customer, highlighting the large upsell opportunity we have for Zero Trust Cloud.

[Operator]

Zero Trust Cloud enables enterprises to safely adopt agentic AI technologies that require workload communication between cloud and data centers, particularly in spatial retrieval augmented generation or RAG implementations. To drive faster adoption of Zero Trust Cloud, we recently introduced an innovative cloud gateway solution, which reduces the deployment time to under 10 minutes. By simplifying connectivity for distributed workloads across hyperscalers, we are helping customers achieve Zero Trust at global scale, which accelerates their cloud and AI initiatives. With the ongoing growth in AI workloads and the need to secure them, I expect Zero Trust Cloud to continue its strong growth in fiscal 2026. Our third growth vector, Data Security Everywhere, is seeing strong demand as enterprises are consolidating multiple data security point products on our platform. I am pleased to share that Data Security Everywhere ARR grew to approximately $425 million.

[Operator]

Our comprehensive data security capabilities, including data discovery, classification, posture management, and data loss prevention, are driving large deal wins. For example, an existing Fortune 500 services enterprise that's also a key global system integrator partner adopted our data security solution in a seven-figure ACV deal for 350,000 users. This customer adopted isolation, email DLP, endpoint DLP, data classification, and encryption, and GenAI Security, enabling them to consolidate multiple point products. I'm very pleased with the pace of our platform innovations for Zero Trust Everywhere, Data Security Everywhere, and AI Security, and I expect our strong growth in these areas to continue. To accelerate the adoption of our broader platform, we introduced our ZFlex program less than two quarters ago. In Q4, this program generated over $100 million in TCV bookings, representing over 50% sequential growth.

[Operator]

Our ZFlex program is becoming the preferred motion for strategic multi-year deals as it enables seamless adoption of new product modules by our customers. To share an example, in a five-year eight-figure TCV deal, a large enterprise energy customer chose our ZFlex program to increase the number of modules adopted from 14 to 19, including Zero Trust Branch for hundreds of locations. This purchase resulted in an over 100% increase in ARR with us. Customer interest in ZFlex continues to grow, and I expect it to be a meaningful growth driver in fiscal 2026. In conclusion, our expanding platform and a stronger go-to-market engine position us well to benefit from the tailwinds of Zero Trust and AI Security. With the accelerating pace of our Zero Trust and AI innovations, we are still in the early innings of disrupting a large $100 billion security market.

[Operator]

Now, I would like to turn over the call to Kevin for our financial results.

[Operator]

Thank you, Jay, and good afternoon, everyone. Our Q4 results represent a strong finish to fiscal 2025, reinforcing the demand for our solutions and our operational scale. We operated at Rule of 50 in fiscal 2025, demonstrating our commitment to profitable growth. We ended fiscal 2025 with over $3 billion in ARR, a milestone that reflects approximately 22% year-over-year growth. Notably, as Jay mentioned, we are one of only two pure-play SaaS security companies to surpass this level of ARR. ARR represents the next 12 months' revenue from existing customer contracts active at the end of the period. For modeling purposes, quarterly ARR figures from prior year periods are included in the supplemental materials accompanying our Q4 results. Q4 revenue was $719 million, growing 21% year-over-year, 6% sequentially, and exceeding the high end of our guidance.

[Operator]

Geographically, the Americas accounted for 55% of revenue, EMEA for 29%, and APJ for 16%. For the full fiscal year, total revenue reached $2.7 billion, representing 23% year-over-year growth and surpassing our guidance. Our remaining performance obligation, or RPO, grew approximately 31% year-over-year to $5.8 billion, with approximately 46% classified as current RPO. We closed fiscal 2025 with over 9,400 customers, including 664 customers generating over $1 million in ARR and 3,494 customers exceeding $100,000 in ARR. We now serve nearly 40% of the Global 2000 and over 45% of Fortune 500 companies, demonstrating the strategic role we play in customers' digital transformation journeys. Turning to the rest of our Q4 financial performance, our gross margin was 79.3% as compared to 81.1% last fiscal year Q4.

[Operator]

Our gross margin this quarter is lower than our historical target of 80% due to a one-time deployment of a large private cloud in a government customer's data center, which included a hardware component that carries lower gross margin. Given the one-time nature of this shipment, we expect gross margin to move back up to 80% in Q1. Operating expenses increased 3% sequentially and 16% year-over-year, reaching $411 million. Operating margin was 22.1%, exceeding our long-term range and growing by approximately 60 basis points year-over-year. Since Q1 2023, operating margin has expanded by over 1,000 basis points, underscoring the leverage in our model. Our free cash flow margin for Q4 was 24%, including data center CapEx at 8% of revenue. For fiscal 2025, data center CapEx represented 6% of revenue, approximately 60 basis points lower than last year due to investment timing.

[Operator]

We ended the quarter with $3.6 billion in cash, cash equivalents, and short-term investments, including net proceeds of $1.7 billion from the convertible note we issued during the quarter. Next, let me provide key assumptions driving our fiscal 2026 guidance. On August 1, we successfully closed the acquisition of Red Canary. We recognized approximately $83 million of ARR at close. Our full-year ARR guidance assumes a $95 million contribution from Red Canary, and our full-year revenue guidance assumes approximately a $90 million contribution from Red Canary. Our Red Canary ARR guidance assumes no contributions from customer contracts up for renewal in fiscal 2026. Looking ahead, we are shifting our focus from billings to full-year ARR as our primary growth metric.

[Operator]

Regarding seasonality, we anticipate net new ARR will remain weighted towards the second half of the year, with approximately 46.5% to 47% in the first half, including the contribution from Red Canary, and consistent with historical trend. Finally, we are assuming the macro environment to be relatively unchanged in fiscal 2026. With that, let me provide our guidance for Q1 and full-year fiscal 2026. As a reminder, these numbers are all non-GAAP. For the first quarter, we expect revenue in the range of $772 million to $774 million, reflecting year-over-year growth of approximately 23%. Gross margins to be approximately 80%. I would like to remind investors that we are introducing new products that are experiencing strong growth and are optimized for faster go-to-market rather than margins. This will continue to influence our gross margins. We plan to optimize new products for margins over time as they scale.

[Operator]

Operating profit in the range of $166 million to $168 million. Net other income of approximately $18 million. Earnings per share in the range of $0.85 to $0.86, assuming a 23% tax rate and 167 million fully diluted shares. For the full-year fiscal 2026, ARR in the range of $3.676 billion to $3.698 billion, reflecting year-over-year growth of 21.9% to 22.7%. Revenue in the range of $3.265 billion to $3.284 billion, reflecting year-over-year growth of approximately 22% to 23%. Operating profit in the range of $728 million to $736 million. Earnings per share in the range of $3.64 to $3.68, assuming a 23% tax rate and approximately 169 million fully diluted shares. Free cash flow margin to be approximately 26% to 26.5%. With a large market opportunity and customers increasingly adopting the broader platform, we will invest aggressively to position us for long-term growth and profitability.

[Operator]

With that, operator, you may now open the call for questions.

[Operator]

Thank you. Ladies and gentlemen, as a reminder to ask a question, please press *11 on your telephone, then wait for your name to be announced. To withdraw your question, please press *11 again. Please limit yourself to one question only. Please stand by while we compile the Q&A roster. Our first question comes from the line of Saket Kalia with Barclays. Your line is open.

[Operator]

Okay, great. Hey, Jay. Hey, Kevin. Thanks for taking my question here, and nice finish to the year. Jay, maybe for you, there were times when SASE was a healthy space in the past, despite firewalls being healthy as well. Now it seems like firewall appliance growth is starting to slow. You touched on this a little bit in your prepared remarks. To what extent do you think SASE is replacing firewall appliances? I know we all, I think we all know that it's replacing secure web gateway appliances, but what does the velocity look like on firewall appliances?

[Operator]

A very good question. First of all, I basically said that if you want Zero Trust, you can't depend upon firewalls for security. Firewalls have to go. Somehow, these old boxes take a lot longer to go sometimes than we want them to. I think the firewall appliances in the branch are the first to go. The launch of Zero Trust Branch by Zscaler has been playing an important role. Since we introduced our unified Zero Trust Branch, which combines at least segmentation, air gap segmentation, with elimination of firewalls alike, the interest has gone to zero. In fact, the only two products at Zscaler I've seen that don't require any demand generation because there's so much demand out there are Zero Trust Branch and AI Security. Branch will go first.

[Operator]

I think data center firewalls will impact the second, and the virtual firewalls will be the third and last gap. I think it's a matter of time when firewalls will become like mainframes. Talking about SASE, unfortunately, SASE is one of those terms which means anything and everything. SASE includes firewalls. SASE includes SD-WAN. SASE includes SD-WAN. That's why we don't even like to use the term SASE too much. If we do, we like to use the term Zero Trust SASE. With the momentum we are seeing, I think you'll see acceleration in the elimination of branch firewalls with Zero Trust architecture. If we are serious about zero security, we need to go in Zero Trust all the way. I hope it helps.

[Operator]

Thank you. Please stand by for our next question. Our next question comes from the line of Brad Zelnick with Deutsche Bank. Your line is open.

[Operator]

Excellent. Thank you so much for taking my question. Jay, Kevin, unbelievable. Congrats on a strong close to the year and a very healthy outlook for fiscal 2026. Jay, I wanted to ask about ZFlex, 50% sequential growth in TCV bookings, clearly a vehicle for getting more strategic with your customers. Can you talk about how your sales force will use Flex to exceed their goals in fiscal 2026? Is it available broadly to everybody in the field? Maybe more generally, what's Mike Rich's playbook coming out of sales kickoff this year? Thanks.

[Operator]

ZFlex is an important program that's built upon two very important foundational pieces we put in place before. The first thing was, do you really eliminate the bunch of point products? We end up doing architectural workshops that identify what all should go out. Two, our business value assessment team quantifies if those pieces are removed, when can they be removed, and how much cost can be saved. ZFlex comes on top of that and says, how do I make pricing flexible to meet the needs of the customer? For example, the customer may select to use, say, six modules. They're not sure if they can use three of them upfront or two, when, and when do they do the last one? We give them flexibility to use the modules they need to use.

[Operator]

There's a term of the deal, which could be three years and often five years, and their ability to add more modules within the window, or we have a rate card to really buy more. It gives the flexibility for the customers and allows the deal to fit in the budget. A combination of our architecture, business value, and our ZFlex makes it easier for us to do larger and better deals. That's what we're driving. We started this program, it is relatively new, only about four, four and a half months old. We started with a smaller set of larger customers. Now we're expanding to the next level of customers as well as our partners.

[Operator]

Thank you. Our next question comes from the line of Mike Cikos with Needham. Your line is open.

[Operator]

Hey, guys. Thanks for taking the questions here. I'll echo my congrats on the quarter. I want to cycle back to the Zero Trust Everywhere stat that we have around customer growth. Jay, I think you're going to need to update that 390 plus target pretty soon. I wanted to get a sense first, can you help us think about, I know you've given some customer examples, but what does the average customer look like when they are deemed a Zero Trust Everywhere customer? How does spend materially change? What is the number of modules they're taking on versus the remaining cohort of customers? Secondly, do sales reps have quota set against the Zero Trust Everywhere metric, or is this more just, hey, the market is coming to Zscaler in this fashion? We'd just like to parse out those different elements. Thank you.

[Operator]

Sure. Very good question. First of all, as you know, to do full security, you need to make sure you're able to implement Zero Trust, not just for users, but also your branches. Each branch becomes like an internet cafe, as well as cloud workloads, where you can have Zero Trust communication among workloads. Our customers early on started with Zero Trust for users. We've done a very good job in that. The next natural thing for customers to worry about is our branches. That's where we go in the Zero Trust Branch. That's actually eliminating a lot of firewalls and SD-WANs out there. Cloud is the next big thing. With AI workloads building up, we see more demand, more adoption of Zero Trust in the cloud. It's a natural part of the journey. We're seeing what we expected. That's the adoption part.

[Operator]

Now, what kind of impact can we have? We're seeing a large number of deals where ARR has gone to 2x or 3x and sometimes higher. As you know, with time, workloads will grow, even though users may not grow over time. We expect this thing to be a very good thing. From an incentive point of view, we don't really give our sales team targets for each product. What we do give them is additional incentive from time to time for certain new products or new logos type of stuff. It is true that the demand is pretty good in these areas. A customer with Zero Trust users, Zero Trust Branch, and Zero Trust Cloud becomes a Zero Trust Everywhere customer. We're excited with the opportunity we have to take a large install base of users to the next two pillars. I hope that helps.

[Operator]

Thank you. Please stand by for our next question. Our next question comes from the line of Meta Marshall with Morgan Stanley. Your line is open.

[Operator]

Great, thanks. Question for you on the AI security front. When customers start looking towards the AI security product adoption, just where are they looking for first, kind of the security for AI with some of the data security or agentic AI solutions, or that AI for security, kind of on the SecOps side? Thanks.

[Operator]

Sure, thank you. Our customers first started to have secure use of public AI, such as ChatGPT, Gemini, or the world. We offered the solution starting about 18 months ago. It's fairly well deployed. The goal is to make sure we secure the data so it doesn't leak out to public applications. The next piece became, how about securing my private applications, my private models that are sitting in a data center or my public cloud? For that, we recently launched an offering. We call it AI Guard. It's early stage, but it is having tremendous interest. From a futuristic point of view, the next big interest is coming from agent-to-agent communication. Zero Trust communication with all these agents, and we've got a serious amount of effort going on in this area. It is a natural area for us to work with.

[Operator]

We have been doing Zero Trust communication among workloads, users, branches, and devices. This is a natural thing, and we expect it to be a sizable opportunity for us. Thank you.

[Operator]

Thank you. Please stand by for our next question. Our next question comes from the line of Joshua Tilton with Wolfe Research. Your line is open.

[Operator]

Hey, guys. Thanks for taking my question. That's on a great end to the year. I guess what I'm trying to just get a better handle on is, it looks like if you strip out Red Canary from the guide for next year, that you guys are guiding to net new ARR growth, which does scream like it's strong. I guess what I'm just trying to understand is, is there any way you can give us a sense of what net new ARR grew this year so we can kind of gauge, you know, where you're guiding from? Are you guiding to an acceleration? Are you guiding to a deceleration? Is there anything you could help us understand for the trajectory of the net new ARR that you're guiding to for next year?

[Operator]

Thank you for the question. We are guiding for a high single-digit net new ARR growth in fiscal 2026, on an organic basis.

[Operator]

Thank you. Please stand by for our next question. Our next question comes from the line of Andy Nowinski with Wells Fargo. Your line is open.

[Operator]

Okay, congratulations on a strong finish to fiscal 2025. I wanted to ask you guys about the data security portfolio. I know $425 million was pretty impressive from an ARR perspective. I think you added about $75 million this quarter alone. I know that's a standalone suite of solutions, but it seems like those products go hand in hand with Zero Trust Everywhere solutions. I'm just wondering if you're seeing customers possibly buying both solutions, or if they will, maybe you'll see more of that trend this coming year. Thank you.

[Operator]

We are seeing data security being bought along with Zero Trust Everywhere, and many times even without that. For example, you may have Zero Trust users, and if you don't have data security, you could add data security on top of that. In many deals, a customer says, I need to save more money and remove a lot of boxes in the branches and the cloud and my data security. We have done deals where customers are moving to embrace data security and cloud and branch. Within data security, we have about eight modules, and there's an opportunity. Many times customers go from zero to four or two to five or seven, and that module count is going up.

[Operator]

To give you a little bit of a quantitative idea, only 30% of our data security customers have more than three or more modules, and only 10% have four or more modules. That means that quite a few customers who have bought inline DLP have the opportunity to sell additional modules. We are excited. We think we will have a pretty good growth rate for data security. In fact, if the data security business we have were an independent company, a standalone company, it would probably be one of the largest data security companies out there.

[Operator]

Thank you. Please stand by for our next question. Our next question comes from the line of Fatima Boolani with Citi. Your line is open.

[Operator]

Oh, good afternoon. Thank you for taking my questions. Kevin, this one's for you. It's a little bit more tactical with respect to ZFlex. About four, four and a half months of learning under your belt. Could you clarify for us if this is a vehicle or a conduit for attracting new customers, or is it principally being pitched to existing customers, whereby if you can sort of talk to us about what the downstream impact on some of your KPIs would necessarily or hypothetically be, say, from a net retention rate perspective, from a billings perspective. Anything you can help with there with regards to ZFlex's impact on the financial model, whether it's for new customers or existing customers porting over to the ZFlex program. Thank you.

[Operator]

Thanks for the question. The truth is that ZFlex is available and applicable to both new logo and existing customers. I think we actually spoke on the last conference call about the fact that ZFlex is not fundamentally changing the financial model in any way. As Jay mentioned, it does have the result of significantly increasing potential deal sizes as customers have the flexibility to deploy multiple models and have price visibility as well. There isn't any direct consequence to any of the financial metrics as a result of tactically purchasing ZFlex.

[Operator]

If I may add, we're not dependent upon consumption that's unknown. It's a known amount, TCV, over a certain amount of time. The flexibility we're giving is, for example, there may be some pricing built in if the modules are adopted on the given time. That's number one point. Two, the modules, they can be predefined rates kind of stuff. Overall, it's increasing our TCV as well as our ARR.

[Operator]

Thank you. Please stand by for our next question. Our next question comes from the line of Gray Powell with BTIG. Your line is open.

[Operator]

Great, thanks for taking the question and congratulations on the good results. I wanted to follow up on one of the earlier questions on Zero Trust Everywhere. If I just look at the components of that pillar, there's Zero Trust for users and cloud. Those are more mature components. I would guess they're the larger part of it. Then there's Zero Trust for branch, which is new. It sounds like it's getting a lot of traction. How excited can we get on the potential there? Is that demand being driven more by SD-WAN replacement, is it the segmentation piece, or is it something else? I just want to make sure I'm thinking about that correctly.

[Operator]

Yeah, so thank you. Yes, it is true that users are more matured. Cloud started out with small deployments. When customers are saying, "I never seen anything like Zero Trust Cloud, what is this?" because we are the pioneers. We really introduced the notion in the cloud, and that's growing very nicely. In the branch, we needed to offer a plug-and-play solution. With a few capabilities, which we basically evolved over time, now we have a very mature, wonderful solution. I mentioned earlier, this is an area where I don't need to do any demand gen because the demand is exceeding all our expectations. Where is it coming from? Customers have a lot of SD-WANs already deployed. Honestly, they're finding that they are not easy to manage. There's a lot of operational overhead, roundtable management. More importantly, SD-WAN enables lateral-type movement.

[Operator]

A single infected machine in one branch office can traverse the whole network. It's a mesh network and brings all other things down. That's the biggest problem we fix. That's what our customers are looking for. We replace SD-WAN or replace whatever old-school network they have in place. It's an exciting area for us. I have been personally passionate about eliminating all these firewalls in all these branches. I think we're getting closer to it.

[Operator]

Thank you. Please stand by for our next question. Our next question comes from the line of Eric Heath with KeyBanc. Your line is open.

[Operator]

Hey, thanks for taking that question. I'll echo my congrats as well. Maybe just to follow on your comments regarding Greg's question on the branch. One thing I wanted to ask you, Jay, is there was a lot of strength in the retail sector coming out of COVID, buying branch firewalls. Could you just talk about your exposure to retail and specifically as we think about fiscal 2026, calendar 2026, how you're thinking about the opportunity for Zero Trust Branch in the retail segment as we kind of come up on that five-year depreciation lifecycle in that sector?

[Operator]

Yes, retail is a great segment. In fact, if you look at where our customers are going, they want to start from the smaller branches, then to larger, and then to plants and factories. Here's a typical dialogue that goes for me with a customer. Let's start with a simple branch. What's the difference between you sitting in a branch office and you sitting at home? The answer typically is nothing. Second question, do you have an SD-WAN at home? No. Do you have it in the branch office? Yes. Do you have a corporate firewall at home? No. Do you have it in the branch office? Yes. Why? The only reason is we've always done it that way. We are starting with the low-end firewalls, which are relatively easy. We go to the next level. Retail is a fairly easy and simple segment.

[Operator]

Yes, there are some very large stores out there, but lots and lots of retail stores are straightforward and simple. They're very similar to each other, so the deployment rollout becomes easier. We're counting on retail among other areas for our business growth for Zero Trust Branch in FY 2026.

[Operator]

Thank you. Our next question comes from the line of Patrick Colville with Scotiabank. Your line is open.

[Operator]

Thank you for taking my question. This one is for Jay or Kevin. When I look at the metrics you disclosed around the proportion of net new ACV from ZPA, ZIA, and then emerging products, to me, one of the kind of big standouts this fiscal year was the kind of inflection up in emerging products. If I got it right, going from 22% of new ACV to 27%. Can you, I guess, just double-click on where you think that might go in fiscal 2026? Also, you know, it seems like there's just a lot of health left in ZPA and ZIA. Just talk about where that continued momentum from those, you know, core products is coming from. Thank you.

[Operator]

Yeah, very good question. We have been very pleased with the contribution of emerging products. We delivered good results, very pleased with it. As we move forward, I think we are shifting our focus on three significant growth vectors to better package that and leave them as one bucket of emerging products. AI security is one, Zero Trust Everywhere being two, and data security being three. These three areas for us are actually billion-dollar in ARR. We'll be tracking each of these three segments for us to grow. We already talked about data security growing at a very good pace at scale. AI security is somewhat smaller, but we expect it to grow at a faster pace as well. ZPA is the heart of all the Zero Trust communication. The overall strength of ZPA will be good.

[Operator]

We added some of the Zero Trust segmentation, micro-segmentation offerings for workloads for ZPA. We expect ZPA to give us good growth as well. Overall, I think our portfolio is growing very rapidly. The main thing I'm personally focused on is to make sure the sales execution, which we did very well in fiscal 2025, keeps on getting better and better in fiscal 2026.

[Operator]

Thank you. Our next question comes from the line of Joseph Gallo with Jefferies. Your line is open.

[Operator]

Hey, guys. Thanks for the question. I wanted to follow up on Josh's earlier question. Kevin, I appreciate all the guidance color. Given this is your first fiscal year guidance, can you just talk through your methodology, maybe relative to Zscaler's historical approach, any changes to process, and then just any considerations for macro or Fed in your guidance? Thank you.

[Operator]

Yeah, thank you for the question. There is no fundamental shift in guidance philosophy. I think we have historically been prudent with how we've set our guidance, and I expect to continue that. Fed in particular was about high single digits as a % of the business in 2025. We're expecting similar performance going forward. Fundamentally, you should not expect anything, any philosophical or shifts in methodology with respect to guidance. The only obvious change is we are moving from billings to ARR going forward, as we believe that metric is better aligned to our go-to-market and how we're running the business today.

[Operator]

If I may add, regarding the macro, we aren't expecting any meaningful change in macro. Macro pretty much has kind of remained the way it is, so no changes assumed in that.

[Operator]

Thank you. Our next question comes from the line of Brian Essex with JP Morgan. Your line is open.

[Operator]

Hi, good afternoon, and thank you for taking the question. Jay, I appreciate the comments on agentic SecOps and agentic ITOps. I would love if you could maybe peel back a layer and help us understand some of the conversations that you're having with customers, particularly from the perspective of, you know, are they primarily focused on what you've done combining like Avalor and Red Canary for more of a streaming-based analytics platform, particularly on the SecOps side? Or are they leveraging that to address AI, or are they leveraging that to target more kind of like legacy SIM business? I know everyone's kind of pointing their finger at, you know, displacing Splunk and QRadar type business. We'd love to hear a little bit more about your conversations and how you're leveraging into that space.

[Operator]

Yes, so agentic operations for us fall into two broad buckets. One is security operations. Here, we are combining a number of products we built, Unified Vulnerability Management that Avalor brought to us, asset exposure management we built on our data fabric platform. Then we basically are building the SecOps, taking agentic technology from Red Canary together. We think this is going to accelerate us to become a leading player in the area where, in the new world, we don't think customers should be paying for building these data lakes. I think customers should be paying for outcomes, and that's the model we're building towards, based on outcomes, don't charge it, based on how many gigabytes of data is coming to you. That's one part. The second part, what we call is agentic IT operations.

[Operator]

AI and agents can help us to figure out performance issues, and they fall into two buckets. One is user performance. Here, we've taken our ZDX product, added a bunch of agentic technology to make sure we can identify and troubleshoot those things very quickly. Next, we are expanding our ZDX to non-human entities. That's machine-to-machine. As more and more of these agents and models will talk to each other, their detection of performance latency issues will become important, and we're in a good position to detect and identify them. Both areas are big opportunities for us, traditional security operations disruption, as well as performance and troubleshooting that is needed for a lot of these applications and users. I hope that helps.

[Operator]

Thank you. Our next question comes from the line of Shrenik Kothari with Baird. Your line is open.

[Operator]

Yeah, thanks for taking my question. Congrats on the great execution. Jay, just to double-click onto AI security, right? You mentioned, of course, one of the key focus areas, securing agentless workloads and user-to-agent. That's quite distinct from the legacy posture. Since AI is evolving fast and the new billion-dollar opportunity, can you elaborate how that plays into the new logo focus now, that you highlighted at Zenith Live? In light of this new AI security opportunity, can you elaborate on how you are adjusting go-to-market as well across new logo and platform? Thanks a lot.

[Operator]

First of all, we have both big opportunities. If you're a new logo, sitting at about 45% of Fortune 500 or nearly 40% of Global 2000, there's plenty of market on the high end, the market where we do it really well. The platform is so big that we can keep on upselling and upselling. Both opportunities are big. With that, we don't really focus and say, you've got to do new logos. We do provide some financial incentive for new logos. Now, when it comes to solutions like AI security or some of the new solutions we do, generally, not always, generally, our customer base is much easier to sell because we've got so much credibility. We've got relationships with the CIO at the CISO level. We're able to go.

[Operator]

In fact, we are able to build some of these solutions with some of these customers as design partners with us. If I have to tell you, most of the new stuff we bring in, the majority of that will come from upsell opportunities, but there are many solutions that are opening doors for new logos as well.

[Operator]

Thank you. Please stand by for our next question. Our next question comes from the line of Todd Weller with Stephens. Your line is open.

[Operator]

Yes, good afternoon. Thanks for taking the question. Jay, just to follow up on the SecOps piece of agentic operations, when do you anticipate kind of having that full-fledged kind of next-gen SOC platform available? What's your take on kind of filtering pipeline capabilities? At Zenith, one of your SI partners did a presentation where they combined data fabric with Cribble to upgrade a customer to a next-gen platform. Obviously, CrowdStrike just made a move there. Curious to your thoughts on that.

[Operator]

It's a good question. You know, we look at the overall big picture in the data area in two main buckets. Exposure management is one of them, and security operations and threat management is the second one. First of all, this exposure management is a fragmented market today. No one really dominates the market out there. This is where a number of our products built on top of our data fabric are offering good opportunities for us. This is where your Unified Vulnerability Management comes in. This is where your asset exposure management, attack surface management, as well as our Risk360 comes in. That's one bucket. Fairly well-differentiated, unified, offered by one vendor rather than five different point product vendors. Now, moving to the right side, which is a security operations area. Yes, this has been done in a traditional way.

[Operator]

Here's my massive data lake or delta lake, and here are my tools on top of that. Our data fabric approach allows us to bring in logs, but synthesize them and really create entity relationships. I don't really need to keep all these logs. My security analysts don't need to go against a billion logs a day. Architecturally, they're very different. We're going in in an incremental fashion. I think over the coming few quarters, we'll be able to say we take care of the whole thing. It's kind of a journey. Even if I had everything today, a customer will take a few quarters to get out of where they need to. We are moving towards pretty rapidly to offer a solution where you can replace whatever pieces you need to replace.

[Operator]

Having said that, we are not against the notion that if I got, say, 100 TB of data sitting in my old-school thing, if I can take out 50 TB of it in the first three or four months, I'm going to cut the cost into half to start with. It may take a couple of quarters to remove the rest of it. We look at it as a phased, meaningful approach, working with the customers as a partner. Red Canary starts playing an important role. I was talking to the CISO, a very large customer, a Zscaler customer, who a couple of quarters ago bought Red Canary. In fact, they need Red Canary. He said, "My current SIM solution can't find some of the threats I can find with the help of Red Canary." Red Canary can play a very good complementary role there as well.

[Operator]

We think we all got all the key pieces to execute in this market, which is ready to be disrupted.

[Operator]

Thank you. Our next question comes from the line of Adam Borg with Zscaler. Your line is open.

[Operator]

Awesome. Thanks so much. Thanks so much for taking the question. Maybe just building off the last question on Red Canary. Obviously, great to see the acquisition close, big part of the agentic operations opportunity. Maybe you could just remind us of the top R&D and sales and marketing priorities as we play out this year. Thanks so much.

[Operator]

Sorry, can you repeat the last statement you made?

[Operator]

Sure. Just the top R&D and sales and marketing priorities for fiscal 2026.

[Operator]

Overall for Zscaler?

[Operator]

Specifically for Red Canary.

[Operator]

Okay. Number one, the acquisition we made was driven by technology. Our teams are working well together to make sure we can take the agentic technology, and they have very sophisticated agent technology for detection and investigation that gets integrated with our data fabric. We build a strong solution that can be taken to market, number one. Number two, Red Canary's sales team is acting like a specialist team for these security operations and getting leverage from Zscaler's wider sales team that can uncover opportunities. Red Canary's team is a specialist team that can close deals and grow business. MDR remains an important part of the business for us at Red Canary, and we keep on focused on serving those customers. Now, the data gets better, the brand gets better, the opening door gets better.

[Operator]

We are expecting good results on both the product integration side as well as go-to-market execution side. All is going very well so far.

[Operator]

Thank you. Please stand by for our next question. Our next question comes from the line of Andrew Degasperi with BNP Paribas. Your line is open.

[Operator]

Thanks, and congrats on the $3 billion milestone. That's something to be proud of. One question I had is on the guidance for Red Canary contribution for this year. I think on the last earnings call, you said it would contribute about half of the $140 million of ARR. I think now you're saying it's about $95 million. I'm just wondering, is that 35% increase driven by anything, or is that what the asset is growing at, or are you doing something different based on the answer to the last question you just made?

[Operator]

Yeah, thanks for the question. The commentary on the last call was with respect to how much we would anticipate recognizing at the close. What we ultimately determined at the closing is that we recognized $83 million of ARR. We are assuming low double-digit growth in the Red Canary business for 2026, and for the guidance for 2026, we've assumed $95 million in contribution from Red Canary. The last thing I would just keep in mind is, you know, MDR providers have historically had higher churn rates in our business, and this is a new business segment for us. While we are engaging very closely with Red Canary customers and considering all the different moving parts here, we are taking a prudent approach to how we're treating their ARR.

[Operator]

Thank you. Ladies and gentlemen, due to the interest of time, I would now like to turn the call back over to Jay for closing remarks.

[Operator]

Thank you all for your interest in Zscaler. We look forward to seeing you in many of the investor conferences we plan to attend. Thank you for your time.

[Operator]

Ladies and gentlemen, that concludes today's conference call. Thank you for your participation. You may now disconnect. Goodbye.