Investor Overview

100% cloud-based SaaS subscription business model

  • First mover in 2007, now at scale
  • Redefining network security, with the world’s largest inline security cloud platform

  • $72B market opportunity - 4x since IPO - plus billions of IoT/OT devices
  • 6x upsell opportunity for ZIA and ZPA alone

  • Digital transformation is top-of-mind
  • Cloud shift, mobility, rising cybersecurity threats, IoT/OT, 5G

  • Unique architecture, in the path of customer data, creating measurable value
  • Virtuous cycle of growing scale, focused innovation, and data / insight

Key Metrics

Leader in
Cloud Security


Annual Recurring

Strong Growth and Cash Flow:
Above “Rule-of-40”



Revenue Growth



Free Cash
Flow Margin

Highly Scalable
Cloud Economics


(FY’23, Non-GAAP)

Gross Margin

Proven Land &
Expand Model


Dollar Based
Net Retention

Latest Quarterly Results

Latest Quarterly Results





32% Revenue





30% Billings





27% RPO


Customers $1M+ ARR




Customers $100K+ ARR​




Of the


Of the


Operating Margin


Free Cash
Flow Margin


Dollar-Based Net
Retention Rate


Cash & Short-
Term Investments

We delivered an outstanding quarter driven by growing customer interest in our Zero Trust Exchange platform. As threat actors evolve and continue to exploit firewall-based security, Zero Trust security remains a top IT priority, and an increasing number of enterprises are adopting our platform. To meet this demand, we are accelerating innovation, expanding our platform and building a strong go-to-market team to scale our business to $5 billion and beyond in ARR.

Jay Chaudhry

Jay Chaudhry

Chairman and CEO of Zscaler

Zscaler Built From Scratch

Cloud Edge Architecture
+ Control Plane
+ Enforcement Plane
+ Logging Plane

A highly scalable and ultra-fast multi-tenant cloud security architecture

  • Over 400 patents issued and pending
  • Multi-tenant architecture
  • Distributed across 150+ edge locations
  • Direct peering with the largest Internet destinations
Explore our infographic

Control plane

Zscaler Central Authority (CA) monitors our entire security cloud and provides a central location for software and database updates, policy and configuration settings and threat intelligence. The collection of CA instances together act like the brain of the cloud, and they are geographically distributed for redundancy and performance.

Data plane

Customer traffic gets directed to the nearest Zscaler Enforcement Node (ZEN), where security, management and compliance policies are enforced. Our differentiated authentication and policy distribution mechanism that enables any user to connect to any ZEN at any time to ensure full policy enforcement. ZEN utilizes a full proxy architecture for in-line traffic inspection and is built to ensure data is not written to disk to maintain the highest level of data security. Logs are continuously created in memory and forwarded to our logging module.

Log Plane

Compressed logs are transmitted to our Nanolog Servers over secure connections and multicast to multiple servers for redundancy. Our dashboards provide visibility into our customer’s traffic to enable troubleshooting, policy changes and other administrative actions. Our analytics capabilities allow customers to interactively mine billions of transaction logs to generate reports that provide insight on network utilization and traffic. Regardless of where users are located, customers can choose to have logs stored in the US, the EU or Switzerland as well as streamed to a third-party SIEM.

Platform Extensibility with SSMA

The Zscaler Zero Trust Exchange employs a single-scan, multi-action (SSMA) architecture to minimize latency, improve user experience, and enable an integrated, extensible platform.


Traffic is entered into memory only once


Multiple security engines simultaneously inspect the packet


New inspection engines can be added over time, without impacting performance

Single Scan Multi-Action Flow
SSL Inspection

SSL/TLS Inspection at Scale
with Proxy Architecture

Zscaler has invested heavily into building a ‘proxy' based architecture that deeply inspects network traffic at an enormous scale, including SSL/TLS encrypted traffic. Think about it like a postal service.


Stop every envelope, open and inspect the contents…
if all is safe, then seal the envelope and send to recipient

Next-Gen Firewall

As an envelope passes, read the shipping label…
if it seems OK, then let it flow past

Industry Reports & Corporate Presentations

Data Sheet

Zscaler Q3'24 Investor Datasheet


Seven Elements of Highly Successful Zero Trust Architecture

Industry Report

Gartner Market Guide for Zero Trust Network Access (ZTNA)

Industry Report

Gartner Report: Magic Quadrant for Security Service Edge