Breaking
Zscaler crosses $3B in annual recurring revenue Zero Trust Exchange inspects 500B+ transactions daily Red Canary acquired for ~$675M to build the autonomous SOC Roughly 26% of the Fortune 1000 are customers Trades on NASDAQ as ZS since 2018 Founded 2007 in San Jose, California Zscaler crosses $3B in annual recurring revenue Zero Trust Exchange inspects 500B+ transactions daily Red Canary acquired for ~$675M to build the autonomous SOC Roughly 26% of the Fortune 1000 are customers Trades on NASDAQ as ZS since 2018 Founded 2007 in San Jose, California
Company Dossier / Cloud Security

Zscaler.

The company that decided the corporate network perimeter was already gone - and rebuilt enterprise security in the cloud.

NASDAQ: ZS Zero Trust Founded 2007 San Jose, CA $3B+ ARR
Zscaler logo
ZSCALER, INC. - the electric-blue wordmark of a cloud-security company that routes the traffic of thousands of enterprises through its Zero Trust Exchange. Photographed as a brand mark, San Jose, California.
Share LinkedIn Twitter / X Facebook Instagram
The Story

Security that follows the user, not the building

For two decades, enterprise security had a shape. It was a wall - firewalls, VPN concentrators, and appliance stacks guarding the edge of a corporate network, with everything trusted on the inside and everything suspect on the outside. Then people started working from home, applications moved to the cloud, and the wall found itself defending an empty castle.

Zscaler was built on the premise that this shift was permanent. Founded in 2007 in San Jose, California, by security entrepreneur Jay Chaudhry and technologist K. Kailash, the company set out to move security off the appliance and into the cloud. Instead of hauling a remote worker's traffic back to a data center to be inspected, Zscaler proposed inspecting it in a globally distributed cloud that sits between every user and every application they touch.

That cloud is the Zero Trust Exchange, and it is the heart of the company. The name Zscaler itself is a contraction of "zenith of scalability" - the founding ambition to secure internet traffic at enormous volume. Today the platform inspects more than 500 billion transactions on a typical day, a figure that includes vast amounts of encrypted traffic that legacy hardware often waves through untouched.

"We connect users to applications, never to the network - so there is nothing for an attacker to move through." Zscaler's zero trust positioning

The distinction sounds academic until you consider how most breaches actually spread. An attacker rarely wins by breaking a single door; they win by getting onto a network and moving sideways, one system to the next. Zscaler's model removes the network from the equation. A user is connected to the specific application they are authorized to reach and nothing else, and the company's cloud never exposes an inbound listening port to the open internet. There is, by design, no front door to knock down.

By the Numbers

Zscaler at scale

2007
Founded
500B+
Daily transactions
$3B+
Annual recurring revenue
~26%
Of the Fortune 1000

Figures drawn from Zscaler public filings and disclosures for fiscal year 2025 (ended July 31, 2025). Treat point-in-time metrics as approximate.

How It Works

What actually happens to your traffic

The mechanics are easier to picture than the jargon suggests. Every request a user makes - to a website, a SaaS app, or a private internal system - is routed to the nearest node of Zscaler's cloud. There the request is checked against policy, decrypted and inspected for threats and data leakage, and then brokered to its destination if it passes.

👤
User / Device
🛡️
Zero Trust Exchange
🔍
Inline Inspection
☁️
App / Internet

No backhaul to a data center. No VPN placing the user on the network. Every connection is verified, inspected, and brokered directly to a single authorized destination.

The Problem It Solves

The old model vs. the cloud model

Legacy perimeter security

  • Traffic backhauled to a data center to be inspected
  • VPNs place remote users directly on the network
  • Trusted "inside" enables lateral movement in a breach
  • Inbound ports and appliances form an attack surface
  • Hardware stacks are slow to scale and costly to refresh

Zscaler Zero Trust Exchange

  • Traffic inspected inline in a distributed cloud
  • Users connect to specific apps, never the network
  • No implicit trust - every request is verified
  • No inbound ports exposed to the internet
  • Cloud capacity scales elastically with demand
Products & Services

One platform, several front doors

Flagship / 2008

Zscaler Internet Access

A cloud-delivered secure web gateway and Security Service Edge (SSE) that secures access to the internet and SaaS apps with inline threat inspection, TLS decryption, firewall, and data loss prevention.

ZTNA / 2016

Zscaler Private Access

Zero trust network access to private applications without a VPN - connecting a user to a specific app rather than exposing the whole network.

Monitoring / 2019

Zscaler Digital Experience

Measures application, network, and device performance end to end so IT can find and fix the source of a slow or broken user experience.

Data / 2020

Zscaler Data Protection

Unified DLP and CASB capabilities protecting sensitive data across web, SaaS, email, endpoints, and cloud.

Cloud / 2021

Cloud Protection

Workload security and cloud posture management (CNAPP) for public, private, and hybrid cloud environments.

AI / 2025

Security Operations & Data Fabric

An AI-driven security operations layer, strengthened by the Red Canary acquisition, aimed at an increasingly autonomous SOC with agentic threat detection and response.

Business Model & Market

Boring infrastructure, big contracts

Zscaler sells cloud security as a subscription. Contracts are typically multi-year and priced per user, packaged into tiered bundles with add-on modules, and sold both directly and through channel partners and cloud marketplaces. The result is a heavily recurring revenue base, which the company tracks as annual recurring revenue - a figure that surpassed $3 billion in fiscal 2025.

Where it sits in the market is as a pure-play. Zscaler competes on one idea, executed deeply: securing the connection between a user and an application, everywhere, all the time. That focus is also its main line of differentiation. Platform giants such as Palo Alto Networks, Cisco, Microsoft, and Fortinet extend larger franchises - firewalls, identity, networking - into the same space, while network-led rivals like Cloudflare and Cato Networks argue that their global edge is the differentiator. Zscaler's counter is that it was cloud-native from day one and never had to bolt cloud onto a hardware business.

Illustrative competitive landscape (relative positioning, not market share)
Zscaler
Palo Alto (Prisma)
Netskope
Cloudflare
Cisco / Microsoft

Bars are an illustrative sketch of how analysts group Security Service Edge players - not audited market share.

The People

A serial founder's fifth act

Jay Chaudhry had already founded and sold four security companies - SecureIT, CoreHarbor, CipherTrust, and AirDefense - before starting Zscaler. What set the fifth apart was that he kept it. Rather than raise venture capital early, he funded the company's first years with roughly $50 million of his own money, and later took it public in 2018.

JC
Jay Chaudhry
Co-founder, Chairman & CEO

An Indian-American technology entrepreneur with more than 25 years in the security industry, including roles at IBM, NCR, and Unisys. He founded four security companies that were all acquired before building Zscaler, which he bootstrapped largely with his own capital.

KK
K. Kailash
Co-founder

Co-founded the company - originally incorporated as SafeChannel, Inc. - and helped architect the early multi-tenant cloud that became the Zero Trust Exchange.

Milestones

From SafeChannel to $3B ARR

2007

Founded as SafeChannel

Jay Chaudhry and K. Kailash start the company in San Jose to build cloud-delivered security, later rebranding to Zscaler.

2008

Zscaler Internet Access launches

The first product ships - a cloud-native secure web gateway - establishing the multi-tenant cloud architecture.

2016

Zscaler Private Access debuts

Zero trust network access lets users reach private apps without a VPN.

2018

IPO on NASDAQ

Zscaler goes public under ticker ZS at $16 per share; shares roughly double on the first day of trading.

2019-21

Platform expands

Digital experience monitoring, unified data protection, and cloud workload security broaden the Zero Trust Exchange.

2025

Crosses $3B ARR and acquires Red Canary

Annual recurring revenue passes $3 billion; Zscaler acquires Red Canary (~$675M) to build AI-driven security operations.

Watch

Interviews & product demos

Worth Knowing

Details that amuse and inform

FAQ

Questions people ask

What does Zscaler actually do?
Zscaler provides cloud-delivered cybersecurity. Instead of routing traffic through on-premise firewalls, it connects users and devices directly to applications through its Zero Trust Exchange, inspecting all traffic in the cloud for threats and data loss.
What is the Zero Trust Exchange?
It is Zscaler's core platform - a globally distributed cloud that brokers every connection between a user and an application. It assumes the network is hostile, verifies each request, and connects users to specific apps rather than to a network, minimizing attack surface.
How is Zscaler different from a VPN or firewall?
A VPN puts a user on the network, exposing it to lateral movement; a firewall defends a perimeter that no longer exists for cloud and remote work. Zscaler connects users only to authorized applications over the internet and inspects traffic inline in the cloud, with no inbound ports exposed.
Who uses Zscaler?
Large enterprises, governments, and public-sector organizations - roughly 26% of the Fortune 1000 - across industries including finance, manufacturing, healthcare, technology, and government.
Is Zscaler a public company?
Yes. Zscaler, Inc. trades on the NASDAQ under the ticker ZS following its 2018 IPO, and it surpassed $3 billion in annual recurring revenue in fiscal 2025.