DruckFin

Zscaler CEO: "Agentic AI Is the Biggest Unsolved Problem in Security — and We're Launching the Solution Next Week"

Bank of America Global Technology Conference, June 3, 2026 — Jagtar Chaudhry makes the case that markets are sleeping on Zscaler's AI security positioning

Zscaler CEO Jagtar Chaudhry used his appearance at the Bank of America 2026 Global Technology Conference to deliver what amounted to an investor re-education session, arguing that the market has systematically misread both the company's recent financial performance and its strategic positioning in artificial intelligence security. The candor was notable. Chaudhry opened by acknowledging that he believes he has not done a good enough job explaining the company to investors — and then spent the better part of an hour trying to fix that.

The AI Security Launch Nobody Is Talking About

The single most important disclosure from the session is one that has received almost no attention: Zscaler is set to launch a dedicated Zero Trust solution for AI agent-to-agent communication at its annual user conference the following week. Chaudhry framed this as the defining unsolved problem in enterprise AI security, and he cited an Anthropic white paper published just two days prior as independent validation. "I looked at it and said, they wrote what I would have written, literally," he said. "Their stuff was that agent-to-agent communication must happen through Zero Trust, not through the firewall. We actually have been building that solution." The implication for investors is significant: if agentic AI proliferates at the pace most technology forecasters expect, the surface area that needs to be secured grows exponentially, and Zscaler believes its inline proxy architecture makes it the structurally advantaged vendor for that traffic.

Chaudhry was pointed about where he believes the market has gotten the AI narrative wrong for Zscaler. He flagged that the company was part of the Glasswing project with the U.S. government from day one, but missed the initial press release window, allowing competitors to claim the AI security headline. "Only two companies that are listed there are actually AI-ahead in the market," he said, expressing frustration that the market has discounted Zscaler's position. He acknowledged this was partly a self-inflicted communications failure. His expectation is that real revenue numbers from AI security, beginning in coming quarters, will do more to change investor perception than any press release.

Zero Trust Everywhere: The Expansion Story Within the Existing Base

Chaudhry pushed back firmly against the framing of Zscaler as a ZIA and ZPA story. The more meaningful growth metric, in his telling, is the adoption of what the company calls Zero Trust Everywhere — the extension of Zero Trust principles from users to branches, cloud workloads, and devices. The number of customers deploying all four dimensions stood at 700 at the time of the conference, up from 550 the prior quarter. When a customer moves from user-level Zero Trust to Zero Trust Everywhere, he said, ARR either doubles or triples. That is not a cross-sell in the conventional sense; it is a structural expansion of the contract within an architecture the customer has already committed to. The competitive moat here is architectural. Firewall vendors, he argued, simply cannot replicate this because their products are not built as inline proxies. "It's like internal combustion engine car companies fighting against electric cars and saying, forget it, I'm better."

Data Security: A Half-Billion ARR Business Still Growing Above 30%

Chaudhry made a point of calling out the data security business as systematically underappreciated. With over $500 million in ARR and growth above 30% year-over-year, he argued it would be the largest standalone data security company if spun out independently. The evolution started with inline DLP and has since expanded to include CASB, SaaS security, endpoint DLP, email DLP, cloud storage security for environments like S3, and most recently DSPM — data security posture management, which handles discovery and classification. His competitive argument is structural: data loss prevention only works if you are already sitting in the traffic path. Asking a new vendor to insert itself into that path is, as he put it, "a big ask." Zscaler already lives there. DSPM-only vendors, by contrast, face the opposite problem — they can discover and classify data, but they cannot stop it from leaving. "They will have to do DLP to be successful in data security, and we are ahead of anyone in this area."

On the Quarter: Conservative Guidance, Not a Deteriorating Business

Chaudhry addressed the disconnect between Q3 results and the stock's reaction directly. The beat on all metrics was not in dispute. The issue was forward guidance, which he attributed to two factors: the departure of two sales leaders reporting to the CRO — one for personal reasons, one for a pre-IPO AI company opportunity — and uncertainty around the pace of customer uptake for a new integrated product built on the Red Canary acquisition, which was being showcased at the user conference the following week. He described the guidance posture as "prudent" by the CFO's own characterization. On the broader market, he was unambiguous: "The market for cyber has never been hotter. Methos has further put fuel to the fire. They're probably the biggest tailwind since COVID for our company."

Net new ARR growth tells the cleaner story. After stalling in the low single digits in fiscal 2024, growth recovered to around 7% for fiscal 2026, with the first half running at approximately 10% and the most recent quarter printing at 14%. The sales transformation that began roughly two and a half years ago, modeled on the ServiceNow account-centric approach under CRO Mike Rich, is now largely complete by Chaudhry's account. The guidance conservatism reflects a specific, named transition event, not a structural shift in demand.

Z-Flex Crosses $1 Billion in Bookings, but Creates an ARR Headwind

The Z-Flex program, which gives customers the ability to swap between products within price bands, stagger deployment timelines, and access pre-negotiated rate cards for new products, has exceeded internal expectations and has now crossed $1 billion in cumulative bookings. Most Z-Flex deals are structured as five-year contracts, which is a favorable duration signal. Chaudhry was candid, however, that the staggered revenue recognition mechanics create a near-term ARR headwind — the company only recognizes ARR for the next twelve months of a Z-Flex commitment, even if the full contract value is larger. He was also direct about the deployment risk that comes with flexible purchasing programs, noting that he personally reviews deployed versus undeployed product metrics monthly and that product leader compensation is tied to deployment rates.

On Competition: Firewall Vendors Are Losing the Architecture Debate at the High End

Chaudhry was dismissive of competitive pressure from Cisco, Fortinet, and Check Point at the enterprise tier, though he acknowledged procurement teams use firewall vendor bids as price leverage. His counter-positioning in those conversations is to attack the firewall budget itself — offering to bring a $20 million firewall spend down to $10 million in exchange for an $8 million Zscaler contract. "When the customer sees the math, it becomes a no-brainer." He described Microsoft's Entra Internet Access and Private Access products as largely non-events at the high end of the market, three and a half years after their launch. "I don't even recall the last time I had to say, man, we are competing with Microsoft." The caveat, which he offered himself, is that his data points skew toward large enterprise where Zscaler's architectural advantages are better understood.

Go-to-Market: Adding Reps in the 2,000-to-10,000 Employee Segment

Zscaler currently counts over 45% of the Fortune 500 as customers. At the broader enterprise level — companies with more than 2,000 employees — the company estimates roughly 4,500 customers out of an addressable universe of approximately 20,000, implying about 23% penetration. That white space is where incremental go-to-market investment is being directed, with new sales reps being added specifically in the 2,000-to-10,000 employee segment, more aggressive compensation structures for new logo wins, and increased reliance on value-added resellers for coverage at that tier. The message to investors is that new logo growth and upsell are not trade-offs — both levers are available simultaneously, which is a structural advantage of a platform that keeps expanding its product surface area.

The CISO-follows-us dynamic also came up as an underappreciated growth mechanic. Chaudhry cited hundreds of cases where a CISO who deployed Zscaler at one company brought it into their next role, and often the one after that. The morning of the conference, he said he received an email from a CISO who had just joined a Fortune 10 company — their third Zscaler deployment — noting that Zscaler was already in place and the question was just how far to expand it.

The Macro Tailwind and the AI Agent Catalyst

Chaudhry's closing argument — and the one he clearly wanted investors to carry away from the session — was that the threat environment created by nation-state actors, particularly in light of recent high-profile breaches, is accelerating enterprise demand for genuine Zero Trust architecture in a way that no marketing campaign could replicate. Patching alone cannot contain modern attackers; Zero Trust limits blast radius when breaches occur. The arrival of AI agents, which will communicate with each other at massive scale across enterprise networks, makes that architecture not just useful but necessary. Zscaler's launch of a purpose-built solution for that problem, timed to a major customer conference, is the most concrete near-term test of whether the company can translate strategic positioning into bookings momentum. The market will find out shortly.

Read Next

Motorola Solutions: D-Fend Acquisition Reveals a $1B Counter-Drone TAM Set to Triple by 2030, While SVX Body Camera Targets Axon's Tier 1 Stronghold

2026-06-04

William Blair: Manhattan Associates Posts Back-to-Back Record Booking Quarters Amid Market Turmoil — AI Agents Delivering 6–30% Shipment Lift in Production

2026-06-04

Figure Technology Solutions: The Only Blockchain Lender With AAA Ratings and $1.4 Billion in Monthly Volume Is Now Building the Fannie Mae of Tokenized Credit

2026-06-04

Lumentum: Supply Constrained Today, Scale-Up Tsunami Coming in 2028

2026-06-04

ON Semiconductor: From $5K to $115K Per Rack — The 800-Volt Opportunity Wall Street Is Underestimating

2026-06-04
Disclaimer: This article is for informational purposes only and does not constitute investment advice or a recommendation to buy, sell, or hold any security. Our analysts provide detailed coverage of corporate events but can make mistakes, always conduct your own due diligence. The views and opinions expressed do not necessarily reflect those of DruckFin. We have not independently verified all information used herein, and it may contain errors or omissions. Before making any investment decision, consult a qualified financial advisor. DruckFin and its affiliates disclaim any liability for any losses arising from reliance on this content. For full terms, see our Terms of Use.