Zscaler Inc

NASDAQ:ZS

Good day, and thank you for standing by. Welcome to the Zscaler First Quarter 2026 Earnings Call. [Operator Instructions] Please be advised that today's conference is being recorded. [Operator Instructions]

I would now like to hand the conference over to your speaker today, Ashwin Kesireddy, VP IR and Strategic Finance.

Good afternoon, everyone, and welcome to the Zscaler First Quarter Fiscal Year 2026 Earnings Conference Call. On the call with me today are Jay Chaudhry, Chairman and CEO; and Kevin Rubin, CFO. Please note we have posted our earnings release and a supplemental financial schedule to our Investor Relations website.

Unless otherwise noted, all numbers we talk about today will be on an adjusted non-GAAP basis. You will find the reconciliation of GAAP to the non-GAAP financial measures in our earnings release.

I'd like to remind you that today's discussion will contain forward-looking statements, including, but not limited to, the company's anticipated future revenue, annual recurring revenue, calculated billings, operating performance, gross margin, operating expenses, operating income, net income, free cash flow, dollar-based net retention rate, future hiring decisions, remaining performance obligations, income taxes, earnings per share, our objectives and outlook, our customer response to our products and our market share and market opportunity.

These statements and other comments are not guarantees of future performance, but rather are subject to risk and uncertainty, some of which are beyond our control. These forward-looking statements apply as of today, and you should not rely on them as representing our views in the future. We undertake no obligation to update these statements after this call. For a more complete discussion of the risks and uncertainties, please see our filings with the SEC as well as in today's earnings release.

I also want to inform you that we'll be attending the following conferences: UBS Global Technology and AI Conference on December 3, Barclays Tech Conference on December 11, Needham Growth Conference on January 1.

Before I turn the call over to Jay, I wanted to share that I recently transitioned to a new role as Product Manager of AI Security at Zscaler. So this will be my last earnings call as the IR leader. It's been a pleasure engaging with all of our shareholders over the last few years. Kim Watkins, who some of you may know from her tenure at Intuit, will be joining Zscaler in early December to lead Investor Relations and Strategic Finance. Please join me in welcoming Kim to Zscaler.

Now I'll turn the call over to Jay.

Thank you, Ashwin. We had a strong start to our fiscal year. In Q1, annual recurring revenue or ARR growth accelerated to 26% year-over-year, and RPO growth accelerated to 35%, combining our strong free cash flow margin of 52% and revenue growth of 26%. We operated at rule of 78, making us one of the rare companies consistently outperforming the coveted Rule of 40 metric. We are one of the only five enterprise SaaS companies with over $3 billion in ARR, growing at over 25%. The continued success of our three growth pillars, AI security, Zero Trust everywhere and Data Security Everywhere is driving our strong top line performance.

ARR from these three growth pillars accelerated in the quarter. I'm particularly pleased with our AI security pillar, which grew over 80% year-over-year and has already exceeded our FY '26 target of $400 million ARR, three quarters earlier than expected. With the strong demand, I expect AI Security ARR to exceed $0.5 billion by the end of this fiscal year.

Diving deeper into our AI security pillar, while enterprises are leveraging AI to drive innovation and accelerate productivity, the proliferation of AI is also making them increasingly susceptible to attacks. One of the largest AI companies recently reported that a bad actor hijacked its AI coding assistant to autonomously perform a large-scale cyber attack against multiple organizations.

This incident highlights two important trends. First, threat actors are using AI to dramatically increase the speed, effectiveness and blast radius of attacks. We have been predicting an increase in this type of automation by AI agents and we are now seeing it happen. Second, just like users and organizations, AI agents are also becoming the weakest link in their security. It is only a matter of time before millions of AI agents interact with each other across enterprises. Imagine a threat actor, hijacking even one of an organization's trusted agents and thereby accessing critical corporate resources and sensitive information resulting in a serious breach.

We have a long history of securing users with our Zero Trust Exchange, which enabled our customers to safely adopt the latest technologies such as mobile, cloud and SaaS. Over 45% of Fortune 500 companies and nearly 40% of the global 2,000 companies have adopted our Zero Trust Exchange and trust Zscaler to secure their businesses. With the rise of consumer Gen AI applications, including ChatGPT, Perplexity and more, security issues related to access control, data loss and content moderation made enterprises cautious about allowing employees access to these popular apps. We extended our Zero Trust Exchange to provide visibility into thousands of Gen AI apps, enabling enterprises to inspect prompts and responses and enforce proper guardrails for safe and secure use of Gen AI apps.

Several large enterprises adopted our Gen AI solution in the quarter, including a G2K technology company, a Fortune 500 communications equipment company and a large health care software provider. As AI adoption moved beyond consumer Gen AI apps into building and running enterprise AI applications, we introduced solutions in three key categories to secure them.

First, AI asset discovery and posture management. AI applications and agents are being developed, and deployed today without full visibility for IT teams to safeguard them to provide organizations with visibility and control. Last year, we introduced an AI asset discovery solution called AI-SPM. AI-SPM can detect unauthorized AI applications, prevent over permissions for AI agents and strengthen governance for model deployments. In Q1, several customers, including a leading software solution provider, a global 2000 manufacturer and a leading insurance company purchased AI-SPM from Zscaler. With our recent acquisition of SPLX, we are extending our AI-SPM capabilities by unifying discovery of LLMs, workflows and MCP servers. These capabilities enable customers to meet evolving regulatory requirements for AI to be transparent and explainable, among others.

The second key area of innovation is AI red teaming. As part of AI life cycle, customers need to regularly test the applications for vulnerabilities. With SPLX, we now deliver AI red teaming to enable automated and continuous testing of AI apps at scale. Our AI red teaming solution integrates with customers' CICD pipelines, making it easy to test for hallucination, bias, behavior drift and more. Several customers, including a Fortune 150 transportation company and a Fortune 100 service providers have already deployed AI red teaming.

The third area of innovation is AI guardrails. Customers need AI guardrails for in-line policy enforcement for acceptable use of AI for cybersecurity and for data loss prevention. In line policy enforcement is one of our key differentiators, which we seamlessly deliver through our Zero Trust Exchange at scale as we process 0.5 trillion transactions daily. Our AI Guard solution leverages the core competency for runtime protection. Zscaler AI Guard sits between the application and LLMs, inspecting comps and sponsors in line to enforce customer-defined policies.

To share an example, this quarter, a leading consulting firm purchased our AI Guard to secure the use of public AI applications and the private in-house applications such as AI chatbots and AI agents.

With our platform capabilities, we are securing over 90 billion AI ML transactions per month. As AI and AI agents define the next era of transformation, we are further extending our platform to secure AI agents, agentic workflows and AI applications.

In addition to securing the use of AI, we are leveraging AI to deliver agentic operations, including agentic SecOps and agentic ITOps. In our Agentic SecOps, we are making great progress towards delivering an AI power SoC that simplifies customers' operations and automatically hunts for threats. In August, we acquired Red Canary to combine the agentic technology with our Data Fabric technology to deliver actionable SoC insights for our customers. This quarter, a Fortune 500 financial service company, a Global 2,000 health care equipment company and Global 2000 energy company and more purchased our agentic SecOps solution.

In our Agentic ITOps, we are introducing several Zscaler digital experience, or ZDX innovations to enable faster resolution to application and network performance issues. Our innovations like the ZDX copilot continue to resonate with customers and have driven over 80% year-over-year growth in bookings of ZDX Advances Plus in the last 12 months. I'm very pleased to see continued momentum for our AI security solutions. As I mentioned, we are expecting AI security ARR to surpass $0.5 billion by the end of fiscal '26.

Turning to our second growth pillar. We continue to see strong momentum in Zero Trust every year. which includes Zero Trust users, Zero Trust branch and Zero Trust cloud. Three quarters ago, we introduced Zero Trust everywhere and set a goal to secure 390 enterprises with Zero Trust every year by the end of fiscal '26. I'm delighted to share that we now have over 450 Zero Trust Everywhere enterprises, achieving our goal three quarters ahead of our target date. Our Zero Trust Everywhere customers benefit from reduced cost and complexity by eliminating legacy network and security products. This expanded relationships through Zero Trust Everywhere also creates follow-on demand for data security and AI security.

One of the key components of Zero Trust everywhere is Zero Trust cloud, which allows customers to eliminate VPNs, north, south and east west virtual firewalls, express route and Direct Connect networks, resulting in far better cybersecurity. To share a customer example, in an 8-figure TCV win, an existing $1 million plus Fortune 500 health care customer adopted our Zero Trust cloud solution, along with ZDX Advance Plus, data security modules and more. Zero Trust Cloud secures workload communication across their VPC or virtual private cloud and SAP RISE cloud-based ERP. Without Zero Trust Cloud, the customer would have had to deploy a significant number of north-south and east-west firewalls, resulting in increased cost and many months of delay.

This customer told me that in the last 15 years, they have not been so excited about the solution that not only brought better security but also was easy to deploy and operate. Just like the migration of Microsoft Exchange to Office 365 was a big tailwind to our business a few years ago, I believe the migration of SAP on-prem to SAP RISE will have a similar impact on our business.

We continue to see strong interest from customers for Zero Trust branch, which is another key component of Zero Trust Everywhere. Zero Trust branch eliminates a need for legacy point solutions at branches, factories and campus. To give you an example, in a 7-figure [ upsell win ], a global 2,000 manufacturing customer, more than triple their ARR and became a Zero Trust Everywhere customer by purchasing our Zero Trust branch, CPA, ZDX Advance Plus, Risk360 and more.

Moving to data security everywhere. We offer a comprehensive data security portfolio with 8 modules providing data discovery, data classification, posture management, data loss prevention and more. Customers are eliminating data security point products in the environment by consolidating data security functionality on our unified platform. To share an example, in a 7-figure new logo ACV win, a large health care provider purchased 5 out of our 8 data security modules for their 23,000 users. This enterprise chose Zscaler over a leading CASB vendor due to our integrated platform, which delivers data security across all channels for all types of data. I'm excited to share that our Data Security Everywhere ARR accelerated to approximately $450 million.

The growth across our three pillars is powered by our strong go-to-market engine. One of the key initiatives we recently introduced was our Z-Flex program, which enables customers to commit to a spend and provide flexibility to swap or activate additional modules without undergoing new procurement cycles. Z-Flex is driving meaningful upsells and reduced sales cycle and is consistently exceeding my expectations. Z-Flex generated over $175 million in TCV growing over 70% quarter-over-quarter. To show you a couple of customer examples, an existing large aerospace customer made a multiyear 8-figure TCV commitment under the Z-Flex program, increasing their annual spend with us by over 40%. As part of the Flex commitment, the customer added 9 new modules, including asset exposure management identity threat detection, unified vulnerability management, e-mail DLP and expanded commitment for data security. In a 7-figure upsell win, a Fortune 500 business services provider more than doubled their annual spend with us as the expanded adoption of 9 modules under the Z-Flex program.

In conclusion, our business is benefiting from the strong tailwinds from the combination of Zero Trust and AI security. The best AI security is built on the foundation of Zero Trust. Our clear leadership in Zero Trust security, combined with our comprehensive AI security offerings, positions us well to capture the large and growing AI security market. And with our strong go-to-market engine, we are well positioned to exceed $10 billion in ARR.

Now I would like to turn over the call to Kevin for our financial results.

Thank you, Jay, and good afternoon, everyone. We exceeded our growth targets in Q1 and operated at Rule of 78 for the quarter. We ended Q1 with over $3.2 billion in ARR reflecting approximately 26% year-over-year growth. ARR from each of our three growth pillars accelerated in the quarter, including on an organic basis.

Q1 revenue was $788 million, growing 26% year-over-year, 10% sequentially and exceeding the high end of our guidance. Geographically, the Americas accounted for 58% of revenue, EMEA for 27% of revenue and APJ for 15% of revenue.

Our remaining performance obligation, or RPO, grew approximately 35% year-over-year to $5.9 billion with approximately 47% classified as current RPO. We closed Q1 with 698 customers generating over $1 million in ARR and 3,754 customers exceeding $100,000 in ARR demonstrating the strategic role we play in customers' digital transformation journeys.

Turning to the rest of our Q1 financial performance. Our gross margin was 79.9% as compared to 80.6% last fiscal year Q1. We'd like to remind investors that we are introducing new products that are experiencing strong growth and are optimized for faster go-to-market rather than margins. This will continue to influence our gross margins on a quarterly basis. We plan to optimize new products for margins over time as they scale.

Operating expenses increased 11% sequentially and 23% year-over-year, reaching $458 million. Operating margin was 21.8% towards the higher end of our long-term range and growing by approximately 40 basis points year-over-year. Our free cash flow margin for Q1 was 52% including data center CapEx at 2% of revenue. We ended the quarter with $3.3 billion in cash, cash equivalents and short-term investments.

Next, let me provide our guidance for Q2 and full year fiscal '26. As a reminder, these numbers are all non-GAAP. For the second quarter, we expect revenue in the range of $797 million to $799 million, reflecting year-over-year growth of approximately 23%. The gross margins to be approximately 80%. Operating profit in the range of $172 million to $174 million, net other income of approximately $19 million, earnings per share in the range of $0.89 to $0.90, assuming a 21% tax rate and 170 million fully diluted shares.

For the full year fiscal '26, ARR in the range of $3.698 billion to $3.718 billion, reflecting year-over-year growth of 22.7% to 23.3%. We anticipate approximately 47.8% of net new ARR to be recognized in the first half. Revenue in the range of $3.282 billion to $3.301 billion reflecting year-over-year growth of 22.8% to 23.5%. Operating profit in the range of $732 million to $740 million, earnings per share in the range of $3.78 to $3.82, assuming a 21% tax rate and approximately 170.5 million fully diluted shares and free cash flow margin to be approximately 26.0% to 26.5%.

With a large market opportunity and customers increasingly adopting the broader platform, we will invest aggressively to position us for long-term growth and profitability.

Before moving to Q&A, I'd like to thank Ashwin for his significant contributions to IR and Strategic Finance and wish him well as he transitions to his product role. I'm also excited to welcome Kim to Zscaler.

With that, operator, you may now open the call for questions.

[Operator Instructions] Our first question comes from Brad Zelnick with Deutsche Bank.

Congrats on such a strong start to the year and hitting your Zero Trust Everywhere goal three quarters ahead is just amazing. Jay, I wanted to ask about Zero Trust Branch, which we continue to hear good things about. It's showing some nice early adoption. But as we look ahead, how much more work needs to be done on the product and/or go-to-market fine-tuning to see real acceleration from here?

Thanks, Brad. We have done some amazing work on the technology side to build a Zero Trust Branch, where each branch is merely an island, no lateral movement that's generally caused by traditional networking with [indiscernible]. The product is in a great shape, go-to-market. We put together a specialty team that [indiscernible] can engage with the right buyers to explain the solutions. The numbers are pretty impressive [indiscernible] joke internally that Zero Trust Branch needs no pipeline generation effort because there's so much demand in the customers.

I think we shared some numbers on Zero Trust Branch customers have now exceeded over 450 customers. A lot of our customers start small, they do the smaller rollout, and then they move on to bigger deals. In my prepared remarks, I gave an example of Global 2000 manufacturing customers, whose ARR more than tripled. I think there are many, many such examples. We got about 4,400 enterprise-class customers. We only gone through 10% of them. So I see a big opportunity. I think it's an exciting area for us, and it's part of our Zero Trust Everywhere platform.

Our next question comes from Saket Kalia with Barclays.

Maybe a little bit of a joint question for you, Jay and Kevin. The $1 billion in ARR that's coming from the three emerging areas is clearly outgrowing the rest of the business. In fact, I think you said it accelerated and for good reason. But I was wondering if you could help us think about the other $2 billion in ARR and maybe specifically, is it fair to think about that other tranche as more of a la carte Zero Trust tools like ZIA and ZPA? And maybe relatedly, how do you think about the growth rate for that $2 billion versus an emerging bucket that's clearly growing faster than the rest of the business?

So yes, it's very true that our three buckets, $1 billion ARR has been growing very well. The remaining $2 billion, yes, a big part of that is ZIA, ZPA. It has been going quite well. But the big opportunity for that business is also to emerge into Zero Trust Everywhere.

Remember, we said that, Zero Trust journey start with users. We've taken it to branches, we've taken it to cloud and next to [ IoT OT ]. While other vendors who tried to claim Zero Trust tried to say we got Sassy, they're merely sitting with Zero Trust trying to do for users and we have expanded our platform to give a lot of opportunities. The core business by itself will grow at a smaller rate than the rest of the overall business. But our goal is really to take every customer to Zero Trust Everywhere. And that's what we are successfully doing.

Our next question comes from Meta Marshall with Morgan Stanley.

Great. Maybe I just wanted to ask a question about Red Canary and just how it's kind of performing towards expectations given that you guys have been looking at a fair amount of churn within your kind of assumptions for that business. Just any context around that performance would be helpful.

I'll start with broad comments, and Kevin can go deeper. In the integration of Red Canary with Zscaler is doing very well. [indiscernible] done right away. The two other main areas were: one, engineering end products. We're integrating Red Canary's agentic AI technology with Zscaler platform doing well. Second is go-to market. Red Canary's go-to market team has become security operations specialties team. It's working with our field sales organization, which is uncovering opportunity. So seeing a vast majority of Zscaler Red Canary pipeline is now coming from Zscaler customers. Kevin?

Yes. Look, I would just add that Red Canary is trending slightly better than our previous guidance. But keep in mind that we don't believe that Red Canary's contribution is material to our overall business. So as we go forward, we don't intend to provide specific color on Red Canary.

Our next question comes from Tal Liani with Bank of America.

This quarter was stronger than actually we see because if I look at the year-over-year growth in dollars last year, First of all, first quarter last year was very strong. So you're growing 26% almost on a very strong quarter. And second, last year, on a year-over-year basis, you added between $122 million to $130 million every quarter on a year-over-year basis. And this quarter, you're adding $160 million. So that means that the growth is strong. And I'm trying to understand if you can break down on revenue level, not an ARR level, what is driving the strength. I mean the stock is down, but the trends beneath the surface seemed very strong. And I'm trying to understand what is driving it? And if you can break it down, even not in numbers, even if it's just qualitative to discuss what's happening in the core versus what are the key leading products that are driving this strength?

So I'll start with a broad product area. As you know, we built a platform, that we are expanding our platform. We got three big pillars of our platform have been Zero Trust Everywhere, AI security and Data Security. All three areas are growing very well. They are actually accelerating, and that's part of the strategy. Our strategy is if every customer starts moving to Zero Trust Everywhere, we become very, very differentiated because no one in the market is even coming close to that. They're all trying to figure out how to solve the user side of it. And on data security, our customers are basically saying "We are tired of seeing point products, so many point products in data security" and we have the best platform. AI security is evolving. It's a new area for us. Agentic operations has done well for us and security of AI products is young, but it's growing pretty well. So I think we're very pleased with that growth we wanted from the three key pillars and it's beating or exceeding our expectations.

Kevin, do you want to give it more color?

Yes. Thanks for the question, Tal. I mean, I think that's, frankly, both the qualitative and the quantitative response, which is we are seeing accelerated growth in our three growth pillars, which is contributing well to the business. I also mentioned in my prepared remarks that we saw organic growth come in at similar levels to what we saw last quarter. So we are seeing very strong performance.

And just -- I was just going to add some color that we did see the business perform better than our internal expectations in the quarter.

And how is the core business? You have Cisco with a new product, Checkpoint with the new product, [ Paolo ] talking about very strong growth. How is the competitive landscape when it comes to the core business?

Compared to landscape, it hasn't changed a whole lot. If anything else, our brand has gotten bigger. Most of the large enterprises know us very well. We are very well engaged here. A number of new entrants who have come in the market in the past year or so, largely some of the firewall companies, we have hardly seen them out there. So compared to landscape, it hasn't really changed much to mention.

Our next question comes from Joseph Gallo with Jefferies.

Jay, I think when some look at the recent massive M&A in the space, they're fearful of the implications for underlying cyber growth. In your conversations with customers, how are they thinking about spend in calendar 2026? And what are the priority areas that they have as a part of that?

So customers' priorities for spending? Right?

Yes. Just with the -- how is the fundamental cyber growth been? How do you expect it next year and what the priorities are?

Broadly speaking, there's no significant growth in macro environment. IT budgets remain tight. There is pressure on CIOs. There is far less pressure on the cyber side of it. So cyber is under less pressure. We do see scrutiny for large deals similar to what we shared in the past. But two areas are still of high interest to customers. One is Zero Trust Security because all these breaches happening out there and second is AI security because everyone is trying to do some level of deployments of AI applications because CIOs feel like if they aren't doing anything in this area, they'll be viewed as laggards. That is also mix. Some of the customers are seeing better results than others in terms of AI. But as soon as they start thinking about doing AI applications and models, the security becomes a worry for them. So we are going in with two leading messages, Zero Trust everywhere being one and AI security being two. So with that, we're able to get the pipeline created. And the second part is to close deals, we must show strong cost takeout, and we can do that as we eliminate a lot of point products. So we are able to do both of those things. That's what's really leading us to deliver these strong results.

And also if I mention that, since our brand has become so much stronger, and we've become pretty strategic partners to customers all these CIOs, C-Source meetings, [indiscernible] it's wonderful to see them to say, "Jay, I mean, we moved from company A to company B and we called your team to help us here as well.' So look, we are tracking well. We are excited about what lies ahead for us.

Our next question comes from Mike Cikos with Needham.

I just wanted to come back to the SaaSy market specifically. And Jay, I know you're probably already cringing at the word SaaSy but there was a lot of security vendor out there last week discussing some success and competitive displacements in the SaaSy market. I just want to get your feedback specifically on what you're seeing as far as trends from a competitive or pricing discipline standpoint.

Yes. Look, we remain very strong in when it comes to, I will call the Zero Trust market because the SaaSy word has no meaning, every vendor claims [indiscernible] calling SaaSy. For example, if you do Zero trust, you don't do SD-WAN. And most of these SD-WAN vendors competing in the SaaSy space are -- expansion in our customer base is because of all the new functionality we are bringing to take Zero Trust Everywhere. Our expansion is happening as we have taken our data security platform and made it much bigger.

So we've done so many innovations in so many spaces. So we think in spite of new entrants in the market, I think the market has already kind of sorted out the winners, and we are creating more distance among the number of other vendors who are entering in this space. So I feel very strong. Our pipeline remains strong. Our winner rates remains strong, and you see our results are very, very strong.

Our next question comes from Brian Essex with JPMorgan.

I guess Kevin, for you, just I understand that you're not want to break out Red Canary, but can you give us a sense for organic net new ARR in the quarter? And then maybe one for Jay, with the acquisition of Red Canary are and what you've done with Avalor and now SPLX, I would love to get your sense of -- are you -- do you -- any sense of how you might align with the threat intelligence market and value what you might be able to add, given the data visibility potential for incremental add in terms of the quality of data that you might be ingesting on the platform and ability to provide better visibility for customers on the threat intelligence side?

Yes. Thanks for the question. I'll go ahead and start. As I had previously mentioned, organic growth in Q1 was consistent compared to Q4. And again, as I said, we're very pleased that the organic business came in better than our internal expectations.

So on the second part, you talked about two acquisitions we have had. Avalor has become our Data Fabric, which can ingest data from Zscaler platform and some of the third parties to really create what we call entity relationships. And AI is only as good as data. So we're able to do some very powerful threat detection and intelligence that couldn't be done otherwise. So that's the foundation of the platform. The reason for us to get into AI powered SecOps is the strength of our data. Avalor gave that stuff. We have the data, Red Canary gave us agentic AI technology on top of it. So using some of these smart agents, we can do security operation, what security analysts need to do. So the amount of information we are getting the meaningful intel we're getting is unbelievable.

I was talking to the CEO of a Fortune 100 company recently. He said, "I have a sizable security operation team, very sophisticated operations." But your solution, in this case, is taking advantage of Red Canary working with us, it is finding things, a few things every month that we aren't able to find that's amazing incremental value for them. We think this is only going to get better as our solution evolves.

Your second point on SPLX that's accelerating our completion of -- our solution for AI security. The market has so many point product solutions in AI security out there and customers tell me One, "I don't want to deal with 10 vendors", number one. Number two, "I don't want to share with data with a startup that started 10 months ago to share with them". So they're looking for a platform, we have built a number of AI security platforms internally. For example, Gen AI Security, AI Guard, AI discovery and then SPLX brought red teaming technology to us. So it has made our portfolio pretty complete. So Zero Trust Everywhere in a very great shape, AI agenetic operations evolving nicely and AI security operations. growing very nice. We feel very comfortable with the portfolio built.

Next question comes from Shrenik Kothari with RW Baird.

So Jay, on the AI security tracking $500 million and you mentioned traction across all the modules that you had got, [ SBM ], red teaming, just can you help us unpack where there is more traction, what's currently driving in terms of use cases are most deployments at visibility governance via SBM or are you seeing [ CSOs ] are truly prioritizing all the run time AI with AI Guard as well? And then I have a quick follow-up.

Yes. This is a very good question. About two years ago, 2-plus years ago, when ChatGPT came on the scene, the #1 thing customers want to do was visibility into Gen AI solutions or sorry, applications that users are going to go [indiscernible] since we are sitting in the traffic path, very quickly we built our first product, Gen AI Security, that's being used by quite a large number of Zscaler customers. Next, we launched AI asset discovery and partial management. Tons of interest because everything starts by understanding AI assets you have. Third, last summer -- early summer, we launched AI Guardrails. When customers are building their internal AI applications and models, they want to use guardrails to make sure that models are protected and only right people with the right kind of perms can early access them. That's an early stage, but it's growing nicely. The pipeline is growing very well. And the fourth thing we brought to the market came through SPLX acquisition. That's core rent teaming technology and as applications are being built, customers want to make sure they don't have vulnerabilities. And we aren't stopping [indiscernible], extending our platform to agentic exchange. So we can have right agent to agent application communication. All that's proceeding well. So I think we are very well positioned, we will keep on investing in these innovations, but we balance our investments with our operating margins.

Very helpful, Jay. So Kevin, a quick follow-up on your comment around because these models ramping as Jay was saying, how are you thinking about the investment horizon overall? And as these -- as you're scaling these [indiscernible] products, AI Guard and how to think about the margins here?

Since the models and things they're using are really on a fairly well confined set of data. We haven't seen any massive change in gross margins. If these things change over time, I'm sure we'll let you guys know.

And maybe just to continue on that thread. Look, for Q1, we're pleased with the margin profile. We're comfortable with the Q2 guide. And then as we look into the back half of the year, you will notice that there's margin expansion in the guide in the back half. We are orientated to growth, but you know that we're also very mindful of the financial model and operating margin.

Our next question comes from Roger Boyd with UBS.

Jay, I just wanted to go back to Zero Trust Gateway. And I wonder if you could talk a little bit more about the demand you're seeing there. Is that product getting pulled along with increasing AI infrastructure some of the firewall vendors have talked about growth in software firewalls in this capacity? And how are you thinking about customer buy-in around this approach over kind of that approach of deploying virtual firewalls?

Sure. As you know, customers traditionally used firewalls every year, we replaced a lot of them when it comes to user protection that work in a branch and cloud is pretty simple. When traditionally people will go to cloud and build cloud workload, they would do [ lift and shift ]. They have lifted and shifted, [indiscernible] Easter firewalls to a cloud SBM as well. We go in and say, you don't really need a lot of these firewalls every year. Zero Trust Cloud is almost like Zero Trust for internet access, Zero Trust workload to workload communication. All the firewalls go away, customers don't need to work with all these IP addresses and ACLS, the cloud gateway simply makes it even more easier to deploy our solution. In the past, they had to deploy a piece of software we call Cloud Connector as a traffic cop. Now we have a cloud gateway that's deployed and managed by Zscaler with a simple [indiscernible], as a point traffic Zscaler cloud gateway, and we enforce policies and we do everything needs to be done. Deployment that would have taken a few hours now can be done in under 10 minutes. That's the kind of innovation we're bringing to make it easier for customers to move away from legacy firewalls and [indiscernible] Zero Trust powered workload communication.

Our next question comes from Eric Heath with KeyBanc.

Jay, maybe to come back to Zero Trust Everywhere just given how strong and successful it's been thus far. But I'm curious to hear how you're thinking about this going forward? I mean, is the outperformance relative to your expectations because the book of firewall business up for refresh, maybe as bigger or earlier than you anticipated? Or do you look at the pipeline and see an even bigger opportunity of displacements looking into calendar '26?

Yes. Overall, our customers are looking for saving money and making it easier for them to operate and deploy these solutions and along with that, making sure they have better cyber protection. Number one reason for our customers' interest in branch, Zero Trust branch is to eliminate the lateral movement, which leads to all kind of ransomware attacks, number one. Number two, when we go in and say, "By the way, it's also costing a lot more because we can eliminate multiple products per branch", not just firewall but SD-WAN often they got these DSCP gateways, they often got [indiscernible] firewalls, they got [indiscernible] kind of stuff. All that goes away. So cost goes down, operational stuff goes down, that's a driver. Now refresh may help, but most of the time, the [indiscernible] are not waiting for Zscaler to say refresh is coming. As we present the story to our customers, they kind of say, "Wow, this makes sense." There's a lot of ROI to it, let's get started. So tremendous interest, strong pipeline, and we've only done about 450 customers so far. The millions of branches left out there for us to pursue.

Our next question comes from Fatima Boolani with Citi.

Jay, I wanted to go back to a very specific remark in your script earlier in the call. Just with respect to the migration of SAP from on-prem to SAP RISE being an opportunity that would be tantamount to the success and the tailwinds that you saw from Microsoft Exchange going to Microsoft 365. And so I wanted to take the opportunity to have you unpack some of that in terms of how will that manifest in your business across the product lines today? And then specifically, with a portfolio that is significantly larger today than you had when the initial Microsoft platform migration was happening. Where do you expect to see sort of -- I'll frame it as option value in some of your newer products that frankly didn't exist in the last sort of precedent example.

Sure. You know the customers moved to Office 365 several years ago because office moved to the cloud or [indiscernible] to the cloud. But SAP has taken a long time. It's a far more complex application. But now SAP's pushing for the deployment of what they call SAP RISE in the cloud and telling customers that you've got to move and they're giving some incentives as well. So if you do the old way, using the legacy firewall technology network, you move SAP RISE to the cloud, and you really then deploy all these express routes and direct connects for connectivity and then you've got firewalls and all the stuff you deploy to access those applications, the VPN type approach. We go in and say, none of that stuff is needed, no special access roots and direct connect needed, you can access SAP RISE application with Zscaler, directly over the Internet as you access Office365 applications. It's a clean, simple, elegant architecture. So it gives us two opportunities for us. Number one, some of the cloud -- Zero Trust cloud technology to make sure we got protection and communication for SAP application, SAP RISE itself, second, for users to access SAP with better and faster experience. Those are the two areas of growth for us, and it helps the customer deploy and get the application running faster and it uses cost and get great user experience.

Our next question comes from Gray Powell with BTIG.

So yes, it's really interesting this quarter. I mean I look at the numbers. And overall, everything looks good. I do think there's some confusion on just organic ARR. So I guess here's my question. You highlighted $175 million in Z-Flex bookings this quarter compared to RPO bookings at about [ 940 ]. So basically, Z-Flex is now 20% of the mix had almost doubled versus last quarter. Where do you see that going longer term? And then as Z-Flex becomes a bigger component of bookings, does that give you a higher visibility on future period ARR because there's just inherently an installed ramp in those contracts as customers grow out?

Yes. Great. So I'll start, and Jay can add anything that he may want to share. Look, I appreciate you raising Z-Flex. It is a program that has gotten a lot of interest and traction from our customer base. To your point, we did see bookings growth over 70% sequentially. And it effectively allows customers to commit to spend. We typically see that is a more significant commitment than they would have made on an a la carte basis. It allows them to easily deploy additional modules without having to go through the friction of a negotiation procurement process. And then it provides them with the flexibility to swap in and out of modules as business dynamics for those customers change. And so it gives them confidence that they can make more meaningful commitments to us and generally over longer periods of time. It doesn't have necessarily a different impact to ARR than any other type of transaction. But to your point, it does give us greater visibility over the long term because they are longer contracts. We do understand the nature of those commitments and how they play out in the future. And I would say it's frankly a win-win for both the customer and the flexibility it offers and us in terms of the visibility going forward. So it is a very powerful tool that has gotten pretty significant interest from customers.

Yes, I would say our business has performed very well on all metrics, ARR, cash flow, all areas. So we're very pleased with it.

Our next question comes from Joshua Tilton with Wolf Research.

Just one for me, and I apologize if this was addressed already bouncing back forth between a few calls. But did your assumption for what Red Canary would contribute to the full year ARR change at all? And if not, is it fair to assume that you raised ARR by for the full year is how much you outperformed organically in the first quarter?

Yes, thank you for the call. I did make a comment earlier. We are seeing Red Canary trends slightly better than our previous guidance. But as a reminder, we don't believe that Red Canary's contributions to our overall business are material. So we're going -- we're not going to be making color commentary with respect to Red Canary going forward. With respect to the outperformance, I mean, we did pass that through the full year guide.

But I think to further clarify, you said that for organic growth in Q1 for us was consistent as [indiscernible] Q4. Very pleased whether it beat our internal expectations.

Our next question comes from Jonathan Ruykhaver with Cantor.

Jay, I'm curious to hear your thoughts on the synergies you see between Red Canary and the data security portfolio. It would seem that you have opportunities around remediation, a possible governance for DSP and DLP. Can you just provide an update on that integration strategy? And maybe just a little bit of color on how you see that driving differentiation relative to all the other vendors that are touting data security capabilities related to AI?

Yes. Very good question. I would mention three points there that set us apart from many others. Number one, we have built a full portfolio of data security. There's no such thing as data security for AI only. Data is lost in many ways. So number one, the strongest portfolio is helping us. Number two, AI is helping us doing better data classification which is important because better classification means better detection. Number three, the other point you made, it was the Red Canary synergy, that is the [indiscernible]. We are able to get all the signals from Zero Trust Exchange to our Data Fabric platform, where we are able to potentially look for any potential trends or breaches or any of the stuff that's happened. And if you're able to do that very quickly, we can do our closed-loop feedback sent to a Zero Trust Exchange if we need to block some kind of data loss that's happening out there. Today, data loss happens, [indiscernible] days or weeks later. This closed-loop system between our Agentic operations and in-line function is a clear, clear differentiator for us that should set us apart from many other vendors, whether they're SaaSy vendors or they are AI security vendors.

And our last question comes from Matt Hedberg with RBC.

I wanted to follow up on -- I think it was Gray's question on Z-Flex. It really does show up in checks. And I think Kevin, you mentioned reducing friction, additional consolidation opportunities. I realize it's difficult, but is there a way to think about what that average Z-Flex upsell looks like? And then maybe just a little bit more color on how do you think about the pipeline of Z-Flex deals for the rest of the fiscal year?

So first of all, Z-Flex was done to give our customers flexibility. It evolved from the traditional ramp deals we have done in the past when we go after large customers, they can deploy it overnight and in the [indiscernible] lost some margins, they wanted some ability to say give me sort of ramp because I won't be working on it. We have been doing that deal for quite some time, but this creates a form of program around it. The second thing has created for us is the ability to [ swap ] modules so they don't have to keep on testing various modules a long time and delaying the deal. So we believe that the deal ability to close deal has gotten better. And three, ability to do larger deals has gotten better because now they know that they can swap deals -- module so they can go for a bigger deal. All these things are happening. I'm not sure we have quantified exactly how much impact it's happening, but we are seeing good results of it. So we are pleased with the performance.

Kevin, do you want to add anything?

The only thing I would, again, I guess, express as you see growth in customers moving into Zero Trust everywhere, when you see adoption of Data Security everywhere and AI security. A lot of that momentum and the facilitation will come from programs like Z-Flex that will make it easier for customers to adopt these technologies. And so for us, we think it's just a stimulus to allow customers to more easily and friction-free adopt more of our technology.

I would now like to turn the call back over to Jay Chaudhry for any closing remarks.

Well, thank you for your time. We look forward to seeing you as one of the or some of the investor conferences.

Thank you. This concludes the conference. Thank you for your participation. You may now disconnect.