Cloudflare, Inc. (NET) Earnings Call Transcript & Summary

Hello, everyone, thank you so much for being here. I'm Matthew Prince. I'm one of the Co-Founders and CEO of Cloudflare. It's been a really long time, it feels like, since I've got to stand on stage in front of customers, with our partners, with our team, and it's great to be back. I know a lot of you are here in-person. We've got great programming across the course of the day for you to be able to learn more about Cloudflare, what we're doing, how you can use our network in order to build the applications of the future. A lot of you are also watching on the live stream, and it's super excited to be doing these sorts of hybrid events, but there's nothing quite like getting to meet with our customers, see our team together and really brainstorm on how we're going to continue to live up to our mission of helping build a better Internet. There are a handful of people who are absolutely critical in making today happen. And I just wanted to acknowledge and thank them for everything that they're doing to prepare the program, in putting everything together. Jenna, Christina, Megan, Crystal and Ashley are on our events team. They pulled this together. Again, it's -- COVID's still going on and so trying to get a live event together is a ton of work. And I just wanted to say I really appreciate all of the work that they've done in order to pull this together. So really, thank you all for today. Cloudflare's mission is to help build a better Internet. And it's pretty amazing that today, more than half of the world's largest companies, top 10 -- 20 companies in the world are using Cloudflare. A lot of them are here with us today, all rely on Cloudflare's network in order to be fast, secure and reliable around the world. But what I'm also incredibly proud of is that we have individual developers who are here with us today who are building those companies that 10, 20 years from now are going to be some of the Internet's giants. And they're relying on Cloudflare's infrastructure in order to make that happen. If I think about what it is that we do at Cloudflare, it's really almost like we built a time machine. We said, like, if you could go back to 1963 and do it over again, right, not end up with rooms that look like this, with cables that are strung together and the giant mess that is the Internet that holds it together today, how would you do it differently? What would you build that would be different? And we look at every time you have to send an e-mail, every time you click on a link, every time you SSH into a command line, what are every one of those steps and ask ourselves continuously, can we make this faster, can we make it more secure, can we make it more resilient? And increasingly, can we make it more private and more efficient? And so across the board, we're taking all of those things that used to have to do with a box, and good luck today if you try to order a box from an existing firewall or load balancing or routing network. Like the lead times today are 9, 12, 24 months for them to even be able to deliver something. And what we're doing is saying, we will deliver that service as a service and give you the functionality that you need. We're effectively taking all of those boxes of the past and turning them into a service that is Cloudflare today. And if you've used our products at all, if you've listened to anything that we have done, we are always just releasing more and more and more products and you think about, wow, how are all of these things happening? And today, we're going to talk and do deep dives into everything that we're delivering at Cloudflare. But one of the most important questions that I get asked all the time from customers, from investors, from partners, from even our own employees is how do we do it all? Like how do we actually make all of this stuff work together as one seamless thing? And so I wanted to give sort of a little bit of a peek behind the curtains, and there's going to be a lot more detail on this. But fundamentally, everything that we do at Cloudflare starts with one thing, and that's absolute architectural simplicity. And the best way to understand this is actually to use an analogy to another set of companies that came before us. So we all know this company. We all use it every single day. We think about it all the time. And it's just the default, and you think about what is Google good at? I think everyone thinks, well, they're really good at search. But they do a bunch of other things. And I think fundamentally, what Google is good at is they replaced an entire different model of how computing was done. Does anyone remember back in September 3, 1998, I'm old enough to remember this, a lot of you in the room are, who the absolute kind of killer search engine that all the cool kids were using? It wasn't Lycos, it wasn't Ask Jeeves, it wasn't Yahoo! AltaVista, right? Who built AltaVista? Tougher question, right? Everyone's like I don't quite remember. Turns out it was this company. Digital Equipment Corporation. What did Digital Equipment Corporation make? The time -- mainframes. And so why did this mainframe manufacturer decide to go out and build a search engine? It wasn't because they thought they were going to capture the global zeitgeist to build the world's most valuable advertising company, right? Instead, and believe it or not, this is true, I've talked to the people who were behind it, they built it because they thought it was going to be lead generation to show how powerful their mainframes were. Because it turns out that what you needed to build a powerful search engine at the time, back in 1998, was a really powerful mainframe because that's how you did computing. And then there were these 2 guys, and they said that seems crazy. We're getting our PhD at Stanford. We don't have enough money to buy a mainframe. I wonder if we can just take a whole bunch of really simple computers and stack them together and then write clever software that made it so that they all were able to do things together and we could build some function on it. And as a proof of concept that this new form of computing would work, why don't we build a search engine, and obviously, that turned into Google today. These are actually Cloudflare's humble beginnings. It's the guy named Sri Rao, he was our first network engineer, SRE, did all kinds of things. As I took this picture, it's him cabling our very first rack in our San Jose data center. We still actually operate in the same rack today, although we have a lot more of them. And fundamentally, what we thought was the way that Google built their own search engine, the way that they made a bigger mainframe than any mainframe was ever able to make was the way that you should reinvent networking and computer architecture for the future. And so we break this down and say, okay, what are the fundamental components of a computer? Well, every single server that we deploy has a CPU, and that CPU has lots and lots and lots of cores that are there. Everyone has a certain amount of network capacity. Everyone has a certain amount of memory. Everyone has a certain amount of SSD, fast SSD storage. And every time we deploy another server across our network, we get a little bit more of that. And so -- our network is made up of these servers that are scattered all around the world and every single data center in the world has these servers, which means they all have some CPU and they all have some memory and they all have some storage and they all have some network capacity. And we can, on a very accurate basis, track exactly what this utilization is. So here is CPU utilization across Cloudflare's entire network. We know that in order to have sort of the reliability and scalability and everything that we need, we want that CPU utilization to be at just around 70%. It hovers around that. You can see what our target CPU utilization is. But what's going on behind the scenes, and we can see this across any component that's there is instead of us thinking about any server as an individual component, we are thinking about them all as one unified computer. And if we take every task that we perform and we break it up into discrete individual chunks, and then we write clever software that lets us spread that load evenly around the world, it means we can achieve utilization rates like this, which means we can drive cost down, deliver incredible services and make sure that you are getting a supercomputer like no one has ever seen before. And so we often represent that this is what our network looks like. It's a bunch of points on a map. And this is like the most inaccurate thing you could ever represent because it's not like this at all. Sure, we're in more than 270 cities around the world, we're in more than 100 countries. We have tens and thousands of servers. We have literally millions of CPU cores, but we also have tons of storage, tons of memory, tons of network capacity. And because we wrote the software that efficiently distributes that, we've always got enough to provide the services that we build ourselves. We've got the tools to be able to allow our team to deliver more and more services over time. And increasingly, we're opening this up so that you can build the applications of the future directly on our network. And that's the secret to how Cloudflare works. It's really simple. Every server is the same. Every server runs every single service. And we have taken that to its logical extreme to create what is really the world's first global supercomputer. And that's what Cloudflare is today. And so I wanted to illustrate that on 3 different vectors. One is how do we take this in order to be able to deliver on a really -- I mean, just existentially hard problem today. Second, how, now we have this, can we continue to deliver and innovate at the speed we do and some of the incredible new products that we have. And third, how are we now opening this global supercomputer so that every one of you can build applications that are like this. And I wanted to start with what's just been a tragic thing to watch, which is what's going on in Ukraine and Russia. The Internet in a war zone becomes incredibly critical. And we can see that in a way. And in fact, this global supercomputer effectively works as the world's early warning network. And ahead of the actual invasion of Russia into Ukraine, we saw telltale signs that were very similar to what we had seen in Crimea and Georgia several years earlier, that indicated that it was very likely that there was actually going to be a ground invasion. And we briefed Western governments on what was going on. And I wanted to share today with you a little bit of what we have seen over the last period of time. So today, we have 6 locations across Russia and Ukraine that are delivering service today. We have a ton of -- over 30 of the core critical infrastructure, the .ua government infrastructure that is using Cloudflare. And we did some things to make sure as soon as we saw any risk that we were able to continue to deliver our services in these regions but do it in a safe way. We didn't know if at any point, our data center in Kyiv was going to be overrun. And in fact, we were getting hourly updates up until just about a week ago on what the status of that data center was. And we have incredible technology that allows us to do things like take sensitive information like key material and pull it out of there, but because we act as one global supercomputer, that means that we can still do all of the services that we have without having to have that sensitive key material in region. And because we were prepared for that, we were able to set our systems up that if any of the systems lost power it effectively gripped all of the machines that were there in order to keep the data centers secure and be able to continue to deliver service. So let me give you 2 different perspectives on what's going on. One, from what's happening in Ukraine, and the second from what's happening inside of Russia. And you've all seen the news. And it's been really terrible to watch what's happened inside of Ukraine. And what we have seen is that you can actually track what's going on in the ground, what the network traffic looks like across that. We saw a very big influx as people move towards Western Ukraine as they were fleeing from the fronts of the war. Unfortunately, in cities like Mariupol the actual Internet traffic has essentially dropped off the graph, whereas we do see other cities like Kyiv and others whereas the fighting has recessed, Internet traffic has continued to draw back up. We're also able to look at the overall traffic across all of Ukraine. And so at the beginning of the war, traffic across the entire Internet dropped in the region, but it has since picked back up. We can see other trends which are that as the war has continued there, traffic has shifted from desktop to mobile devices, exactly what you would expect as people were there. But what's behind this graph, which is amazing, is our team working with partners and vendors and other network operators on the ground, making sure that the Internet in Ukraine continued to work. And there was one period of time where the entire Internet in all of Ukraine was being delivered by a single fiber optic cable out of the country. And what was amazing was to see us working with other leaders in the space to make sure that we could keep the Internet working because it literally represented a lifeline, telling people where there was fighting, how they were safe routes out, how they were able to deliver that. And I'm incredibly proud of our team for what we did in order to make sure the Internet continued to work. If you look at individual domains that were in that region, you can see that attack spike leading up to the attacks there into Ukraine, but it has -- and it has spiked up and down but it hasn't quite been what we expected. When we saw what happened in Crimea, when we saw what happened in Georgia, they're actually much larger attacks. And so some of the questions, and we don't have an answer to this, but some of the questions is, why haven't there been even more cyber-attacks. It's not to say they haven't existed. We've seen DDoS attacks, we've seen wiper attacks, malware attacks targeting specific industries all across Ukraine, and we have been there offering our services for free to make sure that Ukraine can continue to stay online. Specific attacks have been government, media and financial sectors in those regions. And whenever they have come under attack, we have always said that we're going to be there, and we know how to stand up to even nation-state level attackers that are there. Over the course of the war, we have onboarded 85 critical infrastructure organizations in Ukraine, and taking on 32 supporting organizations in neighboring countries through our Project Galileo. And this is one of the things I'm incredibly proud of that when there really is need across the Internet, Cloudflare is going to be there in order to make sure that the Internet continues to work. And we've done that in what has been one of the most hostile network environments in the world. Another incredibly hostile network environment in a completely different area right now is what's happening inside of Russia. And if you look at Russia, Russia is absolutely working to censor and throttle the Internet. And these are errors that we see across our network that is there. They're trying. They're trying to close themselves off from the rest of the Internet. They're trying to censor other world. And yet if you look at Russian people, and you look at what are the trends of what Russians are actually trying to see, the traffic to Western site is actually up. These are 2 different media outlets. The first one is a large European media outlet, and you can see that there is traffic as people are trying to see what's online. And the Russian censors are trying to get ahead of this and block it and stop it from going on. And one of the things which has been really, again, I think, incredibly humbling to see is that we have this app, so 1.1.1.1 app, it's what my shirt is. I'm not using it on your own phone right now, I highly suggest you do. When I was flying out here the other day, the Internet wasn't working on plane for anyone else. And the flights attendant just kept saying, why is it working for you? And I said, because I'm using the 1.1.1.1 app. She was like, wow, how do I get that? And I said, well, as soon as you land, you can download it. But what's amazing about it is it has become the sort of #1, #2 or #3 app on any given day in the iOS and Google Play App Store inside of Russia because of the fact that Russians are actually trying to see what's going on inside the rest of the world. And it was something at its peak, like 8% of the Russian population was using the 1.1.1.1 app to bypass censorship there and make sure it's there. Now Russia is trying to stop it in every way. You can see it was growing like crazy and then it fell off a cliff. That's because they're actively trying to inject garbage into the system. They're trying to block it in various ways. They're trying to stop that from happening. And we're continuously updating that in order to make sure that the app continues to work in what is one of the most hostile networks in the world. And what's powerful about that is because we've made it work there, doing the right thing for making sure the Internet continues to work inside of Russia, it actually makes our enterprise product significantly better if you're using that same app to deliver zero trust services or VPNs across your own network. And so we use this in order to get better and better. We use this to do the right thing, but it actually makes the rest of our products better, and it's what motivates our team to continue to build the products that we do. So if you look globally and you say, okay, what's going on? And I know a lot of you in this room, your phone has been ringing off the hook from salespeople at security companies saying, Russia is coming, Russia is coming. You've got a panic. You've got to work. And there is risk that's out there. But so far, that's not what we've seen. There's been some attacks. And I think we should stay hypervigilant. But right now, that isn't what we've seen across that. There's been some uptrend, a little bit of uptrend in the amount of DDoS attacks that are out there. You can see that there's been an uptick in DDoS attacks against certain sectors over the last little bit. And again, I fully support what the White House is out saying that we need to be very vigilant because we don't know what is coming. But right now, again, I think we should be prepared, but you're not missing something, right? We're not -- there's not something that looks like it's out there and we don't know about it yet. But we do want to make sure that we're prepared. And so we launched what we call the Critical Infrastructure Defense Project with CrowdStrike and Ping Identity, 2 partners that we have worked incredibly closely with. And what we've delivered together is we think a full suite of different services to hospitals, the power and the energy sectors to make sure that they are prepared because when we did an assessment along with the White House and others, those were the sectors that are there. And again, we're super proud to be offering this to the organizations that need it most. But if you're worried about your organization, what we've also done is put together a really clear playbook of what should you do today? What should you do over the next week? What should you do over the next month? And what should you do over the next quarter to make sure that you are as prepared as possible. And we've made sure that our technology works seamlessly with other identity providers like Ping and Okta and Microsoft and also other endpoint security vendors like CrowdStrike, Carbon Black and otherwise. And I think through this experience, we've learned what you have to have in order to stay in front of some of the most hostile, difficult situations in the world. And so I'm incredibly proud of our team for what we've done during this incredibly hostile time to make sure that we can stay in front of what's there. And that really is a natural segue to looking at what the future of security online should be. And a lot of people know Cloudflare for our DDoS products, for our firewall and for other things. But what's really powerful is that we offer a full suite of what are known as Zero Trust security products, and we deliver them efficiently. Again, I already told you about 1.1.1.1. It's the best app that you can use as a consumer to make sure the Internet works. But what's powerful is that behind the scenes, if you're an enterprise, that same technology can make sure that your network and your users stay safe wherever they are online. And so using that in combination with our other services gives you a really better view in how the security of your networks should look online. The old approach to, let's hook together a bunch of VPNs and gateways and other boxes creates that spider web where you don't have clear visibility as to going on -- what's going on. It's way too complex to manage yourself and the risks are actually significantly too high. And so when we thought about Zero Trust, we said, how can we take what Cloudflare is really good at, making things incredibly easy, making them scale forever, making sure that you shouldn't have to sacrifice performance for security and deliver that to anyone who's online. And so we have tons of admiration for a lot of the other companies out there. I think Zscaler was really the leader in coming out with this space. But when we go head-to-head with Zscaler, we love our win rates because we've made a product which is easier to use, that users don't complain about, that has a much higher ROI, and we are continuing to innovate at a velocity that's way ahead of anyone else. And so if you're looking at Zero Trust in your organization, I'd encourage you to take a look at what we are doing because I think it is already the leader in the space, and it's getting better and better, faster than anyone who's out there. And so -- as you look at what that solution looks like, our solution allows you to have a much more agile network to be able to onboard people 60% faster than the competition, decrease your attack surface by over 95% over current solutions, decrease the risk of reach by independent vendors saying by 35%. And really importantly, decrease IT tickets that you have by over 80% over other vendors. And the reason we can do that is an app like 1.1.1.1. If we've got millions of users across the world in the most hostile networks in the world and it just works, it's going to be a piece of cake to make it work on your corporate network. And so over time, I think this is one of the areas that we are investing heavily in. We're closely integrating all of our solutions here in order to make sure that they work with our existing DDoS and WAF solutions and being able to deliver a real seamless security experience so you can understand the threats no matter whether they're coming on the inbound, on the outbound or whatever it is across your network. And we can expand on this more and more throughout the day. But the proof is really in the pudding. And if you look at who are adopting these solutions, I'm incredibly proud that we partnered with Accenture to deliver the Zero Trust solution for the United States government, which is being rolled out across departments around the world. And if they're choosing us in an incredibly competitive process, I think that shows how scalable this is. And it's not just big government organizations that are choosing it, nimble, light tech savvy organizations like Canva, OneTrust, which you're going to hear from later today, BlockFi, which, again, nobody is getting attacked more than people who are in the crypto space today, they're all choosing Cloudflare's Zero Trust solutions in order to make sure that they have a network which is secure and reliable around the world. And what you've known us for all this time is just our pace of innovation. And you can see that we've caught up with everyone else in the space, who's been working in this space for 10, 15 years in the course of 2. And over the next few years, we are going to blow everyone away. And if there's a feature that you need or that you want, the people who are building these products are here today, they want to hear from you, and we are ready to deliver them as fast as possible because nobody out-innovates Cloudflare. And that again, at the very beginning, I said like we've built this thing which is effectively like the world's global supercomputer. That's how we're able to innovate as fast as we can. And what I'm excited about is we're increasingly opening that to you all as customers as well. And so with Workers, which is our computing platform, we're giving you the raw primitives that you need in order to build the applications of the future. It's global. It's easy to use. It scales instantaneously and effortlessly. You don't have to manage containers. You don't have to manage instances. You don't have to pick a region. In fact, the next time you log into a cloud provider and the first question is, what region do you want to run your code in, you know you're already living in the past because the only answer to that question should be earth. Maybe Mars someday. But right now, earth, right? And so we are developing that platform. And again, it comes back to what is it that we can do that no one else can? Where in every other cloud computing model, you have all of these instances when you're wasting all of this overhead, we're able to subdivide individual compute task into their individual discrete component parts and distribute them over, I mean, in an almost infinite amount of compute surface, so that you can scale and have your load go up as much as you want. How well can something like Workers scale? Well, Meta, the company behind Facebook and WhatsApp needed to be able to verify that the code in WhatsApp was actually not changed or corrupted in any way. And so they signed a deal with us and their developers used the Workers' platform in order to build a code authentication platform every time you send a message on WhatsApp across the platform. They wrote it, they deployed it, and it scales to WhatsApp scale across our network. We didn't even notice a blip on our service. If they can make that work, then any application you want can work as well. And so what we've done is build something which developers love. And a lot of the developers who are in the room today are here because they are so excited about Workers. We have over 3.5 million applications today running across the Workers platform. Over 450,000 developers are actively developing for that platform, and our goal is to get that to 1 million by the end of this year. The average Workers -- we're processing 6 million customer Workers requests per second through the Workers platform. And just in April, we had over 430,000 new deployments across the Workers platform. And great companies like Discord, LendingTree, Panasonic are using it. But I wanted to dive into a couple of examples a little bit more. So Sixt, the big car rental service, global car rental service. They wanted to be able to do really tight version control, an A/B testing in a way that no kind of out-of-the-box platform was able to support. They built Workers that allows them to do this, and it's accelerated the development velocity enormously. And lastly, you all use Jira, you use their tools, Confluence they needed the ability to have a whiteboarding app where they could have global synchronized communication between people on opposite ends of the earth. To try to do that on any traditional cloud computing platform, they would still be working on it today to get the synchronization to work. They took a team, built it, that platform and today to use their whiteboarding tool behind the scenes that's running on Workers. And again, it scales efficiently to Atlassian level scale. And Shopify, we're so excited to have Shopify as a partner. They're using Workers in order to be the development platform for the future of shopping online. And if you're building the future shopping carts anywhere across the Shopify platform, you're going to be using Workers in order to do that. And we've increasingly made it easy to embed the core of what workers is into applications like Shopify, which is delivering more and more value over time. This week has been super fun. We do these innovation weeks where we've bundled a bunch of announcements all together. We're in the midst of Platform Week. We have a bunch of announcements that went out just about as I went on stage, but there are 2 that I'm excited about. If you're not following along already, I really encourage you to check out our blog at blog.cloudflare.com. But these 2 excitement announcements, I think, are really critical in order to make it so that Workers can build whatever it is that you need in the future. The first is something that we announced last September, that's called R2. And R2 is an object store. And object stores are actually pretty simple. And so the question is why did the world need another one? And the answer is because everyone needs an object store, and everyone today is overpaying to their object store. And we like to pick on Amazon a little bit. But if you look at how much Amazon charges for egress fees, we know what they pay approximately for their wholesale prices for their egress costs. And what they pass on to you, the charges that they charge you is 80x of what their actual wholesale cost is in North America. It's 80x in Europe. It's 21x in Latin America, 17x in Japan, 17x in Singapore. 8x in Australia, 8x in India, 3.5x in South Korea, and they haven't dropped their prices meaningfully in 10-plus years. And so again, little tongue in cheek, but Amazon is effectively the Hotel California of the public cloud, and they're keeping innovation from happening. And so if they're overcharging by that much, we said, what if we could build something that was as good as S3 but took the one really annoying thing away out of it, which is egress fees and obviously, that 1 less than S is R and 1 less than 3 is 2. So R2, and obviously, we needed to announce that. And it was wild in terms of the amount of people who wanted to build on it. Yesterday, we announced it's now open as a public beta, and you can start building on that, and we anticipate it's going to go to GA this fall. So we're super excited about that as a core component. This other piece though is -- and again, this is how we're just going to decrease egress fees and you can directly migrate off S3. This other piece though, I think, is a game changer. In order to build modern applications, you need a modern database. And modern databases still run on SQL. And what we have now announced yesterday is what we are calling D1. We had an R2 so we thought about D2. We still have plans for D2. This is our first database, it won't be our last, but it allows you to build simple SQL databases that can scale up to whatever scale you need and build modern applications. And so if you look at that today, we've got Cloudflare Workers. We've got R2, we've got D1 that's compute, object store and database all in one platform that scales instantly and infinitely to literally WhatsApp levels of scale, you can build any application of the future the same way that a Cloudflare developer can on top of Cloudflare itself. And that's why we're super confident by the end of the year, we're going to have over 1 million developers using Workers. We have built the world's first global supercomputer, and I can't wait to see what you're going to build on top of it. We have an incredible program today. With that, I'm going to hand it over to Jen Taylor, who's a little bit hobbled, so I'll give her a second to get up here on stage. Jen runs our product team at Cloudflare, and she's going to, first of all, tell you what she did to her leg. And then -- we didn't quite rehearse the hand off as well as we could. And then she's going to walk through how we're thinking about how the Internet is changing and how we're building products in order to service it. Jen?

Thank you, Matthew. I am Jen Taylor. I'm the Chief Product Officer here at Cloudflare, and I cannot tell you how excited I am to be with you all here today. You all are truly the inspiration for the work and the innovation we do, so not even a broken foot could keep me off the stage today. I'm looking forward to spending time and talking with all of you. So the interesting thing for us from a product perspective is the fact that we live in an incredibly privileged position. Because we live on the edge of the network, we get unprecedented visibility every day by the traffic that comes across our network. We processed 35 billion requests -- 35 million requests per second and 117 billion threats per day. This visibility gives us phenomenal insight into what's happening in terms of congestion, solution adoption or security threats as they're starting to emerge. It's things like this -- these signals that allow us to be as responsive and innovative on key threats like Log4J that the Internet faced, and we were able to turn around and respond to instantaneously. Why? Because we roll these threats back into -- we roll these insights back into our products to help make our platform and our products more performing, more secure and more reliable. Now to say that the last 2 years have been a challenge for many of us would be a vast understatement. But I want to share with you sort of 4 key trends that we've observed across our network, talk with you a little bit about our network and then actually turn it over to the product leaders who are building the solutions that we deliver today to help you tackle performance, security and reliability. So the first challenge that we've all seen is not going to be any surprise to anybody here that we've all become increasingly invested and reliant on the Internet. Online health care, online shopping, online access to critical resources went from a nice to have to a need to have in a matter of seconds. And I got to be honest with you when I'm saying, it's not going back. But at the same time, the organizations on the other side of this had to find a way to respond to this nearly instantaneously. Customer demands escalated overnight. They needed the performance and the reliability from these companies they trusted. At the same time that these companies faced this crushing traffic growth. And frankly, at Cloudflare, it wasn't any different for us, right? We are now delivering 3x as much traffic as we were 2 years ago. And frankly, I'll be honest with you, this is not something that we had anticipated, actually being in a position to have to tackle for years. So how did we respond? Well, we're Cloudflare. So the first thing we did was, of course, invest in our network. We continue to invest and extend our network today. As Matthew mentioned, we're in over 200 cities -- 270 cities around the globe. That's a 35% growth in this time period. At the same time, we've more than doubled the capacity in each one across our entire network. We have also continued to focus on not only being the largest and that's more secure, but also the fastest. We're maniacally focused on making sure that we're the fastest. And today, we're extending that reach. So we are within -- 95% of the Internet connected population is within 50 milliseconds of a Cloudflare data center. Why does this matter? Because you can't fight the speed of light. If you want to deliver a highly performing and highly secure experience, you need to do it on the edge of the network, and that's exactly the strategy and the architecture we've taken. Now I'll be honest, it's not just about making sure that the network is fast, but it's making sure that the experience that we provide to developers is also fast. We live to innovate, and it's important to us that developers have that same opportunity. Now so it was absolutely heartbreaking when the team shared this stat with me. Did you know that on average, a developer spends 40% of their week wrestling, wrestling migrations and deployments and all of that headache. That's not okay. If you live to innovate, you should be building it. So we continue to focus end-to-end, as Matthew talked about, on improving the tooling experience, providing reliable, fast, easy-to-use compute and storage and streamlining app so that we can ensure that Workers is the fastest way for you and your teams to go from idea to application. Now the next trend, I think all of us have seen and are living with and continue to live with, and that really is the changing landscape around security. It's not getting any easier folks. Just this last quarter, the first quarter of 2022, we observed the 167% increase in application layer DDoS attacks. That's phenomenal. That's huge. But here's the thing. It's not just DDoS. We also see the landscape shifting. Today, we've seen an increased growth in API-driven traffic on our platform. That's because we're all building modern applications that are API first and integrating service to service, incredibly powerful and incredibly scalable. But -- so today, we're at -- like 55% of our network is actually API-driven traffic. Our analysis and our observation also hints that, that traffic is 20% more likely to be malicious. But when I talk to customers, many of them lack the resources to actually map and protect their APIs. At the same time, on the client side, we observed that the average application is built using over 100 JavaScript dependencies from third-party vendors, leading open those applications to the injection of malicious code. Again, very hard to get that visibility. So what do we do? We do what we always do, we innovate. Patrick is going to talk in more detail about this. But we're focused on providing solutions that enable us to map and protect your APIs, your software tool chain and your network. Now the final trend that I'll touch on before I talk more deeply about the work that we've done on the network over the course of the past year is really around collaboration. I think many of us now often find ourselves sitting on the receiving end of a square box in collaboration with other chiclets on the screen. The Internet has become the fundamental fabric for collaboration. The way we work has changed. And with it, though, the old solution of protecting the perimeter to provide security to you and your organization has crumbled. Why? Well, because we're living at SaaS-based applications. We can't put a VPN around that, right? I'm working from anywhere. I'm working from my hotel room. I'm working from this conference. I'm working from an airplane. I'm working for my bedroom, very difficult for an enterprise IT team to secure each one of those locations. And then finally, we're all working from different devices, whether it's your personal phone, your tablet or your computer. And with that, it's very difficult for the IT team again to kind of put that perimeter around it. So what do we do? We innovated, as Matthew indicated, our team delivered in 2 years a robust and integrated Zero Trust security solution that took other leading market providers close to a decade to deliver. And then we didn't stop there, right? We continue to fold in our threat intelligence. We continue to think about ways in which the market is pushing us to redefine and extend the umbrella of Zero Trust to other critical infrastructure like e-mail. Now I want to touch a little bit now on sort of the investments we've been making in our network and sort of kind of touch up a little bit about what they mean to you and the offerings that you all bring to market. So I'm going to talk a little bit about the power of the Cloudflare network. Now one of the things that Matthew talked about was the fact that we're focused on being the fastest period. We're constantly measuring ourselves from point A to point B, from eyeball to origin and looking and measuring and optimizing each one of those places. Turns out, though, as we look across the Internet, one, there are problems in places you wouldn't expect it. And two, it's not always technology that is critical to receive -- to solving those issues. A great example are the challenges that we saw in Sri Lanka. Our network team was analyzing the work that was being done in Sri Lanka. We identified that our network was fourth relative to everybody else in the market. That is completely unacceptable. Why focus on Sri Lanka? Well, if you're going to be within 95 -- within 50 milliseconds of 95% of connected in a population, you need to think globally for those of us who work and deal with teams in Sri Lanka. They may have manufacturing there or may have family, having those teams be able to connect to the broader community was critical. So our team did a thorough analysis. And when we actually started looking at it, the issue was not so much the technology. It was actually an issue with one of our providers. Our providers had chosen rather than routing the traffic in Sri Lanka to Colombo, which for those of you who are not familiar with it's the capital of Sri Lanka, instead of routing it to Columbo, they were routing it to New York. So no wonder there was a great deal of latency. So we spent some time with the provider. We worked with them on their routing. They started routing it through Columba. We saw a 3x performance gain. And we were able to sort of keep the Internet up and scaled as the fastest solution in Sri Lanka as that market too started to face increasing political challenge and unrest. So it's been a privilege to not only solve the challenges of latency in Sri Lanka, but to be a key part of that infrastructure as well. So the interesting thing for us is if we step back and think about it, we talk a lot about the growth of the Internet. We talk a lot about the power of growing our cities, and we continue to focus on ways in which we can improve the performance of the overall solutions we built. As the team was sitting down, they started scratching their head [indiscernible] at some point like you have to go deeper than a city. You have to start looking at the ways in which people are leveraging the Internet in new and novel ways to integrate and leverage the Internet as a critical part of their infrastructure. And so as we extended our offerings to provide network acceleration and security with our Magic portfolio, we recognized that customers needed ways to connect their network to our network and so we launched Cloudflare Network Interconnect to provide that direct connectivity and speed and to enable customers to build that virtual private network on top of our network. At the same time, we started looking at how and where people were working and realizing the data centers in many cases were too far for critical populations. We've actually started an initiative called Cloudflare for Offices, where we're partnering with offices around the globe to put hardware and infrastructure in those offices to help build and scale and create highly performing and secure environment. Okay. So Matthew talked a little bit about this, that it's important to think about the network from a performance perspective, but a key decision that we made early on and that we continue to focus on is our architecture. Why? Because when I sit down and I talk to all of you, I hear I want performance, but not at the expense of security. I want security, but not at the expense of performance. Okay. So -- well, it turns out, you don't have to make those trade-offs. As Matthew would say to me, that's a false dichotomy, right? We've built our network from the bottom up to provide unprecedented capacity that we can dynamically use to shift, to accelerate traffic or mitigate threats. This is what enables us to be the fastest and most performing network and at the same time, the most secure and reliable solution for security. Now the thing that is also, I think critical for us is looking not just at the ability to provide a fast network and a secure network, but also to make sure that we're making that network available to our team to deliver mission-critical solutions to you and to make it possible for your team to receive and work with mission-critical solutions. And so our strategy here has been to build a serverless application development framework. We call it Workers. It is the platform we use to build and innovate and deliver all of the capabilities we deliver to you. We're in the middle of platform week. Aly will get up shortly and talk more about some of the enhancements we're making here. But it's exciting to us to be able to provide this highly secure, reliable, scalable, easy-to-use platform for all of our developers. Now it's important also that as we continue to grow and scale and build on top of this platform that we focus on providing capabilities that enable you to run and leverage your business on top of this network with critical solutions. What do I mean by this? Well, we innovate and we keep innovating. One of the solutions we announced in 2017 was Argo. Argo is our smart routing technology that takes those insights from across our network and helps route around global traffic congestion. Helps make sure your data is fast as getting from point A to point B. As we've continued to grow and as customers have relied on us for deeper applications and networks, we've realized that there's an opportunity to take that same solution down the stack. And that's what we've done over the course of the past year, extending the Argo smart routing benefit to TCP driven traffic, seeing an 85% increase in performance, which has been phenomenal. And also extend it now to our IP layer for a 10% increase. That's phenomenal. If you think about the scope and the breadth of the IP space that we live in, that 10% performance increase is something that all of us feel nearly instantaneously. It's game changing. So we invest in performance. We invest in security, but we always do it with the lens of privacy. It is critical for us that we approach the way we build and deliver our products with a lens towards helping you provide the privacy and security that your end users need. We do this by working closely with different agencies to certify our solutions and comply with privacy regulation. But that's not enough, right? For us, it's critical for us that we think of ways to innovate and deliver privacy ahead of the curve. And that's exactly the work that we've done with the 1.1.1.1 resolver that Matthew highlighted in that application to deliver that in a privacy-preserving way. We've also continued to focus on and partner with a broader ecosystem to deliver new protocols and new ways of delivering and transiting information across the Internet to preserve the privacy of end users. And then, of course, in our practices, the way we run our business, we ensure that we don't actually track and violate the privacy of people as they're interacting with our solutions. And so again, it's one of those things that, for us, it's critical that the privacy is truly built in. Okay. We're fast. We're secure. We're private, but it's also critical to recognize that we are and continue to be a global citizen of this planet. And one of the challenges that I think all of us have faced as we've gone out into the world and as we all leverage these technologies in new ways, it is critical that we provide information about our impact and the impact of your use of Cloudflare on the broader population and then also continue to strive for and work both in our solutions and across the ecosystem to find ways to make our services more performant and more scalable. Last summer, during Impact Week, we announced our Environmental Impact Report, which we make available. We also provide resources directly within the Cloudflare dashboard to help customers get visibility into the impact and the challenge of they have on the globe. But then we also just frankly continue to focus on making it faster. Our team, who manages our infrastructure, is constantly looking at ways to innovate within the stack that we build to deliver both performance -- more performance at a lower impact. And that's what you see here. We've been able to find a way over the course of our history to deliver 10x as much processing power for each watt we use. If you think about that at the scale in which we operate, it's game changing for the planet. But it's not just the technology that we bake into our servers, it's also the technology that we make available to all of you, and this is a great example. So all of us live and die by web callers. Matthew showed for us earlier, Google, right? We all live for Google, right? Many of us rely on Google coming to our website, crawling our website and then listing us in the search results as a way of driving our business. Now the problem is, historically, there's no way to signal to a web crawler that you're ready to be crawled. So typically, it's been that a web crawler would just come on a regular basis and crawl your site regardless of whether or not it needed to be crawled, which meant that there was a huge amount of extreme energy and time wasted crawling things that didn't need to be crawled. At the same time, if you needed a change, there was no way of signaling to a search engine, "Hey, over here, I need a fresh crawl." So we actually partnered with several of the search engine manufacturers and with browser manufacturers on a standard called IndexNow. And the focus here is the ability to provide a seamless interaction with the browser -- with the search engine, so they know to come and actually crawl your site. We launched this, we call it Crawler Hints, and we're seeing a 10x increase efficiency in the crawling that occurs across the globe. What is the impact of that? Well, if you step back and think about it, our calculations indicate that this is the same as about 26 tons of carbon energy saved, which for those of you who are doing your carbon calculator is about the same as taking 5.5 million cars off the road. So if you think about this behavior at scale on a network like Cloudflare's, it's really impactful and game changing. And then, of course, as our COO and Co-Founder, Michelle likes to say, "we are just getting started". We continue to innovate and push the boundaries across the landscape at the work that we're doing. Another example here that we're working on is Early Hints. We announced this last fall. It's the ability to indicate to browsers what they should load and how they should load it dynamically and vastly improving performance by about 30% on load time. We also continue to work on and extend the reach of our cache solutions through cache reserve, which is built on top of our R2 platform, which we announced yesterday, which enables people not only to reduce their egress fees by just moving and cache-in things on the edge of our network, but to be able to leverage those assets more dynamically within the context of their application. And of course, we continue to invest in platforms like DNS, which are critical to the speed and the resolution of delivery of websites, launching into market this year, our foundation DNS service, which is our enterprise-grade, highly performant, scalable and secure DNS solution. Again, just a brief snapshot of some of the things that we've been working on, and we are working on going forward. I'd like now to pass it over to Aly Cabral, our VP of Platform, to talk with you about all the amazing work we're doing today. Thank you.

Thank you, Jen. Hi, folks. All right. So today, I'm here to talk to you about our developer platform. Now we heard Jen talk about earlier today, developer efficiency. And how painful it is that 40% of developer time is spent wrestling, not on developing differentiation for their applications. Now sometimes people think that efficiency means moving quickly. But of course, one does not equal the other. Sometimes when we move quickly, we actually end up creating more downstream work for ourselves and thus actually move less efficiently. When we build developer tools at Cloudflare, we aim to make developers both quick and efficient. When I talk about developer efficiency, I mean we're building a platform that removes cumbersome processes, a platform that does the right thing automatically, a platform that takes unnecessary human decisions and makes them system decisions. Developers need a platform they can grow -- that can grow with them, not something they have to graduate out of at a later date. They need opinionated, developer-first abstractions, like pages that make it easier to build better application. And they need to be able to run anywhere, whether testing locally or deploying to our global network. How patient are you? How long are you willing to wait for a web page to load? Or if you're a developer, a build to compile? In my humble opinion, expectations on speed have never been higher. We live in a world where if a package delivery takes more than a couple of days, well, we get frustrated. At the same time, every company is becoming a software company, and feels this immense pressure to keep up with the pace of innovation. If you can't keep up your development pace, well, you're worried that you'll lose your competitive edge, even these long-tenured incumbents. And it's not enough to just have feature parity. If your web page doesn't load fast enough, well, you're punished in search ratings. So speed on both of these vectors and products that serve end users and products that serve developers live and die by minimizing these wait times. Now what's driving this impatience? So there is a controversial study that you probably heard about that says, we now have shorter attention spans than goldfish. But this isn't just about attention spans, we've come to expect instantaneous as the standard. Developers have a very hard job. It's our goal to remove those obstacles and let them focus on their application. Now we think it's technology's job to just to get out of the way and let developers focus on what matters most, the meat of their application, not the surrounding pieces. Obstacles lead to inefficiencies. And it's funny how in developer tech, our main job is to go unnoticed, to just work, to not take up developer time and energy. So how do we get out of the way? We're building a platform that is flexible, reliable, fast, global, scalable and secure by default. It's not enough that these things are possible to configure, they must be the opinionated default experience to just work, to just get out of the way. And we're doing this across several vectors, right? We're building more and more building blocks for developers. Now 5 years ago, we launched our Cloudflare developer platform with the launch of Workers. When you deploy a Worker, you deploy into the 275 data centers across the globe automatically. Developers don't need to configure anything. When you use Workers KV, our key value store, we on-demand hot -- we globally cache on-demand hot data as it's accessed without developers needing to even think about it. Now this slide is perpetually scaled because of the pace of our innovation. Just this week, we added D1, just yesterday. We also have R2 in open beta, just to update this here. We just today introduced Magic NAT, our Managed NAT offering. We have Pub/Sub, based on MQTT, just launched today, and we have our Workers Analytics Engine. So even more building blocks becoming more and more comprehensive so you can do more on top of Cloudflare over time. You can deploy a JAMstack website on top of Cloudflare pages, deploy your APIs on top of Workers. You can store your objects on R2 and you can optimize your images with Cloudflare Images, just to name a few. And this mantra of saving developer time has like carried us through, through each of these building blocks. Let's talk about Pages for a moment. Pages just saved developers 377 days' of waiting on build time. Now we did this by optimizing the way we create, build environments or initiate build environments. We've also improved the developer experience by streaming build logs as the builds are occurring. And we've allowed developers to granularly automate, which branches to automatically build on top of when deployments or modifications are made. And that kind of developer efficiency just leads to faster pace of innovation for our customers. Now let's talk about ingrained flexibility. We talked about how R2 yesterday went into open beta. R2 gives developers the ultimate flexibility. By freeing up their data, not having to pay the egregious egress tax just to get value out of your data and use the best tool for the job. You're not locked into an ecosystem. We believe a better Internet is a more interoperatible one. So R2 provides that flexibility by, default. Another version of flexibility with R2 it's having that S3 compatibility. So the things you've built around S3 just work on the API side. And then Zaraz, a recent acquisition of ours, combines many of these pillars, offering a secure and performant way to work with third-party plug-ins. And we're really excited, we talked about this earlier this week, to talk about managed component and open sourcing Zaraz in a way that just helps push the standard for a better Internet more holistically. And we're really excited to see where this goes. Now these aren't just words on paper. This is really resonating with developers. As Matthew mentioned, we have over 450,000 developers building on top of us, and over 130,000 Pages projects alone. And we're really, really excited to see where this goes and what you all build on top of us. Now if you haven't already, I invite all of you to join our growing community. And with that, I'm actually going to invite Matt on stage, the Co-founder and Head of Technology at Happy Cog. Happy Cog is a digital agency that builds mobile and web experiences for some of the top companies in the world. And I'll let him talk about Workers in action.

Thanks so much, Aly. So as Aly mentioned, I am Matt Weinberg. I am the Co-Founder and President of Technology at Happy Cog. At Happy Cog, we build complex solutions for companies you've heard of, and honestly, a lot of companies that you will hear of in the next couple of years as well. I see a couple of our clients here on the screen. We've designed websites for them. We've built websites, native applications, custom e-commerce systems, mobile commerce, publishing systems, B2B SaaS. You name it, we've probably built it. And what you'll notice is that our clients, including many of the people whose logos are up there, they range from Fortune 100s to small startups, B2B and anything in between. But they all have a lot of similar requirements, which are they want something secure, they want something fast, they want something reliable, they want to integrate with all of their other systems. Oh, and by the way, they need us to build it very, very quickly, and they needed us to be very creative when building it. So because of this and because our customers have so many requirements like this, we really started relying heavily on the entire Cloudflare ecosystem, including Workers. And we tend to use Workers on a lot of our projects these days. Why? Why do we use Workers? Well, really, there's 4 kind of main buckets that we feel like Workers are adding to our projects and helping us and helping us launch for our clients. First of all, site speed. You heard Aly, you heard Jen, you heard Matthew, all talk about how important speed is to the Cloudflare community and the Cloudflare product. Our clients care about speed a lot. Why do they care about speed? First of all, it helps conversion rates. We know from our own experience, and I'm sure all of you know from your experiences in industry studies, that the faster a site is, the higher its conversion rates are. So whether our clients are selling food, selling a product, trying to get people to download a white paper, lead generation, anything like that, the faster people can load the site, fill out that form or take the activity, the more people are going to do it. We also know that speed is really important for search engines. We heard Jen just talk about Crawler Hints, which are very important. But we know that all of the major search engines give big boosts to sites that are faster, and that's related to the conversion rates as well. But our clients, often the first thing they say to us is, we want something super complex and needs to load instantly and it needs to be really, really fast for our customers. We say, okay, we'll do it. We'll figure it out. But speed isn't only about the site speed, it's also about developer speed, because our clients want to move quickly, and we want to move quickly. So why do we rely on Workers? Well, first of all, we think about what does a developer need to move quick, to move fast? One thing they need is to be familiar with the environment. Workers supports JavaScript. Almost every developer we hire and almost every requirement our clients have, have some relation to JavaScript and almost all of our developers know JavaScript very, very well. So being able to build on JavaScript and use JavaScript for Workers has just been a huge efficiency gain for us. We also know that developers are better when they can move quickly in terms of iteration and deployment and testing. So with Workers, we know that we can write some code, run a couple of CLI commands and get it up and live and launched within a minute, 2 minutes. We don't have to wait for an hour's long build or anything like that. A lot of you saw the announcement earlier this week where Wrangler, which is the Cloudflare Workers CLI tool, was upgraded to version 2 and announced in all kinds of additional features, and that helps a lot as well. The other thing that helps developers move fast is onboarding. So the worst thing is when you have somebody else coming on to a project and it takes them weeks and weeks and weeks to figure out what is going on with this project and how they can start contributing. With Workers, we don't really have that issue. Install Wrangler, look at some JavaScript, hit deploy, you're ready to go. And you can even test your own code very quickly with the different environments and different branches and all of that. So those are speed. Why else do we use Workers a lot? One thing we try to avoid is server configuration rabbit holes, which I'm sure many of you have experienced before. We used to do projects where we would have to spend weeks and weeks setting up load balancing, security groups, network rules, Blue-Green deployments, shared storage, persistence, the database layer, the cache-in layer. And that was taking us away from building features and launching [ V2 ] and doing experimentation and actually driving value for our clients. So being able to rely on Workers, where we know that a lot of the logic and a lot of that kind of back end is just taken care of, has been a huge weight off of our shoulders and let us concentrate on delivering value to our clients. And finally, a big reason we use Workers is because of the integrations with the rest of the Cloudflare stack. A lot of our clients are very interested, as I said, in security and already used the Cloudflare web application firewall, or maybe they already use the CDN. A lot of the other kind of function systems out there, there are Function-as-a-Service systems out there, add a whole new system, add a whole lot of latency, another system we need to integrate with another system we need to work with. That's not the case with Workers. If our clients already using Cloudflare CDN, Cloudflare firewall or a Zero Trust or any of the other products, being able to just throw Workers on there let's just add a whole bunch of our application logic to the edge without having to add any additional systems, latency, servers, integrations, APIs, vendor procurement, costs, or you name it. So it's really convenient in that way. Let's talk about 2 times when this has really helped, that hopefully you all have actually even seen. So one of our clients is ProPublica. ProPublica is a really great news organization. They're investigative journalists. They're fantastic. They put out a lot of heavy hitting pieces. One of the things about a popular news organization is that sometimes your stories will go viral, but you don't -- you can't predict that and you don't know in advance. And so you have your kind of normal amount of traffic and then a huge burst. They obviously don't want their site to go down, but they used to have to over-provision a ton of front-end capacity to make sure they were always ready for the spikes as soon as they happened. We ended up building a Workers-based cache-in system for them, where we completely removed all of the traffic, going to their origin servers, cache completely on the Cloudflare edge and use Workers to refresh the cache with a queue system. What did that mean for ProPublica? It meant that they can just keep a low level of front-end servers running, never worry about cache [indiscernible], never worry about traffic spikes and most importantly, never worry about downtime. Once we -- we call it the Baconator actually because it makes their site sizzle. We're not naming experts necessarily. What does that mean for ProPublica? It meant that as soon as we launch this Workers-based system, they had a 40% reduction in their cloud server origin costs. That's huge. Every dollar saved there is another dollar they can pay a journalist to write more stories. So that was massive for them, and that has not increased since. The costs have not increased since. But even more importantly had been the reduction in time to first byte. Now that we're running so much of their logic and cache-in so much of their content right at the edge, pretty much all of their visitors can get content right away within that 50 milliseconds that Jen talked about before. So we've seen a 50% reduction in time to first byte, which is great for users and also great for their SEO. And then many of you are here in New York with us today, maybe you've ever eaten at the restaurant Dig Inn, or Dig as it's known now. Dig is a fast casual chain with a ton of locations in New York, Boston, Philadelphia and elsewhere. The thing about restaurants is that they have very peaky-type periods. A lot of people order from Dig Inn from 10 to 12 for lunch, and a lot of people order from 4 to 6 for dinner, and it can be a little quiet during those times. So it's really important for them to be up 100% of the time during their peak, and it's really important for them to not go down -- or not spend too much money at other times. We moved Dig's online ordering system completely to Workers through their online app, their mobile apps and all of that. Ever since then, we've had 0% downtime, zero. The site has never gone down, knock on wood, during a peak period or even an off-peak period. Most importantly for them, we've saved hundreds and hundreds of hours not having to deal with servers, auto scaling, load balancing, anything like that, and they've been able to stay up the whole time. So they're really thankful for Cloudflare as are we and as are the rest of our clients. And with that, I'll hand it over to Patrick to talk about security.

Terrific. Thank you, Matt. That was great. Big fan of the name, Baconator, by the way. Good morning, everyone. My name is Patrick Donahue. I'm Cloudflare's Vice President of Product for Application Security. I'm excited to talk to you today about the evolving threat landscape, as we see it from our unique vantage point on the Internet. The data I'm about to share with you today is based on the 35 million HTTP requests per second that pass through our network, peaking at 45 million as Jen mentioned, the more than 16 million DNS queries a second across our infrastructure, including Matthew's flight here. And the millions of applications that we protect, large and small, that come under attack every day. So I'm going to focus on 4 major themes that we're seeing and how we're responding to them on the product side from an innovation perspective. The first, DDoS attacks are moving from the network to the application layer, where they're both more expensive to attack, to launch, but also to defend. The second, automated traffic, which includes API traffic and bots, is continuing to grow unabated. And third, the third parties that you're increasingly relying on loading scripts, taking dependencies on elsewhere, are increasingly implicated in breaches. And fourth, the bar has been raised on threat intelligence. It needs to be more actionable. Companies are inundated with data that they don't have the people or processes to utilize. I like to think about our infrastructure security products as a funnel. We progressively filter out the noise and deliver to your origin only the requests that you want to see. This keeps your cost down and it keeps your performance up. Over the past quarter, we've observed the shift in what's entering the top of that funnel. As I mentioned, network attacks are still rampant. These are measured in bits per second or packets per second. But what's entering there from an HTTP perspective, like this 15.3 million request per second attack, this is unprecedented. This is happening for several reasons, and I'll share a couple of them. First off, ISPs are stepping up their enforcement of IP address spoofing, making it harder to launch the volumetric attacks that you're familiar with the yesteryear. So attackers are shifting their tactics. They're moving to launching application layer attacks. And the botnets that our threat research team are tracking are finding more powerful devices. It used to be the DVRs or the cameras in your home, now it's servers and data centers or home networking equipment, like routers. So what are we doing to protect you against these sort of floods? First, as Jen mentioned, we're aggressively expanding our network, right? There's a saying in sports that you can't teach size, and that applies to networks as well. The bigger our network is, the better it is at absorbing attacks, and we're going to continue to grow that network to protect your network. Also, we're using data to make our intelligence more intelligent and uniquely tailored to your infrastructure. This quarter, we're going to be launching geographic-based profiling for traffic to your site. If you're a business operating in New York and you're receiving most of your traffic from nearby counterparties, you probably don't want a spike of 10x traffic from Eastern Europe. And we're going to give you that control and do it automatically for you. Our goal is that you never think about DDoS, and we want to give you feedback loops to report stuff to us. Okay, so after DDoS, what is the next thing we'd like to filter out? That's unwanted automated traffic, bots and APIs. This doesn't rise to the level of DDoS, but can affect your applications because of maybe calling expensive endpoints, right, calling database dynamically, taking over accounts, exposing sensitive data. As Jen mentioned, API traffic is now 55% of all requests we see. That's 19 million requests per second and 20% more likely to be malicious. Protocol-wise, we're seeing a rise in GRPC and GraphQL, but not really what we're hearing when we speak to folks. It's hard to get a lot of adoption here, but we expect that trend to increase in the future. The other thing we're hearing is people don't know where their APIs are, right? We've got all these great tools to build things efficiently and launch them, but security teams are wondering, are these protected? Are they unfettered access? How do we actually identify and control those? On the bot side, it's almost 40% of requests that we're seeing now, price scraping, inventory hoarding, credential stuffing, traffic to log and endpoints is 71% higher from bots than it is from humans. So what are we doing in response to this automated traffic? We launched a new machine learning model, the sixth generation for bots this year, incredible performance so far. We're working to eliminate [ CAPTCHAs ]. You might have saw a blog post from us, expect some more news here. Nobody likes CAPTCHAs, we're getting rid of them. But our main focus is helping secure and manage your APIs. In March of last year, we announced something called API Shield, which is focused on security for APIs, advanced rate limiting, volumetric anomaly detection, schema validation, account takeover protection. This year, we're going to double down on security, but we're also going to add more management and monitoring that you'd expect out of a full-featured API gateway, things like API discovery, routing, monitoring of key metrics, response times, error rates. And we'll be helping you shift that logic to Workers and eliminate those back-end APIs altogether. Most of the customers I speak with are unhappy about what they're paying for their gateways. They're using maybe 20% of the functionality and getting a big bill every month. We're going to change that. So what about the third parties that everyone here relies on? You probably heard of SolarWinds, Codecov, Log4J, all things that you didn't want to get an e-mail on, but you did. Our team deployed emergency WAF rules to get in front of these attacks, by you the time you need to patch, and please patch if you haven't. But these headlines are the ones that make the news. The ones that are a bit scarier are more subtle JavaScript-based attacks. So we launched something called Page Shield last year, have 25,000 customers using it already, 27% of them are adding a new third-party external dependency every month, right? A lot of surface area, a lot of turnover. And the average side is pulling in about 11 unique scripts from external hosts on a regular basis. A lot of surface area to cover. So what's our plan to help you manage this? First, we're going to expand the threat coverage. We're going to focus on data exfiltration, but we're moving to malware, crypto mining and building a full-fledged client-side web application firewall. We're also shifting left. It's great to identify things when -- once they've launched, it's even better to do so in the development life cycle. We want to bring that security to that process. Lastly, we're going to tighten feedback loops with browser isolation. So on the Zero Trust side, browser isolation protects your employees, Page Shield protects your users, and they both neutralize malicious JavaScript, and we want to make them learn from each other, 1 plus 1 equals 3 as we like to say. Finally, threat intelligence. So you're probably inundated with data, but I want to give you 2 more data points to leave you with. The first is that CISA, which is a part of Department of Homeland Security, recently shared a stat that over 90% of successful cyber attacks begin with a phishing e-mail, 90%. And Business E-mail Compromise or BECs actually cost companies over $43 billion in the 5 years ending in 2021. Just a massive number. 66x more loss than ransomware. Everyone thinks about the hackers and hoodies dropping Chrome zero-days, but the real risk that people aren't talking about is e-mail, which is why we acquired Area 1. We've got a lot of the team here today. It's the #1 cloud application, but until last month, it was missing from our story. Area 1 is a company we've long admired work. We've been a customer ourselves. Matthew likes to tell a story of how he reached out to our CISO and said, "Hey, there's something broken with e-mail. And Joe said, "No, we deployed a new technology." Everyone is set out to build the threat intelligence company, but realized they needed to be actionable. And this is a trend that we're seeing. And that's exactly what they've done. And so this year, we're going to be integrating more seamlessly with our Zero Trust products. You get an e-mail, we should be opening that in browser isolation, protecting you from a full life cycle. We're also going to be opening up data for the first time to your threat hunting and your security teams. We use this data to train our machine learning models, but we want to expose it to you in a privacy-preserving way so that you can hunt threats across your network. We're also going to use it to make our other products better, Gateway, Magic Firewall, et cetera, all the great data and methodologies that Area 1 brings to us. Here we go. And so with that, I'd like to hand over to Alok Kumar, NCR's Chief Information Security Officer, who's going to share some details about how they're using our application security products. Alok, take it away.

Thank you. Thank you, Patrick. So good morning, everyone. As you can see, I'm Alok Kumar. I'm the CISO for NCR Retail and Payments division. If you don't know NCR, real quick, NCR is a 135-year-old company. We build software, hardware and service for our financial, retail and restaurant business. So -- and we are like in 190 countries, a global company. So 2 use cases I want to bring up where we had issues where Cloudflare came to us and help us and resolved the customer satisfaction and SLA and the bandwidth requirement that we had. So first one is credential stuffing attack, right? So what we were seeing is the bad actors, they get millions of bad login, password. They come and hit the site up to a point just to guess and make sure they can get in. But what was happening is the site was going down and our customers started complaining what's going on. So we reached out to Cloudflare. And we did a POC, and brought behind Cloudflare. With a certain few changes, we were able to bring down 80% of the traffic, credential stuffing traffic, which was amazing. We did more massaging off the rules configuration. We got the rate limiting stuff adjusted up to a point that we were 90% effective. So customer were really happy. We moved almost 500, 600 customer URLs behind Cloudflare, which was a big, big thing. Major satisfaction for the customer and for NCR, part of the availability of the site, SLA increased. The bandwidth requirement went down because we were trying to bring up more servers, more firewalls into making sure we can handle the traffic and we didn't have to do all that stuff, right? The second one, which is really critical. So something called credit card tumbling attack, right? So if you know that hacker steels credit card number, but they don't have the CVV code, right, because it's not saved anywhere. And they go to a site and start to hit credit card and try to guess CVV code. And if they guess it, they can sell it in the black market, right? So we were getting hit on those codes and suddenly this -- it went up. What caught us was, if you don't -- if you're aware, Mastercard has a rule if you send a 20 card, same card, 20 times and above, and it fails, they start charging us penalty. So we started getting bill of $100,000, $200,000, and we're seeing where is this bill coming from? And then we realized that those are failed attempts, say, same card failed attempts and we start getting the bill. So again, we worked with Cloudflare and we worked with the Workers property. We have to work with the application team to make little bit changes, to bring stuff in the header, where we were -- Workers was able to figure out, which hash matches, and if it's more than 18 or 19, we just stop it, delete it, right, kind of thing. And certainly, the whole $100,000, $200,000 payments we were giving to Mastercard stopped, right? So that was a big, big saving for us. Again, security wise, that was a big, big saving for us, and the customer was really happy because we host customer site. So Bill was actually coming to us through the customer and customer saying, it's your fault, you pay for it kind of thing. So we had that discussion. Certainly, everything went away, right? So we put most of our site behind Cloudflare. And just futuristic looking, we are also looking at API security. We have many sites that goes through API. We are seeing some issues, and we're working with Cloudflare, Workers rule to figure out how to secure that. So those were the 2 use cases I had, I wanted to bring out, and Cloudflare team helped us a lot. Thank you very much for their support. So with that, I'm going to hand it over to Patrick -- sorry, Sam. Sam, right?

Thank you. All right. Good morning. My name is Sam, and I'm going to talk about Zero Trust security. And Zero Trust security at Cloudflare is something that builds on everything you've heard about today, that global supercomputer, to solve the challenge that exists inside of every organization. How do I keep my users, my devices and my data safe and fast? Because a few years ago, a lot of our customers started to come to us with a really persistent problem. They said, "Hey, I have all these users in these remote offices, these branch offices and I'm backhauling all this traffic to those Band-Aid boxes you saw earlier for outbound filtering or internal access control, and it's miserable. It's getting more expensive, it's harder to manage and it's slowing everyone down. "Hey, Cloudflare, you already made my website and my Internet properties faster and safer. Can you do the same thing for my organization?" And that's exactly what our Zero Trust platform does. It takes that superpower and Cloudflare's network to connect everything in your organization, accelerate those connections and secure those connections, all while making it easier to manage. And that's what's so fun about the Zero Trust products at Cloudflare because when they work well and when you deploy them in your organization, what you're really doing is improving the end user experience for everyone in your team. And over 10,000 organizations now trust Cloudflare's network as the way their internal employees and users and contractors connect to the internal resources that power their business. And over 5,000 teams around the world rely on us as they secure on-ramp for their organization to go use the rest of the Internet. And we know it's a journey. Zero Trust is something that doesn't happen necessarily overnight, but we want to make that as easy as possible. And many customers start that journey by replacing their VPN and replacing how users and employees and contractors connect to the applications that power their business. And they do this to eliminate lateral movement to simplify management and improve end user experience. But what it really looks like is that for your end users, all of their internal tools, the things they need to do their jobs, now feel blazing fast. And for your IT and security administrators, they have comprehensive granular control and logging over everything that's happening in their organization. And we do this by integrating with the security tools that you already use. So if you've deployed CrowdStrike or Tanium or any other endpoint protection provider, fantastic. With just a few clicks, you can build rules that say, only those users when they're using CrowdStrike-healthy devices are able to reach these applications. Or maybe you use Azure AD as your identity provider and you just required a team that uses Okta, not a problem. Cloudflare's Zero Trust network can help federate and standardize identity from multiple sources so that you can build consistent security policies. All right. What about the rest of the Internet? How do we use Cloudflare's network to apply a Zero Trust skepticism to everything else that's lurking out there on the rest of the Internet. That's where our comprehensive Secure Web Gateway comes in. It starts with DNS filtering that runs on the world's fastest DNS resolver, includes network firewall, browser isolation, which we'll talk a little bit more about, all the way up to a comprehensive Secure Web Gateway, to keep your organization safe, while they use the Internet. Let us worry about protecting your team from attacks on the Internet. And we know sometimes protecting from attacks on the Internet isn't as simple as just blocking something out right. Maybe you have a user who wants to click or needs to click on a potentially suspicious link, but you want to keep that isolated. You want to make sure they can't input text, you want to make sure that threats can't leap out of the browser and attack the organization. Or maybe in the other direction, you have contractors or partners, who are connecting to your internal resources or the SaaS applications that you use, and you want to make sure that files can't get downloaded or things can't be printed or even let's put a watermark on the page just in case. Cloudflare's isolated browsing technology does exactly that. It runs in all the data centers in our network around the world to deliver comprehensive data and security control to any device, any browser seamlessly there at the edge of our network. All right. Talked a little bit about the problems that Cloudflare's Zero Trust solution solves, the outcomes for our customers. But I'm going to hand it over to Blake, who's going to talk about the Zero Trust journey over at OneTrust. I'm going to go from 0 to 1 here.

Awesome. Thanks, Sam. All right, I know it's a time in the keynote when everyone's energy is a little low. So I'll try to keep it pretty exciting here. OneTrust is not the next version of Zero Trust, I'll start out with saying that, but I'll explain more about it. So to start out the story, I wanted to set the context by actually telling you a bit about who we are, what we do and our journey that we've been on, so you understand why it's so critical for the vendors that we select to kind of be part of our company and partner with us on that journey. So OneTrust, as a company, first off, what do we do? We live in an era now where the most competitive advantage that any organization has is their trust. Do you trust, as a customer, what they're doing with your data, your personal data, not just are they reliable in building a great product. Your employees are asking things like -- do I trust that my employer is operating ethically with high integrity, right? And society is asking questions like some of what Jen just said, like, is the company not just doing good for business bottom line, but actually good for people and the planet, right, as part of that. So what that means is we, as a company, help organizations manage their privacy programs and improve how they're governing their use of data and reducing any harm that could call them from the misuse of that data. We help companies manage all of their risk, their business risk, their enterprise risk, their operational risk, their vendor and supply chain risk. Really sensitive information, as you can imagine. And we even do things like help you manage your carbon so you can work to reduce that over time. So as you can imagine, there is a high, high bar from our customers on us as an organization to have a very resilient aspect of privacy, data protection and security and reliability with all the products that we build. And that is reflected on the vendors we select. The second kind of point I want to tell a little bit about our story is, we are a relatively new company. We're actually not even 6 years old yet. And in that 6-year period, we've gone from 0 to 12,000 customers -- 0 employees or 1 employee to 3,000 globally in 14 different offices around the world and obviously people everywhere. So the environment and the pace of innovation and the -- just all of that, like was so critical to the way we thought about who are the partners we're going to work with, what kind of tools are we going to be using. We did not have time to sort of rip something out and do it again, right? We had to go and we had to focus. So what has our journey been like with Zero Trust? We actually have gone down 2 tracks, one from the application development side. Obviously, our customers using our products and services, they expect a lot out of how are we securing and protecting that and keeping it up and running. We're in the middle of things like real-time bidding processes on hundreds of millions of websites around the world. It has to work, it has to be fast, 50 milliseconds matters. So we started our journey with basic things, like let's put the WAF in place. And that kind of progressed and matured into -- well, that's working really well. How do we push more of our content to the edge to actually improve the performance, which turned into more of what are we doing with TLS and certificates and managing the security aspects on that? And that turned into how do we actually take some of this compute we're doing in Azure that's really expensive and slow and push it to the edge? And now we use Workers in many of our products and applications. So a core part of my app dev stack and CI/CD process is actually leveraging the Cloudflare network beyond just the networking aspects. Now equally, we have a lot of teams. And because of that scale and pace, we are onboarding, we are offboarding, we are changing roles in groups, and we're spinning up services, and we've done 6 acquisitions, right? So it is a lot of stuff happening. So really key on how do we protect access to those services and customers' personal sensitive data. How do we secure the endpoints? How do we secure our teams that are kind of coming in new, and we're changing things very quickly? We had to have software and a partner that could solve these things, where it became just the fabric of what we were doing. It wasn't this additional thing that we had to do. So we started on a similar journey of, how do we get access to on the Zero Trust from the workforce side to protect against access to services? So we started using the access product. Then we looked at, well, how do we extend that to Gateway? And start to look at traffic going outbound. So expanded that. And now we're in the middle of rolling out more things like, how does e-mail and browser isolation tie into that to protect the access to all the services? And the guiding light, I would say, on our journey has been, first off, very positive. I think, just like Matthew was saying with the blip of the traffic and things like that. In the early days, I would contact my account team at Cloudflare and say, "Hey, Disney+ is about to go live like, are you going to have capacity? Zoom is about to change this, these things?" And now I just -- I don't even tell them anymore because it just works, it just scales, and we've never had to deal with it. When we rolled out Access internally and got rid of any VPN or any kind of change to how the single sign on an MFA tied into all these developer services and QA environments and things, we did zero training. We just flipped the switch and it just worked. So the seamless of that experience was really, really key. And as we think about some of the key things that we've done to protect against things, I would say we, like many of you, have to think about programs, we started with something and we just expanded from it. And now we have every single service behind Cloudflare. So as our teams build new things, we don't have to worry about something like Log4J, right? We're able to see we have a wide net that's cast around that. As we think about the experience that we've been able to give our users, we started with just how do we get rid of the VPN-type access and not worry about that anymore as an organization. And now that's tying into more things like how do we extend that with conditional access, take the data from the endpoints and the security of our endpoint protection tooling and tie that into how we can actually improve the experience for the end user as part of conditional access policies. And then as I mentioned, we all get links, we all get phishing attacks, we all get third-party JavaScript that we have running on different things. How do we protect ourselves as an organization around that, knowing that everyone is working from home, working from different offices? We're extending that out as part of our browser isolation work. So that's just a quick snapshot into our journey and the experience that we've had, kind of growing a very fast company in the past few years and how it's really enabled us to, at the end of the day, provide a much more reliable, better and secure product to our customers. So Sam, I'll turn it back over to you.

Thanks. All right. Thank you. I'm going to wrap up real quick with a quick preview of what you can expect next in Cloudflare Zero Trust. The first is that we know more and more of the most important data in your organization isn't living in your organization, it's living in a SaaS application that you use. And that poses 2 really distinct challenges: One is that data is in motion, it's being uploaded and downloaded to places that maybe shouldn't go, or employees are using applications that aren't approved shadow IT; Second challenge is even when it's not in motion, when that data is at rest, it's still a potential risk. People accidentally make a file that's in a Google Drive folder, public on the Internet, or maybe they misconfigure a security setting in your SaaS application. That becomes a real risk to your organization. Cloudflare's CASB solves both problems. First, in line, using our Secure Web Gateway work, analyzing the applications that are being used for things like shadow IT or analyzing the file that's moving through our network to make sure important data isn't leaving your organization. And then they're at rest, our API-driven CASB is scanning your SaaS applications for potential misconfiguration, potential issues and alerting you to them before they become incidents. And more recently, and you've heard a lot about this today, which is really fun, e-mail security. It's the largest SaaS application. If you think about what your team spends its most time -- the majority of its timeline. And it's almost always the final frontier in a Zero Trust journey for our customers, because it's that last open door to the inside of your organization. And you've heard folks, like Pat mentioned, that we've acquired Area 1 Security, who brings best-in-class e-mail security to everything that we do here at Cloudflare. And we're integrating it natively with the rest of the Zero Trust portfolio. So maybe there's a suspicious link in that e-mail, great. Let's go ahead and throw it in an isolated browser on the fly without any agent needed on the device, and we'll go ahead and stop text input just while we're at it. We're so excited about the Zero Trust products at Cloudflare. These are so fun for us to work on because they make your organization easier. They help your employees have a better experience doing the work they want to do. And with that, thank you so much for being here. Thank you for being at Connect. We have an incredible lineup for you today. So I'm going to hand it back over to Matthew to walk you through the schedule for the rest of the day. All right.

Thank you, Sam. Again, I think what I started with is the question of how do we do all of these things. And it starts with the network and what we've built with that network and the ability to scale and if you thought, what could you build if you had a network like this? I think the list that we've gone through is evidence of that. But what really stood out to me about this morning was hearing from customers how they're using our solutions, not just one solution, but the solutions in combination with each other. And the way that we figure out what to build is to hear from our customers to listen to you. And so a lot of what the rest of the day today is us breaking down into smaller groups looking, talking, letting you follow whatever it is that you're passionate about, but really hearing from you so we can figure out what to build next. And so we're going to quickly go grab a snack over there. And then in about 5 minutes, we're going to start all of the tracks. You can follow different tracks. There's an innovation track, there's a technical track and there's a developer's lab track. In each of those, we want to have participation, we want to have engagement, we want to learn from you because what you share with us today is going to help dictate what our road map is going forward. And so thank you, everyone, for presenting. Thank you, especially to the customers who came up and shared their story of how they were using Cloudflare. Please go grab a snack and then make your way to any of the breakout rooms, which are to your left on that side of the room, and thank you. We'll see you back later today. Take care. [Break]

You heard a lot of things today about product and product innovation, about the network and what is in flight. And I will try to get all this together and reflect it in the numbers that we've been presenting to you in the past and how we think it's going to impact us moving forward. But there is -- no exciting CFO presentation that wouldn't start with the safe harbor slide. I'm not going to read this to you. I just assure that you're talking about this before we get started. So let's move to the highlights. And I think if there's anything to take away from today's event is what Matthew calls the heart of Cloudflare and the frame of Cloudflare and the center of Cloudflare is innovation. This is what drives the company and enables all the opportunities that we have in front of us. And if you look at what this has allowed us to do over the last 4 years alone since we've become a public company, it allowed us to literally quadruple the TAM, the market that we address and that we disrupt. And I'll show you more insight of how this has built and what products are contributing and -- in the later part of the presentation. But this is really the driving force behind us. It's what enables so many independent growth vectors that are driving the top line, and this is what got us to 54% revenue growth last year. This is the sixth year and counting year of delivering north of 50% of growth. This is what allows us to be on a customer journey that gets us to larger and more prominent customers over time. And we'll share some new insights into what our customer footprint has done and where it seems to be going. More importantly, as actually foresees that we are able to deliver this revenue at a gross margin of 78%. And if you need one measure to see the efficiency of the network architecture that Matthew talked about, standard off-the-shelf hardware, a unified completely integrated software stack on top of that allows us to run every product and every service we have on every server. That is the number that measures that. And we'll dive a little bit into why that is the way it is and why we are able to use our cost margin literally, as we said before, as a strategic weapon. It's also the dial we have that impacts productivity. To start off, 78% gross margin is literally what allowed us to break even a year ahead of our plan. This is the dial we have to control operating margin moving forward. So with this being said, let's talk about the TAM. We -- when we started our journey to become a public company in 2019, we sized the TAM around $30 billion, and it was literally product, our core offerings, around Cloudflare application services. We coined the term at the time that says, if you are new to us and you want to understand what you do, think about us as a Cisco-as-a-Service. So every time you go to a Cisco or a Cisco-like company, you buy a hardware box that you put in your data center, this is what we are turning and the service that is delivered off our network. And I met the Cisco CFO a year ago and said, if you continue to use that, I will charge your license fees for saying you are Cisco-as-a-service, but it must have resonated with them, too. In 2020, we announced a slate of products that you've got a good insight into today where they are going. We started with what we call Cloudflare Zero Trust services, the VPN replacement products, the gateway, the data loss prevention product, the process isolation, this is where e-mail is going to go in. And we announced a slate of products that is protecting network services or is offering network services. This allowed us over the last 2 years after the IPO to add another $50 billion of TAM, closely getting us to $80 billion of TAM that we are disrupting. So if we want to stay in the world of Cisco-as-a-Service, in these 2 short years, we added a Zscaler business model, and we added a little AT&T on top of what we started out to do. And we are just in what we call platform week. You heard it today, there are 2 optic storage announcement takes us to another level in terms of TAM that we address and TAM that we disrupt. We think this takes us now well over $100 billion of TAM that we address, a TAM that we think is going to grow to up to $135 billion over the next 2 years. And it still doesn't include a lot of opportunities that we think is still in front of us. We talked about D1 and D2 today, this takes us in the database business model. We heard a lot about the progress we've been making on workers and edge computing. We are still not sizing that in our TAM. We said we want to be conservative. Numbers, they get awfully big, awfully fast, and we don't want to lose credibility. But we are getting close to that point where we can start to think about this also from a TAM disruption perspective. You get a lot of insight today in terms of developer adoption use cases and all the features around workers that are still in flight. This is what drives revenue growth. This is the core engine behind our revenue growth, 51%, as I said before, over the last 6 years and counting. 54% in the last year. And it is driving an engine that has been -- has allowed us to be rather durable and predictable from a revenue generation perspective. Matthew coined that saying and we -- this is not about rip and replace. Also we see more and more of this happening with new customers. This is what we call winning the war of attrition, where customers put us in front over an installed on-premise infrastructure and then upgrade, and expansion budget dollars move to us over that time. And with the explosion of the product portfolio with this relentless innovation engine, the levers we have to increase the vectors, the independent vectors of generating revenue has been rather increasing. So I will, in the next couple of slides, give you a little bit more insight into the main drivers. There's for sure the large customer momentum that has been building. I also want to show you more insight in what has been one of our really quite impressive improvements, how we have been building the sophistication around our expansion engine and how DNR has been -- dollar net retention has been a driving force behind continued revenue growth. And we'll open some new KPIs and give you insight into product adoption for some of the new products that we have been talking about today. But let's get to large customers first. This is a journey, and I remember some of you sitting in our teaching sessions in front of the IPO where the question was, where is your product portfolio? You're not known to be an enterprise company. You are serving small- and medium-sized businesses. And that is true. That is where we started. I think it's still a very important part of our business because this is where the efficiency from a customer acquisition perspective is coming through. But our journey on the enterprise sales side, our investment into building an enterprise sales organization is really showing off in terms of ROI. Our large customer cohort, those are customers that pay us more than $100,000 a year, as shown in terms of revenue, a CAGR of close to 80%. And the revenue over the last 5 years and the revenue contribution from those large customers has now risen from 32% of revenue in 2018 to 58% in the first quarter. And what's really important -- well, first of all, I think this is a sign not only that we are shipping out many products and features, but the products are enterprise create ready. I think that's a word important note to make. And we are not buying this revenue. Our -- despite this journey despite the fact that our large customer whole cohorts are growing in terms of size, numbers and revenue contribution, our customer acquisition costs have actually come down since the IPO to now about $1.21. So significant efficiency on the customer acquisition side despite the fact that we have been moving up the enterprise stack quite successfully. I wanted to also update you on what the cohorts are doing. The $100,000 cohort measured in $100,000, $500,000 and $1 million increments. The larger the customer cohort in terms of size, in terms of revenue contribution, the faster the growth rate. This has continued to be true. Our $1 million cohort has been growing north of 80% for the last 3 years, 72% in the last quarter. We are now at 62 customers beyond $1 million of revenue contribution. We have now a handful of customers that are getting close to $20 million of ARR. And you will see, despite of that success that there is 0 revenue concentration from an exposure perspective, but we'll cover that in a minute. Finding larger customers and revenue with new customers is one measure of -- and one driving force behind our revenue growth. The second big contributor is the improvements we have made on DNR. And the comment I had on the teach-in from you guys slightly ahead of our IPO was 115%, that is the number that we showed at that time. That doesn't sound good. And there's nothing that motivates us more than people showing us room for improvement. Michelle continues to say, once we get started and focused, there's no holdback. The improvement of 100 to -- of 12 percentage points to 127 in percentage -- percent now in the last quarter is really a result of, first of all, throwing a lot of data science at the problem in terms of where do customers come from? What is the vertical they come from? What is the first product they buy? What data do we have that allows driving expansion into new products and attach? And we'll show in a minute what is that is driving in terms of results. It allowed us to have DNR now to become a significant tailwind in DNR contribution. And you have to keep in mind what we said 2 years ago is still true. For us, DNR is a very true, honest and conservative measure because it truly covers 100% of our revenue, all the cohorts. And with that, also our pay-as-you-go business, where companies give us $20 a month to $200 a month in all-you-can-eat plan and by that nature, really hard to expand. And we've seen significant improvement or really good performance from a customer retention perspective. So when you break down one step below on DNR, one click down, this is literally where go and go to market and innovation comes together. We talked 2 years ago about how many of our customers have 4 or more products. It's a KPI we dropped because it's almost maxed out. But here you see our journey of being able to attach new products to customers. So the number of customers that is now beyond 5 products, usage of 5 product is north of 80%. But the speed at which the attach of plus products happens, the N+1 step is getting faster and is accelerating. The good news is we have plenty of opportunities to get to 100% or close to 100% across the products. But every product we add, every feature we add extends that opportunity to the right-hand side. It's one of those really important growth vectors, independent growth vectors, if you're on a call, so in our journey to continue to grow and go after an opportunity, a market opportunity that gets larger and bigger and more substantial with product we ship. You heard a lot today about new products. We wanted to share a new stat with you and update that, what is the attach rate? Are we not only shipping products? Are we successful attaching new products? Application services, you saw that on an earlier slide, is what we -- where we started, 75% of our customers or 75-plus percent of our customers are using our core services. But the Zero Trust product portfolio is now adopted by more than 10% of our customers. The network service offering that we talked about, both together, our Cloudflare One is north of 10% of contracted customers. And you've seen a lot of customer testimonies today around workers' adoption. It's now 15% of contracted customers have workers somehow attached to their contract. That is huge progress. It's also a huge opportunity in order to drive those numbers up and another one of these growth vectors that will help us be durable from a revenue growth perspective and hopefully predictable too. Despite all the growth we have seen, despite all the success we have seen on the large customer cohort side, and not only with the number of customers we have, but also the revenue on average they contribute, we've seen we stayed true to our attempt to stay as broadly diversified as possible. So regardless what vector you pick, you don't see any concentration, neither around customer type. And while 54% of our revenue comes from large customers, I talked about mid-market and SMP. That is really important to us not because they are important customers only and contribute to revenue, but this is truly where the efficiency of the products come from, that we are able -- that customers are able to get behind our network in 5 minutes, if it's your website. But it doesn't take a lot longer if you're one of the largest banks in the world. That is where this efficiency comes from, and this is why this is, in addition to all the goodness from revenue contribution perspective, why this is important to us. We are making progress on our geographic diversification. Nothing -- no exposure in concentration there either. And I think what is really important to point out that despite all the success in the large customer cohorts growing revenue, growing that cohort in numbers, we are not exposed to any one of these customers. So the top 100 customers still are below 30% of our overall revenue. We moved from -- if innovation is the engine and really the heart of what drives this gigantic opportunity that is in front of us, then gross margin is the measure of the efficiency of the architecture. And I cannot get tired of repeating what Matthew said. If you want to understand one of the most important competitive moats we have as a company, then it's the off-the-shelf hardware stack and the completely integrated homogeneous software stack that runs on it. That we are able to offer every product we have and every service we have on every server increases the decrease of freedom we have to manage cost and capacity and supply and demand across the whole network service. And every server we add, every location we add increases that flexibility and our decrease of freedom to manage that. And this is the main reason why we are now 5, 6 quarters in a row above our target margin, despite the fact that we are supporting more customers than ever that we are shipping and offering more products and services than ever, that our traffic on the network has outgrown revenue growth by far, and we've been able to digest this within the model we have. There was one question on the earnings cost, when are you going to make use of that gross margin? When are we going to see that? You talk about it in -- as a competitive repent. The fact is we've been using it all along. We unmuted DDoS. We offered Zero Trust for free at the beginning of the COVID epidemic. We started the critical infrastructure project at the beginning of this year for free. R2, that move to open beta will be highly disruptive, you heard that. And we've been overcompensating for this in terms of productivity and network efficiency. And I think that is the true sign that speaks and is the testament for this incredible efficiency in the network architecture. And we'll come to guidance in a minute. But you have to keep in mind that we're able to build this network because of the hardware being off the shelf, and the software stack almost runs agnostic to the hardware that is below it. It doesn't matter where the CPU is coming from. It doesn't matter whether it's x86 or whether it's Arm, allows us to drive that. And CapEx in percentage of revenue has actually come down from their mid-teens to 9% in the first quarter. We expect it to be in the range of 12% to 14% over the course of this year. And it already reflects the investment that we think we still have to make when it comes to the R2 offering. So this is the measure pricing for the efficiency of the network. But it's also the dial we have that allows us to be hopefully predictable when we come to our promise to stay above breakeven. That's the 78% gross margin is a strong asset to work off. We have not been holding back on achieving operating leverage either on our expense side. R&D, despite all the relentless innovation we are seeing, is already in the zone of where we want to be. It came down to about 19%. A lot of measures in there in terms of where we put people ramping up Lisbon as our European development center. We've seen significant progress and scale on our G&A side. And the investment really goes into supporting the building out the go-to-market infrastructure. We've been saying that as long as we see superior returns of this investment, as long as we see high growth potential and the market opportunity staying where it is, we will continue to invest. But this doesn't take away that we have dials to work on that. And you'll see, when we come to our long-term operating model, that doesn't take away from our ability to deliver substantial operating profits in the future forward. So since this is the final section, I also want to reiterate the guidance we delivered and maybe give a little bit more color on some of the additional parameters. So we guided for 49% revenue growth for the current quarter, it would take us between $226.5 million and $227.5 million for the quarter. The guidance, both for the quarter and for the year, includes EPS. Revenue growth of 43% to 46% for the year. I think I want to reiterate the network CapEx guidance, 12% to 14%, not because it's an important number only, because I think it shows that the efficiency of the network and the gross margin is not coming at the expense of a high liquidity need or high CapEx. As I said, CapEx as a ratio of revenue actually has come down despite the growth we have seen over last 2 years. And we anticipate to be free cash flow positive in the second half. That's a really important statement. We made that at the end of last year, not knowing where the macroeconomic environment would take us. In today's environment, that is an even more important statement. It will be relentless in achieving that commitment. So let's reiterate the long-term model. We've made significant progress in achieving operating average -- operating leverage. We also said that we want to be around slightly above breakeven as long as we see there is return. But the levers that allow us to dial that in are really, really strong. I want to repeat that. Based on the gross margin that is now in the 79% range, slightly above where we want to be, not because of a lack of opportunity. But because the infrastructure team that runs our network and builds our network has done a really good job finding productivity and levers to increase productivity and compensate, even overcompensate for the places where we use gross margin as a strategic leverage. And I think where product innovation and this relentless innovation comes together is it drives our marginal cost to put products on the network and serve our customers actually down. And every new product we ship literally comes at almost 0 additional margin dollars from a cost perspective and allows us to aim for a significant long-term operating margin opportunity that we think is well above 20% in the long term. So with all that being said, summarizing a business model that I think is unique in many ways, it's a unique -- in the markets we disrupt. It's unique in this -- with a speed and innovative capacity we have. And I think if anything has become clear today and at the start of the week with Platform week, then it's the innovation engine. And there will be many more innovation weeks to come over the course of this year. We have been able to use that and turn that into a record of delivering strong and consistent revenue growth. I think durability, predictability and consistency is really key here. And we have seen that we can manage this revenue growth while we continue to invest in -- significantly invest in our enterprise go-to-market and continue to see returns, not only in terms of superior growth, but also in terms of driving our customer acquisition cost down. It's a highly efficient business model. And I shared that with you, before I joined Cloudflare, that was what really fascinated coming from one of those more established software companies, what's the efficiency of that model that was visible. But boy, did I fall short in terms of seeing the opportunity that model presents. And I think you get a glimpse now how the flywheels that drive that efficiency are driving and accelerating growth are highly impressive. And with that, I think we have multiple levers to achieve and get to what is really important in this environment, not only free cash flow upside, but being positive at the end of the year and staying positive moving forward. And with that, I would close it here. I would invite Michelle and Matthew to come on the stage here with me and answer any questions you might have. Thank you.

So my favorite investors bring me cool mugs. So the team at [ Wellrock ] brought me -- Matthew, you are too awesome, which is definitely there in the lead. So next Investor Day.

That's a high bar.

That is really bars. D1, you can do something anyway. Jayson, are you moderating? We'll start, I will moderate. Yes.

The multiresident works. that like a slate how it works big an example back our Morgan Stanley out of anomalies that not a cost to you other than that latency and based on beyond.

Yes. So the way that I think about it is that every packet we process has a different value to us. Morgan Stanley pays us more than Bob's Blog and has a different latency sensitivity that's associated with it. And so a way of understanding this is we have this giant network. We have a whole bunch of free customers, don't pay us anything, right? And so one of the assumptions is that to service those free customers has cost us a lot. Actually didn't cost us very much because there's always excess capacity somewhere on the network. Oftentimes, it's really close. Oftentimes, we can service that free customer here in New York from a data center that's probably within a few milliseconds of where we are. But if Morgan Stanley is having an attack or if ProPublica publishes an article that goes viral and we need to make capacity, then it's going to be those free customers that get shoveled off. For the most part, they're still going to have a better experience than they would have without Cloudflare because there's -- again, that capacity is everywhere. But the real key is figuring out the ability to, first of all, be able to move traffic flexibly around the network to wherever you need it, having the very incredibly simple architecture at some level, which is every single service can do whatever we need anywhere in the world. And then being able to say this customer is paying us a lot or has an application which is particularly latency-sensitive, so serve that at sort of a high level of service whereas the other customer isn't, and so we're going to -- they're still going to get a great service, but it might be there. So I think explaining it to a 5-year-old, it's like, listen, there are certain things that I don't know. I just -- my wife and I just have -- we have a 3-month-old. So I'm trying to figure -- I hadn't quite figured out the 5-year-old thing. But for 3 months old, like sometimes, she really needs to eat and she needs to eat right now, otherwise turns into a purple screaming pterodactyl. And so like that's a high priority. And we're going to make sure the latency on that is very, very low. Whereas does she get a bath tonight like, yes, it's probably good to give her a bath on a periodic basis, but you probably doesn't need one every single night. And so we might deprioritize that. But we have architected our lives to be able to allow me to come out here and the house hasn't burned down yet, it seems. And we've architected Cloudflare's network in a similar way to be able to set that priority. But it starts with that radically simple architecture and just -- it's -- like that's hard to actually get and it's hard to write the software. But now that we have it, that's how we're able to innovate as quickly as we are. That's how we're able to launch products as quickly as we are. That's how we're able to scale and get the efficiencies that Thomas is able to -- does that makes sense?

What I would add is, for this example, there's another example that Matthew gives from time to time where you don't shift customers around. But there's always a part of the world that is at sleep, where capacity is idle. And that idleness moves around the clock over 24 hours. So there's always capacity that we can use to offload compute cars that are less latency sensitive because we have overcapacity idle capacity, not overcapacity, idle capacity in parts where the world is at night, for example.

One other thing I would just add, just because we've been building this for 11 years, and we've done a lot of conversations. This comes up a lot. It's when we started, and we told people how we were going to build Cloudflare and our approach, a lot of people told us that was impossible. So this is not how others before has solved the problem. And we really kind of innovated and found a path forward. And I think that, that's why it's kind of hard to explain. No one else is really doing it. And a lot of people told us that is not we're going to work, and there's lots of reasons, technical reasons why. But those were false assumptions, we made it work.

I think this is a solution that you've been very good at showing us the potential sort of be but somewhat measured in terms of what the impact is going to be to Cloudflare in the near term? And last week on the earnings call, you're talking about getting to that critical mass for workers. You have a lot of solution out there today, you have a lot of applications that are deployed. Can you help us more granularly understand what is critical mass mean? Like where do you have to get to, to get to that critical mass for workers, number one? And number two, what can you do to help sort of jump the shark a little bit and sort of accelerate that time to get into that critical mass?

Yes. So a couple of different ways to measure that. So one, I think that if you look at developer platforms, 1 million developers using the platform tends to be a milestone. And we are -- we believe we are on path to get to that milestone this year. It takes time for people to adopt things. But if you just -- if you're all sitting here with us, the most interesting presentation is going and sitting with the developers next door because the enthusiasm and excitement that they have for it. I mean if you just search Cloudflare on Twitter right now and you say, you just watch people go, wow, I am considering moving my application from AWS to Cloudflare. That's because we've got the tooling that allows them to do that. I think there were some components that we were missing. One of them was an object store. That's gone open beta this week. It will go GA this fall, probably in September. Second is a database. You need a database to be able to build sophisticated applications. We launched that this week. We expect it will go open beta actually much more quickly as a result, and we'll build that. We're actually going to need multiple different styles of databases. So we call this on D1. There will be a D2. Obviously, they have an R2, we have to have D2. So we're heading down that path. There will probably be a D3 and D4 as well because the different styles of data. And we won't necessarily build them all. We also might interconnect, and we already do that with other vendors that are out there. So I think those are the 3 components that you really need to do that. The challenge with developer platforms, and we've studied lots of them, is that it always takes between 8 and 12 years for successful developer platforms to really catalyze. And the reason for that is you need a community to develop, you need sort of the first killer app to be out there. You need the people who built the first killer app, some of them to leave that company and then go migrate to other companies where it starts to be like, oh, if I invest in this platform, I'm going to be successful in my own career. And so we took a time to look at how did Microsoft build their platform, how did Salesforce build their platform, how did Apple build their platform? And were there any shortcuts somewhere along the way. Basically, you're -- when I describe it if you said jumping the shark but it's because that means you're past your prime. But I think it's like how do you leapfrog to the next opportunity. And I think the only thing that we see that's a shortcut is how do you build your platform into existing successful platforms. And so earlier this week on Tuesday, we announced what is sort of workers-as-a-service, where you as a platform can build workers directly into your platform. And the partnership that I'm the most excited about with that right now, although I think you're going to see more in this space is with Shopify. So if you think about all the developers that are building storefronts on Shopify today, tomorrow, right, if they're building stores on Shopify, they are learning the workers' platform. Because Workers has gotten built directly into that. You can imagine all of the other platforms that are out there where if we can say, this is a way to make your platform more programmable. It's the way to make it more scalable, it's a way to integrate it more. I think that's how you go from instead of taking 12 years, taking it 8. But again, it's -- I can't believe that Walmart is building on Workers I can't believe that Atlassian's building on Workers. I can't believe in NCR, if you're swiping your credit card at the grocery store, that's being powered by Workers behind the scenes at some level in their antifraud system. And so it is catalyzing more. I think that we're measuring a number of developers as the KPI. I tend to think of Cloudflare's business as having acts. Sort of Act 1 with the application services businesses. Again, we've got tons of penetration there. That's what we're known for. Act 2 is really the Zero Trust services. That will be the big driver of revenue for us over the next period of time as a significantly larger market than the application services market. Act 3 is Workers. That's a significantly larger market than Zero Trust. And then Act 4 is we're already working on as well. But I think that, that's how I would think of it. Developers is what we're watching and then we think revenue will follow.

Fatima Boolani from Citi. Michelle, this question is for you. When I think about the slide that Thomas put up with respect to your $100,000 paying customer cohort, they derive, I think roughly 58% of your revenue. So outside of 10x in your sales and marketing spend, how do you get that sort of 1% of your base to grow much faster? And maybe if you can put it in the context of some of the executive hiring you've been doing to really build out a more traditionally defined an enterprise go-to-market motion.

Great. Yes. Thanks much for the question. It's a little bit like these different acts where you started. We started by servicing everyone, and then we kept getting pulled up market, and we continue to get pulled up market. And yesterday, we had Advisory Council, where it's all these large customers, all the logos you've heard of, tenants that we have over 1,500 of these large customers that are using our service. But it's not going to stop there. There's so many more ahead of us. And so it's been this journey which we're really proud of, of our go-to-market. One of the things we said -- how we think about it internally is instead of investing in marketing to get large customers that then go drive revenue, how do we use our large awareness, our large installed base to drive demand and then go invest marketing behind the curb. So we kind of look at sales and marketing to help fuel our business in that way, which is part of the reason why you've seen our cost to acquire a customer come down because our audience has gotten a bigger installed base. And let me just get like a really tangible example, because we were just meeting with customers yesterday and they're here, so you should talk to them about it. But what, oh my god, like, I love when you blog, all my engineers circulate these blog posts internally at this was Epic Games. They're obviously a really technical company, but they need all of our services. And he's like, and then we find new ways to engage with what you're doing at Cloudflare through your blog, right? And it's just these really -- you think the blog is for developers around the world, which is true, but they're employed by a lot of big companies, and then they pull us in to find problems that they have internally to help us to do that. So those are examples of how having a large audience, a large awareness sets us apart from maybe other directional B2B companies that don't have that, right? Where they're really doing a just a very straightforward demand generation activity. We do that, too, but we have these other assets on top of all of it, and we're really proud. So that's a little bit of like how we think about it. In terms of scaling up that go-to-market motion, it's going well. We hire account executives like you would expect. We have presales engineers and post sales engineers and customer success teams servicing these customers. We know the practitioners. We know the economic buyers. We know the C-level executives and those are all different journeys, but we're doing that. And I could say it's going well globally.

Can you talk a little bit about...

You guys ask the question already. Let's do -- we'll come back. I promise, just to be fair.

Gray Powell, BTIG. Thanks for hosting the event. So this one's probably best for Thomas, but I guess it was really good to see all the different attach rates in some of the product categories. I just want to make sure I have it correct. Was that across all customers or enterprise customers? And then on the ZTNA side, is that mainly Cloudflare Access is getting the most uplift? And sorry for the multipart question here, but just how much does ZTNA add to the typical customers build?

So the attach rates were beyond large customers. They were all contracted customers. So if you're also below $100,000, I think we're just the even more impressive stat that it's 10% across all contracted customers. And in the stat, you mentioned not only large customers. The last question, you have to repeat for me.

How much of -- on the ZTNA side, how much of an uplift are you getting there to the typical customers bill when they adopt it?

It will depend. It's very much seat-based so we have some customers that will have very few employees, but will push a lot of our application services. And there are some that have spent very little with application services but spend quite a bit with us. I think we gave some examples during the last earnings call, where we're seeing the ZTNA -- the greater ZTNA story, and that's both the Access and Gateway products coming together. I think that, that is a typically kind of in the -- for a contracted customer, hundreds of thousands, $100,000-plus additions to what the spend is. But we like that it can start with an individual team. So if you look at someone like a L'Oreal. They had an individual team. They needed access. They started with that individual team. That account has been significantly grown over time. And so it might start with a $5,000 or $6,000 self-service contract or self service -- someone paying with a credit card. That then quickly turns into something where they see that it works, expands across the entire organization, that could turn into a $100,000 contract. And then as they expand from Access to Gateway, that might turn into a $0.5 million or more contracts. So I think that we're seeing very good attach rates and that this can meaningfully drive additional revenue from those existing customers as we can take that 10% adoption up over time, which we fully expect we'll be able to do.

The only other thing I would add, -- the only other thing I'd add, just it might be obvious, but in case it's not. So we have all these 4 acts Matthew talked about, we have this wheel. It's the -- there's 4 parts to it. We'll customers start in any 1 of those 4 parts of the wheel. Some people start with Zero Trust. So like the Twitter example Matthew gave today, like they started using Cloudflare because of a Zero Trust need. Other customers start using developer services. Other customers start with an application performance and security, which is what we've been doing the longest. And so customers start in these different areas. So then they expand within that area, but then it's also they can expand within other areas. So it's all these expansion levers. And I know that's obvious, but it's not really that obvious. And so that's just something that I wanted to point out where they can start in both places. And so we're constantly saying, hey, how do we get them to expand within the use cases that they're already using and then find more use cases within the organization, too.

What that also leads to it doesn't job easier, sometimes there's really not a typical path for a customer to come to us. You cannot say -- there might be a story around a correlation around the vertical a customer comes from. The financial customer probably starts with security an e-tail platform probably starts with a performance-based product. But there is not a typical starting point. And there is not really -- we are getting better predicting what the second product is going to be than predicting what the first product is. So -- but we are improving rapidly.

Phil Winslow, Credit Suisse. I just want to focus on the Zero Trust again. Obviously, you talked about in your slides, Thomas, 10% of contracted customers use Zero Trust service. When you talk to these customers, particularly the larger ones, what is it about Cloudflare that's making Cloudflare stand out versus some of these long existing competitors like a Zscaler you mentioned, Netskope and other startup sort of what is it that you have that differentiates you?

So I would say there's a handful of things that we hear over and over again. So the first is our product is truly integrated across any situation you want. So you are worried about an attacker, which is coming at you using multiple different vectors. They're going to DDoS your site, they're going to try and attack your web application, try and bribe employees. They're going to send phishing e-mails. And we see it. There are really sophisticated attackers that are targeting across it. We can give you a picture across that entire platform. Zscaler can't. Zscaler actually pays Cloudflare to be their DDoS mitigation service because they just aren't good. They don't have the capacity, the 2 orders of magnitude less capacity across their network than we do to be able to even deal with that. So that unified platform, I think, is a killer feature. Second thing that I think that we're differentiated with is ease of use. We just have ease of use in our DNA. We want things to be self-service. We want it to be easy for you to sign up. We have to be able to service the millions of customers that we have in an incredibly easy way across that entire platform and make it work. The third is performance. If any of you are using Zscaler, it sucks in terms of its performance. It slows you down. It is slightly better than your old corporate VPN, maybe slightly better than Citrix, but not much and users hate it. So IT tickets are higher, slows customers down, it breaks things. People don't like it. We have to make our products work at literally at a consumer level, like again, in Russia, the app that is our VPN is being tested in what is the most hostile network environment, anywhere on the planet right now and it works even in those circumstance. And that means that when somebody deploys Cloudflare's product, it makes it much more available. And then I think the fourth thing is just we can deliver a much higher ROI. Because we have this broad diversity of products, we can often bundle things together in such a way that we can say, listen, you're willing to pay extra Zscale. We'll give you exactly the same functionality that they have for exactly the same price but will throw in DDoS mitigation or WAF or something else for free. I think great companies that are in the SaaS space they go from the tens of billions of dollars of market cap to the hundreds of billions of dollars of market cap, do it all in one way, and it's bundling products together. And every single platform that does it figures that out. Most people have to do it through a series of acquisitions. I think what's unique about Cloudflare is we've been able to organically build that platform that has the sufficient breadth that allows us to do that bundling strategy. And that's a really tough thing if you're a Zscaler to compete with. Like if we just say, listen, we'll give Zscaler away for free if you buy DDoS right? That's a move that we can make in the same way that Microsoft uses their E5 license in order to take on some of the folks that they are there. So I think that's going to be a huge part of our story. We're already seeing it. Let me tell you the flip side of your question. We'll tell you what's good. I'll tell you what we're bad at. We have not yet really mastered what Zscaler is amazing at, which is partnerships. Like that's, I think, a place which is a big opportunity for us to continue to invest. And so we love the fact that Accenture selected us in order to be who they would go to market for their big federal contracts. I think being able to work with those sorts of systems integrators, prove that we can do that and also going after even the small VARs that there and saying, we're going to take care of you. We know how to run a program. We know how to run a partnerships program. That is a huge focus for us right now. And it's actually one of the sort of secret benefits really of us buying Area 1 Security. They had almost all of their sales were channel-based sales. They really knew how to do that well. We're absorbing that DNA. And I think we're going to -- we know that that's the case. That is different than what our traditional products are because these -- the Zero Trust products do often take a little bit more handholding, and so there is much more of a role for a systems integrator or a VAR. And I think that, that's an opportunity for us to improve.

Shaul Eyal with Cowen. Great to see everybody. Probably one of the key takeaways or at least a new data point, Thomas, that's, I think, back to Gray's comment, that's on the tax rate. And you know that the questions are already coming and start already getting and believe you me, like through the e-mail. So if we were to sit here in like 2, 3 years and the buckets that you've showed us and provided us with -- which one do you think probably is growing the most? I think that's on the 1 hand. And maybe, Matthew, it's just great that you've mentioned that partnership -- so Matthew or Michelle, on VARs and on Accenture, should we be expecting more announcement along these lines? I know Accenture, it's mostly on the federal side, but what's happening on the enterprise front in that perspective. Typically, it will go the other way around for enterprise and federal, but with you, actually, it's a little different. So just curious about your thinking about it.

So I'll take the first bit and Michelle can take the second. The way we think about our business, when we think about products is we're stacking a series of S curves one behind another. And different products are at different development points on those S-curves. And so a product like DNS, like we are the biggest DNS provider in the world. I mean there's -- DNS is super mature. We're at the very end of that S-curve. There is not going to be a ton of growth from DNS. But it's strategically important. We'll continue to do it. We invest in it. We make it better. We don't want anyone to be able to sneak in behind us. So that's that. On the other hand, something like Cloudflare for Offices, which is really true MPLS replacement and taking that -- I think that's an act 4 product. Like that's at the very early stages of how that's going to develop. Exciting. We've got -- we're learning a lot. We're trying to figure out how that's going. We want to have products that are all of those different stages. And so depending on what your time frame is, I think how much the buckets grow really depends -- I think your time frame that you laid out was sort of in the next 2 to 3 years, Zero Trust is going to be a big part of our story over that time. And that's the place where I think you're going to see, that's right hitting that hockey stick growth. And I think it's going to be great for us. I think it's going to be great for Zscaler. I think it's going to be great for Palo Alto Networks. I think you can be actually bullish on all 3 of us in that space. But when we go head-to-head with them, I think we love our win rates, and I think that we can be -- we can make that business bigger than what all of our traditional platform services businesses are. If you had said, what do you think over the next 10 years, now you're in Workers land, right? And the opportunity that there, I think, will dwarf everything that we've done with Platform Services and Zero Trust. And if you said, what do you think over the next 20 years, now we're Cloudflare for Offices. And if you look at IT budgets, what are -- what's the biggest thing that every Fortune 500 company spends IT budgets on, telecommunications and connectivity. And we've built a network where we're not that far from every physical office in the world. And if we can build an intelligent network that says, well, we'll take over some of that telecommunications and connectivity spend. I think that's a big opportunity over the long term. But it's a much longer term. So I think that it's going to shift. Over time, we're going to make our way through that S curve. And what I have faith is that our product team will continue to launch new things, find new areas and find something else where you're kind of at that slow initial part of the S-curve that we'll continue to stack over. And that's why our revenue, I think, is so durable over the long term.

On the channel front, so we do more business in the channel today than a year ago and more than 2 years ago. So it's actually a fast-growing distribution channel for us. So it's going well, but it's still early. And where we see a big opportunity with Zero Trust as for all the reasons Matthew said, because with the Zero Trust, you got to manage the endpoints. You going to manage like the fleet. And a lot of organizations are looking for like a managed service provider to do that for them. And we're not in that business. We don't want to be in that business. So that's like there's lots -- so there's opportunities there where managed service providers, the SIs, the VARs, depending on what piece where it's like, hey, we want to be able to help design the Zero Trust solution, deploy it and then manage the policies and the devices over time. That's why the channel is so important in that segment. And so we're doing a lot there, and you'll see us do more with more announcements and more -- and there's -- it's an important piece for Zero Trust, and we're actively investing and growing there. But the channel for us actually is a very fast-growing channel. It's growing faster than our overall business. So it's becoming more important to us.

And then one thing to add, and maybe to Thomas point, there is so much margin for us in these Zero Trust products that it is an easy thing for us to be a good partner.

It might be a segue here, Matthew, and to something that Thomas said here KeyBanc about share gains. I think that's super exciting. You mentioned there's a large opportunity that you're sitting in front of Tom. I'd love to -- if you can give some color around what that opportunity is that you're sitting in front of about large customers that haven't yet adopted the full Cloudflare platform. I know you can't give us dollars, but some color there. And then as a follow-up -- a logical follow-up to that, what's holding these customers back? I'd love to hear about those what's in the sausage-making factory? Matthew, you gave great examples on the call about ripping out legacy and using Cloudflare at these large customers. What's involved in rewriting policies? And what's holding these customers back and -- before we hit the inflection point there.

Maybe I get started on the first part of your question. So I mentioned that we are now getting to a handful of customers that are far north of $10 million or $15 million, getting close to $20 million of ARR, not even the largest one is using all of Cloudflare products. And I think that gives you an indication of how much expansion room there is. So 127% is a D&R measure across, as I said, all of our cohorts, including our pay-as-you-go business that is difficult to expand. There is a lot of room you have to assume in a much higher performance already on the enterprise side. And the bigger the customer is, the faster we expand, the faster we expand and the higher the DNR is.

And I think these are new products, like our -- we really had a competitive Zero Trust suite for under 2 years. And so there's time that takes to educate the market. So I'm -- the more amazing thing is how many people are actually adopting them as quickly as they are. So I think that, that's -- I like that a lot. What I think is also impressive is the buyer isn't always the exact same. So our platform services buyer and Zero Trust buyer. They know each other. They probably sit on the same floor. They probably report to the same person but they don't necessarily have the same budget. And so you have to navigate that internally. And I think it gets back to the question that Michelle was answering, if that means that we continue to invest in hiring what look like a traditional field sales, relationship-based sale. We're not -- I'm not -- like I think that it is a mistake because it's inefficient to just say that the way that you're going to grow is just you're going to hire as many salespeople as possible. I think it's also a mistake to sort of say the old Twilio model, we don't need salespeople at all, right? The right answer is you want a more efficient sales process where you're investing behind demand, you're building trust over time, you're capturing more and more share of wallet, you're intelligently using bundling and you have a great AE customer success, solutions engineering team that can support that as well. And that's -- when Michelle talks about how we want to invest behind demand, not ahead of demand. I think that's it. You fast forward 10 years from now, our sales team looks exactly the same as everyone else. The difference is I think we're less likely to make a mistake because we're using the signals in the market in order to make intelligent choices. I'll give you a really, really, really specific example. We -- as we were thinking about expanding our presence in Germany, we had a handful of early adopter German customers. And so one of the questions that we asked them was who are the sales leaders that you have really enjoyed working with? And they gave us a name, [ Denim ] Christian. And sorry. sorry, Stefan. Christian is different, Stefan. Sorry. Sorry, Stefan, if you're watching -- and Stefan, they give Stefan's name. We talk to Stefan. He was awesome. We hired Stefan. He immediately had a good rapport with those existing customers. He expanded those customers and was able to go get more customers. And again, that is different than hiring a head and saying, oh, we're going to expand in the Japanese market. We're going to hire a headhunter, go find someone. Like you can actually get the feedback from your customers, you can listen to them, you can say, who do you want to be supported by, then it is much more likely to have a culture of success. The people -- the person you hire is much more likely to make their quota number. They're much more likely to hire people who will make their quota number. And again, I think that's just a better way of building a sales team. You end up in the same place. You just make fewer mistakes along the way. At least that's been our experience so far.

It's interesting. Just the only thing I would add is when you said, hey, what holds people back and maybe it's less of that, but I would say that like a lot of your research actually is helpful because we're a newer company. And so it's awareness, are you going to be around, the credibility. And so one thing that's actually been surprising to me is going public has been good for that. Going public, being more in the market. People can look us up. They're like, oh, wow, okay, other people are writing about you. It's been -- it's actually been good from a credibility standpoint. Because before, when you're private, small companies that you're going to go out of business because it's just -- it's a lot of start-ups have gone out of business. We're not that anymore. And so the credibility of the awareness has been very helpful. So thank you all for all your research notes. It's actually very helpful. People read them all the time. Our customers are always talk referring to them saying, Oh. And employees who want to join too. So you play an important part in the ecosystem.

It doesn't mean you get commission.

Yes, Steve Kamman, King Alpha. Two questions for Thomas or the second for everybody. I hear a lot of concern that R2 is going to drive a lot of revenue but also drag down gross margins and drive on CapEx. And I think people are looking at comparables out there and drawing some conclusions. So can you just talk about the ramp of that and what it means for both the CapEx side and how much offset by, say, Zero Trust and also then the kind of the margin side. The second question is the Arm server shift. And I'm guessing that comes next year. AWS is seeing 30%, 40% of price performance improvement off the Graviton processor, which is an Arm chip. Do you guys think you're going to be able to get a similar step function down in cost? And then how are you going to flow that through the business and how do we look at -- how do we see that flowing through the business, both from a cost perspective and from a functionality perspective and kind of when does that hit?

Let me get started and Matthew might and Michelle might jump in. We are comfortable that the efficiency of the architecture is going to hold up. I think I cannot repeat myself often enough, the architecture of the network that software stack sits on top of it is an elasticity that we think is comfortable to scale across the new business models we enter. And we've launched not only low-margin products, we have launched 0 margin products before, and it actually improved our gross margin in terms of the traffic patterns that drives the additional decrease of flexibilities it gives us to shift traffic around. So we've been rather careful in modeling the impact of the new products and gotten very comfortable around the fact that the elasticity and the efficiency of the architecture is going to hold up. We will not turn into a multibillion dollar a year to build data center companies. That is not part of that architecture. And that is not something you should be concerned about. The fact that we have been scaling the network to the size that you saw today in more than 270 cities, more than 100 countries, digesting up to 90% traffic growth in spike quarters, especially when COVID started ramping up the number of customers, carrying the products we carry and the margin didn't go down, but went up and the CapEx ratio went down over that period of time, I think, is an indication like that. That doesn't mean we have to have all high-margin products, but we can put the margin at those products to use to be disruptive in areas -- in other areas. And I really like the examples that I gave you. Some of you asked me, how does pricing and discounting work at Cloudflare. And it's not like we look at what is the competitor's price and do we need 5% or 10% or 15% discounting. We do that from time to time on important deals. But the fundamental question we always ask is, what is the most disruptive move we can make in this market, putting that margin to work? And when you go back to DDoS, it was not well, let's sell our DDoS product at a 20% discount to the main competitor. The most disruptive move was to demeter it and offer it for free, so to speak, if you are a large corporate customer of ours, unmetered DDoS is part of that bundle. And the reason for that is because how the network is a that the defense of the DDoS attack happens at the edge of the network that we don't have to pay high bandwidth cost to channel traffic back and forth to scrubbing centers like other companies. So I think you have to you have to look at us from that perspective when we launch products like this and when we talk about trying to be disruptive. So we model this a lot. We think the efficiency going to hold up.

And I'd add, starting at the 10 inches level and then going up to 10,000 feet. At 10 inches, I would say that this -- we've looked at what the capacity that we have in excess storage across our existing network. Because if you took all of the servers that are running all around the world and you put them in one data center, maybe one of the biggest data centers in the world, right? And so we got all these servers all around the world. They all have storage. We ask how much of that storage is being productively used right now, the amount that's excess would more than satisfy the demand that we've seen for R2 at this point, which is another way of saying that to satisfy the demand that we have requires no additional CapEx spend today. Now we anticipate that demand will go up, and then we will add more servers. And then we'll service that. And then what will we have excess of, CPU, RAM, network capacity and what will that allow us to do? We can add more workers functions, we can add more security functions. And so if you looked internally at Cloudflare, we have our infrastructure team, which is one of our secret weapons. We have our product team. You met Jen earlier. We have our ETI team, which is a team that thinks about what are the sort of disruptive next-generation products and they are constantly asking themselves every single quarter, where do we have excess capacity on the network? And with that excess capacity, what are additional products that we can build. And again, I think this is a perfect example of exactly what Michelle talked about, how we invest behind demand, not ahead of demand. So we decided to launch R2 because we had the capacity to do it. We didn't say we're going to announce R2 and then go build the capacity, right? We did it the other way around. And we can only -- and we can do that because we have the flexibility to be able to deliver that service over time. I was -- this is at 10,000, maybe this is 100,000 feet. I was a student at Clay Christensen, right? And like studied the innovator's dilemma, my essentially Chief of Staff is his former research assistant, someone here approached me about it a little bit earlier. And I really do believe that one of the ways that companies go wrong is that they overly focus on making sure we're going to hit a margin target with every product that we launch. That's how you get disrupted and that is how you lose. We don't do that. Instead, what we say is we're going to, as Thomas said, launch products that will completely disrupt the marketplace, and then we will engineer the margin back in. And that's what we're constantly doing. That's a good segue to your second question, which is Arm. I have no idea exactly how much more efficient Arm will be or otherwise. But what I do know is the fact that we've done the hard engineering work to make all of our platform run on Arm, and we have Arm servers in the field running right now -- and they work great, and they are cheaper for us to buy than that. That then helps us put pressure on Intel and AMD to drive their costs down. And then as they drive their costs down, that lets us put -- so having the ability to have multiple vendors not being locked into any one platform, making sure that every machine is effectively just a drone in a giant army where you can't tell one from another that, that is the engine that allows us to continue to -- we're really -- we're tough on our vendors, right? And we push costs down. And we can do that because we have the flexibility that if one of them says, "Well, we won't sell your chips. We're like, great, we'll go buy a bunch of Arm chips. And that is, I think, the more important thing. It's less about Arm is so much more efficient. It's actually more about it gives you more leverage over the x86 guys. And by the way, Power or Risk or whatever it is, is the next thing that allows us to drive that down, we've built the efficiency in our platform where we can continue to drive more and more efficiency and continue to drive our underlying costs down because we have this radically simple architecture. It all comes back to that.

This is [ Anushka ] from RBC. So you touched on the telco opportunity. Could you expand on that and talk about how you're helping customers reduce legacy telco spend? And how big of an opportunity this could become?

So I missed just which of the hardware.

Telco opportunity.

Oh, the telco opportunity. I think it's way too early to say. But I do think that everyone agrees, technologies like MPLS are way too expensive, way too slow to provision and actually not that secure. And so if you can find more efficient ways to give people the ability to have a software-defined network that has either physical presence in the buildings that you have to access or uses radio to get you that same performance, that there is going to be an opportunity. So we are to something like 90 -- well over 90% of office workers in the world were within a 5G radio hop of where they work, we are usually within a very -- within a dark fiber light up of where they work. And that gives us an opportunity to use our network. When we do that, and we've already got customers who are doing that. You talked something like Garmin. Like Garmin, if you're sitting in a Garmin office and you go to 1 of their internal applications or you go to another Cloudflare customer, you never touch the public Internet. You go to Google, you go from Garmin's office through a piece of fiber-optic cable to the edge of our network, across our backbone, to another edge of our network and then we hand off directly to Google, you've never touched the public Internet. That opportunity to be on both sides, I think, is there are ways that we can do that more efficiently than others. And I think the advantage -- there's never been a truly global telecom, even global crossing or Level 3, we're not truly global telecoms. If we can figure that out, and again, that's Act 4, that's -- we'll be really talking about that in 10 to 20 years. If you can really figure that out, I think that they are -- that is more than 50% of the Fortune 500 IT spend.

Okay. Operator, we are going to take one last really good question from an analyst right.

I think we I have to hear -- gentlemen in the red shirt who's asking a second question, gets -- so we do 2.

Yes. Just on R2 really quick. 9,000 customers in the private beta, you just open up the regular bidding on at least the end of the at the end of the year or sometime in the second half, you said, what's the best milestones for us? Like you've given us your Workers' goal is to get to 1 million workers this year. What's like the best milestones for us to think about when we're thinking about R2 in terms of how we should be thinking about that and revenue contribution going forward? It's act 3.

Yes. I mean I think that it's -- so at some level, what I care the most about are customers building really innovative, disruptive applications. And if you can be supporting that and building that, then the rest of everything follows from that. So like that's how I would look at the overall worker space in general. I think R2 could go 1 of 2 directions. One direction is the rest of the market doesn't respond at all, and we just capture a huge amount of object store. And in that case, then success is how many objects are on the platform? How much are we charging for that super sticky business if you have it? And then can we maintain our margins, which we again have confidence. That is not like Zero Trust products are super high margin. R2 is in line with what the margin is. It's not as super high margin as that, but how can we do that? And we think it makes sense to do that. So that's one measure of success. A completely different measure of success is Andy Jassy says, I am sick and tired to these guys taking our objects away, we're dropping our egress fees to 0. I would be so excited because all of a sudden, now we have unlocked the ability to be that CPU and the ecosystem, we can be the network that interconnects the cloud together. And I think that, that's -- if we force the market to drop egress fees, that's in some strange way, an even bigger victory for us. Where R2 then probably -- I think there's still some things that we can do with it, they are going to be really interesting. So for instance, as data locality and data residency requirements become a bigger deal all around the world, being able to say, here's an object. You can -- I want you to store it in Germany, and I never wanted to leave Germany. So it can move from Berlin to Frankfurt to wherever, but it has to stay physically there. We think that's a premium product that we can actually charge, and it can be a very high-margin product for us. I think that will be a long-term opportunity for R2 even if everybody else matches on the egress. And so it's kind of hard to say what I'm rooting for. Like I love the revenue of us winning the object store space. But I actually think the long-term play of us driving egress fees in the cloud to 0 is the bigger strategic win for us over time. We have 2 more, 1 in there.

Alex Henderson from Needham. I wanted to ask, since this is a developing environment here that we're talking about, and there's lots of developers here something along that line, which is you have done a really good job with Workers of basically taking away the infrastructure element that the coater has to deal with. There are -- another company out there that spends a lot of time working on that issue for coders. And you are one of the largest users of console, for instance. And so I guess my question is, over time, should we be thinking about the multi-cloud architecture that people are talking about becomes a transparency on your network that I don't need necessarily to build all of those elements in. Is this a direction that changes the mechanics of codes infrastructure over time?

Yes. How I've thought about this problem has changed and I think evolved. When I thought multi-cloud in the past, what I imagined was you write an application and you run the exact same application on AWS as you do on Azure, as you do on Google Cloud, and you play them off each other and drive the cost down and that would be -- and you have higher resiliency and those things. That's not help. Any serious -- maybe a few exceptions like Zoom does out a little bit, a handful of others. But it's really hard to make that work. And that's not when people -- and big enterprises talk about multi-cloud, that's not really what they mean. And so talking with customers, and we spend tons and tons and tons of time talking to customers drive our road map, and they help us develop what it is. When they talk about multi-cloud, what they mean is 1 of 2 things. Either one, because of M&A or just different teams or whatever, they've got a bunch of stuff across a bunch of different clouds and they need one consistent control plane across it to make sure it's secure, it's not going to expose secret, not going to do those things. And we play an incredibly good role in doing that. And so it's probably in that sense, the fact that we are that neutral network that can be in front of everyone and be consistent across whoever you want to use is a really powerful differentiator even if one of the big public clouds replicates one particular feature or another. And so I think that, that is a valuable thing for us to do. And having that consistent control plane is placed to enforce security policies, place to be able to see what's going on, you need a network. And you can't -- it's really hard to solve it in some other way, even if you abstract the APIs and do whatever it is, I think that's actually good for us to abstract those APIs and make it, but I think it's almost playing for what my miss assumption of what the public -- what multi-cloud meant. It's less. I'm going to run the same thing in 3 places. It's more I'm going to be running a bunch of things in 3 different places, how do I have a consistent control plane? The second bit about that is that I think that what customers really want -- and the thing that AWS's egress fees is stopping them from doing is they want to be able to pick and choose from all of the different vendors and use best of cloud. And so Google, great machine learning tools, right? But you may not think that some of their other cloud services are as robust. And so maybe you want to use AWS, but you want to use Google machine learning to do one particular thing. Or you heard about something really cool that IBM is doing on AI, you're not going to move your entire application over to them, but you want to be able to use that one thing. What keeps people from doing that today is the egress fees, it's not the APIs, you can figure out the APIs. It's you can't get the data back and forth efficiently. And so where, again, I think our long-term value is how do we push that interconnectivity down as much as possible? How can we be that fabric that connects the various clouds together technically, but also then makes it financially attractive? And if you do that, then the multi-cloud universe isn't -- I'm running the same thing on 3 different applications. It's I'm using bit of Google, a little bit of Microsoft, a little bit of AWS, a little bit of IBM, a little bit of the start-up over here, a little bit of who knows what in the different regions, and I get to build the best applications with the individual tools. That's painful for some of the cloud providers that really think that it's -- you got to go all in on my application. But I think it's inevitable over time that these clouds get picked apart into what they are best at, and that people use -- people are going to spend money on all of them. And I think over time, it's actually better for the ecosystem because it's going to encourage more competition and more innovation and other things. And I think we are going to be the catalyst that leads to that inevitable long-term future.

Okay. We'll wrap it up. So it seems to me like one of the least understood advantage that you have is your network utilization levels. And I'd love for you to just touch on the comparison between your network utilization and, let's say, like an AWS and why AWS could or could not bring it up there. And then lastly, the relationship between increased network utilization in COGS, gross margins or however you want to see it. So like if you have a huge spike, if you're 60% now, you go to 90%, what happens in your margins, like that kind of sort of like thought process.

So what we sell is different. With AWS, what you're typically selling is you're saying they are essentially renting a server to you. Now they virtualize that in various ways, and it's not literally a server, but it is just conceptually, a way of thinking it is I'm renting a server to you. And so if you're running -- if you're spinning up an AWS in a region, it's because they are taking -- and again, it's not literally this, but it's effectively literally this, they're taking a box. They have spent a certain amount of the box and they are saying, I'm reserving this for you. And the problem is that customers aren't actually that good at getting high utilization rates. And so there's a ton of instances out there which are just sitting completely and totally idle. Now AWS has to have that up and running in their model works that way. And so I don't know what their utilization rates are. But the best estimates I've heard are that they're in the teens, right, in terms of what their actual utilization is. That's -- they don't really care because they're paying for that server and they're getting paid for the server. And it makes sense that they've built in the models and it all is effectively -- it all effectively works. What we sell is different. We're not selling you a server. We're selling you the promise that your application is going to run when you need it to run in a way which is efficient, as fast as possible. And there's a trade-off for that. We don't give -- you can't run certain -- you can't take SAP HANA and run it on Cloudflare Workers. Never is going to happen, right? Now I think the next competitor to SAP HANA builds on Workers, but there are certain applications that you just can't pick up, move and drop back down. You have to purpose build it for it. But if it is purpose-built for us, now we can slice out every single function and we can say, where does that function make the most sense to run, either from a cost perspective or from our perspective or from a performance perspective, and it might not always be run the function as close as possible to the user, it might be run the function as close as possible to the data, right? And so -- but we have the flexibility to be able to move that around. And so at some level, Cloudflare is just a giant scheduling engine. And fundamentally, what we sell is different. It's almost one layer abstracted up. There are some things that we then can't do. But if you buy into that platform, then we can have a much, much, much higher performance, much, much, much higher availability, much higher reliability, higher scalability and a much lower cost because instead of being in the teens in terms of utilization, we're in the 75% range in terms of utilization. And that's just a much more efficient spend of on whatever it is we do. If that 75% went to 90%, that would make us nervous because we know to have stability and reliability and everything else. We can do that. We're diversified enough in terms of our traffic and everything else that it's very -- that wouldn't mean something went wrong in terms of our procurement. One of the things that our infrastructure team likes to think about in the world is sort of just-in-time infrastructure where we can double the size of -- the internal KPI they have is we double the size of any of our major locations within 30 days, which is pretty amazing, right, if they can do that. Now that's supply chain and everything else has made that tricky, but we have done a good job of managing to that. And that is why that utilization rate line stays super close to that when it drops down. It's when we deploy a whole bunch of additional hardware it spikes up, maybe when we have a harder time getting that. But that's what drives it. But again, fundamentally, architecturally, the reason why we have just where we can offer that same end result, which is your function gets run somewhere for significantly less is because architecturally, we're selling something different. We're selling the promise that we're going to run your application versus a reserved server that you then have to figure out how to manage yourself.

Please join me in thanking Matthew, Michelle and Thomas for their time today.