Zscaler, Inc. (ZS) Earnings Call Transcript & Summary

Great. Thank you very much. My name is Alex Henderson. I'm the Needham analyst who follows security and is proud to be the analyst on Zscaler. The company held an Analyst Day on Monday. We just published a note post that, taking our target price up to $240 from $215. We reiterated our strong buy on it. I think the company had a tour de force on Monday. The good news here is we have that team here to talk about what they said. And so let me hand it over to CEO Jay Chaudhry.

Alex, thank you, and we appreciate the opportunity. I'm going to start with a few comments to set the stage for our dialogue. And this is because what we do is a pretty creative architecture, but there's always confusion about us versus network security. I want to take a quick minute to show you what makes things different. Why is security fundamentally changing. In this diagram, I'm showing you traditional network in orange color, connecting branches and data centers and the like. So you're securing the network by creating a perimeter. And as your applications move out there, since application must be connected to your network, you extend the network over to wherever your applications are: in Azure, AWS, Google or wherever. And what's next, and then you have users. When users work from home, users can't access applications unless they're on your network. So by VPN, you put them on the network. If you've got 30,000 employees, now your corporate network is extended to 30,000 homes. What's the big deal about that? Well, because if one person gets infected, the whole network can get infected because things are on the network. That's the biggest thing. And the second part is increased attack surface. So this is the challenge. That's why more and more threats are causing bigger issues. Our approach to it is starting with don't do network security. Secure users and data with our exchange. Applications are viewed as destinations. They're not on the network that the users are. So data center is just one more destination. And users go to applications through our exchange. They come to us, we verify who you are, and then we essentially connect to the right application or service, eliminating your attack surface and eliminate the lateral movement. The biggest threat is the lateral movement because people will get compromised out there. So in this process, we are the exchange, we are the switchboard that connects users, applications and services over any network. This is fundamentally different from any network security where firewalls of the world are trying to act as a door, as a gatekeeper, as a moat, protecting what's inside, what's outside in this world. Internet is your network. There's no inside. There's no outside. Every user is untrusted. In fact, your workforce and your customers are both untrusted. Both can access your application going through our switchboard, which opens up a market for us for B2B kind of stuff, which we will -- the thing will take off. With those comments, I'm going to stop Alex, and let's get into Q&A.

Great. So just a reminder, we're going to do a fireside chat from here forward. So if you have questions, would certainly love to have you have an opportunity to ask them. There's 2 ways you can do that. You can e-mail me at [email protected]. And the second is, you can use the text box that's on your user interface, and I will be monitoring that throughout the call here. So Jay, can you summarize a couple of the things that you said over the event on Monday? What were the 3 or 4 most important takeaways that you want people to hear from that?

Well, where do I start? There's so many of them. Okay. So first of all, I would start with go-to-market engine because we've had great technology for a long time, and it's growing faster. But our engagements with customers, the adoption, ZIA, ZPA and the feedback coming from the customers and more and more inbound inquiries and request is exciting. And that's actually giving us more and more confidence in the opportunity we see ahead. And we are further accelerating our investments to capture the market opportunity. That's probably the number one point I'll make. The second point is on the technology front. We actually especially highlighted on the Zscaler Cloud Protection opportunity. So far, most of our business has come from protecting users, started with ZIA for external applications, ZPA for zero trust inside your company for your applications. Now taking the same message, same zero trust approach to workloads is exciting. It's unique. It's very different. It can do the same level of disruption that ZIA, ZPA have done. That's number two. Number three is, I think we're so proud of the scale and reliability of our cloud. It's a daunting task to think about 150 billion requests going through. You inspect everything and you can't introduce downtime, all those things. This scale, because in our world, no matter how great of a functionality you have, if cloud doesn't work, nothing matters. In fact, your cloud is impacted for 3 minutes, hell breaks loose. So being able to run such a massive cloud, being able to scale is probably exciting. I mean if you ask me 3, 4 years ago when we would double from 10 billion transactions to 20 billion, feels wonderful, but now doubling from 75 billion to 150 billion transactions and now being able to double in the next 20 months to 300 billion transactions. It's exciting for 2 reasons. One, the network effect is creating some amazing things from security as well as from getting additional intelligence from the business side, ZDX side is wonderful. The second, the barrier to entry. I mean, I look and say, who is #2 when it comes to number of actual transactions being inspected by sitting in line. I can't find any meaningful data on that, but I bet it's probably 1/5 or less than that.

So lots of things I could drill down on in there. One of the things that I thought was really interesting is the chart -- and one of my favorite charts is the one where you have the near exponential growth in traffic and on the other side you have the near 0 falloff in the number of tickets. That's an amazing chart. Can you talk a little bit about that? I don't know that you have it available, but certainly being able to just, how you're not just solving security, but you're removing process and cost and time.

Yes. Absolutely. So I'll look at it this way. In an ideal world, if your product works very well and it's intuitive, there won't be any customer support tickets, okay? But I talked to my engineering team, I said, the best job is when our tickets become 0 because customer has no issues at all. So for this thing to happen, first of all, your cloud has to work well. Availability, reliability and all that stuff has to happen. And we have lots of scars on our back over the past 10 years while we learned through the process because there's no simple shortcuts to make that happen. But also, your products have to have higher-quality QA. All that stuff has to be done. What amazes me is that you can bring good quality if you're not updating the cloud too often. Now we have to update the cloud. We are doing unique security updates about 120,000. The number is actually higher than that now per day, so many times. And we are making changes and updates literally daily, weekly. And this is something we're very proud of, but I can tell you there are no shortcuts to it. It's like working on the Space Shuttle because there are some thousand things that must go right. But you learn. You build a process. You build quality control. And that's one of the reasons we feel like catching up on this thing will be very tough for any of the me-toos who come from behind.

So I wanted to drill down on another element of the mix here, which struck me as you were talking on Monday. Your architecture really does matter in a big way, not only just because of the spaghetti structure that your competition has, but your ability to use microservices, cloud-native characteristics to further push out additional functionality very rapidly means that you're acceleratingly different, not just that you're different architecture, but the cloud-native microservice CI/CD pipeline of your network means that you can constantly update your network and the other guys are sitting there with multiple boxes that are -- how do they possibly keep up with that?

They can't. I think that's why also the dependencies, the more dependence you have on too many different elements, the harder it is. For example, if I were to deploy lots of agent doing policies, this and that, it starts hard. All the intelligence is sitting in our exchange, our switchboard, that's cloud-centric. So while we do have agents and all to send traffic, the cloud connector, a very innovative piece, is essentially a traffic hub with low complexity and policy sitting in it. Where do I go? You point to these traffic exchanges and communication happens. Now the most exciting part that customers are beginning to understand is the simple notion of, you're on my switchboard, let's connect the right part to the right party. If I were to not do that, the new technology, which is microservices or serverless or lambda will become harder and harder things to do. But we are actually well positioned with our architecture to leverage those things and keep up with the rapid changes that are happening. Another thing is, what does it take to deploy those things? Workloads are going up and down. They're ephemeral. They are dynamic. If it takes you a lot of overhead to set up these firewall policies and the like, just too late. And it's error-prone because you're actually trying to do policies for each and push those policies to every virtual firewall sitting out there. You may try to do a console to take place changes at one place. But when those policies are sitting with every workload, it's a nightmare.

Yes. So this is a really interesting dynamic, this cloud workload protection. You scaled it in terms of talking about how many apps you can address today, how many you think you can address in the future. And you also talked about $155 per workload, pretty large numbers. Could you just go over a couple of those statistics for us?

Yes. So first of all, the $155 comes from 3 modules. There's no one monolithic solution for cloud workload protection. And we look at it, put it in 3 buckets. First of all is security posture of workloads, its configurations that came through our acquisition of CSPM -- sorry, acquisition of Cloudneeti. It's table stakes. Customers should have it, need to have it. Workload communication is the piece we drill down into because that market is ready and here. There's a lot of pent-up demand for it. Customers who are already using ZIA, ZPA, they get it. So there's not much explanation needed. And it's needed. Workload segmentation is like the microsegmentation type. This is a little bit more sophisticated area where only sophisticated customers are going and that market will take a little bit of time. But if you look at the price of 3 pieces, $40 to $60 to $55. I think it's, so these numbers are based on our actual experience. CSPM and segmentation is based on actual customers we have been closing. Workload communication is new, but we are working with about 4 dozen customers for this product. And pricing and all has come from based on engagement with them. So the issue for workloads is really not a cost issue. It's an issue of CIO saying, I'm trying to expand and do these things faster and better, and I just can't do it. So the #1 ask ends up being, how quickly can it be deployed, how easy it is to manage and expand from Azure to AWS to maybe AWS in Germany or U.K., how easily can I get this thing, get this security in place. That is the driver, not the cost.

So just to put some context around this workload side of it. The numbers you threw out, I think, was 150 million workloads that you can currently address and another 350 million. Now that's a static snapshot of the size of the market. In fact, when I look at the -- there's somewhere in the order of 700 million to 1 billion applications according to the industry sources. IDC estimates those are growing at a 30% clip. And Kubernetes modern applications penetration rate around 15% in 2019 going to over 50% in '23, '24 implies a triple-digit end market growth rate on an enormous base. It's probably the most important transition, watershed pivot point in technology since AWS was launched. So that's the growth rate on that target workload space. It's an amazing opportunity at that level, but much less the growth rate on top of it.

It is massive. It's massive. And we were building the model bottom-up.

Yes. So it's a...

Remo said, be conservative.

So I know Remo's going to tell me, well, don't get too far over your skis. It's going to take a long time to get it to play out. But it seems to me that, that provides a nice incremental additive growth to offset any scaling as you get larger deceleration in what you're doing today. I do have a question from the audience, and I want to ask that in. The question is, the SaaS story seems to be getting picked up by lots of public and private vendors from Palo Alto to Netskope. Who do you worry about? Do you think anyone regularly or different people in different solution areas? What are you seeing in terms of competitive landscape?

Competitive landscape kind of varies from the market area or the solution area you talk about. Generally, I don't worry about incumbents because they have the most legacy technologies. And pivoting from legacy gets much harder than someone coming from a clean slate, new approach to it. We think, if you look at the history, unless you're a monopoly like Microsoft that moved to Office 365, it's very hard for incumbents to pivot and disrupt themselves. If you look at the area, I think on ZIA, ZPA on the user side, we are in a very, very strong position with a much, much big distance from anyone trying to come from behind. The area I've tried to pay more attention to is the cloud protection area where the market is young. We are young in that area, who could come from behind. Could someone come from the development side of it and try to build in? I'm not sure I see anyone obvious yet, but we try to remain paranoid. We can't do much about what competition does, but we can do a lot about how fast we innovate and how well we engage with our customers and sell them. And I think we are getting tons of traction, and we will not slow down. We'll keep on investing more and more to get the biggest market share.

Well, now you brought up an interesting point on investing. I just want to go back to what happened in your sales expansion program last year. You increased your sales force capacity net of people leaving by over 60%. Now how long does it take those people? That's through the July quarter, I believe, is the time line there. So how long does it take those people to become productive?

We haven't really given any specific numbers, but I'll make a couple of comments in the area. Remember when over the past 3, 4 quarters, I talked about how we and what we are doing to make sure we can scale our sales organization to be a multibillion-dollar company, enablement, the process and all the stuff we did. So with all of that stuff, we are seeing a very measurable impact on sales productivity from timing point of view. Dali covered it without kind of getting into specific numbers. But we are pleased with the performance, the chart he showed how we are getting people productive faster. But one thing I would say that's very good tangible data we are seeing is more and more reps are closing deals in their first and second quarter. That used to be rare. So I think we're bullish. We are comfortable, direction. I think at the right time, we'll share.

Well, I think probably the most important proof point on that is your own actions. So you said off your July quarter print that you anticipated adding capacity at a rate equal to or better or more than what you added in 2020. Now that's not a percentage. That's not the 60%. That's because you're now 60% larger, but in terms of aggregate capacity. Now on Monday, you said that you have increased the capacity twice or your targets twice since then. So are we now approaching that 60% number? I guess you haven't...

We don't want to comment.

But it seems pretty clear that your actions are telling us that you're feeling like you have an opportunity to further accelerate. Is the change in the world environment driven by COVID, driven by the SolarWinds hack causing a change in the way people are thinking about zero trust, thinking about cloud direct, thinking about your architecture versus other people's architecture? I would think that this is a huge watershed event in the industry. How are the conversations with CIO, CTO, CEO, CFO changed over the last 3 or 4 months?

Yes. I think there are 2 distinct things. I mean, COVID had a big mindset change not just on security. Actually, the biggest mindset change on the CIO to drive things, things happen. So CIOs became more attuned. While SolarWinds breach had impact on CIOs and CISOs both, but CISOs were actually visibly, if I may say, even shaken. I said that I think this impact is bigger than the Target breach had several years ago. Because in that case, they could say it was Target. It was Equifax. Now they're saying, is it me or it could happen to me any day. So they're understanding it. I think if this attack had happened 2 years ago, zero trust would not have been appreciated because it was in such a nascent stage. But now that zero trust has been picking up in the last 1 to 2 years at a pretty rapid pace and now we see more and more customers, I see very rarely I'm finding customer who aren't really buying on zero trust approach. Now there are some 10% to 20% of them who are confused about what zero trust is. They think that they can do zero trust with firewalls by doing segmentation. But most of the world we deal with understands it pretty well, and it is helping our engagement with customers as well as our prospects.

So I wanted to drill down on this whole subject a little bit more. It seems pretty clear that the SolarWinds hack was a problem of trusting.

Yes.

At the end of the day, people downloaded a trusted DLL, which was a download from companies. It seems to me that, that reflects a situation where the attackers shifted left in the DevOps process further than the enterprise did.

Yes.

But that's really not where your target is. Your target is protecting things as they move from the user to the application or between applications. So you might not have stopped the DLL download, but you would have captured the fact that there was a change in content flow and other elements of the lateral movement, which would have been stopped. So can you talk about how you would stop SolarWinds?

Yes. That is very correct. So there are probably 2 big pieces of zero trust, and the third piece will be understanding the behavior. The first piece is identity. Obviously, if your servers get compromised, if you got already inside the stuff then things will go in. The switchboard won't even help because it will say you're allowed to go, please go in. But if you implement zero trust, you don't have a flat network. One infected machine or user is not spreading all across. Yes, a few machines that are in that access path could get compromised but not the whole thing. So minimizing the damage done is important, and zero trust implementation helps that big time. That's number one. Number two, I was reading about Microsoft, the way they found it because they found that looking, analyzing the user traffic behavior, they found that this user whose credential got sold was trying to go to some of the source code files that he wasn't usually going, looking for unusual behavior. I think that's a very important part of it. We have been doing a lot of work in the area, and we will be doing a lot more work in that area. If you are a switchboard and everything goes through you, whether it's users or applications and the like, being able to analyze those behaviors that are abnormal, they're the behavior that are very suspicious, becomes extremely powerful. So our focus on machine learning to take advantage of that is a big one. So we think to keep things clean. Identity with actually conditional access and context is the big draw, ever always. Switchboard, connect to the right app, to right application, not putting them in the network and then being able to have intelligence about behavior and abnormal stuff is third piece. I want to highlight that this is very different than a lot of abnormal behavior people talk about on my network itself. When things are flowing on the network, you look for what's -- it's like there's no checkpost. You're in, you can move around, you're looking for which car is going where. But if you have, you're really a switchboard, you're actually authorizing who goes where and whatnot. That is very deterministic information to find better value of the connections than just the old school network behavior.

So when I think about this environment and the Kubernetes numbers that we ran through, which suggests that modern applications will be over half of new applications being deployed with 30%-plus growth in applications. Those are very powerful numbers. But if I think about 3, 4, 5 years from now, the logical conclusion that you come to when you look at the shared responsibility architecture of the run time environment where AWS is the run time environment, they're responsible for their infrastructure. And the user of the application, the developer of the application who puts the application and the code in this infrastructure is responsible for that piece of it.

Yes.

The only piece of the application that's then exposed is really the API gateway. And so ultimately, the application simply becomes a point in the cloud, much like the user has been taken off the enterprise network. And it's a point, now the user is a point in the cloud. So we now have users and applications that are point in the cloud, and you're connecting domain to domain, application to application, domain to user in a very similar fashion. Everything else is then either protected in run time by the service provider or protected in the run time by the enterprise in their data center in the same way that they protect at AWS or Azure or at the application layer on those connectivity. Is that the world we're moving towards?

Absolutely. In fact, that's the only world they'll work because the traditional world is then saying, I'm interconnecting all these locations on a network will no longer work. You said it pretty well. The other thing I think that's very important is I think your application, your attack surface, we didn't touch on that. But the more things can be discovered and found on the Internet, they can be attacked. If nothing else, you can do DDoS to that. The switchboard approach, the exchange approach with zero trust we do, your applications are hidden behind the Zscaler Zero Trust Exchange, they can be discovered. They are only available once you have been authenticated and once the policy says, you have access to them. So that's a very, very...

That's a really interesting point because I think ultimately, that has broad implications. So for applications that are running and we're ignoring the consumer-facing applications like a Citi card or something of that sort. But from the enterprise application becomes black to the Internet or dark to the Internet the same way that the user becomes dark to the Internet. You made that comment to me, I think, 3 or 4 years ago, and I was like, What? How does the enterprise become dark to the network? But in fact, you can't see the user other than going through Zscaler. So by definition, you can't attack them directly, right?

A large customer who went from about 600 applications and servers facing the Internet to down about 5.

That's really important. Now having said that, that does not address the consumer side of the world. So if I'm a Citigroup, I'm protecting Citigroup. But if I'm Citi cards, I'm not addressing Citi cards, right?

So 2 things there. One, open consumer website obviously needs to stay open, and they still need to buy DDoS protection because anyone should be able to go there. But then there's a consumer thing. It's an opportunity for us. We haven't talked about it much because I don't like to talk about until we have figured things out and made meaningful progress in that area. If a financial services company has 5 million users who access their portal through a mobile app, that portal could be made dark because the mobile app could go through Zscaler. Those are interesting opportunity. Those are B2C cases. We don't expect to sell to consumers ever, but B2B and B2C are fair opportunity. We are pursuing B2B today. B2C is a fair opportunity for us.

I see. So given those parameters, it seems like the competition is becoming less and less the Palo Altos of the world and maybe more the Cloudflares of the world. Can you address whether you see Cloudflare as a competitor, as a person or an enterprise that is targeting doing the domain to domain protection, many similar respects, but they're doing it in a very different way.

Yes. There's some similarities, but here's how I look at it. Cloudflare and Akamai of the world come from city and the world. They're sitting in front of servers and whatnot. But to be a switchboard who connects to internal, external, the architecture will be very, very different. I mean, I read this stuff. I haven't seen them in any accounts so far. Okay. Neither ZIA nor ZPA, we haven't seen a single engagement out there. But here is how I think about that. And I read the literature lately. There's an article, it's said, this is one of the exec's quoting, "Security goes away, secure network becomes the most important thing." And I can say, wow, what mean secure network? Internet is the network. We look at network becoming plumbing and the transport and nothing else that you don't control. They talk about secure network because all have connection between A and B over WAN acceleration, whatever the stuff may be. We see their approach is very different because that's the world they come from. We come from the world where network is totally decoupled from applications. Network is totally decoupled from security. So we'll see. But also, they're coming from the SMB world trying to move up. Okay. It's very hard for any SMB vendor to move up. It's a lot easier being an enterprise vendor to move down because the kind of architecture and functionality you build. But I do agree, we'll have a different set of competitors on the ZIA front, different on ZPA front, different on cloud protection front and the like. But my goal is never try to do what others are doing in the same way. Well, I'm looking for disrupting things because that simplifies stuff, especially the many areas of opportunity for disruption in today's world with rapidly changing application development and workloads and the like.

So one of the questions I get asked a lot, I think it's a pretty clear answer, but I get asked frequently is, what's the interface and what's the differentiation between what you guys do and how should we think about the SD-WAN market? What is the value of the SD-WAN market if I'm using the Zscaler platform? It would seem to me that shouldn't need SD-WAN at all. But yet, you partner with a number of them. How do we think about SD-WAN?

Yes. So first of all, I've said many times, we're not going to get into the SD-WAN market, okay? We'll work with them. Here is how the basics are. If Internet is becoming your wide area network, why should I be doing any WAN part of it? It's funny, a CTO I was talking to a couple of weeks ago, I asked him what is he doing about his networking and especially SD-WAN. He said, I'm deploying SD-WAN without WAN. Okay. I said, tell me more. He said, I like this new SD-WAN boxes. They are cloud managed. They're very nice to be able to deal with rather than those old school routers I have to individually manage. But he said, I'm not doing WAN. WAN means I have 500 location branches. They're all on the same network. So any employee can reach any application from anywhere, but any malware can reach any server from anywhere. If you eliminate the WAN, life is wonderful. A branch with an SD-WAN box is great way to send traffic, a headquarter. So the wide area network has to go away. Then you have entities talking to entities. And that's what we are seeing our customers driving. There are genuine cases where SD-WAN is needed for the next few years when you've got 2 plants having a peer-to-peer communication with each other because the applications require that, there will be some cases. So we need to support our customers. But in the long run, I think SD-WAN has to evolve into a little bit different kind of network. And we'll keep on supporting our customers and our partners.

So I want to make sure that Remo doesn't get to a pass on this call. I can't have him sitting there and not answering some questions. So I'm going to shift the gears a little bit and say, can you talk about the leverage in your business model? I know you've put out a target of, a longer-term target of getting to 20% to 22% operating margins. Can you talk about what it is mechanically that drives that? Some companies are more frictionless than others, even if they're cloud-centric. You guys have delivered great margin leverage. What are the mechanics of that?

Yes. I mean, great question. I mean when you're a company with 80% gross margin, it just gives you a lot of ability to get to a high operating profitability. Our plans are, from an R&D perspective, and one of the key things, we're an innovation company. We are stepping on the gas related to R&D. We're making significant R&D investment. Jay talked about that we're going to increase our sales capacity. We've gone through it, increased a couple of times since the end of the year. And we're doing the same in R&D. I mean it's -- so having R&D in that 16%, 18% range, so that's kind of our target. And the leverage that we get, that Zscaler gets is that Zscaler is a very unique company, nothing like ever seen before. It was founded really being a truly global international company with significant operations in India, which has significant cost savings. And the quality of the Indian employees to the U.S. employees I'd say is 1:1, which has not been the case in the other companies I've been at. Secondly, related to the international structure and selling, it's 50-50. It's 50 Americas and 50 international. So that structure has been put in place. And G&A is going to be low percent. Where do you get it? You get in sales productivity. That's the key thing. So sales productivity, our plans are to hire. We built the capacity 60% last year in quota-carrying sales reps. Our plans internally were to have decreased sales productivity. And actually, our sales productivity went up last year. In Q1, 2/3 of our sales organization is still ramping, but our sales productivity was up year-over-year in Q1. Those are the things that I look at getting leverage, leverage with the channel. As we build the platform, as the word spreads about Zscaler, the need for zero trust and SASE, those things basically make it easier. And those are the tailwinds that we're seeing. So really, sales productivity is the key thing I look at and that's what drives my thinking related to how we're going to get to that 20%, 22% operating profitability.

So I got one for Bill here to make sure that he doesn't get away with it either. So this question came in from the audience, but I think it's uniquely Bill-centric. So the question is, the stock price has clearly been a champ. That I definitely agree with. But we noticed that there's a small 9% short interest. Why would anybody bet against Zscaler?

A very good question. I don't know if I have the best answer for it. Since the convert raise that we did back in June, there's some natural amount that can be short. So I recognize that. Otherwise, it's tough to understand myself. So I'll leave it back to you, Alex, as to why that might be.

I think it's probably just the convert that's causing that. So I wanted to drill into another broader question. What's going on with the application performance monitoring functionality, your ability to deliver an understanding of where in the network and what part of the chain is having problems? How is that selling?

ZDX is doing very well. Actually, that's one area with so much pent-up demand because people are working anywhere. Your CEO lands in Sydney, checks in a hotel, connect to Office 365, things are slow. She calls IT. Where can IT start? Her laptop may have some issues. Local DNS has issues. WiFi from the hotel could be slow. One of the 10 hops over the Internet has issues and application management. There's no even idea of where to start. With Zscaler being in the middle, having end-to-end visibility is actually in a far better position to answer that than anybody else out there. We looked at many companies to see if we could buy somebody that could answer this question. Nothing came close because everything was built around my network between the branch and this and that. So we built it. It's growing rapidly. But any new thing, it just takes a few quarters before the word gets out and gets out there, but we are very excited about ZDX opportunity. It's pretty unique. People think that this market is crowded. Of course, it's crowded. But you come from data center, workload monitoring and all that stuff. So let people do what they do. I'm focused on one thing with ZDX: user performance for the applications they care about. And we have a great product and it's evolving. We believe it will remain the best product. So my goal, every employee should have ZIA, ZPA and ZDX, then they are basically in a great shape to work from anywhere with great performance.

Good stuff. So one of the other questions that I get a lot is, is there anybody else who can actually do what ZDX does? For instance, Cisco just bought ThousandEyes and paid a pretty good premium for it. Where does that go?

Lots of people will try to build things that I'm sure they have ambitions. Here is what's unique about us. We are basically sitting in the middle where traffic is going through us. So we can actually tell you real performance. What will anyone else do? First of all, they'll have to do an agent for this. Our stand-alone lightweight client connector is already sitting, doing ZIA, ZPA, ZDX, nothing needed. If you turn on ZDX, nothing needs to be touched other than you define on the console what application you want to monitor. Basically you put them in priority groups and whatnot. And our machine learning AI starts figuring out what's normal response time, what's not normal response time, when to declare it slow versus fast and all that kind of stuff. So anyone can build a great product, but if the traffic is not going through you, you just won't know their experience. What would you do? You'll say, I'll put an agent on your laptop that's going to ping Salesforce every 10 minutes to see how it's good or bad. I'm going to ping here and there. It's just not the right thing. So it's a unique position.

I'm realizing that we've actually run over, which is my fault. I wasn't paying attention to the clock, and I didn't realize that we've done it. So I would think we need to break here. I want to thank everybody for dialing in or Zooming into the meeting and listening to this discussion, particularly those who asked questions. And thanks so much, Jay, Remo, Bill, for joining us. We really appreciate it. As we stated when we launched coverage with a strong buy back just after your IPO, we think Zscaler is the future of security. So thank you very much, everyone.

Alex, thank you.

Alex, thank you.