Zscaler, Inc. (ZS) Earnings Call Transcript & Summary

So I would like to just present as always, with my sessions, we're going to start for those -- we're going to start with basic questions. For those who don't know the company that well, and maybe the basics of the company because I want to make sure that people understand the merits for the growth and why it is able to sustain such high growth. I'm pleased to present Jay Chaudhry, CEO; and Remo Canessa, CFO of Zscaler; Bill Choi, I know is in the audience and he's here to make sure that we are all good. And I'm going to start, first of all, welcome. Thank you very much for joining us.

Thank you for the opportunity.

Excellent. And Jay, I want to start with a basic question. We all know certain parts of the company, but we don't -- some of us don't understand kind of the bigger picture. And the bigger picture meaning, can you discuss basically the growth drivers of the company, the products of the company? Like what is the opportunity you're going after? In simple terms, what is the problem you're trying to solve?

That's good. So when I started Zscaler in 2008, I was lucky I had done 4 successful startups. I didn't want to do 1 more start-up and sell it. I wanted to do something big, something lasting with my own funding. And I said, what could be the big trend? And I believe that Internet and cloud will be the destination of application. I have been using SaaS application for a long time, and we are all seeing users becoming mobile. So if users are everywhere, applications are everywhere, what's the best way to securely connect right user to right application, was the focus on Day 1. Most companies pivot along the way. We have essentially kept the same north star, same bull's-eye. We have expanded our offering as a concentric circle around the bull's eye, but never try to go jump here, jump here, jump here. So if you see this diagram, I'm showing a bunch of application destinations. I'm showing users, showing factories, I'm showing IoT/OT devices. So our goal was how do we have users access those applications with 3 things. It must be fast, it must be secured and it must be reliable. So Zscaler for users is the product offering that you know by and large with 3 buckets in it, Zscaler for internet access, ZIA, or private access, ZPA. And the third thing was user experience part of it, we call it ZDX, Zscaler digital experience. Trying to get too many of these acronyms, probably kill them one of these days. But then we said, aha! users are good. But there are lots of workloads growing. Workloads are almost like users. They talk to Internet. They talk to other workloads. So we created the next offering, we call it Zscaler for workloads. It [indiscernible] when workloads go to Internet, they go through us. Workloads talk to other workloads, they go through us again. It's the same core engine. I'd like to call Zscaler as the switchboard, and then the configuration and posture scanning, what Gartner call CNAPP. That's a second big bucket. And the third big bucket is becoming IoT/OT, especially in today's cyber world. IoT/OT are important in factories and plants, critical infrastructure. They all have very old firewall-based, VPN-based technology, feel not really very secure. We are applying Zero Trust to IoT/OT as well. These are the 3 broad families we are driving.

Great. Thanks, Jay. One of the biggest driver you're talking about and industry leaders talk about is the concept of Zero Trust. And every company defines Zero Trust differently. Can you define for us, first of all, what is Zero Trust? And what is Zero Trust for Zscaler? How do you participate or how do you lead the trend?

Yes. It's unfortunate that the Zero Trust term is being hijacked, but I'm not surprised because when technology goes through some big disruptive changes, incumbents get worried. They want to trust the new terms and all to fit their way. Technology incrementally changes all the time, but big architectural changes don't happen very often, okay? If you think about a couple of examples, we used to love our Sony players. Then DVD players came around, we loved them. And then Netflix streaming came around, right, very different. They all delivered music, but in a very different experience. Those are disruptive changes, trying to become a Netflix streaming from DVD players is not simple. Internal combustion engine cars have been incrementally improved over scores of years. They're complex, pretty nice to work kind of, but then electric engine came around, very disruptive change. They all look the same from outside, but underneath it's all different. In the same way, if you look at the fundamental change in IT, when we went through mainframes to [indiscernible] to PCs to cloud, cloud has created a big change. In the same way, networking and security has to change the architecture of networking we use today, was invented in late '80s when IBM era ended. At that time, IBM dominated every corporate network. TCP/IP, IP-based networking was created and industry grew around it so any vendor could provide routers and switches to extend your data center to every branch office. It's the same architecture that has been serving us for 30 years. But with all the security issues, this architecture is a problem. So what's Zero Trust now? Zero Trust was created to eliminate the problem created by putting people on the network -- on the corporate network. What does that mean? A simple analogy. If I come to see you at your headquarters, they're going to stop me in the reception. Stop, show me your ID. That's authentication of the computer world. And then they have 2 options, they could say, go and see Tal on seventh floor in room 23, unescorted. If you do so, you could wonder around, go to any room that's open, snoop around and leave, not very good. That's like putting people on the network through VPN or by being in the office, they can look around every system. They may not have proper access to it. They could get into it, but that's a risk. That's called lateral movement. You move laterally here and there. The better approach is you check my ID at reception, you gave me a badge and say Jay stop, you'll be checked before you go in. You'll be escorted to a meeting room. When meeting happens, you'll be escorted out after checking to make sure you don't steal anything. Connecting, taking the right person to the right room, meeting happens, then you walked out. That's like connecting the right user to right application without worrying about the network. So network simply becomes plumbing. It becomes transport. You don't have to worry about doing network securities and securing the network. You securely connect a user to an application because at the end of the day, all you're securing is data. Data sits with or around applications or with users. That's a totally new disruptive approach. To do this, you have to build from scratch. Traditional firewall VPN-based technology, they're like bridges. They connect Party A to Party B. We're not a bridge. We are a switchboard. We are a PBX. We stop and say, tell me who you need to talk to? Are you authorized or you not? So that's what is fundamentally different in this architecture. Did it help?

It helped. And the question is big part of Zero Trust or a part of Zero Trust is endpoint. Another part is identity. You're not in these areas. Any -- what is your philosophy there? And are these areas for growth?

So perhaps I should move to my ecosystem slide. We are a big fan of being partner-friendly, let's see. If I could jump to my next slide, build. Next, come on, here. So remember connecting the right person to right party. It starts with identity, who are you? There are some -- many leading vendors who we integrate with and partner with. Endpoint is important, but probably a little bit different. More and more end points are BYOD. This is my BYOD devices. My company doesn't have anything on it other than device management type of stuff. So BYOD will happen. Endpoint plays a role to check the posture of the device, if the device is compromised or not. But there are more and more customers saying, I have BYOD. You can't put anything on it. Still give me security. So there are ways by doing -- by streaming pixel, doing VDI kind of technology, you can help with that. And -- so look at endpoint for posture, identity for who are you and we are the switchboard, are 3 critical pieces of technology. People always ask, why don't you guys buy an endpoint company and this company or that? I don't really like to go into mature commoditized market. I want to go in a new way of doing things, disruptive way of doing things, the market that doesn't exist, but it's needed because the IT applications and all are being done very differently. I think you'll see us doing some right areas of expansion. For example, when on the switchboard, first I really did inspection for malware and approached A and B, then we added sandboxing technology to it. Then we added browser isolation technology to it, you'll see us adding more and more things to bring depth and breadth. Anything that's needed, the switchboard can do, whether it's security or non-security, we do it because we're sitting at the most critical point. In fact, it's kind of fascinating. It's such a big responsibility to sit in the middle of the traffic, all traffic, okay? If Salesforce goes down, they are impacted this much. If we don't work well, the mass impact is huge. So for us to actually make this thing work, there is 10-plus years of experience that we had to do. So rather than jumping around, trying to do different things, we think we are expanding on the area we need to. Yes, we are focused on Zero Trust, but we are also focused on user experience. Is it a part of Zero Trust? I don't really care what's part of Zero Trust or not. I want to take care of user experience that should be taken care of. So in the same way, when you look at cloud posture and all that stuff, it's needed from customer security point of view. And we're adding the portfolio that makes sense logistically and logically, but not trying to chase markets that are out there. SD-WAN has been one of the markets I've been asked about so many times. Why don't you...

That's my next question, by the way, so you can continue.

I think SD-WAN is a good solution to save money because MPLS was too costly and managing individual routers was hard, cloud-managed SDN box are good to manage. So SD-WAN is very good from a networking point of view. But SD-WAN is the traditional routable network where lateral movement happens, you've [ set ] a branch on SD-WAN. If it has a single infected machine, it can infect everything because SD-WAN is not a security solution. Our customers are asking us to really make my branch office like a Starbucks. It's not on my network. I think those are the type of things we want to figure out. We won't really get -- we won't do traditional routing and networking as a company. That's kind of old school.

Yes. I'm going to ask you a question that yesterday was asked as well. You have 4,000 employees, give or take, more than 4,000 employees. You don't have a single firewall. How does it work? How can you protect the network without the traditional firewalls?

Yes. So first to clarify overall, every technology has a place. And as technology shifts, there is room needed for them. I used to sell mainframes at IBM. They are still there in some data centers. So similarly, I think firewalls did a good job in protecting servers in data centers. The problem is that firewalls are being tried to use to say, put a firewall everywhere and do that kind of stuff. A firewall model, as I said, is a castle-and-moat model. I am here. Please come in if you're allowed to come in, or I am here means you can find me, you can attack me, you can DDoS me. The right model with Zero Trust, we believe is where you hide behind a cloud, you're not exposed to the Internet. Your applications can't be seen, they can't be discovered, they can't be attacked. You've come to the switchboard. It's like if you say, I need to talk to John Smith. John Smith's number and location is not given to anyone. And switchboard says, who are you. Raymond. Are you allowed to talk to John Smith? If you are, you are connect to John, otherwise, you say, please go away. That's that approach with a switchboard in the middle. Our customer says, this employee should have access to application A, which may be sitting in Azure or AWS or data center, it doesn't matter. Sometimes people confuse that Zscaler is only meant for cloud. No. You've seen this diagram. Used as a customer select SaaS application, data center, cloud provider, we are the party based on our policy to connect the right thing to right thing. No, in this model, there's no firewall needed. Firewall is needed for protecting things that are exposed to the Internet. That's one use case, and then they try to extend them inside the data center for segmentation. I get asked, are you -- why aren't you replacing all the firewalls? Because that's not the optimal use of our resources and time. Data centers are complex with a lot of stuff in it. Once I talk to [ CTS ], I could replace your entire DMZ. We said, look, leave it alone. There's so much stuff I don't even know. What will break if I replace some of these things? I'm focused on cloud. I'm moving applications. Let's start with Zscaler security in the cloud and data center is slowly getting phased out. If 100% traffic went through the data center 3 years ago, probably today, in a typical data center it's about 50%, 60%, 65%. Probably in the next 3, 4 years, it will be down to 20%. If traffic doesn't flow through it, you won't have to buy more routers and switches and firewalls and load balance in data center. So I want to focus on where the packet is headed to the cloud for cloud protection, not with the packets. Firewalls have a room in traditional application in your data centers. We don't have any on-prem application. It's SaaS. It's on public cloud, and that's basically it. So there's no need. In fact, listen, if they can't find you, they can't attack you. Hiding your attack surface behind us is the biggest security we offer. You heard of Log4j a few months ago. This was the biggest vulnerability. Literally, everyone is using Log4j library. And if you could find a machine, if it had Log4j you could get into the machine. Our customers, what hidden -- their applications are hidden behind us. They're very happy that -- sure, they need to fix it, but there's not a here on fire situation that they had to do it right away. So many, many advantages of clean architecture. Remember when you get an electric car, the benefits over traditional are massive. But we still face some challenges. People say, hey, where is my engine oil in this car? Where is my coolant in this car? There isn't any. So we do have to educate some of the traditionalists to say you don't need some of this stuff.

Maybe the next step is to speak about -- I want to talk about your sales effort because you've done -- you've put in tremendous efforts in hiring more salespeople. But I also want to talk about your products. So maybe I want to -- I'll start from ZIA, ZPA. And the basic question is, where are we on the penetration cycle? Meaning how many innings left? What about ZPA versus ZIA in the attach rate? Can you talk about kind of the opportunity you're seeing in front of you?

So as you know, ZIA is accessing Internet and SaaS by users, ZPA to access private application in data center on public cloud. These are not really point products that you're done with it. People think of ZPA often like VPN. VPN is one piece of it. If you think of the old model of castle-and-moat, there's something called DMZ in the technical world, demilitarized zone. When you go out, you go through outbound DMZs through [ set of boxes ]. When you come in, you come through [ set of boxes ]. ZPA was designed to replace entire [ set of boxes ]. Now we don't like to really talk about things. I don't need to pick more fights with different vendors, okay? When you do ZPA, your applications are hitting behind us. You don't need DDoS. You're not even exposed. So do I compete with DDoS vendors? Not really. I just replace them. They become -- they don't -- they're not needed any move. So ZPA product functionality has been growing. It will keep on growing. Segmentation is a big problem every customer is trying to solve for the last several years. They're trying to do it by creating network segmentation. Creating segments or networks is complicated. Using ZPA, user to app and all becomes easier. So where are we in this segment? I think ZIA, as you know, we have about 40% of Fortune 500, 30% of Global 2000 and there's a big market out there. And ZPA is probably [indiscernible] of about 60% of our large customers -- ZIA customers. It's getting up there. And even when we talk about it, there's our business bundle through transformation bundle to the rest of the stuff together. I think we're still in early innings. And then ZDX came along. We knew ZDX was needed because customers are going to have issues when user calls, they need to figure out, but it has exceeded all of my expectations. It's growing at a pretty rapid pace. So ZIA, ZPA, ZDX will be needed by our customers for each employee. And if you really do the math, Remo, with where we are, how much you sold, even in the installed base, numbers are pretty big.

Yes. I mean we did an analysis for Analyst Day about 1.5 years ago related to what our serviceable addressable market is, and our serviceable addressable market is $72 billion. If you look at our run rate right now in revenue, we're about $1 billion -- a little over $1 billion. In addition, when we took a look at what customers have bought for ZIA and ZPA, how much more can our existing customers -- based on ARR, how much more can they buy? And they can buy 6x more. So we are definitely in the early innings of this market opportunity, not only with our core products with ZIA and ZPA. ZPA represents high 20% range of our new and upsell. ZDX is just starting and the Zscaler Cloud Protection is just starting. The $72 billion market opportunity does not include other areas that -- one of the areas that Jay put on the slide, IoT and OT. We did not include that in our market opportunity. That is clearly a market opportunity and a very large market opportunity for us. In addition, when we did that $72 billion serviceable addressable market, we did not include SMB. SMB is an area that we can go downstream, that's more of the smaller enterprises or small businesses. That's an area that we'll continue to make investments. Our focus though is really the large enterprise because the opportunity in the large enterprise is so large. One of the things we called out on the last call because customers are greater than $1 billion -- $1 million in ARR, we have 288, which is up 77% year-over-year. So what's happening, what we're seeing with our existing customers as well as new customers, with the evolution into this new digital world, which Zscaler purpose built the platform 12 years ago, we're seeing customers getting deeper with us and being more strategic. So that's the change that we've been seeing over the last year or so.

Yes. If I may add one comment. I never thought IPO could bring so much more credibility and brand to our company. It's always hard to get in from CIO and CECLs. Once we became public, it became a lot easier. In the past couple of years, it has become easier and easier. So it's a good indication of CIO-level interest, and that's also different than most firewall and VPN and other security companies. Security get bought a techy level by and large, and that's really where the budget issue comes in. Quite often, we have been asked with a budget issue, too. But when you deal with CIO, who has [indiscernible] budget and Fortune 2000 company and they are bind to strategic transformation, life becomes a lot easier.

One of the other parts of your success is the increase in number of salespeople. And maybe Remo, can take us through. First of all, what have you done? What are your plans and also talk about sales productivity?

Yes. We're basically going to hire in pace. That was the comment we made on the earnings call. When you have a company that's got 60% revenue growth year-over-year as well as 20% free cash flow margin in a market that is as big as we see this market and how we play into that market strategically as well as basically our ability to really capture a large part of this market, our focus is going to be growth. We'll be mindful of operating profitability, free cash flow, but we're going to continue to hire at pace. We will balance growth and profitability. One of the comments I made is that, Jay and I have been around for a while. Jay founded 4 companies successfully. I've been CFO of 3 public companies or now 6 public companies, 3 of which I took public. So we've got a lot of experience. We've seen downturns in the market. The thing we're going to do basically is continue to drive the company. We feel the best interest of our shareholders and our employees is basically build our ARR. Our next goal is to get to $5 billion ARR. We've already passed $1 billion ARR and the growth rates. Basically, once you start growing that curve on your new business, that curve goes pretty steep up in a SaaS model from a profitability perspective, related to free cash flow and profitability. As the business slows down, it naturally creates basically increased profitability and increased free cash flow. The reason for that is the contribution margin that you have in years 2 and 3. Our contribution margin in years 2 and 3 is like 60%. Whereas year 1, when you're actually winning the business, it's negative. So as the business slows down over hopefully many years from now, what you'll see is basically, is that you're going to see basically profitability and free cash flow increase pretty substantially. Now having said that, by my comment before, when you're at 20% free cash flow margin, we were last year, and our projection is for that this year, growing 60%. We're just in a very unique position that we can use our capital to invest in go-to market with the sales organization as well as into our R&D. One of the advantages of Zscaler is that a big portion of our employee base is in India. The leverage we get with our India operation is huge. Just for an example, in the finance organization, 80% of our finance organization is in India. In the R&D organization, over half of our R&D organization is in India. The quality of people that basically in India compared to the U.S. is comparable. The reason for that is what Jay did and the company did from Day 1, they truly built Zscaler as a global company utilizing the resources throughout the world. Another area you can see that is basically our presence in Europe. Jay, very early on, a lot of companies basically are more dominant in the U.S. related to their business. Zscaler is pretty close 50-50 U.S. versus international. So the foundation that's been created, the leverage that we have in the model, the position that we're in, right now for the best interest of our shareholders and our employees, invest in growth, be mindful of operating profitability and free cash flow. We really try to take advantage of this market opportunity is what we're going to do.

I'll go back to my question on sales efficiency and sales productivity, but I want to do actually first follow-up to what you just said and ask when is the company going to be profitable on a GAAP basis? And what about the large SBCs, the stock-based compensation that you have? What -- when is this going to go down?

Yes. From a GAAP profitability, if you look at technology companies, it's a long way down the road. And again, when you're starting off as a company, stock-based compensation clearly is an important compensation vehicle that's used. Our stock-based compensation, if you take a look at it from a G&A and R&D perspective, that's in line with other companies our size. From a sales and marketing perspective, it is higher. The reason for that is 3 years ago, we hired a new Chief Revenue Officer. And basically, he brought on board an entire team, and that team basically has created a big portion of that stock-based compensation. Having said that, as we go forward, stock-based compensation will decrease as a percent of revenue and it will continue to decrease. And if you take a look at other companies, say, the $3 billion, $5 billion type of companies and their percent of SBC to revenue, I think, we'll be very comparable with those companies. So we'll follow a natural path [ in relation to ] Silicon Valley, how companies are run. But from a GAAP profitability perspective, it's going to be a long way down the road. From a salesperson efficiency perspective, the comment that I made was coming into the year that I expected the sales productivity to be lower. On a year-over-year basis, it's actually been higher. The reason for that is our top line performance has exceeded our estimates at the beginning of the year.

Great. Jay, I want to talk to you about cloud security. And yesterday, we hosted a panel with Wiz and Orca and we spoke with also Palo Alto about it. And how is -- first of all, how do you see the opportunity for you? And how do you participate in cloud security?

Yes, I think what you're referring to cloud security in that context is securing workloads, cloud workloads. So you can think about securing cloud workloads in 2 buckets because anyway, things start getting very confusing. Every security vendor claims to do everything, right? And I can see the challenge you have as investors figuring out. It reminds me of a discussion I had with a Gartner research analyst about 4 years ago at this conference. I met him for a drink at the end of the day. He said, Jay, my day started at 7:30. I met about 9 security vendors. I'm more confused at the end of the day than as at start of the day after meeting all these vendors because they're all saying the same thing. So trying to put things in meaningful buckets. So though sometimes these buckets are changing around with the market. Workloads, there are 2 things. One, as you build and deploy these workloads, are they configured properly? Because there are lots of configurations, think of workloads like a big hotel and conference building. Which rooms and windows and doors should be open, which should be closed because they may be needed by different parties. So those are part of the configurations. So that's one piece companies are trying to do by making API calls to log, they say, are these things configured properly, should they not be configured properly. Then the next thing is who is supposed to access these workloads from users' point of view, it's called entitlement and permission. It's like the analogy of conference room, conference building. Which user who is coming to the conference can go to which floor, which level, which room, which not room, that is permissions and entitlement of users. So those are the type of things that are done by making API calls. It's a relatively easy thing to do. We've done 2 acquisitions in that space. You probably hear about 20 vendors every month coming -- entry into that space. What you talk of Wiz and Orca and others obviously came into that space, and I can do these configurations and permissions and whatnot. That's one piece, are you configure right. Second piece is when those workflows need to talk to Internet, how should they talk? What gateway, what security is in place? And this is -- and the next is when workloads talk to other workloads, today, they create a network. They put them all interconnect, and they can talk to each other. But one infected workload in Azure East can infect many others in Azure West or wherever else. So we -- so communication of workloads is the second part. We have 2 offerings at the broadest level. Zero Trust for workload is about communication. We are leveraging our ZIA and ZPA core engine. Remember, it's a switchboard. This workload can talk to Internet destination A, B and C. This workload in Azure East can talk to this workload in Azure West and the like. That is unique zero-trust model. The only competition we have in that space is legacy networks and firewalls and VPNs, okay. Those products have just come out in the past 6 months. We are seeing good traction. We believe that we will be able to disrupt the traditional network security for workload communication just like we disrupted it for users. That's very hard to get into. It's lots of IP sitting in the middle of the traffic. The other part I talked to you about configurations and all, Gartner has a new name for it CNAPP, cloud native application protection platform, okay. This is a very competitive space. But it's -- the barrier to entry is not that high. It reminds me of a market segment, Gartner called CASB, C-A-S-B. So we believe there'll be lots of competitors, market will shake up in that space. But vendors who have platform, we plan to offer the entire workload security offerings with communication in that, and we have a good shot at it. But it's a good market opportunity. In the CNAPP space, you'll also see hyperscalers coming into that space as well. It's a natural thing for them to do. Look, we don't need to be the deepest in each point product area. I need to have pretty good products that integrate, they work well together, and that's what we are focused on.

Got it. And what makes you position well for the opportunity? Where is the synergy with your existing business?

So Zscaler for workloads is built around the same switchboard engine that we have been selling ZIA and ZIP, core technology that's very hard to build, big barrier to entry, highly differentiated, probably for a long, long time. [indiscernible] is our entry point, then we expand into the adjacent markets for our cloud security portion and the like.

And from a sales motion, does it go after the same customer? Or do you have to approach new buyers in the organizations?

So if you sell low, then it ends up being a different buyer. But when I'm dealing with the CECL and head of networking, it's some of the same thing, same head of networking who is worried about branch network is also worried about connecting the data center to Azure East, Azure West and Azure [indiscernible]. I deal with the same head of networking. It's the same CECL. What is about security of users, also what is with security of workloads. It is true that you hear about [indiscernible] CECOPS kind of stuff. These are all developers start playing on the configuration side of it. But still, if there's one party that's held accountable for security, CECL is overall held accountable, having strong relations with CECL and CIO puts us in a pretty good position.

Got it. We don't have much time left. I want to see first if there is any question from the audience. Do we have a microphone out? No. You answered everything for them. I have a question about competition. If there is, by the way, just raise your hand, we have a few minutes left. I want to speak about competition. You're growing extremely nice. Palo Alto Prisma growing extremely nicely. Is competition just a discussion for us, for Wall Street guys on the street? Or is competition really a factor in your sales motion?

You said right. It's largely investor question. I get far more questions from investors about competition than my customers. Our strategy of going, engaging with customers to help them with their transformation. Companies then even get in the middle of it. I mean I don't go and say, replace this firewall and this VPN and this thing at all. Basically, this is where you need to move to. And a lot of these things change. The network, by and large, is going away in phases. Look, 45 years ago, when we used to talk about MPLS is going away, people used to say you're crazy. I mean, how can business run without it, right? We see everything is running without it. Zero Trust is going through some of the same stuff, lots of confusion early on, but customers are getting it. And I think we are very well positioned. We will keep on focusing on customers and solving their problems rather than worrying about the competition.

Got it. Is there -- how do I ask the question in a nice way? What's the role of new companies in the space like Netskope. Meaning why would we see or what are the things that new companies can innovate that does not exist in the market?

Right. I think there's plenty of room for innovation and it needs to be innovation. When companies try to come from behind and say, I can be 80% cheaper in this and that, that thing doesn't really work, especially in the security space. I think some of these companies are trying to catch up, market is moving so fast. I worry about companies that are bringing new kind of innovations to the market. For example, take identity. I don't want to do what Okta does or Microsoft does. If identity can be disrupted in a new way, I will be interested in that. So I think you'll see innovations happening more and more. 5G is creating some new innovation areas for people out there. Edge-based cloud is creating new innovations. So I think those are the companies, the companies that I'm a [indiscernible] vendor. I'm going to add secure web gateway to it and all the stuff. It's a little bit too little too late. What we are doing is so strategic that the customers want to make sure you can handle this stuff. I'd tell you an interesting dialogue with the CIO a few months ago, Fortune 100 company. So, Jay, we are so pleased with you guys. We have made you one of our only 5 strategic vendors. And he said, this is for the first time we've done such that a vendor we pay -- generally vendor to be strategic. We spent at least $100 million with them per year. And you are an outlier, a few million dollars per year. I wasn't sure if I should feel good about it or bad about it, but it shows the importance of the role. So lots and lots of questions get asked, how are you going to make sure my cloud works, it's reliable, you will be around tomorrow? You don't get sold to another company, you know after acquisition quite often lots of these acquired companies disappear. I think that's a challenge young security companies will face. And we are looking at good new innovative acquisitions that can be properly integrated in our platform. And I think that's where you'll see more and more. You won't see lots of security companies becoming public and independent. It's hard because market is looking at consolidation, platform-level play, but there's opportunity for them to sell to larger vendors.

Great. So Jay and Remo, thank you so much. It's been a pleasure. We ran out of time.

Enjoyed it.

Thank you.

Thank you.