Zscaler, Inc. (ZS) Q2 FY2026 Earnings Call Transcript & Summary

Good day, and thank you for standing by. Welcome to the Zscaler Second Quarter 2026 Earnings Call. [Operator Instructions] Please be advised that today's conference is being recorded. I would now like to hand the conference over to your first speaker today, [ Kim Watkins ], SVP of Investor Relations and Strategic Finance. Please go ahead.

Good afternoon, and thank you for joining us today. Welcome to Zscaler's Second Quarter Fiscal 2026 Earnings Conference Call. On the call with me today are Jay Chaudhry, Chairman and CEO; and Kevin Rubin, CFO. Please note that we hosted our earnings release, shareholder letter and a supplemental financial schedule to our Investor Relations website. Unless otherwise noted, all numbers we talk about today will be on an adjusted non-GAAP basis. You will find a reconciliation of GAAP to the non-GAAP financial measures in our earnings release. Before we get started, I'd like to remind you that today's discussion will contain forward-looking statements, including, but not limited to, the company's anticipated future revenue, annual recurring revenue, net new annual recurring revenue, gross margin, operating profit, net other income, earnings per share and free cash flow margin, our customer response to our products, our expectations regarding AI and its impact on our business and customers, and our market share and market opportunity, and our objectives and outlook. These statements and other comments are not guarantees of future performance, but rather are subject to risks and uncertainties, some of which are beyond our control. These forward-looking statements apply as of today, and you should not rely on them as representing our views in the future. We undertake no obligation to update these statements after this call. For a more complete discussion of these risks and uncertainties, please see our filings with the SEC as well as in today's earnings release. I also want to inform you that we'll be attending the following conferences. Morgan Stanley Technology, Media and Telecom Conference on March 2. Loop Capital Markets Investor Conference on March 10. Stifel Technology Conference on March 10. Cantor Global Technology and Industrial Growth Conference on March 11, and Wells Fargo Software Symposium on April 8. And with that, I'll turn the call over to Jay.

Thanks, Kim, and thanks to everyone for joining us today. We delivered strong Q2 results, and I couldn't be more proud of the team's execution. ARR grew 25%, reflecting continued strong demand for our platform. We are confident in our outlook for the second half of fiscal 2026. And as a result, we are increasing our guidance across the board. I'd like to zoom out for a moment and talk about what's on everyone's mind, AI. AI is the single most transformative technology of our time and its mass adoption only just beginning. We believe Zscaler is the security platform for the AI era because we already protect users, data and applications across clouds and the Internet at scale. Just as we enable customers to securely accelerate digital transformation and cloud adoption, we believe we are uniquely positioned to secure the AI transformation driving continued demand for our platform. Organizations are rapidly adopting AI to drive productivity and innovation. But doing so is creating new vulnerabilities, significantly expanding the attack surface, and increasing cyber threats in scale, sophistication and speed, recasting AI from a productivity engine into a dangerous security set. During my conversations with more than 100 CEOs and CIOs, including many at the World Economic Forum in Davos last month, the urgency of securing AI is one of the top concerns on their minds. This is the opportunity for Zscaler's industry-leading Zero Trust Exchange, which enables our customers to securely scale AI for the Agentic era and beyond. Zscaler minimizes the attack surface and limits [indiscernible] with our unique Zero Trust architecture that enables direct one-to-one communication among users, applications and AI agents. I started Zscaler with an initial focus on securing users with Zero Trust. Then we extended our platform to deliver Zero Trust for workloads, branches and devices, which has increased our TAM significantly, and extended our technology lead from other vendors who are still trying to build a SASE solution for user security. Now we are extending our global Zero Trust Exchange platform to secure AI applications, AI agent communication, and Agentic workflow at scale. As AI agents are unleashed within the enterprise, it won't be long before billions of AI agents interacting with each other will have access to mission-critical applications and sensitive data. Just like users, in organizations AI agents are also becoming the weakest link in cybersecurity. Imagine a threat actor, highjacking even one-off and organizations AI agents, resulting in a serious breach. AI agents shift the threat landscape and operate autonomously at speeds far exceeding humans, exponentially increasing Agentic traffic, while compressing the time to prevent, detect and respond to threats. This is becoming even more acute as AI agents, or apps, exposed to the Internet can be scanned and targeted in seconds. Securing this new reality requires in-line policy enforcement at massive scale. This is what Zscaler is built to deliver. Zscaler stands for the Zenith of scalability. Effective AI security requires a proven Global Zero Trust Exchange infrastructure. And we believe Zscaler is the only cybersecurity platform for the AI age that's able to secure at this unprecedented speed and scale, creating a durable advantage. We have 15-plus years of experience operating our own cloud across 160-plus data centers worldwide, offering real-time security services with [ 99.999% ] reliability. This global infrastructure is critical to secure AI agent communication. Our software is present on millions of end-user devices, servers, as well as in the cloud and branch offices, and it enables us to get Agentic traffic to our Zero Trust Exchange giving us a unique advantage. With our AI platform capabilities, we processed nearly 1 trillion AI transactions in calendar 2025. We are also processing millions of MCP requests through our exchange on a monthly basis, up from literally nothing a couple of quarters ago. As an example, a large Fortune 100 financial services customer is using our Zero Trust Exchange to enforce policy for the software development agents. In another example, a CECL of a Fortune 500 entertainment company, a Zscaler customer, shared with me that with little deployment effort, he was able to turn on Zscaler Exchange to enforce policy for AI traffic and is securing over 4 million prompts per week. Our Zero Trust Exchange is fundamentally different from competitive firewall-based security architecture that connects users or AI agents to a network, and then allows them to run free, dramatically increasing the risk of cyber breaches. We expect these advantages, including significant architectural differentiation and our large customer base to drive short-term and long-term demand for our platform. Turning back to the quarter. Our results reflect robust demand across all 3 of our growth pillars. AI security, Zero Trust Everywhere, and Data Security Everywhere. I will start with AI security, which includes two product areas. AI Protect our recently introduced solution to secure the use of AI and Agentic operations. I will begin with AI Protect which secures the full spectrum of enterprise AI adoption and solves a range of cyber and data law challenges. Zscaler [ threat lab ] research found that in calendar 2025, AI application use within our customer base expanded to over 3,400, a quadrupling in the last 12 months alone, with data transfers to AI apps exceeding 18,000 terabytes. Many of these apps have serious vulnerabilities. Zscaler AI Protect, gives customers a single integrated way to secure AI at scale by discovering and managing all AI assets, including shadow AI uses, enforcing safe access to approved apps and inspecting every prompt and response in real time to stop data leaks and attacks like prompt injection. For customers building their AI models and applications, our AI [ red-teaming ] solution performs continuous security assessment. This quarter, we integrated our AI red teaming and our guardrail products to provide true closed-loop security. While our Zscaler AI Protect solution is new, we see demand rapidly accelerating, including landing new logos representing a massive future growth opportunity. This quarter, several large enterprises adopted our solution. In an 8-figure new logo win, we landed a Fortune 500 semiconductor manufacturer. This [ comer ] expanded its use of our platform to include AI Protect and data security solutions to block access to unsanctioned applications, prevent public LLM data leakage and provide visibility into prompts. Zscaler's integrated AI Protect solutions spanning the entire AI life cycle was a key differentiator for this new logo win. In another example, in a 7-figure upsell deal, a Global 2,000 construction company, which is securing users with Zscaler, added our AI Protect solution to prevent data leakage and enforce acceptable use controls, or access to Gen AI applications. The second product area of our AI security is Agentic Operations, which includes our Agentic [ SecOps ] and Agentic IT Ops solutions. We are significantly advancing our Agentic SecOps capabilities by integrating Red Canary's agent framework with the deep security insights we generate from the Zscaler Zero Trust Exchange, which processes more than 500 billion transactions every day, more than 20x the number of daily Google searches. This fusion of capabilities simplifies customer operations automates threat hunting and provides more accurate actionable threat prioritization. Some of our wins for our [ Agentic SecOp ] solution this quarter include our leading AI software and research organization, a Global 2,000 utilities energy company, and a Global 2,000 oil and gas company. In agentic IT operations, our innovations include Zscaler Digital Experience, or ZDX Copilot, which combines Agentic technology with a conversational interface to troubleshoot and resolve performance issues of applications and network and endpoint devices. Booking for ZDX [ Advance plus ], which includes our ZDX Copilot product crossed [ $100 million ] over the last 12 months, growing more than 80% year-over-year. We are soon launching an AI agent for ZDX that will automate multiple troubleshooting tasks, resulting in faster diagnosis and resolution of performance issues. Overall, I'm very pleased to see growing demand and continued momentum for our AI security solutions. Our next growth pillar is Zero Trust Everywhere, which includes revenue from customers who are more broadly adopting our Zero Trust architecture by purchasing all of the following. Zero Trust Users, Zero Trust [ Branch ] and Zero Trust Cloud. We pioneered the Zero Trust users market by disrupting the traditional proxy and VPN markets, and we are a clear market leader. With our Zero Trust branch, we are disrupting branch firewalls, software-defined networks on SD-WAN and MPLS networks. With Zero Trust Cloud, we are disrupting virtual firewalls in the cloud. We are seeing ARR from Zero Trust Branch and Zero Trust Cloud growing significantly as we dramatically reduced cost and complexity. The number of Zero Trust Everywhere enterprises has grown at a rapid pace and now sits at over 550, up from over 130 a year ago. The pricing of Zero Trust Branch and Zero Trust Cloud are based upon the number of devices, the number of workloads and the amount of traffic which keeps growing. This expansion also creates a flywheel effect generating follow-on demand for our data security and AI security offerings. Let me give an example of Zero Trust [ Brand ] win at a subsidiary of a Fortune 500 retailer, who significantly expanded its deployment of Zero Trust Branch to over 1,000 sites in a 7-figure upsell, making it one of our largest ever Zero Trust Branch deals. The use case is for this customer for frictionless M&A integration and rapidly bringing both newly acquired and greenfield sites online. This order also included our AI Protect solution to secure sensitive data from Gen AI apps. In Q2, 45% of the total customers who bought our Zero Trust Branch solution for new logos, demonstrating that Zero Trust Branch is helping us grow on new logos. This is also a clear proof that for better cyber protection, customers want each branch to become like an Internet cafe, and [indiscernible] place SD-WAN, which is often sold by SASE vendors. Another important part of a Zero Trust Everywhere solution is Zero Trust Cloud, which reduces cost and operational complexity by eliminating virtual firewalls in data center and cloud environments, and can be deployed in 10 minutes. We're seeing tremendous momentum for Zero Trust Cloud. To share a customer example in one of our largest ever Zero Trust Cloud wins, a Global 2000 financial services customer signed a 7-figure deal increasing their ARR to more than [ 5 million ], up over 40%. Zero Trust Cloud is priced based on traffic, creating a natural path for ARR to grow as customer traffic grows. This deployment will eliminate a large number of virtual firewalls in their multiple cloud environments which significantly reduces the operational burden of managing firewalls in multiple clouds, and improves cyber posture by preventing lateral that movement. With significant wins, we are proving that for better cyber protection, customers want each cloud workload to become like an island, and communicate only through our Zero Trust Exchange and displace virtual firewalls. Our opportunity is to secure millions of workloads. Our third growth pillar is Data Security Everywhere, which is 8 modules, including data discovery, data classification, posture management and data loss prevention. We are seeing significant traction driven by enterprises, consolidating the data security point products onto our integrated platform and simplifying deployments. The growing use of AI apps is making data protection essential, generating strong demand for our solution. Let me share an example. In an 8-figure upsell win of Global 2000 financial services customer expanded its adoption of our platform by purchasing additional data security modules, strengthening protection for sensitive data across its organization. This customer selected us over well-known competitors to replace multiple legacy point products due to our unified policy for various data sources and channels. With this purchase, the ARR for this customer increased nearly 5x. We believe Zscaler is incredibly well positioned to secure the AI era. As the number of agents expands, the unique Zero Trust architecture becomes even more crucial. Minimizing attack services and limiting lateral movement by enabling direct one-to-one communication. In summary, our growth opportunity is straightforward. Traffic flowing through our Zero Trust Exchange for secured communication expands our revenue opportunity. In the Agentic era, the traffic from Zscalers more than 50 million users, servers, cloud workloads, branch locations and AI agents will grow exponentially, driven by billions of autonomous agents. We believe that Zero Trust communication will be the only way to apply the real-time protection customers need to adopt AI safely and securely. We run the largest in-line globally distributed security called platform in the world, processing more than 500 billion transactions every day, more than 20x the number of daily Google searches. This proprietary anonymized data is [indiscernible] our AI engine, a powerful differentiator to stop ever-changing cleats at speed and scale. We provide the global infrastructure which enables our customers to secure communication and apply policies in real time at wire speed. Today, we are trusted by more than 45% of Fortune 500 companies, and we expect to continue expanding our partnership over time. In addition, with just 4,400 of more than 20,000 largest enterprises in the world as Zscaler customers today, we have a significant opportunity ahead. This gives us a durable runway for long-term growth from both upsell and new logo opportunities. Protecting AI is not just a job or task for Zscaler. It is our mission. We believe Zscaler is the cybersecurity platform for the AI age. Now I will hand it over to Kevin to walk through the financials.

Thanks, Jay. We delivered strong Q2, '26 results, exceeding our targets while investing with discipline. With 26% revenue growth and a 36% free cash flow margin, we achieved Rule of 62 performance in the first half of the year, placing us among the elite companies that consistently outperformed the Rule of 40. Our Q2, '26 net new ARR was $156 million, up 19%, bringing total ARR to $3.4 billion, up 25% year-over-year. Net new ARR benefited from strength in large deals and volume of deals. In particular, the Americas closed twice the number of $1 million plus deals this year as compared to last year. Excluding the contribution from our acquisition of Red Canary, net new ARR was $139 million, up 7% year-over-year, and total ARR up 21%. These results compared to an exceptionally strong 24% net new ARR growth last year. Red Canary exited Q2 with $114 million of ARR. For the first half of the year, net new ARR, excluding Red Canary, grew 10% year-over-year, accelerating from 1% last year. This quarter, our Zero Trust Internet Access, or ZIA, and Zero Trust Private Access, or ZPA, ARR remained healthy and grew in the mid-teens. We have steadily expanded our Zero Trust platform beyond users to protect branches, workloads, AI applications and now AI agents. We believe AI agents will drive a meaningful increase in machine-to-machine and agent to agent interactions over time. In Q2, our non-seat-based metered usage solutions delivered just over 1/4 of new ACV, and the ARR tied to those offerings grew more than 100% year-over-year. Revenue of $816 million grew 26% year-over-year and 4% sequentially, exceeding the high end of our guidance. We closed Q2 with 728 customers generating over $1 million of ARR, and [ 3,886 ] customers exceeding $100,000 in ARR, both growing 18% year-over-year. We also set a record 1 million plus new ACV deals for Q2. On a geographic basis, we saw strong growth from the Americas, which accounted for 57% of revenue, up approximately 31% year-over-year. EMEA accounted for 28% of revenue, up approximately 18%, and [ APJ ] for 15%, up approximately 23%. Remaining performance obligation, or RPO, of $6.1 billion grew approximately 31%, including approximately 47% classified as current RPO. We are pleased with the strong execution in our account-centric sales motion, which is strengthening our position as a long-term strategic partner and driving deeper customer adoption over time. In Q2, we again delivered double-digit sales productivity growth, reflecting continued improvement in our go-to-market execution with meaningful headroom ahead. We also achieved record pipeline conversion for Q2, signaling stronger pipeline quality and improved visibility. We continue to build strong momentum this quarter with our recently launched Z-Flex program. Z-Flex gives customers with multiyear commitments, the flexibility to activate or swap modules without starting a new procurement cycle, along with premium deployment assistance and support. This program is driving meaningful upsell, shorter sales cycles and greater forward visibility. In Q2, Z-Flex generated more than $290 million in TCV, up over 65% quarter-over-quarter. Since launching a year ago, we have delivered approximately $650 million in TCV, at an average 4-year term, underscoring customers' long-term commitment to Zscaler. To share a couple of customer examples. In a 5-year 8-figure Z-Flex deal, a large U.S.-based finance and insurance customer nearly tripled its annual spend by expanding its module adoption across 11 existing modules, and adopting 5 new modules, including our AI security solution. In a new logo Z-Flex win, a Fortune 500 retail customer purchased 11 modules in a 5-year 8-figure deal. This customer adopted all of our Zero Trust solutions, including Zero Trust Users, Cloud and Branch, landing as a Zero Trust Everywhere customer. Turning to M&A. I'd like to start with some color on our recent acquisitions. On February 5, we closed the acquisition of [ SquareX ], which extends Zero Trust capabilities into any browser, enabling organizations to leverage standard browsers like chrome and edge to secure access on unmanaged devices, without requiring a separate third-party enterprise browser or using outdated and costly virtual desktop infrastructure. Next, Red Canary. On February 1, we executed the next phase of integrating the Red Canary teams with the respective Zscaler teams. Red Canary was primarily a technology and talent acquisition. As we shared when we closed this acquisition, churn or MDR businesses is higher than we experienced in our Zscaler business. Post acquisition, Red Canary's churn has been elevated. We'll be providing Red Canary ARR in Q3 and Q4. Turning to operating performance. Non-GAAP gross margin was 80.2%, compared to 80.4% a year ago. Non-GAAP operating income of $181 million grew $41 million, or 29%, as compared to $140 million last year. Non-GAAP operating margin of 22.2% increased 50 basis points year-over-year, reflecting the sales productivity improvements I mentioned earlier, demonstrating leverage on sales and marketing. Turning to the balance sheet. We ended the quarter with $3.5 billion in cash, cash equivalents and short-term investments and $1.7 billion of debt. In Q2, we generated $204 million in operating cash flow, up 14% year-over-year, and CapEx was $18 million or 2% of revenue. Finally, free cash flow margin was 20.7% this quarter, down from 22.1% last year, driven by the timing of cash collections. Looking ahead I'd like to spend a minute addressing the recent increases in memory, storage and processor prices and availability. So far, we haven't seen a meaningful impact to our operations. However, it could become a factor in the future as we purchase equipment for our data centers and Zero Trust Branch appliances. We'll continue to monitor our costs and adjust customer pricing if needed. Turning to guidance. Let me provide our outlook for Q3 and full year fiscal '26. As a reminder, these numbers are all on a non-GAAP basis. For the third quarter, we expect revenue of $834 million to $836 million, reflecting approximately 23% year-over-year growth. Gross margin of approximately 80%, operating profit of $187 million to $189 million, equating to an operating margin of 22.4% to 22.6%, net other income of approximately $25 million and earnings per share of $1 to $1.01, assuming a 21% tax rate and 167 million fully diluted shares. For the full year fiscal 2026 ARR of $3.730 billion to $3.745 billion, or year-over-year growth of approximately 24%. This guidance implies net new ARR growth, excluding Red Canary of approximately 9.5%. For Red Canary, we expect ARR of approximately $130 million in fiscal '26, up from our prior guidance of $95 million, with net new ARR of approximately $6 million in Q3 and $10 million in Q4. This includes all the business expected in each period, including fiscal '26 renewals, upsells and new logos. For the second half of fiscal '26, we expect approximately 40% of total net new ARR to be recognized in Q3. Revenue of $3.09 billion to $3.322 billion, reflecting year-over-year growth of 23.8% to 24.3%. We expect Red Canary revenue of approximately $125 million in fiscal '26, up from our prior guidance of $90 million. Operating profit of $742 million to $748 million, up approximately 28% to 29% year-over-year, up from our prior guidance of $732 million to $740 million. Earnings per share of $3.99 to $4.02, assuming a 21% tax rate and approximately 169 million fully diluted shares. And free cash flow margin of approximately 26.5% to 27%, reflecting CapEx in the mid-single digits as a percentage of revenue. We are very pleased with the results we delivered in the first half of fiscal '26. We achieved 25% year-over-year ARR growth and record operating income. Excluding Red Canary, our net new ARR growth accelerated to 10% in the first half of the year, up from 1% in the same period last year. We also saw continued momentum with Z-Flex and closed a record number of $1 million plus ARR deals for Q2. Looking ahead to the second half of the year, we believe we are well positioned to build on this momentum. We will do this by scaling our rapidly expanding AI security portfolio, expanding Zero Trust Everywhere adoption and growing our Data Security Everywhere revenue. Ultimately, we remain focused on driving durable, profitable growth with strong cash generation. I want to thank our employees, customers and partners for their continued support. With that, operator, you may now open the call for questions. Thank you.

[Operator Instructions] Our first question will come from the line of Saket Kalia of Barclays.

Thank you, team, for the increased disclosure on Red Canary, very helpful. Jay, maybe for you. I'd love if you could talk about just the competitive backdrop a little bit. And anything you can touch on in terms of competitive win rates, and what you saw this quarter? I mean, clearly, this is a rising tide market, but there are other players as well. Maybe the question is where are you winning? And what impact, if any, are they having?

Thank you, Saket. We haven't seen much change in the competitive dynamics over the past few quarters. What we saw was a record pipeline conversion for Q2, which is wonderful. And we also had a record Q2 in terms of large deal wins and -- in Q2, and large deal wins, I mean, over $1 million. I mean there's a fair amount of noise the market creates out there, SASE this. SASE that. SASE is a collection of all kinds of products. In many of these SASE numbers, legacy firewalls, VPNs get thrown out. But what we are seeing in the market is our customers care about, Zero Trust. And as we engage and explain Zero Trust, we almost always win. And by the way, SASE is not [indiscernible] Zero Trust, and Zero Trust is what eliminates lateral move. So very pleased with performance. Our brand has grown. Most of large enterprises like us, they know us. And I think the future is great for us.

Our next question will be coming from the line of Brad Zelnick of Deutsche Bank.

Congrats again on another great quarter, guys, and I also appreciate the additional disclosure. Kevin, it seems you're raising your full year ARR expectation by more than your overachievement in Q2, which might be from newer acquisitions? And are there any seasonal anomalies we should consider? Perhaps [indiscernible] out of Q2 or anything like that?

Thanks, Brad. I appreciate the comments and the question. First of all, just remember, our business seasonality tends to favor H2. So we are going into the second half of the year feeling confident. We do see a strong pipeline of deals going into the back half, which does give us confidence in the raise with the exception -- excluding Red Canary. So I would point to strengthen the overall business as well as just general seasonality that we see in the back half of the year.

Our next question will be coming from the line of Gregg Moskowitz of Mizuho.

Also welcome the additional disclosures. So thank you for that. Very interesting that your non-seat-based meter usage solutions are now over 25% of new ADV. That's higher than a lot of people had thought. And with the related ARR more than doubling year-over-year, this has the potential to put some upward pressure on the growth algorithm for Zscaler in the future. But Jay, when you look deeper at these nonseed-based solutions, you gave some good color in your prepared remarks, but can you help us better understand what's really most resonating with customers today, as well as what you're most excited about going forward?

Yes. We started early on with Zscaler. For users with Zero Trust that is largely [indiscernible], but now we have Zero Trust for workloads [indiscernible] devices, and now we are extending it to AI agents as well. Even for [ users ], we did have a number of use cases that are nonseed-based. This is [indiscernible] where we are doing third-party contractors, guest WiFi or B2B data exchange with suppliers and customers. And just on growth, on [indiscernible] has been very strong, and that's all nonuser [indiscernible] pricing. Our AI security solutions, which are starting small, but growing pretty rapidly at all nonuser-based, rather they are token-based. And yes. We are pleased to say that 1/4 of our new business came from metered usage, and we expect it to grow over time, especially with AI agents because we believe that there will be billions of AI agents. The only way to secure communication of agents is to go through Zero Trust Exchange that scales, that's highly reliable and globally distributed, and that's what we have.

And our next question will be coming from the line of Brian Essex of JPMorgan.

Another set of kudos to Kevin for the organic versus inorganic disclosure. Maybe a question for you, Jay. And we saw this quite a lot during like a decade ago when digital transformation was the buzzword, and a lot of different IT projects were classified as digital transformation products. Similarly, we're starting to hear a lot of projects where executives are throwing AI on top of their projects to get more budget. And from that perspective, are you beginning to see any attached to budgets outside of security? How are CIOs thinking about funding some of these projects and is Zscaler [indiscernible] in that?

So we are seeing CIOs trying to really move as fast as they can to implement AI security projects. And so the feeling is if I'm not doing something, I'll be left behind. That's a clear thing. I see I have talked to lots and lots of them, but they do all worry about cybersecurity. Especially when you see all these agents showing up every other week, [indiscernible] last night was for [indiscernible] and [indiscernible] and all these guys keep on coming. They are definitely creating security issues. So our customers are asking us, what can you provide me visibility into AI assets are risk associated with that? And then start moving around, how do I control agents? How I do have a policy that can say certain agents can access or an application? Agents are somewhat like you, they're just more dangerous and they're growing at a rapid pace. So there is a high degree of interest in proper security, especially Zero Trust for agents that we provide the budget opens up, the budget either comes from the security side of it. All the CIOs are allocating some number of budget out to the AI project. If you're spending $100 on an AI project, you spend $4, $5, $6 on security is viewed as very nominal thing. So we're not seeing budgets as an issue to do AI security projects. It does require that you need to engage at the C level. And we have very good C-level relationships, and with pretty good plan and credibility with Fortune 500 companies.

Our next question will be coming from the line of Meta Marshall of Morgan Stanley.

Maybe a question for me, kind of following up on Brian's question. Just what you're seeing in terms of sales cycles once kind of a deal is encompassing more AI? I guess just how does it change the dynamic of your kind of needing to take a more holistic view or needed to include more modules? Just what are you seeing there?

So sales cycle depends upon the scope of the project. The first thing our customers are trying to do is put their hands around what do they have in [ the AI ] environment. What public [indiscernible] being used and what private [indiscernible] are being used. So for that, we offer AI asset management, then they want to do vulnerability assessment. We've had [ teaming ] kind of stuff as they roll out the project, guardrails becomes important. Last month, we launched a very integrated AI security [indiscernible] The sales cycle based on what modules they're doing is generally faster because they are not really trying to go after everything. They want to start somewhere, but they want an integrated solution. And by a number of customers that told me, we bought this solution from a start-up, but for 1 year till I figure out what integrated solution can I get from a trusted vendor like Zscaler who will be around for the long term? So deals sell cycles are faster. They are smaller deals to start with, and I think they'll grow over time, especially most of those deals are based on consumption or tokens. And as [indiscernible] users are [indiscernible].

And our next question will be coming from Fatima Boolani of Citi.

Kevin, this one is for you. I was hoping to take a step back to how you reconcile the comments around Red Canary seeing elevated churn, but also the close to 30% revision on your financial contribution expectation from Red Canary, both ARR and top line on revenue? So just wanted to kind of better understand, I know you sort of flagged that the Red Canary business. generally had much higher levels of churn relative to Zscaler proper. So I just kind of wanted to better understand the dichotomy between those statements. And if you can opine on that?

Yes, appreciate the question. So look, I mean, there is an element here that as we talked about when we did the acquisition. As we do secure the renewals, there is a positive impact to ARR and so you are seeing some of that come in. My commentary just around the elevated levels of renewals is just to give color around what we are seeing. As a reminder, Red Canary was a technology and talent acquisition, and it is a core feature of the Agentic stock that we are putting together and combining, and I mentioned that we moved into the next phase of our integration earlier this month, and now consolidating those teams, which we're really excited about. So, I mean, the reconciliation is really just to give you a little sense for what we're seeing in the business and how you should think about the second half of the year.

And our next question will be coming from the line of Roger Boyd of UBS.

Jay, I wanted to touch on sales productivity. You've made a number of changes to the go-to-market strategy over the past year in order to really help guide customers towards more transformational projects. And I know you mentioned another improvement this quarter, but can you talk about kind of the future ramp you're expecting in terms of sales force productivity? Do you see further room to upside given the push towards more of these transformational deals that are bigger, but maybe more complex?

I'll give you a broader view and Kevin is going to get into more specific [indiscernible]. With the changes we've gone through, we are driving more transformation deals, better engaging with our customers. With that, you're seeing bigger deals, Z-Flex type of deals that are happening up and that's leading to improved productivity. In fact, rather we had a double-digit sales productivity growth. Very pleased with the way sales transformation as. Affluent. As we said last quarter, the transformation is done, now we keep executing [indiscernible]. Kevin?

Yes. Thanks, Jay. So just -- I want to just kind of double-click on that last point, right? So as we engage with our customers, it is -- the account-centric model is a much different level of engagement. We're seeing a lot of interest in Z-Flex and what that looks like from a strategic point of view. And so the nature of the conversation, the way in which we're engaging the larger deals that we're seeing all will lend itself to continued productivity opportunity going ahead. So as I look forward, I would expect that we will continue to see improvement in productivity as a result. So we are seeing the benefits, and I expect that we'll continue to see an improvement over time.

And if I may add that record pipeline conversion as a good indication of that what we want to do is working record million-dollar deals in Q2, another indication of the [ results begin ].

And our next question will be coming from Ittai Kidron of Oppenheimer & Company.

Kevin, I wanted to dig into your comments on the core [ ZIA ACPA ] growth. I think you mentioned mid-teens in ARR. Can you give us a little bit more color what was that growth rate for the last 2, 3 quarters perhaps? And how do we think about expectations for your core ZIA/ZPA business for the next 2, 3 quarters?

Yes. Thanks, Ittai. I appreciate the question. We have seen a pretty consistent performance in [indiscernible] We did get some feedback that it would be helpful for you guys to get a little bit more color in that regard, which is why I added that into the script. Keep in mind that [ ZIA, ZPA ] as it relates to Zero Trust Everywhere, is the foundation and to a large degree, the base and the opportunity. If you look at the number of customers that we have today, roughly 4,400 out of more than 20,000 potential companies that we think can be customers, you look at it in terms of Fortune 500, where we still have over half of those to prospect against. There is a massive opportunity left with [indiscernible] as as we think about it. And even within the companies that we do have on [ ZIA, ZPA ], we have an opportunity to upsell those Zero Trust Everywhere and then adjacently through the other pillars, data security and AI. So from our point of view, it just reiterates the stability in the underlying business and really gives a sense for what's driving kind of the core of the business. But again, we've got these other 3 growth pillars that have been doing exceptionally well. And hopefully, that additional color is helpful for you.

One interesting to add what [indiscernible] that customers on average are tripling their initial purchase in 4 years. That's pretty [indiscernible].

And our next question will be coming from Gray Powell of BTIG.

Great. Can you hear me, okay? I cut out there for a second.

Yes. Yes, we can. Excellent.

Okay. So I want to follow up on some of the earlier questions. I think you've hit on this somewhat. But -- so you are seeing a lot of momentum in Zero Trust Z-Flex deals. If I'm doing the math correctly, I'm calculating that Z-Flex was over 30% of RPO bookings. I'm not sure if that's how you look at it. But I guess the question is, how does the ARR ramp on a Z-Flex deal compared to customers under historical contracts? And then just any directional commentary you can give on how big a typical Z-Flex customer is at maturity versus traditional, or like what they spend? And what's sort of like -- giving you the most upside from a product perspective?

Yes. Thanks for the question. Let me maybe just orient [ it ]. I mean the way that we look at Z-Flex is it is another opportunity for us to offer a package to a customer that we think is mutually compelling because the flexibility, so they have less concern about being locked into a particular product, or product decision in the future. It gives them an opportunity to focus more on the long-term partnership versus more transactional selling in nature. And then it does give an opportunity for them to try in a much easier, less friction way, new modules that expand into those modules. So from a -- from an offering perspective, it is a much better and more strategic way to engage. We do think over time that more and more of our customers will will adopt Z-Flex. Is not something that we mandate or push, but where we feel that it really is well positioned. The field is enabled to be able to offer Z-Flex going forward. Your question around differences in ramps, et cetera. Fundamentally, two deals if its a Z-Flex or if its a non Z-Flex, so long as they're similar structure. There's no difference in how that shows up in ARR. [ Z-Flex ], by their nature because they're longer term, they've got more products. They may have a ramp that is built in so that the customer can deploy along their deployment plan, which could take anywhere from 6 months to a year. But I wouldn't think about Z-Flex as creating a different dynamic with respect to ARR other than it's just another level of indication that we are very strategic in that environment. The average Z-Flex deal is typically an 8-figure TCV commitment. And for those deals that we've done thus far, it's been about a 4-year period. As we've talked about, they tend to be 3- to 5-year deals. And right now, the average is about 4. So hopefully, that's helpful color.

And our next question will be coming from the line of Jonathan Ruykhaver of Cantor Fitzgerald.

So I think, Jay, this is for you. Just curious, when you look at [ SquareX ] from my understanding you're betting browser security via an extension rather than having a dedicated secure browser. Can you just talk about that? It seems like the flexibility could be a plus, but is there any trade up between control and functionality between extension and full [indiscernible]? And then just just curious also on your view of how critical is the browser layer to winning broader Zero Trust deals over the next couple of years?

Thank you. Very good question. So we have been offering Zero Trust isolation solution using any standard browser for managed and unmanaged devices. [indiscernible] manage no problem. [ Unmanned ] devices means they were using the standard browsers. Some customers wanted something like a device [indiscernible] on unmanaged device. And for that, One option was you buy a full loan enterprise process from a third party. We looked at some of those acquisitions a couple of years ago. We didn't like it. Full [indiscernible] browser with its own [indiscernible] and customers don't like one more agent, or in this case, this is one more mega agent on the endpoint. So what we found was with [indiscernible] acquisition, we could add the security functionality [indiscernible] using browser extensions from unmanaged device, it's a wonderful use case, or generally for third-party type of stuff for us. So it's a clean, better solution rather than trying to have full-blown third-party browser. And it really takes cares of the gap that we have in this environment. So we think it expands our TAM. We have lots of customers who are using browser isolation. This actually will help us expand [indiscernible] some of the third parties who will come from unmanaged devices. So very pleased with the acquisition and a fit and early market reaction [indiscernible]

Our next question will be coming from the line of Eric Heath of KeyBanc.

Maybe I wanted to come back as an extension to Greg's earlier question, I'm thinking about AI agent. So AI agents are -- will drive a lot of network traffic. So Jay, Kevin, just how should we think about how you can monetize that increased traffic? And Kevin, how we should think about impacting the model over a longer time period?

Yes. Thank you. We think these agents that are going at a pretty rapid pace will generate a fair amount of traffic. The traffic needs, they're going to access application [indiscernible] one agent is going to talk to a second agent. In order to do that, we believe the best security is that they should be going through a Zero Trust Exchange so that a given agent can only talk to given agent or applications. Otherwise, you mentioned one impacted or hijacked agent will infect the whole enterprise. That's the biggest value we bring to the table. The more agents, the more Agentic [indiscernible], the more value we deliver and the better revenue opportunity for us. So we look at it as probably the biggest upside for growth of these kind of business.

And our next question will be coming from the line of Matt Hedberg of RBC.

Strong results you're raising, Kevin, you said by more [indiscernible], but I just had a clarification on ARR. I just want to make sure that I'm not missing anything. It looks like you raised ARR midpoint by $30 million. But it looks like in the disclosure -- and maybe this is where I'm mistaken, but it looks like you took your Red Canary expectations up from $95 million to $135 million. So to me, that looks like a $35 million raise. So am I interpreting that right? Because just I'm just not totally certain about what kind of the organic raise here is for the year?

Yes. No, I appreciate the clarification. If you look at this on an organic basis, we are raising the organic net new from 6.7% as our initial raise in the beginning of the year to 9.5% growth for '26. So yes, there is some element of Red Canary that is in the -- is mechanically inherent in the raise. But the underlying growth and strength in the organic business, giving us confidence to raised 9.5% net new growth this year is what you're seeing fundamentally in the raised guidance. And keep in mind, just in the first half of this year, net new without Red Canary grew 10% against the back half of last year, grew 1%. So we are seeing very healthy acceleration in net new ARR growth, both first half and signaling for the back half.

Our next question will be coming from the line of Keith Bachman of BMO.

Okay. I broke up a little bit there, but I want to go ahead and ask the question about Zero Trust Everywhere. And Jay, the question for you is how significant this be? You're at 550 customers now, you were at 130 a year ago. Two dimensions of the question are, A, what's the average ARR uplift that you experienced when a customer goes to Zero Trust Everywhere? Is there some kind of lift that you could help guide us on? And then how deep do you think this could get with your installed base? What's the potential reach here?

Yes. So first of all, we are very pleased with the number of customers becoming Zero Trust Everywhere customers. The number 550 is very good, and these are enterprise customers, they're large customers on. In terms of left on ARR, I think we even shared last quarter that we are seeing 2 to 3x, essentially move in the ARR when customers are buying -- moving to Zero Trust Everywhere, which is very good. In terms of potential out there, I can tell you, a year ago, when was talking to -- I was talking to customers about Zero Trust Branch, which essentially replaces MPLS or SD band. I was wondering how many customers will be saying, I love my SD-WAN, okay? I can tell you I don't find any [indiscernible] customer. Now these are customers. They all want to replace SD-WAN for cost reasons and for security reason, [indiscernible] SD-WAN enables laterals that moment. So attention -- interest is very high in the branch. On the cloud side of it, too, it's a fascinating new disruptive play [indiscernible] no real competition other than old-school firewalls and trying to do firewalls and food with IP address an ACL is a nightmare. So we're seeing that traction going. So very bullish on both Zero Trust Branch and Zero Trust Cloud. So I will look to see that every Zscaler customer in a matter of time, we will be a Zero Trust Everywhere customer.

And that concludes our Q&A session. I would now like to turn the conference back to Jay Chaudhry, CEO, Chairman and Founder, for closing remarks.

Thank you for joining us. We look forward to seeing you at 1 of our investor conferences we'll be attending. Thanks again.

And this concludes today's program. Thank you for participating. You may now disconnect.