Cloud security provider Zscaler recently held its annual Zenith Live event in Las Vegas, and “zero trust everywhere” was a central theme. This year, I had an opportunity to spend time again with not only chief executive Jay Chaudhry, but also Joyce Kim, who leads the company’s overall marketing efforts, and Adam Geller, who serves in a newly created product leadership role.
In this research note, I will share my insights from the event keynotes and leadership conversations, analyze the solution announcements, give my perspective on what the company can improve upon, and provide my take on Zscaler’s ability to deliver on its promise of zero trust everywhere.
Riding the Gigawave, and Zero Trust Clinics
Chaudhry opened the event by setting a visionary tone and providing his perspective on the importance of zero trust in cybersecurity. Chaudhry is an engineer, and in past conferences he has tended to overemphasize the underlying technology. However, this year I was impressed with his storytelling, beginning with an analogy comparing modern generative and agentic AI applications to an industry “gigawave” that has the potential to be as disruptive as the industrial revolution of the late 18th and early 19th centuries. As I scanned the audience, heads nodded in agreement, as did mine. The AI hype cycle has been as high as his gigawave analogy, but as time has progressed, the deployment of prescriptive AI high-powered compute, storage, and networking infrastructure has extended from hyperscalers and cloud service providers to enterprises.
An example of the enterprise deployment evolution was given by one of Zscaler’s customers, AdventHealth. On stage, the healthcare provider spoke about its work with Zscaler to create “zero trust clinics.” With Zscaler’s help, AdventHealth is accelerating the reach of medical services, while reducing costs and minimizing complexity, operationalizing its efforts in hours versus weeks and months to enable rapid, lifesaving care, and streamlining workflows to enhance clinical experiences. From my perspective, it was a powerful testament to not only the ability to facilitate secure connectivity — something critical given HIPAA regulations in the U.S. — but to do so at a massive scale.
Solution Announcement Highlights
There were also a lot of solution announcements to unpack at Zscaler Zenith Live. The company continues to extend its zero trust platform to secure modern AI applications through purpose-built LLMs. Furthermore, Zscaler claims that its B2B zero trust exchange could eliminate the need for VPNs, firewalls, and enterprise browsers. While I admire the ambition, I’ll have more to say about the feasibility of that below. In any case, consolidation is a good thing for enterprise simplicity, cost control, and improving cybersecurity posture and defense, and the company is clearly executing on a consolidated approach to security operations.
With that said, a handful of other announcements are worth highlighting, including:
° A new Unified Appliance for Zero Trust Branch that blends connectivity and security functionality, eliminating the need for separate hardware to be managed in branch, campus, and operational technology environments such as factories and warehouses.
° A new Zero Trust Gateway for AWS cloud workloads that provides needed security and multi-cloud support. This should quickly and easily reduce deployment complexity across the internet, east-west traffic, and virtual private clouds.
° The introduction of Zscaler Digital Experience Network Intelligence, which builds upon the company’s established digital experience monitoring solution. The new solution is designed to instantly benchmark and visualize internet and regional ISP performance to optimize the reliability and performance of connections to the company’s datacenters and applications.
I really like what Zscaler is doing to evolve its solution portfolio — extending what it does well in cybersecurity and partnering with Equinix to use that company’s global software-defined backbone to host Zscaler services.
Opportunities for Improvement
Zscaler continues to be a zero trust trailblazer, but the company still has room for messaging improvement. When I spoke with the company’s chief marketer Kim, we discussed the subject of firewalls. Although I agree that firewalls are a legacy piece of infrastructure that presents management challenges, the notion that Zscaler’s zero trust offerings will eliminate their use is not a realistic consideration. Enterprises will continue to benefit from a layered approach to cybersecurity, while also pruning tool sprawl with platformization and the implementation of simplified security operations management.
At Zenith Live, I also felt that Zscaler’s positioning of its recent Red Canary acquisition could have been more impactful. Instead of offering “me too” messaging about its managed detection and response capabilities, Zscaler could have strengthened its case by quantifying of how the Red Canary addition helps it deliver improved business outcomes. Given the all-too-common AI whitewashing of risk management, getting real about the benefits could make a significant difference.
However, with all of that said, I like what the company is doing in finally telling a more holistic story of delivering secure connectivity services that lean into its zero trust depth, versus focusing on just discrete product announcements. I also give high marks to Geller’s recent addition to the Zscaler executive leadership team; he is well positioned to lead the company’s product roadmap and effectively weave together a cohesive portfolio. I would stop short of calling it a full platformization effort, but it is a dramatic go-to-market improvement that could make it easier for customers to consume Zscaler’s zero trust offerings and simplify channel partner sales and enablement.
Zero Trust Everywhere
Zscaler told a credible story at Zenith Live about its ability to enable zero trust everywhere. The company is clearly demonstrating its depth and breadth of solutions, and I continue to be impressed with its innovation engine. Its offerings extend cross-domain, securing workloads and applications via least privileged access, and mitigate lateral movement via the elimination of flat network access.
Zscaler’s superpowers in operating inline with network traffic and masking threat surfaces are powerful, and they continue to serve as key differentiation points for the company. Given the rise in sophistication by bad actors that are leveraging modern AI tools, Zscaler itself is rising to the challenge of tipping the scales in favor of defenders.
