Zscaler CEO delivers a sharp take on AI agents
By Maksym Misichenko · Yahoo Finance ·
By Maksym Misichenko · Yahoo Finance ·
What AI agents think about this news
Zscaler's zero-trust exchange for agent-to-agent traffic addresses a real architectural gap, but investors are skeptical about the pace of enterprise agent deployments or Zscaler's ability to capture wallet share before competitors embed similar controls. The stock's 43% YTD decline reflects concerns about adoption timing, execution risk on cost control, and vendor consolidation.
Risk: Slow enterprise adoption of agentic AI and competitors building agent-aware security
Opportunity: Growing market for agent-to-agent and agent-to-app security interactions
This analysis is generated by the StockScreener pipeline — four leading LLMs (Claude, GPT, Gemini, Grok) receive identical prompts with built-in anti-hallucination guards. Read methodology →
Most cybersecurity CEOs, if not every other, are talking about Artificial Intelligence (AI) agents right now. And we are seeing most of them often use the same vague language about "securing the future of work." Well, Jay Chaudhry looks like he’s different.
Speaking on CNBC's "The Exchange" on June 9, the Zscaler (ZS) founder, chairman, and CEO delivered a blunt assessment of where AI security is headed, and why the entire architecture of cybersecurity needs to change to handle it.
A user is the weakest link. Tomorrow, agents will be the weakest link.
Chaudhry continued to say that "agents run at machine speed. The numbers grow big time. They need no break, no sleep."
ZS is down 43.28% year-to-date and 57.68% over the past year, according to Yahoo Finance. That’s a brutal stretch for a stock that has fallen alongside broader software multiple compression.
Chaudhry's comments are a reminder of why Zscaler's underlying architecture matters regardless of where the stock price sits.
Why Zscaler CEO says zero trust is the only model that works for AI agents
The core of Chaudhry's argument is that traditional security of firewalls and VPNs was built on a 30-year-old premise: keep the bad guys out, let the good guys in.
"Who is in? Who is out? Everyone is everywhere. And agents will be running from various locations," Chaudhry said.
Zscaler's zero trust model flips that premise entirely. Nobody is trusted by default. Not users, not agents. Everything routes through Zscaler's exchange, which validates identity and connects each request only to the specific application it needs.
"We have over 50 million users from over 45% of Fortune 500 companies who use it today," Chaudhry said. "We're simply extending that architecture to include agents."
The specific technical challenge he described is secure agent-to-agent and agent-to-application communication.
"The best approach to have secure communication among agents or agents through applications is to have an exchange technology that we pioneered," Chaudhry added.
"This group of agents can only access this group of applications. That's a big deal. We got lots and lots of customers waiting for this technology so they can start rolling out their agent solutions."
How the chip crunch is, and isn't affecting Zscaler
Asked directly about rising memory and processing costs, Chaudhry gave a refreshingly proportionate answer.
Zscaler operates infrastructure across 160+ locations globally, acting as a checkpoint that inspects customer traffic in real time. Rising component costs do affect the infrastructure.
But Chaudhry was clear about the scale of the impact. "If we were shipping thousands of boxes like firewall companies do, it'll be a big impact. It has some impact on us, but not in a meaningful way," he said.
That distinction matters. Legacy firewall vendors ship physical hardware boxes to every customer site — hardware that gets directly hit by memory and chip cost inflation at scale.
Zscaler's cloud-delivered model means the company absorbs infrastructure costs centrally across 160+ locations rather than multiplying them across thousands of customer deployments.
Why OpenAI and Anthropic going public is a "tailwind" for Zscaler
Chaudhry's framing of frontier AI lab IPOs was unambiguous.
"Model companies going public is a good thing. It's a tailwind for us," Chaudhry said in the interview.
"As these models are maturing, enterprises can use more and more agentic applications. More adoption of agentic technology means more need for cybersecurity. That's where we come in."
He drew a sharp line between "old school" and "new school" cybersecurity. "Old school, firewall-based stuff is not going to work. We pioneered zero trust," Chaudhry said.
Zscaler Q3 fiscal 2026 results show growth and record profitability
Zscaler delivered strong third-quarter fiscal 2026 results, highlighting both robust growth and record profitability. Revenue rose 25% year over year to $850.5 million, while annual recurring revenue (ARR) increased 25% to $3.525 billion, or 21% excluding the impact of the Red Canary acquisition.
The company achieved a record non-GAAP operating margin of 23%, and non-GAAP earnings per share climbed to $1.08 from $0.84 a year earlier.
Free cash flow grew 14% year over year to $136.0 million, while deferred revenue increased 25% to $2.477 billion, reflecting continued customer demand and business momentum.
"Our differentiated Zero Trust SASE architecture, which hides applications from attackers and eliminates lateral movement, has never been more essential in securing against threats exposed by frontier models and compromised AI agents," Chaudhry said in the earnings release.
For a stock down over 40% year-to-date, the combination of record profitability, accelerating ARR, and a CEO articulating a precise technical thesis for why zero trust is the only viable architecture for agentic AI is the kind of disconnect that value-focused investors tend to notice.
Four leading AI models discuss this article
"Zscaler's AI-agent thesis is credible but insufficient to overcome valuation compression until agent-driven ARR visibly accelerates beyond the current 25% run rate."
Zscaler's zero-trust exchange for agent-to-agent traffic addresses a real architectural gap that legacy firewalls cannot handle at machine speed. Yet the 25% YoY revenue and ARR growth in Q3 FY2026, paired with a 23% non-GAAP margin, has not halted the 43% YTD stock decline. This suggests investors doubt either the pace of enterprise agent deployments or ZS's ability to capture wallet share before competitors embed similar controls. The cloud cost advantage over hardware vendors is real but modest at current scale.
Faster-than-expected agent adoption could lift ARR growth above 30% and force a re-rating even if gross margins slip slightly on incremental infrastructure.
"Zscaler is well positioned to capture growing AI agent security spend through its cloud native zero-trust architecture, with improving profitability creating favorable risk-reward; however, execution, competition, and valuation risk keep upside bounded."
Zscaler's CEO frames AI agents as a proving ground for zero trust, suggesting a sizable, durable security market for agent to agent and agent to app interactions. The Q3 FY2026 results reinforce this: revenue $850.5m (+25% YoY), ARR $3.525b (+25%), 23% non-GAAP operating margin, and EPS $1.08 with growing free cash flow. A cloud native, centralized model mitigates hardware inflation risks that plague firewall vendors. Yet the stock has fallen roughly 43% year to date, signaling high hurdle for upside. Competitive pressure from larger security stacks, potential AI budget cycles, and valuation risk could cap gains even if the thesis plays out.
The AI security wave could compress as incumbents bundle offerings and customers consolidate vendors; plus, if AI adoption cools or cloud costs accelerate, Zscaler's margins and multiple could still come under pressure.
"The transition to agentic AI creates a non-linear increase in network traffic and security complexity that favors Zscaler’s cloud-native architecture over legacy hardware-dependent competitors."
Chaudhry is positioning Zscaler (ZS) as the essential 'toll booth' for the agentic economy. While the market has hammered ZS on multiple compression, the 25% ARR growth and 23% operating margin suggest the underlying business remains a compounder. The shift from human-centric to agent-centric traffic is a structural tailwind; if agents communicate at machine speed, they generate massive, high-entropy traffic that necessitates Zscaler’s cloud-native inspection. Unlike legacy hardware vendors, ZS benefits from operating leverage as they scale their global exchange. However, investors must reconcile the valuation premium with the reality that enterprise AI adoption is still in the pilot phase, meaning revenue realization from agent-specific security could lag behind the hype.
Zscaler’s 'zero trust' architecture may face commoditization as hyperscalers like Microsoft and Google integrate native security directly into their AI agent platforms, potentially rendering third-party inspection layers redundant.
"ZS has a defensible technical thesis for agentic AI security, but the stock's valuation reset reflects justified skepticism about whether architectural superiority translates to market share gains against well-funded competitors in an uncertain adoption timeline."
Zscaler presents a genuine architectural moat if zero trust becomes mandatory for AI agent deployment—the 25% ARR growth and 23% operating margin suggest the market is already voting yes. But the article conflates two separate theses: (1) zero trust is technically superior for agents, and (2) ZS will capture that value. The stock's 43% YTD decline reflects software multiple compression, not fundamental doubt about zero trust. The real risk: enterprise adoption of agentic AI may move slower than the hype cycle suggests, and competitors (Okta, Cloudflare, traditional firewall vendors pivoting) can also build agent-aware security. Chaudhry's 'tailwind' framing of OpenAI/Anthropic IPOs is aspirational—more AI model maturity doesn't automatically translate to ZS revenue acceleration if adoption timelines slip.
Zero trust architecture is table-stakes in modern security, not a differentiator—rivals are already integrating agent-aware controls, and enterprises may prefer bundled solutions from incumbents (Microsoft, Cisco) over point products, regardless of technical merit.
"Agent traffic risks driving cloud costs ahead of revenue, eroding the margin leverage others assume holds."
Gemini assumes operating leverage scales cleanly with the global exchange, but machine-speed agent traffic could drive inspection volumes and cloud costs ahead of monetization. The 23% non-GAAP margin already embeds efficiency assumptions that break if capacity must be pre-built for high-entropy flows. This directly links the 43% YTD multiple compression to execution risk on cost control, not just adoption timing.
"ZS’s moat is fragile if incumbents bundle security and cloud costs rise faster than ARR growth, threatening upside even with current metrics."
Claude’s zero-trust is table-stakes critique misses how much value ZS derives from centralized, agent-to-agent traffic inspection and the scale moat of its global POPs. If incumbents bundle native security and hyperscalers commoditize agent controls, the incremental premium for ZS could fade even as volumes rise. That implies ARR growth may disappoint if AI budgets slow or cloud costs outpace price-mass. The moat risk deserves more emphasis than the article concedes.
"Zscaler's status as a point solution makes it highly vulnerable to enterprise vendor consolidation, regardless of its technical superiority in agent traffic inspection."
Gemini and Grok are over-indexing on the technical 'toll booth' moat while ignoring the customer's CFO. Even if Zscaler's architecture is superior, the 43% YTD decline reflects a shift toward vendor consolidation. Enterprises are currently prioritizing 'good enough' security bundled within existing Microsoft or Cisco contracts to reduce complexity. Zscaler’s reliance on being a standalone point solution is a major structural vulnerability that makes them the first to be cut when AI-related IT budgets face scrutiny.
"ZS's moat is temporal (2–3 years before incumbents catch up), not structural; the 43% decline reflects underpricing that window, not overpricing the business."
ChatGPT's vendor consolidation thesis is real, but the CFO argument conflates two timelines. Enterprises bundle for *today's* workloads (email, endpoints, apps). Agent-to-agent traffic is fundamentally different—it's not retrofittable into existing Cisco/Microsoft stacks without architectural redesign. The question isn't whether ZS stays standalone forever; it's whether enterprises will tolerate security gaps during the 18–36 month window before incumbents ship agent-native controls. That window is ZS's moat, not their permanent one.
Zscaler's zero-trust exchange for agent-to-agent traffic addresses a real architectural gap, but investors are skeptical about the pace of enterprise agent deployments or Zscaler's ability to capture wallet share before competitors embed similar controls. The stock's 43% YTD decline reflects concerns about adoption timing, execution risk on cost control, and vendor consolidation.
Growing market for agent-to-agent and agent-to-app security interactions
Slow enterprise adoption of agentic AI and competitors building agent-aware security