2026 – present
Zscaler
Zero trust at cloud scale - the company that bet the perimeter would dissolve, and built the exchange that replaced it.
Zscaler enters this record carrying the thesis every earlier chapter kept testing: that the perimeter those firewalls and load balancers defended would dissolve, and that inspection would move into a cloud sitting between every user and every application. The Zero Trust Exchange is that bet built at planetary scale - one of the largest security clouds running - and its platform is now part of the curriculum this record teaches.
Why Zscaler, why now
Two decades of this record run through firewalls, load balancers, and the perimeters they defended; Zscaler is the company that bet earliest that the perimeter would dissolve into a global inspection cloud. Studying the Zero Trust Exchange, ZIA, and ZPA architectures is the natural continuation of the SSE work already underway in the Netskope chapter, from the other side of the same market.
Reading the TLS surface
The JA4 and JA3 decoders on this site read the same TLS surface the Zero Trust Exchange inspects at scale: the handshake a client offers before any policy fires, and everything it reveals. It is a natural pairing - a cloud that terminates and inspects the world's TLS, and a toolbox that teaches what those handshakes say - with more of that tooling to follow.
Certifications
Authorized Zscaler instructor (cleared 2026). Platform certifications will be recorded on the credentials page as they land.
Founding stories
Zscaler
Jay Chaudhry had already founded and sold a string of security companies - SecureIT, CipherTrust, AirDefense among them - when he bet his own money in 2007 on the least fashionable idea of the appliance era: that the secure web gateway should not be a box at all. With co-founder K. Kailash he built Zscaler as a multi-tenant inspection cloud from day one, launched in 2008, so that a user in any city would traverse a nearby enforcement node instead of being hairpinned through headquarters. It took the industry a decade and a pandemic to agree.
The timeline
- A cloud, not a box
Zscaler is founded in San Jose on the premise that security belongs between the user and the internet as a service - the platform goes live in 2008, years before 'SASE' or 'SSE' exist as words.
- ZPA and the zero trust turn
Zscaler Private Access applies the same idea to internal applications: connect users to apps, never to networks. Together with ZIA it becomes the template for what analysts will later formalize as zero trust network access.
- IPO: ZS
March 2018: Zscaler lists on Nasdaq, raising $192 million - the first of the pure cloud-security names to go public, and a bellwether for the model. It joins the Nasdaq-100 in December 2021.
- The Zero Trust Exchange at scale
The platform brand consolidates around the Zero Trust Exchange - a global inspection cloud brokering user-to-app, workload-to-workload, and IoT/OT connections, processing hundreds of billions of transactions a day.
- Data fabric and single-vendor SASE
January brings Zero Trust SASE on the company's SSE platform; March adds Avalor's Data Fabric for Security (a reported $310 million) and April the agentless segmentation of Airgap Networks - the analytics and east-west pieces.
Zscaler 8-K FY2024; Avalor figure per press reporting.
- Red Canary and the AI SOC
August 1, 2025: Zscaler completes the acquisition of MDR leader Red Canary, pairing its agentic detection-and-response expertise with the Zero Trust Exchange's telemetry; with the SPLX deal it totals $692 million in consideration - the stated ambition is the AI-powered SOC.
Zscaler press release; 8-K FY2026 Q1 aggregate figure.
- Scale as the moat
Protecting roughly 45 percent of the Fortune 500 and inspecting over 500 billion transactions daily, Zscaler's argument is now less about the idea - everyone concedes it - and more about who operates the biggest, smartest enforcement cloud.
- Rodolfo's chapterRodolfo's chapter
Cleared as an authorized Zscaler instructor in 2026 - the sixth vendor in the teaching portfolio, and the newest chapter of this record, with the hub on this site already open.
Flagship products and solutions
- Zscaler Internet Access (ZIA)The founding product: cloud-delivered secure web gateway, firewall, sandbox, and DLP between users and the internet.
- Zscaler Private Access (ZPA)Zero trust network access to internal applications - users reach apps through the exchange without ever joining the network.
- Zscaler Digital Experience (ZDX)End-to-end user experience monitoring across the same cloud - the operations counterpart to inline security.
- Zero Trust ExchangeThe platform itself: the globally distributed inspection and policy cloud all the services run on, now feeding an AI-driven security operations stack built on the Avalor data fabric and Red Canary.
Key innovations
- Security as a multi-tenant cloudBuilding the inspection plane as a purpose-built global service in 2008 - the architectural bet that predated, and then defined, the SSE category.
- User-to-app, never user-to-networkZPA's inversion of remote access: no inbound listeners, no lateral movement surface - the pattern the whole ZTNA market standardized on.
- Telemetry into operationsTurning half a trillion daily transactions into a data fabric (Avalor) and agentic detection and response (Red Canary) - security operations as a product of scale.
Main markets
Zscaler leads the cloud-delivered security edge market it effectively created, selling to large enterprises replacing web proxy appliances and VPN concentrators - and competes squarely with Netskope, Palo Alto Networks, and Cisco as the SSE and zero trust categories consolidate.
Analyst standing
- A fixture among the Leaders of Gartner's Security Service Edge Magic Quadrant since its inaugural edition, with the secure-web-gateway heritage that made it the reference point the category was drawn around.