Zscaler Finding A ‘Second North Star’ In Security Operations, Partner Services Push

The cybersecurity vendor is aiming for a massive expansion into the SecOps segment — which will only accelerate the company’s reliance on partners for delivery of key services, Zscaler executives told CRN this week.

As Zscaler approaches $3 billion in annual revenue from its pioneering zero trust security platform, the cybersecurity vendor is laying the groundwork for what could represent its second major chapter — an expansion into offering security operations technology.

In interviews with CRN this week, Zscaler CEO Jay Chaudhry and top channel executives said the moves should only bring the company closer to its partners, which have already begun to see an elevated role around delivery of Zscaler-related services to commercial customers.

This pair of initiatives — to become a major player in security operations (SecOps) technology and drive more services opportunities for partners — should dovetail as Zscaler builds out its SecOps offering with the expected closure of the acquisition of Red Canary in August. A well-known provider of MDR (managed detection and response), Red Canary has deep expertise and technology in SecOps that will dramatically accelerate Zscaler’s moves into that space, Chaudhry said.

By acquiring Red Canary, “we don't intend to compete with MDRs,” he said. Instead, the move is “akin to having a small professional services team that teaches [partners] how to do professional services. But we want our partners to do professional services.”

Ultimately, Chaudhry said he sees security operations technology as the largest new segment, beyond Zscaler’s core area of zero-trust secure access, that the company has pursued since its launch in 2008.

“I often say, we only have had one North Star since the inception of the company,” he said. “This is the second North Star.”

Zscaler’s goals in SecOps include delivering dramatic improvements to exposure and threat management while eliminating the need for building costly data lakes, according to Chaudhry.

The company has already begun to offer capabilities in this space through its acquisition of security data fabric provider Avalor in March 2024, including risk management tool Risk360 and a recently launched asset exposure management product.

Helping to lead the charge on SecOps within Zscaler are a pair of executives formerly of Exabeam, a well-known SIEM (security information and event management) vendor. Following the merger of Exabeam and LogRhythm last year, Adam Geller, formerly Exabeam’s CEO, joined Zscaler as chief product officer while Exabeam veteran Andy Skrei joined the company as vice president of product management.

A ‘Brilliant’ Strategy

While the expansion into the highly competitive area of SecOps technology is still very early for Zscaler, the move is a smart one from a number of angles, solution and service provider partners told CRN this week.

During interviews at Zscaler’s Zenith Live 2025 conference in Las Vegas, partners said the chance to provide a broader platform from Zscaler to customers — while also driving massive services opportunities around SecOps — make the expansion initiative highly promising.

“With everything that you're seeing from Zscaler now, to attach an incident response capability to it — and have it be natively integrated — I think is brilliant and will be utilized by partners that provide MDR,” said David Gottesman, president and CEO of San Francisco-based EpicCyber, a major Zscaler service provider partner. “In my mind, I think it's a great idea.”

Meanwhile, given Red Canary’s track record and technological advantages in SecOps, it's clear that partners have much to gain in the planned combination with Zscaler, said Mark Grassmann, national cybersecurity practice principal at Alchemy Technology Group, a Houston-based partner of both Zscaler and Red Canary.

“I think it's super strategic for Zscaler, and it's absolutely, in my opinion, how they continue to scale and grow in relevance to their customers,” Grassmann said.

For cybersecurity powerhouse Optiv, a major Zscaler partner that also provides its own MDR service, the remarks by Chaudhry and other Zscaler executives this week showed the company remains as committed as ever to partners, according to Optiv’s Scott Goree.

“When we heard the announcement, we thought, ‘Let's listen and see how it could weave into our MDR and not be perceived as competitive,’” he said. “And so it was great to hear Jay get up on stage and say, ‘This is not about competing with partners.’ That was just a great thing to lead with.”

Without a doubt, there's a lot to learn between now and when the Red Canary acquisition closes and the integration actually happens, said Goree, senior vice president for partners, alliances and ecosystems at Denver-based Optiv, No. 28 on CRN’s Solution Provider 500 for 2025.

But Optiv is optimistic about the move, he said, after Chaudhry made it clear that the intent is to increase partner opportunities.

“This just adds more fuel to our go-to-market together,” Goree said.

Indeed, partners should come out as the biggest winners from the planned combination of Zscaler and Red Canary, according to Zscaler Channel Chief Anthony Torsiello.

“I think partners benefit the most, because the services opportunity now becomes even greater,” said Torsiello, senior vice president of partnerships and alliances at Zscaler. “This is a software play that will enable our partners to reap more rewards around services.”

The timing for the SecOps expansion is also ideal given Zscaler’s shift to rely entirely on authorized partners to provide services to commercial customers, he said.

“You'll start to see that head up into the enterprise eventually,” Torsiello said. All in all, “we’re not here to be a services company.”

Zscaler has also been investing heavily in enabling MSSPs, which could be a natural user of the vendor’s SecOps offerings in the future, said Melissa Nacerino, vice president for global partner marketing at Zscaler.

“I think for these partners, it's going to be tremendous,” Nacerino said.

Driving Customer Adoption

In general, Zscaler’s move to depend more on partners for delivering services is wise because it’s the partners that are often best positioned to drive the most adoption, according to Kevin Peterson, general manager at San Jose, Calif.-based SecureDynamics, a value-added distributor that specializes in offering training for Zscaler products.

Receiving services authorization means “you have to prove that you know how to run the Zscaler playbook for services. And then you're held to those standards,” Peterson said. “But I think a lot of the partners can actually exceed those standards, because they're closer to the customers.”

For EpicCyber’s Gottesman, the focus by Zscaler on relying more heavily on partners for service delivery has been paramount. EpicCyber has partnered with Zscaler since 2014 but has seen massive growth in recent years in services with the vendor, including deploying and driving adoption of Zscaler products in the midmarket, he said.

EpicCyber is now going even broader with a partnership announced in March with distributor TD Synnex, which is enabling VARs to provide EpicCyber-delivered Zscaler services to customers, as well as a similar partnership with government-focused distributor Carahsoft Technology.

The opportunity to bring Zscaler to a broader set of partners and customers is a massive one for EpicCyber and also demonstrates why experienced partners will be increasingly essential to the vendor’s growth going forward, Gottesman said.

“Zscaler is essentially the living, breathing, secure internet. It changes all the time. And as that happens, the user experience changes and the setup changes,” he said. Thus, “if you're going to work inside of Zscaler, you have to be an expert. You have to be working in it every day.”

Zscaler’s increasing reliance on partners has coincided with strong growth at the company, as evidenced by its latest quarterly report that surpassed Wall Street analyst expectations even amid macroeconomic uncertainty that has impacted other major cybersecurity vendors.

For the company’s fiscal year 2025 as a whole, which ends July 31, Zscaler is expecting revenue to grow roughly 23 percent year over year to reach about $2.66 billion — solidifying the company’s position as one of the largest pure-play cybersecurity vendors today.

'Reimagining’ SecOps

Zscaler’s aspirations are to continue that growth pace by proving itself in a second major pillar of cybersecurity with the move into SecOps, executives said.

Initially at Zscaler, “we reimagined secure access,” Chaudhry said. “We’re now reimagining security operations. It’s ripe for disruption.”

And notably, if Zscaler fully achieves its vision, “the SIEM goes away,” he said.

At Ashburn, Va.-based DXC Technology, No. 14 on CRN’s Solution Provider 500 for 2025, the relationship with Zscaler is a dual one — with the company being both a partner and customer with Zscaler. DXC has seen huge benefits from using Zscaler internally for its own security, which has helped to inform the company’s work to bring the Zscaler platform to other customers, DXC executives told CRN this week.

When it comes to expanding into security operations technology, Zscaler has some clear advantages, according to Dawn Marie Vaughan, global offering lead for cybersecurity at DXC. For instance, “the amount of data and telemetry that Zscaler can collect is amazing,” she said.

And while there’s no question that security operations is a highly competitive space for Zscaler to enter, “I trust Jay and I trust the company to deliver on what they say,” DXC CISO Michael Baker said. “That’s why they’re partners with us.”