Zscaler and the Meter Problem

The filing nobody read

Zscaler filed its Q3 FY2026 10-Q on May 26, the Tuesday after Memorial Day. Most of the industry was still at a barbecue. I was reading risk factors.

One sentence stopped me. It hadn't appeared in the Q2 filing from February. It was new language, added to the section of the document where companies are legally compelled to name the things that could hurt them:

“

"In addition, as our customers increasingly deploy AI agents, our success will increasingly depend on our ability to monetize the increasing prevalence of non-user-based traffic."

That sentence landed five days after Zscaler announced its acquisition of Symmetry Systems, a data security startup built around a graph database that maps relationships between identities, applications, permissions, and data stores across cloud environments. The coverage framed the deal as a defensive play: zero trust vendor adds data security posture management to keep pace with Palo Alto and CrowdStrike. Another bolt-on in a hot market.

The 10-Q language points somewhere else entirely. Zscaler is disclosing, in the most legally constrained format available, that its future revenue depends on solving a problem its current pricing model can't address. The Symmetry acquisition is the mechanism for solving it. And the reason has less to do with security than with counting.

The puzzle

If Zscaler wanted data security posture management, the feature is available from a dozen vendors. You can license DSPM. You can build it. Gartner named Symmetry a Cool Vendor in Data Security back in 2022, and the product does what DSPM products do: discovers sensitive data, classifies it, flags misconfigurations. That capability is real and useful and, on its own, probably insufficient to justify an acquisition by a company that spent $692 million on two other deals plus an undisclosed sum on a third, all in the prior twelve months.

Symmetry's differentiating asset is a runtime graph of every relationship between every identity and every data object in the enterprise, updated continuously, with AI agents modeled as autonomous principals rather than extensions of the humans who deployed them. Symmetry calls it the Identity x Data Graph. It ingests access logs from SaaS applications, cloud services, data stores, and AI systems, then correlates them into a real-time map of which identities are accessing which data and by what path. The graph handles environments with over a million nodes and millions of edges. It treats AI agents as first-class principals with their own identity, access paths, and audit trails.

A DSPM tool tells you what data is exposed. The access graph tells you what can reach it, how it got there, and on whose authority. The security value is obvious. The billing value is what caught my attention. And the question I kept returning to was why Zscaler needed to own this layer rather than partner with it.

The per-seat problem

Zscaler's commercial model is anchored to the human user. Subscriptions are priced by user count. The Zero Trust Exchange inspects traffic on a per-user basis. Expansion revenue comes from adding users or upselling additional services to existing users. The same 10-Q makes this dependency explicit, noting that future success "depends in part on the rate at which our current customers add additional users or services to their subscriptions."

Now look at what the filing says is happening to that model. Zscaler discloses that customers may "renew for fewer users" and flags "our customers' increasing use of AI to automate tasks traditionally performed by human workers" as a retention risk. The human user count is under pressure from both directions: customers are deploying fewer humans and more agents.

The agents generate traffic through Zscaler's infrastructure. That traffic costs real money to inspect and route through Zscaler's 150-plus global data centers. Under the current pricing model, the revenue associated with that traffic is nothing, or close to it.

The cost structure makes the problem urgent. Management guided Q4 CapEx to the high single digits as a percentage of revenue, up from mid single digits, and indicated fiscal 2027 CapEx would increase another 200 basis points from fiscal 2026 levels. Free cash flow margin guidance was cut from the 26–27% range to 22–23%. Zscaler's architecture routes all traffic through its inspection nodes. That backhaul is the product, but it's also the cost. If agent traffic grows by an order of magnitude and the pricing model doesn't change, the margin profile deteriorates.

You don't create a dedicated EVP of Agentic AI Security Engineering, as Zscaler did in February 2026, for a problem you plan to solve incrementally.

The acquisition pattern, read backward

I expected the Symmetry deal to be the footnote in this sequence. Four acquisitions in twelve months, the first two alone totaling $692 million in disclosed consideration, a third at undisclosed terms, and then a DSPM startup? The earlier deals looked like the main event. They weren't.

The architecture only becomes visible if you start from the foundation and work up.

Red Canary closed in August 2025, bringing managed detection and response: agentic AI-driven threat detection, behavioral analytics, automated remediation. The response layer. Something happened, now deal with it.

SPLX closed in November 2025. AI lifecycle security: discovering AI assets during development, running over 5,000 specialized attack simulations against models before deployment, hardening prompts and outputs. The governance layer. Before the AI ships, make sure it's safe.

SquareX closed in February 2026, converting any standard browser into an enterprise-grade secure browser via extension, covering managed and unmanaged devices without requiring a third-party browser. The session layer, enforcing policy wherever the user or agent interacts with applications.

Combined, Red Canary and SPLX cost roughly $692 million per the Q1 FY2026 8-K. That's a substantial commitment. And yet all three acquisitions share a gap: none of them carries a shared data model. Red Canary detects threats. SPLX governs AI lifecycles. SquareX enforces policy at the browser. Each operates on its own view of the environment. None of them knows the topology of who should be talking to what.

Symmetry Systems fills the gap underneath all three. The access graph provides the shared model of identity, data, and permission that every other layer can reference. Red Canary's detection is more precise when it knows the topology. SPLX's governance is more meaningful when it can map an AI system's access paths before deployment. SquareX's session enforcement is more targeted when it understands the identity and authority behind each connection.

The counterargument is that these are opportunistic bolt-ons in a frothy M&A market, and the coherence I'm describing is retrospective pattern-matching. This is the link in the chain where I'm least certain. The test is whether Zscaler integrates the four capabilities into a single policy engine or leaves them as separate product lines. Red Canary was initially organized as a separate business unit within Zscaler after close. Nothing in the public record yet shows a unified data model connecting these acquisitions. If the access graph remains a standalone DSPM product rather than the connective tissue for the entire stack, the architectural reading collapses. What I'd need to see to believe the integration is real: a product announcement or documentation update showing Red Canary's detection engine and SPLX's governance layer consuming the Symmetry graph as a shared substrate. That hasn't shipped. The 10-Q language about non-user-based traffic provides the commercial motive for making the integration happen, but motive and execution are different things.

The smart meter problem

For most of the twentieth century, electric utilities billed residential customers on a flat or tiered rate per kilowatt-hour consumed over a billing period. The analog meter on the side of the house spun a disk, and a human read it once a month. The pricing model was simple because the measurement infrastructure was simple: total consumption over time, one number, one bill.

Then the grid changed. Renewable generation made supply intermittent. Peak demand surged. Utilities needed customers to shift consumption away from peak hours, which meant they needed to charge different rates at different times. Time-of-use pricing, demand response, dynamic rates. The economics were clear. The problem was the meter. The analog disk couldn't distinguish a kilowatt consumed at 2 p.m. from one consumed at 2 a.m. The pricing model the grid needed was impossible to implement because the measurement layer couldn't support it.

The smart meter solved this. It recorded consumption at granular intervals, reported in near-real-time, and made time-of-use billing legible. Utilities spent billions deploying smart meters not because the meters themselves generated revenue, but because the meters were the prerequisite for every pricing model the grid's new economics demanded. The meter came before the bill.

Zscaler's situation maps onto this cleanly. The identity directory is the analog meter. It counts users per billing period. One number, one bill. It works as long as the thing consuming the resource is a stable, countable human. When the thing consuming the resource changes, when agents generate traffic that varies by volume, frequency, destination, and authority in ways that a user count can't capture, the measurement infrastructure has to be rebuilt before the pricing model can follow.

The access graph is Zscaler's smart meter. Its value is indirect: it makes the new unit of value countable.

The directory was always a billing instrument

The identity directory has always been a billing tool as much as a security tool. Maybe more. When a vendor prices per seat, the directory is what makes "seat" legible. It's the authoritative list of users, organized into groups that map to license tiers. The directory governs access, yes. Its other job is counting the things the vendor charges for.

Zscaler's acquisition announcement states the problem directly:

“

"AI agents break that model. They operate independently across systems using ephemeral identities and inherited permissions, and their numbers are growing exponentially, creating critical blind spots around what data they touch, why, and on whose behalf."

Agents spin up and tear down. They inherit permissions from the human or service account that launched them, then act on those permissions autonomously. One agent calls another agent, which calls a third, each inheriting and potentially escalating the original permission scope. The directory can't model this because it was designed for organizational structure, not runtime relationships.

Jay Chaudhry framed the security case on the Q2 FY2026 earnings call, arguing that agents "should be going through a Zero Trust Exchange so that a given agent can only talk to given agents or applications." The architecture case is sound. Agent-to-agent traffic needs inspection and policy enforcement. But notice what's absent from the framing: any mention of how Zscaler will charge for it. The security architecture is ahead of the commercial model.

The access graph bridges the gap. It maps every relationship between identities, human and non-human, applications, and data at runtime. It knows which agent accessed which data store, through which path, on whose authority, at what time. That's a security capability and a metering capability in the same data structure. The graph can count and classify the things Zscaler needs to start charging for.

The directory was the meter for the per-seat era. The access graph is the meter for whatever comes next.

Pricing as architecture

I'd call the underlying dynamic here pricing as architecture. A platform vendor's monetization unit drives its product decisions. What you charge for determines what you have to measure. What you have to measure determines what you have to model. What you have to model determines what you have to build.

The smart meter had to exist before time-of-use billing could work. Zendesk had to build resolution-verification infrastructure before it could charge $1.50 per Automated Resolution in 2024. Palo Alto had to develop workload-counting and per-TB data ingestion metering before it could layer consumption pricing on top of per-endpoint subscriptions. In every case, the measurement infrastructure preceded the pricing model, not the other way around.

When Zscaler priced per user, it needed a platform that could inspect and route user traffic. The architecture followed the pricing model: build a global network of inspection nodes, route user traffic through them, enforce policy per user. The directory was sufficient because the directory could count users.

When the monetization unit shifts to non-user-based traffic, the architecture has to follow. You need a platform that can inspect and route agent traffic. You need session-level enforcement for every interaction point. You need lifecycle governance for the AI systems generating the traffic. You need detection and response when agent behavior deviates. And underneath all of it, you need a data model that can map, count, and meter the new unit of value.

That's the access graph. The graph is the foundation of the stack because it's the only layer that can make the new monetization unit legible.

This framework applies well beyond Zscaler. Any platform vendor whose pricing is anchored to a unit that AI is displacing will eventually need to rebuild its measurement and modeling layer to match. The vendors who build the metering infrastructure first will set the pricing terms for the market. The vendors who wait will find themselves charging for the old unit while bearing the infrastructure cost of the new one. Zscaler's 10-Q is, in effect, a disclosure that the company is currently in that second position. The acquisition pattern is the attempt to get to the first.

The bill that hasn't arrived yet

So here's the falsifiable version.

The prediction

By July 2028, Zscaler will have introduced a pricing tier that charges for non-human-identity traffic on a basis other than per-user subscription, with the Symmetry access graph as the metering layer.

Most likely per-agent-connection, per-data-access-event, or a credit-based consumption model similar to Palo Alto's workload credits. The Symmetry Systems access graph will be the metering layer for this pricing model, integrated into the Zero Trust Exchange as the authoritative source for agent identity, data access paths, and connection topology.

More specifically: Zscaler will disclose, in an earnings call or investor presentation before July 2028, a metric for non-user-based ARR or a similar measure that separates agent-driven revenue from traditional per-seat revenue. The access graph will be cited as the enabling technology for this measurement.

If this doesn't happen, if Symmetry remains a standalone DSPM product and the pricing model stays anchored to per-user subscriptions, then the acquisition pattern was opportunistic rather than architectural, and the 10-Q language was risk disclosure rather than strategic signal. That outcome would mean Zscaler identified the problem but couldn't execute the go-to-market transformation. The history of enterprise software pricing transitions suggests the product capability usually arrives 12 to 18 months before the commercial model catches up. Whether Zscaler's sales organization can make that leap is the part no filing discloses.

The access graph is the product capability. The pricing model is what I'm watching for next. The meter comes before the bill.

Things to follow up on...

Symmetry's air-gapped deployments: Symmetry Systems claims the first successful DSPM deployment in a completely air-gapped environment, with no data or telemetry leaving the perimeter, which could matter significantly for Zscaler's federal and SLED pipeline given its recent IL5 provisional authorization.
Chaudhry's agent traffic framing: On the Q2 FY2026 earnings call, Chaudhry argued that agent-to-agent traffic should route through the Zero Trust Exchange, but the full transcript frames this entirely as a security case rather than a pricing mechanism, which is itself a signal about how far the commercial model lags the architecture.
The agent identity confidence gap: A Cloud Security Alliance survey found that only 18% of security leaders expressed high confidence their current identity systems can handle agent identities, and just 23% of organizations have a formal enterprise-wide strategy for agent identity management.
Forgepoint's investor thesis: Symmetry's lead investor published a post-acquisition note arguing that many enterprises are stuck at the AI agent pilot phase specifically because their models move sensitive data in ways traditional controls weren't designed to govern, positioning the access graph as the unlock for production deployment.