It feels like a lifetime ago that this journalist first heard the phrase “agentic security operations” at Zenith Live 2025. Since then, the speed at which agentic SecOps has evolved across the industry has been nothing short of breathtaking.
Last year, Zscaler announced two acquisitions that would directly underpin its vision for agentic, AI‑driven security operations: Avalor and Red Canary. Avalor brings a powerful security data fabric that has been described as the foundation for new SecOps capabilities such as unified threat management and exposure management. Red Canary, with its managed detection and response (MDR) expertise, automated playbooks, and deep threat intelligence, is intended to accelerate Zscaler’s vision of an AI‑powered SOC of the future.
Raw material
According to CEO Jay Chaudhry, Zscaler processes more than 500 billion transactions every day – roughly 50 times the volume of daily Google searches at the time he made the comparison – translating into some 500 trillion security signals across its global security cloud. Those 500 billion plus daily transactions form a uniquely valuable dataset that Zscaler treats as the raw material that makes its Zero Trust Exchange effective: every transaction is inspected, governed by policy, and transformed into signals that continuously refine its threat detection, risk scoring, and AI models.
Sitting at the center of this strategy is the Zero Trust Exchange, a switchboard‑like platform that brokers one‑to‑one, least‑privilege connections between users, devices, workloads, and applications. When combined with the data fabric from Avalor and the MDR and automation capabilities of Red Canary, the Exchange becomes an increasingly AI‑driven SecOps fabric. The goal is to let customers run their own security operations centres (SOCs) more efficiently, while giving partners a foundation to build managed SOC services that lean on automated workflows and AI‑driven threat management.
Agentic SecOps – the other pieces
To bring this vision closer to reality, Zscaler has added more pieces to its agentic SecOps puzzle: SPLX, Symmetry Systems, and SquareX. SPLX, acquired in late 2025, strengthens AI security and governance. SquareX, which closed in February 2026, extends zero trust to the browser, especially for unmanaged devices. Symmetry Systems, announced in May 2026, adds an identity and data access graph that spans both humans and AI agents. Together, these acquisitions deepen Zscaler’s ability to see, understand, and control not just users and applications, but also the emerging ecosystem of AI agents operating at machine speed.