Netskope Inc (NTSK)

Netskope competes in the market for cloud-native security infrastructure. As organizations moved workloads from corporate datacenters to cloud platforms and shifted employees toward remote work and direct-to-cloud workflows, the traditional security perimeter — the firewall at the office — collapsed. Netskope built software to inspect and control what users and applications actually do on the internet and within cloud services, selling visibility and enforcement in a world where the old appliance-based model no longer works.

Ticker	NTSK (NASDAQ)
Founded	2012, San Jose, California
Founders	Sanjay Beri, Shib Sinha, Ravi Ithal
Sector	Cybersecurity, cloud infrastructure
Primary products	Secure Web Gateway, Cloud Access Security Broker, Advanced Threat Protection
Business model	Subscription SaaS; per-user or bandwidth-based pricing
SEC CIK	0002063196

The shift that created the market

For decades, network security was straightforward: companies built a moat around the office. Firewalls sat at the perimeter. All traffic flowed through them. IT teams could see where data went and enforce rules about what users accessed. The model was called “castle and moat” — everything inside the walls was trusted, everything outside was not.

That model imploded. By the early 2010s, employees worked from home and coffee shops. Applications moved from servers in closets to Amazon and Microsoft datacenters. Employees downloaded files from Google Drive and Box. Business-critical work happened on Salesforce and Slack. The perimeter no longer existed, and the castle had a thousand doors.

Companies needed new software to handle this reality. They needed to watch what their users did on the internet regardless of where those users were. They needed to control access to cloud services. They needed to know if someone was exfiltrating data through Dropbox or communicating over a consumer app. Netskope built that software.

How Netskope makes money

The company’s revenue comes primarily from two product categories. The first is Secure Web Gateway — software that intercepts web traffic, inspects it, and blocks access to malicious or policy-violating sites. It replaces what used to be done by a physical box in a datacenter. The second is Cloud Access Security Broker, or CASB — software that sits between a user and cloud services like Microsoft 365, Salesforce, or Google Workspace, inspecting what the user does inside those services and enforcing compliance rules.

Both products are sold as subscriptions, typically priced per user per month or based on bandwidth consumed. A large enterprise customer might have hundreds or thousands of employees running Netskope software, generating tens of thousands of dollars in annual recurring revenue. Like most SaaS companies, Netskope’s revenue is largely predictable, arriving in advance, with the product sitting in a customer’s network for years.

The company also sells Advanced Threat Protection and other modules that layer detection of malware, data loss, and intrusion attempts onto the core platform. Customers buy more modules as they expand the scope of what Netskope monitors.

The competitive landscape: the web gateway wars

Netskope competes directly against other cloud-native security companies and against legacy vendors trying to remain relevant. The core market for Secure Web Gateway — software that filters web traffic — is intensely crowded. Zscaler built a similar product with an aggressive go-to-market approach. Fortinet and Cisco also sell web gateways. Palo Alto Networks acquired a web gateway company and integrated it into its platform. ForcePoint competes. Menlo Security competes.

The competition among these vendors is decided by three levers: technical capability, price, and integration into a broader platform. Netskope’s argument is that it inspects traffic faster and more accurately than rivals because it is cloud-native from the ground up — built for the internet-first world rather than retrofitted from an old appliance. Its inspection engine can detect more kinds of threats and policy violations, and it can do so without slowing the user’s connection noticeably.

Integration matters because security teams buy platforms, not point products. A customer that already uses Palo Alto for firewalls has an incentive to buy its web gateway too. That bundling disadvantages independent players like Netskope. To compete, Netskope has embedded itself into larger platforms through partnerships and acquisitions — in 2024 Cisco announced the acquisition of Netskope, which validates both that the product is valuable and that the consolidation into larger platforms is the long-term trend.

Pressures and the 10-K view

Netskope faces classic SaaS competition: price wars, customer churn, and the constant need to expand into adjacent products to maintain growth. Like all security software vendors, it competes for budget against other security tools and against the pressure to do more with less. Any attacker that develops a new evasion technique creates pressure to update the product, which requires engineering investment.

The regulatory landscape matters indirectly. Netskope’s customers buy the product partly to comply with regulations around data access and movement — rules from HIPAA, PCI-DSS, SOC 2, and others. Those regulations are sticky and drive customer loyalty, but changes to regulation can shift what customers prioritize.

The company’s annual 10-K filing (SEC CIK 0002063196) shows classic SaaS metrics: annual recurring revenue, dollar-based net retention (how much of last year’s customers expand this year), and customer acquisition cost relative to lifetime value. The earnings calls reveal whether Netskope is winning or losing against named competitors, how fast cloud adoption is driving overall market growth, and whether the company can maintain pricing power as consolidation occurs.

Why Netskope won when it did

Netskope’s window of advantage — before Cisco’s acquisition closed — was built on having the most specialized and fastest product for the web gateway and CASB use cases at the moment when those use cases mattered most. It was pure-play, not diluted by requirements to integrate with a legacy firewall business. It sold into the pain of CISOs who had built networks around perimeter defense and suddenly could not defend the perimeter anymore.

As a standalone company, Netskope demonstrated that cloud-native security could command the attention and budget of enterprise customers. Whether that independence persists post-acquisition will shape how the product competes against the combined forces of Cisco, Palo Alto, and others. But the fundamental insight — that security software had to be built for a world without a perimeter — was proven correct, and Netskope was one of the first to execute it.