Please welcome Tom Barth.
Good morning, everyone. On behalf of Akamai's 9,000 employees around the world, I wanna welcome you to our 2022 Akamai Analyst Day. As you can see here, we have a full agenda. We're gonna start down the left side today. As you can see, we have a break after the first three presenters, and then we'll work our way down the right side and end today with a Q&A session. We'll talk a little bit more about the administration around the Q&A when we get to it. Just a reminder to mute your phones. We'll save the questions until the Q&A session. Again, we'll have a luncheon after this where you'll have one-on-one time if you want with executives. That's downstairs in the reading room.
For those that choose to stay around or are so inclined, we do have a security summit beginning at 1:00 in the same room. It's not an Analyst Day unless you have Safe Harbor language, and today's session is no different. It may contain estimates and other statements that are forward-looking under the Private Securities Litigation Reform Act of 1995. These forward-looking statements are subject to risks and uncertainties and involve factors that could cause actual results to differ materially from those expressed or implied in such statements. The forward-looking statements represent our views of today, that's May 18th, 2022, and we disclaim any obligation to update them or reflect future events or circumstances. With that, I'm proud to say we're gonna unveil our Akamai advertising that you see for the first time.
Others will see it in financial media over the coming weeks, and I'm very excited to get this started. Thank you for joining us, and I'll look forward to seeing you over the course of this morning. Thank you.
Akamai makes it possible. Streaming the big game. Safeguarding healthcare. Powering wellness. Protecting investments. Fueling e-commerce. Securing the workforce. Fortifying banking. Defending financial systems. Energizing the metaverse. Making life better for billions of people, billions of times a day. Akamai: power and protect life online.
Please welcome Tom Leighton.
I wanna thank you all for joining us today. I know you got a lot going on, and of course, COVID's not making anything easy still. It is nice to be back with many of you in- person today. I think many of you know, but Akamai's mission is to power and protect life online. Our purpose in doing this is to make life better for billions of people, billions of times a day. Now, we do this in part by making digital experiences everywhere around the world be fast, reliable, and secure. We've been doing this for over 20 years now, led by our culture of innovation and teamwork and caring for our customers and internet users all around the world.
Over the last 20 years, Akamai has achieved an exceptional track record of market-changing innovation and transformational M&A, starting with the invention of content delivery networks and our unique edge platform in the late 1990s. Now, the idea of the edge platform was to place our servers in thousands of locations around the world so that we could be close to all the internet users, in their neighborhood, in their last- mile network. Because if we're really close, we can make their experience be really fast. We don't have to worry about congestion in backbones or in peering points. We can have the content that users want near them so that when they go to access it's really quick. Now, it's not so easy to do that.
In fact, even to this day, Akamai is the only company that's figured out how to really put servers in thousands of locations and get the content really close to end users. You know, the first problem is there's a lot of content, and you can't put all the content in every server. You just can't. It's too much. You have to solve the problem of what content goes where when so that when a user goes to access our customer's content, they get it really quickly. Now, there's a lot of players in the content delivery space today, of course, and a lot of them talk about having an edge network. They don't really. They have the content in their servers in a small number of centralized locations in the cloud or in data centers.
They really do follow the practice of putting a lot of the content, you know, in those small locations. But you can't do that if you wanna be really distributed, and it's really hard to make it work. Aided by the acquisition of InterVu, Akamai was also an early pioneer in streaming on the internet, OTT. We were the first to offer HD streaming at scale, and we're still the leader in this area by far. Of course, we're well known as the go-to provider for major events, certainly live events, in most every major country around the world. As the internet evolved and moved from static websites to highly personalized and dynamic applications, Akamai became the leading provider of services to accelerate those applications, to make the experience be fast, even for apps where there was no cacheable content.
Now, we did this by inventing our own protocols for communication and routing to create a virtual internet on top of the real internet. Now, we couldn't change the physical internet, but we made it work a lot better by embedding our software into the Edge platform. Now today, a large portion of all online transactions are accelerated by the Akamai platform. Things as personalized and dynamic as your shopping cart or checking your bank balance. Edge computing is another area where Akamai was an early leader. You know, you all know there's been a lot of buzz about edge computing the last few years, even to the point where I think a lot of people think it's something new. It's not. We've been doing edge computing for thousands of customers for many, many years.
More recently, and in conjunction with acquisitions such as Prolexic, Cyberfend, and most recently, Guardicore, Akamai has been a key pioneer in the development of security-as-a-service. Now, in the past, tasks such as DDoS prevention, app firewall, and micro-segmentation were handled by buying equipment and having your IT team manage it in a data center. Akamai has changed that forever, resulting in far greater security and at a much lower cost. Now we're taking the next step with our acquisition of Linode. With Linode, we can enable our customers to build, run, secure, and deliver their applications all on the Akamai Edge platform. Now, in the past, of course, customers have used us for our leading delivery and security solutions, but in most cases, they couldn't use us to build or host their apps or sites on our platform. They wanted to.
They asked us to be able to do this, but we didn't offer that kind of cloud compute in the past. They'd have to do it themselves or they'd use a hyperscaler. Now, with Linode, they can do it all on Akamai. As a result, Akamai is now the world's most distributed cloud services provider with leading solutions for compute, security, and delivery. I'm gonna talk about each of these three areas today, and then we're gonna do deep dives on compute and security.
I'm gonna start with compute, and when I say compute, just so you know what I'm talking about, the products that includes Linode, our NetStorage product, which used to be part of delivery, and the products that we used to put in what we call the Edge applications bucket, which were also part of our content delivery category if you were at our Analyst Day last year. Our vision for compute is to provide easy-to-use, developer-friendly compute with affordable and transparent pricing and enterprise-grade scale, reliability, security, and compliance. Of course, there are some giant companies that are very good at cloud computing today. It's an enormous market, well over $100 billion and growing rapidly. The hyperscalers are really good at offering a wide variety of capabilities, a full platform.
Of course, they have enterprise class benefits like scale and resiliency. There are also many smaller players in the cloud computing market today. These are often referred to as alternative clouds, and they distinguish themselves by being easy to use, developer friendly, transparent and attractive pricing. Of course, the market served by these alternative clouds is much smaller today than what's being served by the hyperscalers. Now, our goal with Linode is to upgrade their capabilities and increase their scale to provide the best of both worlds. Easy- to- use, developer-friendly, transparent, attractive pricing, but also a wide variety of capabilities and enterprise-grade, scale and resiliency. Now of course, this begs the question about, well, what applications and what enterprises make sense to use Linode? Well, these are some of the attributes that would be indicative of, would this be a good application to put on Linode?
First, the enterprise probably would want to have a multi-cloud approach without being locked in. A lot of enterprises are locked in today to a particular hyperscaler. Increasingly, they're not so comfortable with that. Or maybe their applications are handled on-prem today and the enterprise is considering moving to the cloud. The enterprise or the particular application doesn't rely on large numbers of third-party apps. Or if it does, the enterprise would have to have a developer team that likes to manage those third-party apps themselves. It's important for the enterprise, I think, to have a strong developer culture, 'cause Linode is very popular among developers. Nearly 180,000 developers used Linode in April alone. The enterprise might have a desire to reduce costs, and I gotta say, today, that's a big deal with enterprises using the hyperscalers.
The costs have gone way up, and this is now a challenge. Of course, Linode is much less expensive to use. Another good indicator for whether they'd wanna use Linode is the enterprise is an Akamai customer already, and they wanted to build, run, secure, and deliver their apps all on the same platform. Of course, you know, another one is increasingly enterprises are concerned about working with some of the hyperscalers that they compete with because the, those hyperscalers are now getting all the enterprise data, and data is increasingly a concern for enterprises. You know, I've had a chance recently to talk to a lot of our customers, and I say universally there's interest in the Linode acquisition. In fact, you know, I had my first trip to visit Europe and Asia, had a couple of weeks, saw dozens of customers.
It was really great to be back out, seeing customers in person. I wanna tell you two anecdotes about Linode and the reaction and how it relates to these criteria. The first is I was seeing one of our partners in Europe. They're a leading media workflow company. I was meeting with the CEO for breakfast, and I was gonna, you know, over the course of the meal, talk about, "Well, you know, we bought this company called Linode. I think it could be really interesting for you in terms of your media workflow, 'cause they use us for everything else." Before we even had the food ordered, he goes, "Tom, what a great acquisition." I go, "What?" He goes, "Linode." He said, "I've been using Linode on and off personally, you know, for 10 years.
They're a great company." I go, "Oh, good." He goes, "In fact, you know, we're multi-cloud, of course, and we've got all our workflow apps in containers, and you know, I ported some of them to Linode to see what would happen." He says, "It worked great. In fact, we're gonna save a lot of money." Well, that's an ideal scenario for us to attract, you know, business on Linode. In fact, this particular customer checked all five categories. Multi-cloud, doesn't want lock-in, and in their case, they're a developer-centric culture. They like to manage, you know, the third-party applications. They really wanna reduce cost, and they're already, you know, very happy Akamai customers. There's another example, and this is a leading Australian e-commerce company. There, you know, started the conversation.
They weren't especially familiar with Linode. You know, the CEO said, "Yeah, I don't think we're gonna use, you know, another vendor. We're locked into one of the hyperscalers. In fact, our developers have built an entire workflow around it to try to make it easier to use." I said, "Yeah, okay. I understand that." We talked about it some more. We talked about the cost, and he goes, "I got a big cost problem. You know, my bill is going way up." I said, "Well, you know, we can reduce, you know, the cost substantially, and maybe we can get it so we can, you know, get into your workflow. Your developer's obviously very talented.
You wouldn't be locked in anymore, and you'd save a lot of money." Well, you know, at the end of the day, at the end of the meeting, they liked it well enough. They're bringing the team to Philadelphia to see, okay, how can they do that? You know, how can they get Linode put into their workflow so as they're provisioning an app, you know, or a container on their existing provider, they can also, you know, do that on Linode. Now, they are Akamai customers, very happy with Akamai, but that wasn't the driving factor in their case. You know, I think the acquisition of Linode's already getting a lot of interest, also among the analyst community.
In fact, you know, here's the quote from IDC saying, "Buyers should be mindful of developments in the infrastructure as a service outside the hyperscaler mainstream that could offer opportunities to repatriate cloud workloads for better cost and performance while retaining the level of redundancy and coverage demanded by enterprises." The first example they cited was our recent acquisition of Linode. Adam's gonna talk a lot more about Linode in a few minutes. Meanwhile, let's talk some about security. Security is an incredibly fast-moving landscape. It's just mind-boggling. Just, these are the recent headlines. And just when you think it can't get any worse because it's so bad, well, you get the headline next week, and somehow it got worse. This is really a disastrous situation. Very dangerous and very costly.
Our vision, our mission at Akamai for security is to keep enterprises and their users and their data safe from cyberattacks of all forms. Now, today, our security offerings are divided into three areas, and Mani is gonna talk a lot about each of those areas in a few minutes. They're all supported by our managed security services. I'll say just a few words about these areas. The first is infrastructure security. These are the products that defend against denial of service attacks, you know, the flooding of traffic. You have Prolexic to defend against the volume attacks that come at the routing layer against your IP space, your data center, so forth. Edge DNS and DNSi to defend at the DNS layer. As many of you know, a lot of the Internet outages have been caused by attacks on DNS.
DNS is the Achilles' heel of the Internet. It is really important that you have special defenses for DNS against DDoS attacks. You know, sometimes I hear that, you know, since DDoS has been around a long time, that somehow it's not a big deal anymore. That's not true. This is a graph that shows the large-scale DDoS attacks by month over the last few years. You can see that not only are there still a lot of large attacks, but they're getting larger, and there's more of them. You know, you get an attack here over 0.5 Tb /s , that wipes out anything if it reaches the target, just anything, you know, get taken out there.
Your takeouts, you know, some countries at that level with a well-coordinated attack or once you start getting into a few terabits per second. Now, Akamai has been a leader in DDoS mitigation really since we bought Prolexic, probably eight years ago or so. Mani is gonna talk more about this. The second category is app and API protection. These are the products that today deliver the large majority of our security revenue. They're also growing very rapidly, so they account for a lot of our growth, and they're making a huge difference for our customers. You know, here's a graph that is showing the app and API attacks against our customer base. It's color-coded, and you can see that pretty much all the major verticals that we service are experiencing these attacks. You can see they're rapidly increasing in volume.
In fact, you see just you know in March a big spike up, and this is something we've seen really across the board is you know coincident with the war in Ukraine large increase in the number of attacks. The sophistication and the nature of the attacks didn't change with the war, but the volume has gone way up. Now, the bedrock of an enterprise's defense against these kinds of attacks is their web app firewall. The web app firewall stops attacks that are designed to change the content on the site to take down the site. This also includes DDoS at the app layer, like a zillion requests, data theft from the site or the users, or attacks designed to take over a user's account. So the WAF is critical. It is the bedrock.
Akamai has been the leader in WAF for a long time. In fact, in the most recent Magic Quadrant, Akamai got even farther to the up and right and even farther ahead of our nearest competitors. Now, today, you need the bedrock, you need the WAF, but you also need a lot more. We've built a lot of capabilities on top of the application firewall. The first was bot management. As Mani is gonna talk about in a little bit, most traffic today is no longer human. It's bots. Now, not all bots are bad, but most of them are, and they're designed to do a lot of bad things to your applications. We built a solution that identifies bots and keeps them from doing those bad things. Now, one of the worst things the bots can do is take over user accounts.
Typically they do this by, you know, buying a list of identities online that got stolen from some website, your login credentials, and then they try them against 5,000 websites to see, did you use the same credentials at your bank or your commerce company or your media site? If you did, then they catch it, and they sell your account to organized crime, and then you have a problem. So we built a special solution there. In fact, part of what's going on is that not just bots anymore, because our Bot Manager solution is so good, now the bad guys are hiring humans to do this, to see if your credentials work on other sites. Account Protector stops that.
You know, there's a lot of malware in third-party code and in third-party websites today that our customers use. You need a Page Integrity Manager to make sure that malware is not getting on to the user's browser, where it can be used to steal user data. Most recently, you know, today, the malware is being used to hijack our enterprise customers' users. Just when they're about to click to buy, something pops up and takes the user somewhere else. That's happening about 20% of the time. Now we have a new solution just be released, you know, next month to stop that. You know, it's an area where there's a lot going on, a lot of new attacks, and so we're constantly building new services to provide value for our customers.
That's why this area is growing so fast for Akamai. The third category I wanna talk about is our enterprise Zero Trust solutions. Now, these products are designed to protect enterprise apps and data from malware, ransomware, data exfiltration, and just attacks against the enterprise. It's a big problem today. Legacy enterprises and cloud data centers defenses just don't work. You know this is true by looking at all those headlines, because if the traditional security defenses were working, you wouldn't have all those headlines, you wouldn't have all the breaches. A lot of companies are getting breached, and the worst part of it is the breach is getting in through an employee or a trusted third party.
You know, just as an analogy to try to understand how this is happening, you know, think about the physical security of an office building and imagine the security consisted of giving every employee a key to the front door, and that's it. Once the employee gets in the front door, they're allowed to go on any floor, into any office, into any file drawer or desk and get whatever they want. Now, no major enterprise works that way. That's crazy. That is how major enterprises largely work today with security, and that's why you got so many breaches going on. Ransomware, in particular, is a huge problem today. A lot of companies being attacked. You know, the average demands now is over $2 million. The average payment is over $ 0.5 million for a ransomware attack, and it's going up rapidly.
Now ransomware is not just one, you know, piece of malware. There's a lot of different, you know, ways that ransomware is spreading, and it's really a big deal. You know, It's hard for me to meet a customer today where the customer isn't saying their board is asking them, what are they doing about ransomware? You know, how are they gonna prevent it? Governments are getting in the act. Regulators are saying you gotta have some defense against it. You know, you just can't keep going like this. Governments making regulations to say, "You can't pay." Well, but if a company can't pay, then really bad things happen to them. Now, there is a solution here, and it's Zero Trust Security. There's two components to it.
The first is Zero Trust Network Access, and that's designed to keep the malware from getting in when an employee accesses the enterprise network. The second part is to keep the malware from spreading once it gets in, and that's micro-segmentation. To identify when you got the malware, so you can get rid of it and limit the blast radius, so you don't cause the huge damage when malware does get in. Now, for the most part, the industry has focused on the first piece of this, Zero Trust Network Access, trying to stop the malware from getting in. Unfortunately, even if you bought our products, bought all our competitors' products, today, malware still has other routes in.
That means what you really need is the ability to isolate it and catch it and keep it from spreading, so you limit the damage and the blast radius. Now, traditionally, these two solutions have been bought separately, and the analysts have treated them as separate. Increasingly, we're seeing customers want them as a package and bought together. In fact, they're often called north-south protection and east-west protection. You know, employee-to-enterprise devices, north-south, device to device or app to app, east-west, and you want one control panel to have your business logic to protect the enterprise. Now, another challenge here is that the traditional solution for micro-segmentation was terrible.
It was done by physically partitioning your corporate network with devices, firewalls, which made it hard to do, inflexible, and really not very secure because you didn't wanna segment into too many pieces, so you had big segments. Malware gets in, runs wild in a big segment, and you still got a big problem. It's a great tweet from 2019 that network segmentation projects are where CISOs go to die. In fact, the problem was so bad that most major enterprises simply didn't do it, and analysts pretty much ignored it. In fact, you won't find micro-segmentation as part of a SASE framework, which is odd in a sense, because it's probably one of the most, if not the most important piece. I think that's now changing, really because of Guardicore's solutions.
They have a software-based approach for the problem. It is much easier to implement. They place an agent and software on every single application, think of it as a mini firewall there, that regulates what applications can talk to what other applications, monitors that, looks for anomalies. It's very flexible and adaptable. You know, basically, the old approach with hardware to physically segment things, not adaptable at all. Very hard to change. Here, you do it instantly. It's all through software. You know, one of the best things about the product, and we see with our customers, you know, their feedback, is it gives you great visibility into what's going on inside of your enterprise. They can see for the first time what is talking to what is going on.
It identifies the presence of malware and blocks the spread. The one of the things that people don't think about but is really important to our customers is Guardicore is unique in the breadth of their OS coverage. The agents where the agents can go, the applications that they can protect. They put a ton of effort in over the last 10 years to make it work with all the legacy systems. There are now competitors that have a software-based approach that don't do this. With a major enterprise, if you can't, you know, include all your legacy systems, you haven't really solved the problem, and Guardicore does that. You know, as a result, recently Forrester said micro-segmentation is essential for Zero Trust Private Networks.
In fact, they rank Akamai here because we've acquired Guardicore, but this is Guardicore as the best by a wide margin. I gotta tell you, it's a lot of fun to talk to customers about Guardicore, because you know our you know leading banking customers, manufacturing, pretty much you know any major enterprise. Boards care, you know, what is their defense against ransomware, and Guardicore is the leading answer. Not only that, you can see in this quote here, it really is easy to modify, right? You know, it's just this notion that you can't open up a communication channel in under a week. Enterprises can't operate that way. All right, I wanna switch gears now. Mani's gonna talk a lot more about security, obviously very important for us, in a few minutes.
I wanna spend a few words talking about our delivery business, and that's what we used to call, you know, with you at our last Analyst Day, our CDN business, but it doesn't have NetStorage or the Edge Applications products if you're familiar with that from last year. Our vision for delivery is to continue being the world's leading application delivery platform with the best scale, performance, reliability, and efficiency. Now, our delivery business spans the spectrum of verticals, streaming media, e-commerce, travel, hospitality, software, gaming, social media, ad tech, and banking. Now, these verticals use the platform in different ways. You know, banking isn't super high traffic, but they really care about security and compliance and performance. Streaming media, very high traffic, but they have common requirements, and over time, the requirements have really coalesced between the verticals. Everybody needs reliability today.
Everybody needs security, and increasingly, they all need compliance. Now, the compliance needed by a bank or a commerce company might be a little different than the compliance needed by a media company, but increasingly, with the sensitivity around data and the laws being passed, they all care about compliance with their data, whether you're a media company, you know, or a bank. They all care about scalability on demand, geographic reach, high performance, and affordable pricing. Everybody wants that. Now, of course, pricing per byte varies based on how many bytes you're sending. So big media companies with a lot of traffic will have much lower price per byte delivered than we would, say, for a bank that doesn't have a lot of traffic but has very high value in the bytes that they do send.
We've been the market leader in delivery by far since we created the industry over 20 years ago. Here's a recent IDC report. Of course, Akamai is in the upper right. The size of the circle is representing their estimate of market share, and we do have a very large market share here. This is a graph of traffic on the Akamai platform over the last few years, and what it's doing is showing the daily peak. The average over a 24-hour period, it'd be a little bit less than this, but these are the peaks. You can see traffic, of course, has increased substantially every year. You see where COVID-19 hit in terms of the stay-at-home orders. Got big jump there in traffic. You see we had a big spike recently, over 250 Tb/s.
You see up in the top right corner here, it leveled off a little bit there. If you look, the year-over-year growth rate is not as high as it's been in past years. This is what we talked about on our last call with analysts as we reported last quarter's results. I think, as we talked about, several causes for this, you know, there's the war in Ukraine, which has certainly disrupted traffic into that region and into Russia. People are out and about, you know we're all here, so maybe there's less, you know, growth consumption online. This is something we're watching carefully. It was great to see a big spike recently with that traffic spike.
Our strategy going forward is to maintain our market-leading performance, reliability, scale, and geographic reach. We are working on updating our pricing strategy. If traffic won't be growing as fast, then the reductions we offer won't be as large. That's something that we're working through. As you know, our traffic is growing, but revenue in the delivery business has been declining in the low- to mid-single-digit . We think there will continue to be some decline there over the near term. What we'd really like to do is get it back to flat. You know, it's a very profitable business for us, but we don't wanna see the revenue decline. Of course, we're always working on improving efficiency.
One of the unique things about Akamai's delivery platform is that we do generate a lot of margin and profitability when we deliver the traffic, and our competitors don't. There's now several that are public, and you can see it in their numbers. At the end of the day, that's important because it means we're gonna continue to grow our business and scale, and they're gonna be increasingly challenged. As the market, you know, rotates a bit to companies that are actually generating, you know, substantial profits and that have a good trajectory for that, I think that's good for shareholders. We're continuing to work on the developer experience. I know this is something that you've often asked us about, and sometimes our competitors have criticized us for, but we're actually in great shape there now.
We've, you know, recently done a poll of 500 of our leading customers, and the vast majority have said, "Hey, Akamai is at least as easy or better to use than our competition." That's great to see our progress there. Of course, we have a big advantage that we can bundle our delivery with security and compute. In fact, it works really well together. Not only can the customer buy it easily, but it all works, you know, in one platform together, and that has great efficiencies. You know, when you buy Akamai security, your performance improves because the delivery and acceleration comes with it as part of the same platform.
Now, another point I wanna make, 'cause I know sometimes some of you are concerned about this. We've obviously got two very fast-growing businesses with security and compute, now the majority of our revenue, in fact. You have the delivery business, which has been, you know, declining in low to mid single digits, you know, and so the financial profiles look different. The question is, why would you have them together? There's some very good reasons for it. First, having the delivery business and carrying such a large fraction of the world's traffic has enabled us to have deep carrier partnerships, and it enables the vast scale of the Edge platform, which has a lot of benefit for our security business. You know, also it gives us great performance and great access to the last mile capacity.
It lets us stop these massive attacks. You know, a lot of our I've seen companies talk about being connected to lots of networks. Well, sort of silly in a way because if you're connected to the Internet, you're connected to every network. The difference with Akamai is we're in over 1,300 networks. We're in them. You know, we're not peering to get there. That makes a big difference. The delivery business is really synergistic with our security and compute offerings. It improves their performance, and it improves the margins for all of our services. You know, if you took out somehow, doesn't make sense, but if you just took out the platform and the delivery business, suddenly the cost of your security business goes up because we're actually leveraging the same platform, the same server that does delivery.
That same server is doing the security as part of the same transaction with the end user. You know, we've had some of our competitors in delivery by a WAF company, and it doesn't make sense because you now have two different platforms, so you got double the expense. The transaction is really complicated because you gotta go to the WAF company, and then you gotta come to the delivery company, and you have a much more complicated path. Suddenly, your delivery portion is slowed down by that WAF thing out there. With Akamai, it's all integrated seamlessly from day one. Same server, same transaction flow. That same Edge server is doing WAF and delivery. You know, carrying all this traffic and doing huge amount of the DNS for the Internet gives us unmatched visibility and data for our security products.
The bundles, just from the marketing perspective and the buying perspective, makes it easy for customers when you bundle it all together. Now in fact, this does lead in some cases to revenue moving over time from delivery to security and compute. Because, you know, today, most of our sales are led by security, and the base WAF offer includes our old DSA service, which gives you acceleration. You do get delivery and acceleration just by buying security, and you. It's an upsell to buy our enhanced, application acceleration capabilities. With compute, you know, in the early versions of our products, compute's just been included for free. We didn't even bill separately, you know, for Edge side includes. Now increasingly, with, you know, our EdgeWorkers function as a service at the Edge, you know, we'll bill per hit.
Things that were showing up in the delivery revenue, some of that will shift into compute. It allows great packaging, for the customer, makes it really nice for them. Of course, we generate a lot of cash, and we use that cash to invest in new products with rapid growth potential. Just as a proof point, you know, look at the hyperscalers. You don't see them separating out, delivery from compute and security. In fact, they offer all three. Now, they started with compute and then recognized, delivery is pretty important, and then more recently have recognized security is pretty important, and so they tried to add capabilities there. You know, we started with delivery. We're the world's leader there. We added security. We're the world's leader there.
Now we're adding compute with one of the leading alternative compute clouds, and which we're gonna be investing quite a bit in to upgrade their capabilities. If you put it all together, you have the compute business, which last year was $250 million. Now that didn't include Linode. That number will be over $400 million somewhere this year, so pretty substantial growth, obviously. Security $1.3 billion, growing at 25% last year. As I mentioned, you have the delivery business at nearly $2 billion, but declining at 4% year-over-year. These are all constant currency. Now as we look forward, you know, we wanna be growing our compute business by north of 30% a year.
Obviously, this year it'll be much more than that 'cause we made the acquisition, but that's something we think we can really keep growing at a very high rate. We wanna keep our security business growing at 20%, at least. For the delivery business, you know, as we look forward, low- to mid-single-digits decline will do as we've talked about with the traffic issues this year that we're seeing and may persist through the year. Might be a little bit south of that, worse than that. We really wanna get back to flat, and we're putting a lot of effort into doing that. Can't forecast that we'll get there right now, but that's what we'd like to do.
Now if you put all that together, last year, of course, as you know, total company revenue of $3.5 billion, grew at 7%. You know, our goal for the future is to get into double-digit growth. Now as we forecast this year, be a little bit shy of that, but that's where we wanna be. If we can continue to have good success in security, and I think, you know, I'm very excited about the compute business. As the two of them become a bigger part of Akamai, we should be able to get to double digits. In fact, you know, if you look historically, we've had a big shift in revenue, big diversification of revenue. five years ago, nearly 80% of our revenue was delivery. Today, actually in Q1, the majority of our revenue was security and compute.
You know, delivery became just less than half. When we exit this year, I think what you see where we were last year will flip. The delivery being instead of 54% security and compute run rate will be 54%-55% when we exit this year. If you look forward in the future, always hard to predict this far out, but I think delivery becomes, you know, less than a third. You know, we've got compute here at 20%. It could be a lot more. There's an enormous compute market, depending how successful we are in, you know, tapping into that market, but I'm very excited about the future for compute. You know, a lot of companies say a lot of things, and I think one of the nice things about Akamai is we really have had a strong track record of execution.
We talked about, you know, a very innovative culture and company making a difference with new products. Great success in our security growth over the last decade. We've done a very good job in expanding margins over the last several years. Now, this year, we're consciously lowering margins with the acquisitions we made and the investments in new capabilities. Over time, I think, you know, we're in a position to have continued margin expansion as security and compute become larger. Ed's gonna talk more about that. Done a great job on the bottom line, more than doubling our EPS, non-GAAP EPS over the last five years. We've been really disciplined with how we use our cash and our equity. In fact, over the last 10 years, our net share count has dropped by 10% due to the buybacks we've made.
We've had really good success with M&A. Again, very strong discipline there. The vast majority of the acquisitions, I'd say, being very successful and some really transformational. Akamai is a great place to work, and there's a lot of measures for this, both internal and external. This is really important, because it and you see it at times like this, where you have phenomena like, you know, the Great Resignation, huge attrition rates in the industry, hard to, you know, attract talent, and we're actually in a really good position there. You know, our attrition rates are up, and of course, our comp is going up too, but our attrition rates are much lower than the industry average. That's important for the company. We care a lot about sustainability, and you're gonna hear more about that from Nicole today.
Finally, it really is all about the customer at the end of the day, and we are trusted by the world's leading global brands. You know, a lot of the important verticals, pretty much all the major companies, the biggest brands use Akamai. That's great. As we develop new capabilities, we have customers that trust us, willing to buy those products. You know, if I were to summarize it from the financial perspective, you know, why should you invest in Akamai? Well, we have a strategic delivery business, market leader by far and unique edge platform. Very fast-growing security and compute businesses with large potential markets there. Good track record of margin expansion over time and good prospects for future expansion. Very strong cash generation and balance sheet. The potential for double-digit revenue and EPS growth in the future.
Ed's gonna talk a lot more about this today. With that, I wanna turn it over to Adam Karon. He's our Chief Operating Officer and the GM for our Edge Technology Group, which includes platform delivery and compute. Adam?
All right. I'd like to say that I'm as excited as Tom is to be back in person, but I gotta admit, I was having more fun in shorts or sweatpants presenting to you guys over video last year, but I'll stick with it in my suit. Let me start out with our vision for compute, that Tom covered, which is to provide easy-to-use, developer-friendly compute with affordable and transparent pricing, all at enterprise-grade scale, with reliability, security, and compliance, truly to build the best cloud for enterprises and developers. Now, Tom hit on this slide as well, but I do think it's important to hit on it one more time. You know, based on customer feedback, we really do think there's this missing spot in the market, that sweet spot that Tom talked about.
When you think of ease of use, developer friendliness, transparent pricing, and of course avoiding vendor lock-in, there are groups of companies that do this over here on the right. When you think of enterprise scale, enterprise class, security, compliance, resilience, you can do that with companies on the left, but nobody really fits well on both sides. Today, we already have enterprise-grade services. We have delivery, security, and edge compute. We have those trusted relationships that Tom talked about. It's important to note that those services that we have today, they sit right in front of our customers' infrastructure, their compute infrastructure. It's those same customers that have been asking us for a long time, when are we gonna offer them an alternative that's tightly coupled with our existing services?
Adding cloud computing to our portfolio is really just a natural extension of the services that we provide today, really helping our customers and their developers really deliver solutions to end users all over the globe. All right, how are we gonna do it? Well, we're gonna do it with a pretty wide compute set of offerings, and I'm gonna walk through each one of these today. The first one being our cloud computing, where we're offering a broader way of compute offerings that are all easy to use, things like shared CPUs, dedicated CPUs, GPUs, Kubernetes, a recently launched managed database service. Let's see. Next, we've got storage. It's highly available and globally distributed. We've got a S3-compatible object store.
We've got blazing fast NVMe block storage, and we've got our traditional NetStorage product that Tom mentioned moved from delivery into compute. We have cloud optimization, which is really geared towards improving the performance and consistency of apps and APIs, intelligently routing traffic and offering better offload to optimize cost. We deliver that through products like Global Traffic Manager, which is really our cloud-based load balancing solution, Cloud Wrapper, and of course, our Direct Connect solutions. Last but not least, we have our Edge applications, which contains EdgeWorkers, the world's largest serverless compute network. It contains our EdgeKV, our highly performant key value store that allows developers to build data-driven applications right on the edge of the network, all those thousands of locations that Tom talked about.
We also have first-party apps like Cloudlets and Image and Video Manager, and our API acceleration is also inside of this bucket. Now, Tom just mentioned it. Ed will mention it later, but we plan on a three-five-year CAGR in this group for 30%+ . I mentioned it last year as well. This year, we're gonna do over $400 million of revenue just in compute alone. All right. I mentioned that part of the vision was to develop the best cloud for enterprises and developers, and we have a head start. We've got a global connectivity fabric. Nobody gets you closer to end users than Akamai does. We've got a platform that makes it easy for you to move your compute to.
We've got a vibrant community and great technical documentation, best-in-class support, and unmatched price to performance, and all of this is integrated with category-leading delivery and security. Now, I'll hit on each one of these as well. First, I'm gonna talk a little bit about the compute platform vision, and you know, Bobby's gonna go a little deeper into this, later on. I'll cover it here in one slide, really to touch on the global connectivity fabric at the bottom, which is really the foundation, right? It's the key differentiator. We built this to avoid the capacity crunch and the related performance penalties that people get when they build those centralized infrastructures, right?
Over the last 15 years, it's really become an innovative force in solving performance and scaling challenges for our enterprise services, and we're really excited to see how it's gonna advance our compute business by connecting our customers' applications with a global audience at maximum performance. Now, in terms of how we're gonna leverage that fabric, I'm gonna start all the way over there on the left with the core. You know, as businesses move to the cloud, they move that infrastructure to the cloud, the core cloud computing, it still needs to exist. You still need centralized compute. It's always gonna exist, and our intention is to scale Linode's core infrastructure, their full stack, to tens of locations all over the globe. We're gonna make sure that there's regional accessibility and availability that our enterprise customers and their developers have come to expect.
When you move to the mid tier, and this will be in hundreds of locations, this is where we're leveraging our network connectivity fabric to deploy the core primitives that Linode has, establishing really a new category of compute where those VMs and containers can run in hundreds of locations instead of just tens. Our technology teams are really merging together the best of Akamai and Linode together to allow developers to build applications using familiar virtualization and other development technologies they might have. Now, comparing these hundreds of locations in the middle there with the next closest infrastructure provider, well, they say they have about 26.
We're really confident that our enterprises and their developers are gonna be really appreciative of the broader distribution that they have to get closer to their end users. Last, a little further over to the right, for applications that have even more significant distribution requirements, but slightly lower compute, you think about functions as a service, we have our Edge computing solutions that sit all the way in the edge in thousands of locations, delivering fantastic experiences, offering delivery from thousands of locations, all at planetary scale. Next bucket I talked about, it's easy to move your compute. Why it's easy? Well, because we start with an infrastructure that's not built on proprietary protocols. There's no proprietary wrappers. It makes it easier for enterprises to move workloads from cloud to cloud. Today, the industry really does struggle with that. They struggle with proprietary lock-in to the big hyperscalers.
It's been a common complaint for our enterprise customers and their developers. They all want more technical control, they want budget control, and they all want a lower cost. Now, in addition to no proprietary lock-in, we have a great ecosystem of third-party apps that you can kinda see here. They're small, but if you blow it up, you can see them on the Linode website. We offer a super friendly, simple to use platform. You know, I love the quote that one of our technologists used when we were looking at the company, and he said that, "It's so easy to use a Linode platform that you could trip and fall into a virtual machine." I really think that illustrates just how easy it is to use Linode.
When you have 92% of enterprises having a multi-cloud strategy and 92% of developers citing vendor lock-in as a chief concern, well, the time is right for a truly open enterprise-grade alternative, and that's what we're bringing to the market. Okay. When it comes to developer communities and technical documentation, you know, Akamai has always had exceptional based people services, but we know that developers inside and outside the enterprise, well, sometimes they want to service themselves. They want great documentation. They want a vibrant community. They don't wanna have to pick up the phone and call somebody or pay professional services to get answers to their questions. Our cloud maintains one of the best repositories and communities out there.
We have over 3,000 documents that range from beginner to advanced topics, and if a developer can't find the answer in those documents, they can head on over to our community, and they can get their answer from their peers in the developer community. Now, all that said, we do know from great experience that sometimes enterprises and developers, they wanna talk to a human being. They don't just wanna read documents or talk in a community. For that, we have world-class support, the best in class support. I've always believed that, you know, it's through a combination of people and technology that our customers can really innovate without constraints. Our cloud computing support makes that possible. They always go above and beyond getting the answers and solving problems for our customers.
You can see all of that validated here through independent reviews, industry awards, and of course, we have years of history with our services and support organizations providing best in class support for big enterprises all over the globe. All right. I mentioned my last bucket was price, and cost is a big issue. You know, 61% of organizations plan and need to optimize their costs, and like Tom said, like, that's just getting worse, today. People want more ability to control and monitor their costs. In addition to our differentiation being developer friendliness, openness, you know, no proprietary protocols, great support, we have all of these things differentiating us. Well, we're gonna offer this at a super competitive market price, right? Now, we're gonna do this because I mentioned before we have this global connectivity fabric.
Tom talked about the platform being a key attribute of ours, and this allows us to take advantage of our supply chain, our deployment teams, our network infrastructure, our development teams, and of course, the economics that we spent years developing with our carrier partners. It allows us to do all of these things in an extremely attractive financial model. Ed will talk a little more about the model, the financial model that we've got here, later in his section. All right.
As we look to the future, and we think about the roadmap, both Tom and I mentioned that the plan is to operate in that sweet spot, and the roadmap is designed to execute against that strategy exactly by providing new critical functionality for enterprises, but continuing to deliver the simplicity, ease of use, and accessibility that developers have come to expect. We'll be expanding our DBaaS product that we launched last month with support for Postgres and MongoDB and continued support, obviously for MySQL. We're gonna give customers the ability to have their own virtual private network environment with our VPC product. We're gonna integrate our WAF and delivery with compute so that customers have an easy way to combine compute, storage, security, and delivery together, easy to use, click to buy right from the Linode platform.
We're gonna increase the compute options that are available to our customers through things like bare metal instances. We're gonna ensure that we're aligned with the industry standard leading compliant regimes like SOC 2, PCI, and FedRAMP. We're gonna expand the third-party applications that are available on the platform as well. We're gonna add features that you've come to expect, like availability zones, auto-scaling, and elastic load balancing. We're gonna be expanding the distributed compute layer that I mentioned in the platform vision slide by extending VMs and containers to hundreds of locations all over the globe and extending the core compute that we have to tens of locations in every region that we operate in in the world. All right. Customer examples.
You know, it's only been a couple of months since close, but I have been asked a lot about what are customers using the platform today to do. So I'm gonna go through just a few here. First one over on the left, Marco Polo, they are probably familiar to many of you. They're a walkie-talkie social media platform, and they use the infrastructure to deliver video to their end users, driving meaningful engagement. They have fifty, what is it, 50 million installs and over 5 billion messages delivered. They leverage Linode as their core compute platform. G&L is the company Tom mentioned before, one of the companies he met with when he went over to Europe.
You know, they've been a longtime partner in the media and entertainment space with us, and they're using our global distribution and our large amount of egress capacity to develop real-time stream packaging that will run on Linode for their media and entertainment customers. We have Macrometa that uses the Linode platform to support their PaaS offering. They have a distributed database offering. They offer things like Pub/Sub stream processing, container support, all on Linode's platform. Again, eventually all over the globe. Then at the bottom, we have a leading cloud security company that you would've heard of, if I could say the name. They have a system now that spins up thousands of test clients that they use to test against their customers' web apps to look for vulnerabilities.
We have a leading marketing AI company that allows customers to automate and manage marketing campaigns, optimizing acquisition and conversion of customers, and obtain real-time data insights using that AI compute that's running on the Linode platform. We have an ad tech company that's created a data management and audience solution that leverages Linode's compute to match their customers' data with second- and third-party data sources to create a customized target experience for end users. Really ad targeting right there on the platform. They do over 25 billion data events per month on Linode right now. While I don't have it in the slide, you know, Akamai is a big enterprise, and we use public cloud today. You know, we're gonna move our public cloud onto the Linode platform.
That's gonna drive some great economics for us, but what's kinda neat about it is just in the first couple of months, our Guardicore development team, Mani will talk about Guardicore, but the development team had to do something similar to that cloud security company. They had to spin up a whole bunch of workloads for a customer instantiation. I think it was about 6,000. We would have typically gone to a hyperscaler to do that. We would have paid about $20,000 a day, but just in the first couple of weeks of acquiring Linode, they were able to do it on our platform, save that money. You know, they're just across the board, just the examples.
They're just the tip of the iceberg of what can be done when you put compute in the hands of our enterprise customers, developers, and internal teams at Akamai. All right. I'm gonna bring my section to a close here. Remind you know, why we're gonna win in this market. You know, first, buying decisions are switching to the developer and the enterprise. Our enterprise customers, they're looking to build a multi-cloud strategy, and they need to optimize costs. We hear it probably every single day from our customers, and we also hear from analysts. With industry trends, like 92% of enterprises having a multi-cloud strategy, 73% of buying decisions being made by developers, 61% of organizations planning to optimize cost.
When you think about that and you combine it together with Akamai's existing enterprise customer base, all of those great customer relationships, trusted ones that we have, the lack of competitive threat we pose to our customers, the neutrality we have in the industry, that global connectivity fabric, our platform, the developer friendliness and ease of use of the compute platform, and the fact that we've engineered all of this to enable highly distributed, latency-sensitive applications, and then integrated it all with category-leading delivery and security, well, we really are set up to win with the world's most distributed compute platform from cloud to edge, making it easier for developers and businesses to build, run, secure, and deliver their applications. All right. I'll take your questions on compute at the end of the session, but now I'd like to introduce Mani Sundaram, who runs our Security Technology Group.
All right. Adam, thank you. It's a real pleasure to be here. Since this is the first time I'm presenting at the IR day, I thought I'd do just a quick introduction to myself. Prior to this role, I was Akamai's CIO, and I ran our global services and support organization. A lot of the problems that Tom talked about in security, these are things that we lived every day. I still run our platform security organization. I have to say it's a real honor to be here to build these world-class products that now our customers and Akamai use every day. Why is it a good time to be in security? Honestly, there's a lot of things going on. It's a really, really exciting time. It's also a risky time for a lot of these enterprises.
You know, what you're seeing here is a very complex geopolitical environment. Things are changing every day. You'll hear me talk about this a little later with Log4j and Spring4Shell, but the supply chain, the digital supply chain is under attack. It's harder and harder to detect new bots, new impersonation attempts. Every day you hear about something that's basically new on the internet, a new attack that's popping up. Like, as Tom said, you know, the worst thing about all of this is not knowing what's gonna happen next week. Malware and ransomware is news every day. Every day that you read the news, there's something going on in this space. Here's our vision for security. Our vision is to keep enterprises and their users safe from cyberattacks of all forms. How do we do this?
You can see here we have three offerings that are nicely wrapped up with our managed services portfolio. Let me go from left to right. On the left, you have our infrastructure security offerings. Infrastructure, as Tom said, protects you from DDoS attacks, protects your DNS infrastructure from being attacked by DDoS. Anybody who's worked in infrastructure knows that the disruptions in this space can be incredibly negative. Your brand is affected. They also are a pretty attractive target for attackers just because they sometimes are the soft underbelly, right? We have a Prolexic platform that defends our customers, defends our data centers at the layer three level, protects them at the IP level.
We have the DNS services that protect the customer's authoritative DNS offering, DNS servers from attacks from being brought down. Now last year, these products accounted for about $220 million in revenue, growing at about 13% year-over-year. Moving on to application security. Application security, we go into this in a lot more detail, but it is essentially our web application protection portfolio. In this, you can think of this as two separate buckets. One is, you know, our app and API protection that is protecting our customers from things like site scraping, content corruption, you know, form jacking, and so on. On the second side, you have abuse and fraud protection, which basically helps identify and manage abusive user interactions with your, with your site.
Last year, these products accounted for about $804 million in revenue, growing up 22% year-over-year. Tom talked about Zero Trust. Zero trust, really exciting space, growing really fast. You know, we could not be happier with the purchase of Guardicore. I mean, it's an incredible product, world-class micro-segmentation solutions. Really happy with that. Protects customers from malware and ransomware spreading within a company's platform. The whole idea here is to offer a comprehensive product portfolio that I'll be talking about a little later. It's all about protecting access to your applications. It's about securing the internet access for your end users, everybody working from home. You wanna make sure that you have access, secure access out to the internet.
You know, we have a multi-factor authentication product that comes in with all of these. Really fast-growing space. Last year, $122 million, growing at 140% year-over-year. To wrap all of this up pretty nicely is our security services organization, which offers managed security services and, you know, proactive monitoring, threat advisories, and so on. $189 million, growing at 14% year-over-year. As Tom talked about, you know, our goal is to get to a three-five-year CAGR of 20%. All right, I'm gonna jump into infrastructure. Infrastructure, as I said, is, you know, typically the underbelly, right? People don't look at it often, but it's the source for a lot of attacks that are going on. It's
The threats are changing in this landscape quite a bit. You're seeing bigger volumes, you're seeing more complex threats, you're seeing multi-vector attacks that are happening. Our offerings in this space are comprised of two different categories of solutions, right? We have Prolexic, which is our cloud-based DDoS scrubbing platform. It protects your infrastructure, your applications wherever they're deployed, whether it's in the cloud, in your data center, in a colocation facility. You have our DNS solutions that basically augment a customer's authoritative DNS offerings. It can replace them, it can support them. You'd be surprised when you talk to customers, you'd be surprised to hear how many customers actually run their DNS from a very simple infrastructure, maybe two or three servers.
Once you know how badly a DNS attack can take you down, I think, you know, customers realize that they need something to support them. That's where we offer a global, highly scalable DNS service that protects you from distributed denial of service attacks. As I mentioned earlier, we are seeing, and this is from our security operations center data, we are seeing an incredible increase in the number of DDoS attacks every year. In EMEA, you've seen this grow up by 200% year over year, just because of what's happening right now in the world. In the Americas, it's gone up, you know, 273% over the last three years. In Asia Pacific, it's quadrupled in the last five years. Across the board, you're seeing just a phenomenal increase in DDoS attacks.
What do you see when you get a DDoS attack? Something like this. This is a mail that was sent to one of our customers. It typically reads the same. It's like, "You will be under threat next week. If you want to protect yourself, you know, you need to give us some money," typically in Bitcoin, 'cause it can't be traced. "Then if you don't pay, we will attack you." I'll show you a case study a little later on from one of our large customers that went through this, almost the exact sequence of events. Right? What is our solution in this space? With Prolexic, you have over 10 terabits per second of dedicated defense capacity. We have 20+, and actually growing significantly, number of globally distributed scrubbing centers. We have a fully managed solution, zero-second mitigation SLA.
We have authoritative DNS servers that are highly secure, engineered to be scalable, resistant to DDoS. Our DNS services pretty much work seamlessly with your developer ecosystem. You can spin up new domains pretty quickly. It all kind of works together pretty easily. I wanna talk about a few stories. Customer stories, I believe, get the message better. Let me talk about a few stories. First one is Intuit, right? A few years back, there was a major attack on a DNS provider. Intuit was not affected by the attack, but they saw that and they started saying, "Okay, are we also exposed to something like this?" They came to us, and as everybody knows, you know, Intuit is a lot of the business is SaaS-based.
Your sites need to be up, your applications need to be up. They looked at it and said, "We really need to make sure that we are protected against DDoS and DNS attacks." We talked to them. We basically our Prolexic and our Edge DNS services were used with them. We get 100% uptime, DDoS protection. We got them ready for the tax season. They got 3 x an amount of traffic during the tax season, and we were there to protect them during this time. Absolutely no downtime. They're already a customer of our performance solutions, our other security solutions. Just a great way to get the cross-sell of different products into this customer. Talking about a different customer, and this customer actually was impacted.
The way this started for this customer was, they got a letter. They said, "If you're not gonna pay, we're gonna bring you down." The customer didn't pay. 'Cause actually when they got the letter, they actually got a small attack, and it hit them a little bit with some of their UDP services. They didn't pay, and then they got a much bigger attack, took down their DNS infrastructure, it saturated their routers, and then finally it brought down their primary and their backup data centers. They really needed to act fast. They came to us. In five hours, we had them onboarded with our always-on Prolexic solutions and our Edge DNS defense, and they were up and running.
This is a quote from the CISO that says, "Never seen a company react so quickly." Moving on to application security. Tom talked a lot about how things are changing in the application security space. Every day you see new threats. You know, SQL injection attacks, local file inclusion. Like every day you're seeing newer and newer things. Everybody's moving online, so obviously it makes sense. What we saw in the first quarter of this year, we saw attacks rise 196% over the last year. 23% over the last quarter. The first time you're seeing 6 billion web application attacks, over 1 billion more than the previous quarter. This is where.
You know, actually it's funny, Tom and I were talking to a customer a couple of days back, and they said, "The real thing where you guys are phenomenal at is analyzing all of this new data, and that's. You have to keep up to speed with this. This is every day things are changing." This customer, big bank, said, "This is why we really like you guys, because you really have the ability to understand all of the things going on and help make it actionable for all of us." Attacks are becoming pervasive every day. We were at a customer dinner last night.
We were talking about what we were doing when Log4j was reported, and, you know, we lost an entire weekend, I remember, Friday to Sunday, just making sure that we were protected, our customers were protected. A great example of a supply chain attack, right? You don't know what software is being used, and I don't think anybody knew that Log4j was as pervasive as what it was. What is interesting in something like Log4j is it's not the attack that happened on that day. There were clearly multiple variants that came that weekend, but it was months after that you could still see exploits happening because it's so tough to patch your infrastructure. We all know that. People don't patch it. People don't even know that they have unpatched versions of software.
This is where, you know, you see Akamai solutions coming in place. In fact, we have our Adaptive Security Engine that we had rolled out, which automatically protects customers right out of the gate without any manual changes that customers or even Akamai needs to do. Great example. Another case where we talked to a large bank, and they had previously hesitated from moving to the Adaptive Security Engine. When they saw this, they're like, "Yeah, let's move all of our properties to ASE because we really want protection out of the gate." Spring4Shell, a little bit more recent. We saw this happening as well. Again, classic supply chain attack, very popular framework, Spring framework that's used in Java.
Again, here too, you're seeing attacks that are way beyond the initial, you know, date that they released. Tom talked about the WAF, and, you know, we said we need much more than a WAF. Let's go into the two products that we have here, Account Protector and Bot Manager. Now, malicious bots, we've seen this. Malicious bots plague businesses. What is here in the gray are good, your good bots. They're your search engine bots, you know, your partner bots and so on. You can see the red is dramatically increasing. These are your bad bots. These are there to steal information from you, impersonate your users, and these are things that we just see going up every day. What you can also see is in this whole range of bots, you see a lot of things.
You have good bots, bad bots, ugly bots, you know. The whole idea is to not just deny a bot, because once you do that, even for a bad bot, they know that it's a legitimate site and they're now going to attack you even more. You need to be able to customize your responses. The whole idea here is to be able to give different responses to different kinds of bots, right? That the bots don't think that, well, here's a site that I can always attack. You have to be able to do that. That's where our Bot Manager is the leading product in the market, allowing you to do that. You know, account hacking, account takeover is becoming a huge issue. It starts off typically with bots.
Bots come in, and then they identify weaknesses, as Tom talked about, getting usernames and passwords and so on. Then at the end of the day, what happens is there's a few industries that are really affected, not just with bots, but also with humans now, with all of that information, organized crime, people who wanna steal your identity and so on. You know, there's a simple story, follow the money, and these are industries that there's money involved, there's coupons, loyalty points and so on. That's where, you know, see all of these, organized crime and hackers kinda going to these industries and trying to take over these accounts. Our newest product in this space is our Account Protector product. What that does is that prevents fraudulent human logins. Not just bots, but it's bots and humans.
The way it does that is using the user profiles that get built, right? So you're logging in from this machine at so and so time, and you've never logged in from at that particular time, or you've never logged in from, you know, Japan at, you know, 1 A.M. in the morning. Those are things that you can catch. It also detects anomalies in population profiles, right? Why is this application being logged in from somewhere in, you know, Papua New Guinea? You never see that. You can catch things like that, and then what you can do is you can give it to the site owner to decide how they wanna customize it.
They can throw in a captcha, they can do a number of different options, but it's where you can actually catch user attacks, takeovers based on different risk signals. Moving on to our client side products. In this space, we're gonna talk about two products. Page Integrity Manager is one that you've probably heard about in the past, but it relates to the fact that JavaScript usage and the risk is just growing every day. All of you have used web pages. JavaScript is essential to a modern web experience. You really need JavaScript. But it is a risk, right? I mean, a page is actually made up of JavaScript, right?
What happens is that people have said, you know, we've seen the stats about 83%, 80% or 88% of the pages have at least one known security vulnerability in it. A lot of these, you don't even know as your site owner, you might not even know that that exists because you're pulling in information from so many third-party sites. Like, you can say, "Well, I'm just gonna cut out all the outside code," but I'm gonna show you in a couple of slides why that's so hard to do. Here you can see this. This is actually a tool that one of our engineers built. What you see here is kinda this chart that talks about this, the different references from our own homepage. This is our www.akamai.com homepage. The blue is Akamai, right?
The blue dot in the center is our homepage. Then all of the dots, the bigger dots are references to other content on our site. You can see that there are a lot of references to other Akamai sites. Then you can also see these green dots, these yellow dots and so on. These are references from our own homepage to third-party locations for tracking, for other stuff that gets pulled in. It is incredibly hard to know what are the different third-party components that your site is pulling. Oh, sorry. It can be really bad, and it can really devastate your brand. This happened a few years back for a big airline. You know, 22 lines of JavaScript were inserted into a leading airline sites through one of these third-party additions.
Basically stole user data. Hundreds of thousands of customers were, data was compromised. The data was taken, stolen for about $10 a piece on the dark web. Then, you know, ultimately the hackers made $12 million, but the company got fined $229 million just because of this, right? These are transactions that are happening on the client, on a browser. You don't even know that they're happening as a customer. You know, this is the worst situation for any CEO, to have their name dragged in the mud in a situation like this. It's a PR mess. That's where you see Page Integrity Manager come in to protect you from some of these situations. We'll talk later about how it's also becoming a compliance requirement. Let's move to audience hijacking.
All of the expertise that we built in the client side is also being used for something called audience hijacking. The concept is pretty simple, right? You have a, let's say, your retail site, you're opening up a browser. About 20% of the time, what's happening is there's a distraction, maybe a competitor, maybe a coupon, maybe something else that's coming in and taking the attention away from the user of your website. You wouldn't see that in the, you know, an actual store. Imagine going to an actual store and seeing a competitor's ad there. Like, you don't see that happening, but it happens all the time on websites. That's kinda the more benign stuff. There's more malicious stuff happening.
There's affiliates that might be tagging on but who have not done anything to gain the business, but are tagging on their ID and basically making a commission out of it. There are situations where you have malware and ad injection through malicious plugins that are coming in. This is where we are gonna be releasing a new product, so really exciting, new product coming out in June. It's called Audience Hijacking Protector, and that is where we offer customers the ability to protect against these unwanted distractions and redirections of customers to competing malicious websites, affiliates, reducing all the affiliates' fees and so on.
It's an exciting time to be in this space, and I'm really keen on seeing this product go out to the market in June. It's not just us, there's a new regulation that's coming out. PCI stands for Payment Card Industry, you know. They come out in the last three years, actually, they haven't made any changes, but they just released a new spec in March. The spec basically says that the scripts, when you're doing payment card transactions, you need to be able to validate that the scripts that your page is using are authorized and are secure. This is where we feel that we have an incredible opportunity ahead of us with our products, Page Integrity Manager, specifically in this case. All right. Moving on to Zero Trust.
Talk a little bit about malware and ransomware and so on. I wanna talk about not just that, I'm gonna talk about the entire portfolio, 'cause I think it is an entire portfolio play here. Customers, we talk to customers every day, and a lot of customers are saying, "You know, show me what you have in this roadmap. Let's talk about ransomware and obviously malware. That's where you're leaders, but I wanna talk about some of these other products that you have." That's where it's really exciting for us. We have a set of unique capabilities. We have a Zero Trust Access product called Enterprise Application Access.
We have a way to securely access the Internet through our SWG, as well as our mobile products, our multi-factor authentication product that you've probably heard about, as well as an advanced threat hunting services that kinda wraps around all of these service products that we have. Quickly jumping in 'cause I think I'm gonna be running out of time, talk about a couple of case studies here. One is this big global bank, and this bank basically received a requirement from the regulators to basically ring-fence SWIFT, which is one of their common financial applications. They had it running on 100 servers or so, both like bare metal as well as virtual. Without software-based micro-segmentation, this would have taken them a year. Buying hardware, getting firewalls, getting equipment, getting servers, configuring it, getting the people, like all of that.
With Guardicore, they didn't have to do any of it. It basically was done in two weeks. They had one engineer working on it, fully software, fully flexible. They didn't have to move their networks. They didn't have to change their infrastructure. Just a phenomenal solution out here. No downtime at the end of the day when they did this. Moving on to Enterprise Application Access. LIXIL is a big manufacturer based out of Japan. They manufacture building materials and housing equipment. This is a kind of a complex supply chain. The products are complicated. You might typically need a contractor or a set of companies to actually install the products. You can customize it. It's a pretty complex supply chain. They came to us, they really wanted to streamline their IT systems.
It was based on a digital transformation effort that they were doing. Our EAA, Enterprise Application Access product, offered a way for them to securely authenticate their users as they connected to the network. It increased their security dramatically, eliminated their VPN, and it just allowed all of their users to consistently and seamlessly connect to all of their applications in order to configure these products. Great story here. A good example of just secure access is Comcast Business. Everybody here has probably heard of Comcast Business. They service small, medium, and enterprise-level customers in the United States. You know, one of the things I heard is 65% of small businesses have some kind of cyberattack, and when that happens, it typically takes you down by about a year, roughly, right?
What they did, what Comcast Business did was they worked with us very closely, and they came up with a product called SecurityEdge. What SecurityEdge does is it helps their customers connect securely to the internet. Very simple. It's really kind of plug and play. You turn it on, and it's up and running, and it's protecting your business access to the internet securely. Comcast noticed that when they turned this on, they saw a 4.3% increase in their revenue for them because there were so many customers that just wanted to secure themselves, their infrastructure. Comcast is just one of our very trusted partners, but we've got plenty of them. PJ is gonna talk a little bit more about it.
I just wanted to call out that recently we've had conversations with FS-ISAC, which is a financial services community, and we are the founding member of their Critical Providers program. We work really closely with them, talking about cybersecurity, the issues that are there, how they impact financial institutions, and how we can collaborate to make it safer for all of us to conduct these financial transactions. These numbers are really exciting to me. Yeah, we have a comprehensive portfolio, and it's really exciting to see more than a third of our customers have more than one security product. Also here, there's a lot of opportunity. Only 3% of our customers have products across all of our three pillars.
What that tells me is there's plenty of space for us to get cross-sell efforts going to sell our products against each of these different pillars that we have. I wanna close it out by talking about why we win. First thing is we have a comprehensive product portfolio to protect our enterprises and keep them safe from cyberattacks of all forms. Second one, as Tom said, is we have a proven track record. We've done this for many years, and we have shown our customers that we are consistently ahead of the threats on the Internet. Lastly, I'd say, you know, we have its people. You know, security industry is a tough industry to get people. We have thousands of people across the world that are dedicated to innovation and the success of our customers.
With that said, I wanna say thank you. I think I'm gonna give this to Tom. Tom, you coming up? Yep.
Thank you. All right. Great job, everybody.
Thank you.
We're going to take about a 10-minute break. We'll have the slides posted around 2:00 or maybe even earlier today. If everyone could come back by 10:15, we'll get started again. Thank you very much.
Welcome to United. Once again, please check that all your items are with you. Thank you.
Please take your seats. Thank you. Please welcome Robert Blumofe.
All right. Welcome, everybody. That was a great way to start. I'll wait for you. Okay, good now?
Perfect. Thank you.
All right. Okay, so why don't we just jump right into this? This is gonna be a story of the Internet core and the Internet edge. You can think of the Internet core as the tens of locations, centrally positioned, well-connected, where the cloud service providers typically deploy their services. Now, in contrast, the edge is the thousands of locations, highly distributed, nearest to where users, their devices, and things connect into the Internet. Now, we pretty much invented the Edge platform, and we are today the leader by far as an Edge platform. We are in more locations closer to end users, their devices and things than anyone else. Our platform, that is to say, the software that runs at the Edge, has more functionality, more capabilities by far than anybody else.
At this point, I think you can think of the Edge platform as really being an essential part of the ecosystem. It's essential to powering and protecting life online, and it's really an essential component to ensuring the proper operation and secure operation of modern applications. Here's the thing about modern applications. They're not monoliths. Modern applications today are built as collections of services, oftentimes called microservices, each of which have different computing needs, and they're interconnected through messaging. I'm gonna return to this slide at the end when I wrap everything together. The point I wanna make here is this idea of multiple services with differing compute needs. Some of these services, some of these microservices really belong at the edge. They need to be at the edge for various reasons, and I'll explain what some of those reasons are, but not everything.
Some services really properly belong at the core in the cloud, and that's where Linode comes into the picture. By combining Akamai's traditional strength as an Edge platform with Linode at the core, we now have the world's most distributed cloud platform from the core to the Edge for modern applications. What I'm gonna do is explain these components. I want to explain to you how it is that the edge and the core are different, what it is that they are each uniquely good for, and how those capabilities come together to form this unique and powerful platform that is perfectly suited to the needs of modern applications. Now, as we think about their unique capabilities, that is the unique capabilities of the edge versus the core. In the context of computing, it's tempting to think that they're the same thing, just with a different number of locations.
That is that, well, the edge computing is the same thing as core or same thing as cloud computing, just with more locations. That cloud computing, the core, is the same thing as edge computing, just with fewer locations. While that is indeed true, they do differ in location count, there's much more to it than that. I wanna start there and explain that difference. You can see the difference really clearly right up front when you look at how these services are provisioned. What you see on this slide is, on the right-hand side, you see the very first thing you encounter when you go to provision compute on Linode, and you would see something almost identical to this with any of the cloud service providers.
The very first thing you see is a dropdown menu where you select the location where you wanna provision your compute. In the case of Linode, you can see we offer five locations in North America. There's two locations there in Europe and a handful of locations in Asia-Pacific. It's the first thing you have to do. You pick your location. Once you've done that, then you can provision your compute, fire up your applications. The key point is that your applications are gonna run in that location and only in that location. Your applications are effectively location-bound. They're bound to that particular location. That's actually a good thing. That's a really important property of cloud computing, and it's essential to its proper functioning. I'm gonna explain why in just a little bit. Location-bound.
Cloud computing is location-bound. In contrast, if you look at edge computing, it's location unbound, it's ubiquitous. What you see on this slide is the provisioning screen for our EdgeWorkers product, which is our edge computing product. What you see in this provisioning screen is a place to upload your code. That's all you do. You just upload your code in the form of JavaScript. There is no place to select a location. It would make no sense to select a location because your code, the code that you upload, is going to run everywhere across the entire platform. It'll run in whatever number of locations, whichever locations make sense given the current demand for that application. It's no longer bound to a particular location. The code actually runs ubiquitously across all locations. You can now see these differences.
If you look at cloud computing on the left, in the case of Linode, and edge computing on the right, Akamai, indeed, you have the difference in location count. Huge difference in location count. But there's also this difference in that the cloud computing is location bound, edge computing is location unbound or ubiquitous. That's an important distinction, but it raises an important question, which is, for my use case, for my application, or more accurately, my, this particular service of my application, which is the right thing to use? Should I be in the core on the cloud or at the edge? The answer is actually pretty simple. The answer is, well, follow the data.
The rule of thumb here, and I explain this to all developers whenever I have a chance to talk to developers, is you're much better off moving your compute to the data than vice versa. Let me say it again. Instead of moving the data to your compute, move your compute to the data. That's actually a really good rule of thumb that applies in almost all cases when you're thinking about where you should provision your compute. In this context now, we can see where we wanna use Linode, that is cloud in the core, and where we wanna use edge. Starting with cloud, this is great for the case where you're computing on stored data. Maybe you have a database or a data lake or a data warehouse, whatever.
You have some stored data of some form, and the compute is on that data. You're computing on that data, so obviously it makes sense then to bind your compute to that location where your data is stored. All right? You're location bound to the location where the data is stored. Stored data. Edge, on the other hand, is great for traffic flow data. Now you've got traffic flow. You got web traffic flows. You got web requests, you got web responses, and in those traffic flows you have things like URLs, right? URLs have query strings, you have headers, and you've got cookies, and you've got the bodies of these messages.
There's all kinds of data in these messages flowing back and forth, and when you're computing on the data in the messages, well, again, don't backhaul the message to the compute, move the compute to where the message already is, where the traffic already is. That's the edge. You want to be at the edge when you're computing on traffic flow data. Another sort of summary way to say this is the core or the cloud is great for data at rest, and the edge is great for data in motion. Let's look at an example. Starting here with Linode, perfect examples here. Maybe you're doing some search in a product catalog, right? That's stored data. Maybe you're making recommendations based on history and analytics. Stored data. Or maybe you're doing order tracking and updating. Stored data.
Again, the point here is you're computing on stored data, and so it's not surprising that Linode, and pretty much all the cloud service providers, offer compute and storage together. Compute and storage together. You have compute in the form of containers and virtual machines. You've got storage in the form of, say, block storage or object storage or managed databases. They're offered together because you're computing on that stored data. It makes sense to have them bound together. All right. Now let me switch to edge. Some examples for where edge computing makes sense. Response customization based on device is a good example. Request routing based on location and request prioritization based on cookies. Again, you can see that in each case, I was making a decision, or I was doing some operation based on the data that's in the traffic flow.
The product here, we've seen this earlier, is what we call EdgeWorkers. EdgeWorkers is our edge computing product, and that offers lightweight, ephemeral functions as a service. That is, the compute is defined as functions. You saw that earlier when I showed you the provisioning slide, which was where you uploaded your code, your JavaScript code. That's the function. You upload that function, and we execute it across the network.
Functions as a service really make sense here at the edge because it offers a very, very lightweight mechanism that supports isolation, so different customers' functions are isolated from each other, and it also offers a very, a lightweight and simple and quick way to instantiate the functions and bring them down because you want to be running just tied into the traffic flow, right? When the traffic flow occurs, you fire up the function, you run the function on the traffic flow. When the traffic flow is done, the function goes away. Functions are perfect for that. Now, it's also the case that this edge computing is running on our edge platform, thousands of locations. It's not by itself. It's not sitting there in isolation. It's actually running on the same platform as our delivery offerings and our security offerings.
That's important. Tom talked about this, the synergy that comes from all of these capabilities running on one platform. I wanna come back to that in a moment, but first, let me take a quick detour through delivery and security, and again, map it to the edge. If you look at delivery, we have media delivery, and that's high throughput, low latency delivery for media and software downloads. We have application performance, where we're optimizing and accelerating the interaction with web applications. Again, it makes sense here to do these things at the edge because that's where the scale is, that's how you deliver the reliability, that's how you deliver the performance. Delivery belongs at the edge. Well, so too does security.
In fact, all the security products, pretty much all the security products that Mani talked about, you can think of them in terms of operating on traffic flows. Here are some examples. Consider, say, App & API Protector. That product is looking at traffic flows and making decisions. In particular, it's looking at a web request coming in, and it says, "Hey, does this request contain some kind of attack?" If it does contain some kind of attack, well, obviously we wanna block it. Maybe just alert on it, but at least alert, if not also fully block it. Pretty simple idea, right? You're looking at the request, asking a question, and acting on the answer to that question.
Similarly, Bot Manager, again, you're looking at a request coming in, and you're simply asking the question, "Is this request coming from a bot?" You can take different actions depending on the answer to that question. Likewise, Account Protector, looking at the request coming in and saying, "Is this request some form of credential stuffing? Is this an attacker trying to reuse stolen credentials of some kind?" In each of these cases, as you can see, we're operating on web traffic flows, and that's pretty much the case for all of our security products. They're operating on web traffic flow, so you can see it makes sense to do that at the Edge. When you combine it with the cloud, you have this really nice combination in that the Edge can protect the cloud. Because the cloud is where you have that stored data.
Your high-value assets, your high-value stored data lives in the cloud, so you can use the Edge to protect your high-value assets in the cloud. All right. I wanna make two points here about the Edge and security and the platform. First is just really emphasize this point about the importance of having your security stack at the Edge. Because the alternative is a disaster. The alternative is backhauling. It's bad enough to be backhauling your legitimate traffic because whenever you backhaul traffic, you're destroying performance, you're adding on cost. Not good. Backhauling attack traffic is even worse. Probably the best way to think of this, by the way, is really think of it analogously to the point I made earlier about compute. Remember I said that rather than move data to your compute, you're better off moving your compute to the data?
The analog for security is rather than backhauling your traffic to your security stack where you can inspect it, instead move your security stack to where the traffic already is. That means moving your security stack to the edge, where it's ubiquitous, where it's right there where the traffic flows already are, where you can immediately act on those traffic flows and block anything bad at its source before it ever has a chance to get to its victim. That was point number one, really important to run security at the edge. Your security stack belongs at the edge. The other is the point about the platform, and Tom talked about this, the importance of all of these capabilities living on the same platform. I wanna make two particular points about the importance of the one platform.
First of all, from a customer's point of view, this is incredibly valuable and beneficial because it means that once they've got one product, their traffic is on our platform, and now it's really easy to add other capabilities. Whatever you need, it's really now at that point, just a question of clicking buttons in the portal to add new capabilities. You may have one security product, super easy now to add additional security products, or maybe you want a premium performance product or you wanna add edge computing, whatever, super easy. The other is that these, the security and the performance are all coming on one platform, so they can actually act in harmony. This is really important because it's completely different than what you would see with pure-play security vendors.
A pure-play security vendor, the more security you get from them, the less performance you get for your end users. Your end users now suffer for that security. That's not good. You don't wanna be trading off security for end user experience. You want them both together, and that's what you get when you do them both on one platform. Absolutely unique. Now let me tie it all together. We've seen the Akamai Edge platform, delivery, security, edge computing, and the connectivity fabric that that Adam talked about. That's the edge component. Now you add on the core component with Linode, 11 locations offering containers, VMs, and various forms of storage. As we bring these together, we extend our connectivity fabric to cover the core, and we expand Linode to be in more locations, and we bring into place this this middle tier that Adam talked about.
This, by the way, is utterly unique. There's no such thing today as this middle tier, and it's a huge need in the market because it's the first opportunity here to offer compute in the form of containers in lots of locations. Whenever you have compute in containers that needs low latency, hundreds of locations, containerized compute, that will be absolutely unique and really needed in the market. To wrap this up, I simply want to bring it back to the point that I made at the beginning, 'cause I really wanna emphasize how relevant this platform is, how important it is. It looks great on the slide. It's pretty pictures, but it really matters in practice, and it's because of the structure of modern applications.
It's because your modern applications are composed of all of these services that have to communicate among each other through messaging. Given that structure, it should be pretty easy to see how this naturally maps to this platform. You can think of your application now as running as a horizontal stripe across the entire platform, from core to middle to edge. The edge delivers and accelerates and secures your application. The middle provides you that containerized compute with low latency 'cause you're now near the end users. The core provides you compute tied into your storage. All those things work together, and they can communicate with each other via messaging enabled by our global connectivity fabric. Together, you now have something utterly unique in the market, a single platform that developers can use to build, to run, to secure, and deliver their modern applications.
with that, I get to conclude, and I now have the opportunity to welcome to the stage PJ Joseph, our EVP of Global Sales and Services. Welcome, PJ.
Thanks, Bob.
Will you get that?
Thanks to all of you. I'm Paul Joseph. I'm responsible for Akamai's global sales and services organization. Kim and I are gonna talk to you for 20 minutes today about our go-to-market strategy and how the marketing organization is supporting sales and trying to bring more awareness to the capabilities that we offer in the market. I first wanted to start just with an overview of our industry focus and vertical penetration. I think it's important to call out.
I think you might wanna calm down. At least you're not too bad.
Yeah.
That's all right. Where is it? There you are. There you go. You don't need it. You're good now.
Start over. Stole my wallet.
Yep.
Okay. I think it's important to call out our penetration in some of these verticals. These are very sophisticated CDN and cloud security buyers. In commerce, travel, and hospitality, we serve 19 of 20 of the biggest retailers. We do a lot of business with 9 out of the top 10 largest software companies in the world. We work with 18 of the 20 largest brokerage customers, and we have a huge amount of penetration in financial services. We also work with all top 10 auto manufacturers globally, and we have a huge presence in gaming and esports. We have great relationships with the telcos.
We count a bunch of the top telcos as big customers, and we have 250 relationships with carriers around the world, both for deployments of servers, reseller relationships, and then the sell-to part of it. These are hugely sticky relationships, and it speaks to our high retention rates with all of these customers and our very low level of churn within our customer base. Here's some new information for you. We wanted to give you an idea of the percentage of customers that we have in each of these verticals, and also wanted to highlight the percentage of revenue that comes from each of these segments. This is new information, and we didn't share it last year. We thought it'd be useful information for you.
Okay, this slide is a small sampling of some of our customer logos, and it's really designed to highlight some of the large global brands that trust us with their security, acceleration, and compute needs. On the right, you see some Guardicore logos, and we have a ton of momentum with Guardicore. Today, we have about 300 Guardicore customers, and I think the most interesting stat is 60 of those customers have come onto our platform post-acquisition. The sales force is really out there, talking to customers about the impacts of ransomware and what it could mean to the businesses that we already serve today. We've seen great momentum and a ton of traction for Guardicore, and that business is off to a terrific start.
This slide we showed you last year to give you a view into how we segment our customer base. We added revenue concentration and customer count to give you a little more color into the pyramid. Our strategic customers are ones that drive $1 million or more of annualized revenue. Our large enterprise customers deliver between $250,000 and $1 million of annualized revenue. The enterprise customers are spending about $75K-$250K with us. Then you have the SMBs at the bottom of the pyramid. I mentioned this last year, but our strategic accounts are some of our largest revenue-generating customers, high utilization rates for many of our services, multi-solution buyers. A lot of them have dedicated service and support teams, so they highly value the services capabilities that we offer them.
You can kinda map this segment to our internet platform customers, large retailers, social media organizations, big banks spending a lot of money on security with us, SaaS and PaaS providers, and some custom government work we do in the public sector. These are also organizations with huge cloud spends. I was out at NAB a few weeks ago, met with a bunch of our big media customers, and their cloud costs are growing out of control, and they asked us to help them with that. One big media customer of ours had mentioned that they're spending about $45 million a month with a big hyperscaler, and they get an email a week from the CFO saying, "You guys have to bring this cloud cost under control.
What are you gonna do about it?" I think we have an opportunity to help some of these large customers really reel that in and optimize what they're doing with clouds. A few other data points on our strategic customer base. From 2020 to 2021. Our number of customers spending between $5 million and $10 million annually with us went up 10%. The number of customers spending $10 million to $30 million annually went up 8%, and the number of $30 million-plus customers that we have went up 20%. Our large enterprise segment are customers and prospects with roughly 10,000 employees, substantial IT security and compute budgets. I'd say this is a real sweet spot for Linode. I feel like these are the enterprises that are probably most overcharged and underserved by some of the large hyperscalers.
We're already in conversations with a lot of them in a lot of different verticals, but we also have strong engagement from our carrier and SI partners within the large enterprise space. I'll talk about some of the partner traction that we have in the business in a few slides. Let me talk about the enterprise business. This is direct and indirect led, lower touch. Usually our inside sales teams and commercial account reps are servicing these customers. These are multi-solution buyers. I think there's a big opportunity here to catch these customers as they're evaluating new cloud platforms. A lot of them still have an on-prem type of environment, which gives us an opportunity to go in there and, you know, teach them about what Linode could potentially do for them.
Then on the SMB, these are indirect sales motions, so mostly aggregator and OEM partnerships. I'd say a really interesting part of this segment is what we're doing with our carrier partners. Carriers are out there really pitching the value of fiber attach, and this is where they're hooking up Akamai security capabilities. Our secure internet access capabilities are attaching to the broadband offerings that a lot of these carriers make available to their business customers and their consumers. I think you're gonna see this number grow over time. Let me now talk about what we're seeing for white space opportunity with security and compute products in the enterprise, large enterprise and strategic customer segments.
In general, we're seeing really strong demand for our security portfolio, and we now count over 250 customers that spend $1 million+ annually on our security products. As you can see by the penetration stats on this slide, we also have plenty of new product attach opportunities. Mani mentioned that our application security pillar includes our market-leading App & API Protector offerings, Bot Manager, Account Protector, which is a new offering seeing really strong adoption in the market, and then our Page Integrity Manager offering. Very few of our customers have all four of these.
In fact, roughly 35% of our enterprise and strategic customers have two or more application security products, and less than 20% of customers in the blue have two or more infrastructure security or zero trust products, which really serves to highlight the big opportunity that we have in front of us to sell more DDoS, more secure web gateway, more application access and more of our Guardicore micro-segmentation solutions. It's also important to note that we have a lot of expansion opportunities for the capabilities that we've already sold customers. I'll give you a few examples, but a lot of the big banks, you know, were freaking out when Log4j hit, and a lot of them were using our web application firewall capabilities, and that exposed a lot of vulnerabilities to the big banks.
They had web application firewall implemented on a lot of their most important consumer-facing websites. We helped them lock those websites down even further, but what it led to was an expansion of our web application firewall capabilities, so now that they're in front of all of their consumer-facing websites. A lot of those organizations did an audit to say, "Okay, hold on. Where do we need Akamai's WAF?" They're starting to put it everywhere. We have tons of room to grow with our web application firewall solution and our App & API Protector offerings. You know, the second example I'll give you is a large software provider was being impacted by some bot attacks, and they called us because their bill had gone up, 'cause we were in front of some of these bot attacks.
They said, "Hey, are we really getting the value from this service?" We said, "Well, why don't you try to put it on a few other sites?" They said, "We don't have a bot problem on other sites." We said, "Just do it," as a way to be flexible about the overage bill that they had seen. They put it on a bunch of different sites. This is a very large public software company, and they ended up putting Bot Manager on five additional sites. They said, "We didn't even know we were being impacted by bots. This is really impacting our revenue." That's an example of where we have upsell opportunities for products that we've already sold into our high-value customer base.
Obviously with Zero Trust, Guardicore's off to a really strong start and is starting to create drag for our other enterprise security products, so MFA, ETP, Enterprise Application Access. Guardicore is a market leader, and it's opening up conversations for the north-south protections that we have available in our portfolio. On the compute side of things, it's all greenfield. Like, I think our customers are highly interested in understanding what we can offer them for compute capabilities, because a lot of them are thinking about how to diversify their cloud spend. I think there's been some pretty public outages with a lot of the major hyperscalers, and for those customers that have been single-threaded to one, there's a definite need to diversify, and I think we're gonna have a seat at the table for those conversations and can hopefully convert those customers into Akamai compute customers.
Let me talk about the Guardicore go-to-market strategy. We have our entire sales force trained on Guardicore. We have our entire presales organization trained on Guardicore, and our services organization is also fluent now on micro-segmentation. We're really well positioned to go after this opportunity, and I want to give you a couple examples of what we're seeing in a few different verticals. A very large healthcare company in the Northeast conducted an internal audit and found that they were very exposed to lateral risk, and their cyber insurance company was gonna pull their insurance if they didn't address it. They went out to RFP, did an extensive evaluation of the micro-segmentation solutions on the market, and ended up selecting Guardicore.
When I talked to this customer during diligence before we closed the acquisition, I said, "After you get through the script that Guardicore gave you, I really wanna understand what you think about Guardicore." He said, "If you know anything about hospitals, we've grown through acquisitions over time. We've acquired a bunch of hospitals, and there's tons of legacy technical debt, and there's outdated systems. We implemented Guardicore, and it gave us this visibility into where we were exposed. We had no idea what applications were talking to each other." This is a really, really great reference for us. They're talking to other healthcare organizations, but they're super pleased with their Guardicore implementation. He said he thinks healthcare and life sciences, just with the regulations in this industry vertical, is gonna be a real sweet spot for Guardicore.
In financial services, we had a very large bank in Canada sign up for Guardicore so that they could ring-fence their mission-critical applications. This is a theme that we're seeing really in financial services. There's a lot of regulation coming out to make sure that consumer banking applications stay alive and well for all of the users that need to access them. We're seeing regulation driving micro-segmentation efforts within the financial services community. We closed our largest deal with a very large global bank that has a presence in every major financial center around the world in Q1, and Guardicore agents are actually on 110,000 servers today, so tons of traction in financial services.
In automotive and manufacturing, there's tons of concerns with supply chain disruption from ransomware, and so we're seeing this as a really interesting vertical with a lot of momentum around micro-segmentation. We were able to work with a leading German car manufacturer in Q1, and we've implemented Guardicore on 800 of their applications. Lastly, in the telco space, one of our large telco customers in LatAm started to see some unusual attack traffic at the end of Q4.
They actually had a big global SI that was doing some consulting and cyber advisory work for them, and they noticed this, and they said, "Hey, you need to lock this down, and we recommend Guardicore, and we can implement it for you." This was something that wasn't budgeted for, and then the deal came to life very quickly, and it was implemented and sold through a global SI. Really, strong momentum at Guardicore, and we expect that to continue moving forward. Let me quickly talk about the compute opportunity. We did two things before we bought Linode. We talked to a bunch of Akamai's existing customers.
We went to some of our biggest customers, you know, think of Sony and Nintendo and Disney and a lot of the big banks, to understand how they were using cloud platforms. We got a lot of useful information from them. Across the board, our customers said, "You should have been in this space a long time ago. This is a logical place for Akamai to play." All of them have some sort of cloud diversity effort or some sort of initiative to reduce cloud spend. The second thing we did, we talked to a bunch of Linode customers, and it was unanimous across the board. Every Linode customer that we talked to referenced their simple and easy-to-use compute offerings, zero downtime, which was really important, transparent pricing, and excellent customer service.
A few of these customers had migrated from the hyperscalers. They just felt overcharged and underserved from a lot of them. We have a big opportunity, you know, to fill a real need for these customers that wanna diversify their cloud spend. The other thing that we looked at was, we did this analysis last week, what are the origins that are used for Akamai customers today? Who are they using? We can see it because our services ride on a lot of the public cloud platforms. It was really interesting 'cause you might assume that, you know, this big pie chart would have, you know, three of the hyperscalers, Azure, GCP, and AWS, but it had more than 10.
We saw 12 cloud platforms being used pretty extensively by our customer base, which really shows, I think, the diversification efforts that our customers are going through, like they're gonna wanna diversify. That pie chart probably last year or the year before might've looked, you know, single-threaded to three. Now that they're chipping away at that cloud spend that AWS, GCP, and Azure has. Significant growth potential with Linode, and we have a sales force that's pretty fluent in compute today because a lot of our services ride on the public cloud platforms. Okay, let me talk about our partner program. I think I mentioned last year at this time that about a little over 30% of our revenue comes through partners, and they fall into, you know, three major categories.
Then there's a click here, and I'll talk about Guardicore and their partners. We have great carrier partners, and these partners provide great access into industry verticals where we're under-penetrated today. Think of healthcare, life sciences, and manufacturing as a few of those where the carriers are doing a lot of the network services and a lot of the plumbing. We have carrier partners that are reselling our capabilities. Some are embedding our capabilities and taking them to market to service their SMBs and consumers, and an increasing amount are interested in selling Guardicore. They really feel like they can build a managed security business around Guardicore. We have SIs, and this is a really interesting development on the Guardicore front. We're starting to see SIs wanting to build a practice around micro-segmentation.
We have one very successful SI, and I'll show the last slide that will give you an idea of what they're doing and how they're sort of priming the pump for micro-segmentation. But we're in a few interesting conversations with very large-scale SIs to help build practices around Guardicore micro-segmentation. We have our value-added resellers. We have plenty of resellers that actually take our delivery capabilities and bundle them with things like a video CMS. Those companies are doing a relly good job for us identifying new opportunities, especially on the long tail. With Guardicore, they had a partner-only model, and so the only way they went to market was through partners, and a lot of their partners are great at opportunity identification.
I think one of the things we always want from our partners is help us find new opportunities. The Guardicore partner ecosystem is super productive. You know, they're very good security sellers. They're great at identifying new opportunities. They're bringing us new leads all the time, and a lot of them are starting to build services around the Guardicore offerings. We're really happy with the momentum we're seeing from our Guardicore partners. Okay, now this is my last slide, and I just think it speaks to the opportunity that we have with global systems integrators around Guardicore micro-segmentation. This is a very large global SI. They have an audit practice. They have a cyber practice, tons of consulting practices. This is what they've done. They've certified a bunch of engineers around the world on Guardicore.
These engineers go in and actually implement it for us. That gives us a ton of offload that can really help us scale our business moving forward, where we don't have to hire as many services people or technical account managers to do those implementations. This leads to a lot more business for the SIs. They're gonna identify opportunities for zero trust consulting and cyber advisory. This is a highly engaged SI that's both a reseller and a big services partner for us. There's a good possibility that you see us probably sign up a few more global SIs, and this could really give us a tailwind with Guardicore and micro-segmentation. I'll stop there, and I think Kim Salem-Jackson, our CMO, is next. Kim?
Thank you. Thank you, PJ, and hello, everyone. It is so nice to present in person. To put a bow on everything you've heard to date, we believe that Akamai is the most innovative company in the world. If you are engaged online, you are engaged with Akamai, and there are three ways that we unlock our potential. First is increased brand strength. By increasing our brand, we increase demand. Second is we have an agile GTM powered by an intelligent data platform, enabling us to anticipate customer needs and shrink the time from interest to booking. We have a highly engaged and growing developer and customer community that we can really mine from to drive incremental revenue as we go up market. Thanks to our recent acquisitions of Linode and Guardicore, which you heard a lot about, we have a greater than $100 billion TAM.
Our portfolio and customer base is highly diversified, allowing us to attract new customers, to upsell and to cross-sell to our existing customers. In marketing, we're gonna draft off that leadership position as a trusted partner in leading organizations, as a category leader in DDoS mitigation, web application firewall, bot management, and zero trust, and as the world's most distributed compute platform, all enabling us to capture that TAM. Speaking of the TAM, to capitalize on it, we must elevate our brand. We believe that Akamai deserves a far bigger stage to match the magnitude of impact we have on the world. By elevating our narrative in the marketplace, it acts as a catalyst for our GTM. The more people that know us, the more doors that open and the faster we can penetrate that white space. I know that'll make PJ happy.
Below are three examples of how Akamai's brand is being elevated. First, the most innovative brands in the world choose Akamai. Tom told you that. PJ told you that. You can see from the great penetration we have across some of the biggest verticals in the world. Second, through interesting experiences. We all know everybody is vying for your time and your attention, and the only way to break through is to deliver something unique, and we're focused on doing just that. Three fun things we're doing. First of all, we're launching a docuseries this quarter. So think of that TV show, Shark Tank, where Akamai is the shark. We also just launched a gorgeous NFT, the dynamic view and portrait of life online. This morning, you saw us unveil our TV spot that we're gonna be launching next week.
Then by co-marketing with some of the biggest partners, we're expanding our reach to help accelerate our go-to-market. All right. Validation of our market standing comes through the lens of the industry. Akamai has won the Gartner Customer Choice Award, as voted on by our peers for web application and API protection for the third time in a row. We also, to measure our relevancy, we wanna measure our share of voice. Really fun fact, Akamai has greater than 55% share of voice in security. What that means is, all the press out there are writing about Akamai more than they're writing about any of our competitors when it comes to security. Again, through our peers, Linode is ranked number one on review sites, TrustRadius, G2, and Trustpilot. All this is capped off by further validation.
I know you've heard a lot today. From Forrester on our Zero Trust offering and IDC. Okay. Moving on to our GTM. It's fueled by four strategic pillars, growth acceleration, international expansion, channel, and community. We are focused in marketing our GTM on our highest growth products, Guardicore and Compute, our highest growth markets and maintaining share. Our GTM is also underpinned by this very sophisticated data platform. PJ and I have been partnering on a rev tech stack, and the reason you care about that is because it enables us to predict customer needs, recommend the next best action, and shrink that time from interest to revenue. A moment ago, you also heard PJ talk about our sales motion by market segment. I wanna talk to you a little bit about the marketing overlay to that.
At the very top of the pyramid, we're focused on high touch, highly customized account-based marketing programs to penetrate those strategic accounts. As you start to go down market, we start to deploy predictive-type marketing to anticipate customer need. We also activate things like social influences, if you don't know much about them, your kids do, particularly in security, to again, amplify our voice and reach in the marketplace. When we get down to the SMB, we're really focused on self-service, digital first, channel first model, again, to take us end-to-end through our stack. Now, this is fun for those of you that like math. To accelerate our GTM, we first must understand really deeply our customer behavior. Using data science and machine learning, we can monitor how our customers engage with Akamai.
We know, for example, highly engaged accounts, so those customers that consume more than 24 programs or pieces of content with Akamai, result in a higher number of deals, more products owned, a higher deal size, and reduced churn. These insights enable us to market to the square inch versus the square mile, being highly efficient and precise with our marketing efforts. Now, this is a really powerful and unique slide. This gives you a 360 degree view of our customer community, more specifically, our developer community. It covers three different vectors. First, our customer count is growing, and we see that in the data. Our CAC is going down. Ed loves that when I deliver low cost to acquire, and our lifetime value is increasing. Why do you care about this?
Again, the efficiency that we're achieving in attracting large volumes of customers is key, and we can also start to build off this foundation to progress upmarket as we deliver our enterprise compute solutions, into the enterprise space. All right. All these things working in concert, as well as our recent acquisitions of Linode and Guardicore, enable Akamai to become the cloud company that powers and protects life online. We're very excited about this, by the way. Last but not least, if you remember nothing else, 'cause I know we've been here all morning, remember these three things from this presentation. By elevating Akamai's brand, it acts as a catalyst for growth, basically getting us more at-bats. Our agile GTM accelerates revenue for security and compute with a strong focus that we're taking on Zero Trust.
By unlocking the developer community, it's a critical way for us to expand compute into the enterprise. These differentiators working together enable us to deliver both the superior customer experience and fuel revenue for decades to come. I wanna thank you for the privilege of your time, and it is now my pleasure to welcome to the stage Nicole Fitzpatrick, who is our Chief ESG Officer and Deputy General Counsel.
Welcome, Nicole.
Thanks, Kim. Good morning. Thank you. I'm Nicole Fitzpatrick, and I am Akamai's Deputy General Counsel and our Chief ESG Officer. As Kim just discussed with you and Tom mentioned earlier, our mission is to power and protect life online, and our purpose underscores everything we do at Akamai. In no place is that more apparent than in our ESG programs. Akamai has always believed in delivering business results the right way. As I noted to all of you last year, that means we have always and will continue to always operate in ways that reflect our core values. That includes trust and integrity, inclusion and respect, and by giving back to the communities where we work, live, and operate around the globe.
Akamai took its next step in its commitment to ESG last year by forming this ESG office, and I'm both honored, privileged, and excited to be responsible to lead this office and drive Akamai's overarching ESG strategy. This is particularly easy at a company with such a solid track record in ESG already. In the last year, we have been recognized for our leadership in the ESG area. We've received recognition and praise for the way we treat our employees and pay them fairly, provide tremendous benefits, great work-life balance, how we cultivate a diverse and inclusive workforce, how we deliver services in a sustainable manner, how we protect our customers' privacy, and also how we always prioritize public accountability to all of our stakeholders.
We're super proud of this recognition, and to continue to earn it, we're committed to continuing to empower a company culture that embraces sustainable business practices. You'll see that in everything we do. A few examples include the ambitious sustainability goals that we announced last year, which include sourcing 100% renewable energy for our operations and achieving net zero carbon emissions all by 2030. Add to the work carried out by the Akamai Foundation, our philanthropic arm, which in recent years has broadened its impact by making grants in response to the tremendous needs caused by the global pandemic and more recently to the humanitarian crisis due to the war in Ukraine. Finally, our executive compensation program. Our executive compensation program incorporates a bonus payout modifier based on the company's achievement of designated ESG goals. That's true management, commitment, and accountability.
We are also committed to transparency in our ESG progress, whatever that progress may be. We've taken further steps to assess, measure, and report on our progress. On our website, you'll see us publishing across all of our ESG focus areas, and we include quarterly reports on our Investor Relations page on core ESG metrics. We also publish to various disclosure frameworks, and we post those on our website, including a full report to SASB. Our SEC reporting has robust ESG data, and we've recently published four detailed reports in the ESG space, including our sustainability report, our inclusion, diversity, and engagement report, our Akamai Foundation report, and our inaugural ESG impact report. We're committed to being transparent in our business practices, both to be accountable but also to inspire other companies. That's our hope.
The ESG office at Akamai is gonna continue to drive our program to be a true catalyst for positive and systemic change. That way, we hope to have a beneficial impact, not only for our customers, investors, employees, but all the communities where we work, live, and operate around the globe. Thank you for your time, and I will hand it off now to Ed McGowan, our Chief Financial Officer. Thank you.
Thank you, Nicole. All right. Hello, everyone. Thanks for coming. By the way, I'm one of those pesky CEOs who send those notes about the public cloud spend. That is a true thing, and my CEO will generally follow that up. All right, you guys heard a ton of information today. I'm gonna try to put that into context for you. Wow, you can't hear me? Can you hear me? Okay. How about now? Well, I'll keep talking. We'll mess with the mic. Okay. I'm gonna try to put this into context for you. Oh, I'm gonna have to hold the microphone. Hold on a second. PJ, you and I seem to have the same problem on this side. Probably not the best person to have a technical difficulty with your CFO because I pay the bills. All right.
You heard a lot of good stuff. I'm gonna try to sum it up for you and put it into context in terms of what does it mean from growth and profitability. You know, first you heard Tom talk about our path to double-digit growth, and with two very fast-growing businesses at scale, both growing at over 20%, I think we have the ingredients to do that. Mani talked about our security business. You know, just this past quarter, we hit over $1.5 billion run rate in security, which is pretty amazing. It's now 42% of our business.
Adam talked about our cloud business, and now with the addition of Linode and all the work that Adam's gonna be putting into this product, we, you know, we expect to do over $400 million in revenue this year and grow at over 30% for the next three-five years. You heard Tom talk about how strategic the delivery business is. Bobby talked about our platform and the uniqueness of the platform and the fact that it's the best place for developers to build, run, secure, and deliver their applications. What are you gonna hear from me? I'm gonna talk about some of the key business trends, give you an update on some of the metrics.
We're gonna talk about a deep dive into the individual businesses, and I'm gonna provide you with some relative profitability like I did last year, okay? This will help you build your models. Talk about our profitability, our capital intensity. I'll then walk through the overall company goals, where we see the company going in the next three to five years, both from a revenue perspective as well as a margin perspective and from a CapEx perspective. I'll close it with talking a little bit about capital deployment in M&A. Let's get started. All right, I'm gonna start with just kind of a look back. You know, the company's done very well over the last five years. We grew at about 8%. Security growth has been outstanding. 29% CAGR over the last five years.
The stat I just gave you, we're now on a run rate of over $1.5 billion in Q1. That's more than triple what we were doing back in 2017, and that's a pretty good size number. It's really becoming a significant business for us. The other thing, as Mani pointed out, we have four segments in our security business that in 2021 were all over $100 million and growing at double digits. Infrastructure security delivered $220 million in revenue and grew at 22%. Zero Trust Security was $122 million and grew at 144%. Our application security business is now over $800 million and grew at 22%. The other thing on compute.
Let me just kind of ground you in the compute number here. Grew at a 14% CAGR over the last couple years, but what's really exciting about compute is the compute business is accelerating, and it was accelerating pretty significantly. Now, just to remind you, we included our NetStorage business and our compute business, the Edge Applications business that Adam talked about. Last year, the storage business was about $57 million. It was roughly flat. If you back that out, last year, our cloud business grew at about 30%, which was an acceleration from the prior year, where again, using the same metric, was growing at about 23%. As Adam talked about, our goal is to grow that business by 30% or better over the next three to five years. Finally, delivery.
The delivery business has been relatively flat. You can see that year where we got the bump in the pandemic, we grew above 4%. As Tom mentioned, the delivery business is incredibly strategic for us. It powers the overall economics of the platform. It is a critical component to our carrier partners, who, by the way, are our largest resellers. It gives us the ability to have a lot of capacity to handle application DDoS attacks at the edge. The data is critical. When you deliver as much internet traffic as we do, the data we get makes our security products better. As Tom talked about, the edge servers that we have deliver many, many different functions.
It's not just delivering, say, a video, it's also doing a lot of edge functions as a service, as well as, doing security, delivering security. It's delivering a lot of high-margin functions at the same time it's doing delivery. Then finally, the delivery business is generating a lot of cash, and I'll get to that in a little bit, as we get to some of the slides where we talk about profitability. All right. As Tom mentioned, we've been on a journey here. The company's obviously done phenomenally well from a profit perspective. We've increased our non-GAAP operating margin from 24% - 32% last year. What's the most impressive thing to me about that stat is we've been able to do that at the same time that we've invested back into the business very responsibly.
You can see that it's very evident by the product innovation that you see both in compute and security. In addition, we've done several acquisitions over the past five years as well. You can see here we've more than doubled our non-GAAP EPS, and you can see the CAGR there is 2x the growth rate from revenue. We've done that by expanding our margins, growing our top line, but also, Tom touched on this a little bit earlier, we've also reduced our share count. We've used our free cash flow to bring down our overall share count. In the past five years, we've brought it down by about 5%, 10% over the last 10 years. All right. Now I'm gonna get into a bit about our diversification. You know, we've talked a lot today about our product diversification.
PJ talked a bit about our customer diversification, and you can see how that's played out. Now we've got two fast-growing businesses, both in compute and security, so that's gonna continue to expand. I'll show you a slide in a minute. Security is over 42% of our business today in Q1. In delivery, we reached a critical milestone or an impressive milestone where in the first quarter, delivery is now less than half of our business. If we execute on the growth rates that we talked about, by 2026, you could see security and compute be 70% or possibly greater of our revenue. We've also done a great job internationally. International has been a great strength for us.
We made a lot of investments internationally, both in sales, services, as well as in our network, and it's really differentiated us from our competitors. Those investments have clearly paid off as the international growth has been outstanding. One last point that's not on this slide. PJ touched on it a little bit. We have 600 customers at over $1 million. Today, we have 10 customers that are 1% or greater. I gave the stat out last year. Those customers represented about 19% of revenue last year. Okay. All right. This is a stat that I get. I typically get this question on the earnings call, and PJ touched on it, and Mani touched on it a little bit. This is the number of customers who buy security products.
I didn't get it at this time, so I thought it'd be helpful for me to provide you the metrics for Q1. You can see here that we've done a great job of upselling our customers. Everyone sells security now. 70% of our customers buy one or more security products. That's doubled since 2016. In five years, we've doubled the number of security customers. Same can be said about the number of customers who buy two or more security products. That's also doubled. That's up to 36%. We've tripled the number of customers who have bought three or more security products. I think it's an important to note, and PJ brought this up, that it's not one and done.
If somebody buys a product, not only do they have the opportunity to buy more products, but they buy more of the same product. PJ gave a good example. I've actually had some conversations with customers where they say, "We wanna standardize on your WAF across all of our applications." Most people will go into a situation where they're thinking about security and say, "What do I think my most critical applications are? I wanna secure those first." That could be the trading page. It could be the, you know, public-facing webpage. Threats can get in anywhere. We're starting to see customers adopt more and more.
The churn typically on renewal, unlike with delivery, where you tend to see a pricing discussion, in security, you often see big upgrades, where customers are buying more of that product or buying more products. Okay. I'm gonna now do a deep dive into each one of the different businesses here, and I just put this up to show you. Tom showed you this slide a little bit earlier. What I'm gonna do is now get into the relative profitability of each one of these businesses. It's important to note that as Bobby and Tom both talked about, we use our platform to deliver all of our core products across all the different families of product. You also heard PJ and Kim talk about how the sales force can sell all of those products.
As we get into the financial profile of each of these businesses, just keep in mind that there's a lot of costs that we need to allocate. These are relative profitabilities. We're pretty good at math here, and we've got, you know, pretty sophisticated allocation methods that we use. But there's a ton of stuff, whether it's the shared cost for the platform, the network build and support teams, our depreciation, sales and marketing back office, et cetera. In CapEx, we have to allocate that. Wherever we have dedicated costs, like an overlay sales team, PJ mentioned we have specialists in the Guardicore business. We will allocate that directly to the particular bucket, one of the three buckets up here. If we have specific CapEx related to a business, we'll do that as well.
Again, as I show you these numbers, these are relative profitability metrics. All right, this is new. We did not show this last year, but let me orient you to where we are here. When I look at this profile, this current profile. Sorry, keep taking the mic away. What that is that is our edge applications business from last year, and it's the storage business from last year. That was included in what we call the ETG group that we showed last year. We've pulled that out. This also doesn't include Linode, this profile. Just as we talked about on the call, before we bought Linode, it was growing at about 15%, and it's profitable. Obviously, it was accretive for the first year.
Not as profitable as Akamai, but it was a profitable company. As Adam talked about, our plans are to grow that at 30%, plus over the next three-five years. How are we gonna do that? Well, first, we're gonna leverage our enterprise relationships. PJ talked to you a lot about the type of relationships we have and the amount of spend that a lot of these customers have on compute. It's orders of magnitude often of what they're spending on delivery. We're gonna leverage some of the functionality that Adam is adding to Linode to make that a more robust product for enterprises. You heard Bobby talk about us scaling out to hundreds of locations, so we'll be making investments in the product.
We'll also get some leverage from our channel partners. The slide that PJ showed at the beginning, where he showed you the penetration in some of the verticals, there's a number of verticals. If you think about spend in cloud relative to spend on delivery, there's a lot of verticals that we have relationships with, but we haven't got the type of penetration yet that we could with this cloud product. That's gonna be something that we think our channel partners can really help us with. Kim talked about how we can address the small, medium business with our developers, with our low-touch marketing. That's another tool in our toolkit. In addition to the impressive revenue growth we expect, we also expect this to be a very profitable business for us because we get a lot of scale.
You know, Adam, we believe we can operate this business in the low to mid-30s%, and that could be even a little bit better as we get into this. We bring a lot of scale right off the bat to this acquisition. We're taking profitable company, and we're adding our go-to-market. All of our reps can sell this product, that they are going to the right buyer, so we believe we can get a lot of synergy there. We also can get a lot of synergy through our supply chain and our buying power. We're one of the larger buyers of servers and network equipment. We think we can drive a lot of synergy from that. Then also our significant network of free bandwidth.
You know, one of the things I didn't mention, when I was talking about our delivery business and how strategic it is, by carrying so much traffic, we often get a lot of bandwidth. Sometimes we get space and power for free because we bring so much value to our carrier partners and our network partners. The other thing that we'll be able to benefit from is the network fabric or what I used to call a backbone. That will provide enormous benefit as well. If you think about taking a business and building a cloud business from scratch, those are major investments you'd need to make to be able to scale. We've got that scale. We believe that can drive the margins pretty high. CapEx. This is a question I get a lot from investors.
This could be a very capital-intensive business for us. I talked on the last call how we're reducing our CapEx on the delivery business due to the fact we've seen a little bit of a slowdown in the growth rate. We pulled forward a lot of CapEx related to Linode. We're gonna aggressively build out Linode, but we think that we can get this business to the high teens in terms of CapEx as a percentage of revenue. Then just to take a step back and talk a bit about CapEx, just 'cause I've got two different numbers here, network CapEx and R&D CapEx. I've talked about this a number of times, but just as a refresher. When we talk about network CapEx, that's things like servers and routers and switches and networking equipment.
This is historically for the company been about 8%-10%. Capitalized R&D, this is the cost of capitalizing software development under GAAP, and that's typically 6%-7% of total company revenue. You know, I think of that as R&D spend. I really don't think about that as CapEx. Then the third category, which I don't have up here 'cause it's insignificant, is our IT CapEx, which tends to run about 1% of our revenue. All right, moving on to security. You know, our goal is to continue to grow security at 20%. We've done a pretty good job. We've beaten that number you saw with 29% CAGR over the last few years. You know, we could do better than that.
You know, we've shown we can do that, but obviously, the numbers are getting fairly large. Very excited about Guardicore. That's been a phenomenal growth engine for us. One of the things that I got really excited about in talking with PJ, and I get this question a lot, is. How are you going to go get the enterprise customer? How can you get the channel going on that? The system integrators are very excited about Guardicore, and that's gonna give us an enormous amount of leverage and opportunity. I just recently picked up IT, and we're putting Guardicore in at Akamai, and I can tell you it's an amazing product. It gives you this incredible visibility. What people do, again, they look at, okay, what do I think my most critical apps are?
When you start getting visibility of what's going on in your network, you'd be surprised at some of the potential vulnerabilities you have. I think that's gonna be a significant growth driver. On the margin front, this is pretty similar. This slide, there's no changes in the security business in terms of we didn't move any products around, so it's pretty similar. You might notice the gross margins are just a touch lower, and that has to do with the fact that Guardicore has more people costs and cost of goods sold. We still think as we integrate that into the company, we can still run this at the mid-80s%. You can tell this business, very low CapEx, higher on the R&D CapEx, 'cause again, that's more research and development. Okay.
That's it on this slide. Okay. Next slide. Going into delivery. All right. This is pretty similar to the ETG slide I showed you last year, but I removed the edge apps business and the storage business. You can see here we still, you know, the delivery business, just to step back, is a volume-driven business, right? It's about unit economics going down. I've been here over 20 years, and there's three things that have been consistent over those three years. Traffic goes up, unit prices go down, and we've been able to drive our costs to serve down as well. Even though you've got a very competitive dynamic in that business, we still think we can have pretty good gross margins and run the business in the mid-20s% from an operating perspective.
You know, it's probably worth spending just a minute just to do a bit of a deep dive on the current state of the delivery business. Tom talked a little bit about this. We talked about this on our last call. The delivery business has been declining a bit, and a lot of that has to do with the fact that we've got some of our top customers. We don't have a lot of customer concentration risk, but when you have several of your largest renewing at the same time, puts a little bit of pressure on growth. Then also starting in March, we saw that slight decline in the growth rate. You could see by that traffic growth chart that Tom showed you, traffic's still growing. It's at record levels, but it's just not growing as fast as we thought it would.
You know, I get asked the question all the time, "Is that because you're losing share?" We don't believe it's because we're losing share. We talk to our customers based on customer feedback, the data we get from our carrier partners, and even some of our own tools that we use. We don't believe that's the case. We think it's just a temporary shift in consumer behavior. You know, this business is pretty simple to understand. It's really just traffic over unit rates. As volumes accelerate, like we saw in 2020, we get this business grows, and when they slow down a bit, you can contract. As PJ talked about, we're, and Tom mentioned, we're gonna be changing our approach to pricing and not offering as large a discounts as we typically have, because they're typically tied to volumes.
As volumes are not growing like we expect, we're just not gonna offer as much of a discount. Now that takes a little while for that to take place in the market because we've in the numbers, because our contracts generally run between 12-36 months. We call it an average of about 18 months. Before I move on, I'll just give you a quick simple example of how the math works and how quickly, if your expectation of traffic changes, how it can impact revenue. You go into a year, you expect traffic to grow 30% and prices decline 20%. You grow 4%. If you go the same set of criteria, you go into the year, prices are down 20%, traffic grows 20%, you shrink 4%. That can happen right away.
That's what you're seeing in the business right now. Our expectations are a little bit low. Our expectations were higher for traffic. We've seen it moderate, and that's why you're seeing the pressure. All that said, it's still a very attractive business. These are good margins. We produce a ton of cash. If you just do even a simple free cash flow number, take the EBITDA minus the CapEx, you can see you're still producing hundreds of millions of cash. All right. As we talked about, the mix shift is changing. What does that mean? You can see here that as the faster-growing businesses will grow, we believe that we can increase our margins to the low 30% range. And also we can reduce the capital intensity a bit.
You can see the, you know, from, especially from the network CapEx perspective, especially as security grows, it becomes a much smaller percentage for us. All right. Next slide. Okay. Total company model. Our goal is obviously to deliver 10% growth. We may not hit it this year. Our guidance was 7%-9% constant currency. Still got a ways to go, but over the next three-five years, we think that we can do that. We believe, like I talked about, the strong security growth from new customer wins, product upsells. Guardicore's off to a fantastic start. We think that'll actually drag along a lot of our enterprise, other enterprise products as well. Strong compute growth is another issue.
As I talked about, you know, leveraging our enterprise relationships, our channel program, expanding into those under-penetrated and even markets that we don't sell into today. You notice there's probably a couple of big industries there that spend a lot on cloud we don't have. We think our channels can help us get there. Our goal would be to operate the company in the low 30s% from a non-GAAP operating margin perspective. We still have some things that we can do from the operating expense line to be able to save money. Obviously, the mix shift is gonna help, but we do spend a fair bit on third-party cloud, and I'm very excited. I love the story that, Adam talked about moving workloads, or maybe it was Manny that talked about moving workloads into Linode, and we're saving $20,000 a day, was it? Yeah.
That's pretty impressive. There's a ways to go there, but that'll offer us some savings. Also, depreciation will start to go in our favor. If you remember back in 2019 and 2020, we had two pretty high CapEx years, so those will start to anniversary. We're gonna start subleasing some of our real estate. We obviously have everybody's in this work from home or work remotely world today, and we have a lot of our employees who wanna not be in the office, so we're gonna rationalize that. And then just continue to be focused on scale across the business. All right. In terms of free cash flow, obviously you can see the big jump in 2021. That, a lot of that has to do with the fact that we reduced our CapEx pretty significantly.
I talked about the big years we had in 2019 and 2020. We've reduced our share count by, this math would suggest, 5% over the last five years. Our stated goal is to continue to use our free cash flow to invest back in the business, offset dilution from equity programs, opportunistically take advantage of additional share buybacks and for M&A. Finally, the last point in this is we've used a significant amount of cash over the last, say, six or seven months. We bought two big companies, Guardicore and Linode. Very excited about that. They're off to a great start. We also increased our buyback program in Q4. Just a quick note on M&A, we talked about this a bit. I think we've been very disciplined and pretty successful in our M&A program.
We've spent about $2.8 billion since 2014. I think we've had a good disciplined approach. We're very pleased with the traction we're seeing in Guardicore, and I'm extremely excited about the opportunity to leverage Linode to get a bigger share of that massive compute market. Finally, just to reiterate, as Tom stated, we believe a lot to be excited about at Akamai here. We have two very fast-growing businesses, and as those businesses expand, margins should expand, and we should be able to deliver even better EPS as we expand margins and grow double digits. Now I'll bring Tom Barth up to start the Q&A.
Thank you, Ed. If I could have the execs come on up. We're gonna sit in order of what we did our presentations with Tom here. Obviously we're gonna allow everyone to ask questions either live or virtually. We'll start with the live questions first. We will have some helpers, if you will, in the aisles with handhelds. It helps that way, otherwise I will repeat the question. We'll also have some online questions. A couple have just started coming in. For those that are virtual, if you'd like, again, you can re-enter or enter new questions as you see fit. Is there anyone here in the. Oh, yes, go ahead. Is that. Yep, Frank, go ahead.
Yeah. I guess a question on the profitability metrics and so forth, going forward. I guess so as the message there, you're confident in increasing the revenue growth, but it looks like free cash flow yield is about the same or slightly lower. Is that kind of what the long-term goal is?
Ed, you want that one?
Yeah.
Ed, maybe rephrase the question, please, and then going forward, we'll wait for the mic. Sorry about that, Frank. Thank you. Go ahead, Ed. Rephrase the question.
Yeah. The question is about free cash flow yield.
Yeah. It appears the free cash flow yield, you know, going forward is about the same, if not a little bit lower. There we go. Does that work? There we go.
Ah.
It appears that.
Sorry
The messaging seems to be longer term, definitely seeing improved confidence and improved growth, but the free cash flow yield appears to be about the same, if not a little lower than where we are today. Is that kind of what the outlook is in your long-term target?
Yeah, if you look at where we are today, it should improve a bit because obviously margins are going to expand. We're at 30%, 29%, 30% today. As operating margin expands, CapEx is gonna come down maybe a point in the long run. It'll be around the same for the first couple of years, and then I think improve.
Great. Anyone else in the room at this point? Yes, I'm sorry. Yeah, go ahead. It's in the middle. Can we just wait for a mic, though? You raise your hand.
Thank you. Rudy Kessinger, D.A. Davidson. Ed, on the growth targets, is there anything baked in for inorganic into any of those growth targets?
Yeah.
for CAGRs?
I probably should've said this, but as we've always talked about our 20% goal of security always includes some amount of M&A in it.
Okay. We have a question coming in online. What percentage of cloud buyers are swayed by features, functionality versus price? Maybe it's either PJ or Adam.
PJ and Adam.
Yeah.
Yeah.
I can take it first. You know, I think it's all of our customers are really swayed by price, especially now. It's not necessarily percentage of customers. I think you have to think about it the way that Bobby talked about it, which is really applications. Inside those applications, they're microservices, and they span the gamut of cloud to that mid-tier to that edge. We think all of our customers are really gonna be swayed by both the flexibility they get on the platform and by the price that we're able to offer and compare to some of those hyperscalers.
I would just add that I think, you know, the business continuity aspect of cloud is really important too, and so you're gonna see a lot of organizations and enterprises wanna diversify, you know, their current cloud set up to have at least one or more, you know, additional ones in the mix to make sure that they're protected when, you know, a cloud might have an issue. So we're seeing that as, you know, a real issue with some of our enterprise customers. So that might trump price in some cases.
Great. Staying sort of on the same lines there, who are the key buyers of compute within an organization, and what can Akamai do to best position itself with these buyers? PJ, I'm sure.
I think there's obviously contacts that we leverage to get in touch with the folks that, you know, are responsible for the compute strategy for a lot of the major enterprises that we work with today. You know, a lot of these enterprises have had their hands, you know, in some of the public clouds for a long time. Some of those buyers overlap with the buyers for cloud security and CDN. You know, it's all somewhat interrelated. If you think about a big media company, you know, they're using an S3 or using an Azure Blob Storage, you know, to host their media assets. We're in the mix there because we're doing a lot of streaming for those customers.
We understand what Elemental does for a lot of the media customers in terms of workflow, and that's something that AWS provides. I don't think there's any issue with Akamai reaching the cloud buyers. Like, we know who they are, and we know who they interface with in terms of, you know, who's responsible for, you know, Akamai or CDN or cloud security-related decisions. I think you're gonna see a mix, but there's no issues in terms of Akamai reaching the people that actually control the cloud spend.
PJ, just keep the mic there 'cause it's, how are you merging the go-to-market function and the sales teams between Linode and Guardicore, or what might be the strategy there?
Yeah, it's a great question. You know, we're gonna keep a lot of the Linode team intact to make sure that they continue to run you know, the more SMB business the way they've been running it. You know, we obviously expect that business to grow. Noam Freedman, who's in the room here, is gonna be the GM of the Compute business. We have a really talented CTO who's gonna work in Adam's organization. We have our entire pre-sales team going through training. We're gonna have subject matter experts that are relying on Linode to get the expertise that they don't have so that they can represent the Linode capabilities in front of our enterprise customers.
again, there's a fair amount of fluency in Compute already within the Akamai sales force, pre-sales organization, and services organization because we interface with all the public cloud platforms today. But the plan would be to have, you know, a fully trained up Akamai sales force, fully trained up pre-sales organization, fully trained up services organization so that the Linode business that was what it was pre-acquisition continues to run itself, and then we're doing everything we can to increase adoption and utilization of Compute inside the enterprise customer base. Adam, anything to add?
Yeah. The only things I'd add, you know, one is Linode really didn't have very much of a sales force at all, so that when PJ talks about the SMB base, there really was nothing there. It's really primarily driven by the marketing organization, and Kim talked about some great stats and how she's working to drive that. Combination with our marketing department, I think, I don't know if, Kim, if you wanna add to it, we're gonna be focused on the SMB from that side, not adding salespeople. There are no salespeople. It's really all our existing enterprise sales force is gonna go out after that enterprise top end of the base.
Yeah, we basically wanna keep everything Linode's been doing for continuing as is, and then draft off of it to increase the impact, and then complement and extend it with our marketing team that has the deep expertise in going upmarket and penetrating the enterprise.
That's helpful. Just wanna go back to the live audience. James Fish.
Thanks, guys. Thanks for the day here. James Fish, Piper Sandler. Wanna actually go back to the first question that was asked online a little bit as a follow-up. It's kinda tough to balance, you know, price and slowing internet traffic here, especially as you have a world in delivery of multi-sourcing, right? The last decade has been a lot of that, and customers have choice here. You have a lot of aggressive competitors that are willing to go down on price. I guess, what kind of elasticity are you guys expecting there on pricing overall? Tom, specifically for you talked about, you know, slowing traffic overall.
How long do you expect that to last, or what do you see as the future of kind of streaming and gaming, especially as you're starting to hear a lot of these streamers slow down?
Yeah. I think the future is bright. Traffic is still growing. In fact, you saw the chart, and just very recently hit a quarter of a petabit per second. It's just the year-over-year growth rate is a little bit less than what we thought it was gonna be, and that's something I think for the internet as a whole. I think we're, you know, continuing to maintain and gain share. I think the future is, you know, very strong there. You know, as Ed said, we're gonna make pricing decisions that make sense. You're right, there's a lot of competition. Our customers choose us based on our performance and a fair price point.
At the end of the day, you know, as the business grows, the fact that we can do it so profitably, it really means, you know, we're gonna be in this business for a long time as a leader. These competitors, I think are more transient. You see them come and then, you know, fall off radar because they are not making money, not in a position to do it, and probably never will. You can't sustain, you know, a losing money operation and try to scale it.
That's where, you know, our platform and the capabilities that we have, the real network partnerships, you know, with 1,300+ network partners that make our economics so much better, that in the long run, I think, you know, you look at that chart we showed from IDC, and you'll still see Akamai up there, you know, with a big orange circle, and really important for us, driving our business forward. I don't know, Adam or Ed, do you wanna add anything to that?
Yeah. We're already starting to push back a bit on pricing, and we have seen customers still take what they want. A lot of it has to do with the conversations with some of our bigger customers used to be about, "Listen, I'm expecting 50%, 60%, 70% growth. I can't have that line item run away from me." If they're growing at 20% or 30%, it's a different conversation, so the expectations aren't as high. You're right. There are some competitors that are out there that may try to do some crazy things. When you look at the splitters, what typically happens is you can get away with some of the guys that aren't as well distributed as us and do an okay job in, say, some of your US traffic or maybe some of your EMEA traffic, but there's a limit, right?
If we were to pull out, it's gonna be very difficult for those customers to reach their entire audience. We get a lot of share, especially in places where our competitors aren't that strong. We're also doing things with geo-pricing. We distinguish today between geo. We're gonna be adding more geo-based pricing and really holding the line where the value is, and the competitors can't compete.
One in the back. A couple in the back there, please. I think it's Matt and King.
Hey, Mark.
Yeah. Thank you.
Thanks for your time, guys. This is super helpful. On Linode, I think one of the public competitors in the space to Linode talks about a lot of its growth just coming Even before upselling kind of new offerings to those SMBs and then kind of just getting new companies on the platform, a big chunk of the growth just comes from the organic growth of the business itself. Can you help us understand for Linode, like how much growth is just coming from the organic growth of those SMBs and then kind of, you know, and on top of just like selling new products to them and getting more customers? If you can just help kind of frame how that, you know, that growth formula.
We don't give out the separation of the two in terms of stats, but what I can tell you is there's a fair split between both every month adding plenty of new customers as well as. You're right, a lot of growth will come from organic existing customer growth. We expect probably that to continue as we add larger enterprises that are gonna grow much faster than what the smaller SMBs do in terms of organic growth or even additional new SMBs on the platform. We're gonna keep both, but I think it, you'll see it really come from the enterprise side.
Any question, Matt? Yep.
Great. Michael Elias, Cowen and Company. Just quick question for you guys. I remember last year when we had the Analyst Day, you talked about on balance, the use of the free cash flow would be more oriented towards M&A versus buybacks. Tom, on the third quarter call last year, you talked about the meaningful disconnect in Akamai's valuation versus peers. Just as we think of the use of free cash flow going forward and where the stock is currently, do you think it makes sense to use more of that free cash flow for buybacks to accelerate like you did in the fourth quarter? Or should we expect to see more large M&A over the medium term? Thanks.
I think our use of cash will be as it has been. From time to time, there are large acquisitions. It's unusual to have two in such a, you know, close time period, so that's not normal. I think going forward it'll be close to what it's been. We use cash to offset equity dilution, you know, programs for, you know, employees, and also to opportunistically buy back additional shares. As we've talked about, you know, over the last decade, our net share count has dropped by 10%, so roughly an extra % a year. Sometimes more, sometimes less. We're in the market, I think, pretty much every day, buying shares back, and there's an algorithm that controls that. You know, the lower the stock goes, the more it buys, and vice versa.
I think no fundamental change in what we're doing with our capital.
Thanks, Mike. We do have a question. Why don't we stay on M&A? You know, what are the M&A plans from here? I mean, as we're talking about capital, is there any stated like gaps or areas that you may want to approach?
No, I think it'll be, you know, what you've seen.
Mm-hmm.
You know, from time to time, there's a major acquisition. We're really excited, as you know, with Guardicore and Linode. Often, you know, we'll do a product adjacency, a lot of tech tuck-ins. Basically, we wanna add capabilities into our platform for our customers, to, you know, make, you know, their jobs easier, make them more productive, with their digital experiences. No, no fundamental shift, I think, going forward.
Okay. A lot of questions coming in, so thank you, people virtually. Why haven't you to date differentiated pricing in delivery by level of competition? In this way, he's talking about geo, scale, et cetera, so.
Yeah, we do have it today. And I think, you know, what Ed said is we're gonna be really smart just about the trade-offs between volume and price moving forward. You know, I think when we talk to our big customers, especially the high volume media companies, you know, a lot of the CDNs that service those companies, you know, for the ones that do have a multi-CDN strategy, everyone's pretty close to each other on unit price. And I'm not sure there's a real desire for some of the companies that we compete with to race to the bottom either, just given the dynamics in the market and the fact that they have to, you know, show profitability at some point. We do have geo-based pricing.
I think, you know, one of the dynamics is, you know, do we get used more for harder-to-do things, right? That might be to reach, you know, users in LATAM or Southeast Asia, you know, or, China. Or it could be, you know, it could be other reasons why someone might use us for a big live event like the Super Bowl, because they're not as confident in one of our competitors that they can deliver for them and give them a really reliable experience.
I think you'll see us be a little bit smarter there, you know, as those opportunities come our way to make sure things are balanced, because what we don't wanna have is, you know, a large organization giving all their easy-to-serve VOD traffic to one of our competitors, and then they want the same unit economics that, you know, they're getting from that CDN for live or harder to reach, more expensive locations. We're doing that today. We're just gonna do it, you know, I think a little more disciplined and smarter moving forward.
Ed?
Yeah. I'd just add two quick things to that too. You know, we talk about the traffic being strategic, and it is, right? It's kind of hard to get your head around it if you don't live in this business, but by having this traffic, it enables us to raise the economics for every other product. There's a strategic value in us keeping that business, and obviously we're gonna try to do as good as we can in terms of pricing. The other thing I would talk about as well is these relationships are extremely important, and the diversification of the charts that I showed in terms of product diversification, you see that in some of these larger customers that are pushing you on price.
There's a value in that relationship as well, so that you can use the delivery as a tool to go and get other parts of the business as well.
Ed, keep the mic here for a second, just to stay with delivery. It appears that the three-five -year CAGR in delivery are down a bit from last year, though not totally apples to apples, as you said, NetStorage and, what has changed in the long-term outlook this year versus last year, the numbers you gave?
Yeah. Dave, if you think about the businesses, the compute business, the Edge Apps business was growing at about 30%, as I talked about, and the storage business, kind of a flattish low single digit business. That'll obviously improve with all the functionality that Adam talked about that we're adding with Linode, so we expect that to grow pretty rapidly. When you take that out of the picture I showed last year, which included that with the delivery business, and then obviously factoring in this year, 'cause we expect to be down this year, those are the puts and takes. We've always sort of viewed delivery to be sort of a flattish, plus or minus 2% type of growth. It's a little bit lower now, just given what we're seeing in the market today.
you know, again, over the long term, we expect the traffic to start growing again.
You know, probably worth calling out compared to last year that, you know, another growth CAGR has changed, and that's our overall revenue. You know, and last year we were at 6%-10%, and now as we look forward, you know, really the high end of that range is where we think we can be over the longer term. That's net for the company, I would say an overall improvement, from where we were last year.
Tom?
Yeah. Yeah, thank you. Tom Blakey with KeyBanc. You made a lot of interesting points about the developers on Linode. I think it was 179,000. I wonder if you can give an update on EdgeWorkers, you know, and the number of developers on that platform. I'd be interested, maybe it's for Bob, you know, what's your vision for us asking questions in the coming years about this? Should the core and the edge be different in terms of a common code base for developers? I'll stop there and I have a follow-up.
Well, I think there'll be certainly technical differences in terms of the capabilities that are being offered. At the edge, it makes sense to have services like functions as a service, whereas in the middle tier and in the core, you really wanna support things like containers and virtual machines. That distinction probably does continue. What we really wanna do, though, is ultimately tie that all together with our connectivity fabric, as well as our intelligent mesh that makes it easy for the components in each of these tiers to communicate with each other and operate as one. As well as also, we've talked about making it easy to provision.
Think about being able to just click a few buttons, and now you've provisioned a horizontal slice across the whole network, and you're good to go, and you put your services in the right places, they message across our fabric, and you're off to the races.
Connectivity would be key, especially for provisioning. My second question is on the gigantic $100 billion TAM that I think Tom talks about in the very beginning with the hyperscalers and PJ. You were talking about this customer that you have at Akamai that spends about $45 million a month about that with the hyperscalers. What are they spending on, and what realistically could move to Akamai to kind of give us some sort of, like, view of what the TAM would be in you encroaching on that large opportunity?
Yeah. I'll let Adam take the TAM question, but I think, you know, it's you have to think about the big gaming, you know, companies. You know, pick a Sony, pick a big direct-to-consumer company. A lot of their workflow and a lot of what they're doing is built on a cloud, right? And that spend is huge. There is hit-based bills, there's gigabyte transfers bill, there's a bill for everything. And what they said was they'd be happy to expose sort of line item by line item what they're spending on an AWS, a GCP, you know, an Azure. And then we'd have to take that information and map it back to our own roadmap.
What capabilities do we have today that could map easily to an application that they have running or some sort of workload that they have running on a big cloud? I think those opportunities will take a while, you know, for us to convert, but they're very real, just in terms of those companies wanting to better control that cloud spend. You know, a lot of them said it's sort of running away from them, and if there's a cheaper alternative, and we'd obviously wanna make sure that we can make money when, you know, we fulfill those requirements, then they're happy to look at it. I think that's been very consistent in the meetings that Tom had over in APJ in Europe.
It's very consistent with the meetings that I've had, which is no one's saying, "Hey, I'm gonna forklift this thing tomorrow, and everything that I'm doing with AWS is gonna work perfectly on Linode." That's not what they're saying. There's pieces of the puzzle there that if you just think you can chip away at that $30 million a month type spend, that could be a pretty meaningful revenue stream to Akamai over the next 3-5 years. I think you'll see us in more of those opportunities, but, you know, those are longer sales cycles, but they're real.
The only thing I'd add to it is, you know, when you think about very specifically as those companies are on their journey, they've been locked in. They've used proprietary wrappers around the hyperscalers to build their applications. Now they realize after this cost begins to skyrocket that they're having trouble actually controlling that, they are unwinding that, and they are looking for places to put those workloads. They particularly look for places like the easy ones, and you can think about it, places that are getting charged significantly for egress fees, right? You hear that in the market all the time.
That's one place where we play a huge role, where companies that have high egress-driven applications, that's gonna be the early places where you see very quick type of movement, as opposed to maybe some of the smaller traffic-driven apps that are a little harder to unwind, but they will unwind them. To PJ's point, there'll be longer sales cycle for those, but you'll see it kind of go up the stack from that.
There's also new workloads too, right? It's not one and done.
Yeah.
Even internally, we're developing a lot of applications ourselves, and we're looking at building those on Linode. As more functionality rolls out, we won't have the full stack that some of these hyperscalers have, but it's getting. It's pretty robust, what was up on that slide. That gives you the opportunity. If you're upset about the lock-in or you're upset about the way you're getting priced or whatever it is, you don't have to just stick with the one cloud provider. There's a stat up there that we have over 10 or so that are in terms of different clouds that are being used, typically. It's not just about moving workloads, it's about getting mind share to get new workloads as well.
We have a couple more Linode questions. Frank, let me just ask this one, and I'll come right back to you. It's kind of the same similar question, but asked a little differently. What has kept enterprise customers in the past from using something like Linode, and why can we make that successful?
So/
Go ahead.
Oh, yeah, I was gonna say, you know, first and foremost, many of our enterprise customers we did identify they were using Linode for smaller workloads, right? It wasn't like they weren't using it at all. I think that's probably the case in some of the alternative clouds, but definitely on Linode. I think what stopped them, you know, at least from what we hear from our customer meetings, you know, one would be compliance, and those are the things that Akamai has a great foundation in already. Things like FedRAMP, you know, SOC 2 or PCI, and those are things, early add-ons that we'll be doing that are kind of low-hanging fruit, where they're not really necessarily additional technology. They're really compliance efforts that we put around the system to make them safer. That's one.
The second is scale, right? Linode had a number of locations, but definitely nowhere near the type of scale that a large enterprise would wanna have. That's something that we've got a proven track record of 20 years building tremendous scale out across at great economics across the globe. I think those two things put together are really, I'll call it the low-hanging area. Then you're gonna add on some other components like third-party applications and managed services. I think those other two, they're big. I don't know, PJ.
No, I would just add, we were talking to a gaming customer of ours. This customer spends, you know, north of $600,000 a month with us, been with us a long, long time. When we started talking about Linode and one of their senior technologists on the call said, "I've been using them forever. Now it's great to know that Akamai is gonna be behind this company because I never thought of them of having the scale that they needed to, you know, serve a company like us.
Now that I understand your roadmap and where you're building out, the number of locations you plan to be in in the next, you know, 3-5 years, like, let's have a real conversation because I've had nothing but a great experience with Linode, you know, for what he was using them for. We're seeing more of that, where you sort of have this network underworld that's very familiar with Linode that works at the enterprises that we're already servicing. Now that they understand that Akamai is gonna really double down and invest here and scale out the platform, there's just a high degree of interest in understanding how we can support them.
The other thing I would add, too, is we talked about this earlier about the sales force. They didn't have an enterprise sales force that was focused going out and having these conversations. That's another part of it was a focus issue, right? They weren't focused on trying to get those large enterprises and going out and having that sales force or that channel that would get them.
We have a couple more in security and Linode online, but I wanna go to the audience again. I think Frank.
Great. It's Frank Louthan with Raymond James. There's a general perception, I think, from investors that the delivery business is probably declining worse than it is. What are the tactical steps you are taking to ensure that it only declines at 0%-4% as you've laid out in your long-term plan, so we don't sit here in a couple of years and it's gotten worse?
Yeah. I'll start. I don't know if you guys wanna add in. First of all, it's the traffic is still growing, right? You saw that on the slide. Traffic is just the growth rate has moderated a bit, so we need to adapt our pricing. Once that happens, and it's kinda silly math formula I gave you guys, just sort of think about it from that perspective, that we'll be sort of tuning our pricing and download, discounts to where we think the volume levels will be. You know, that gives me confidence. The other thing is we're not losing share, right? I'd be more concerned if share was going out, if we saw more DIY. We're not seeing that.
All the data points we look at, the conversations with customers, what we hear from our telco partners, the customers aren't making big shifts. We're not seeing, you know, carriers are seeing exactly the same thing we do, and they see more internet traffic. We don't carry everything. You know, I'm confident that the traffic will grow again and will, you know, take us some time to adapt the pricing, but I think we can get the right mix there.
Yeah. The only things I'd add is, I think Ed's spot on everything you just said. I think I'd also add that when you think about it separate from what you're seeing just generically as Ed described, we also have this unique ability to bundle our services together for our customers to make delivery even more sticky, right? Today we've been doing that with security. It makes customers extremely sticky on our delivery products. Now we'll have compute to do that as well.
I mean, you think back to the previous question, when you think about high egress type of applications, now pairing that with our delivery platform to reduce costs for those customers, give better performance, and then taking what Bobby mentioned in our intelligent mesh and being able to make sure messaging across those different components of the application span our delivery line, it's gonna make customers more sticky to the platform. I think that'll help too. I think Ed's things are shorter term moving, and they'll help us adjust, pricing aligned with what we see in traffic. Especially the only piece that I don't think anybody really mentioned was, peak to average. Some customers do use us for large peaks, and that's another place where we'll align pricing.
They can't just use us for a big peak of traffic and not give us, you know, appropriate day-to-day level traffic. We'll make sure we align those together as well. There's a number of pieces here to keep that delivery business flat to growing.
Oh, I'm sorry. Yeah, go ahead. Actually, while we're moving the mic, is it a security question? 'Cause I'll wait. Okay. All right then.
Rishi Jaluria from RBC.
Yeah.
On the security side, as you've expanded the product portfolio outside of WAF and DDoS, I'm curious in terms of competitive displacements. I know a lot of times in the past it's been a lot of displacing legacy on-premise solutions. Are you increasingly seeing more cloud to cloud displacements and just kinda anything you're seeing in the competitive side on that?
Mani?
Sure. Yeah. No, I can take it. I think it's a combination of both. There is plenty of legacy stuff that's still out there, and I think that'll be there for years to come, and we'll continuously be going out there. I think in terms of enterprises, I think the specific question I understand is moving to the cloud. That's happening, too, and I think all of our solutions are pretty much cloud agnostic from a security standpoint. I think we are pretty well positioned there as well.
Okay, that's helpful. Is there another question here? Oh, okay. Go ahead, Jim.
I will keep it to security, for you, Tom.
Okay. Thank you.
I'm surprised we took this long to get to security.
It does have electric shock.
It does. It'll be a fire drill over here soon. I guess, you know, appreciate the color on the product-specific percentages, one-plus, two-plus, and so forth. But from a dollar perspective, how are you guys thinking about that white space opportunity, from, you know, we've been picking a lot of low-hanging fruit over the years, right? How are we getting net new customers as well, that are just security only outside of delivery? Additionally, I know you guys do a little bit of bundling, but why not move towards a more aggressive bundling strategy of security suite into kind of these categories? Is it just because, you know, not every product gets to be used by the end customer?
Why not, you know, be more aggressive, like what you're seeing with some of your competitors bundling in multiple of these security solutions together?
Yeah. Let me take the bundling piece. I think that's the easier one, which is that with a lot of our enterprise portfolio customers, it is we expect to sell a portfolio. Whether you come in through, you know, a ransomware or a malware attack, you buy micro-segmentation, and then you look at other enterprise security solutions within Akamai, or you go the other way around, you might go look for Access or SWG, and then go towards the micro-seg side. I think that's more and more of a sales motion that we see happening.
Now that we have a more robust portfolio in that space, I think it's something that we should see happening, and we are aggressively working to make sure that the sales positioning combines all of the different products into a cohesive portfolio. Can you repeat your first question?
Trying to understand the difference between the white space,
hopefully, I don't get shocked. The white space opportunity from a dollar perspective, because we've done really well at Akamai selling into the delivery install base. One, what's the actual dollar white space left of the delivery install base? And two, how the net customer addition's been going outside of the install base for security specifically.
On the delivery white space, PJ, if you could add to this as well, but I think the delivery white space, like as PJ said, it's not just, a customer might have, let's say, a couple of domains using security, but you're quickly seeing that white space, that footprint increase dramatically because you have other properties that are coming up and online. You have new products like Bot Manager, the example that PJ gave, where, you know, you talk to a customer and find out that they just don't even know that they've been attacked by bots. You see that footprint is increasing in the delivery world. That's just, I think, part of what we're doing anyway.
In terms of just the overall numbers, if you look at product synergy, there are plenty of spaces where customers are using one product, and then when they hear about another product, client-side attacks is a good example, they say, "Okay, I didn't really realize about that." Retail customers do this, and they say, "We might be interested in buying that solution as well." I think the solution is a comprehensive portfolio sale. You go out and we talk about one solution, and the customer says, "Well, you've got a great reputation in this product or suite. Can you show me the other products that you have?" That's been kind of the story that we've had for a number of customer calls.
Also, the enterprise product suite opens up pretty much all verticals. Whether or not you have a big consumer-facing website or app, you need enterprise security. That's really nice for, you know, attracting enterprises that maybe didn't even know about Akamai before but weren't using our other products.
The vast majority of new customers are security. Almost 70% of our new customers come in as security-based customers.
Before we answer. The second part of his question was also for you, PJ. There's another question that goes in, is like, what are we doing different to go attract these enterprise customers, right? What are we, incentives, commissions, new heads, what is the strategy there?
I'll just say our new customer acquisition org is highly incented to go get new business and new customers, so real greenfield opportunities. Kim has been helping with that. We have a scoring system that, you know, helps us sort of predict, you know, is this customer likely to be a large buyer of our security capabilities? We call it AkaFit, but there's a classification of A, B, and C, and what we've tried to do is really focus, you know, our hunting organization on what we call the AkaFit As and Bs. You know, those are companies that look like a lot of customers that we already have that have the propensity to spend $200,000-$300,000 a month on Prolexic bot management, Kona, you know, MFA, EAA, ETP.
What we've tried to do is sort of, you know, focus them upmarket, and we've had a lot of success doing that. I can think of, you know, two great examples just in the last six months. One large pharmaceutical company that wasn't a buyer of any of our capabilities that leaned in very heavily to our Prolexic DDoS offering. New opportunity, had never sold them anything before, jumped on, sold through a carrier partner. Then a large insurance company had put out an RFP, every competitor of ours bid on it. They were probably half the price or lower than what we had offered. We converted that because of the successful POC that we did.
I think, you know, some of our competitors go after our customers or the greenfield market with a message that, "Hey, I can do what Akamai does at half the price." You know, that wouldn't be my sort of playbook to really, you know, generate positive free cash flow and profitability because security customers become more demanding, not less. When you sort of set the bar low to begin with, I think that's a very dangerous sort of pricing strategy because they typically want more, and they want more eyes on glass, and they want better reliability and more security controls and all the things that I think we do really well. But you know, that being said, I think we're competing very successfully against our competition.
Really in financial services, healthcare, the highly regulated verticals, you know, no one's cheaping out on security there. Like, they will prioritize availability, reliability, that company that has a strong track record of consistently delivering over some new entrant that says, "Hey, I have the best price.
PJ, let me stay with you real quick on enterprise. Obviously enterprise is a higher level sale than the web security, or at least seems so. How are we doing to reach the CISO or the CIO?
I mean, I don't think it's difficult for us to reach the decision makers, the CISOs, you know, the real influencers within the security organization. We can do that through partners. You know, one of the comments I made during my presentation was our carrier partners have great access to under-penetrated verticals. If you think about Akamai's penetration, you know, if you're a commerce company, a travel company, hospitality company, media company, gaming company, you have a CDN. You probably have a lot of Akamai, and you've probably evaluated others. When you go into manufacturing and healthcare and even public sector and sort of downstream into fintech with all these emerging fintech companies, there's a huge opportunity for us there, and I think our carrier partners are already doing the network services, the MPLS, the backbone.
Like, they have to have connectivity, all of those companies. We're really trying to get some leverage from our channel partners to open up doors where they've already been successful selling their own enterprise capabilities. That's one area that we see a ton of opportunity is just getting more leverage from our partners who already have established relationships with C-level executives at the companies that we wanna get into.
Two in the audience, Jonathan, and then we'll go to you, Greg. Thank you. Go ahead.
Just to keep on that real quick. I've been around the security world for a while. They don't buy like that. They don't go to carriers to buy. Enterprise sales force go to VARs and SIs, and that's how it's purchased. What you're saying is that you're reliant upon your carriers and their relationship and the amount of network connectivity that they buy. That doesn't seem like it's kinda in line with how enterprise security is sold.
Yeah. No, and maybe I should clarify. The carriers, for example, have access to the decision makers, right? We're asking them to provide us that access. You know, a lot of our carrier partners, you know, have us do the solutioning, the design, the education of how Akamai capabilities work. We spend a lot of time with them trying to figure out where we should be going together. Often, you know, an AT&T, a BT, a DT, you know, a Telefónica, an NTT, they go in there with us because they're already selling some enterprise security capabilities, you know, to the CISO organization. It's not just the network services. A lot of the carriers have an Arbor-based DDoS solution. Maybe it's a Radware-based solution. A lot of the enterprises that we wanna sell to are familiar with those capabilities.
If you're a US multinational, and you have a global data center footprint, you know, AT&T's connectivity is only gonna get you connectivity in the US. They're not gonna be the connectivity provider over in Europe or Asia Pac, and a lot of those organizations don't wanna split with DDoS. They don't want, you know, a Prolexic and an Arbor. They wanna standardize on one, and we've been very successful with AT&T, where they've pitched our Prolexic DDoS to those companies that wanna standardize on one platform. So again, it's more the access that they provide us, so that we can go in there and represent our capabilities ourselves.
They just happen to be the vehicle for us to sell it because they've already worked through the T's and C's that might take us 6-8 months to work through with a big bank, a big manufacturer, a big pharmaceutical company. Hopefully that clarifies.
Thank you, PJ. Greg.
Sure. No problem.
Yeah.
It's Gregory Miller with Truist. Tom, you showed in your presentation a pretty big spike in traffic more recently that came right back down. Is that a leading indicator of something we're likely to see greater volatility? That looked pretty large for the order of magnitude where we are today.
Oh, I'd say it's a typical kinda thing. It was a bigger spike than normal, obviously. I think the previous record had been a little under 210 Tb/s. This was 250 Tb/s. You know, spikes like that are happen. You know, there's coincidental events at the same time. I think we had, what, a gaming software release? What all happened this quarter?
Yeah. It coincided with.
Yes
Champions League streaming you know, software updates for
Can I ask one more Linode question? You know, a large software provider and a big gaming download. One more Linode question. That's it. Then that's it. All right. I think we have one more question, but I can't see it. It was on the screen, but it's about. We're gonna end on Linode.
They're kicking us out.
Yeah, they're kicking us out. I'm gonna ask, what additional investments in Linode make sense to help make it competitive?
Yeah.
I think that's a great way to end, and so this is the final one.
Great. Lets me redo the slide I did in terms of the roadmap. As part of the acquisition, we're adding a series of or a fair amount of engineering staff there to add some of the features I talked about, things like availability zones, elastic load balancing, adding that compliance that I talked about that's so important, additional managed services. Of course, that distribution, like the actual deployment and capacity in the regions we already have. I think. Try to answer it short? I think that's the short answer. It's that roadmap that I showed in the takeaway that you'll have from today.
Well, all the slides are available online. I wanna thank everyone in the crowd as well as virtually who has joined us today. I wanna thank all the presenters. I also wanna thank everyone that helped make this possible from the administration staff. Thank you very, very much and have a wonderful day. Again, we are going to lunch downstairs, if you're available. We will have executives in that lunch, so feel free. It's kind of a loose, casual environment. The security symposium starts back here at one o'clock. Have a wonderful day. Stay healthy. Have a wonderful day, and we'll talk.
Thanks.