Honored guests, please welcome President of Revenue, Cloudflare, Mark Anderson.
Good morning, everybody. Yeah. Thank you so much. Thank you, everybody, for coming here today. Really excited. We've got a great mix of a lot of customers that are here for a full day. We've got investors in the same room. At Cloudflare, I'm gonna talk to the investors for a sec. At Cloudflare, we want you to talk to our customers. We're not gonna hide our customers from you. We're proud of the customers that we have. So, customers, if you get harangued by an investor or an analyst, blame it on me, but please tell the truth. We're proud of what we do here at Cloudflare. So welcome to Cloudflare Connect. My name is Mark Anderson. I just joined here a few months ago as the President of Revenue, stepped off the board to do this job.
I am incredibly honored and privileged to be here, and it's my honor to welcome you to Cloudflare Connect. Before we start our program, I wanna set the stage with a single word, and it's a word that I use every day, and I think many people on my team are getting sick of hearing about it, but it's called evolution, and we've got to evolve. You think about this incredible business that Matthew and Michelle started back in 2009. Really, in their hearts and minds, created this vision for this company, and here we are today, we still have so much incredible opportunity. We've evolved our network today, over 300 cities, over 100 countries, hundreds and hundreds of points of presence around the world.
Every server running our entire software stack, it is really a unique company and a unique opportunity for all of us. You know, there's a lot of work to do. I came here to dig in and do just that, but examples of evolution are everywhere, and you're gonna hear a lot about that today. So one incredible example is the customer speakers that we've got here today. Every year, Connect features, you know, senior leaders from major companies, and this is the best group yet. I wanna thank all of them for taking the time to be here today. You know, it's not exactly thsue nicest weather outside. I don't know if anybody got caught in the rain last night. I did. And I only brought one jacket, so no judging.
I can't wait to hear what our customers have to say. This is also a good opportunity to thank our event sponsors, in particular, Accenture, our premier sponsor. You know, as we evolve our go-to-market and take our innovation to large enterprise, large government, large GSIs, like Accenture, are imperative for us to continue to drive our relevance with these large enterprise customers. They're gonna help us swarm this customer, both before the sale and, more importantly, after the sale, to help us stick the landing of implementations so that we can delight our customers and earn permission to do more. CrowdStrike, Ping Identity, Kyndryl, really important partners. You're gonna see this more and more from Cloudflare because, you know, our mission is to help build a better internet. We can't do this by ourselves. Nobody can.
If they think they can, they're BSing you. We need these partners, and we are building our business to be a world-class partner to technology partners like CrowdStrike and Ping, to distribution, integration partners like Kyndryl and Accenture, and so many others. Thank you so much, sponsors. We really appreciate the partnership. I also want to acknowledge two people in the room today that joined Cloudflare in the past couple of months. Really important as we evolve our business. We've got to bring people that have stage-appropriate experiences for the next few legs of our journey. So Tom Evans, really proud to have known Tom for 20 years. He's our new Chief Partner Officer. Tom, do you want to stand up and say hi? All right. Hey, Tom. You know, used to run worldwide channels at Palo Alto.
Before that, he ran channels at F5. No, it's not a coincidence. So great to have Tom here. And then Stephanie Cohen. Stephanie, if you would mind standing up. Thank you, Stephanie. Stephanie joined us from an amazing career at Goldman on the senior leadership team. You know, Matthew and Michelle have continued. You know, my four years as a board member here, I just marvel that the people that Matthew and Michelle were able to attract from government, from large enterprise, from the banking community, and you're gonna continue to see this go on and on. So finally, in the spirit of growth, I'm really excited that next year, Cloudflare Connect will be a multi-day and global event for the first time.
We're gonna do it next year at the end of March in the area of Las Vegas. Like it or hate it, you know, Vegas is an easy place to do a big conference. I'm expecting thousands of attendees. We're also, you know, gonna work towards making that a really meaningful event, and I hope that you guys can come and join us next year. Put it in your calendars, put it in your books, and we'll make it amazing for you. So just quickly about the agenda. We've got an amazing program today. In just a moment, you're gonna hear from our co-founder and CEO, Matthew Prince. After that, you'll hear some customer stories from our Chief Product Officer, Nitin Rao.
Finally, we've got the immense privilege of hearing from Latha Maripuri, Uber CISO and VP of Engineering. I had the pleasure of chatting a bit with Latha, and I think you're gonna be very impressed. She's been at Uber for, you know, over three years and really done an amazing transformation job there. So without any further ado, I'll welcome Matthew up to the stage to kick things off. Matthew, take it away.
Thank you, Mark. It's been great having Mark as a board member for the last four years, and we're really honored now to have him building out the customer support, the customer engagement team that we need in order to serve larger and larger customers. It's amazing to see the customers as Cloudflare has grown over the years. Once upon a time, you know, a big customer, like, for us was, like, FakeNameGenerator.com, which literally their whole business was just generating fake names. Today, a huge percentage of the Fortune 500 rely on us. A lot of you are here, today, and I really want to just stop and thank you for being part of Cloudflare, being part of Connect.
It is more important for me today to stay on time with my speech, which I'm not always the best at, than ever before, because many of you don't know this, but Thomas, our CFO, his daughter is getting married this weekend, and if he isn't in the car to the airport at 12:15 P.M., he'll miss the rehearsal dinner tonight. So I'm gonna try and stay on time, but if Thomas seems nervous throughout the course of the day, actually, it has nothing to do with Cloudflare's business, it's that he's thinking about the speech that he has to give at his daughter's wedding. So there you go. So we're gonna talk a ton today about Cloudflare products, customers, but I wanted to zoom out and talk a little about some of the things that are going on across the rest of the internet.
Some of the things that we see, some of the challenges that are there, and I built my career on the internet. A lot of you built your careers on the internet, and I think as a result of that, we have a responsibility to the internet. We have a responsibility to preserving what has given us all the careers that we've had. The best version of the internet is an open, collaborative, and an interconnected internet. That's been the spirit of the internet for the last 40 years that's there. Unfortunately, that, I think, is at real risk today, and at more risk today than certainly any time since we started Cloudflare. An open internet supports innovation, an open internet is more secure, an open internet strengthens human rights, an open internet enables all of your businesses to grow, all of your careers.
Think about how much different they would have been if you had to have permission to put things on the internet. That's been the vision for the internet for quite some time, but that vision is very much at risk due to both the security threats that the internet faces and also due to what are, I think, well-intentioned, but sometimes very misguided regulatory pressures that are emerging from literally every corner of the universe. So let me focus, first of all, on some of the security threats. And unfortunately, we are in the midst of several now large conflicts that are happening around the world. If you look at Gaza and Israel, cyber. We're all seeing what's happening on the ground. We're all seeing the kinetic war, which is going on, but at the same time, there's an online war targeting both sides of the conflict.
So the war in Gaza has caused internet outages across Palestinian networks. You can see this across our world. Huge amounts of the internet have been shut off inside of Gaza, inside of broader Palestine. There's been attack on Palestinian media sites that have been ongoing, and we've been able to observe. And it's not just one directional. The same thing has happened where there have been attacks against Israeli media sites as well. At the same time that the war is raging on the ground, the kinetic war is raging, it is, if anything, even stronger, even worse in cyberspace. And we're seeing the internet being used as a tool to shut down any kind of ability to communicate in these regions, to shut down the ability to get news, to shut down the ability to see what's going on.
Unfortunately, that's not the only place in the world that's scary right now. In Ukraine, the war continues to rage now for more than two years, and we're seeing that internet infrastructure is specifically being targeted by the Russians as they attack Ukraine. You can see here that as there was airstrikes going on in parts of Ukraine, the internet actually saw significant drops in traffic as that infrastructure was being targeted and taken out. We continue to see that as Russia takes territory, one of the first things that they do is go into the ISPs, the network providers, the cell phone providers, and actually reroute the BGP routes back through Russia rather than passing out through the West, so they can actually be able to censor the internet. Cyberattacks are increasingly targeting the telecom infrastructure inside of Ukraine.
We saw attacks that are going on, and they're shutting down the telecommunications and the ability for information to get out. We saw in December of 2021, the early indicia that was—Russia was planning an attack, and I'm really proud of the fact that our team worked with Ukraine in order to get Cloudflare in front of a number of their critical infrastructure and critical resources to protect them from the attacks that they were, were bound to see going forward. Had that not happened, had we not been able to do that. And it wasn't just us.
Google, Microsoft, other leading tech companies stepped up and volunteered their services in order to say, "We're going to make sure that Ukraine can stay online." But imagine if President Zelenskyy hadn't had access to the internet, if we hadn't been able to see the horrors of what were happening on that ground in that country, how much worse the war could have been, and how much harder it would have been for Ukraine to fight back. The internet is a critical resource for this to be able to happen and for even smaller countries like Ukraine to stand up to what are effectively Russian bullies. And again, I happen to have had, I guess, the privilege or honor or distinction of now for our work, having been personally sanctioned by the Russian government. So I'm not going back to St.
St. Petersburg anytime soon, but again, I think that speaks to the work that our team is doing to try and keep them online. Again, we've seen additional attacks across Russian-occupied territory that is going on. In addition, not just there, even in places where there aren't currently attacks, it's becoming increasingly acceptable for governments to actually just shut down the internet. So in Pakistan, on the day of the last Pakistani election, they just turned off the internet, right? Now, why would you do that if you're the government of Pakistan? Probably because you don't want people watching what's going on on the ground. You want to shut that down. This would have been unacceptable in the past, but it's becoming increasingly accepted.
In a lot of sub-Saharan African countries, on the days of the sort of SAT, you know, the standardized tests for those regions, not literally the SAT, the governments are shutting the internet down in order to stop cheating. What that is doing is it actually disadvantaging poorer students that can't continue to have access, where the richer ones, where they can still find ways to access the internet, are then able to cheat even more effectively and do that. This is a real risk, and we can't allow it to become something that we accept around the world. We're also seeing a significant increase in state-sponsored attacks. We've seen a couple that have been extremely concerning.
If any of you are using Microsoft's 365 products, the attacks from China that compromised the underlying key and allowed literally anyone using any Microsoft 365 product for their emails to be read and accessed, that's an extremely sophisticated, extremely concerning attack, and that's showing that cloud infrastructure, if it's all dependent on one provider, is at real risk. And obviously, that's something which we're watching for, thinking about. We've worked with the government to think about how you could design a more secure system, where simply compromising a single key puts every single Microsoft customer at risk. That's not a good strategy. You want to have a different strategy around that, how that is, is defined.
We're also seeing increasing efforts by China with the Volt Typhoon infrastructure attacks, where it appears that they are pre-positioning in network devices without any clear purpose at a given moment, pre-positioning for we don't know what. In the past, it used to seem like the purpose of a lot of the Chinese hacking was around IP theft and trying to steal trade secrets. This is a new type of a strategy, a new type of attack, where there's no trade secret, there's no IP that's there. It appears that they are just putting themselves in the place of critical infrastructure, putting themselves in routers, switches, network gear, VPNs all around the world, and using that for, we're not sure what.
But it's something that we're watching really carefully and again, trying to stay in front of, trying to make sure that we share any of the information that we have with all of you, so that you can keep your infrastructure protected and that we can help be a part of that. So there are real threats that are out there. There are real risks, and there is a real concern that industry is not doing enough to stay in front of those risks. And so I think that those outages, those risks, that threat, those threats to the internet, those threats to all of our businesses, cause well-meaning governments to say, "Well, we should step up, and we should do something." But I think that sweeping government control isn't the answer.
And yet that is what we are seeing more and more, and it's coming from a number of different directions. So let me walk you through a few proposals. These aren't theoretical. These aren't things that may happen in the future. These are proposals that are on the floor right now in legislative bodies around the world. So first of all, in Europe, the Cloud Certification Services Certification. This basically says that to get the highest level of certification in the E.U., you have to be an E.U.-based company. Okay, so what does that do? What, what is actually motivating that? Again, I think from a very principled perspective, they're saying: Listen, we don't trust a lot of what we've seen in the U.S.
We don't trust a lot of the law enforcement and the spying that has gone on inside of the United States, and so we're going to require that you have to be a European company in order to use that. Of course, there's real risk to that. There's real threats. It means that you're not necessarily getting the best of breed. It also means that it's effectively, whether intentional or unintentional protectionism, against and that is discriminating against a lot of your companies and a lot of the people that are in this room. At the same time, 20 years ago, the UN stepped up with the Global Digital Compact and the WSIS accords, which basically said it wasn't the role of government to regulate how the internet is designed.
At the 20-year mark, the intention was for them to reevaluate it. Right now, in front of the UN, there's a proposal that the UN and the ITU should take more control over the internet. Who's pushing that proposal? None other than Russia and China. Because the UN is this kind of convoluted, difficult-to-understand place, almost no one is paying attention to this. Imagine what happens if those policies aren't set by the, the industry leaders and the people in this room, but instead by the bureaucrats in the UN saying, "Here are the ways that we're going to define the standards, here are the ways that we're going to find control," and that that control is subject to, again, regimes that are being put in place by actors like Russia and China that have been deeply skeptical of the internet almost from the very beginning.
This is something that is going on, that we're tracking carefully, but I bet most of the people in this room weren't even aware of. And even in places like the U.S., where the U.S. has been this bastion, where for a long time, we talked with folks at the State Department, and they would say very clearly, "More internet is in our interest everywhere around the world," we're seeing proposals like this with TikTok where we just basically said that TikTok is banned in the U.S. unless a certain set of conditions happen. And the argument fundamentally has been, well, China bans our social networks, so we should ban theirs, too, which is some version of why you shouldn't wrestle with pigs, right? You both get dirty, and the pig enjoys it. If we don't want to be like China, the right strategy isn't acting like China.
So we can have, I think, a really principled debate of whether there are risks and harms to social media generally, to TikTok in particular. But I think just saying we're going to shut down portions of the internet because we don't necessarily like them and we don't necessarily like their ownership is a very dangerous precedent. And yet, across the political spectrum, this is something that was extreme. It was just a no-brainer. It was a hugely decisive vote for people to vote for this, and I think that's an enormous risk. The U.S. used to be the place that said, more internet is better, and it is becoming less and less that way, even in some things where we might think that's the right policy.
The FCC recently passed a policy which got a lot of praise for basically enshrining network neutrality principles, but buried in that same policy was a principle that the FCC could now start to regulate interconnection, and they could start to say what networks are allowed to and not allowed to connect to other networks. And that's starting to, again, be exactly the principle that the US used to push back against around the rest of the world, and it means that it is much harder for the US today to stand up and say, "Don't do that, Russia. Don't do that, China. Don't do that, France. Don't do that, India," because they can just say, "Well, you're doing it, why shouldn't we?" And unfortunately, if we go down that path, the internet inherently is at risk, and most of our businesses are at more risk, too.
The U.S. is absolutely looking to exercise significantly more control over how people use internet services. So there is a proposal right now in front of the Commerce Department, which they've floated. It's not. Again, not theoretical. This is most likely to pass. That says that they're going to impose KYC requirements, Know Your Customer requirements, the same thing that financial institutions have to do on cloud service providers. So if you're providing anything that's a cloud service, you're gonna have to verify the customer is who they say they are. And how they want to do that? Their proposal is they'll actually have you hold your ID up to your web camera, and then you have to store that ID, a picture of the person's face, and match those two things against each other. What could possibly go wrong?
The KYC requirements for banking institutions are the reason that about 20% of U.S. citizens are unbanked in this country, because it costs banks between $200 and $2,000 to be able to do those KYC requirements. If you have a customer that's only going to keep $100 in a checking account, it just doesn't make any sense to bank them. So we have this huge problem. What does that mean for Cloudflare? If we have to verify every single free user, and it costs us $200-$2,000, I don't know that we can provide that service anymore.
And again, most of you in this audience are paying customers, and, you know, we can pass the cost on to you and all those things, but there are a lot of small businesses, individual developers, people in the developing world, where we can't actually do that anymore. And so if proposals like this go forward, it doesn't make the internet more secure. Does the Commerce Department really think that the Chinese hackers can't fake with AI and everything else, a driver's license and a, and a headshot? But for a free customer who's just trying to keep their business safe, again, this is a real risk that's out there, and people aren't paying attention.
It used to be that the big internet companies, like, we felt like we were the small guy, and we had sort of 5 big brothers who were fighting for us in Apple, Microsoft, Amazon, Google, Meta, and they were out there sort of saying, "No, no, no, the internet's good. We're gonna lobby for it. We're gonna keep sort of silly proposals like this on the side." And yet, over the last 18 months, as country after country, government after government, has gone after those five different organizations for antitrust and other regulatory concerns, they're exhausted. They're worn out. They're not up for taking on another fight. And so that leaves not many people fighting for the internet. We all used to rely on those five companies, making the argument that the internet should be sacrosanct, that it should be something that is protected around the world.
I'm here to tell you, they're not doing that anymore because they're terrified for their own businesses. That means that we at Cloudflare have to do it, but it also means that all of you have to do it as well. You have to be fighting for the thing that kept our that let us have the careers that we did, because if we don't, these are the proposals that are gonna win, and no one is stepping up and fighting against them right now. I'll give you another example. In France, we just lost a court case that says that we have to block on demand any site globally that a French court says we have to block, not for our customers, but for our 1.1.1.1 service. These are people who aren't even customers of ours.
So if you're using 1.1.1.1 or 8.8.8.8, 'cause Google was also subject to the same thing, or OpenDNS, 'cause Cisco is subject to the same court order, now, a French court can say there are sites on the internet that you're not allowed to access. And that's absurd. And yet that is what is going on, and no one, other than us, is pushing back against it. We called Google and said, "Hey, we should do something about this." They said, "We don't have the appetite for another fight right now." And that's terrifying. I've worried about the future of the internet for a really long time. I've never worried about it more than today. And again, I don't think that this is because these policies are misintended.
I don't think it's—Everyone has good intentions here. But if we let every single country, every single court, basically say, "We get to control globally what's happening online," think about the risk to all of your businesses if some Indian court or some Brazilian court says, you know, "Cloudflare, you have to block this." We have to step up and fight for this. And again, this is why I'm so proud of what our team is doing, but I need your help, and I need you to take these issues seriously, because it's a threat to all of our businesses around the world. The internet is definitely in an inflection point. And so if you think back over history, when the Industrial Revolution kicked off, it was amazing. Did a lot of things.
We produced a lot of good, but a lot of harm came from it, too. We had sweatshops, we had child labor, we had industrial accidents. People got hurt, people were being taken advantage of. You had income disparity that got magnified. And there was a real challenge that you could go one of two directions. One direction, there's this guy, Karl Marx, and he was like: "This all sucks. The state should control how everything is run online." That is the vision of socialism and capitalism that went forward, at the time, and again, half the world chose that path. The other half of the world said, "No, no, no, we should have a much more scalpel, much more precise way of thinking about regulation.
There are problems, so we should have child labor laws, and we should have industrial protections and controls, and we should have narrow-focused rules that make sense, but we shouldn't just scrap the entire system. And if you play the next 120 years forward, one of those strategies worked really well, and the other one didn't. And we're at that exact same inflection point, and we're at that point where we're gonna make a decision. Should we just scrap it all, hand it to the UN and say, "China and Russia and everyone else, you can run the internet, and we're sure it'll be okay?" Or are we gonna think about very specific tactical approaches to how we clean up some of the problems that the internet really has brought?
Because make no mistake, there are downsides to connecting everyone online, and we should be respectful of that, but we should be very narrow and very targeted in how we think about that. Sweeping internet regulation actually hinders security. It doesn't help security, and no one is making this point loudly enough, and I need your help. Openness and collaboration drive better solutions over time, and there are good solutions out there. I think a lot of the work that CISA is doing, which is the regulatory agency in the United States looking after cyber, are doing some good things. So Secure by Design. We signed up for this pledge.
We were one of the first people that signed up and said, "We're gonna design our software using, using programming languages that aren't subject to things like memory leaks." So we're been big proponents of, of, projects like Rust in order to do that, moving a bunch of our code base on it. This is good. This is what the government should be doing, is encouraging better practices and better regulation. The Joint Cyber Defense Collaborative. How do we share data between each other? Again, another great initiative that came out of CISA. You look at the latest net neutrality order, there are 19 different citations, because our-- to Cloudflare, because our team is there saying, "Yes, network neutrality is good, and, no, you shouldn't be regulating who can be interconnected." And again, we've pushed back successfully against this.
Targeted security reporting requirements are gonna be a pain for any of you who are a public company, but they probably make sense. It's fine. We can live with that. Let's not just say no regulation makes sense. Let's say regulation that actually helps solve problems, that helps protect customers, makes a ton, ton of sense. And let's make it the norm that tech companies should step up and protect our critical infrastructure. I'm proud of the fact that in the upcoming election, 97 political campaigns across 20 parties are protected by Cloudflare. Over 700,000 daily threats are blocked against targeted election websites. 67 million daily attacks are blocked against NGOs, civil society organizations, nonprofits around the world.
We donate these services because the world doesn't work if we don't have secure elections, the world doesn't work if we don't have humanitarian organizations, the world doesn't work if we're not protecting the most vulnerable that are out there, and it's up to all of us to be giving these services back. At the same time, we've worked with government to come up with ways to help protect it. There are a lot of representatives from the banking industry. We worked with the Treasury Department to say: How can we collect data together and share that back through Treasury and through Cloudflare to anyone in financial services to help protect them against threats? This is smart regulation. This is smart actions. This is smart ways that industry and government can work together in order to make the internet more secure.
But again, right now, there's a lot of very dumb regulation which is being proposed that puts the internet fundamentally at risk, and the companies that used to fight for it are distracted. So if we don't all step up, there's a real risk the internet might not exist in the same way that gave rise to all of our businesses over the last 40 years. So when we think about this, it's why we have a free version of our service. We're not selling the data. We don't have some secret ad business, like, there's nothing else. It is simply that we believe that everyone online should have the right to be free from cyberattacks. Simple. Like, 'cause that's what the internet should be, and from the very first day at Cloudflare, we've been committed to this.
Unless there is regulatory pressure that just makes it completely unviable, we are going to continue to offer that and make it better and better and better over time, because that is what we should be doing, and that's what the tech industry needs to do. We're also gonna be working with incredible partners, and so I'm proud today that we're announcing extended partnership and integration with CrowdStrike. Some of the CrowdStrike team is here with us today, is gonna be sharing some of what we're doing, because, again, our mission isn't to build a better internet, our mission is to help build a better internet. And the reason the word help is in there is because it's critical that we can't do it alone, as Mark Anderson said. We need your help.
We need your help more than ever before, because there is enormous threat and enormous risk to the internet over this. Openness and collaboration make the internet safer and better, and that's true for us, but it's also true for all of your businesses. We need to be fighting for that. We need to be delivering that message, and I need your help in doing it. About 20% of the web today is served by Cloudflare, between 20% and 25%. We're proud of the fact that we do that. We're able to stay in front of things like Log4j, HTTP Rapid Reset, and provide our services in order to protect them. We're staying in front of what the new technology changes in the future are.
And so in a world of AI and emerging technology, we're leading the way in making sure that as you experiment with these new technologies, that you can do so in a safe and reliable and efficient way. We're making sure that you can do it in a way that is secure for your business, keeps your customers secure, keeps your employees secure, and yet lets you have that innovation that's there. So Cloudflare's intelligence helps us connect everything together. We think of ourselves as that Connectivity Cloud, and we're fighting for you every day, but again, we need your help. So I hope that you'll think about this. I hope that as you think about all the amazing innovation, you know that behind it, it only works if the internet works, and the internet has never been at more risk than it is today.
And we need your help fighting for it as that risk is there, standing up and saying, "This won't work. This isn't good policy." There are good policies, and let's enforce those, but that's not what we're going to do if we, again, just hand control over the internet to governments and say, "It's up to you now." That's the wrong path, and unfortunately, that's increasingly the path that we're on. But that's just a little bit of what today is. That's what I'm worried about, but I'm also so excited for a lot of what we're delivering to customers and products. We're gonna spend the rest of the day on a less dour note, talking about Cloudflare innovation, talking about our customers, talking about all the new products that we're building.
But I wanted to also let you know that this is something we think about, we think about as part of our responsibility, and I'm proud of our team as being one of those that is fighting for the internet. So with that, I'm going to welcome to stage, and I am 1 minute and 20 seconds faster than expected, so Thomas is still gonna make his daughter's wedding. But I'm gonna hand it off to Nitin Rao, our Chief Product Officer, to talk a lot about what we're doing and what's coming in the roadmap for Cloudflare. Nitin, take it away.
Good morning, everyone. This is my eleventh year helping build Cloudflare, and I'm so incredibly excited to be here with all of you, our customers and partners here in New York, but also streaming from all over the world. Thank you so much for joining us. Our mission, as Matthew mentioned, is to help build a better internet, and a better internet is a safer internet. We rapidly learn every single month from more than 100 trillion internet transactions, and we use what we learn from every one of those requests to make all our customers safer. Every single day, we stop more than 200 billion cyber threats, and while the attacks we might see on any given day might change, what hasn't changed is that we're in this together. Every single person in this room makes the internet safer and faster for us all, so thank you.
I'm so thrilled for everything that our community will accomplish together. I spent the last decade helping build Cloudflare's global network. I'm proud that we're now in more than 320 cities in over 100 countries. But now I get to see the amazing things our customers are building using our products. And so I'd like to share just a couple examples of what makes our community so special. First, every Cloudflare customer, from the largest enterprise to the hobby blog on our free plan, contributes to that shared threat intelligence that makes the platform so powerful. Second, the leaders in this room are taking something scary, like security, and really simplifying it across your organizations. And third, all of you are informing our roadmap, telling us what products are most helpful in driving innovation at Cloudflare.
I'm excited to report to you just a couple of product announcements that we're very, very excited about, and I hope you'll explore throughout today. Customers tell us that they're just inundated with the sprawl and complexity of their IT systems, the sheer number of security vendors they need to manage, a patchwork of solutions that still leaves critical gaps. That's why we created the Connectivity Cloud, to make it easier than ever before to secure, connect, and build the applications you're doing, to ensure that our networks and people are protected. We operate at an incredible scale. 20% of the web passes through us every single day. Because we work with everyone, from the United States government all the way through to the local pizza shop, that gives you an incredible surface area.
It's really representative of the diversity of the internet, and it, that gives us signal to build products that others simply cannot do. And so let me share an example of a customer in this room that's benefiting from that scale. And that's Genuine Parts Company or GPC, a Fortune 200 automotive and industrial parts distributor. For GPC, bots was a major issue, and we were able to give them visibility into their internet-facing traffic. One of the things we noticed early on while collaborating was that the second most active IP address against GPC's website was actually one of their competitors trying to scrape their online catalog, and of course, we put an end to that with Cloudflare's Bot Management solution. And the only way to stop bad bots in the age of AI is Defensive AI, and Cloudflare's models here have a unique advantage.
Indeed, for AI, data is currency, and Cloudflare's models are trained on the largest, most comprehensive dataset, and that gives us a unique advantage. One example where that plays out is with residential proxies. Now, there are other security companies that can identify bad networks or bad IPs, but because of the sheer breadth of the internet that we can see, we have certain advantages. Now, attackers have become a great deal smarter. They have evolved, and they're able to actually hide amongst regular users by putting malware on regular devices and rotating between millions of these devices. Cloudflare's models, including our newest one that we developed just a month ago, can now identify and block more than 28 million rotating IPs every single hour.
Just a couple of weeks ago, one of the world's largest airlines approached us with an issue about bots, and we were able to identify 70x or more bots. But this is really about the entire platform, and so I'll shift gears to highlight another customer that went all in on Cloudflare and was able to reduce spend and complexity. The organization is Applied Systems. They build technology for insurance companies, and before Cloudflare, they were juggling multiple security solutions from various companies, creating inefficiency and driving up cost. I spoke with at least one CISO that was just having a hard time figuring out who to hold accountable. The CISO at Applied made a strategic decision to consolidate these functions behind Cloudflare, aiming to connect and protect their applications, networks, and people.
For applications, Cloudflare's WAF, CDN, DDoS mitigation was able to improve their performance and security all over the world. For networks, by using Cloudflare's Magic Transit and Magic Firewall, they were able to have a consistent security posture without needing new and expensive infrastructure. Finally, for people, it happens that zero trust was a high priority for the chief security officer. They actually removed their use of Zscaler and Cisco AnyConnect VPN and used Cloudflare's more modern approach. Now they're able to enforce access controls, verifying every request based on identity and context. Applied Systems, like many of us, was also trying to think about AI, how to take advantage of it while still keeping employees safe. So they now run ChatGPT in an isolated browser using Cloudflare's network. By running code on Cloudflare's network, their security team can actually keep track of downloads, uploads, and copy-paste.
Today, Applied Systems enjoys a more robust and simpler security posture. They've reduced their overhead and complexity, allowing the team to actually focus on innovation rather than maintenance. That's an example of Cloudflare at its best, not just offering security features, but it's about delivering a comprehensive platform that helps leaders like you really transform the organizations you run. And so to all of our customers here and those joining online, I want to. On behalf of the entire Cloudflare team, I want to say thank you for your feedback. We just had Customer Advisory Council yesterday, and we so appreciate these opportunities. It really drives our innovation, helps us build better products, and ultimately, helps make a better internet. And so I'm really excited to share with you what we've done with that feedback and highlight just a couple launches that we're especially delighted about.
First, from our developer platform, Workers AI is now general availability. It lets you run machine learning models on GPUs that were spread across Cloudflare's network in more than 150 cities around the world, and it's amazing to see what customers are doing with it already. A large e-commerce platform is using Workers AI to generate keywords for their shops. There's a startup in the drone space that's using it to turn image signals into 3D models, and a multinational food ordering company is using it to generate images, if a menu item doesn't have one already. But these are just early innings, and we're fascinated to see new use cases develop every day. Second, an update to our Data Localization Suite.
I know all of you run large, global, complicated organizations with different, privacy obligations, and as regional privacy regulations are becoming more complex, we're helping customers control where their data is inspected and stored. I'm happy to announce 19 new regions around the world for our Data Localization Suite, and very soon, the ability for you to configure your own custom region. Third, and equally exciting, is Local Traffic Management. Until now, Cloudflare's visibility and load balancing controls extended as far as your origin infrastructure. Well, that changes now. With LTM, you can dynamically control traffic within your internal, privately hosted applications without any new hardware. Next, our new malware content scanner. It's great how modern web applications allow for more user interaction, AI chat boxes, but with that comes the very real risk of malware.
And our malware detection content scanner can take action on malicious traffic while they're in transit itself, avoiding additional load on your infrastructure or the need for dedicated scanners. The announcements just keep coming. We're so excited that we're launching the beta for Magic Cloud Networking. This builds off our acquisition of Nefeli, and Magic Cloud Networking allows you to manage all your cloud providers' native networking capabilities within that familiar Cloudflare dashboard and API. You can visualize your end-to-end network, manage network flows, and configure policies across those providers without having to translate between those APIs. And just this morning, we announced the acquisition of BastionZero to further strengthen our SASE portfolio. Many customers using Cloudflare Zero Trust network access have been looking for ways to extend those same protections to their infrastructure resources, from Kubernetes, servers, critical databases.
And it's scary how using traditional privileged access management systems, we give engineers very long, permissive permissions, and that changes with BastionZero. We're very excited to welcome the BastionZero team. We get to work with a number of strategic partners, and Matthew and Mark spoke about how our mission is to help build a better internet with partners. There's one strategic partner that really stands out, and that is CrowdStrike. Together, we've been collaborating on a number of initiatives to make sure that when a customer has a bad day, we can help them with fast incident response, to ensure there's tight integration between our products and teams, to cooperate to ensure strengthening the cyber resilience of U.S. critical infrastructure like hospitals, energy systems, water utilities.
Just this morning, we announced further expanding our partnership to bring new capabilities through channel partners to our mutual customers. On that note, I'd love to invite Daniel Bernard. He's the Chief Business Officer of CrowdStrike. They've been just a terrific partner to work with, and I'd love for him to come on stage and say a few words. Thanks, Daniel.
Thanks, Nitin. It's a pleasure to be here. Daniel Bernard, Chief Business Officer at CrowdStrike. When I think of Cloudflare, I think of securing the internet. If you think about the internet, it's really the world's biggest network. When I look into the crowd right here and see so many customers of our technology and joint customers that we have with Cloudflare, each of your networks represents that internet concept that I was talking about before. Who better to secure your network than Cloudflare? Having the ability to integrate that with the Falcon platform, to deeply integrate it with our next-gen SIEM technology so it makes cybersecurity easier to manage, easier to see, and easier to control, is super important. Cloudflare, excellent technology across application security, Zero Trust, the list goes on and on. Even email security, too.
We're really happy to take this partnership to the next level, to partner even deeper with Cloudflare. Our credo is really, we stop breaches, and that we is so powerful because the we isn't just us at CrowdStrike, it's what we do with partners like Cloudflare. Thanks so much.
Thank you. Thanks so much. So we, we really couldn't ask for a better partner, and I really encourage everyone in the room to speak with your channel partner and see how Cloudflare and CrowdStrike can be a great solution for your needs. I'm really proud of all the work that our team is doing to help build a better internet, and I'm really grateful for all of you for contributing to that mission. It's really amazing how you're securing, connecting, and building the next generation of applications that impacts all of our lives. Now, one application that's especially impressive, that many of us use every single day, is Uber. I'm so inspired by their engineering team and the way they're reimagining the way the world moves for the better.
To tell us more about their journey, please welcome on stage Chief Security Officer of Uber, Latha Maripuri. Thanks so much, Latha.
Good morning, everyone. It's wonderful to be here. Thank you to the Cloudflare team for giving me a couple minutes. I feel a lot of pressure to stay on time so we can get him on that flight today. As Nitin mentioned, you probably know a bit about Uber. Hopefully, some of you used it to come here today. But you may not know how much the company has expanded into a lot of different services from what started as, hey, push a button and get a car, you know, for a ride. We have a number of mobility services, delivery services, freight services today. We offer shippers various long-haul shipping services. We have delivery. You can get groceries, deliveries from pharmacy, deliveries from, of course, restaurants, merchants.
We hit a huge milestone recently with 1 million merchants on the Uber Eats platform. This could be a chain restaurant that you like. It could be the local deli around the corner. So very, very big expansion over the past decade into a lot of services and, of course, ride-sharing, our key mobility service, is still very core to the business. But you can also rent a car on Uber in certain markets. If you're in India, you can have a motorcycle come pick you up if you want to be adventurous and use that as a mode of transportation. So a lot of different. Oops, excuse me. A lot of different type of services that you know power Uber, and you can see some of the stats here, over 10,000 cities that we're in.
Even though it is a single app and a global app and single payments, it is quite local in nature, so we have a lot of community operations and services locally in order to onboard our earners and ensure that they get, you know, the best support. So from a technology perspective, you can imagine to operate at this scale takes a lot. It's a very much a real-time business. And it's a unique business because even though it's digital in nature, every interaction that you have with Uber is also physical in nature. There is some physical element. You're getting a good, or you're getting in a car and whatnot. So we have a very complex, diverse, dynamic tech stack in order to support this architecture.
We support sort of a dual region, multi sort of zone architecture to ensure availability and reliability. Most people don't realize this, but up until recently, we really did everything in our own data centers. We were not really in the cloud because of the bespoke nature of our business and to ensure performance and to just have better control, it was within our data centers. But we have now embarked on a cloud strategy. We're early days, you know, it's year two of that strategy, of a multi-year strategy, but we will be shifting to two cloud providers as part of that transformation. We have about 5,000 microservices that power Uber, and so everything that you know, when you interface with the app, it's usually a microservice behind that.
The 5,000 microservices are developed by our thousands of engineers, and also are supported by thousands of data sets. So you could just see behind the scenes. There's quite a bit of a scale of what we do. We also are huge contributors, and rely quite a bit within Uber engineering on the open source community. We believe in sort of open systems. We contribute. We leverage a lot of open source as well, within the tech stack, within Uber. So when we talk a little bit about security, you know, the privilege of helping secure this complex company. So I run all things cybersecurity and privacy engineering related. We see a lot of what Cloudflare and many of you see, in terms of the threat landscape.
It's been quite active, you know, of course, in recent times, and a lot of companies having to continue to disclose breaches. The oldies, but goodies, are still around from phishing and social engineering, attempts at ransomware are trying to exploit various vulnerabilities. We see network scanning, we see a lot of bots and scraping as well. We worry a lot about the supply chain. You know, Uber integrates with a lot of payment firms, a lot of other transportation firms, insurance firms, and whatnot. So we think a lot about vendor risk and supply chain risk, and of course, now with the evolution and adoption of generative AI, how do we think about securing AI systems, AI platforms? Because everything in Uber, you need, obviously, a customer account.
We see account takeovers, fraud, so a lot of the usual types of, you know, security issues. I'll highlight DDoS, as was mentioned this morning, because, we've definitely seen over the past year an increase in DDoS, attempts against Uber on various web applications, mobile applications. Thanks to our partnership with Cloudflare, we've implemented some new mitigation and controls that have been hugely beneficial. But again, the y ou know, as we evolve our controls, and we know that attackers also evolve their controls. So to back up a lot of these threats supported, we are very much on a journey of zero trust and layered defense. We have a comprehensive program.
We have hundreds of security engineers globally and software engineers that build security systems for Uber, everything around cloud security, product security, mobile security, you know, bot defense, DDoS mitigation, network security, and so on. And then being now a publicly traded company, we're also highly regulated, so put quite a bit of focus on regulatory, you know, compliance as well. On the other side, you know, besides security, you know, I always think about Uber as almost critical infrastructure these days. If there is any kind of issue, there is quite a bit of ripple effect across the world. So we take, obviously, all things resiliency, availability related, incredibly seriously at Uber, and especially within Uber engineering. We believe, of course, in fast product development, having high velocity of deployments, but we believe in doing it safely.
So there's a huge focus on just engineering excellence, making sure that the deployments are safe. There's a lot of testing that happens. There's a lot of drills that happen. Of course, having a backup strategy, you know, we should always operate in an environment where you can assume something will go wrong. It usually does. So, making sure there's backup, there's ways to roll back, you know, any deployments that we do. And then learn, continuously sort of measure and learn from everything that we do is incredibly critical. We take the uptime on the application and the platform very seriously because we know it impacts the experience that all of you have on the platform, but also because it's a platform where millions and millions earn.
So if there is any downtime, chances are someone's not earning, and that has, again, a huge impact. So something that internally is core to our value is how do we operate, you know, and have a magical experience for everyone that leverages, you know, the platform. So resiliency, availability, security, you know, all of these things very much closely tied together. And one thing, you know, I really believe, having kind of just been in this space throughout my career, is that, you know, most things, when you look at these type of domains, it ends up being a lot around balance. So we take, you know, data protection and privacy, cyber resiliency very i t is incredibly key. Customer satisfaction, very much key.
But at the same time, there's so many controls that you can implement, whether it's for DDoS, whether it's for API security, whether it's for employee security, but we have to make sure that there aren't any, you know, performance impacts of that and user friction as a result of what you've implemented. So, you know, any time that we implement a new control, we look very closely at that to say, "Hey, is there any type of service degradation? Does it impact developer productivity? Does it impact employee productivity?" It's something that we measure very, very carefully at Uber, just to make sure that, you know, we can implement a lot of controls, but that we do it in sort of a very mindful way to make sure that we're not impacting, you know, the overall business.
'Cause ultimately, you don't wanna slow anything down. You don't wanna slow down deployments, you don't wanna slow down customer support, you don't wanna slow down your use of, you know, the app. I'm sure none of you wanna order an Uber and then wait, you know, a minute. You just want that instantaneous sort of response on what's happening, which is what, you know, Uber has sort of prided itself on, is that real-time experience. So it's a journey for all of us. That's something we take very seriously. So hopefully, that gives you a little bit of a glimpse on how we think about our tech stack, how we think about security and resiliency, and I'm around this morning if anyone has any questions. Thank you for your time.
Can we get another round of applause for Latha and Daniel? Thank you, guys, very much. So great to hear some of these stories this morning. We've got a full day of this here. In a moment, I'm gonna send all of you out to continue with the conference, but first, a few quick notes. Now, here are the sessions that we have in store for you all today. We're covering all sorts of strategic and impactful topics, ranging from network modernization to threat intelligence, to the ever-present question of AI. There's a ton to hear and learn, and we also wanna learn from you. We've got a ton of our product team here, many of our engineering team here, a handful of our salespeople here.
We really wanna learn from you, so thank you again for paying attention, and thank you for being here. For our investor community, we've got a separate program. It's upstairs, and it's in Hall Two, and it starts at 10:15 A.M., so be there or be square. We'll look forward to continuing this event. I'd like to tell you to test our products, get advice from our members of the Cloudflare team, check out the solutions demo area throughout the day. We've put a lot of work into this. A lot of Cloudflareans have worked really hard to make this a good experience for all of you. And finally, we've brought in a service called Braindate, which I think is super cool, which arranges curated small group networking sessions on topics of your choosing.
So it's a great way to learn from all of the incredible people sitting around you today, customers, investors, Cloudflareans. Thank you all so much for joining us here at Cloudflare Connect. Let's get on with our way, and let's go, Cloudflare!
All right. Hello, everyone. Thank you for taking the time out of your day, you know, to come to our annual Investor Day meeting. I know May is a busy time of year from my past life for both investors and analysts. I know particularly the buy side is very excited to get back to their desk to look at their inbox, to go through all those II ask emails that are piling up. Not that I'd ever send one. But to make the best use of your time, we have a robust agenda today, so you can walk away with a very clear understanding of the massive opportunity that is in front of Cloudflare and how we are actively positioning the company to best capitalize on it.
Now, similar to last year, I'd like to set the stage for the next two hours by restating Cloudflare's mission, because it really guides everything that we do. Our mission is bold but simple: We are helping build a better internet. Cloudflare's platform was built from day one, from the ground up, with the full understanding that the entire infrastructure stack would shift to the multi-tenant cloud, compute, storage, security, networking. Cloudflare delivers all of these services on one platform with one user interface and API and one set of policies, and all powered by one global network. Simply put, Cloudflare is built for what's next.
As you can see, you know, since Cloudflare first launched on September 27th, 2010, to make the internet faster, more secure, and more reliable for everyone, everywhere, not only has our website evolved over the years, but so too has the scope of our network and the breadth of our products to encompass an incredibly diverse set of use cases that add value to our customers. Just last year, we coined the term Connectivity Cloud to really describe our approach to delivering this massive array of services that companies need to regain control, increase security and performance, and reduce the cost of their digital environments so that they can thrive. Now we have a tradition of not just simply shipping products, but rather building products that keep getting better and better over time.
Today, Cloudflare is a leader or strong performer in 15 major analyst reports. But unlike the competition, they maybe start with one product and attempt to Frankenstein others together over time. Cloudflare, as I mentioned, offers one unified intelligent platform of programmable cloud-native services that enable customers, once again, of every size, everywhere, to connect and protect applications, employees, networks, and clouds, accelerate application performance and user experience, and build the next generation of applications, including AI. Now, last year, we talked through all four main product categories at a very high level. This year, we're gonna flip things up. We're gonna go do deep dives, you know, hardcore, really, technology teach-ins on two product areas that we believe are maybe not as well understood, but what we believe are truly transformational: Network as a Service and AI.
You'll then hear from Mark Anderson about the changes being made to our go-to-market organization to reaccelerate growth at scale. After that, Thomas Seifert will delve into our financials on time, of course. And followed by open Q&A with Matthew Prince, Michelle Zatlyn, Thomas, and Mark. With that, sharpen your pencils. I would like to turn the stage over to my colleague, Annika Garbers.
Thank you, Phil. Good morning, everyone. I'm Annika. I'm on the product team at Cloudflare, and I have spent the last four years here having conversations with hundreds of customers about the journeys that they have been on to modernize their network and security stack. And from all of these conversations, we have a really strong conviction that has emerged, which is that the network must adapt. There's lots of reasons for this conviction from a business perspective or things that would show up in a CIO's sort of IT priorities list. But what we're gonna do today in the next 15-20 minutes is go through some technology history and talk about this in terms of our customers.
We're gonna put themselves in their shoes and think about the changes that have happened really over the past decade that has changed the entire way that they approach their jobs. There's one major shift when we talk to these customers that has led to an entire flip in the way that they approach security and networking, and that has been the shift from a centralized model for storage and computing, employees, networks, applications, and data, to a decentralized or a distributed model. If you think about the way that corporate networking and security used to work, there's this concept of a castle and moat, where employees, apps, and data would all be located in maybe one physical location or a small handful of them that would be connected with private connectivity lines.
And organizations could really draw a security perimeter around this castle, and then to set up a moat where they have a stack of security devices, things like firewalls, intrusion detection systems, VPN concentrators, that were deployed in a data center where they could watch every single packet coming in and out of their network and monitor it. So if you're inside of the network, you're trusted. If you're outside of the network, you're untrusted. And this was sort of the paradigm that organizations were working with in corporate network and IT and security for years and years. But this has totally turned on its head because of two major moves and shifts. The first is that applications moved outside of the data center, and so now they can be distributed anywhere, in public clouds, in SaaS applications.
The lion's share of corporate traffic has actually moved outside of the walls of the corporate castle and now lives on the Internet. Then that second shift, or the second decentralization, was of employees. With the shift to remote and hybrid work, now the people in an organization can also be anywhere. So you had this world where everything was controlled inside of a walled castle, now it can be anywhere. So the architecture that was created initially to connect and secure a corporate network, fundamentally does not work anymore for the world that we're in now. Let's dig into what that looks like in one little deeper level. This is an example of what a typical customer network architecture would look like in this traditional model.
You have a couple of data centers that are maybe connected with a physical form of dedicated private connectivity, something like leased fiber or an MPLS line. And then you're able to deploy a stack of security devices at those data centers that act again, as that wall for your castle or the moat for the castle. You can get full visibility and full control into every single packet moving in and out. But with this shift in this decentralization, again, those apps moving to the cloud, the people moving out of the offices, that has been led by storage and compute, and then led, helped by the pandemic for employees, the network and security industry has really lagged behind. And so this has created problems.
A lot of the assumptions about what you needed to do to secure your networks have kind of broken, and those problems have been addressed by the industry as lots of different point solutions in different places in the network. We introduce things like Zero Trust network access to replace VPNs, secure web gateways to help with filtering the massive amount of traffic that now heads out to the Internet from within an organization every day. SD-WAN helped organizations gain more control over their branch networking and make it easier to understand and manage lots of different locations wherever they were distributed. So if you zoom in and look at any particular point here, these solutions make a lot of sense. They manage and solve for that point problem.
But if you zoom out and you think about from a CIO or CISO's perspective or someone that's architecting a network, what they're now having to manage and deal with is a lot of different band-aid solutions that were not actually built to integrate together. This has led to more problems than there were with the traditional model, because now you're not just managing these new cloud solutions, most organizations that we talk to also have their legacy solutions still in place, and so the cost has just ballooned, and there's gaps in security and gaps in visibility. I talked to a CISO recently that started at a new organization. In their first 30 days on the job, they commissioned an audit of all of their existing security tools.
And what they found out is that this organization, which is around 5,000 employees, has over 80 security tools deployed today, and that is not even the kicker. What they found out additionally, is that the vast majority of those tools are in monitoring mode. So they're not even using them to block traffic or stop any malicious potential attacks, because the team that has been managing them is spread really thin and has been jumping from one security vulnerability to the next in this sort of Whack-A-Mole mode, trying to solve these problems. And so they're not even getting the value out of all of the solutions that they are paying for. So how do we solve this problem?
We've had this one shift that has happened that's led organizations to adopt this kind of hybrid overlay architecture, where they have cloud-based solutions and legacy solutions sort of stitched together and halfway integrated. What we think needs to happen is a second shift to a truly Internet-native architecture, a different way of thinking and working that is set up for the problems that we have today and fundamentally architected for a distributed world. We had a really cool opportunity here at Cloudflare to take a step back and think about how would we design the network if we were starting from scratch for a distributed world, with the assumption that the internet was going to be the foundation of the corporate network. What we came up with when we asked ourselves these questions was a few key principles.
Starting at the infrastructure layer, so think about the services or the servers that run all of our services, that provide networking and connectivity and security, and then the connections between them. So how to get traffic from point A to point B at the physical level. There's two key principles that are really important to keep in mind for infrastructure in a distributed world. One is that you have to be everywhere, because we said employees, apps, and data can be everywhere, so your infrastructure also has to be everywhere, so that you can serve users close to their source and then accelerate traffic to the destination and be close to the destination, too. But it's not enough just to have a lot of points or dots on the map.
You also have to have a mesh of connectivity between them, and lots of different options for how to get traffic from point A to point B, because if we move forward with the foundational assumption that the internet is the corporate network, well, the internet wasn't really built for a lot of those use cases. And so you need to be able to make smart decisions about how to route traffic so that you can route around potential problems, instability, reliability, congestion, et cetera. So be everywhere and be interconnected at the infrastructure layer. Then there's the data plane. So these are the services that we actually offer, the network and security components that our customers purchase for us, and there's two principles here, too. The first one is comprehensive on-ramps.
When we talk to our customers, and they describe the full landscape of all the sources and destinations across their traffic, they have lots of different things that they need to be able to connect. It could be user devices, data centers, clouds, Internet of Things devices, the list goes on, and we have to be able to connect all of these in. You can't just have a partial solution if you are thinking about really transforming or modernizing the network. But it's not enough just to connect the things in. You also have to be able to apply consistent security controls, and consistent is important here across all of those different on-ramps. You can't have a subset of controls that apply to some traffic and then some controls that apply to others.
You have to have the ability to enforce the same user experience for an employee, whether they are in an office, working from home, or working abroad. And then finally, there's the control plane. So the infrastructure, the data plane or services, and then the control plane is how customers actually manage all of these different components and how they get the visibility across them. And so the same way that we have consistency, uniformity on the infrastructure layer and the data plane layer, you also have to have that consistency in the way that you control these services and put the pieces together. It's helpful to have the services be able to interoperate on the back end, but you need to have the front end and the APIs that you use to manage these things also reflect that experience for organizations. So those are the principles.
How has Cloudflare applied them? Starting again with the infrastructure layer, our network is really the foundation of everything that we do here, and we have taken this challenge of being everywhere very seriously. We're in over 320 cities across the world, and in each of these locations on the map, we have our own servers, our own infrastructure that we own and maintain, which creates incredible cost benefits that we're able to then pass on to our customers. We're less than 50 milliseconds from 95% of the world's internet-connected population, and every day, we continue to push that and be closer and closer to everywhere that our users are. And then we also have invested heavily in interconnection. So all of the dots on the map have diverse connectivity options or ways that they're able to get traffic from point A to point B.
So we serve users closest to their source of the traffic, but then we got to get the traffic back to wherever its destination is, and the interconnection is what helps here. At each of these points on the map, we've got public internet connectivity options. We've got private peering with over 13,000 different networks, and then also at many of them, we also have our global private backbone, which you can think of as sort of a dedicated superhighway for the internet. There's one other nerdy detail about the points on this map that is actually really important, which is that they are all Anycast. They operate in an Anycast fashion.
What this actually means is that we advertise all of our IP space, that we serve all of these network and connectivity and security services from every one of those dots on the map. As a user, my experience is that when I'm working from home, which happens to be in Atlanta, I connect to the Cloudflare Atlanta POP. When I'm here in New York, I connect to the Cloudflare POP in New York, and that is completely transparent to me as a user. It is also completely transparent to my IT team. They didn't have to configure anything ahead of time or on the fly in order to make that happen. It just happens automatically. As an IT security network organization, when you are connecting to Cloudflare, there's only one region that you ever have to think about, and that is essentially the Earth.
One final infrastructure decision that aligns with our principles of being everywhere and being interconnected is making smarter decisions with that connectivity that we have. So I mentioned all the dots on the map and the diverse connectivity options we have at each one of those. An analogy here is imagine if there was a new road that was built from your house to your local grocery store. Well, it's already awesome to have that extra road, because maybe that'll help split traffic across. Maybe you have a new option to get where you're going. But what if, before you left your house, you had the ability to know which of those roads was more congested and then make a better decision to be able to get to your destination faster?
That's what we can do with the software that we've built to make smarter decisions about how to route traffic where it's going. And then on top of that, in all the locations where we have the backbone, it's like if you had a separate road that was dedicated just for you, and it was super, super fast, so you could get where you were going faster than the main public roads. So that's at the infrastructure level. What about the data plane? How have we approached being comprehensive with the connection options that we have and applying consistent security controls? One of the first things that we usually do with new customers or folks that are considering what this transformation would look like with Cloudflare, is we'll start with an architecture diagram of what their current network looks like.
And it usually starts pretty simple and then gets a little spaghetti looking pretty fast. There's lots of different places where customers' traffic needs to start from and end up to. And so we realized early on that we needed to create a really comprehensive and flexible set of different ways to get their traffic from all of those places to Cloudflare's network, and that those different on-ramp mechanisms had to be engineered for the specific needs of those endpoints. So that's things like a device that can run on a user agent, like a laptop or a phone. It is a tunnel mechanism or a lightweight appliance that can be deployed in a physical branch or a retail location or manufacturing facility to provide zero-touch connectivity to Cloudflare.
Or if customers happen to be in the same data center as us in one of those locations, which is pretty likely, because we're in a lot of places on the map, they can build a physical interconnection and get that dedicated capacity directly into Cloudflare. So we've got all these options. We can be prescriptive with customers about which ones to use and which use cases, depending on what they're connecting to us. But then on top of that, the security controls that we apply as a part of our platform are consistent across all of the on-ramps. So again, it doesn't matter whether I'm working remote or working in a Cloudflare office, working from an airport, I will have the same consistent security controls applied to all of my traffic.
That is really unique to our platform versus the way that competitors have approached this solution, which is building separate platforms for different components of the stack and then figuring out, okay, maybe there's common pieces of it that we can wire and integrate together. We've built everything to interoperate from the ground up in our own software. The reason that we're able to do that is because of a foundational decision that we made, again, early on, but that we've kept really consistent and stayed firm about throughout all of the development that journey that we've been on and the new products and services that we've offered, which is to architect all of our services to be able to run on all of our servers across all of our network.
And so in my example, if I'm browsing a website on the internet or accessing a private application as part of my job here, my traffic right now will go land on a server in Cloudflare's pop here in New York, and then it will go through the full stack of security controls that my IT organization has put in place on the same server that it lands on. So I'm not sending my traffic to multiple different locations in order to get different levels of controls. It all happens in one place. Another way to think about this is single path inspection. That's beneficial from a security perspective, but also from a reliability and performance perspective, because my traffic isn't having to sort of hairpin around to get where it's trying to go.
It's also helpful from a control plane perspective, because as an admin, I can log into one Cloudflare dashboard and manage all of these controls in one place. I can see all of my policies in one dashboard, one API, and then increasingly, we're hearing from customers that they want to manage everything as infrastructure as code. We have a unified Terraform provider across this entire stack as well. It's not enough to just be able to configure everything in one place. You also have to be able to have your visibility in one place. One of the challenges that we hear from customers in that sort of hybrid overlay model that many of them are struggling with right now is that getting visibility into specifically troubleshooting problems can be really challenging.
They have to open maybe six different tools and look at lots of different analytics panes, figure out how to feed all of that data into maybe a central SIEM that they're managing, and then parse it and understand it and normalize it. It's a lot of work just to get your data in one place, and then even if you're able to invest the time and the resources to do all of that work, you might not even have the visibility that you need because there isn't a platform that has the full end-to-end connection. You're kind of piecing things together. But with Cloudflare, we do see the end-to-end path, and so we can provide all of that visibility to customers.
It's almost analogous to the sort of castle and moat model that we mentioned earlier, where you can sort of put a network tap in one place where there's a stack of security tools and hardware that are watching all the packets come in and out of your network, except that that one place is now actually a distributed global network, but then we can aggregate all of the visibility and the data back in, so you can still see it from one place. Network security, IT admins love this aspect of the platform. With these principles applied at the infrastructure layer, the data plane layer, the control plane layer, we can enable our customers to connect and secure lots of different workloads for their employees, their networks, and their data.
For customers, this often will start with the connecting and securing their external-facing workloads or the sort of front door of their network. This is with services like CDN, load balancing, traffic acceleration, routing, to make sure that we keep their public-facing applications faster and more reliable. Then we also keep them secure with things like DDoS protection, web application firewall, Bot Management. That's on the external-facing network side, but this exact same platform, those exact same servers, and the same on and off-ramp mechanisms in many cases, are the ones that also power the internal network use cases as well. Here it's things like secure web gateway, zero trust network access, WAN connectivity, and firewall-as-a-service that help customers transform their internal networks.
One of the things that's really exciting to me about the future here is that as the boundaries between public and private networking continue to blur, as customers really embrace the internet as the foundation of their corporate network, I think in a few years from now, we won't even really be talking about this internal versus external divide. It will all be one network, and we have the tools and capabilities to allow our customers to use these different services together. And that is a really, really exciting aspect of our platform that none of our competitors have, the internal and external pieces in one place. So to summarize, across many different dimensions that our customers care about, the ease of configurability, control over the last mile and the middle mile, the end-to-end traffic path.
Integrating smoothly with their clouds as they continue on their cloud migration and multi-cloud journeys, built-in security, and lower cost. We believe that this current moment that many customers are in, with having to manage the hybrid overlay, that's not the end solution. The end solution is this internet-native platform that was actually built to address the challenges and for the world that we have today. And we're so excited to be on this journey with our customers. We know that they also have a lot of choices. We're not the only provider in this marketplace. It's pretty crowded here.
We think that the foundational investments that we've made, the principles that we've held ourselves to from an engineering and product perspective, of being everywhere and interconnected, having comprehensive on-ramps and consistent security controls across them, having a single place to control and a single place to view everything, that these are the right principles for the world that we're in now, and that the cracks in other solutions, where organizations have kind of pieced different products together, those will continue to show, and that over time, organizations will want to shift more and more to a unified platform. I'm so excited to be here at Cloudflare, getting to talk to customers and continue learning about their challenges.
I'm really confident that we're moving in the right direction, not only to solve the problems that customers have today, but also to set them up for the challenges that they will have in the future, because the world will only become more distributed and more complex, and we're here ready to solve those problems. Speaking of the future, I'm so excited to hand over to my friend and colleague, Rita, who will tell you about how we're solving the next generation of problems already.
Hello, everyone. My name is Rita Kozlov. I've been at Cloudflare for just a few days shy of eight years, and for the past seven years, I've been helping build out our developer platform. So Annika was just up here talking about rethinking the corporate network around modern assumptions, and our vision for developers has been to do the exact same thing, but in the cloud space. We learned so much taking applications that were frequently built in the cloud and helping make them more fast, more scalable, more secure, more reliable, that we thought, we want to build a cloud platform that has all of those properties built in since day one, and open up developers to do what they do best, which is build new products, build new features, bring value to their customers.
Now, if that seems like an ambitious goal, well, it certainly felt very, very ambitious seven years ago when we first embarked on this journey. So we started on it with Workers GA back in 2018, but over time, every year, we've continued adding more features, more products, to allow developers to bring their entire stack to Cloudflare. And I'm really, really proud to say that as of Developer Week, that was just a couple months ago, we're really starting to compete toe-to-toe with other cloud providers in terms of the completeness of the platform that we offer and the capabilities that developers have in order to build on us. And what's important is that we're not just proud of, you know, who we're competing with, but also it's really, really resonating with developers.
So again, as of this past Developer Week, there are now over 2 million developers that are building on our platform, and the applications are just incredible. Seeing what developers are building is the best part of this job. But you're not here to talk, to hear me talk about the developer platform today. I know what you're all thinking about. Everyone is thinking about it, and it's AI. The reason that AI is at the top of all of our minds right now is because it does represent this really, really huge paradigm shift, a shift as big as the cloud, social, mobile that came before it, right? And that's because it really has the opportunity to transform the way that we communicate with each other, the way that we go about our jobs, the way that we communicate with our computers.
So what are these AI workloads actually going to look like? We'll talk about that in a second, but we're already starting to see the way that AI is transforming organizations and changing the way that people work. And in that way, it's actually no surprise that the first adopters on this journey are themselves developers. So over 44% of developers are already using AI as a part of their daily jobs to help automate things like writing code to help them move faster. Gartner predicts that by 2026, over 80% of organizations are going to be running AI in production, and that by 2030, over 50% of workloads from knowledge workers are going to be automated and augmented with AI. Now, in my personal take, based on the way that things are going, Gartner is actually being a bit conservative here.
I think by 2030, almost everyone will be using AI in some capacity day-to-day. So what do these workloads actually look like? Well, to run AI, you actually have two sets of tasks that need to happen. The first is training. So training takes a large, large corpus of data and converts that into a model that can then generate predictions time and time again, which brings me to the second part, inference. If you've interacted with an AI application like ChatGPT, you've asked it a question, and it generated an answer, that part is exactly it. That's the inference. So today, a lot of the workloads, when you hear about AI, are focused in training. All of these big AI companies are trying to develop the best, biggest, most efficient models, and the centralized cloud is really, really great at that task, right?
There are large data centers with many, many GPU compute resources concentrated in them. We actually saw this wave of AI training coming ahead of anyone else because we do have a product that's played a pretty critical role in it. So a little over a year ago, we started seeing storage in R2 ramping up really, really rapidly. And as we dug into it, what we realized that what was happening was, as developers were starting to train these models, they were starting to run into GPU shortages within their particular clouds, so they had to go across different clouds in order to meet their needs. Now, if you're paying massive egress fees every time that your data leaves your cloud, that's going to become just untenable from a cost perspective.
So where R2 came in and became basically the default choice for companies that are training, is that it doesn't charge you for that egress data to leave your cloud, and you're now actually able to meet your training needs across many, many different clouds. But I want to step back for a second and imagine a world where 8 billion people are all interacting with AI every single day. What does that look like? Well, the workloads start to shift away from training and go towards inference. Now, where are all of these workloads going to happen? There are two places that might seem kind of obvious: the user's device and the centralized cloud. So let's talk about these. I'm going to talk about the centralized cloud first, because we're just talking about it for training.
If centralized clouds already have all these resources, why wouldn't the inference just run there? Well, I talk to developers that are trying to make this happen every day, and as it turns out, running inference workloads in the cloud is really, really hard because inference workloads are not predictable in that same way. So if you're a developer that's trying to build an AI application, and you have a launch that's coming up, what you have to think about, even when your launch is weeks or months away, right now, you have to think about how many VMs am I going to need? And you have to pay for those VMs upfront, because otherwise they might not be available.
The alternative, of course, is to be conservative, but that means that when your big launch day comes, when your product is taking off, when all of the hard work actually starts to pay off, your traffic is gonna fall on the ground. So neither of these is particularly ideal. From a user's perspective as well, let's imagine every single person, again, using AI multiple times a day. Sometimes a single workload requires multiple models to run. All of that latency of going back and forth between you and the centralized cloud really starts to add up. And we've seen this with the web, right? When mobile devices became ubiquitous, everyone suddenly really, really started to care about performance. All right, well, what about users' devices?
I think every single person here has one in their pocket right now, which means that there's no additional cost, and it's right there, so what could possibly run faster? The problem with the devices is they're simply not powerful enough to support the models that are going to usher in this next generation of AI. So what if there was a third place where you could run AI that was as close to the device as you could possibly get, just within milliseconds away from it, but with all of the computational power of a full GPU? Well, that's exactly why Cloudflare sits in that Goldilocks zone of the inference workloads, right? We can bring the best of efficiency, of latency. We've been solving these exact problems on our network. This is what it's designed for.
Many, many concurrent requests coming to our network and us routing them intelligently in a way that maximizes across all of these aspects the developers are looking for. This is why in September, we introduced Workers AI, really the first serverless AI platform out there that allows developers to have access to over 100 of the top open source models with just an API call, without having to do any of that guessing work upfront. You don't have to think about VMs. You don't have to think about infrastructure. Just build your application, it'll work, it'll scale as customers come, and you pay us in the end just for what you used. Of course, the model itself is just a small part of the application. None of you are interfacing with that model directly. You're probably going through a UI, right?
There is a back end that has your own personal user data, and this is why AI fits in so perfectly into the developer platform that we've been building. Developers have access to all of the different tools that they need just within reach, in order to be able to build that end-to-end application. All of the AI companies that are building right now, they know this. They know that the user experience is where their future sits. That's gonna, gonna be the thing that differentiates them from their competition, which is why 78% of the top 50 GenAI companies are already starting to lean into using Cloudflare and using it in production.
Again, there are many, many components to running these AI workloads, and even when it comes to inference, yes, you need to run it, but you also need it to be compliant, you need it to be secured, and you need it to be optimized. So how can Cloudflare help there? Matthew was talking in his keynote before about the role that governments are increasingly starting to play in the internet, and AI is no different. If we're all paying attention to AI, so are governments, and they're starting to really clamp down and enforce new rules and regulations, requiring AI inference workloads to run within region to protect their customers' data. This is where, again, Cloudflare is uniquely positioned because we do have the reach of our network, and we're able to run these resources in region without having to offload them to a region further away.
Yesterday, we spent the day at our Customer Advisory Council talking to many developers, but actually also a lot of CIOs and CSOs, and while developers are very excited about AI, there was a palpable reticence coming from the CSOs. They're very, very nervous about it. And the reason for that is that whenever a new technology like this comes along, there's going to be a lot of attention being paid to every single slipup. There's going to be a lot of scrutiny, and malicious actors know this. And guess what? AI has just opened up a whole new avenue for them to try to get data out of your organization, for them to try to attack it. So with all of these new threats coming up, Cloudflare has announced our Firewall for AI, which helps organizations secure their AI workloads.
Seeing these patterns occur and helping customers protect from them, that's what we've been doing for the past 13 years. We've been protecting over 20% of the sites on the web, and AI is just another workload that we can help solve that problem for. All right, last but not least, not a single conversation that I have about AI goes without talking about cost. I was talking to a CTO recently who was telling me about how they were spending hundreds of thousands of dollars on AI, and the kicker is that they weren't even in production yet. So he had no idea where all of that spend was going towards. This is really, really challenging. You don't know what teams are using it, you don't know what models it's going towards, you don't know which providers you're using, and you start to lose faith.
You start to question, are you getting the ROI out of AI that you need? And so that's why we built the AI Gateway, to help organizations understand where exactly their AI spend is going, and to give them the tools to rein it in through features like caching and rate limiting. So I was talking before about how exciting it is to have developers building in your platform. Probably the top question that I get are: What are the use cases that developers are building? And I want to say everything, because there are so many cool use cases coming online every single day, everything from AI therapist to just the other day, I saw someone in our developer community Discord, who built an AI application for building APIs on top of Workers.
You see use cases in image generation, music composition, drug discovery, absolutely everything, which makes me really, really excited about the future. So to wrap things up, let's go back and think about, well, where are the AI workloads today? Yes, they're in training, but you don't want to skate to where the puck currently is. You want to skate towards where the puck is going. And if you imagine every single person in the world interacting with AI every single day, it's clear that it's skating or that the puck is going towards inference, right? And as that shift occurs, it's going to favor an architecture that looks very, very, very much like ours. So I can't imagine a company that's better positioned than Cloudflare to win in this space.
With that, I'm going to hand it over to Mark Anderson to talk about where the puck is going.
All right. Do I have volume?
Yeah.
Great. Everybody, thank you so much for joining us today. My name is Mark Anderson. I am the President of Revenue here at Cloudflare. It's a pleasure to see some familiar faces over the last 20 years. You guys have aged, obviously, better than I have, so, hello again. Question I've heard a lot is, you know, why did I join Cloudflare? And I think it's pretty simple. You know, I've had the good fortune of being on this board for four years. I stepped off to take this job, a few months back. I fell in love with Matthew, Michelle, Nitin, Dane, Thomas. I fell in love with the team, but I also fell in love with the business and, and the mission that we have at Cloudflare to help build a better internet.
And I think that, you know, because I spent most of my time, you know, building and scaling high-performing teams, that to go take advantage of really disruptive advantages in technology in the market, certainly felt that way with the full proxy that F5 did in 2004, when I joined there as CRO. Felt the same way with, you know, Palo Alto's next generation firewall when I joined there at the end of 2011. And in both cases, you had the privilege of being on a team that grew the business 10x at F5, and gosh, we went from $109 million to $2.5 billion at Palo Alto Networks.
I think I've got a pretty good sense for pattern recognition around being able to go prosecute, you know, the incredible opportunity that we have. I think I can say this without reservation. I think the opportunity we have here at Cloudflare is profoundly better than both of those, what I'd say, a really good company.
So when I sold my last company to private equity, you know, I started to think about what I could do to, you know, maybe take the next step of my career, and, you know, sat down with Matthew, Michelle, and, you know, kind of walked away kind of laughing and thinking, "Wow, this could really happen with the sequence of events that have, you know, kind of happened upon us." So, really excited to be here, and I hope that excitement shows up today 'cause it does with every day with my team. Spent the last 100 or so days talking to customers, talked to a lot of customers, talked to a lot of our team members, talked to a lot of partners.
You know, yesterday, in addition to having our Customer Advisory Council down the hallway, we had 120 partners in here today talking about, you know, where we're going as a company that is gonna become a world-class partner, both for technology companies, but especially, you know, for resellers and large systems integrators. I've heard firsthand, though, from our customers, how C-suite executives and at our customers and prospects are struggling to navigate an uncertain economic outlook and an increasingly volatile geopolitical landscape. You know, these challenges, they're absolutely reshaping organizations, business strategies, and their decision-making processes, and the need to dynamically adjust their technology use in response to all of this stuff that's going around, it's never been more pronounced in my 30+ years in technology.
Now, however, today, businesses face technology sprawl across legacy networks and point products, making, you know, achieving of these goals pretty much impossible, right? I hear this from customers every day. There's vendor fatigue. You know, I heard it a decade ago at Palo Alto with the conga line of devices that were physical, that were on-prem, and, I'm hearing it today in the same way as the attack surfaces have evolved to, you know, cloud and APIs. You know, apps and data, they're distributed across many of these clouds. Global users are in places that we couldn't have imagined just three and a half, four years ago. Developers, customers, and the networks that connect them are absolutely fragmented. And so this complexity and loss of control, it increases cost, it is absolutely risky, and, and the time to value is very much in question.
When you're looking to deliver a business outcome using technology, you've really got to focus on control, cost, and risk. You can't see what's happening if you're looking at web traffic separately from cloud traffic, or if you're managing your security infrastructure with all of these different tools. These silos have left technology teams lost in the forest, and they keep spending, but they can't find a way out. Overlay that prospect with Generative AI and all that that brings in terms of the excitement, the CEOs bragging at the country clubs to their other CEO friends about how many projects they've got going with AI, the pressure on these teams, these operating teams, are massive.
Every customer is taking a hard look at overhauling their infrastructure and tech stack to be able to adapt, and not just prosper, but in many cases survive. For me, it's the most exciting period I've been in technology, and I've been in this a lot longer than most of you, so, I feel absolutely energized by this. So the natural question is: Why can't it be simpler? Well, I think it can. In my role, it's crucial to understand the pressures that are faced by these C-level suite, and position Cloudflare not just as a vendor, but as a strategic partner who can help them modernize their IT systems to run their businesses better, to run their governments better. Customers are really resonating with our message and our solution.
We defined Connectivity Cloud as a way for customers to connect, protect, accelerate, and build their businesses so that they can be more agile while retaining control. A Connectivity Cloud enables any to any connectivity, security, innovation with AI and applications, with flexibility across multi-cloud environments, and entire workforces have secure access from anywhere and everywhere. It should be this simple, so IT and business leaders can accelerate digital initiatives across the platform. Although a lot of people know us for our original set of application services, we've grown to four main product categories today, all delivered, as you heard from Rita, on a single platform, and all powered by one of the world's largest cloud networks. Our platform is designed with an inherent ease of cross-selling. Salespeople love to cross-sell.
When you earn the privilege of landing an implementation and it goes well, you earn the right to ask for more. That's what salespeople love to do. Once a customer is on our platform with one product, all of our products, from Acts one, two, three, they're literally just a click away. As we heard, our stack of software runs on every single server in every single one of our hundreds of data centers or POPs around the world. It is just a click away. And that's great for salespeople. It's great for partners as well. But I would submit to you that it's also great for customers. Cloudflare enables them to simply sorry, to simplify and consolidate an incredibly diverse set of use cases onto a single, unified platform, reducing costs, lowering risk, and increasing time to value.
These are things that are really resonating, especially in the office of the CFO. In fact, platform consolidation today with Cloudflare can reduce complexity and drive down TCO by 30%-50% without any security or performance trade-offs. So let's talk about what we're doing to accelerate the go-to-market momentum to capture this significant opportunity ahead of us. You didn't know this, but today you're gonna get a physics PhD crash course from a sales guy, right? This is my equation for momentum. For me, momentum is the product of mass times velocity. Now, Isaac Newton didn't know this at the time. I heard the salespeople were terrible way back when, but his laws of motion could be applied to B2B sales mechanics, and that's where I live, that's where I'm comfortable. Momentum with ACV is the product of sales capacity times productivity.
As you recall from last year's Investor Day, we were performance-constrained. We had too many AEs that were not making their targets. They were pointed in the wrong direction, and they had the wrong set of experiences and competencies. And we saw that declining year-over-year. However, over the last 12 months, we've focused on refining our go-to-market strategy, and especially our go-to-market operations, to drive improvements in attainment and productivity. Let me give you some data here. So fast-forward to today. During the first quarter, we again delivered double-digit year-over-year improvement in sales productivity, and this continues the upward trend from the trough we saw last year towards the productivity levels that we consistently achieved in 2021 and 2022.
In my experience, when you do have a massive and expanding TAM, and you hire a motivated, enabled, stage-appropriate, and competent sales team, productivity should grow for a very long time. I experienced it over every single year of my last couple of gigs, and I'm very confident we're gonna deliver that here. Focused personally on improving this positive trajectory, especially with the onboarding of many new senior go-to-market leaders that have proven track records in their areas of expertise. Encouraged about the improvement in sales productivity we have delivered in recent quarters. You know, combine that with healthy, growing pipeline that you're gonna hear from Thomas momentarily, but I'm not gonna be satisfied until I've got a world-class go-to-market organization. But I can tell you that we've hit the ground running hard in 2024.
The older I get, the only business regrets I have are not going faster, and so you're hearing. If you talk to any of our people, you, you hear a lot about me talking about speed. Speed is important. Time is our enemy. We gotta get going. So now you've graduated to Physics 102. We intend to drive accelerating momentum in ACV and revenue growth by growing the capacity of our sales force with the right people pointed in the right direction, and improving the focus and direction of our team, and accelerating the pace of our go-to-market engine. And I, I use the word engine intentionally. You may have heard me say this in the past couple of decades. I'm looking for machine-like precision.
Machine-like precision in the way that we approach customers, in the way that we deliver white glove treatment to them after the sale, so that we stand up a service and get them to give us a standing ovation afterwards. Machine-like precision in our ability to predict our output. That is equally important for us to be able to come up with an aggressive plan for the full fiscal year, and then every quarter, measure everybody's piece in that plan for the quarter. Measure it every week. Machine-like precision is something I've come to expect as a leader in a team, and we're well on our way to getting there.
Specifically, I talk about five key action items for 2024 that will help me focus on building this world-class go-to-market organization, and let me dive into the details in a few slides here. First of all, operationalizing productivity at scale at Cloudflare will involve bringing on more stage-appropriate talent to blend with our amazing sales team. We've got a great sales team at Cloudflare here, but we also need people that have seen the next few legs of the journey, right? I appreciate, you know, what happened in the last few legs of the journey, but we've got to help develop those people so that they can develop the competencies for what lies ahead, for what our customers expect.
If you wanna become a big company, we want our market valuation to grow, we want revenues to grow, you've got to deliver more for customers, and they require different competencies and definitely different experiences. So this is true across the entire life cycle, from lead generation to onboarding and actually renewals. After having spent the past 100 days inside of Cloudflare, I'm more confident than ever in the opportunity that we have, and I'm therefore planning to step on the gas. Now, we have invested a lot in go-to-market. I'm super stoked with the amount that we're spending on it. I'm not talking about spending infinite amounts more. I'm talking about spending it better and more appropriately. So, you know, building and enabling this team is something I feel very comfortable doing.
I think I've got pretty good pattern recognition, and combining that with the best-in-class tech that, you know, Nitin and Dane and their teams have delivered us, you know, consistently, I think the combination is gonna be magic. Now, we've already added several senior go-to-market leaders with proven track records in their areas of expertise. You know, you heard about Tom Evans, our new Chief Partner Officer, also hired a new head of global sales strategy and operations. He's gonna knit together the customer-facing ops teams into a single, unified organization that will allow us to be able to optimize our resources in the field. I hired a new head of global sales and renewals, and so many people up and down the organization have come to join the mission.
It's not hard to recruit people to Cloudflare, and you know, given some of the success that I've had as a leader, I'm absolutely humbled at the people that wanna come and get the band back together again. And we also last night signed on a new head of the Americas, a really experienced person that's gonna bring, you know, servant-based leadership with absolute stage experience at massive scale that is really gonna add to our leadership bench and really help make a difference in our biggest theater. In addition to these senior leaders, as I mentioned, you know, just the month after I joined, we saw a 56% increase in inbound applications for sales positions, people from F5, people from Palo Alto. You know, it almost made me cry.
And the message is out. I've been telling it every day. You know, for sales professionals who want to win with great tech, great products, world-class engineering, they look at Cloudflare as a company that they can go to for the next stage of their journey, and we're more than happy to have them on board. But as we continue to add stage-appropriate talent, we're also refining our strategy to be more targeted and more structured, and more scalable, right? It's gotta be simple, it's gotta be consistent, it's gotta be repeatable, and it's gotta be, you know, federated globally. So we've got clear market segments, ranging from digital-native startups to all the way up to large enterprise, large government in the public sector, and this allows us to apply specific sales models and sales motions that address the specific challenges and opportunities within each segment.
For larger enterprise clients, our sales strategy is high touch, characterized by extensive direct engagements from our people, but also systems integrators are going to play an increasingly significant role. As we saw today, Accenture is our platinum sponsor for this event. You know, they've become a really, really good partner. Last quarter, we made public a deal that we did, a multi-decamillion-dollar deal with the National Cyber Security Centre in the U.K. And we're seeing more and more of these kinds of opportunities at the country level within the U.K. The NCSC is gonna help work with us to build a trusted DNS network that's gonna fortify the internet for, you know, workers and citizens of the U.K.
It's a massive project that we worked from the very beginning with Accenture, and we're super proud that they're gonna help us build this out, and it's really just the beginning with this project. Our medium touch model combines field and reseller efforts, supported by internal teams, typically inside sellers that are co-located around the world. The engagement level is still substantial, but it's less intense than the high touch model, balancing direct contact with efficient use of reseller networks to extend their reach, right? We can't build a better internet by ourselves. We've got to do this with the- with these partners that really extend our sales force in a very cost-effective way.
Finally, aimed at the commercial and startup segments, our low touch model is primarily driven by these inside sellers and by resellers that are taking chunks of this for us, who have business models that can support this, right? The approach is scalable, it's efficient, it's suited for segments where quick transactional sales cycles are prevalent, and that can benefit from the more standardized offerings that we have. We've become, you know, a set of services that are super easy to provision, and especially these early-stage customers can get on with very little human interaction. We're also focusing on augmenting the foundational systems and tools that are already in place with a framework of execution that applies discipline and rigor in all that we do.
Again, both before the sale, predicting when it's gonna happen so that we're keeping our commitments to Thomas and his team, and a level of execution that will be elevated. Now, this is especially true as we are increasingly targeting a larger enterprise and large government. It's a very strategic priority for Cloudflare that necessitates a refined go-to-market. It's not our sweet spot, right? It's a lot of the people that have grown up selling to small, medium business and mid-market really have to be developed and enabled to be able to sell to large enterprise, and we have to put them alongside of people that have that stage experience. But it also involves adapting both our sales and marketing strategies to ensure comprehensive 360-degree customer engagements.
Specifically, enterprises have complex, specific needs that require more than just a one-size-fits-all solution. To effectively engage with larger enterprises, salespeople, sales engineers, technical support people, customer success folks, they've each got to work together in a coordinated manner to, you know, to engage with the customer in their life cycle of engagement with Cloudflare, to understand those needs, understand the outcomes that they're willing to pay for, and to ensure that we're aligned with their goals, and that we can adjust and adapt our strategies as any opportunity unfolds. A key aspect of our 360-degree engagement strategy is maintaining deep coordination with our product org, ensuring that our solutions and services are continually refined and evolved to meet the needs of these large enterprises. Michelle likes to say, "We're just getting started," and that's particularly true with enterprise accounts.
We've got million-dollar plus accounts here at Cloudflare. They represent less than 1% of our paying customers. I'm gonna change that. Our focus this year will be to engage with these customers in 3 ways, all with the objectives of making AEs more productive, helping more of them meet their quotas, and increasing ACV overall. The first one is to communicate the value of our platform to address customers' specific strategic initiatives. Customers aren't buying licenses, they're not buying seats anymore. They're buying business outcomes, and they're scrutinizing these transactions incredibly. So we're learning to sell business value, deliver business value to customers. The second is to take things a notch lower and align our solution pillars against those customer priorities. And finally, we will look at super targeted use cases opportunistically to address bottoms-up needs as necessary.
Now, 2024 will be about learning and perfecting these approaches. That's particularly true for the first two. You know, as these are somewhat newer motions here at Cloudflare, and I'd like to drill into a little bit deeper, starting first with positioning our platform. As I mentioned earlier, we have the luxury of working at a company with an incredible pipeline of innovation, you know, leveraging our unparalleled network and our extraordinary tech stack. The customer value of our platform is significantly more than any combination of competitive point products. Simply put, platforms win, and for Cloudflare, the network is the platform, and we're not gluing together large acquisitions to cobble a story from legacy to where we are today. This is how we started. One of the keys is targeting the right audience with this platform pitch.
So often we'll get involved in a, you know, point product comparison, and salespeople are learning how to be able to take a half a step back and reiterate to whoever they're selling that, of course, we're gonna be good in SASE or Zero Trust, but I'd be doing you a disservice if I didn't tell you about how this connects to our entire platform, and how over time, as you look to consolidate more vendors, more spend into our the elegance of our architecture, we're gonna be able to provide you with compelling ROI in this. This means we've got to get more comfortable at selling high, selling to C-level executives, CIOs, CTOs, CSOs, and CFOs. So it's, it's a complex motion, but we've got the ability to do this. Next, let's talk about the layer below the platform pitch by focusing on customer priorities.
For me, these include securing websites, securing apps and APIs, protecting the network, or building new applications and improving customer experiences, and so on. By understanding customer priorities, some umbrella examples, which you will see on this slide, our AEs can then deliver solution sales play combinations against them. We're rewriting our playbooks to be able to, again, to mechanize, to be able to scale, to be able to make it simple for people as they learn the Cloudflare story, to be able to articulate that with their partners to customers. We work to get customers onto our platform because once on board, as I've said, we know that we'll be able to capture value from our highly differentiated products that, again, once using any part of Cloudflare's platform, are only just a click away to provision.
In other words, sell a combination of individual products to provide a unified solution to a customer's priorities, and then expand to selling the platform. And last, but certainly not least, although I spent a lot of time talking about what we at Cloudflare are doing internally to improve our go-to-market, partners absolutely play an equally crucial role in Cloudflare's growth strategy, extending our reach, contributing to our scalability, and enhancing our service delivery. Again, both before the sale, in terms of scaling out our sales team, and especially after the sale, to be able to deliver these large enterprises, large governments, the white glove treatment that they've received from their domain vendors for decades. You'll think back to IBM, and think back to Cisco in the 1990s, think back to even Palo Alto Networks has done a very good job of delivering that white glove service.
They need to do that, 'cause as one of my colleagues said earlier, I think it was Phil, you know, they've got a Frankenstein on their hands. That's why I'm super excited to have Tom Evans to be our first-ever Chief Partner Officer. You know, Tom and I sat down after we ironed out the deal. I think he's up to $25 an hour now. And we decided on Chief Partner Officer as his title. And that was equally to send a message, you know, internally to our colleagues, to our salespeople, to the team here at Cloudflare, that we will be a partner-led business as time goes on, but equally to our customers and to our partner community, that we're serious about becoming a valuable partner to them.
We want to ensure that all of our partners are equipped to extend Cloudflare solutions to the market with clear paths to revenue. It's services, it's making margin on our products and offerings. To this end, earlier this year, we launched the Power UP program. It's our brand new partner program, which is structured to empower partners by providing them with the tools, the knowledge, and the support necessary to successfully market and sell Cloudflare all around the world. Now, Power UP is just the beginning. Tom's here, and Tom, you know, if you don't know already, Tom was the wizard behind the curtains at F5 in their channel program. He was also the wizard behind the curtain for a long time at Palo Alto Networks.
He really gets his hands dirty and is an expert in these programs, and has got and has a great reputation in this community. They were y ou know, partners were eating out of his hands yesterday for a full day in this room. In addition, we'll be launching new incentives and benefits that will drive towards predictive profitability for them and for us. So wrapping up, if we go back to the original question posed at the beginning of my section, why did I join Cloudflare? The answer is, the market is increasingly moving to where Cloudflare is already uniquely positioned. This market, it's coming to us, and we're gonna take it. All right, with that, I'm gonna pass it on to my friend and colleague, Thomas. Thank you.
Thank you, Mark, and thanks for being on time. Thank you much for all the well wishes, highly appreciated. We should do this every big Investor Day if it keeps us on track. And since I got embarrassed, I have to embarrass Phil. It's Phil's birthday today, so happy birthday, Phil. You can have a drink to his health afterwards. Here we go. So welcome to our Investor Day. I'm Thomas Seifert. I'm the Chief Financial Officer for Cloudflare. I want to bring us all together after everything you have heard. I want to bring together how we think about the opportunities that all these products and all the markets that you were just exposed to, how we think about that, how we think about the white spaces that are around us.
I want to do a drill down on the data that we see and give you insight in some of the KPIs that we look at that allow us to lean in this transformation that Mark was talking about, that allow us to get confidence and accelerate this transformation in light of the opportunity, despite you know, a heightened macro uncertainty that we talked about. So if you think about us, we are guided by the strong belief of how we drive efficient growth at profitability and at productivity. That has always been the North Star at Cloudflare. That is what I think Michelle and Matthew built into the DNA of the company.
I want to frame this today in light of what you especially heard Mark talk about in terms of how we look at growth, where it comes from, and how it interfaces with how we think about profitability and unit economics. Growth is a very unique topic at Cloudflare. Since I joined, I always get impressed by the uniqueness and the independence of all the growth vectors that drive our top line. I want to focus on three that are really important in light of what we've been discussing today. How we think about our large customer cohorts, how that influences the decisions that Mark has, how he rebuilds his team.
Now all the great news that you heard from Rita and Annika about the products, helping us to expand our product portfolio, and how this helps us to extend into adjacent markets with this, the underlying lever we see in our top-line growth. So we have a track record of delivering growth. We've been, you know, delivering a combined growth rate of 46% year-over-year over the last years. But keep in mind, you know, when we talk about this growth rate and the revenue it delivers, we touch currently only 1% of our TAM that we disrupt. You'll shed light on that later. So just think about the white space that leaves in front of us, even at that growth rate. We've also seen and proven that we can, and that we do win large enterprises.
As you know, security and network spending shifts, Annika did a really good job showing that to the cloud, and the platform becomes increasingly critical to a broader set of enterprises. We've also seen that not only can we win at large accounts and large customers, but we have especially accelerating dynamics across the larger cohorts that we look at. So if you click down and say, "Well, let's look at large customers," in the past, we have been defining them to you as customers where we make more than $100,000 of revenue per year. So we see when we click down, an accelerating growth dynamic in the cohorts when it comes to rapid enterprise and expansion. The more a customer spends with us, the faster that cohorts grows.
And if you look at the high spend cohort of $5 million+, it grew by a factor of 25 times over the period of time that we are looking at. So the faster the bigger the customer becomes, the faster the momentum accelerates. And this does something very unique to the structure of our large customers. Today, it takes more than $1.5 million to even make it in their top 100 customers at Cloudflare. Now, we are in a situation where our top 10 customers are north of $10 million, and we are on a good track to get to north of $20 million by the end of the year. So large customer cohorts are important.
Not only do their large cohorts grow faster, they spend more dollars on us. More importantly, the bigger the customer gets, the more dollars they spend with us, the longer they live with us. The retention rates on large customers are very favorable. So when we look at a lifetime value of a customer that is north of $1 million, it's 70% more than a customer in this logo cohort. So you talk about KPIs that define our confidence that all the dollars we hand to Mark are put into good use. It's because of the opportunity we see in this enterprise motion and the acceleration of the momentum we have seen so far and the potential it has.
Keep in mind the slide that Mark just showed you in terms of the amount of $1 million customers we have today, less than 1% of our paying customers, and how that compares to some of the benchmarks of our peers. Now, you combine this momentum and potential and white space on the customer side with all the innovation you have seen. Our relentless focus on innovation is what built us. That is what we are known for. We have today more than 50 revenue-generating products and services on this platform, up from, I think, six or eight, when I joined. 50, more than 50 today, and with lots of it in the pipeline. That has allowed us to disrupt a TAM that has increased more than 6 times since 2018.
I remember when we wrote our S-1 and sized the TAM of our cloud application services, $32 billion. So 6x more addressable market from where we started less than six years ago. And what that does is gives us this unique opportunity to drive a very special land and expand strategy. This is what Mark had in mind when he said: How do we get our AEs to step back and get out of the point-to-point solution comparison and talk about a broader story? Because our single platform running on our network with all the products in one unique stack allows our customers really to expand with one click of a mouse. And if you look at the revenue contribution by product attach rates, you can see that the more products.
We see that the amount of ARR that is driven by the cohorts is that the highest cohorts in terms of product attach rates are driving the highest share of revenue in today's environment. So the combination of huge white space, significant acceleration on the large cohorts and the benefits that come to us from that in terms of dollar spend and lifetime value, combined with the acceleration from a land and expand strategy, is what puts us in this very confident mode to accelerate our transformation. Not only do we see the more products we can attach, the higher the spend velocity is, we can also see that the amount of products consumed has a significant impact on improving retention rates. And the more products we attach, the higher the retention rate is.
On a 10-product customer, a 10-product attach rate is about 20% higher than it is on a four-product on the four-product cohorts. So more products per customer, more revenue, more lifetime value, and more products per attach rate drives significantly better increased lifetime adoption and lower retention rates. So some of the KPIs that give us this confidence that we are on the right track, and the leaning in on this transformation that Mark talked about, is giving us the upside that we think we look for moving forward on our path. Let's talk about the acts that you heard about. There's a reason why we call them.
We talk about them in the serial way when we talk about TAM expansion, but they are really critical from a business strategy perspective because it involves leveraging the interconnectiveness of the products. And Annika, I think, did a really good job describing this. This is particularly true in our cybersecurity applications. And what we are seeing is that connecting and protecting customers are the external and public-facing systems and infrastructure, and that they are starting to connect and protect their internal and private systems. And, you know, there's a reason why we call them acts.
If you look at how they build on each other from a, from an ARR component, you can see now that our ability to provide such a comprehensive suite of security and connectivity services has allowed us to shift our ACV booking mix. And, the contribution from application services, Zero Trust, and the network services is now nearly two-thirds of our new ACV booking. That was some of the data so if you're looking for it, significantly up from the less than 50% we've seen in 2019. And this is the result. Again, of the driving force behind this increasing adoption rate is the comprehensive nature of our products. Attach rates, as you would expect in the early products, north of 90%.
Rita just did a good job talking about the developer platform, 2 million developers on our platform. On the enterprise side, we see 25% attach rates to enterprise contracts we sign. So the momentum is continuing, and we feel that we are on a good track from a cost perspective to take advantage of that. So Michelle would now say, "And we are only getting started." On the left side, this is, you know, I think we, in every Investor Day, we'll put in a slide where we test how granular your rulers are in terms of measuring where we are. I just wanted to show you how highly diversified this revenue is across the 50 products.
But what is much more important from a CFO perspective is what you see on the right side of the chart. Today, ARR ending at last fiscal year was about $1.4 billion. On our existing customers, on our existing customer portfolio, we think that the potential revenue opportunity, the white space we see, is north or close to $6 billion. And if you look at this from a CFO perspective, driving that platform adoption is key. It's key to our financial strategy, because this allows us to leverage our existing infrastructure. It allows us to leverage our existing customer base, and this is a good crossover into what we will talk about next.
It allows us to not only maximize growth, but it also allows us to keep profitability and margin and contribution margin structure at a really high level. So let's talk about this. How do we think about profitability, about unit economics, and how does it come together in our long-term model? I want to frame this over the next couple of minutes with you. We've been focusing on maximizing long-term shareholder value by investing for growth. Matthew never gets tired reminding us that this is where our future is, furthering innovation, but also improving our operating margin. We delivered about 8% last year, or our guidance for the remainder of the year is sitting at 10%.
That is the result of our strong commitment to the underlying unit economics that get us to that structure. So how do we look at the very, the various elements? How do we look at where cost to book come from? What is influencing them? How do we think it's going to develop? How do we look at cost to serve based on the network infrastructure we have? And you heard us saying many times how committed we are, even in light of us talking now about how we accelerate our transformation on the go-to-market side. Exiting 2023, we delivered a margin of north of 40%, and we are not satisfied with that. We think that there's room.
We want every dollar that we put into Cloudflare to deliver even more revenue, profits and, of course, at the very end, shareholder value on the other side of that equation. So let's first look at cost to book. Mark just said we make market driven decisions and data-driven decisions. You heard Mark just discuss how encouraged we are by the recovery we see on the productivity, on the sales productivity side, very encouraged by the double-digit year-over-year improvement at the end of last quarter. We see that this trend is now continuing. It gets us back to the levels that we had in early 2022. And when you have reaccelerating sales productivity, and you combine that with the improvements we see on the pipeline side, and this is what you see on the, in the blue chart.
You know, reaccelerated sales productivity, higher pipeline, gives us really this confidence, even in the near term, that we're on the right track to accelerate our transformation. Our cost to serve are what makes us unique. The strong basis of that is our gross margin. It's the unique structure of our network architecture. You heard this many times today. Every product on every server and every location gives us this unique flexibility that we have to manage capacity, cost, and demand on the surface of a network that increases with every server we install, regardless of where in the world. We've done really, really well in how we optimize this, in a world where most of our compute workload was CPU-driven for all the encryption, decryption, packet inspection we did.
We are very confident that we can keep this up in a world of GPUs. As a matter of fact, last week, I signed our, not our first purchase order for GPUs, but our first purchase order for high-end GPUs to make Rita and her developers and customers happy to have a maybe even higher content, not only on inference, but also on some of the training work that they do. And we'll do this all in the framework of our guidance around network CapEx. So we continue to work on putting leverage in our cost to serve, not only from a cost margin perspective, but allowing us where we want to invest. And you see the improvement in how we deliver cost to serve over the last years. This all comes together in our long-term model.
We've made great progress since we are a public company. Gross margins are in the range of 80%, that despite every opportunity we look forward to disrupt markets and competitors. The infrastructure team is doing a unique and really good job to keep efficiency high. You know, as Matthew would point out, it's also a reflection of the success we see on our Zero Trust side, where revenue and workloads take advantage of an infrastructure that is already in place, that is driving that. The buildup of our long-term model makes us very confident that we can support a 20% long-term operating margin and deliver a 25% free cash flow margin moving forward.
So the unit economics and the architecture of the networks driving it, I think, allows us to operate in a highly flexible operating model from a finance perspective. And as I said before, looking at the KPIs that we just shared gives us all the confidence we need to really not only lean in, but accelerate the transformation that Mark has been talking about. And I think this is how we tend to think about the world over the next couple of quarters. That is what we tried to convey on our earnings call.
I think you take away from this session and the session in the morning, that we are very much convinced and believe in the long-term opportunity, whether it is having the right network infrastructure, the opportunity of the market, the TAM we disrupt, the white space that is still in front of us. In the short term, we live in a world of uncertainty, but we are convinced that we have the right KPIs in place, that despite this uncertainty, it's the right time to invest and accelerate. So we, in the medium term, we can take full advantage of expanded sales capacity, coming online and productive at the right time, and driving and accelerating growth rates to back to where we came from.
With this, I would finish my presentation, invite the rest on, of the team on stage, and be ready for your Q&As.
All right, we're gonna have a couple microphones going around the room, so please wait until you have the mic to ask those questions so everybody on the webcast, you know, can hear, and then we'll get started in one moment. So, all right. All right.
We're doing good?
We're doing. You good?
Yeah. Okay.
All right. Well, Alex, since you were here first this morning, you get the lead off.
Well, thank you so much.
Yep.
Sound on?
Yep.
Yeah.
Yeah. Alex Henderson, Needham. Thank you so much for having us live. It's great to see you guys. And my question really is focused on your extremely prescient comments off of the last call about macro conditions and the pressures that have been very evident in the software space subsequent to that. Have you seen any changes in that those mechanics? Because it looks like it's getting tighter over the last couple of months. So can you give us any update on how you feel about the visibility on conditions? And great to see you, Mark.
Yeah, thanks, Alex.
I think I can-
Yeah.
I can probably start, and then we'll go forward. So, we sit in a very unique position to be able to see into the future in a lot of different ways. And I think that we, over the period of time since our last earnings call, haven't seen anything materially get worse. But we still have a ton of uncertainty that's in the world, and I think that is something that we have always tried to reflect what we see, and be the people who say what we do and do what we say. And I know that on the last earnings call, you've kind of scratched your head a number of times and said, "What do you see?" And I think we're watching that now play out across the rest of the space.
I think one thing that is unique about us, and makes me nervous for the world, but makes me very confident in Cloudflare, is that as the world gets scarier, there are certainly significant aspects of our business that actually get better and better. And so especially if you look at our federal business, if you look at our government business around the world, we've never seen stronger performance. And if you look at our overall pipeline, as Thomas shared, that is at a record level for us. And so the world is very scary. I think you're gonna see that across the software space. I think we were some of the first to call that, and again, we try to be people who say what we do and do what we say. I don't think it has gotten scarier for us.
I think we have, if anything, feel more confident today than we did at the time of the earnings call. But there are a lot of, again, macro concerns. And then our own internal, you know, a lot of what Mark has outlined, there's change, and there's risk that always comes with change. But there's no, there's no CEO who I would trade places with.
Yeah, and if I could just add to that. Sorry, Thomas.
Yep.
You know, just remember that a lot of the interactions that we're having with large enterprise and large government now, especially at the levels that we're talking to. I mean, almost every day I talk to a CIO or a CTO or a CFO or a CISO that's like, "I had no idea you guys do that." Like, there's four levels down in their organization are the people that we may have worked with in the past five years, and if we didn't get a deal, we maybe moved on and ignored that enterprise. And so now we've carved the territories out, so there's. So the sales teams, especially major account managers, have to focus on a smaller subset of deals, which focuses them to go higher. And with this team on the stage here, we spend a lot of time talking to those customers.
And so for me, I feel like our opportunity exists there, and this isn't a place that, other than anecdotal success that we've had in the past, we've had consistent success, and I think that's repeatable.
Now, when we give the guidance, we look at a large set of data, and we try to look far down the street, so it's not just what is in front of us for the next three months. At this point, I would completely underscore what Matthew said. There's nothing that makes us change the guidance we gave. We tried, you know. We say we are thoughtful and prudent, we mean that. If at all, the confidence interval has become better in the near term in terms of what we looked at before. But sometimes it can be frustrating to see things that and talk about things that others don't see, so thank you for acknowledging that. Joel, as you wait for Haley.
Hi, Joel Fishbein from Truist Securities. Michelle, I'm gonna ask you a question since you didn't get to speak so far, but it can go to anybody. During Rita's presentation, she talked about 78% of AI companies are using Cloudflare right now. Can you elaborate on that? And I guess, Thomas, for you, is there a way for us to understand how that contributes today and how big that opportunity could be? I know that's not the way you sort of look at the business, but that'd be really helpful, to sort of quantify that opportunity.
There's a lot of companies that have started that use AI, and they're growing like a weed, and scaling a company is hard. Good news is Cloudflare makes it easier.
And so a lot of these high-growth, early-stage new companies that have been formed turn to Cloudflare to help them scale. And that's, that's a use case that we're very, very good at. Like, they're any startup, even an AI-enabled startup. And so I think that that stat of 70% is just showing that there's this new trend that's growing so quickly. It's a customer acquisition segment for us, and we're really good at that. And we didn't have to change anything to be good at that. Like, that was one of those things where we were ready and, and we have a good reputation, and so that's a little bit more color on that. And that's here in the US and really around the world. So that's how I would think about that.
The opportunity that Rita talked about is neither reflected in the TAM charts that we showed you. It was purposefully left on the right, so it's not included, and it's not reflected in a big way in the guidance we gave, and Rita gave a good explanation for that. When you look at inference, it's really hard to predict the development of the workloads. This makes it really hard for developers to build businesses. That's why we are so ideal. You know, the downside for that, for us, is it's really difficult to predict in the short term what the revenue opportunity is. So it's not reflected neither on TAM nor in guidance, and, you know, it's like a call option.
You know, the one thing that I would add is the nature of Workers and the platform is such that when developers get to start with a blank piece of paper-
Mm.
They are choosing it as their platform of choice.
Mm.
And so the opportunity that we have is, as new areas open up, whether that was crypto before, which was a little bit more of a flash in the pan, or AI, which I think is gonna be a much more durable trend, when you get to start with a blank piece of paper, developer after developer after developer is saying, "The way Cloudflare has done this is a better way of doing it." And so the challenge for that, for us, is you can't take a legacy application and just lift and shift it over. The business model, fundamentally, of an AWS or Microsoft Azure or a Google Cloud, is they rent you a server, and that means you can run whatever you want on that. Workers is more opinionated. It means that you have to build for it.
The downside of that is we can't run SAP HANA or, you know, something that's legacy. The upside is whoever builds the application to disrupt SAP HANA is going to build it on Workers. I think that's what is really reflected in the fact that we have such an outsized market share among AI companies. They get to start from scratch, they're doing something that's new, and they're choosing Cloudflare for that. That means that as the developer platform grows, it won't have the sort of big y ou know, JPMorgan moved their entire banking application over to us. That's hard. We don't get that benefit. But I think it's actually significantly more durable, because once you're bought into that ecosystem and bought into our opinion of how that ecosystem should be built, switching from us to someone else is actually very, very difficult.
Uh, Hamza?
Yes. Hamza Fodderwala, Morgan Stanley. Thank you so much for your time today. I'll keep it to one question so Thomas can make it to his daughter's wedding in time. Congrats again. Maybe just a question for Mark and Matthew, feel free to chime in. You gave a very compelling vision earlier. Annika talked about the network and the security platform, much more simplified way of doing things versus, you know, the legacy architectures today, but you're also battling a lot of inertia. You have all these legacy systems that, you know, customers wanna migrate off of. You know, one of your predecessor companies, Mark, talked about platformization and buying out contracts.
To what extent is that something that Cloudflare can do, given the elasticity and the scalability and the efficiency of the network architecture, to really help customers consolidate and migrate off of those legacy point products?
So maybe I'll start-
Yeah, please.
the technology, and then I think Mark can talk about then the strategy of how you'd sell that technology. We've built the right solution, and it's the right solution for the future, and it can scale to meet the needs of any customer that's out there. We're confident about that. We're also confident that as customers adopt our solution, that they get an enormous amount of value out of it. So we've seen those wins that are the proof case. I think where we have not had the sophistication is, how then do we go from being the company that is beloved by individual practitioners to being the one that is thought of as the strategic partner at the CEO, CIO, CTO level? And that's gonna-- That's what, that's the next opportunity that we have.
But as we do that, there's no Fortune 500 company that exists today that shouldn't be spending $20 million a year with Cloudflare.
Mm-hmm.
Yeah, appreciate the question. I think of this in a couple of different ways. I think, first of all, I, I think if you think of our heritage, we've really built an amazing brand for, you know, a large mass of people. But like as I mentioned earlier, increasingly, as I talk to especially some of the CISOs that I've known now for 20 years, they have, like, a circa 2018-
view of Cloudflare. They're like, "Oh, it's cute that you guys did 1.1.1. It's love what you're doing for the downtrodden and giving them free services, but what does that have to do with me as the CISO for a Tier One bank?" And it's really, you know, availing them of kind of where we are now and how we're capable of delivering them really meaningful services for the next couple of decades. And I think some of that has to do with we've got to do a better job branding. We've got to do a better job engaging with executives and selling.
But that's all really part of the program as we bring in, you know, again, a blend of better-enabled people that we have today and people that have stage experience, that just have the confidence to sit down with a partner from Accenture and the CIO or the CTO from JP Morgan, for example. And so it's really, you know, it's the hand-to-hand combat that it's not gonna happen overnight, but it's certainly something that is happening increasingly. Almost every conversation I've had with the hundreds or maybe more than 1,000 of executives I've gotten to know over the last few years is been along those lines.
And so that gives me confidence that, you know, the opportunity is there because they realize that, you know, the way that technology has evolved, the way that the world has evolved, the market is coming to Cloudflare.
Sometimes I feel like our competitors mix up the -tions. You know, when they're, when they say platformization, they really mean vendor consolidation. What we offer is vendor consolidation, but onto a single platform, and there's a difference, and so-
Well, I think there's a fine line. I mean, we didn't have to invent a new word to talk about our platform. Our platform is a platform, and that's the network, right? But we have, I think, a tremendous opportunity to represent that out there.
Jonathan, in the back. Jonathan Ho.
Jonathan Ho with William Blair. Mark, you referenced ways that you could spend the dollars better, potentially, and I wanted to see if you could just maybe help us understand what opportunities you see there. And is this sort of also a veiled reference to the need to spend more to sort of develop these platforms as well? Thanks.
Yeah, Jonathan, great to see you again. Yeah, listen, I think there's been no shortage of investment in go-to-market for Cloudflare. I'll say that full stop. I've, as a board member, always advocated for the right level of spend, not too much, not too little. But now as an operator and digging into the covers, I think the way that we've spent that, you know, can be evolved to our word earlier this morning. You know, if I think of the team we had last year, and we talked about this at last year's Investor Day, we have a lot of people early in career that grew up, you know, dealing with SMB and mid-market people.
As we succeeded as a company, incredibly succeeded as a company, we got so much bigger than other companies that I've either been at or invested in that y ou know, typically this happens at the $500 million size. For us, it happened at the $1.3 billion size, where we needed to take a real hard look at, do we have the right people in the right role, focused on the right targets at the right time? And, you know, the reality is, more than half of our field resources last year were pointed at SMB and mid-market. And you can't drive consistent, you know, global success with large enterprise with, you know, just the anecdotal success that we'd had. So I think it's really repurposing some of those people.
You know, the compensation models aren't that different. Our mid-market team members make a good amount of money, but so should our large enterprise sellers. But we should expect profoundly more ACV from those large enterprise sellers, and that's what we'll get. So that's what gives me confidence, certainly in the plan, but also in the ability to repurpose that money. And I think also, just as a marketing organization, you know, we brought on a new Chief Marketing Officer about a year and a half ago, Brent Remai, an amazing Chief Marketing Officer, one of the best I've ever worked with.
He's also really maturing how we go and create pipeline, and then how we nurture and prosecute that pipeline, and then how that ends up in the hands of reps that can close that pipeline. And so, you know, really, really, I guess I would say, right-sizing the investments that we have in the cohorts of customer focus so that we can really optimize for, you know, ACV growth and productivity growth.
The other thing I'd add there, really, just quickly, is a nd this was very much Mark's doing. You know, I think we had duplicated efforts. We had teams that were in sales that were doing something, teams that were in marketing doing the same thing, and we consolidated all of that under Mark, and he has consolidated those teams. And that, that's where I think there's also a lot of efficiency that's coming in, is just de-duplicating some of those efforts.
Uh, Adam?
Hello. Hey, guys, Adam Borg with Stifel. Thanks so much for the time, and congrats, Thomas. Maybe, Mark, for, for you, just on the channel, one of the top five priorities that you talked about, what's been the initial feedback from partners? I know that you said they were here, and more importantly, what parts of the portfolio do you really expect them to help with, as you mature that relationship? Thanks.
Yeah, well, a little bit of an echo. You're talking about channel, right?
Yep.
Okay. So, and thank you for the question. Yeah, listen, I think, as you might imagine, in my first 100 days, I called a lot of the same people that I called about, you know, 11 or 12 years ago at Palo Alto. And back then, you know, both Cisco in the Americas and especially Check Point in EMEA—they were threatening their partners, that if you resell Palo Alto, we will put you in, you know, the doghouse. And I heard that umpteen times from these people 12 years ago, typically CEOs of WWT, Presidio, Accenture, others, and these people had, like, WWT had a multibillion-dollar business with Cisco back then.
I had the same conversation with a lot of those same people, and we had some chuckles because we reflected back on those conversations in 2012 and 2013, and it worked out pretty well for them, right? A lot of these were small or medium-sized regional players that grew into national players, like Optiv combined FishNet and Accuvant, and those are, you know, maybe $100 million together, and now they're a multibillion-dollar business. And so, you know, my promise to them was, firstly, my judgment about the opportunity that lies ahead and the, the order of magnitude growth opportunity that I promised back then. I see that, and, and then some here at Cloudflare over the next, you know, decade or more. So it was actually kind of fun to do that. And now bringing Tom on-
Hmm.
To be able to marshal the resources to appropriate to these partners, you know, Presidio, WWT, CDW, they were all here yesterday. And so now these are mechanized initiatives that are driving down through their organizations. Our people are going to train them, and they're really gonna become an extension of our sales force. And that's the way, you know, channel partners had to work. I said this yesterday on stage at the partner conference. You know, the reality was, call a spade a spade, we were a partner by convenience, and it wasn't the partner's convenience, it was our convenience, right?
That led to some, you know, suboptimal activity in the field, where maybe salespeople might take a deal because they might make an extra $100, or they might be able to close it faster away from a partner. Well, those days are over, I stated, and, you know, people clapped when I said that, because, you know, either you're in or you're out. You can't be half in or half out. And I think, you know, fortunately, you know, as a good, you know, normal Canadian, like Michelle here, people believe me when I make these commitments, and because I often, you know, work really hard to make them come true.
Uh, Fatima.
Hi, thank you for taking the questions. Fatima Boolani from Citi, and happy 21st birthday to Phil. Mark, I'm gonna direct this at you, but please, the rest of you chime in, since he's the bell of the ball, clearly. If I just line up some of the new KPIs that Thomas shared vis-a-vis customers with 10+ products who have a higher propensity to spend and a much, much higher retention level. I wanna go back to your 3 selling motions that you talked about in your section. Why not unilaterally go after the enterprise? It seems like you've got the requisite sales capacity experience.
You've got less than 1% of the customer base that's enterprise, and so why not sort of disproportionately focus on that top-down approach as opposed to sort of, you know, having this sort of trifurcated approach to, you know, the sales playbook now that you have a clean sheet of paper on this?
Well, I can tell you what Matthew told me when I asked this question several years ago, and I ask this same question now, is one of the reasons I fell in love with these people up on the stage here, is because they care about everyone that's on our network, the millions of free users that use our network, whether they're disadvantaged, whatever their business model is, and we care about their success. We care about the people that use this as pay-as-you-go. We're not gonna give them a different support experience, like a lot of other companies do, than we give our paying customers. It's an obligation of duty for what we do, and that's why I love this company. But I, you know,
But we did make a lot of headcount changes last year. And we heard about the 100+ people that we moved out of SMB and mid-market. But we're not gonna, you know, we're not gonna, you know, defocus on this really important cohort of customers, 'cause a lot of these customers, you know, in a previous life, you know, Airbnb bought their first product from me with a credit card.
Hmm.
They turned into a major account, you know, five or six years later. So, you know, they're the future of m any of those companies are gonna be the future of Cloudflare. But you can bet that a lot of our incremental investment, we're gonna focus on getting better and better for mid-market and SMB, but a lot of our focus and investment going forward disproportionately will go to large enterprise and to build partner programs that will allow us to scale faster.
What I would add is, it's not only an obligation to our customers at the low end, it's also an obligation to our business model. You know, we sit here today, and we talk about the cost to serve, and the margin structure we have is to a large extent because we serve the long end of that market, because we have millions of free customers and hundreds of thousands of small customers. This is why we have the data diversity, the volume of data we handle, the threat intelligence. This is what gives us the insight that drives us in being able to talk as one of the first why macro data is changing. So there's an obligation to them as a customer, but there's also an obligation to the business model.
You know, we need to be reminded that this is where the elasticity of the business model comes from. Mm-hmm.
Well, I'll just add, so Matthew and I met at HBS. We're going to our reunion this weekend, our 15-year reunion, so there's a lot of nostalgia happening right now. There was a famous professor, Clay Christensen, many of you have read of him, The Innovator's Dilemma, a lot like being a disruptor. I mean, Matthew and I took his class. He's since passed away, and, and a lot of those premises is how we built Cloudflare. If we didn't work with the free small business and mid-market, we open ourselves up to a lot of competitive threat, 'cause that's how the next startup would start. You go service the underserved, and you get big. That's what we did.
A ll of the folks who are already in the market wish they had the fact that they could service all these other customers. So what I think is really interesting about Cloudflare is, strategically, it's great for us. There are six good reasons why we serve everyone, including the threat intelligence, and it's so important. We're able to do it, and there's lots of these business reasons, but it also is strategically, it makes it really hard. A new upstart starts saying, "Okay, I'm gonna be the next better version." Who do they sell to? You have to be less than free to compete with us.
Yeah.
That's a, that's a really hard proposition. So it puts us in a position where, okay, great, let's layer on. Now, let's add in the enterprise, and it's an and, not an or, and it's all one platform that we can add on to. You know, I think that this cheesy saying that I say, we're just getting started. You just go spend some time with our customers. It was RSA three weeks ago in San Francisco, so Mark and I had the opportunity to spend a lot of time; all of us up here had a lot of time to spend a lot of time with customers. RSA is a convening event. Companies around the world came. So we saw around the world without getting on a plane, which was wonderful.
One after another, everyone's at a different part of their journey in these transformations they're making in their organizations to modernize on the enterprise side. And what I love is, one after another, it's like, "We started here. Our team loves you." The problem is most no one says that about any other enterprise solution out there. Nobody loves any other enterprise tech company out there. So they start, they're like, "Wow, we love you. Our team loves you. What else can you do for us?" And so we kinda get our toehold in. Our products work, and they deliver, and now it's, let's have a bigger conversation about what else we can do, and it's about a journey that we're gonna go on with them to help them modernize their business.
That is a huge part of the next four years of our business, and I think that what I love is we are assembling the team to be able to go deliver on all of that.
Great.
Thanks, guys. Tom Blakey with KeyBank. I just Matt, could you double-click on the $20 million, maybe spend at the, either the Fortune 100 or Fortune 500 customers that you were talking about, just where that budget would come from? Just, you know, you have a lot of solutions and a lot, you know, 50, 50 products now that Thomas talked about, up from 6. But there must be some sort of focus that gets you excited about that. And if you could maybe give some visibility to the, the duration. Again, not making a call or guidance or whatnot, but you're spending a lot here in terms of hiring, extremely great talent here, in terms of go-to-market.
I think there's a lot of questions that we get from investors around, you know, how long is it gonna take to get from A to B, especially in the context of what Mark said about a customer saving 30%-50%. You say macro in stability and volatility. I'd like to save 30%-50%, so I wonder, you know, why the duration wouldn't be kinda sooner than later. Thank you.
Yeah, you know, from the very beginning, Michelle and I would say, always say that for every dollar we captured, we should deliver 10 dollars of value. And so if we were someone spending $20 million with us, we should have $200 million of value that's captured there. And the easiest way to see that is to go back to Annika's slides and just look at the chaos that every company has. And I think what we're seeing, if you look at some of the largest, like, financial services companies, they are, they have a lot of pressure now around the word resilience. How do they make sure that they are resilient across the board? And so they have to have multiple vendors that are there.
And increasingly, as we're talking to financial services companies, we had one of our, you know, largest wins with a financial services company, a $10 million contract, this last quarter that we talked about. What we're saying is, what's really unique about Cloudflare is we can do so many different things. And so the question earlier was, you know, do you have to in order to win, do you have to tear out a bunch of the legacy? The answer doesn't have to be yes. The answer, at least initially, can be, listen, you may have an existing incumbent provider that's doing all of the different things that you, that you have, but now the regulator is saying you need a backup. And we're like Avis. Like, we're happy to be number two today, right?
But we can be your number two across a lot of your organization. So you can say: Listen, I'll provide, I'll use Cloudflare as my backup for 50 different services that are out there. And then what we ask is just let us make, let us prove that we're better in each of those opportunities, and then step into that pole position as the number one provider. And I think that for larger legacy companies, as we talked yesterday with our advisory council, and I said, "The big word that we're focusing on is resilience," that what everyone is saying is, whether it's, you know, if somebody's an existing Zscaler customer, how do we make it easy for them to say, "Well, I'll use Zscaler and Cloudflare"? If somebody's an existing Akamai customer, how do we say, "We'll use Akamai and Cloudflare"?
If they're an Imperva customer, how do they, you know, do those things and layer that on? And over time, because we have a better network, because we have a lower cost to serve, because of the fact that we, we can deliver this, I think it's actually really easy for us to take that pole position and be that strategic vendor that's there. And so today, I think $20 million from every Fortune 500 company is, is very achievable. I think that that budget comes from simplifying. I think that the ROI on that is extraordinary, and I think we've got a really clear path to make that case without somebody having to buy into the entire platform day one, but say, "Listen, I'll make you number
that backup solution for a bunch of things, and then over time, we know that that's then the way that we win, the overall solution, and they wake up, and it's not $20 million, it's $100 million with us, but they've saved $1 billion on that journey.
Yeah, so Mark, that's a motion that I know you know.
Yeah, yeah. I'll just add, you know, we all read with interest over the last three months about this Fortune 10 healthcare company, diversified healthcare company that was, you know, ruthlessly breached in the last three months. And then, one of our security-only vendors, you know, announced they did a nine-figure deal. I know that almost nine figures of that was a renewal, and a little bit extra of that was some expansion. This is just for their security estate and just for a part of their security estate, you know, well over $100 million. And so, you know, I think of $20 million as chump change.
I think we think about some of these large enterprises today that are looking at, you know, $20 million deals, like the deal we did last quarter at National Cyber Security Centre in the U.K. So yeah, the people that, you know, that my team are gonna lead are not afraid to chase, you know, big multi-deca-million-dollar deals and do that with the partners that can help us, you know, be very, very relevant quickly.
All right, we need to keep us on track for Thomas. So Matthew, in the last couple of minutes here, do you wanna have any sort of closing statements through the Investor Day before we then head over to lunch? Which, by the way, is gonna be in Hub Two, if we can clear the room. And so-
First of all, congratulations to Thomas.
Thank you.
Very nice. Thank you.
He is going to scamper out of here very quickly. I said, "Well, can't, couldn't we get him a helicopter?" So we were like, "We've already done that." So he's flying out.
Well, taking care of.
Well, yeah. Again, I think that we try to be, again, the people who do what we say and say what we do. And we try to let you know everything that's good about the business and bad about the business, and the challenges that we see. I have never been more excited about the future of what we're doing. I think that Rita and Annika are just such incredible product leaders, have done such a great job articulating some of the really exciting opportunities that are here. So I wanted to acknowledge them and thank them for everything that they did earlier today. So appreciate that.
I think the world is a scary place right now, and I think you're going to see a sorting of those companies that are must-haves versus nice-to-haves. I feel very fortunate that as the world continues to be a scary place, as there are conflicts around the world, as we see that ramping up, and unfortunately, we see that in cyberspace, often as a leading indicator of what then happens in kinetic space. It's not getting easier out there, but there is no CEO that I would trade position with.
I think there is no company that is better positioned to service that increasingly complicated world, and we'll get through it, and Cloudflare will be part of the solution that helps the world get through it, and I'm proud of the role that we play in helping protect the internet going forward. As the business, again, we're sort of reflecting on 15 years of being working on this one way or another. Neither Michelle nor I are satisfied with anything short of being an iconic technology company, and we're not there yet. And that is something where, you know, iconic technology companies do act as leaders in uncertain times.
And so I'm proud of our entire team and the role that we're playing in shaping that, but I'm also proud of the business that we're building and the opportunity we have, and couldn't be more proud to have Mark on board. So-
Thanks.
Anyway, thank you so much for being here.