What's Next for Netskope

I'm honored to team up with Francis Odum (Software Analyst Cyber Research) and CJ Gustafson (Mostly Metrics) for this deep dive article. Enjoy!

Netskope just became the second cybersecurity-related IPO of 2025. The company filed its S-1 on August 22, 2025 and went public 27 days later at a $7.26 billion offering valuation.

The journey of Netskope is a remarkable one. The company was founded in 2012, raised $1.44 billion in capital, and played a defining role in shaping the market category we know as Secure Access Service Edge (SASE) today.

For Netskope, going public represents both a significant milestone and an inflection point that could alter the trajectory of the company for better or worse. Their performance over the next few quarters will set the tone going forward, as will their ability to execute and capture market share in AI Security.

Inside this analysis, you’ll find:

The story of Netskope’s history and evolution, from its origins as a CASB pioneer to a broad SASE platform
An assessment of Netskope’s technical capabilities across SASE, DLP, and AI Security
Netskope’s AI strategy, future vision, and potential competitive advantages
A financial analysis based on Netskope’s S-1 filing and evaluation of the company’s valuation metrics
Netskope’s business strategy and competitive landscape
A summary thesis, including the bull and bear cases for Netskope’s next chapter as a public company

Use this report to understand the evolution of Netskope’s business, its product strategy, financial performance, competitive landscape, and path forward as a public company.

Company History and Evolution

Origins as CASB pioneer

The story of Netskope is closely aligned with the story of SaaS. Without the rise of the large enterprise SaaS applications, we wouldn’t be talking about a Netskope IPO.

Salesforce started gaining enterprise adoption in the early 2000s as an early pioneer of SaaS, but one (generally unregulated) application isn’t enough to set off alarms for security leaders.

Amazon AWS launched in 2006. Their primary business is IaaS/PaaS, not SaaS — but moving infrastructure workloads to the cloud was the hook enterprises needed to start getting comfortable with SaaS.

Several of our current SaaS juggernauts started reaching enterprise-grade scale and security by the late 2000s. Microsoft Office 365 started around that time, as did Google Workspace (formerly Google Apps and G Suite). Workday (HRMS) and ServiceNow (ITSM) also brought essential enterprise functions to the cloud.

Once you've got email, docs, spreadsheets, HR, and ITSM in the cloud, the enterprise floodgates are open. SaaS started to go mainstream for enterprises in the early 2010s. Collaboration joined the party — names like Box, Dropbox, Atlassian, collaboration apps (Yammer, HipChat, Skype Enterprise, Slack), and dozens more.

Enter Netskope. The company was founded in 2012 as one of the defining Cloud Access Security Brokers (CASB) on a mission to secure SaaS apps. Network security was very different in 2012. Firewalls and VPNs were the way enterprises secured their perimeters. B2B SaaS effectively broke the architecture when cloud-first started becoming the default option for CIOs.

CISOs needed an answer for widespread SaaS adoption as core business processes and sensitive data moved out of the network and into the cloud. Netskope and CASB quickly became a major part of the solution for securing SaaS apps outside the network perimeter. Traditional Secure Web Gateways (SWG) weren’t enough (and were designed for broad traffic filtering, not deep integration and inspection for specific apps). Netskope became famous for its granular controls and data-centric visibility over a wide range of B2B SaaS applications.

The secure networking and cloud security markets moved quickly, though. The emerging CASB market Netskope helped pioneer started to converge with adjacent market segments. The race to the market we now know as Secure Access Service Edge (SASE) was on by the middle of the 2010s.

Netskope stepped up with world-class execution and financial backing to scale from its CASB roots to a multi-product platform. The company grew rapidly as SaaS became the default for new enterprise software purchases. Netskope disclosed 600% year-over-year revenue growth and 500% year-over-year customer growth in 2015, grew by 400% again by 2016, and followed it up by tripling revenue the following year. Unsurprisingly, they were a unicorn by 2018.

Their early financing rounds mirrored their growth, with $400.1 million raised across six rounds (Series A-F) between their founding date in 2012 and the end of the decade.

Transformation through market evolution

From a market perspective, buyer demand and analyst influence started driving the convergence of SWG, CASB, Zero Trust (ZTNA), SD-WAN, and NGFW. Gartner coined the term SASE in 2019 and put a name (and serious analyst clout) behind the market convergence that was already happening.

Nothing drives market change like a crisis, though — and the COVID-19 pandemic was exactly that. The rapid shift to remote work and acceleration of digital transformations pulled forward years of change into a short and intense period of time.

Combine a global pandemic with peak cybersecurity market hype for investors, and you’ve got the ingredients for IPO-level scale. Netskope was a promising company before the pandemic, but the early 2020s changed its trajectory forever.

Netskope entered the decade as a unicorn with $400.1 million in total financing. By the end of 2021, they had raised another $640 million of later-stage capital and reached a $7.5 billion valuation, one of ~15 privately held cybersecurity-related companies to reach a valuation of $5 billion or higher.

Add on a $401 million convertible note in 2023 to create some breathing room from 2021 venture round to…whenever the software IPO window opened again…and you get to a grand total of $1.44 billion in financing. That’s the third highest total ever by a cybersecurity-related company after Wiz and Lacework.

As they say, it is expensive to build important cybersecurity companies. Netskope is no exception.

To their credit, they executed. Netskope deployed their capital wisely and made a critical strategic choice: becoming a multi-product security platform instead of sticking to their core CASB market. This graphic from the S-1 is a nice visual summary of the timeline and evolution of their platform:

They expanded from CASB into SWG, ZTNA, and eventually a full SASE offering (and beyond). They also invested heavily in building their own global private network (NewEdge, not to be confused with the New Edge Labs acquisition) to support inline traffic steering and performance.

Netskope’s rapid platform expansion was driven by both organic product development and inorganic M&A. They’re one of the most low-key active acquirers in cybersecurity, with eight disclosed acquisitions (no price disclosures) and at least a couple more undisclosed deals:

Netskope could go down as one of the all-time greats for tuck-in M&A execution. Customers generally like their products, analysts consistently rate them highly in market maps, and (as the S-1 shows) they’ve performed relatively well financially. This trifecta is extraordinarily difficult to pull off.

Brand recognition challenges and market perception

Despite their rocketship growth (by pre-AI standards), valuation, capital raised, analyst rankings, and all of the other reasons companies make noise and get recognized, Netskope hasn’t yet become a household name like Wiz and a few other cybersecurity contemporaries.

Increasing awareness and brand recognition is such a big strategic priority for Netskope that co-founder and CEO Sanjay Beri has named it as a driver for going public multiple times. From the WSJ: “Our biggest focus is just awareness. We know if we get an at‑bat, in baseball terms, we have a great chance of getting on base and doing well, so when I look at going public, for me, it’s an awareness event.”

That may seem like a bizarre strategy, but you need all the brand recognition you can get when you’re directly competing against the likes of Palo Alto Networks, Fortinet, Check Point, Zscaler, and other well-known companies.

Industry analysts know and recognize them, which is a good place to start. They’re consistently recognized as a leader in various market reports by Gartner, Forrester, and IDC. Strong analyst ratings are helpful, but not sufficient, for building a successful cybersecurity company at scale.

Most cybersecurity leaders are familiar with Netskope, but familiarity doesn’t always translate to pipeline and growth. For some, Netskope is the CASB company that raised a bunch of money and fell off the radar during the economic downturn.

That’s not true, of course. Netskope is going to be one of the first ZIRP-era companies who made it through to the other side. Perception can take time to catch up with reality, though — especially in a noisy cybersecurity market where buyers are tired of hearing about Zero Trust.

Combine all of this with an outsized international customer base, and you can see why brand recognition and perception are an ongoing thing Netskope has to keep working on.

Technology and Product Analysis

Netskope is increasingly positioning itself not just as a SSE leader but as a full SASE platform. While its reputation was built on best-in-class cloud security controls such as CASB, SWG, and ZTNA, Netskope has steadily expanded its portfolio to include networking capabilities like FWaaS in 2021 and SD-WAN in 2022.

By integrating these networking and security layers into a single cloud-native fabric, Netskope delivers on the original Gartner vision of SASE, being a leader in Gartner® Magic Quadrant™ for SASE Platforms in 2024 and 2025. It is a converged platform that ensures users can securely and efficiently connect to applications, data, and services from anywhere.

The market opportunity is significant. Netskope believes its unified solution addresses a large TAM that is projected to reach $138.9 billion by 2028, growing at a 16.8% CAGR from 2024 to 2028.

The graphic below (from the S-1) shows a comprehensive overview on the Netskope One Platform, a cloud-native, converged security and networking platform that delivers a single stack rather than a patchwork of point tools.

Rather than building separate AI Security tools, Netskope has intentionally made AI and Data its two key pillars in its entire NewEdge Network, attempting to weave these ideologies into all its products. This image showcases how Netskope brings together DSPM and context-aware DLP capabilities together across its entire stack to mitigate data risks and ensure compliance.

Below is a deeper analysis on the core SASE platform as well as how Netskope is leveraging its SSE infrastructure to wedge into AI and Data Security.

Core Netskope One SSE Products

CASB: Netskope’s CASB delivers comprehensive and adaptive visibility and security controls for cloud and SaaS. Part of their CASB operates out-of-band, connecting to SaaS platforms through API integrations to monitor activity and enforce policies instead of requiring all traffic to be routed for inspection.

It provides access control, threat protection, and data protection across sanctioned and unsanctioned apps. The CASB combines out-of-band capabilities such as data and threat detection, SaaS app inventory, remediation, and event log analysis with real-time preventive enforcement for both human and non-human entities. This dual inline and out-of-band approach gives enterprises visibility into SaaS data at rest through APIs, while also enforcing inline controls on live traffic.

Netskope is the industry’s first Gen AI powered CASB, which is intended to expedite and automate the process of risk categorization for new SaaS applications. In addition, security teams can leverage self-serve risk categorization for novel SaaS applications and can use natural language queries for detailed LLM-driven risk insights of SaaS applications.

At the same time, Netskope prides itself on having a strong DLP integration, providing a high degree of data protection and compliance across all apps and users. The solution uses AI, ML, deep learning, Natural Language Processing (NLP), Convolutional Neural Networks (CNN), and trainable ML to proactively identify and protect critical data. Netskope One CASB delivers this protection using a catalog of over 3,000 data classifiers and 1,800 file types.

Compared to competitors such as Zscaler, Netskope has historically been stronger on DLP integration and granular data controls within CASB. Zscaler, by contrast, emphasizes scale, performance, and ecosystem reach, leveraging its Zero Trust Exchange to inspect all SSL and internet traffic globally with proven throughput and speed.

SWG: Netskope’s SWG is positioned as the foundation of SSE for inline web and SaaS security. It provides real-time traffic inspection, URL categorization, malware detection, SSL/TLS decryption, and deep content inspection, with threat defenses delivered consistently across all controls, including sandboxing and AI/ML-based malware detection. Unlike traditional web proxies that primarily focus on URL filtering, Netskope’s SWG decodes SaaS applications, analyzes content and context, and applies adaptive access policies. It also extends protections to cover non-web traffic, risky websites, and unmanaged remote access, consolidating functionality that previously required multiple tools.

Netskope’s SWG uses ML models for URL categorization, analyzing not just domains but page content, metadata, and visual elements to more accurately classify sites beyond traditional URL filtering. The SWG also leverages AI/ML for threat detection and anomaly detection, with models trained on cloud-scale traffic patterns to identify suspicious behaviors and cloud-enabled threats. Netskope documentation notes that SkopeAI includes behavioral anomaly detection and other adaptive learning techniques, which allow the platform to flag and respond to emerging attack vectors more effectively than static signature approaches.

While this enables the SWG to detect both known and previously unseen threats in real time, the company’s capabilities are more so an evolution of machine-learning–based classification and detection rather than as novel generative AI. Combined with its deep DLP integration and single-pass inspection architecture, Netskope’s SWG acts as a more context- and data-aware enforcement point than traditional web proxies, though independent validation of its AI advantages over competitors remains limited.

While Netskope’s SWG is formidable, Zscaler pioneered the large-scale, cloud-delivered SWG and still dominates in terms of customer base and deployment scale. Zscaler’s SWG is proven at very high throughputs and global volumes. Netskope differentiates itself with its single-pass architecture, AI-driven inspection engines, tight DLP integration, and performance SLAs tied to the NewEdge network. In fact, performance testing Netskope conducted in May 2025 demonstrated a lower latency for connections to its NewEdge network in leading cities globally than those of Palo Alto Networks and Zscaler.

However, Zscaler remains the “safe” choice for many enterprises due to its long-standing scale proof points, especially in handling massive SSL/TLS traffic. To overtake incumbents, Netskope must continue to prove that its AI-enhanced SWG can scale as reliably as Zscaler and other established players while maintaining the performance and visibility advantages promised by its architecture.

DLP: Netskope’s DLP is one of the strongest pillars of its SASE platform and sits at the heart of its “secure data everywhere” vision. Unlike point products that focus only on specific layers, Netskope extends DLP consistently across web, SaaS, IaaS, private applications, endpoints, and even email. By running through its NewEdge backbone, DLP policies are applied close to the user in real time, reducing the latency challenges that often plague intensive inspection. This convergence is intended to make DLP a unifying control plane, allowing enterprises to set a single policy for sensitive data and have it follow workloads seamlessly across all environments.

AI plays a central role in Netskope’s DLP architecture, but in a measured way. Machine learning classifiers, OCR for images and screenshots, and behavioral context enrich the platform’s ability to recognize sensitive content more accurately than traditional regex-based rules.

Netskope also extends DLP directly into generative AI workflows for monitoring prompts, preventing sensitive uploads into public models, and inspecting AI-generated outputs for inadvertent leakage. In practice, this means that employees cannot paste intellectual property into ChatGPT or accidentally exfiltrate regulated data through a Copilot response without Netskope detecting and enforcing policy. The company’s framing of this as “secure enablement of AI” reflects its intent to make AI safe to use in enterprise rather than simply blocking it altogether.

Where Netskope is most credible is in its multi-surface enforcement and unified policy fabric. Many API-only or SaaS-native DLP vendors can discover data risks after the fact, but Netskope’s inline presence means it can act immediately to block or redact risky transactions. The ability to apply the same DLP controls to SaaS traffic, private applications, and web browsing is a real differentiator, particularly for organizations that want consistent governance across hybrid work environments.

Enterprises also benefit from the operational simplicity of a single policy console and the global enforcement made possible by the NewEdge footprint.

That said, some of Netskope’s claims require context. The assertion of being the “most comprehensive and advanced cloud DLP” is ambitious given that competitors like Zscaler, Palo Alto, and Microsoft Purview offer equally broad capabilities, each with its own edge. Zscaler, for example, still leads in proven global scale and throughput for TLS/SSL inspection, which can be critical when AI data flows grow in size. Palo Alto Networks delivers deeper threat intelligence integration through Unit 42 and WildFire, something Netskope cannot match at the same breadth. Specialized data security vendors such as Varonis, Cyera, and BigID also offer exhaustive DSPM, data classification, and (primarily) out-of-band DLP for complex data estates, albeit without the dual inline and out-of-band prevention Netskope provides.

Another area to watch is how well Netskope can keep up with evolving AI risks. Current policies cover prompts, embeddings, and outputs, but threats like prompt injection, model inversion, and inference leakage are emerging quickly. Netskope’s AI is primarily machine-learning, data-driven classification rather than novel generative AI techniques.While effective today, it risks being perceived as “incremental” compared to newer AI-native players. Similarly, while the platform reduces false positives with ML, tuning remains a challenge for enterprises with highly diverse data, and blind spots may remain in legacy data stores or niche SaaS apps with weak APIs.

Looking forward, Netskope’s growth hinges on demonstrating that its AI-driven enforcement can scale as reliably as Zscaler’s and match Palo Alto Networks’ breadth of ecosystem integration. If it succeeds, Netskope is well-positioned to benefit from enterprises consolidating point products into unified SASE stacks, a trend analysts expect to accelerate as hybrid workforces and generative AI reshape network and data security priorities.

Netskope's AI Ambitions and Pillars

Netskope's three-pillar AI security framework includes:

Data Protection: DLP, sensitive data monitoring, policy enforcement
Threat Protection: Runtime security, supply chain protection
Content Moderation: Filtering profanity, bias, harmful content (upcoming capability)

This represents far more than a tactical response to emerging AI risks. It's a calculated positioning for what the company envisions as the inevitable convergence of AI and enterprise infrastructure.

By anchoring data protection, threat protection, and content moderation within their existing SSE platform rather than building standalone AI security tools, Netskope is making a bet that AI will become so deeply embedded in business operations that separating "AI security" from "enterprise security" will become meaningless.

Their consolidated architecture positions them to enable enterprises to confidently embrace AI transformation at scale, transforming from a network security vendor into the foundational infrastructure that governs how organizations interact with artificial intelligence.

This isn't just about securing AI applications — it's about becoming the control plane through which all AI-human collaboration flows. If Netskope’s strategy works, they can position themselves as kingmakers in both security and determining which AI technologies enterprises can safely adopt.

Their strategic advantage lies in leveraging their existing customer relationships and nine years of API intelligence to create switching costs that would make it prohibitively expensive for enterprises to replace them. Netskope wants to embed their platform so deeply into the AI decision-making process that they become indispensable to digital transformation itself. In essence, while competitors are building point solutions for today's AI security problems, Netskope is architecting the nervous system for tomorrow's AI-native enterprise.

Architecture: How Netskope is leveraging its SSE infrastructure to wedge into AI Security

Netskope's approach to AI security builds upon their architectural leverage, using their decade-long investment in SASE infrastructure and deep packet inspection capabilities as a moat against pure-play AI security startups.

Their existing SSE platform already has a strong vantage point to monitor AI runtime behavior, intercepting every API call, JSON payload, and data exchange between users and AI applications in real-time. This positioning allows them to extend their DLP engines to understand not just what sensitive data is moving, but how it's being transformed and utilized within AI workflows.

If this strategy works, they can create a comprehensive view of AI supply chain risk that competitors would need years to replicate.

Netskope’s competitive advantage becomes particularly pronounced when examining their use case execution.

For user access security, Netskope doesn't need to build identity integrations from scratch because they already authenticate and authorize millions of users daily through their existing zero trust framework.

When protecting custom AI applications, their DLP on-demand service can instantly plug into any homegrown AI tool through APIs they've been perfecting for nearly a decade, while startups struggle to achieve enterprise-grade integration depth.

For data pipeline safeguarding, their DSPM capabilities naturally extend to protect training datasets and vector databases because they already understand data lineage and classification at scale.

Their strategic insight is recognizing that AI runtime protection and posture management aren't net-new security categories. They’re natural extensions of network security fundamentals.

While AI security startups are required to invest in building basic infrastructure capabilities, Netskope transforms existing customer deployments into AI security platforms through software updates, creating immediate time-to-value and eliminating the friction of new vendor evaluation cycles.

This architectural inheritance means they can focus their R&D entirely on AI-specific threat detection and response rather than rebuilding networking, identity, and data protection foundations.

Financial Analysis

If you want a comprehensive look into Netskope’s financials, CJ Gustafson has a full breakdown of the S1 over at Mostly Metrics. This part of the report includes the key points from CJ’s analysis in the context of Netskope’s broader strategy and market positioning.

Revenue scale and growth dynamics

Netskope’s ARR was $707M as of July 2025, growing at +33% YoY. Their TTM Revenue was $616M (as of July 2025, +31% YoY). This is real revenue they recognized, looking back over the last 12 months.

This makes them one of largest scale cybersecurity companies ever to go public, but we’re also in a period where investors value revenue scale. Netskope may have gone public years ago (with far less revenue) if the market hadn’t turned on subscale IPO candidates.

They have 4,300 customers, growing at +21% YoY. Their customer mix slants towards enterprise, with 30% of the Fortune 100 and 18% of the Global 2000. They’re not just selling to Series B CTOs. Their ICP is a public company CIO.

Netskope’s revenue scale and growth are all about large customers. They have 111 customers spending +$1M a year, representing 37% of total ARR and 32% YoY growth. There are also 1,372 customers with ARR +$100K, representing 86% of ARR and 29% YoY growth. One customer makes up ~3% of revenue.

41% of revenue comes from outside the U.S., which is unusually high for a security company still sub $1B in scale. Much of this is already routed through their global NewEdge infra — not just hyperscaler data centers. This suggests Netskope may actually be ahead of rivals in building a true global GTM. And it justifies infra spend more than initially assumed.

Netskope’s contracts are typically multi-year, priced per user, and sold top-down into large enterprises. This is a classic field sales motion, supercharged through the channel — not a PLG tool you swipe a credit card for.

Most deals are brokered by partners, not direct AEs (although reps still get paid handsomely to work with partners and usher deals over the finish line). It allows for global scale, and access to juicy multi national CIO budgets, but it distances Netskope from end-user feedback loops and pricing power.

Upsell is a big lever. Netskope’s products are modular, which means once they land with one or two services, there’s plenty of room to tack on more — like data loss prevention (DLP), zero trust access, or browser isolation.

They also charge more if you want traffic to run through their private NewEdge network — think of it like a fast lane on the highway…that you pay extra for.

Profitability roadmap and unit economics

Netskope lost $170M in the first half of FY26. That’s down from $223M the year before, which is progress, but still deep in the red.

The company managed $9M in positive operating cash flow for the first time ever right before the filed the S1. This could be real efficiency gains or some well-timed invoicing. Either way, they’ll need to prove it sticks.

Their headcount growth is keeping up with, and has historically outpaced, revenue growth. They’ve more than doubled staff over the last two years. They are very much a security company born in the 2010’s applying the field sales / cloud based / reseller / ENT SaaS playbook.

They will not be breaking any world records when it comes to “doing more with less people”. Their revenue per head is closer to Series C or D levels than that of a public company.

The path to sustained profitability travels through S&M. Looking at the last six month period, Sales and Marketing dropped from 60% of revenue to 45% YoY without a hit to growth. That’s a sign they’ve found some GTM efficiency, likely due to scale and channel leverage.

In absolute terms, Sales and Marketing costs only grew 7% year on year while GAAP revenue grew 31%. Total S&M dollars spent actually decreased when you compare the most recent 6 month period to that in the prior year.

Valuation framework and multiple analysis

Netskope last raised money in 2021 at a $7.5B valuation. They’ve pulled in $1.4B total from a deep bench of crossover names: ICONIQ, Lightspeed, Accel, Sequoia, and SoftBank.

They still had $261M in cash on the books as of July 31. So while some extra padding would be nice, this IPO wasn’t about plugging a hole. It was about giving those early investors a path to liquidity, and giving the sales team a new slide for the next QBR with [Big Bank XYZ] on it.

Netskope priced its IPO at $19.00 per share, bringing in $908.2 million in net proceeds at a $7.26 billion opening valuation. It’s fair to assume they wanted to clear that $7.5B mark. That said, a (roughly) flat round in public is still a win in this market. Especially if it buys you brand equity and a path to liquidity.

Companies that are burning money (as Netskope is) are valued using multiples of revenue, estimated to occur over the next twelve months, relative to their enterprise value.

For context, the median SaaS company is trading in the 5x forward revenue range.

Within the security sector more specifically, CheckPoint is clocking in at 6x, Fortinet at 8x, and SailPoint at 10x. Anything over 10x is historically considered a premium multiple reserved for the best companies. Palo Alto is trading at 12x, Zscaler at 15x, and and CrowdStrike, while not a direct comp, at 20x.

At 31% GAAP revenue growth, Netskope is at the high end of this range, but at the low to mid point in terms of absolute revenue as they are still sub $1B.

The biggest difference is all of these companies are profitable, or break even (Rubrik being the exception). If Netskope’s sales slow, it will make their cash burning profile even less attractive, and decrease their multiple accordingly.

Business Strategy, Competitive Landscape, and Benchmarking

Direct competitive assessment

Netskope's positioning relative to a strong set of (mostly public) competitors in the SASE market is one of the most interesting insights we get from having their financial data.

Revenue disclosures aren't perfect because SASE is just a business unit for a lot of these companies, so they don't have to disclose revenue (or any other metrics).

A few interesting data points from relevant company disclosures:

Netskope itself disclosed $707M ARR growing at 35%. Customers include more than 30% of the Fortune 100 and 18% of the Global 2000.
Palo Alto Networks just disclosed $1.3B SASE ARR growing at 35% YoY. They have over 6,300 SASE customers, including one-third of the Fortune 500.
Fortinet disclosed $1.15B SASE ARR growing at 22% in its Q2'25 report. They're currently investing $2B to build their own SASE infrastructure (conceptually similar to Netskope's NewEdge network). They also made a bold prediction: "We do believe we'll be the #1 SASE player in the next few years."
Zscaler disclosed $2.9B of total ARR in its Q3'25 report. Their product/BU revenue disclosures are hard to break out. Roughly assume most, but not all, of their ARR is from their core SSE/ZTNA business.
HPE disclosed $1.16B of revenue (not ARR) for its Intelligent Edge business segment in Q2'25 with 45% ARR growth. This includes more than SASE, but that's a big part of it.
Cato Networks isn't public yet, but they disclosed $250M ARR growing at 46% back in February. This disclosure is highly relevant both as one of Netskope's closest competitors and as a future IPO candidate.
Cisco, Check Point, Broadcom, Cloudflare, Versa Networks, and other regulars in SASE/SSE-related analyst reports don't disclose revenue, but all are relevant players.

Netskope’s primary SASE market is both busy and intensely competitive, with both established and emerging companies competing to be the market leaders. It's also a big market, which is part of the reason why you see several companies putting up large revenue figures and double-digit market share.

Netskope is holding their own against the competition, both financially and strategically. They clearly feel there is enough room in the public markets for another company in this category and now is the time to take their next step.

Market positioning and security sector benchmarking

Competition is the crux of the story for Netskope, both strategically and financially. Public markets are all about comps, which means Netskope is always and forever going to get compared to companies like Zscaler, Cloudflare, and Palo Alto Networks.

Comparisons to public market superstars can be both good and bad. Netskope is hoping the comparisons are good for them post-IPO, and they could be right. Their stock has been holding at just under 20% above the IPO price, but they’re still in the early days of being a public company. They’re going to need to keep putting up Rubrik-like numbers post-IPO to maintain (let alone exceed) their valuation.

Broader cybersecurity (and related) comps matter, too — especially in terms of scale and growth rate. Even at $707 million in ARR, Netskope will be one of the smallest cybersecurity-related companies in public markets once they list. Here’s a sampling of cybersecurity-related companies and their current ARR, including Netskope:

Netskope’s current scale is well above the sub-$200 million LTM revenue scale some cybersecurity companies were going public with as recently as 2023. Many of those subscale companies have been taken private. The ones that remain are, for the most part, performing steadily (at worst) and setting the bar for the software sector (at best).

A good post-IPO outcome for Netskope would be following the path of Rubrik, SailPoint, and Varonis (CyberArk too, but excluding them after their recent acquisition announcement). If their ARR growth keeps trending up and profitability metrics keep improving, they’re going to have a home in public markets for a long time.

Recent IPO Context and Market Timing

The two best comps we have for relative IPO performance are Rubrik and SailPoint, cybersecurity-related companies who went public in late 2024 and early 2025, respectively. Both companies have been solid performers since going public. Rubrik, for its part, has been a (somewhat unexpected) darling of the software sector.

Netskope benchmarks relatively well against both companies’ financial metrics at the time of listing. Rubrik had $784 million subscription ARR at 47% growth. SailPoint had $813 million ARR at 30% growth.

Netskope’s $707 million is just below both, but close enough that most investors won’t lose sleep over it. Their 33% ARR growth isn’t astronomical, but comfortably above the cybersecurity sector median of ~20%.

Market timing

The market timing for Netskope is somewhat of a mixed bag with more good news than bad news. There's rarely a perfect time to go public. This was about as good of a time as any given the market volatility we've seen in the IPO window during the past year.

The good news is that recent cybersecurity-related IPOs have gone well. As mentioned earlier, both Rubrik and SailPoint had successful IPOs. Rubrik has had an even more successful run in the quarters following its IPO. Their stock is up 179% since opening day. SailPoint is currently down 15.9% YTD, but they’ve only had two reported quarters so far.

Cybersecurity stocks in general have performed well this year, with many scaled ($1B+ revenue or ARR) companies significantly outperforming the market. Three cybersecurity-related companies (Cloudflare, CrowdStrike, CyberArk – four if you count Palantir) are in the top ten highest EV/NTM revenue multiples for the overall software industry.

The bad news is that it's hard to live up to the standards of the top performing public cybersecurity companies. All of our sub-scale companies (less than $1B revenue) other than Varonis are down YTD. Netskope's revenue profiles as a subscale company, but their growth rate ranks among the best in cybersecurity.

The last bit of bad news for Netskope is that it's hard to follow a generational IPO like Figma, plus four other good ones in CoreWeave, Chime, Circle, and StubHub. Figma had an unbelievable debut spike and has been volatile since, but is still sitting well above its IPO price. Everyone besides StubHub had strong debuts but leveled off in the time since listing.

Paraphrasing Vanguard founder John Bogle: “In investing, you can’t time the market. You can only give it time.” Netskope is taking a long-term view here and giving themselves time to gain visibility and grow into a higher-profile public company.

Investor sentiment and reception dynamics

Reactions since Netskope's IPO filing have generally been positive to neutral with a bit of negative critique about specific metrics mixed in. Jason Lemkin (SaaStr) called Netskope’s S-1 “a really, really good one.”

It goes without saying that Netskope is not Figma (or Wiz, in cybersecurity parlance). Their IPO did not attract the same level of good karma and buzz. This felt a bit more like Rubrik or SailPoint, and that’s okay.

It's hard to directly compare Netskope to SailPoint because SailPoint spent nearly five years as a public company before being taken private and re-listing in 2025. Investors and analysts were already familiar with them and were never far out of touch during their three years as a private company under Thoma Bravo.

Rubrik was a different story. Much like Netskope, public market investors weren't very familiar with Rubrik either. This explains a lot of the pre-IPO skepticism people had about Rubrik and their good-but-not-great S-1 metrics. We all know the story since then, with Rubrik lighting up the scoreboard quarter after quarter in their time as a public company.

This was a rare feat and something that's unfair to project onto Netskope. The lesson to take from Rubrik is that it's okay to go into public markets as a lesser known company with some skepticism as long as you can perform at a high level after going public.

What's Next?

Netskope has an opportunity to be a memorable cybersecurity company and a fixture in public markets if enough goes right. They were one of the largest scale and fastest growing cybersecurity-related companies ever to hit public markets. However, the standard for public companies is much higher in 2025 than it was in the decade-plus prior when many of our current public cybersecurity companies listed.

Bull case

The bull case for Netskope hinges on the sheer size and stage of the SASE market. Whether you believe their ~$140B TAM estimate or not, it’s a directional proxy that help illustrate how large this market could be.

It's still early days for SASE adoption, especially in large enterprises with perimeter-based, firewall-heavy network architectures to modernize. There are still a lot of legacy VPNs out there. The shift to distributed and cloud-based work isn't going away. Netskope has a huge opportunity to help the world get there.

The main competitive advantage Netskope has is focus. SASE is the only thing they do. Most of their public market competitors have diversified security businesses that span beyond SASE into secure networking and other cybersecurity domains. Even Zscaler has expanded its focus into security operations in the past couple years.

Netskope has to use focus to its advantage and keep delivering a top-tier product experience while leveraging the brand uplift and capital infusion it gets from being a public company to raise its profile.

The software market is dying for high-growth stories during an extended period of muted SaaS growth rates and questions about impending AI doom for traditional SaaS companies. Netskope can outperform if it delivers sustained high growth on its path toward billion-dollar scale and beyond.

Bear case and execution risks

The bear case for Netskope is mostly about competitive pressure from larger, better-resourced players. The SASE market is basically a who's who of high-powered cybersecurity and diversified technology companies who are highly motivated to win this important market.

This brings all sorts of strategic risks for Netskope. Larger competitors have the financial flexibility to price and package Netskope out of the market, especially in the enterprise customer segment. Many security leaders view SASE as an undifferentiated product and choose to buy it as part of larger platform consolidation deals. Some large companies also choose to execute staged migrations to SASE and prefer to buy it from their existing firewall vendors.

From an execution standpoint, the standard of performance is significantly different as a public company. Several other recent cybersecurity IPOs that quickly turned into take-privates learned this the hard way. In fairness, the market's expectations changed significantly as investor preferences moved from growth at all costs to profitable, efficient growth.

The advantage Netskope has is knowing the market's expectations in advance. They know what they're getting into. Top-tier execution is easier said than done, of course. Anything less than that is going to put Netskope in the subscale/low-growth cohort of cybersecurity companies, which almost certainly means repressed public market valuation.

Critical success factors

Netskope needs a few things to go right to be sustainable as a scaled public company — and better yet, find a realistic path to a premium valuation multiple.

Other cybersecurity-related public companies have proven out the playbook for growth within a single domain. It’s worked for CyberArk, Okta, and SailPoint in identity. It’s worked for Varonis in data security. It’s worked (so far) for Rubrik in cyber resilience. Netskope needs to make it work for them in SASE.

As we've said throughout this analysis, the pattern for Netskope’s success is Rubrik. For Netskope to reach the bull case, they're going to have to execute like Rubrik — and maybe even better given the strong competitors in SASE.

A high-level abstraction of the Rubrik playbook means a handful of things when you apply it to Netskope.

First, they need to reduce their losses while sustaining (or even accelerating) growth. Netskope will enter public markets in a very similar position as Rubrik, with ~$350 million of net losses (TTM) as of their S-1.

Rubrik was actually getting more unprofitable year over year, but made dramatic improvements during their first few quarters as a public company. They're still not profitable, but industry-leading growth has been enough to make investors forgive them.

Netskope's losses have been improving sequentially across the periods disclosed in the S-1. In that sense, they're in a better starting position than Rubrik was. It's not easy to keep growth going without significant investment in sales and marketing and R&D. Netskope needs to find a way to hit Rubrik's level of performance.

Second, they need to keep expanding their platform. This is the focus thing we mentioned earlier and one of the primary advantages Netskope has over competitors as a SASE-only company. From an analyst point of view, they already have a relatively complete SASE platform and rank among the leaders in multiple market reports.

Expansion is likely to come from building on top of their existing SASE footprint and making logical extensions into other cybersecurity domains. They've given us some clues already, like their acquisition of Dasera to add Data Security Posture Management (DSPM).

Lastly, they need to share their story and articulate their vision. This is the hardest part to measure, but it’s impactful when it works.

Rubrik did an amazing job with this, going from a relatively unknown company to a much more widely recognized thought leader in just a year. All of the high-performing public companies, both cybersecurity and cybersecurity-related, are great storytellers.

Netskope has an interesting story of its own. Going public was the next big step. What they do next is going to determine if they can be a generational company.

What's Next for Netskope