BroadwayDan mentioned the following to me off board, and since I thought it would be valuable to the board as well as his AYX post, I’m posting it here with his permission:
"And as long as I’m sharing anecdotes, I had dinner with software exec with long history in Silicon Valley Cloud/SaaS. Asked him about our companies. His company uses ZS and OKTA. He raved about OKTA, particularly its ease of use, but said ZS is very unpopular with employees due to clunky interface. He called his tech guys for me and they said ZS is mission critical and though they think it needs to be made simpler, the product is fantastic. He described it as encrypting messages, building a pipe around them so they’re doubly protected.
I don’t know my butt from a hole-in-the-wall about any of this but again, just sharing some info. What I find interesting about his take is how well it squares with the stock’s mixed performance."
I felt that those were interesting takes from the point of view of users.
I had never given the ZS user interface much thought as I had assumed that it was more or less transparent to the end user after the agent was installed. I’m puzzled as to why the end user even has an interface, let alone a “clunky” one.
So long as it’s considered “mission critical” I think the cyber-security guys will win the argument, but I’m struggling with understanding why there is an argument. Where I worked, if the end-users were more or less unanimous with respect to complaints about an interface, the end users would usually win. But it seems odd that we’ve never heard this complaint before (at least, I haven’t).
I’m also baffled as to why it hasn’t already been addressed. My experience was that user interface problems are most often rather superficial and seldom involved a disruption to deep logic or complex functionality.
Separately, even though the description of how ZS works is far from my understanding of how it works, I still like it. It’s simple, easy to understand and gives the impression of being ultra-secure.
The Zscaler interface issue is not with each user but the control panel for IT to manage Zscaler. That has been talked about being somewhat clunky for awhile. Almost as if a nit pick to find something to complain about in reviews. That has been the only thing consistently raised and it is from the perspective of the IT folk who manage Zscaler.
Yes, Zscaler runs itself, but IT customizes it, sends its data to SIEM and the like, and that is what this is discussing.
Just following up on this as PM from Brittlerock pinged me (message was a bit different but appreciated).
Zscaler is a pickle, isn’t it. We now go from a company where they are “coming to us” to one where we have to figure out how to get them coming again. A company with no “real” competition to one with hard charging competition that is inferior, no doubt, but nevertheless having a bite.
Palo Alto’s business slowed to a greater extent than did Zscaler’s business. Palo Alto’s charge to the cloud is probably good for Zscaler long term as it will cause its customers to think cloud and when you think cloud Zscaler is the first place you turn to investigate alternatives. And no doubt Zscaler is better. But as we know best tech does not always win. But one has to think enough looking at the cloud and evaluating alternatives has to start things breaking Zscaler’s way again once this lull of perhaps analysis paralysis by customers end.
That’s the good stuff. Those are good reasons to invest. However, presumed characteristics of Zscaler are being challenged. No real competition and they are coming to us and we win almost every deal…
The numbers are not in line with that narrative. And even recent analyst upgrade talks about stuff competition (even though Zscaler has clearly the best stuff).
Compare that to Alteryx or Crowd (two hit stocks as well). Their numbers are “too good to be true” but yet they are true and their shares are hit as bad as Zscaler’s shares.
Alteryx “favorable competitive environment” with booming demand. Crowd is simply destroying it.
So do you go with what should be or what is? From an allocation perspective why would you not favor what is vs what you think should be (but currently is not) all things being equal?
So do you go with what should be or what is? From an allocation perspective why would you not favor what is vs what you think should be (but currently is not) all things being equal?
I was about to say, well I’m not smart enough to pick the winner, so I have all three, but I realize you weren’t asking which one to go with, but allocation wise, what to do.
I guess I’m not very consistent as I have:
AYX > ZS > CRWD
But that’s mostly because of how much larger both AYX and ZS were before I started my CRWD position, and how much they’ve each fallen. ZS and CRWD both went down ~50%, AYX “only” down ~30%. So even though I’m still adding to CRWD, it takes me a while to get the position large enough to be a top holding.
I think most all our stocks just need some time to consolidate, and for rev growth to continue going up, to make them more compelling buys to the extent they can’t be ignored/out of favor.
That’s the good stuff. Those are good reasons to invest. However, presumed characteristics of Zscaler are being challenged.
“No real competition” and “They are coming to us” and “We win almost every deal”… The numbers are not in line with that narrative. And even recent analyst upgrade talks about stuff competition (even though Zscaler has clearly the best stuff).
Compare that to Alteryx or Crowd (two hit stocks as well). Their numbers are “too good to be true” but yet they are true and their shares are hit as bad as Zscaler’s shares.
Alteryx “favorable competitive environment” with booming demand. Crowd is simply destroying it.
So do you go with what should be or what is? From an allocation perspective why would you not favor what is vs what you think should be (but currently is not) all things being equal?
I agree with Tinker, and I’ve allocated that way also. I currently have about 20% each in Datadog and Alteryx, about 16.5% in Crowdstrike, and 14% in Okta, but only 4.8% in Zscaler. I didn’t get there overnight but have kept slowly trimming Zscaler and adding to others according to how I feel I should weight them in my portfolio. Go with the ones who are DOING it, instead of the ones who SHOULD be doing it, and who MAY start doing it again.
Best,
Saul
And there’s the rub. Zscaler and Mongo should both be hitting it out of the park and both of them are not doing so. It’s no secret that long term I think both companies (Mongo in particular) should be excessively valued and exceeding expectations by a wide margin with every report demonstrating that the high valuation is justified. But they are both just failing to produce the numbers that they should be producing. It’s just a fact that superior technology doesn’t always lead to superior business performance.
I’m reluctantly being forced to take a cold, hard look at my allocations. No way would I abandon either of these companies (lest they really mess up in unimaginable ways), but I’m having a lot of difficulty justifying my positions. I’ve already trimmed ZS quite a bit, but I simply haven’t faced reality with Mongo. I still have long term confidence in Mongo but I’m paying a near term price for it. I am not fickle, I don’t chase performance every quarter, but when there’s a number of consecutive quarters where it’s apparent that my portfolio would be doing better with different allocations it’s time to reassess.
Sharing anecdotes: my partner’s company uses OKTA and she hates it. It is “ok” at the office, but when she is out of office, for example, on a business trip outside the company’s LAN, it is very painful. Particularly when passwords get out of sync. It could be her companies IT department, their practices, or OKTA, that messes up. Don’t know.
When these anecdotes come out about ease of use, I always wonder which type of user is it easy for. Is it IT or the CFO that likes it, or is the broad employee base that likes it? Even though a lot of these SaaS products on our list are sold into the corporate centers or C-suite, ultimately they have to work for the end users (my view).
Without OKTA and being remote is a nightmare. Have to remember all them passwords. OKTA is a life-saver for employees regardless of whether the employee is on-site or off-prem. We use it pretty flawlessly within our company.
I used Okta at a previous company and I miss not having it. I didn’t work for IT, just a regular employee.
It never struck me as super innovative, but it solves a real problem. There are just so many apps and web sites that use different password rules. They require you to change your password every so often. It doesn’t let you use your old passwords. So you get a nightmare of trying to keep track. Frankly, its impossible. You end up having to keep lists written down (which is a massive security hole).
As an employee it seemed liked every day I was forgetting a password and having to reset it. You would think that browsers could “remember” and it would be good. But it never seemed to work for some reason.
Okta was really easy to use. I am not sure why the feedback was otherwise earlier in the thread.
Sharing anecdotes: my partner’s company uses OKTA and she hates it. It is “ok” at the office, but when she is out of office, for example, on a business trip outside the company’s LAN, it is very painful. Particularly when passwords get out of sync. It could be her companies IT department, their practices, or OKTA, that messes up. Don’t know.
My company uses it and I have never had an issue while out of the office. Some applications will have an extra layer of authentication to access which is to send me an SMS with a code to enter before I can go into the application but it has always worked without a problem.
I never have a problem with OKTA. It makes life much easier that you only need to keep one user name/password. The reason I bought okta is that I saw many of my client companies, small and big, start to use it. So I feel okta is becoming a standard tool that eventually almost every company will at least consider using it.