Zscaler, AI And Trust: The Industry Debate No One Can Avoid

When Zscaler CEO Jay Chaudhry touted the company’s AI innovation at a live event recently, he probably didn’t expect to ignite a firestorm.

The online backlash to his comment that Zscaler processes proprietary log data from half a trillion daily transactions to train AI models was met with swift and harsh criticism. Many argue that it is a direct contradiction of Zscaler’s “zero trust” ethos.

LinkedIn lit up with hot takes from cybersecurity pros and skeptics. Some accused Zscaler of quietly treating customer logs like its own data trove. Others claimed the practice flat-out undermines the core premise of zero trust.

As usual in security, the truth is more complicated. Zscaler responded with a blog post clarifying its position—emphasizing anonymization, clear boundaries around personal data, and a focus on threat signals rather than user content.

The backlash may have been exaggerated, but it raises a valid question for the entire industry: how can vendors leverage massive data streams to improve AI defenses without eroding the trust of the customers they’re protecting?

AI Needs Data—Lots of It

Whether it’s healthcare, fintech, or cybersecurity, AI only works when it’s trained on mountains of real-world data. For security, that data needs scale. One phishing email might look like a blip. A hundred million of them? That’s a campaign.

Zscaler’s volume—half a trillion transactions a day—isn’t just chest-thumping. It’s the raw material that enables their models to identify subtle attack patterns early. Without that, the AI is flying blind—reactive, limited, and dangerously behind the curve.

But the friction starts when people ask where that data comes from. Customers naturally assume their traffic is being analyzed strictly to block threats—not to train a vendor’s next-gen models. So when they hear the word “proprietary,” the alarms go off.

Zscaler’s Side of the Story

To its credit, Zscaler responded quickly. The company outlined three key points in its clarification:

1. No Generative AI Training – Zscaler says its AI is geared toward threat detection, not generative use cases. The models don’t comb through emails or browsing history—they learn from malware signatures, threat behavior, and other signals relevant to protection.
2. Anonymization and Aggregation – Personally identifiable info is stripped out before analysis. What’s left is meant to train models, not spy on users.
3. Privacy and Compliance – The company says its practices comply with frameworks like GDPR and CCPA, which impose strict rules around data handling.

That distinction—between using customer logs versus using threat intel signals extracted from them—is subtle but critical. Still, when you’re preaching zero trust, even the perception of a gray area can cause problems.

The Trust Conundrum in Zero Trust

Zero trust gets misunderstood all the time. It doesn’t mean “trust no one ever.” It means “trust no one by default.” You still need to trust your vendors to some degree. You trust them to follow their own policies, secure your data, and honor your relationship. Without that, the whole model collapses.

So no, using telemetry doesn’t inherently violate zero trust principles. But failing to communicate how that telemetry is used? That’s where trust can break.

It’s a tricky balance—and not just for Zscaler. “This is a challenging balancing act for security vendors – and for their customers,” says Scott Crawford, research director for information security at 451 Research, part of S&P Global Market Intelligence. “On the one hand, organizations want providers to understand the threats they’re facing and help mitigate them. This necessarily requires a certain degree of visibility into activity. On the other, of course, there is the issue not only of privacy, but of disclosing more about the organization, its people, its customers and partners than any would be comfortable with.”

That tension isn’t new, but the stakes are higher now that AI is in the mix. Crawford notes that visibility across a wide customer base—something Zscaler has at global scale—offers a major defensive advantage. It enables threat intelligence models to pick up patterns early and protect customers before they’re directly impacted. But he also underscores that customers expect restraint. “We want providers to know what they need to know to help us protect ourselves and our interests,” he explains. “But organizations and people (rightly) don’t want providers to know more than is necessary.”

That’s where transparency comes in—and why Zscaler’s clarification matters. Still, Crawford points out that customers have limited ability to verify such claims on their own. “The only way that a customer could definitively verify those measures would be to audit the provider in enough detail to be reasonably sure of its approach. This, of course, is impractical for the typical customer,” he says.

In short, this isn’t a debate that ends with a single blog post. It’s an ongoing conversation—one that needs to evolve alongside both the technology and the threat landscape. Customers are right to ask hard questions. Vendors should be ready with clear, evolving answers.

Everyone’s Doing It—But Not Everyone’s Saying It Well

Zscaler isn’t the only one facing this tension. CrowdStrike, Palo Alto Networks, Microsoft—they all rely on massive datasets to train their AI. The difference lies in how they talk about it.

When a CEO highlights the scale of their data advantage without explaining how that data is handled, it can sound like overreach. Customers don’t hear “our threat models got smarter.” They hear, “we own your logs.”

That’s why transparency is the real differentiator. Security vendors must be crystal clear about what they collect, how they use it, and how they protect it.

Den Jones, founder and CEO at 909Cyber, cuts to the core of the issue: “We should all expect that any company collecting data will eventually use it to train their AI models. That said, a sound data security strategy means organizations should avoid gathering information that isn’t essential to running their business. And if they do use data for AI purposes, the best practice is to obfuscate it.”

In other words, the question isn’t whether data will be used for AI—it’s how responsibly and transparently it’s done.

AI vs. AI: What’s at Stake

This matters because the stakes are rising. Attackers are already using AI to craft more convincing phishing campaigns, automate exploits, and stay ahead of defenders. If defenders aren’t using equally powerful AI, they’re playing a losing game.

But trust is the foundation. If customers feel like using your product means giving up ownership of their data, adoption stalls. And if fear wins, innovation loses.

Bridging the Gap: Where Security Goes from Here

This incident is a blueprint for what vendors need to get right moving forward. That means:

• Explicit Consent – Don’t bury it in the terms of service. Be upfront about what data you collect and why.
• Hard Anonymization – Make it technically and legally impossible to re-identify individuals from the data.
• Clear Communication – Avoid jargon. Just explain what you’re doing in plain language.
• Accountability – Set standards, publish principles, and be open to audits.

Zscaler has started down that path with its Responsible AI pledge. Now it’s on the rest of the industry to follow through.

More Than Damage Control

The controversy over Zscaler’s AI data practices may have started with a few ill-chosen words taken out of context, but the broader debate it triggered is long overdue. Customers are right to demand clarity and control over how their data is used. Security vendors, in turn, must demonstrate that AI innovation doesn’t come at the expense of privacy or trust.

The path forward requires thoughtful guardrails, not just reactive damage control. Zscaler’s response here will hopefully serve as a turning point—a reminder that trust, once questioned, must be continually earned.