From the beginning, Symmetry Systems was built around a simple idea: protecting sensitive data in the AI era requires a unified approach that brings together identity, data, and data flow contexts. Our north star has always been controlling how information flows — not just knowing where it lives, but knowing who can reach it, under what conditions, and enforcing that as a single policy everywhere it moves.
Controlling the flow of information has become harder as enterprises moved to cloud platforms, SaaS applications, data lakes, and AI systems. Today, AI is accelerating that challenge even further as organizations deploy copilots, autonomous agents, retrieval-augmented generation (RAG) systems, and generative AI applications across the enterprise. The question we have always been trying to answer with our data access graph – “how do you enforce a simple plain english information flow policy everywhere” – has become the defining security question of the AI era.
That is why I am excited to announce that Symmetry Systems is joining forces with Zscaler Inc.
Together, we will do something neither of us could do alone: enforce information flow policies across every identity, every transitive permission, every agent, and every data store – at rest, in motion, in use, in real time.
We have been building toward this for a long time. The question we have always been trying to answer is simple: how do you write a single policy that says this data never leaves this identity boundary – and actually enforce it, everywhere, in real time. When we first spoke with Jay and the Zscaler team, they understood that immediately. They were the clear choice to help us do that at enterprise scale. That is why we are here.
Why Zscaler
For more than a decade, Zscaler has redefined enterprise security through its Zero Trust Exchange, and became the largest security cloud on the planet.
At Symmetry Systems, we have focused on the challenge of helping organizations continuously understand and protect sensitive data across increasingly complex cloud and AI environments.
Our core thesis has always been that modern security requires understanding the relationship between data, identity, permissions, and data movement.
- Data Context – Risk increases with access to sensitive data. AI systems reason, infer, and make decisions based on learned data patterns, making visibility into sensitive data foundational to modern security.
- Identity and Permission Context – Risk increases with the breadth and sensitivity of permissions. Users, workloads, and AI agents increasingly operate as autonomous participants across enterprise environments, requiring continuous visibility into entitlements and access pathways.
- Data Flow Context – Risk increases with autonomy and persistence. AI systems continuously process, transform, and move information across applications, models, and workflows in ways that traditional static controls were not designed to govern.
These principles form the foundation of Symmetry’s Data Access Graph architecture in Symmetry’s DataGuard and AIGuard platforms, helping organizations better understand and manage how risk accumulates across identities, data, permissions, and AI systems. And they are the same principles that can now be enforced at Zscaler scale – inline, across every transaction, for every enterprise we jointly serve.
Together with Zscaler, we see an opportunity to bring deeper data context into modern Zero Trust architectures, helping organizations better understand and reduce risk across identities, data, and AI systems.
How Information Flow Policy Works in Practice
Modern security requires understanding the relationship between data, identity, permissions, and data movement, and using that understanding to enforce precise policies about how information flows across the enterprise.
Consider a concrete example. A policy states: no identity, human or AI, operating in the context of Institution A should be able to read, copy, infer from, or transmit data that originated in Institution B – regardless of how that data was accessed or by which system. Enforcing that policy requires knowing what the data is, where it came from, which identities can reach it, and whether any movement violates that boundary. That is what Symmetry’s DataGuard and AIGuard platforms were built to provide. It is what Zscaler’s inline enforcement will implement at global scale.
Trusted by Organizations Securing AI at Scale
Highly regulated financial institutions, retailers, and leading HR technology providers are already using Symmetry’s Data Access Graph architecture to help secure AI adoption across complex enterprise environments.
As enterprises deploy copilots, AI assistants, and RAG-based applications, understanding how identities, permissions, and sensitive data interact has become foundational to managing AI risk.
“In the AI era, organizations can no longer secure data by protecting storage locations alone. They must understand how data moves, who can access it, whether that access was authorized, and where it is being exposed in real time,” said Mustapha Kebbeh, Global CSO at UKG. “The combination of Symmetry Systems and Zscaler will create a powerful control layer that brings visibility into sensitive data flows, maps identity and agent access to that data, and enforces policy before information can be misused or moved outside approved boundaries. This will give enterprises the ability to see, understand, and control the interaction between identities, AI agents, and critical data across the entire environment.”
What Comes Next
This is an exciting moment for our customers, partners, and team. The future of security comes down to one question: can you enforce a precise policy about how information flows across every identity, every agent, and every environment — before damage is done? We have spent years building the answer from the data layer up. Zscaler has spent a decade building the infrastructure to make that answer enforceable at global scale.
Mohit Tiwari
CEO and Co-founder, Symmetry Systems
For more details, read the official announcement here:
https://www.zscaler.com/press/ai-announcement
Forward-Looking Statements
This blog post contains forward-looking statements that are based on management’s beliefs and assumptions and on information currently available to management. These forward-looking statements include the expected benefits of the proposed acquisition to Zscaler and its customers and plans regarding Symmetry Systems’ capabilities. These forward-looking statements are subject to the safe harbor provisions created by the Private Securities Litigation Reform Act of 1995. A significant number of factors could cause actual results to differ materially from statements made in this press release, including those factors related to Zscaler’s ability to successfully integrate Symmetry Systems technology into its cloud platform and the potential impact of the acquisition to the existing Symmetry Systems business. Additional risks and uncertainties are set forth in Zscaler’s most recent Quarterly Report on Form 10-Q filed with the Securities and Exchange Commission (“SEC”) on February 26, 2026, which is available at ir.zscaler.com and on the SEC’s website at www.sec.gov. Any forward-looking statements in this release are based on the limited information currently available to Zscaler as of the date hereof, which is subject to change, and Zscaler will not necessarily update the information, even if new information becomes available in the future.
