📄 Raw Call Transcript
Acme Financial · Apr 14, 2026 · 47 min
[TRANSCRIPT - Acme Financial Services - Discovery Call - April 14, 2026]
[Duration: 47 minutes]
SE (Divya): Thanks everyone for joining. I'm Divya from Cloudflare's Solutions Engineering team, and I have Mark from our account team. Could everyone on your side introduce themselves?
Customer (Sarah Chen, CISO): Sure — I'm Sarah Chen, CISO at Acme Financial. With me is Tom Rodriguez, Head of Infrastructure, and Lisa Park, VP of Application Security.
SE: Tom, you mentioned on our intro call that you had significant incidents last quarter — can you walk me through what happened?
Tom (Head of Infrastructure): Three major DDoS incidents in Q4. Our current Zscaler setup is struggling with volume and attack sophistication. We're also running Palo Alto for network firewall and managing three separate vendors is becoming operationally painful. 15,000 employees, VPN infrastructure creaking under hybrid load.
Sarah (CISO): The bigger concern is API exposure. We launched a mobile banking platform 8 months ago — 47 public-facing APIs. Two months ago we had a credential stuffing attack — 50,000 accounts compromised. Board wants a solution before September. We need this by Q3.
SE: Is the timeline driven by the board presentation or is there a contract renewal?
Tom: Both. Zscaler contract up for renewal in August. Been unhappy for 18 months — support poor, performance unacceptable during peak trading hours.
SE: And budget — existing approved budget or new business case?
Sarah: Budget approved. Board approved $2.8M for security infrastructure as a direct response to the incident. We need to make the right decision, not the fast one.
Lisa (VP Application Security): How does Cloudflare handle client-side JavaScript security? We had a Magecart-style attack attempt last month — skimmer injection on our payment page. We got lucky catching it manually. And we're 3 months from launching an AI-powered financial advisor — need LLM protection from prompt injection before go-live.
SE: Both exactly what we built for. Page Integrity Manager handles client-side protection — monitors every JavaScript resource on payment pages in real time. AI Gateway is our LLM security layer — sits between your application and the model, handles prompt injection detection, rate limiting, content filtering. Having both requirements is actually a strong case for Cloudflare's unified platform versus point solutions.
Tom: What does migration from Zscaler look like in practice?
SE: More manageable than teams expect. Parallel deployment — users stay on Zscaler while we onboard a pilot group to Cloudflare Access. Typically 30 days pilot, 60 days to full cutover for your size. I can have our Zero Trust architect prepare a specific migration analysis.
Mark (AE): I'll send over our POC framework document by end of this week.
Sarah: What do you need from us to get started?
SE: Technical deep-dive with Tom's infrastructure team to understand network topology and identity stack. And if Lisa can share the AI architecture, we can scope AI Gateway in parallel. Can we get on the calendar in the next two weeks?
Tom: Yes. Our ideal decision date is June 1st so we have time to implement before August renewal.
SE: We'll work backwards from June 1st. Mark, can you coordinate?
Mark: On it — something out today.
Sarah: One more — what does Cloudflare look like versus Zscaler on pricing at our scale?
SE: I'll have our team put together a TCO comparison — apples to apples on what you're paying Zscaler versus a Cloudflare deployment at same scope. At 15,000 seats we're competitive, and when you factor in consolidating the Palo Alto workload, the combined TCO story is usually compelling.
[Call ended]
🤖 AI-Structured Output
Claude AI
✓ Generated
Processing with Claude AI
📝 Summary
✅ Actions
⚙️ Technical
📊 CRM Note
📧 Email Draft
Deal Score
82/100
✓ Budget approved $2.8M
✓ Decision date confirmed
✓ CISO + infra in room
⚠ Zscaler renewal Aug '26
✗ No champion identified
Discovery call with Acme Financial Services CISO Sarah Chen and infrastructure leadership. The account has a $2.8M board-approved security budget following a credential stuffing incident affecting 50,000 customers. Zscaler contract renewal in August creates a competitive displacement opportunity with June 1st decision deadline. Strong multi-product opportunity across Zero Trust, API security, client-side protection, and AI Gateway.
Company
Acme Financial Services
Industry
Financial Services / Banking
Deal Stage
Late Discovery
Urgency
🔴 High
Budget
$2.8M (Board Approved)
Decision Date
June 1, 2026
Decision Makers
Sarah Chen (CISO) · Tom Rodriguez (Head of Infrastructure) · Lisa Park (VP App Security)
■ SE
■ AE
■ Customer
| Action Item | Wk 1 Apr 14 |
Wk 2 Apr 21 |
Wk 3 Apr 28 |
Wk 4 May 5 |
Wk 5 May 12 |
🎯 Jun 1 |
|---|---|---|---|---|---|---|
| AESend calendar invite | ||||||
| AESend POC framework doc | ||||||
| SEPrepare TCO comparison | ||||||
| SETechnical deep-dive | ||||||
| CUSTShare network topology | ||||||
| SEZT migration analysis | ||||||
| SEScope AI Gateway | ||||||
| SEPOC / Validation | ||||||
| 🎯 Decision deadline | Jun 1 |
⚠️ COMPETITIVE SIGNALS
TECHNICAL REQUIREMENTS
CLOUDFLARE PRODUCTS RELEVANT
Paste directly into Salesforce Activity log
DISCOVERY CALL — Acme Financial Services | Apr 14, 2026
Conducted 47-minute discovery call with Sarah Chen (CISO), Tom Rodriguez (Head of Infrastructure), and Lisa Park (VP Application Security). Account is actively evaluating Cloudflare as a replacement for Zscaler (contract renewal August 2026) following three major DDoS incidents in Q4 2025 and a credential stuffing attack in February 2026 that compromised 50,000 customer accounts.
Board has approved $2.8M security infrastructure budget as a direct response. Decision deadline is June 1, 2026 to allow implementation before the August Zscaler renewal.
Key requirements identified: Zero Trust/ZTNA for 15,000 users, API security for 47 public-facing APIs, DDoS protection upgrade, client-side JavaScript protection (payment pages — Magecart concern), and AI Gateway for an upcoming AI-powered financial advisor launching in 90 days.
Competitive context: Zscaler is the incumbent (unhappy, performance issues during peak trading hours). Palo Alto also in use for network firewall — consolidation opportunity.
Next steps: SE to coordinate technical deep-dive within 2 weeks. AE to send POC framework document by end of week. SE to prepare Zero Trust migration analysis and TCO comparison vs. Zscaler + Palo Alto at 15,000 seats.
Review and send from your email client
Subject: Next Steps — Cloudflare x Acme Financial Services
Hi Sarah, Tom, and Lisa,
Thank you for the time today — it was a genuinely useful conversation and I came away with a clear picture of where you are and what you need.
To confirm where we landed:
YOUR REQUIREMENTS WE'LL ADDRESS:
• Zero Trust replacement for Zscaler — 15,000 users, parallel deployment
• API Security for 47 public-facing APIs (credential stuffing prevention)
• Client-side JavaScript protection for payment pages (Page Integrity Manager)
• AI Gateway for the financial advisor LLM — prompt injection, content filtering
• DDoS upgrade and Palo Alto consolidation opportunity
OUR NEXT STEPS:
• Mark will send the POC framework document to you today
• I'll coordinate a technical deep-dive with Tom's team within the next two weeks
• Our Zero Trust architect will prepare a Zscaler migration analysis for your specific architecture
• I'll prepare a TCO comparison — Cloudflare vs. your current Zscaler + Palo Alto stack at 15,000 seats
We'll structure everything to support your June 1st decision timeline with room for a clean implementation before the August renewal.
Lisa — can you share more about the AI financial advisor architecture when you have a moment? I want to make sure the AI Gateway scoping is accurate before we finalize the POC plan.
Looking forward to the deep-dive.
Best,
Divya
Cloudflare Solutions Engineering