Matt Russell

This episode is brought to you by Portrait. It's the AI research system that I used to prepare for today's episode and for all business breakdowns episodes. Portrait was built by former buy side investors and they understand great investing isn't just about having more information from low quality sources. It's about having the right information organized the right way. And if you listen to the show, you appreciate Diligence consists of many things Diving into the history of a business, framing the nuanced competitive dynamics, tracking key signposts around your thesis. And historically that would take up material time that you do not have. But Portrait is basically like adding an army of analysts to your team. It's powered by an AI system specifically designed for investment research workflows so you get nuanced idea generation. Portrait assesses the same types of qualitative attributes that we discuss on this show and that can help identify businesses which fit your frameworks. Portrait also customizes research report generation and I used Portrait to generate a primer and lay out bold bear cases ahead of today's episode to help frame the conversation. And third, there's intelligent thesis monitoring. And that's where Portrait assesses thousands of data points across value chains each day, extracting the insights driving the business again. All this work would typically take hours and hours and hours. It's at your fingertips now. Visit portraitresearch.com to start your free trial today.

Podcast Narrator

This is Business Breakdowns. Business Breakdowns is a series of conversations within business investors and operators diving deep into a single business. For each business, we explore its history, its business model, its competitive advantages, and what makes it tick. We believe every business has lessons and secrets that investors and operators can learn from, and we are here to bring them to you. To find more episodes of breakdowns, check out joincolasis.com all opinions expressed by hosts and podcast guests are solely their own opinions. Hosts, podcast guests, their employers or affiliates may maintain positions in the securities discussed in this podcast. This podcast is for informational purposes only and should not be relied upon as a basis for investment decisions.

Matt Russell

This is Matt Russell and today we are breaking down the cybersecurity giant Cloudflare. Today, Cloudflare controls over 20% of the world's web traffic, and to me, an equally notable metric is that cloudflare absorbs 2.5 million cyber attacks per second. My guest for this episode is Sam Eden, investor at Square Peg's Global Tech Fund, and while I could understand on the surface what Cloudflare does, Sam really helped me get into the weeds on how the digital Pipes actually work. So we go through the rise of Cloudflare and how they built a differentiated product then and evolve that over time versus incumbents and fellow upstarts in what is obviously an in demand market. And through this story, Sam gets into the product offerings that led to Cloudflare's leading market share, some of the new evolutions and what that might mean for growth looking forward and how to conceptualize that and break it down through the various buckets. So if you have any interest in better understanding the world of cybersecurity, you will enjoy this episode. All right, Sam, I am excited to have you here to break down Cloudflare. It is a tech company that I think is obviously understood by tech investors. Generalists maybe have more of a high level understanding and I think the population at large probably has very little understanding of what's going on. We're going to do our best, get that understanding before we get into the overall business and what it looks like today. And just to start there, how would you describe, explain, paint a picture of what Cloudflare does as a business and as a technology for its customers?

Sam Eden

Cloudflare has many different products and we'll get to these throughout this conversation. But the most common one and is what they started with is their application services and their website services. Cloudflare provides speed and security for your website. The customers are companies with a website. This could be your weekend hobby project, or it could be some of the largest companies in the world with some of the most traffic websites in the world. So if you run this website, it has a public URL, so anyone can visit it, but that also means that anyone can attack it. So Cloudflare provides security to prevent these spam attacks. These are known as DDoS attacks that basically try to overload your servers. Hackers will try and intercept and manipulate Internet traffic. Cloudflare will protect you from that and it prevents bots from scraping your website. That probably sounded a little technical. So maybe an analogy for these Internet services I like to think of is a postal service. Let's say you run a website, which in this analogy would be say a warehouse that ships out products. So you'll get in mail orders from all over the world. This would be your Internet requests. In this analogy, Cloudflare would be a sorting factory that intercepts all of your mail. They'll block junk mail for you. They'll block organized spam mail attacks that might try to clog up your mailbox. They'll scan all incoming boxes to make sure there's nothing malicious coming in. So this is all the application security. They extend this further. So in this analogy, that would also help you set up local warehouses to reduce international shipping. They would create dedicated fast freeways for postal services. They can speed up the whole postal network. So they provide all these things to make your website fast and secure.

Matt Russell

You're proving to me that I use the Internet quite a bit, but don't fully appreciate all that's going behind the scenes when I'm clicking around and ordering things and whatnot. One of their customers is Shopify. Can you just give a relatable example of what it would look like for Cloudflare? Helping out Shopify? The speed portion makes a lot of sense in terms of making sure that they can run on optimized speed. But from a security perspective, what might that look like in a scenario for Shopify?

Sam Eden

They have millions of merchant storefronts from the security point, let's say a massive botnet, they attack a specific store, let's say it's during Black Friday. Without Cloudflare, that merchant service, they're just going to get overloaded. The website would go down and they can't make any sales. But with Cloudflare, they're going to absorb that traffic at the edge. The website's protected and it can stay online. That's really important for these e commerce companies because if your website's down, well, you're not making any revenue.

Matt Russell

It's a time is money type thing. Anytime there's an outage or things go down. Before we get into some of the history, can you just give me a sense of how big Cloudflare is today, just in terms of any numbers that would capture the size and impact that they have in the market?

Sam Eden

Cloudflare is huge. And when you think about the scale of the Internet, it's sometimes hard to wrap your head around. But Cloudflare you can think of as a single, single global private network that runs all this traffic. And over 20% of the world's web runs through Cloudflare servers. So that's the scale that we're talking about. And in terms of cyber attacks, an average of over two and a half million cyber attacks, every single second is absorbed and blocked by the Cloudflare network.

Matt Russell

Two and a half million cyber attacks per second is somewhat frightening to me.

Sam Eden

That's happening totally.

Matt Russell

Let's get into the history here, because I know it has evolved quite a bit over the years and you don't get to that 20% without evolution. What's the founding story? Obviously wasn't around before the Internet. But tell me a bit about founding story, founding team and some of those key moments in the history.

Sam Eden

It's really important to understand the history of Cloudflare because if you can understand why they were successful in the start and how they got their initial foothold in the market, all of their new products build on top of that. So if you understand the history, then you can understand all of their new products. Cloudflare, they were founded in 2009. Matthew Prince, Michelle Zatlin and Lee Holloway. They now have over 2 billion in revenue. One thing to always remember about the Internet is that everything still runs on physical hardware. So there's cables that actually run across the oceans, they run through mountains, and they physically connect server boxes that intercept and process all this Internet traffic before Cloudflare was founded. Let's use an example of someone based in New York. They want to visit a website in Australia. So to do that you send a request all the way from New York to Australia, they process that and then send it all the way back through a cable across the Pacific Ocean back to the server. So that's slow. And it also costs your isp, your Internet service provider, some money because they have to pay some transfer fees to work with other ISPs across the world. So this is a bit of a lose lose situation for the isp. They have to pay transfer fees and it's a bad and slow customer experience. This is still before Cloudflare. Some of the early legacy companies, let's say Akamai, they provide what's called a CDN content delivery network. The Australian website can pay Akamai to store images or some of the other website assets in a server in New York. Anytime someone in New York visits the same Australian website, it's just pulling the data from New York across the city much faster. One thing that's important to understand because it sets up Cloudflare well, is that these legacy companies like Akamai, they split the network. Customers have to decide what to put on their CDN network and what to handle directly. To set this up, you need a sales engineer. It's complex implementation, there's a lot of ongoing maintenance. And then if you buy a different service, then you have to administer that and set up a whole different network and decide what to get redirected where. Also this website in Australia, for example, might want to only serve valid requests. So they actually have to buy a physical firewall to intercept and check this traffic. All these services, they're both called reverse proxies, which basically Means they just intercept incoming traffic on behalf of the website. And that's part of the security piece that we talked about earlier. So that's the lay of the land. Before Cloudflare, this was all very difficult. It needed those sales engineers. This was only really accessible for larger enterprises and more sophisticated websites. And these legacy vendors didn't have a solution for the long tail of websites that Cloudflare started serving. If we want to just relate this back to the postal example, this legacy setup would be if that website in Australia, they would have to inform all of the different postal routing services all over the world. They would have to tell them their different split rules. If the mail is directed to this department, use this address. If it's directed to this department, use this address. If it's a package, use this address. And that takes maintenance because if your rules change, you have to update that. And it's a lot of work. That's a bit of a history of.

Matt Russell

The pre Cloudflare time feels very manually intensive and a bit of a traveling salesman problem in terms of optimizing for where things go.

Sam Eden

So now we can get to Cloudflare. Matthew Prince, the co founder and CEO of Cloudflare, a very interesting background, tinkered with computers as a child, studied literature and became a lawyer. And you can see that with his storytelling abilities. Now here's an interesting background. He was set to take over his family business, which actually included running a Hooters. He didn't want that, so he went to hbs. But before enduring that, he was working on a project called Project Honeypot and that eventually became Cloudflare. So he was working on Project Honeypot with the technical co founder Lee Holloway, who was responsible for a lot of the early code and a lot of the early innovations. Unfortunately, Lee was diagnosed with frontotemporal dementia. So he's no longer with the business, but his technical influence remain strong throughout Cloudflare today. Project Honeypot, it's kind of as it sounds. It was a way to let hackers and spammers scrape email addresses from your website. But these email addresses were just trackers. You could see if someone tried to spam that email address, they would get put on, effectively, a big list of bad addresses. It was creating a big bad list. It was effectively a do not call list for spammers. Hundreds of thousand people were installing Honeypot to help build out this list. And they're helping build out this list because they wanted to be protected from this list. So the more users, the better the service, because the list Got bigger at hbs. This is where Matthew met Michelle Zatlin. She's now the coo. She heard about this idea and wanted to be a part of it. They're a great pair. Matthew Brand's a real visionary and Michelle brings a lot of the operational rigor. Now we can get into the technical side of Cloudflare and I'll keep it high level. But they have this honeypot list, a list of bad actors. But it's a tricky problem to solve because it's effectively a lookup table, right? You see an incoming address, you compare that to the list and see whether you want to accept the request or not. So one way would be to put it on all of your customer servers and they can do the lookup, but that would slow the entire Internet down because every single request now has to compare. So what Cloudflare did, and this was the real innovation, was that they just intercepted everything. You didn't need multiple reverse proxies to do different things. You just have one reverse proxy. That's Cloudflare and that does many things.

Matt Russell

Were they getting paid to do that?

Sam Eden

No. And this is a story throughout Cloudflare. A lot of their products they'll turn on and they have a very generous free program. But this helps build out their business moat improve their products and create a business that's highly defensible.

Matt Russell

Network effect beneficiary. And getting the free service out there can lead to that totally.

Sam Eden

That project Honeypot was the exact start of this. So all these customers could just redirect all of their traffic to Cloudflare and they will do the lookup. Now this is really hard to do. So Lee Holloway was able to build a technical solution on this. If we relate this back to our postal example, instead of splitting the network and all that, all you have to do now is just say, my new mailing address is Cloudflare. No matter what the recipient is, no matter what the package type, Cloudflare will intercept it and decide what to do with it. What this allowed is because it's intercepting everything. If you want to add another service, whether it's a CDN or a DDOS protection, it doesn't matter. You can just really easily turn that on and off. You don't need that sales engineer that we mentioned before. Cloudflare is already in front of your traffic. You don't have to redirect anything. So that makes it simple. So this was the main breakthrough for Cloudflare. They could now serve that long tail of websites and they were the first Real product led growth company for Internet services. Anyone could sign up really quickly. They could serve all those like weekend hobby projects or all the small websites and start providing web protection services for them.

Matt Russell

In terms of getting those users, were they just in front of the community of open source developers or was there anything that got the attention to where they got that initial user base going? Was there anything that stands out?

Sam Eden

A lot of the early customers they serve a lot of nonprofits because they had a lot of traffic but couldn't pay much. So that was really big. And they actually served a lot of the hacker community because a lot of hackers get hacked as well. So hackers would sign up to Cloudflare to protect themselves. Those are some of the big starting customers that really proved that this service could work because if they could protect hackers, then they could protect a more basic website as well.

Matt Russell

That's very interesting. It also introduces, they had to then be better than the hackers because in theory the hackers would see what they're doing. The hacking community is one that is fascinating to me.

Sam Eden

One thing that's important to understand, and this is why their business is so hard to replicate if anyone tried, is trying to understand why competitors just didn't do what they did. Why not just intercept all the traffic? The reasons would be revenue and costs. So with revenue, Cloudflare, it's a classic case of the innovators dilemma. So these large enterprises that I mentioned before, they didn't want to offer this simple interception because that's not what the large enterprises wanted. So the short term revenue wasn't there. So Cloudflare could build for this long tail on their own. And then costs is the other reason that competitors didn't do this. It's really technically difficult to build a system that scales to intercept all the traffic. And they made a decision early on to just use commodity hardware. They didn't want dedicated hardware to process this. They created the software defined network which was inspired by Google running on commodity hardware. So they could just scale their network with cheaper hardware. And today that's still the case. Today Cloudflare is still that single global network of commodity hardware with layers of very sophisticated software on top of that. And another really important thing is the peering relationships with the ISPs. So ISP is who you pay each month for your Internet bill. If we go back to that New York Australia example we mentioned earlier, let's say you visit a small website in Australia, this small website, they can't afford those legacy services that only cater towards the Enterprises. In this case, the ISP has to pay those transfer fees to get the traffic to and from Australia. And the ISPs provide a slow traffic experience. So it's lose, lose those enterprises aren't serving those customers. Now because Cloudflare makes it easy. They have that product led growth and that really generous freemium model. They can start providing those services for these small websites. Now, one website isn't enough, but if you aggregate that whole long tail that they serve, Cloudflare has negotiating power for isp. They can say, I see you're transferring a lot of bandwidth to this region. And I know that because I see all the traffic from my customers. So why don't I just put my server next to yours? We'll have a peering relationship. That means you don't have to pay those transfer fees. Also, the content directly and that ISP situation has gone from a lose, lose kind of cost and slow Internet to a win, win because they don't have to pay those transfer fees and the Internet just sped up. So Cloudflare can negotiate this relationship and often doesn't have to pay bandwidth fees.

Matt Russell

Is the ISP the loser in that case?

Sam Eden

I would say it's a win, win situation because without Cloudflare, they have to pay the cost of connecting to other networks. So it's a cost for the isp. If you think about your own Internet experience, if your Internet's slow, you don't blame the fact that the server is on the other side of the world or anything like that. You blame your Internet service provider. By partnering with Cloudflare, they cut out those costs because they just serve it from Cloudflare and they can speed up their Internet so their customers are happier. They partner with all these ISPs across the world. And one way that I like to visualize Cloudflare is they have this single global network that spans across the world. It's a single web and that connects to all these sub networks, all the ISPs. And today their single global network connects to over 13,000 different networks directly. And these subnetworks could be ISPs, they could be cloud providers, they could be corporate networks, but they connect them all together in this one connectivity layer. Now we're ready to piece this all together. I think this is the most important part of this Cloudflare business. So if you put this history together, it creates a reinforcing loop. So I'll try and help you visualize it that at the top of the cycle we talked about their low bandwidth and low Hardware costs and their easy to use product that enables this product led growth motion so they can serve that long tail of customers. What that enables is more traffic goes through their servers, so they collect more signals, they collect more data, and then they get better and better at blocking malicious actors. They get better at optimizing the network for speed and just providing better website services and better services, which is halfway around the cycle now. That leads to more paying customers and more enterprise customers, which again brings in more traffic. And then as they get more traffic, they can negotiate even more with these ISPs to reduce their bandwidth fees further, create more peering relationships. That brings their costs down further. And then they can reinvest that revenue and cost saving back into their global network. Create more products continually building out and the cycle continues. They attract more of that long tail, collect more data, build out the network. This network gets better as it gets bigger. We often look for businesses that follow this characteristic because they've been doing this for 15 years. It's an incredibly difficult system to replicate and it's a really important part of their moat. So that's how they can continually offer these freemium services While processing over 20% of the world's traffic. And it's just a powerful reinforcing loop that gets stronger and stronger in terms.

Matt Russell

Of controlling that volume. That puts you in a better position from a negotiating perspective. You can bring down costs in a lot of ways, but for a business like this, which is trying to detect certain things and optimize certain things, you get better in terms of what you're offering if done right on the evolutions that occurred over that period. I'm really curious too, just in terms of when they hit a point of evolving into the commercial operations, what that looked like, how challenging that might have been, and then some of the products that have been layered on since then, because it definitely has evolved into a full suite of things that are very complimentary. But how did that pace out together?

Sam Eden

The cloudflare we just described looked very different to the cloudflare of today in terms of their product suite. The main product evolutions have been going from that product led growth to enterprise and then using that single global network to add services. So they've added a lot of internal cybersecurity products and then a whole developer platform on them. We can go through each of those. The first one is just that transition from serving this long tail only of freemium customers to serving the biggest websites in the world. And it follows that same loop. The more data they collected, the more they could build out the network. It reached a tipping point where now their capacity and their services were better than the legacy companies. The capacity to absorb, say cyber attacks or those DDoS attacks is just unmatched. And a recent example they gave in one of their earnings call is they won over a large customer because their DDoS protection capacity was over four times the two legacy competitors combined. It was over 30 terabytes per second that they just easily absorbed because they'd continually built out this network. So they conserve the long tail and now these high willingness to pay enterprise customers. That's one product evolution. Within their original product set. They able to evolve just from those web security products to this whole new market of internal cybersecurity.

Matt Russell

I've seen a lot of references to this in terms of kind of a growth engine, but how would you articulate what's going on there? I think it's clear once it's articulated. But describe that for the audience.

Sam Eden

If you think about the services I just explained, it's cloudflare, intercepting outside traffic for a website. What they realize is that we have all this hardware. Why don't we intercept and inspect traffic that goes from a company to the outside world? It's basically the other way. This is a reverse proxy and a forward proxy, and they use the same hardware for that. So if you think of a reverse proxy as protecting a website from the public Internet, a forward proxy server, which is their whole security products, is protecting an employee from the outside Internet. It protects you when you have outbound traffic. This is the basis of the whole product suite. It's often termed zero trust. That's a type of approach that you can provide these internal security products. Zero trust means the zero trust between any app and any user. So if you contrast that to old services, maybe you log into your corporate network, you gain trust once, and then you're within your private network. Zero trust just means just because you could access app number one doesn't mean you can access app number two. You have zero trust between the app. You have to get validated each time to do that. That means you have to get inspected each time. All of your web requests have to get expected each time. And that looks a lot like their original services because they're very, very good at inspecting every single packet. So they realized that they could apply their commodity hardware. They didn't have to change anything. They just added a software layer to provide this whole new market of internal corporate cybersecurity.

Matt Russell

If I'm thinking about that as an internal employee, would that be if I'm logged in and I click on a link that goes to a website, it's giving me the alert that this looks unsafe. Does it extend beyond that in terms of phishing emails and scams? Curious to know who's doing what in the chain of constant precautions that I'm.

Sam Eden

Being told anytime you're doing something on the Internet in a work context, that's this whole space. And cloudflare has a solution to that. It's a very broad market. There's a lot of competitors in here. There's probably three buckets of activity that an employee will commonly take that you need to protect. One would be you're on your work laptop or your work network and you're visiting an outside public website and you want to make sure that the traffic going in and out of your work environment to the public Internet is safe and secure. The second type would be you're working just with your internal apps. You're checking Salesforce, you're checking ServiceNow, things like that. So you need to make sure that you're actually approved and this is that Zero trust approved to view each app. And then maybe there's different policies on what you can view. And then the third bucket is I guess all the adjacent things with that. The email security is one protecting against phishing attacks and things like that.

Matt Russell

I've definitely experienced where being on prem, I can use certain apps even. But when I'm off prem on mobile or on my own device, there are certain restrictions on what I can access for good reason. I have some sense of how they've evolved pretty naturally from being that external third party guard dog of sorts to also protecting from the inside. Would you point to anything else just in terms of the evolution or what they've rolled out that was key or monumental in terms of the development of the overall business and what they offered?

Sam Eden

This is a continual evolution that all companies are going through. Is your corporate environment used to just be your on premises network, but now everything's cloud based. You can work from home, you can work from anywhere. The corporate perimeter or security perimeter is effectively the whole Internet. That's why they can fit nicely in there and provide those services. They realized that with their hardware system and their single global network, they could expand from web services to corporate security. The way they did that was building a lot of the software themselves. To be able to provide these services at a global scale, they often had to build a lot of their own software. They couldn't rely on aws, for example. No one else could handle their scale and they wanted to have really strong security. What that meant is they have this proprietary software stack that leads to their next product evolution, where they realize that if you can build Cloudflare using these internal tools that we've built ourselves, then other developers will be able to build really powerful products with these tools as well. So they started offering these services to the developer market. So these include things like cloud storage, lightweight databases, video services, and their flagship product in this, what's called ACT three is the Cloudflare workers. So that's a serverless function service and they specialize in lightweight containers, lightweight functions that can be spun up and spun down really quickly to solve bite sized tasks.

Matt Russell

And are these developers working within corporations where what Cloudflare is building off the shelf needs to be maybe expanded upon and they're incorporating it there? Or is it separate from the enterprise corporate type clients and it's developers that are building some unique product and then selling it themselves to a different audience?

Sam Eden

It's currently quite separate. You don't have to use these products together, you can just be a developer building a weekend hobby project and you want to use the Cloudflare serverless functions. That's a totally valid use case. They're working to bring the products together into a more unified experience, but they don't need to be. You can use these Cloudflare developer products on anything really.

Matt Russell

The developers, I assume, are then paying Cloudflare some software cost to use that.

Sam Eden

That's right. So similar to other cloud models, I say from the hyperscalers, their developer products follow a usage based prices model. So the more you use, the more you pay. But similar to the early products, they have a very generous free tier because they really want to attract that long tail of developers and then bring that into the enterprise, which is what they're doing at the moment. So there's over 3 million developers building using these Cloudflare developer products. A lot of them would be building quite sophisticated functions just within their free tier. To give a sense of how generous this free tier is, I think with their workers serverless functions, you can query that up to 100,000 times a day. Their storage is 10 gigabytes per month with zero egress fees, which is dramatically cheaper than a lot of the alternative developer products.

Matt Russell

Can you just give an example of what developer might build with the tools? Just to give a sense of what a tangible example might be?

Sam Eden

Cloudflare workers are best for quick functions that need to be done close to the user. Maybe one quick example would be that if you're loading a website, you might have a quick worker script that changes the local pricing or changes the local language based on where that web page is loaded. That's done at the edge. So it's faster than querying say a central database to generate the page from scratch. The way to conceptually think about these workers is anytime you can take like a task and put it into bite sized functions, it's good for that. Just because they spin up so quickly and then turn themselves off. It is a slightly different way of thinking because you're deploying again to the single global network. If you deploy a function to aws, you might put that on the US east servers, so it lives there. So if you call that function, you have to travel there. Whereas with Cloudflare, if, say you're building an app in New Zealand, you deploy a function immediately in London, someone can query that website and that same function is served from that London server. At the edge, everything gets propagated around really quickly, which is just another benefit of this single global network that they've built.

Matt Russell

Yeah, I can speak to that example. As someone who tends to find myself on UK or Japan websites, just the currency switch is always beneficial. Saves me some time from doing the currency conversion. When you think about AI, this is a business that is clearly benefited and took advantage of what the cloud has provided in terms of opportunities, been very thoughtful about that, and evolve naturally into different pieces of an organization and offering more. So two different things riding away, but also being operationally thoughtful about how they're going in market. When you think about where they fit into the AI boom and potential to be whatever they might be in that world, how do you frame it? And then how does the management team talk about where Cloudflare fits into the AI ecosystem?

Sam Eden

I would say they fit kind of all around the AI industry. And there's probably four ways I'll describe this. First way is just the adjacent tailwinds, which you mentioned. As people want to use AI, then they're thinking more about the data strategy. And often you want your AI agents, for example, to read a lot of data and you might want to do that quickly without paying a lot of egress fees. So there's tailwinds in general for Cloudflare's approach for doing that. So that's the first relationship to AI is just adjacent services. The next three are the different sides of AI that they serve. The first is just serving the AI companies themselves. The latest reporting was that 80% of the top AI native companies, the top AI companies were Cloudflare customers. So that just shows that this next generation and this next era of businesses still look to Cloudflare first. So if they're providing other services for these AI companies, it positions them well to provide AI services as well. That's one is just serving the customers themselves. The second direct AI involvement with Cloudflare is Inference themselves. They've started to offer inference at the edge through their workers AI product. It's a slight evolution from their previous strategy where they still have this single global network. But previously every component, like every piece of that hardware, could provide every service, which is really powerful because it just meant the return on investment on each of those pieces of hardware could be split across all of their products. But now with AI inference, the hardware starts to matter. They had to install GPUs across their servers. They have servers across 330 different cities across the world. This was done really quickly. So Cloudflare is a very long term strategic company. When they're actually designing their motherboards for all of their chips, they left an empty slot open because they didn't know what would it be for, what the use case would be. But they needed it just in case something came up. And it turns out AI inference was that something. So they could go to all of their boxes and simply just plug in a gpu and then AI inference is available across the world at all of these locations. This is serving these LLM models. You can quickly query an open source model for text generation, image generation, voice or enterprise. Customers can deploy their own custom LLMs as well. And again that gets propagated across their single global network. The AI inference from Cloudflare can be done really quickly at the edge. And as I mentioned before, Cloudflare workers are really quick at spinning up and spinning down. So unlike say a hyperscaler, you don't have to pre book or pre provision capacity. You only use for what you pay for. If an inference is small and you don't use it for a day, you're not going to pay anything. So it only charges you directly on the AI inference that you use.

Matt Russell

It feels like a key layer of infrastructure. So you could see them on all sides of the market thinking about how they transitioned. You mentioned they got to a point where their offering was on par and then eventually better than what incumbents and legacy providers were offering. Can you talk about what that looks like? Because I imagine they broke into the enterprise market over time, what that looked like, how they approach it, some of the nuance to what it looks like to have an enterprise contract.

Sam Eden

This is an ongoing evolution. They go to market changes. Three things I'll call out. One is just the general enterprise sales motion, the partner motion, which is really important to understand and then their pool of funds bundling strategy. So the first go to market evolution was the enterprise sales. This is just a typical transformation from product led sales, enterprise sales to and the product capabilities were there, but it's still a new go to market muscle. And across all companies this is never an easy transition, particularly as you're moving into security as well. It's a new buyer for them. Instead of just an IT administrator that is looking over the website, you're now selling to the whole security office. It could be a multiple month process. So they had to build this new go to market muscle out. So in 2023 they actually saw their rep productivity start to drop and they had to let go a lot of their sales team. But in 2024 they brought in a new president of revenue, Mark Anderson. He's incredibly experienced, is formerly president of sales for Palo Alto Networks, CEO of AlterEx. So he has this deep experience with enterprise sales. This transformation. They're hiring a lot more reps. They've switched from hiring majority mid market reps to now hiring a majority of enterprise reps. And they're still keeping this product led growth because it's so important to their story. But now they're really increasing their sales led growth motion. There's still ongoing transformation. But quick quantitative proof that we're starting to see is that the growth of revenue from large customers has started to inflect. It was around 30% and now it's starting to inflect up to 40% year over year. So really impressive transformation.

Matt Russell

How big of a chunk of the.

Sam Eden

Business is it today? If you look at customers over $100,000 in revenue, they're less than one and a half percent of the actual customer base. But they contribute to about 75% of the revenue. It's very important to get this segment right. There's a long Runway to that segment as well. They're at bit over 2 billion of annualized revenue. With that they have a bit less than 200 customers that are over $1 million. If you compare that to Zscaler when they're at that same size, that 2 billion run rate, they had almost 500 customers with that $1 million revenue. So it highlights that Runway that they have at that very large enterprise end. And the go to market transformation is a big part of that.

Matt Russell

How much stickiness is There both from a perspective of keeping customers but also being able to win share from some of the competition. Are there long term contracts that are in place? Is there a major friction associated with ripping out old infrastructure and implementing new? Seems like they've been able to gain market share. But how much goes into that and what are some of the unique dynamics there?

Sam Eden

It's definitely a sticky product because if you have all your kind of weapon security set up, it would take a lot to migrate from that and a lot of convincing to do to migrate away from such a powerful network. So there is definitely a stickiness involved. And one way to look at that is the net revenue retention over the years. It's always been above 110% in the last few years. It has dipped a little to 112 in the last few quarters. But with a lot of their other efforts, which is the pool of funds recent initiative that's been starting to inflect and the latest quarter or Q3 2025 that re accelerated up to 119%. So going from 112% up to 119% of expansion of existing customers is a significant RE acceleration. And obviously their product's important. But some of this go to market contracting is really important as well.

Matt Russell

I want to get to the partner strategy, but you mentioned the pool of funds and how that might link to that RE acceleration. Can you describe that?

Sam Eden

We've spoken about like the three different products, the web security, the corporate security and then the developer platform. We also spoke that it can be quite separate. What that meant is you could have three different buyers and you could have a company that we're using each of the three different product groups, but not necessarily talking to each other. There's a bit too much friction for what should be a smoother process for working on a single platform. So that's why they introduced pool of funds. This is a bundling method and it's also as it sounds, it's a pool of funds that large customers can draw down from. What's really important with this is that you can draw it down from any product. So this really encourages experimentation and adoption of some of their newer products. These are multiple year commitments as well. This is their top enterprise customers and they recently signed a $130 million five year contract. So these are big contracts. But what it means is if you plan to say use 80% of these pool of funds on say Act 1, you still have a little capacity and flexibility to experiment and try out a few of these workers products. You'll see that they work at an enterprise scale and that just encourages the adoption there. It's still a fairly new initiative, roll down 2024, but it's already up to low double digits of their total annual contract value. A quick metric to show that this is working is that this puts a lot of focus on RPO. The remaining performance obligations, that's been growing around 40% year over year through 2025. So there's very high growth at this scale and these pool of funds are contributing to that. And I mentioned before that it's starting to accelerate the net revenue retention as well. Obviously not all from pool of funds because it's still new, but it's a contributing factor as well.

Matt Russell

It's a really interesting strategy. You look at all these different businesses that have complementary products, but oftentimes we glance over that you have different divisions that are buying them, different customers, and what seems complementary gets bogged down and frictions associated with that. And you don't get the synergistic effect that you should. I'm sure it exists elsewhere in terms of this type of approach, pooling funds, but that's quite notable. On the partner strategy, which I skipped over, but you referenced before. What does that buyer base look like? What does that strategy look like and when did that come into play?

Sam Eden

So the channel partner strategy, it's really important for the Act 2 their internal security products because the buyers often go through channel partners. These channel partners, they often have a preferred vendor list. So the relationships with these partners and these could be consultants, system integrators. If you're not on their preferred vendor list, it makes the sale a lot harder.

Matt Russell

So would it be like WordPress might have Cloudflare?

Sam Eden

It's more like a. Maybe a cognizant, a CDW for security like Tata and all these consulting and professional services groups. So they will help with the sale and then help with the implementation as well. These are whole companies on their own, so the relationships with them are really important. So Mark Anderson, the new CRO, brought in a new head of partnerships, Tom Evans. And he has a long history in these cybersecurity partnerships. Worldwide channel sales lead at Palo Alto Networks. So he has this big Rolodex to pull from. The results for that are quite impressive. The channel partner led growth and the last few quarters has been growing around 65% year over year. For the past two years, the percentage of incremental total revenue from partner channels has gone from about 20% to over 40% of incremental sales. So it's a really important driver of their growth. And there's a long Runway too, just to really highlight how important this channel is for security. Cloudflare's current channel, partner revenue as a percentage of total revenue is about 30%. And if you contrast that to Zscaler and Netscope, they're almost at 90% of their revenue going through channel partners or channel referred partners. So there's a long Runway to go. It's a relatively new motion. So I would say they're just getting started there.

Matt Russell

Those channels are always interesting. It's kind of like an external salesforce in many ways that can do the work on behalf of you. Do they give any sense of whether the margin looks materially different through the partner channel versus the other buckets? Sometimes you get lower margins associated with that because there is in theory a middleman involved. But do they provide any disclosure on that?

Sam Eden

They don't give too much because it is different depending on the partners and that you might have different contracts. Typically what these partners do though is the large scale resellers will basically take a cut. But some of the larger ones, most of their revenue is actually from the professional services and implementation on top. So they're not trying to skim a product fee. They're more interested in the professional services that go on after the sale. So that just helps with the negotiation and it can protect their margins quickly on margins. These Act 2 products, they're the highest incremental gross margin part of the business. It's a high willingness to pay buyer of security. And you're using your existing network, so very strong margins in that part of the business as well.

Matt Russell

Maybe we can get into the financial business model and some of the spreadsheet details I think you referenced, you're looking at over 2 billion in revenue on an annualized basis today. How is it split out between those buckets? You may have referenced it in passing, but just a give a clean snapshot of that.

Sam Eden

They don't split it out exactly. But you can estimate if you split it between the Act 1, the Act 2 and the Act 3 products, that $2 billion is majority of Act 1 like it's their bread and butter. And you could estimate maybe roughly 2/3 of their revenue is from Act 1, maybe 30% from Act 2 growing quickly and then Act 3, it's, it's still a bit smaller, but growing very quickly as well.

Matt Russell

In terms of the customer base, I'm assuming most customers or at least a large percentage of the revenue are using multiple products. I think your point in terms of the large accounts being 1 1/2% versus 75% of revenue kind of gets to the power of large customers. But is that the case where the majority of customers are using or majority of revenue is coming from customers that are using multiple products?

Sam Eden

That's exactly the case. And they have over 55 revenue generating products. So a long product sheet and customers with more than 10 products is the fastest growing revenue category. So that's exactly the case.

Matt Russell

Offering a freemium model seems to be ingrained in their DNA. How would they manage that over time in terms of continuing to offer a product that attracts users and potentially gets them into the funnel over time? What does that look like?

Sam Eden

We spoke a lot about the freemium model for like how they got started and they've really kept that in their DNA for Act 2 and Act 3 as well. The way they do it as well, it's quite strategically different to some of their competitors. On Act 1, they don't really charge for volume. The free users can actually get unmetered DDoS protection, free bandwidth for CDN. This is really generous. What they actually charge for is complexity if you want specialized rules and special bot management setups. But that means if you're a website that constantly gets attacked with high volume, they're not going to charge you extra, they're not going to punish you for that. That's one interesting part of the different strategy, at least for the Act 1 products. Four, Act 2, quite generous as well. Up to 50 free users. But then Act 3, their freemium product as well, you can very realistically set up and build a sophisticated app without paying much at all. And that's actually what we have done at Squarefig internally. We've built some quite sophisticated kind of AI products to ingest a lot of our research, create dashboards and have a full AI interface built on Cloudflare. And it generates an enormous amount of value. And our Cloudflare bills have been remarkably low.

Matt Russell

Interesting that an investment firm can do that and fit into that category. Is there a way to capture what's subscription based versus that you mentioned like the complexity. Does that still fall under a subscription? I'm just trying to get an understanding of like the contractual nature versus the usage based nature, which I'll bucket complexity into that if it should be. They're not charging based on volume necessarily. But how do you split that up?

Sam Eden

It is slightly different per product group, but for Act 1 it is a contract, it's a subscription tier. So you pick a plan pro tier, business tier or customer enterprise tier. And you're paying that flat monthly rate for that tier. And it includes a bunch of things. You would upgrade a tier when you need more enterprise features, whether it's those complexity rules, special splitting of traffic and things like that. Not on volume. For Act 1, at least Act 3, those developer products, that is more usage based pricing, no egress fees, but the usage based pricing for how much you use their services.

Matt Russell

Putting it all together on a margin, however, you would look at this. What do margins look like for Cloudflare?

Sam Eden

They're a software business, so they non GAAP gross margins are about 75 to 78%. This looks lower than maybe a top performing software business that you would expect to see. But you have to keep in mind that they own and operate their own physical infrastructure and the depreciation of this equipment is included in the reported cost of goods sold. That naturally compresses their gross margin. If you did want to try to look at a cash based gross margin to compare apples to apples, about 6% of their revenue is depreciation directly tied to equipment. So if you want you could add that back in and compare gross margins on an 83, 85% range as it.

Matt Russell

Falls to the bottom line, whether it's EBITDA margin, free cash flow margin, what does that look like? Are there any major cost buckets that eat into that?

Sam Eden

The main one to call out is the capex, which is naturally again a lot higher than a lot of software businesses. The capex has consistently been around 11 to 14% of revenue. That's going to bring your free cash flow margins down. And the free cash flow margins have been around 10% in recent years. The long term guidance, at least from management is to expand those to over 25% as operating leverage continues to expand.

Matt Russell

They'll get the majority of that off of the operational costs, labor, whatever it might be.

Sam Eden

Yeah, one big cost now is their sales and marketing costs. That's 35% of revenue that has opportunity to come down and there's margin points available there as well.

Matt Russell

Capital allocation. With that in mind, it feels like a business that has reinvestment opportunities that would take up the majority of where that cash flow would go. Has that been kind of the policy and how do you think about how they allocate the capital that they do have and their history for capex spend and ROI in that capex?

Sam Eden

The capital allocation, it's a really important part of the business and they're very strategic about how they do it, such that they get a really strong ROI on their capex we spoke earlier about just using commodity hardware, so that reduces the cost of the hardware. They often talk about investing behind the demand curve so they see where the traffic is and what the demand is before they build. They're not just building for no reason. What's really important to understand with their capex is that all of their servers can run all of their products and provide all of their services. So that means the capex and the ROI is split across all of their product lines, across Act 1, 2 and 3. So the incremental ROI is more diversified and it's higher. So you're not building a separate network for each product. It's one network that can contribute to the return on each incremental capex spend.

Matt Russell

You've alluded a lot to legacy competition. Are there new competitors that are in the market? It does seem like a market that will only get more important over time. How do you frame the competition? And does anybody have large comparable market share similar to what Cloudflare has in.

Sam Eden

Act one, they've established themselves as a leader. Some of the legacy companies specialize in certain types of networks where there's media and things like that, so they're still important competitors. But Cloudflare is, has the biggest network that, as we mentioned, is very hard to catch up to. But in Act 2 and Act 3, it's much more competitive there. I think Act 2 is probably the most competitive because cybersecurity, there's always new players, those new trends. And importantly, Cloudflare isn't leading the innovation there like they did in act one, like they're a second mover. So Zscaler is probably the largest, pure play, zero trust, act two competitor. And they also have a global network that they run and manage themselves.

Matt Russell

It's a decent time to bring up the outage, which I probably like, really burying the lead in terms of recent activities and news, but just in terms of competition and what it could represent. Can you walk through what exactly happened where I felt like one, the entire Internet was out on me too. I learned just how many websites were connected to cloudflare. So two important things came out of that. But maybe just an explanation of what happened and then we can get into if there's any residual implications from it.

Sam Eden

The outage affected everyone, and one of the downsides of having a single global network is that it can all go down and that's what happened. I think what's important to understand with that outage is that it wasn't an attack, it wasn't a security breach. Or anything like that. It was a process error. Basically their bot management software that inspects all the traffic. It's a little machine learning model. So it has all these features. There was an upstream error that caused those features to double in size and their servers just didn't have the memory for them. These features, they're updated constantly. Every five minutes the model's getting updated with new threats. Every five minutes a corrupted file is getting pushed out and it broke a lot of their services. So everything went down. It's not dissimilar to say the CrowdStrike outage that happened in 2024, where it wasn't a security breach. It was a process error. For something that was kind of very in the weeds, it caused all these outages. Everyone realized similarly, how many businesses ran on CrowdStrike, but they've come back just as strong as ever. Because I think people realize, okay, it was a process error and they're clearly going to do something about it. Which is exactly the case with cloudflare. I think what the customers and community really appreciate with them is just how transparent they were. They wrote a very in depth and transparent report day of the incident and having quite like an engineering forward customer base. I think that was just really appreciated. They've outlined process steps and updates they'll take to make sure something like that doesn't happen again.

Matt Russell

It's a little tough when it's the machine learning.

Sam Eden

You don't have a scapegoat.

Matt Russell

If it's just the machine, I guess you do. But nobody in theory gets fired over that. Or maybe the person behind the machine learning who codes that all up. But noteworthy and has it happened over history? I do think it's interesting with businesses, whether it's Moody's during the financial crisis Equifax with security breaches where if it doesn't kill them, it kind of proves the moat or strength of the business in many ways and to all different degrees. But have there been historical outages? Maybe not as impactful as that one. And any signal to whether they have material impacts, whether short or long term on the business?

Sam Eden

There was one semi recently, it wasn't as big as the one in that happened recently, but there was an outage. And this actually encouraged some internal transformation or accelerated some internal transformations. So I mentioned earlier that cloudflare is built on Cloudflare. They build a lot of this proprietary software to run their systems for most of their systems, but not all of them. And this could include things like acquisitions or other things when they're scaling up new products, they might borrow something. And what happened in the previous outage was there was an issue with like a Google Cloud KV cache, like a small piece of the database which flowed through some of their products and caused an outage. Again, wasn't a security breach as an error that happens, but what it did was they had an internal project to migrate off those third party solutions and that just accelerated that. So I guess it was not good. But they kind of turned it into a strength to increase the robustness of their systems.

Matt Russell

Then I guess based on current growth numbers or more recent growth numbers, hasn't been too impactful on the underlying business performance. On competition. It feels like Zscaler is one that shows up in multiple categories. So I put them there in Act 3. You mentioned the hyperscalers, which I think are worthy competitors for anyone to deal with. But in terms of the competitive risks and threats, how high do you rate that on the risk spectrum? Like, is it something that concerns you? Sometimes in a growing market, if you have one of the leaders, you usually feel pretty good that even if things move slightly, it's not going to be too material. Just thinking about the competitive threats and how fragile their position is versus being very strong and only strengthening, my view.

Sam Eden

Is that it's a strengthening position, say with Act 2. Zscale has that incumbent advantage and that trust with very large enterprises. But it's a huge market and Cloudflare can, like their other products, start at the smaller end and work up to the enterprises and they're starting to do that. What really benefits them is having that global network of all the products. They can use their Act 1 strength to prove their product, encourage adoption of the Act 2 products. One example of that would be, let's say you're using Zscaler for internal security. You send a request, it goes to zscaler's machines and then to a website. But that website is going to be likely using Cloudflare. So it ends up going to a Cloudflare server anyway and then back. And so Cloudflare is in a really strong position. It's like we're processing all of this traffic anyway. Why don't we process it on the way out as well as the way back in and that will improve your latency. Another difference would be just on their peering networks. So it's very hard for another company to have all these partnerships with all these ISPs around the world. Zscaler took a different approach where they peered directly with the apps, which is great for dense cities, but in Certain markets, it doesn't work as well. And maybe an example just to highlight some of these differences would be Canva. So thousands of employees around the world, Canva, the web design company, they employ a lot of contractors to help out with the design templates and things like that. And a lot of those contractors are based in Southeast Asia. Canva uses their Cloudflare Act 2 products to help with the access because Cloudflare uses what's called like an inline service, so you don't actually have to install an agent or anything onto the machine, which is really important when you're working with contractors. You can give these contractors access to all of the corporate apps that they need without having to have them install anything because, say, a lot of these contractors are based in markets where other competitors won't have direct peering relationships. Cloudflare can say, look, we've been improving the speed of this area for years. These contractors can sign on, be secure and interact with your product with low latency. That's not going to slow anyone down. And that's a really strong value proposition that a lot of other companies can't speak to.

Matt Russell

Are there any other risks that really stand out to you? Just from a business perspective and the organization and some of the external factors sitting around it?

Sam Eden

Two risks to call out. One is that second mover in the Act 2 that we were just speaking about. They are playing a bit of a catch up, but there is a long Runway to go and they're a solid contender there. So I think all the trajectory is very positive when you look at their product positioning, their channel, partner growth and all that. But it's worth just calling out just because they are the second mover. The other risk to call out is just their AI inference strategy and AI in general because it is new and it does slightly diverge a little bit from their previous strategy. So that always adds some risk there because I mentioned earlier that all of their other services can run on all hardware, whereas GPUs are specialized for inference. With the ROI of the other products, it was split across all of their services by the ROI of the GPU component. That's just from the AI inference. So it's a more concentrated ROI risk. Also, there's a slight difference in how the AI inference product came about from their other products. A lot of their other products, they kind of emerged from what Cloudflare was doing internally with the Act 3. They had to build these services themselves. They never planned on launching a developer product, but they saw the value in that and they released it similarly with Act 2, they saw that during the day not many people are on websites, they were underutilized servers so they could work with corporate security that was used during the day and then during the night there's all their website security. So they kind of saw these opportunities and built for them and lent into them. Whereas the AI inference, I think they just saw the importance of the market and decided to go after it. It's still that single global network, but there is a bit of topspin of difference in strategy versus their other product launches that's worth calling out.

Matt Russell

Thank you for calling that out. I do want to get your general framework for valuation. I find software businesses, heaven forbid, 75 to 80% gross margins relative to the 90 that some of these software businesses post. But how does the market approach it? How do you think about valuation? And just anything that you would comment on that topic would be useful to hear.

Sam Eden

It's no secret that Cloudflare is a highly valued company. I think at the start of the year they were 25 times the next 12 month revenue, which is one of the highest in the industry from my perspective. I love Michelle and Matt as the operators of Cloudflare, but valuation, it's always a constant battle, even though it's such an impressive company. And importantly as well, it's a capital intensive business. So the free cash flow margins and earnings will start to matter more and more in say five years time. And they'll likely have lower free cash flow margins than what we've seen in Best in class software. But I think what gives confidence, the bull case for Cloudflare is that there's numerous growth levers that can support sustained high growth and they've sustained it in that 29, 30% or higher range. And the markets that they operate in have a lot of Runway and they're continually adding products and features that support that sustained high growth rate. So that's the distinguishing factor for them. But to get comfortable with the valuation, you have to model out two things. You have to model out the Act 2, how quickly they can catch up and perhaps surpass the incumbents in that space. And the trajectory is very solid there. But also you need to model out what the Act 3 scenarios could look like. Like how important will they be for AI inference? How big will the inference market be? We believe that it can be a very large business and you have to believe that. And just quickly on margin structure, sales and marketing, 35% of revenue today, there is room for operating leverage. They've guided to 25% free cash and margins plus we think they can exceed that. So then you can model that out over the years and still make money on the stock. But it's important to call out that there's effectively no margin for execution error. It's priced for pretty flawless execution, which they've done, but you just have to build confidence that it'll continue.

Matt Russell

Well, it was a very intellectually honest approach to it. A 25 times sales. I saw the SpaceX IPO headlines today which implied, I think 100 times sales. That's all relative in this market.

Sam Eden

Yeah, it makes it look cheap.

Matt Russell

Yeah, yeah, exactly. And the growth number on revenue, they must be sandbagging because it wasn't that material from year to year. Nonetheless, this has been fascinating. I really tried to scrape out as much on the technology, so thank you for keeping up with that. We like to talk about the lessons that you could take away, maybe bring it up a notch to think about frameworks and pattern recognition. What would you point to from Cloudflare that really stands out?

Sam Eden

There's a few lessons from Cloudflare that I think can be applied generally. I'll call out four quick ones. So number one, I think founder led companies is very important for companies to have that founder led vision. It can be very powerful for setting that long term strategy and setting bold visions and sticking to the company mission. Squarepeg's origins are as a VC fund and then the global tech fund listed strategy. We still look for that founder DNA and Matthew Prince is a great example of that. The second general lesson would just be looking for product simplicity, particularly for complicated industries to the extent they can serve the whole long tail of the Internet despite having a very sophisticated technical infrastructure that sets them up really well. And it's a really positive signal applying that elsewhere. I think that applies to Snowflake as well. They have a very powerful engine under the hood, is very hard to replicate, but when you look at the product, it's a very simple query interface. It's very easy to use and adopt and similar with Datadog, very easy to get started and set up. But it's powerful enough and flexible enough to work with the world's largest companies as well as the world's smallest companies. So that looking for that product simplicity, yet flexibility and power is really important. Number three would just be looking for multiple levers of growth. So great companies and multiple levels of growth and they find ways to solve more problems for more customers over time. Cloudflare, great example of that. They've expanded their product lines, expanded the customer archetypes within each market and have done so in markets that all have tailwinds, particularly for AI. Fourth lesson would be that CapEx in software can be okay, provided that it has that very high ROI that CapEx is used to build that defensibility for their business. Talked a lot about that earlier. With that reinforcing cycle, it creates a moat that's very hard to replicate. And because they're stacking layers on top of that hardware, you can extract a lot of ROI from each individual purchase there. Those lessons, they fit very cleanly into what Squarepeg looks for. We have a framework around theme, team model and moat. In Cloudflare, they sit at the center of a critical theme, managing networks for speed, efficiency and trust. Particularly in the era of AI, the team, they're hungry, is founder led, very focused, and they can attract and retain some of the best talent in the world. I think it's an underappreciated, high quality business model so they can stack multiple revenue lines on top of their core capability and all of these levers have that long duration that we look for. And finally, Moat, Cloudflare, it's a business that gets better as it gets bigger and that's really important. They use their scale to enhance their differentiation and create barriers to entry as well.

Matt Russell

Capex can be okay, is a good lesson, I think. AI certainly has shifted the narrative in terms of the willingness to accept high capex companies out there in the market. Assuming that they're creating bearish entry, we can debate where that falls in line for companies and whether that's true or not. But this has been fascinating. Sam, I appreciate you sharing all of the knowledge, getting into the nitty gritty details here, give me a better appreciation of all that's happening on the Internet behind the scenes. So I appreciate you joining us.

Sam Eden

Thank you. This has been a lot of fun.

Podcast Narrator

To find more episodes of breakdowns ranging from Costco to Visa to Moderna, or to sign up for our weekly summary, check out joincolossus.com that's J O I N C O L O ssus dot.

Sam Eden

Com.