Radware (NASDAQ:RDWR) used its Investor Day presentation to outline a growth strategy centered on cloud-delivered application and DDoS security, a push into API security, and new offerings aimed at emerging “agentic AI” risks. Executives emphasized a shift toward recurring revenue, continued investment in global cloud infrastructure, and expanded go-to-market routes through managed security service providers (MSSPs) and OEM relationships.
Company profile and recent performance highlights
CEO Roy Zisapel described Radware as a “cloud-first security company” focused on protecting mission-critical applications for enterprise and carrier customers. He said Radware has about 1,300 employees and 3,500 customers, generally “very large customers.”
He also said Radware has built a cloud security platform with 65 locations and 30 terabits of capacity, and that the company continues to add data centers to address data sovereignty, compliance, and proximity requirements.
Platform positioning and “waves” of growth
Zisapel and Chief Growth Officer Connie Stack framed Radware’s opportunity around multiple overlapping “economies” that drive demand for application protection:
- Web economy: traditional web applications requiring DDoS and web application security protections.
- App economy: application-to-application connectivity, particularly APIs, expanding the threat surface.
- Agent economy: autonomous AI agents that will interact with enterprise systems and consumer-facing services, creating new security requirements.
Zisapel said Radware’s current core markets—web application protection and DDoS protection—continue to grow and are expected to roughly double by the end of 2028. He described Radware’s security platform as “fully integrated” and built “from the ground up,” rather than assembled via many acquisitions, and said the company has “weaved” AI capabilities into each layer of the platform over the past two years.
He also pointed to traction at the high end of the market, saying Radware serves nine of the top 10 carriers and four of the 10 biggest SaaS companies, including a new SaaS customer win in North America in the second half of 2025. He cited Salesforce, Cisco, and eBay as references.
API security expansion and the Pynt acquisition
Executives repeatedly highlighted API security as a near-term expansion area. Zisapel characterized API security as a fast-growing market, describing it as becoming a “billion-dollar market” this year with approximately 30% CAGR. He said Radware expects 2026 and 2027 to be peak years for decision-making and consumption in the category.
Zisapel said Radware released an expanded API security solution “just short of two months ago” and added capabilities through its acquisition of Pynt, which brings API testing for pre-production. CTO David Aviv described the combined approach as an end-to-end API security suite spanning “shift left” (build-time/design-time testing) through “shift right” runtime protection, including continuous discovery and risk posture.
Aviv also emphasized the importance of runtime business logic protection, describing attacks that manipulate identities and tokens to reach “crown jewels” data.
AI: demand tailwinds, new products, and research-led positioning
Zisapel argued that AI is a “major upside” for Radware in three ways: attackers using AI to create more scalable attacks (increasing demand for real-time protection), Radware using AI to improve its own platform (“Protect with AI”), and new revenue potential in securing AI agents (“Protect AI” and “Serve AI”).
Stack described several AI-related modules and tools discussed during the event, including:
- AI SOC X: positioned as a “copilot” for security operations center analysts to reduce noise and speed investigations.
- AI DocX: a knowledge-based model intended to help customers quickly answer configuration questions about Radware products.
- Radware Agentic Protection: described by Stack as an “industry-first” solution aimed at securing agents.
- Serve AI: intended to help customers distinguish legitimate agent traffic from malicious automation so that agent-driven consumer transactions are not mistakenly blocked.
Aviv tied Radware’s AI narrative to security research, describing work by a dedicated team focused on agent-related attacks. He said Radware demonstrated attacks against OpenAI’s “deep research agent,” including indirect prompt injection leading to “zero-click” data leakage, which Radware called “ShadowLeak,” and a subsequent “ZombieAgent” attack described as a more persistent, command-and-control-style takeover. Aviv said OpenAI acknowledged and addressed the issues over time and used the examples to argue that guardrails alone are insufficient, emphasizing Radware’s approach of combining guardrails with behavioral classification.
Go-to-market priorities: North America focus and MSSP expansion
Stack said Radware is “doubling down” in North America, citing customer and prospect feedback asking whether the company is committed to the U.S. market. She described an emphasis on competitive displacement motions aligned with refresh cycles, along with switching incentives intended to reduce barriers to migration.
She also emphasized expanded routes to market through OEM and MSSP initiatives, noting Cisco and Check Point as OEM relationships referenced during her remarks. On MSSPs, both Zisapel and Stack described the channel as a “force multiplier” that can extend Radware’s reach into the mid-market beyond what the company could cover with direct sales resources. Zisapel cited an announcement made that morning about Bell Cyber joining as a new MSSP partner. Stack also referenced MSSP partners in Milan, Italy (MAIRE) and New Zealand (Spark) as examples discussed during the session.
Looking ahead, Zisapel said Radware is targeting at least 25% cloud ARR growth and argued that, if sustained, the company’s cloud trajectory could lift overall ARR growth to 15% and total revenue to $500 million by 2030, while maintaining profitability and cash flow consistent with its historical execution.
About Radware (NASDAQ:RDWR)
Radware Ltd. provides cybersecurity and application delivery solutions designed to ensure the availability, performance and security of mission‐critical applications. Its product portfolio includes on‐premises and cloud‐based offerings such as Alteon application delivery controllers, DefensePro network behavior analysis for DDoS mitigation and AppWall web application firewall. The company’s platforms use real‐time behavioral analysis, machine learning and automation to protect against distributed denial‐of‐service attacks, application layer threats and network intrusions.
Founded in 1997, Radware is co-headquartered in Tel Aviv, Israel, with a principal U.S.
