Cloudflare has leveraged its content delivery network footprint to also offer application and website security. The company further innovated with Zero Trust combined with SASE network connectivity, and also eliminated egress fees for object storage to attract developers. What’s quite rare about Cloudflare is that the company is leveraging its global network to offer compute, storage and application services.
That’s a mouthful. There’s a lot of jargon when discussing Cloudflare that cannot be avoided. What’s important to take away from this analysis is that Cloudflare has laid down important stepping stones to becoming a dominant player in AI. Although we have to focus on the what (product), we also want to connect the dots on the why (strategy). This analysis will break down Cloudflare’s visionary approach on bringing AI inference to the edge; an approach that is a decade or more ahead of the competition. That is, if there is any competition among best-of-breed companies.
The analysis below touches base on Cloudflare’s core products as a CDN and best-of-breed leader in cloud-based security and application security. We will also discuss Zero Trust. However, the point of describing these products is so that I/O Fund Members understand how each of these is interconnected, and how these products uniquely position Cloudflare to capture AI inference at the edge. By my estimation, every market Cloudflare has entered over the past 14 years has been leading up to this point.
Product Overview:
Cloudflare references its business units as “Acts” – Act 1, Act 2 and Act 3. The company defines Act 1 as application security, Act 2 as Zero Trust and Act 3 as the Workers Platform. For our purposes as stock investors, it’s Act 3 we are most interested in. The analysis below makes it abundantly clear as to why Act 3 and the Workers platform is where the most explosive moment could occur.
Before we discuss Cloudflare’s positioning to democratize AI development and bring inference to the edge, it’s well worth the time to discuss the stepping stones that can create a moat of sorts. As stated, the most important section of the analysis begins at Act 3: Workers Platform.
CDN: Content Delivery Network
Cloudflare owns a predominant share of the CDN market. Content Delivery Networks are essentially a middleman that sits between the client/users and the origin server. CDNs contain a cached copy of website content on multiple servers located across the world to help improve page loading times.
When a person visits a website, it will provide the content from the server closest to the end-user, which helps increase the delivery speed of the content. When a website is hosted on a server in the United States, the person browsing the website from any part of the globe, like Asia or Europe, will receive the content from the nearest location instead of the server in the USA.

Pictured Above: CDNs are the middleman between origin servers and client devices.
Source: WallarmWallarm
Cloudflare has 300 points of presence (POPs) which are servers that sit at the edge. Hyperscalers, such as Google, Microsoft and Amazon, offer more centralized data centers. These data centers are geographically distributed but are designed for compute intensive workloads more than speed. Content delivery networks, as the name suggests, are designed for speed because their primary function is to deliver content as quickly as possible. This means smaller servers in more locations, with an emphasis on the network, which is why Cloudflare advertises that 95% of the world’s population is within 50 milliseconds with 12,500 network partners. In contrast, cloud data centers are much larger (think football field size) and are designed for a variety of workloads that are not only more compute intensive but also require a lot of storage.
Before I keep going, I want to make it clear that the Big 3 (AWS, Google Cloud and Azure) also have points of presence (POPs) and edge infrastructure. AWS has 400 points of presence (POPs), Azure 192 POPs, and Google Cloud has 120 POPs. The original dot-com CDN is Akamai, and this company has 4,200 POPs. As inference moves more toward the edge network and edge devices, you can expect the Big 3 will increase the number of POPs and strike close partnerships with telecom companies to leverage millions of 5G points-of-presence (POPs) for fast network speeds.
So then, given that Cloudflare is up against tech’s heavyweights who can build POPs with their large cash reserves and partner with telecoms, what is Cloudflare’s competitive advantage? Sitting at the edge is one of many stepping stones for Cloudflare. But this is where the similarities end.
Reverse Proxy and Anycast:
I want to touch base on reverse proxy and Anycast to help illustrate Cloudflare’s leading position as a middleman. This will also help illustrate how Cloudflare has leveraged its position to greatly improve application performance when we discuss Serverless.
Large Market Penetration:
According to data from W3Techs, 79.9% of websites that use a CDN or reverse proxy rely on Cloudflare.

Source: Intricately and KinstaKinsta
The customer count is high because Cloudflare offers free services. Cloudflare has 1.154 million customers and makes $1.3 billion in revenue whereas Akamai has 143,000 customers and makes $3.8 billion in revenue.
Of the 1.154 million customers, 174,129 have upgraded to Cloudflare’s paid services. This ratio of free to paid is rare. I can’t think of another company offering free enterprise and SMB services at this scale. Customers contributing over $100,000 in revenue have been growing steadily and are now at 2,352. Notably, 31% of the Fortune 1000 use Cloudflare, so it’s not only SMBs that drive revenue.
The benefits of having a free base are that these customers are likely to upgrade to paid services, and free users can be used to test products to eliminate a long quality assurance (QA) process for faster product launches. It also helps illustrate how developer-friendly Cloudflare is, on the core CDN and security products, but also for its Workers platform.but also for its Workers platform.
Reverse Proxy:
Reverse proxy allows for cloud security features by sitting in front of web servers and forwarding client requests to the web servers. By routing through a vendor’s reverse proxy before routing to the server, the vendor has the opportunity to provide cloud-based security. This is important because Cloudflare sits at a critical juncture in the tech stack, to where it can uniquely combine its capabilities as a CDN with application and cloud-based security. Therefore, you can combine fast speeds and better application performance seamlessly with web application firewalls, DDoS protection, API gateways and bot management.

Pictured Above: By being a reverse proxy, Cloudflare can also be a forward proxy for security services. This allows Cloudflare to become a one-stop-shop that combines many application needs. As more developers use Cloudflare for AI purposes, security features will act as an seamless upgrade. Right now, security drives Cloudflare’s revenue.
Anycast is a Material Differentiator:
Being a middleman between internet traffic and servers creates strong positioning for vendor-related products and services. By being a content delivery network that protects against DDoS attacks, Cloudflare was forced to innovate around how to handle incoming requests.
The Anycast network was designed to be resilient for a surge in traffic by routing incoming traffic to the nearest server. Traffic finds the best path to the most available data center rather than overwhelming the origin server where the request was created. In this case, traffic can be spread across the entire network. According to Cloudflare, the network spans 300 cities, 100 countries with over 12,500 network partners that are connected to Cloudflare. Cloudflare has continually innovated its core products with features such as automatic platform optimization which allows websites to cache static HTML on edge servers.
Anycast has a latency in the milliseconds by answering requests from the edge instead of routing to an origin server. This is important for AI inference, which we will touch on later in the analysis.latency in the milliseconds by answering requests from the edge instead of routing to an origin server. This is important for AI inference, which we will touch on later in the analysis.
Over the past ten years, Anycast has increasingly gotten smarter by using routing algorithms. Today, developers also use the Cloudflare network to proxy requests for APIs. This reduces API latency by placing Cloudflare in front of the API, allowing Cloudflare’s DNS resolver to direct the request to the nearest Cloudflare server.
More on Cloud-based Network Security:
Cloudflare has been forced to innovate to handle DDoS-levels of botnet traffic. By being a middleman, Cloudflare answers a few needs combined into one, which is application speed and performance alongside security. This is rare, as usually security vendors do not typically improve application performance, let alone improve application performance to an extent that exceeds the hyperscalers (reference Serverless section below).
Because Cloudflare has a large global presence, it’s particularly well suited for analyzing traffic to determine security risks. The company is able to analyze and detect attacks by running a background program known as a daemon on every server in every data center. The scans are shared as threat intelligence among the servers in each data center without affecting the latency of the CDN.
Cloudflare is able to mitigate at optimal locations in the tech stack, for example at L4 inside the firewall or at L7 inside the reverse proxy with a 403 error page. The company is advanced at preventing L3 DDoS attacks, which targets network equipment and infrastructure. The benefit of having access to more of the stack for security purposes is that CPU consumption and intra-data center bandwidth remains relatively unaffected. It’s also autonomous so Cloudflare is not using manual employees for this process
Distributed denial-of-service (DDoS) attacks are a type of security threat where botnets create a surge of traffic to a network and crash a targeted site. DDoS attacks are essentially bots that send millions of requests to overload servers and to shut down a specific website by targeting its IP address. Often times, these bots are run from devices infected with malware and operated remotely by an attacker. In 2021, Cloudflare detected and mitigated a 17.2 million request-per-second DDoS attack, which was three times larger than any previous DDoS attack on record. This is two-thirds the average rate per second that Cloudflare had served in all of Q2.
These outages are very common, with some of the larger DDoS attacks taking down popular social media sites and consumer applications like Twitter and Spotify (and countless others throughout the years). During 2020, DDoS attacks surged by 300%. During this time, Cloudflare went from 10% penetration across all websites to 19%.
They can also cross-sell security and CDN customers with WAN-as-service, or Magic WAN, which connects office networks through the local area network. The company also offers application delivery controllers located centrally within a customer’s infrastructure for Layer 3 through Layer 7 security for applications and APIs.
Quick Takeaway:
DDoS helped put Cloudflare on the map, and it’s important to discuss this because Cloudflare is capable of protecting against some of the world’s most prevalent cyberattacks. By providing cloud-based security alongside edge serverless at low prices, Cloudflare has added benefits the hyperscalers do not inherently provide.
Zero Trust:
Following Covid, Zero Trust gained acceptance due to rising security threats from hybrid work teams. Secure access service edge (SASE) is a cybersecurity concept that utilizes Zero Trust to identify users and devices to deliver secure access to specific applications or data. The need for this has grown due to remote teams as SASE allows policy-based security no matter where the user, application or device is located.
Zero Trust Security is built on the premise that no one should be trusted within or outside the network. In traditional security systems, it is difficult to obtain access from outside the network while those located inside the network were trusted.
With Zero Trust, these trust assumptions are removed with tools such as multi-factor authentication, giving access for a limited time and to also verify, authorize and to have a continuous check on all the data points that are given access.
In this case, Cloudflare uses the company’s proxy infrastructure for both reverse proxy and forward proxy. The company’s edge network is ideal for SASE because the cloud-driven architecture is meant to secure all applications, data, users and devices. Having a footprint of hundreds of POPs enables a security approach that others SASE vendors cannot duplicate.
Quick takeaway:
Cloudflare’s position as the middleman allowed Cloudflare to skate where the puck was going. The company quickly positioned for the Zero Trust market when Covid drove hybrid work environments by releasing Cloudflare One in October of 2020 — which was an incredible 6-7 month turn around from when shelter-in-place began. The cloud firewall approach was able to overcome issues that traditional firewalls, both hardware and virtualized, could not overcome in terms of capacity planning, managing devices, and needing to apply Zero Trust policies across all traffic rather than centralizing traffic to one, physical location. As stated, the company’s edge network is ideal for SASE because the cloud-driven architecture is meant to secure all applications, data, users and devices – and this will come in handy as AI moves more toward the edge.
Act 3: Workers Platform
Cloudflare is not only a CDN and security company. Rather, Cloudflare is being bold by leveraging its global network to offer compute, storage and application services.
The benefit of serverless is to deploy applications without the customer having to provision the compute infrastructure. The servers for executing the code are deployed by cloud service providers, hence it’s “serverless” for the customer. With serverless, it takes minutes to run code.
Fundamentally, Cloudflare approaches serverless differently than the hyperscalers. Amazon’s (AWS) Lambda functions are executed in containers. When an event triggers the code, a runtime container is started and code is loaded from S3. The container then waits for another execution. If too much time passes, the container is deleted and a new container is required. This is popular because you pay for what you use, and are charged based on the number of requests for your functions. The drawback is that every time a container is spun up, the language runtime is spun up in addition to the code. Moving data centers closer to the edge does not entirely solve this problem because there are fewer machines and less memory, which means cold starts will still occur with a containerized process.
To avoid cold starts, some developers will pay for synthetic requests. This means developers must choose between unreliable execution time with quite a bit of variability (sometimes a few seconds) or they have to pay extra for synthetic requests to keep the function warm.
Cloudflare eliminated cold starts entirely with its Workers platform. There are a few milliseconds where Cloudflare can have Workers runtime load a hostname before a TLS certificate is sent back and the original encrypted request is sent. By the time the HTTPS protocol is ready to send secure data between a browser and a website, Cloudflare has the Worker runtime warm. This means Worker executes code the minute the request is received.
What’s crazy is that Cloudflare rolls out features that exceed hyperscaler performance at minimal cost. It is this combination of competing with the hyperscalers, delivering app performance at faster speeds — while keeping prices low — that is unique to Cloudflare.while keeping prices low — that is unique to Cloudflare.
More on Serverless Cold Starts and Isolates:
Serverless is event-driven, which means when an event is received, it’s spun up and the request is processed. Serverless platforms are free at first but become more expensive as an application scales.
Serverless is billed in two ways:
- Number of requests – billed in increments of every million requests per month
- Compute time – measured in GB per seconds, higher memory execution costs more than lower memory execution
- Data transfer and Storage Costs, this depends on the use case
Cloudflare’s approach to serverless is fundamentally different than the hyperscalers. Amazon’s Lambda is one of the more traditional serverless platforms. As discussed, it works by spinning up a containerized process for code, which if inactive at the time the request is received, leads to “cold starts.” As discussed, a cold start is when a new copy of code is started on a machine, which can cause one to four seconds of lag time.

Source: Mikhail.io
If an instance is already active, then there is a “warm start” and there is no lag time. You can read about the idle instance lifetimes here in terms of how long an instance can idle before it requires another cold start.
In contrast, the Workers platform uses something called isolates. Isolates allow a single process to run up to thousands of isolates. Although hyperscalers will promote the ability to scale, it can be costly to do so. With Cloudflare’s serverless approach, developers pay for the Javascript runtime once, and then are able to run more scripts without additional costs. The isolate runs faster than a node process, and also uses less memory because isolates do not share or access the memory of another isolate (hence the name isolate). By not sharing memory, there is a security feature to isolates.
Additionally, Cloudflare’s serverless Workers platform does not use containers or virtual machines. This means applications do not require the cold starts that virtual machines require. Instead, code runs close to the “metal” – or in other words, on an edge server. This reduces the request response time compared to serverless platforms offered by hyperscalers such as AWS Lambda, Lambda@Edge, Lambda Native and Google’s Firebase.
Because of some of these fundamental differences, Cloudflare claims to cold start applications within five milliseconds. Per Cloudflare: “Any given isolate can start around a hundred times faster than a Node process on a container or virtual machine.” The company also states: “on startup, isolates consume an order of magnitude less memory.”
Out the gate, the Workers platform was designed to compete with AWS’s Lambda and Lambda@Edge by being faster. According to Cloudflare, Workers was 441% faster than a Lambda function and 192% faster than Lambda@Edge. The speed is possible because Cloudflare offers serverless through its edge network, which is distributed and decentralized.
The Workers Platform is on fire in terms of growth. Per the most recent earnings call: “Our developer platform, Cloudflare Workers, continues its explosive growth. We reached 10 million active Workers applications in Q2, up 250% since December and 490% year-over-year.” These applications were at 2.2 million less than a year ago in Q3, and were at 4.9 million last quarter.

Pictured Above: Cloudflare Workers Platform has seen applications surge. Source: Cloudflare Investor Relations
It’s not clear how much the 10 million is contributing to revenue. Per management: “But I would say that we have been very pleasantly surprised at how quickly the Workers' platform is taking off. But we are not, at this time, optimizing that platform for how can we bring as many dollars out of it as possible.”
However, this is where the magic of a developer moat often starts – a platform that advocates for developers, offers something of value (lower costs, higher performance, more accessibility), and then patiently waits for the tide to come in.
Quick takeaway:
Cloudflare combines executing runtime for an application close to the user and removes cold starts by running isolates that create an advantage at the edge. This is distinct from pushing compute from a centralized data center to the edge. It’s also distinct from containerized processes that require cold starts.
R2 Object Storage
Cloudflare’s R2 storage allows unstructured data to be stored without egress bandwidth fees, which are charged when developers retrieve data from a cloud provider like AWS. This was a bold move by Cloudflare to prove it can compete against a hyperscaler on cloud storage.
The egress fees that Cloudflare is disrupting are essentially a tax without any value. Markups are as high as 7900% in the United States region when calculating what AWS charges. This is an 80X bandwidth markup and was detailed here by Cloudflare’s management. Eliminating egress fees with R2 Storage places Cloudflare in direct competition with Amazon’s S3.
Cloudflare’s motivation is to win over developers and their loyalty. Per the CEO: “We want developers to keep developing, not worrying about their storage bill. Our aim is to make R2 Storage the least expensive, most reliable option for storing data, with no egress charges. I’m constantly amazed by what developers are building on our platform, and look forward to continued innovation as we expand the tools they have access to.”
Primarily, Cloudflare is hoping to attract developers for its Workers platform by eliminating unnecessary fees on cloud storage. R2 Storage will help Cloudflare grow its addressable market and will help the company compete as a best-of-breed player in of multi-cloud.
In response, Amazon lowered prices by up to 31% but this may not be enough if Cloudflare removes egress fees entirely. When Cloudflare announced R2 storage, the company’s co-founder and CEO, Matthew Prince, tweeted, “Why R2? Because it’s S3 minus the one most annoying thing: egregious egress.”
It is interesting to note that Amazon successfully grew by targeting companies that had good margins with a famous quote from Jeff Bezos, “Your margin is my opportunity.” Now, companies like Cloudflare are doing what Amazon did in its early days by toughening the competition. Amazon’s AWS is a profitable powerhouse, and if Cloudflare can attract even a small share of AWS customers, it could be a game-changer for Cloudflare. Per management on the most recent call: “Cloudflare is the most commonly used cloud provider across the leading AI startups. They're using R2 to help arbitrage the lowest GPU cost to train their models.”
R2 Object Storage is growing quickly. Management stated in the last earnings call: “R2 continues to grow and now stores over 13 petabytes of customer data, up 85% quarter-over-quarter. We have 44,000 distinct paying customers with R2 subscription, and brand name customers are beginning to adopt it as their primary object storage solution.”
Inference at the Edge:
There are two primary steps to AI/ML: training and inference. Training is the learning phase and is compute intensive. GPT-3 had 175 billion parameters and required 300 zettaflops and 300,000 billion math operations across it’s training cycle. For the most part, training is done by high performance computing systems and is often done in the cloud instead of on-prem.
However, inference is a different matter entirely. Cloud computing through the hyperscalers has a long transmission delay. What inference needs is speed so it can retain the learning from the training phase, while quickly applying data it’s never seen before. Inference takes batches of real-world data and quickly comes back with an answer or prediction. This is best done at the edge, which includes the edge network that Cloudflare provides, and edge devices, such as smartphones and laptops.
In the inference stage, the compute intensive neural networks are modified for speed and to improve latency. In order to do this, inference is optimized for runtime performance. This allows the computation tasks to be as close to the data source as possible. In many cases, data is produced at the edge, and it’s more efficient and faster to run inferencing at the edge.
For many inferencing tasks, Cloudflare’s distributed edge servers will handle tasks without needing to exchange data with the cloud. This helps to optimize the traffic load. For other tasks, the cloud will act as a backup not only for processing but also for scalable storage. So, it’s important to understand that Cloudflare is not a direct competitor in the traditional sense, but in some cases, compliments the Big 3. Look Cloudflare to play up its multi-cloud approach and the common goal of increasing the number of AI applications and improving accessibility to developers.
It’s true that hyperscalers will increase their edge footprint, and will partner with telecoms for fast speeds. However, AI developers need an advocate, and because Cloudflare owns their infrastructure, their strategy of driving down costs and improving GPU accessibility makes a lot of sense.
There are more details that we will visit later down the line, such as ONNX runtime, which allows Cloudflare to be the middleman as a routing layer between cloud data centers, the edge network and devices – and AI gateways, which allow developers to cache AI responses and monitor performance to mitigate AI costs.
Connecting the Dots:
If we connect the dots, then it becomes clear Cloudflare has a few distinct advantages as the platform of choice for AI developers. Here’s a summary of what’s been discussed:
- Does not rely on Big 3 infrastructure and can drive down costs
- Is faster on performance because of its position at the edge; this lowers costs and latency for AI inference and keeps data as close to the user as possible
- Geographically equipped to handle compliance issues that will inevitably result from using training data for inference. You can read more about ChatGPT running into issues in Italy here.
- The company has moved diligently into compute, storage and application services. Combined with its global network, this positions the company for AI inference as-a-service. There is no other company doing both edge network plus compute and storage except the hyperscalers. However, in some cases such as serverless, Cloudflare exceeds the performance of the hyperscalers
- CDN as a core product and security as a seamless upgrade shows the importance of being a middleman, helping to position Cloudflare to innovate around Serverless in ways that outperform even AWS.
- Training models is prohibitively expensive by requiring upfront costs, Nvidia GPUs are hard to obtain, and AI development is not democratized for developers with proprietary, blackbox APIs that run counter to an open-source movement (GPT-4 versus Llama). Cloudflare aims to solve these problems by allowing popular models to run closer to the user, which is the next logical step for AI.
Ultimately, the bigger and the faster a network is, the more it’s capable of providing “as a service.” AI can create a fortuitous moment for Cloudflare because the company is positioned to offer AI inference-as-a-service.
Last month, there was an important announcement with Cloudflare launching Workers AI. This new platform is the sum of the parts we discussed in this analysis.
Financials:
Cloudflare is strong on revenue growth with analysts expecting consistency over the next few quarters. This kind of consistency is rare in the cloud and security category. However, Cloudflare is not GAAP profitable and the AI story will take a back seat if there is a FED-related selloff, or if for any other reason we enter a risk-off market for growth stocks.
Revenue and EPS
All numbers are for the current Q2 quarter ending in June and are year-over-year comps unless otherwise stated.
- Revenue grew 31.5% to $308.5 million and was in line with expectations. Next quarter the company is expected to grow 30% to $330.5 million in revenue.
- Full year revenue guidance for 2023 is $1.283 billion to $1.287 billion, representing growth of 31.8% at the mid-point.

Pictured Above: Cloudflare is expected to report consistent growth
Source: YCharts/Seeking Alpha
Adjusted EPS of $0.10 is up from $0.00 in the year ago quarter. The consensus for next quarter is $0.10. However, on a GAAP basis, the company is unprofitable with GAAP EPS of ($-0.28) reported compared to ($-0.13) expected. The miss in GAAP EPS is due to a $50.3 million loss on extinguishment of debt for a negative impact of $0.15 EPS.

Pictured Above: Bottom line growth on an adjusted basis is expected to slow
Margins:
Cloudflare has a strong gross margin yet stock-based compensation weighs on the GAAP operating margin.
- Gross margin of 75.6% is strong and necessary for this company to expand.
- The operating margin of (-18.20%) compared to (-27.50%) a year ago. However, it got worse QoQ and has remained flat this year with no improvement.
· Stock based compensation is high at 22.2% of revenue. - Adjusted operating margin improved by 700 basis points YoY to 6.6%.
· Sales and marketing expenses decreased as a percentage of revenue by 300 basis points YoY to 41%.
· R&D expenses decreased by 300 basis points YoY to 17%
· G&A expenses decreased by 200 basis points YoY to 13%. - Adjusted operating income guidance for the next quarter ranges from $20 million to $21 million or 6.2% of revenue.
- Net margin of (-30.60%) with the net loss increasing last quarter primarily due to the loss on extinguishment of debt of ($50.3 million) due to early repurchase of 2025 convertible senior notes. Per the 10-Q: “In May 2023, the Company repurchased $123.0 million principal amount of the 2025 Notes (the 2025 Notes Repurchases) for $172.7 million in cash, including accrued interest payable of $0.5 million.”
- Adjusted net margin of 10.9% compared to 0.1% in the same period last year.

Source: Cloudflare Investor Relations
Cash Flow and Balance Sheet:
Compared to its peers, Cloudflare’s cash flows are a bright spot. The operating cash flow margin was 21% compared to 16% in the same period last year. Free cash flow improved to 6% from (-2%) in the same period last year and was up 1% sequentially. Previously, management had guided to being breakeven on cash flows in H1 2023.
Thomas Seifert, CFO of the company, had said in the Q4 2022 earnings call, “While we expect free cash flow to trend upward on an ongoing basis, for modeling purposes we anticipate near-term variability in our cash flow generation with the first half of 2023 expected to be relatively breakeven.”
One of the differences between operating cash flow and free cash flow is network capex of 11% in the most recent quarter. Network capex is expected to be 10% to 12% of revenue in FY2023. This is a primary reason as to why FCF can be minimal at times.
The company has cash and available-for-sale securities of $1.59 billion. It repurchased $123 million convertible senior notes in the recent quarter and had an outstanding $1.32 billion.
Key Metrics
Remaining performance obligation (RPO) is declining yet is still above revenue growth. In the recent quarter, RPO grew by 36% YoY and was up 8% QoQ to $1 billion. The deceleration pictured below is quite apparent and RPO will need to accelerate when the AI story plays out.

Source: Cloudflare Investor Relations
The dollar-based net retention rate was 115% in the recent quarter. Management believes that the deceleration in DBNRR is nearing a bottom.
This is very important for Cloudflare to prove to investors as we move through the next few quarters. Thus, we’ve provided the full statement below.
Thomas Seifert said in the recent earnings call, “Our dollar-based net retention rate was 115% during the second quarter, representing a decrease of 200 basis points sequentially. Importantly, renewal rates in the second quarter were consistent with the quarterly average in 2022, which was an all-time high for the company. Instead, similar to the last two quarters, the decline in DNR was again primarily driven by slower expansion in our larger customer cohort. We calculate DNR by comparing the analyzed revenue from paying customers four quarters prior to the annualized revenue from the same set of customers in the most recent quarter. As a result, this will be a lagging indicator of Cloudflare’s underlying business trends. Based on our visibility, we believe the deceleration in DNR is nearing a bottom.”Importantly, renewal rates in the second quarter were consistent with the quarterly average in 2022, which was an all-time high for the company. Instead, similar to the last two quarters, the decline in DNR was again primarily driven by slower expansion in our larger customer cohort. We calculate DNR by comparing the analyzed revenue from paying customers four quarters prior to the annualized revenue from the same set of customers in the most recent quarter. As a result, this will be a lagging indicator of Cloudflare’s underlying business trends. Based on our visibility, we believe the deceleration in DNR is nearing a bottom.”

Source: Cloudflare Investor Relations
- Total paying customers grew by 15% YoY to 174,129.
- Large customers (greater than $100,000 annualized revenue) have declined considerably and is at nearly half the growth rate of 34% YoY compared to last year. This needs to accelerate when the AI story plays out.

Source: Cloudflare Investor Relations
Conclusion:
The goal of the analysis is to make it clear why Act 3 is what we are interested in, and how Cloudflare is uniquely positioned to bring inference to the edge. The Big 3 will also do this with an ever-expanding edge footprint, yet Cloudflare is grassroots enough to attract a large developer following. The company states there are 1 million active developers with 10 million active applications for Workers. This puts Cloudflare well on its way to become a leading developer platform. Five years ago, we pointed toward CUDA being Nvidia’s moat. Cloudflare does not have a moat right now but it certainly could over the next few years. Because of Workers, Cloudflare is at the top of our list for building a position.
There are some caveats — if only investing were so simple that all we had to do was find a great product and a strong management team with a history of executing in new markets. Cloudflare’s financials are not FED-proof. This company is not GAAP profitable and won’t be in the near future. The company is cash flow positive, but it’s minimal and subject to network infrastructure capex.
The FED has the power to overshadow even a multi-generational investment opportunity such as AI. Tech is the most sensitive sector to the FED because tech stocks are long duration assets that are priced according to future cash flows. The longer rates stay elevated, the more likely valuations recede and tech stocks get rerated.
This is why we put risk management in the drivers’ seat by carefully and patiently timing our entriesby carefully and patiently timing our entries. Buying Nvidia at the top last year means you would have to sit through a (-60%) drawdown. This drawdown was steepest the month the H100 shipped. However, buying Nvidia in October means you are sitting on 300% returns. This helps illustrate why identifying a great product is secondary to risk management tools. We expect something similar for Cloudflare — to where timing will be everything.
For real-time trade alerts and weekly 1-hour webinars with the portfolio manager of the I/O Fund, sign up here for Advanced Market Signals.sign up here for Advanced Market Signals.
Royston Roche, Equity Analyst for the I/O Fund, contributed to this analysis.