Q3 2023 Palo Alto Networks Inc Earnings Call

Nikesh Arora: AI has an interesting role to play in security, both for its ability to help deliver superior security outcomes in near real time, and unfortunately, the potential threat associated with AI being used to generate attacks. We have and continue to work on these problems. We should talk more about this today. On the other hand, we continue to see limited underlying growth in hardware in the industry. While the supply chain crisis and its effects are all but over, there is a shift that the crisis created. We have seen a higher appetite for software-based solutions than networking, and higher appetite for cloud-delivered form factors. This is particularly salient in the current CapEx-constrained environment. On the adversary front, there seems to be no impending recession in threats. Increased cloud activity and connectivity continues to drive the threat environment.

Nikesh Arora: AI has an interesting role to play in security, both for its ability to help deliver superior security outcomes in near real time, and unfortunately, the potential threat associated with AI being used to generate attacks. We have and continue to work on these problems. We should talk more about this today. On the other hand, we continue to see limited underlying growth in hardware in the industry.

It has an interesting role to play in security.

Speaker 1: and has an interesting role to play in security, both for its ability to help deliver superior security outcomes in near real time, and unfortunately, the potential threat associated with AI being used to generate attacks. We have and continue to work on these problems. We should talk more about this today.

While the supply chain crisis and its effects are all but over, there is a shift that the crisis created. We have seen a higher appetite for software-based solutions than networking, and higher appetite for cloud-delivered form factors. This is particularly salient in the current CapEx-constrained environment. On the adversary front, there seems to be no impending recession in threats. Increased cloud activity and connectivity continues to drive the threat environment.

Speaker 1: On the other hand, we continue to see limited underlying growth in hardware in the industry.

Speaker 1: Whilst the supply chain crisis and its effects are all but over, there is a shift that the crisis created. We have seen a higher appetite for software-based solutions and networking and a higher appetite for cloud-delivered form factors. This is particularly salient to the current CAPEX-constrained environment.

Speaker 1: On the adversary front, there seems to be no impending recession in threats. Increased cloud activity and connectivity continues to drive the threat environment. This is best illustrated by recent findings in the seventh installment of our Unit 42 Cloud Threat Report. It still takes the average security team approximately six days to resolve a security alert.

Nikesh Arora: This is best illustrated by recent findings in the seventh installment of our Unit 42 Cloud Threat Report. It still takes the average security team approximately six days to resolve a security alert. In contrast, it only takes a threat actor a few hours to exploit a newly discovered vulnerability. While over 7,000 malicious versions of open source software packages were circulated in 2022, less than 1/4 of those packages are sourced properly to ensure a clean software version is incorporated into a typical customer's code base. Regulatory interest continues to rise and is prevalent across multiple governments. There is sustained activity around incremental regulatory mandates and executive orders to create awareness around cybersecurity. This is true not only at the government level, but also as companies' board of directors are bringing additional oversight and drive an alignment of accountability for cybersecurity.

This is best illustrated by recent findings in the seventh installment of our Unit 42 Cloud Threat Report. It still takes the average security team approximately six days to resolve a security alert. In contrast, it only takes a threat actor a few hours to exploit a newly discovered vulnerability. While over 7,000 malicious versions of open source software packages were circulated in 2022, less than 1/4 of those packages are sourced properly to ensure a clean software version is incorporated into a typical customer's code base.

Speaker 1: In contrast, it only takes a threat actor a few hours to exploit a newly discovered vulnerability.

Speaker 1: While over 7,000 malicious versions of open source software packages were circulated in 2022, less than a quarter of those packages are sourced properly to ensure a clean software version is incorporated into a typical customer's codebase.

Regulatory interest continues to rise and is prevalent across multiple governments. There is sustained activity around incremental regulatory mandates and executive orders to create awareness around cybersecurity. This is true not only at the government level, but also as companies' board of directors are bringing additional oversight and drive an alignment of accountability for cybersecurity.

Speaker 1: Regulatory interest continues to rise and is prevalent across multiple governments. There is sustained activity around incremental regulatory mandates and executive orders to create awareness around cybersecurity.

Speaker 1: This is true not only at the government level, but also as companies' board of directors are bringing additional oversight and driving alignment of accountability for cybersecurity.

Nikesh Arora: This requires incremental organizational focus and investment by our customers. On the macro front, customers anticipate that global growth may slow. Some are grappling with rising capital costs and are watching their bottom lines more closely. This means looking for efficiencies in their business. Within cybersecurity, complex architectures and long vendor rosters have come into focus, and many customers see this as an opportunity to simplify and drive consolidation. Five years ago, when I highlighted the need for platform architectures and consolidation, the idea was met with some resistance. Over the last few years, our industry-leading solutions, three-platform approach, has continued to take hold and has allowed us to provide a much-needed option for simplicity, a modern stack, and better security outcomes for our customers. I mentioned earlier that our customers are engaging in more scrutiny of deals and value, resulting in robust discussions internally and with us.

This requires incremental organizational focus and investment by our customers. On the macro front, customers anticipate that global growth may slow. Some are grappling with rising capital costs and are watching their bottom lines more closely. This means looking for efficiencies in their business. Within cybersecurity, complex architectures and long vendor rosters have come into focus, and many customers see this as an opportunity to simplify and drive consolidation.

Speaker 1: This requires incremental organizational focus and investment by our customers.

Speaker 1: On the macro front, customers anticipate that global growth may slow. Some are grappling with rising capital costs and are watching their bottom lines more closely. This means looking for efficiencies in their business.

Speaker 1: Within cybersecurity, complex architectures and long vendor rosters have come into focus, and many customers see this as an opportunity to simplify and drive consolidation.

Five years ago, when I highlighted the need for platform architectures and consolidation, the idea was met with some resistance. Over the last few years, our industry-leading solutions, three-platform approach, has continued to take hold and has allowed us to provide a much-needed option for simplicity, a modern stack, and better security outcomes for our customers. I mentioned earlier that our customers are engaging in more scrutiny of deals and value, resulting in robust discussions internally and with us.

Speaker 1: Five years ago, when I highlighted the need for platform architectures and consolidation,

Speaker 1: The idea was met with some resistance.

Speaker 1: Over the last few years, our industry leading solutions three platform approach has continued to take hold and has allowed us to provide a much needed option for simplicity, a modern stack and better security outcomes for our customers.

Nikesh Arora: We continue to work hard to stay ahead of deal cycles, engaging the CFO and procurement departments. The cost of money continues to become a topic of conversation as customers enter into larger and longer-term relationships with us. Some also seek more flexible business terms. A strong balance sheet allows us to accommodate customers while we maximize our medium-term cash flow. Let's turn to efficiency and operations. As we started this fiscal year, we pivoted our efforts and focused our effort on doing more with less. Our teams responded effectively. Coupled with the waning of the supply chain crisis, we have been able to adapt our operating model significantly. Deepak will get into specifics, but it suffices to say we have found a new rhythm, and at our scale, we believe we can continue to drive better margins from our business.

We continue to work hard to stay ahead of deal cycles, engaging the CFO and procurement departments. The cost of money continues to become a topic of conversation as customers enter into larger and longer-term relationships with us. Some also seek more flexible business terms. A strong balance sheet allows us to accommodate customers while we maximize our medium-term cash flow. Let's turn to efficiency and operations. As we started this fiscal year, we pivoted our efforts and focused our effort on doing more with less.

Speaker 1: I mentioned earlier that our customers are engaging in more scrutiny of deals and value, resulting in robust discussions internally with us. We continue to work hard to stay ahead of deal cycles, engaging the CFO and procurement departments. The cost of money continues to become a topic of conversation as customers enter into larger and longer term relationships with us.

Speaker 1: Some also seek more flexible business terms.

Speaker 1: A strong balance sheet allows us to accommodate customers while we maximize our medium-term castle.

Our teams responded effectively. Coupled with the waning of the supply chain crisis, we have been able to adapt our operating model significantly. Deepak will get into specifics, but it suffices to say we have found a new rhythm, and at our scale, we believe we can continue to drive better margins from our business. We have achieved this through selective hiring in our customer-facing teams, as well as streamlining our go-to-market efforts, in addition to hiring for key innovation areas, which we expect to continue to do.

Speaker 1: Let us turn to efficiency in operations.

Speaker 1: As we started this fiscal year, we pivoted our efforts and focused our effort on doing more with less. Our teams responded effectively.

Speaker 1: Coupled with the waning of the supply chain crisis, we have been able to adapt our operating model significantly.

Speaker 1: Deepak will get into specifics, but it suffices to say we have found a new rhythm and at our scale we believe we can continue to drive better margins from our business. We have achieved this through selective hiring in our customer facing teams as well as streamlining our go-to-market efforts in addition to hiring for key innovation areas, which we expect to continue to do.

Nikesh Arora: We have achieved this through selective hiring in our customer-facing teams, as well as streamlining our go-to-market efforts, in addition to hiring for key innovation areas, which we expect to continue to do. These efforts are self-evident in our higher Q3 operating margins and our increased operating and free cash flow margin guidance for the year. We continue to see platformization in cybersecurity. I talked about consolidation earlier. A key part of our thesis at Palo Alto Networks has always been to drive superior cybersecurity outcomes for our customers. To do that, we need a robust portfolio that works both individually and cohesively to reduce the burden on our customers who have to stitch together disparate cybersecurity products. We've had to navigate the fine line with our customers. We continue to see the benefits of this approach and think we are in a multi-year trend.

These efforts are self-evident in our higher Q3 operating margins and our increased operating and free cash flow margin guidance for the year. We continue to see platformization in cybersecurity. I talked about consolidation earlier. A key part of our thesis at Palo Alto Networks has always been to drive superior cybersecurity outcomes for our customers. To do that, we need a robust portfolio that works both individually and cohesively to reduce the burden on our customers who have to stitch together disparate cybersecurity products.

Speaker 1: These efforts are self-evident in our higher Q3 operating margins and our increased operating and free castle margin guidance for the year.

Speaker 1: We continue to see platformization in cybersecurity. I talked about consolidation earlier. A key part of our thesis at Palo Alto Networks has always been to drive superior cybersecurity outcomes for our customers. To do that, we need a robust portfolio that works both individually and cohesively to reduce the burden on our customers.

We've had to navigate the fine line with our customers. We continue to see the benefits of this approach and think we are in a multi-year trend. We have the opportunity to do to security what we have seen done in financial software, HR software, or CRM, where customers have adapted to platforms due to the inherently superior benefits from data integrity, integration, seamlessness, and outcome orientation.

Speaker 1: who have to stitch together disparate cybersecurity products.

Nikesh Arora: We have the opportunity to do to security what we have seen done in financial software, HR software, or CRM, where customers have adapted to platforms due to the inherently superior benefits from data integrity, integration, seamlessness, and outcome orientation. As they say, the proof is in the pudding. You can see our success here driving larger platform transactions. Across the board, the size of the transactions we are signing is increasing. This is evidenced by bookings from transactions valued at over $1 million, $5 million, and $10 million in Q3, which are up year over year by 29%, 62%, and 136% respectively. We see a similar trend in cohorts of our customers.

Speaker 1: We've had to navigate this fine line with our customers.

Speaker 1: We continue to see the benefits of this approach and think we are in a multi-year trend.

Speaker 1: We have the opportunity to do to security what we have seen done in financial software, HR software or CRM where customers have adapted to platforms due to their inherently superior benefits from data integrity, integration, seamlessness and outcome orientation.

As they say, the proof is in the pudding. You can see our success here driving larger platform transactions. Across the board, the size of the transactions we are signing is increasing. This is evidenced by bookings from transactions valued at over $1 million, $5 million, and $10 million in Q3, which are up year over year by 29%, 62%, and 136% respectively. We see a similar trend in cohorts of our customers.

Speaker 1: As they say, the proof is in the pudding. You can see our success here driving larger platform transactions. Across the board, the size of the transactions we are signing is increasing. This is evidenced by booking from transactions valued over $1 million, $5 million, and $10 million in the third quarter.

Speaker 1: which are up by year over year by 29%, 62%, 136% respectively.

Nikesh Arora: For example, when we look at the average lifetime value for our 200 largest customers, we've seen steady growth of 30% plus over the last three years. When we look at purchases of our platforms amongst the Global 2000, we see now that 53% of our customers have bought a product in all three platforms of Strata, Prisma, and Cortex, up from 48% a year ago and 33% three years ago. We see this as a continuing trend. It convinces us that the opportunity to impact outcomes for our customers is large if we can get this right. We see the path to continued success with large customers and multi-product expansion around install base. I'll now update you on our three platforms, starting with network security. We are the comprehensive Zero Trust network security company.

For example, when we look at the average lifetime value for our 200 largest customers, we've seen steady growth of 30% plus over the last three years. When we look at purchases of our platforms amongst the Global 2000, we see now that 53% of our customers have bought a product in all three platforms of Strata, Prisma, and Cortex, up from 48% a year ago and 33% three years ago. We see this as a continuing trend. It convinces us that the opportunity to impact outcomes for our customers is large if we can get this right.

Speaker 1: We see a similar trend in cohorts of our customers. For example, when we look at the average lifetime value for our 200 largest customers, we see a steady growth of 30% plus over the last 3 years.

Speaker 1: When we look at purchases of our platforms amongst the global 2000s, we see now that 53% of our customers have bought a product in all three platforms of Stattra, Prisma and Cortex, up from 48% a year ago and 33% two years ago.

We see the path to continued success with large customers and multi-product expansion around install base. I'll now update you on our three platforms, starting with network security. We are the comprehensive Zero Trust network security company. This quarter, we are proud to be named a new leader in Gartner's most recent Security Service Edge Magic Quadrant. This recognition is apt, as our teams have been delivering significant innovation and seeing stronger customer adoption in SASE for years.

Speaker 1: We see this as a continuing trend. It convinces us that the opportunity to impact outcomes for our customers is large, if we can get this right. We see the path to continued success with large customers and multi-product expansion around stall-based.

Speaker 1: I'll now update you on our three platforms starting with network security.

Nikesh Arora: This quarter, we are proud to be named a new leader in Gartner's most recent Security Service Edge Magic Quadrant. This recognition is apt, as our teams have been delivering significant innovation and seeing stronger customer adoption in SASE for years. This, in addition to our leadership position in SD-WAN, makes us the only SASE vendor in the industry to be named leader in the Gartner SSE, and SD-WAN Magic Quadrants. Add to that our leadership position in network firewalls and our number one market share position in virtual firewalls. We are the only vendor with clear leadership across Zero Trust network security... This leadership across the network security category is a testament to our ability to drive significant innovation in new markets, while maintaining our leadership in core markets and offering this innovation as part of our cohesive platforms. Let's talk about SASE.

Speaker 1: We are the comprehensive Zero Trust Network security company. This quarter, we are proud to be named a new leader in Gartner's most recent security service edge magic quadrant. This recognition is apt as our teams have been delivering significant innovation and seeing stronger customer adoption in SASE for years.

This, in addition to our leadership position in SD-WAN, makes us the only SASE vendor in the industry to be named leader in the Gartner SSE, and SD-WAN Magic Quadrants. Add to that our leadership position in network firewalls and our number one market share position in virtual firewalls. We are the only vendor with clear leadership across Zero Trust network security... This leadership across the network security category is a testament to our ability to drive significant innovation in new markets, while maintaining our leadership in core markets and offering this innovation as part of our cohesive platforms. Let's talk about SASE.

Speaker 1: This, in addition to our leadership position at SD-WAN, makes us the only SASE vendor in the industry to be named leader in the Gartner SASE and SD-WAN magic quadrants.

Speaker 1: Add to that our leadership position in network firewalls and our number one market share position in virtual firewalls, we are the only vendor with clear leadership across Zero Trust Network Security.

Speaker 1: This leadership across the network security category is a testament to our ability to drive significant innovation in new markets while maintaining our leadership in core markets and offering this innovation as part of our cohesive platform.

Nikesh Arora: SASE remains one of the fastest-growing markets within all of cybersecurity. Our ARR is growing over 50%. At scale, we have surpassed 4,200 customers in Q3. Our success has spread across all three major geographies, as highlighted by large deals in each of these territories in Q3. Let me tell you about three of these notable wins. First, a global beverage company with US headquarters signed a transaction north of $30 million, which includes $24 million of SASE, for a complete SASE transformation that included Prisma Access, Prisma SD-WAN, and our ADEM, or Autonomous Digital Experience Management, for tens of thousands of employees. Second, a Japan-based technology company signed an eight-figure transaction to modernize its network and its network security after an extensive POC.

SASE remains one of the fastest-growing markets within all of cybersecurity. Our ARR is growing over 50%. At scale, we have surpassed 4,200 customers in Q3. Our success has spread across all three major geographies, as highlighted by large deals in each of these territories in Q3. Let me tell you about three of these notable wins. First, a global beverage company with US headquarters signed a transaction north of $30 million, which includes $24 million of SASE, for a complete SASE transformation that included Prisma Access, Prisma SD-WAN, and our ADEM, or Autonomous Digital Experience Management, for tens of thousands of employees.

Speaker 1: Let's talk about SASE. SASE remains one of the fastest growing markets within all of cybersecurity. RAR is growing over 50%. At scale, we have surpassed 4200 customers in Q3. Our success has spread across all three major geographies, as highlighted by large deals in each of these territories in Q3. Let me tell you about three of these notable...

Speaker 1: A global beverage company with US headquarters signed a transaction north of $30 million which includes $24 million of SASE for a complete SASE transformation that included Prisma Access, Prisma SD-WAN, and our ADEM, or Autonomous Digital Experience Management, for tens of thousands of employees. Second, a Japan-based technology company signed an eight-figure transaction to modernize this transaction.

Second, a Japan-based technology company signed an eight-figure transaction to modernize its network and its network security after an extensive POC. Before standardizing on our SASE, the customer replaced its legacy firewalls and other network security capabilities and standardized on our next-generation firewalls, driving a full zero trust network strategy.

Nikesh Arora: Before standardizing on our SASE, the customer replaced its legacy firewalls and other network security capabilities and standardized on our next-generation firewalls, driving a full zero trust network strategy. Finally, a European technology company signed a high seven-figure SASE deal that was part of an overall transaction to Palo Alto Networks of, once again, nearly $30 million in total value. The customer bought from us because of our multiple network security form factors. In the broader transaction, we added capabilities such as IoT and fully adopted our core network security subscriptions. You all might remember, at the beginning of this fiscal year, as part of our scaling efforts, we combined our SASE sales organization into our core sales organization. Drivers here were that we saw SASE demand going mainstream, and we saw encouraging signs that our core sellers could sell the more complex SASE offering.

Speaker 1: its network and its network security after an extensive PoC. Before standardizing on our SASE, the customer replaced its legacy firewalls and other network security capabilities and standardized on our next generation firewalls, driving a full zero-trust network strategy. Finally, a European technology company signed a high seven-figure SASE deal that was part of an overall transaction to Pylo Auto Networks.

Finally, a European technology company signed a high seven-figure SASE deal that was part of an overall transaction to Palo Alto Networks of, once again, nearly $30 million in total value. The customer bought from us because of our multiple network security form factors. In the broader transaction, we added capabilities such as IoT and fully adopted our core network security subscriptions. You all might remember, at the beginning of this fiscal year, as part of our scaling efforts, we combined our SASE sales organization into our core sales organization.

Speaker 1: of once again nearly 30 million dollars in total value the customer brought from us because of our multiple network security form factors in the broader transaction we added capabilities such as IOT and fully adopted our core network security subscription

Speaker 1: You all might remember, at the beginning of this fiscal year, as part of our scaling efforts, we combined our SASE sales organization into our core sales organization.

Drivers here were that we saw SASE demand going mainstream, and we saw encouraging signs that our core sellers could sell the more complex SASE offering. After three quarters of executing as a combined organization, we're delighted to report that over 80% of our core reps participated in the creation of Prisma SASE pipelines as we entered Q4. Q3 was a strong quarter of innovation, highlighted by our AI-powered SASE launch. This flagship release includes capabilities to enable organizations to automate their increasingly complex IT and network operations center functions with AIOps.

Speaker 1: The drivers here with that we saw SASE demand going mainstream and we saw encouraging signs that our core sellers could sell the more complex SASE offering.

Nikesh Arora: After three quarters of executing as a combined organization, we're delighted to report that over 80% of our core reps participated in the creation of Prisma SASE pipelines as we entered Q4. Q3 was a strong quarter of innovation, highlighted by our AI-powered SASE launch. This flagship release includes capabilities to enable organizations to automate their increasingly complex IT and network operations center functions with AIOps. It improves monitoring for networks and apps at the branch office and significantly improves integrations with IoT security. Moving over to our firewall business. Broader than SASE, the future of network security is clear to us. It is centered around software, and while we have led and expect to continue to lead the hardware appliance market for many years, software and cloud-delivered form factors have been an increasing focus since I joined as CEO.

Speaker 1: After three quarters of executing as a combined organization, we're delighted to report that over 80% of our core reps participate in the creation of Prisma SASE pipelines as we enter Q4.

Speaker 1: QC was a strong quarter of innovation highlighted by our AI-powered SASE launch. This flagship release includes capabilities to enable organizations to automate their increasingly complex IT and network operations center functions with AIOps. It improves monitoring for networks and apps at the branch office and significantly improves integration with IoT security.

It improves monitoring for networks and apps at the branch office and significantly improves integrations with IoT security. Moving over to our firewall business. Broader than SASE, the future of network security is clear to us. It is centered around software, and while we have led and expect to continue to lead the hardware appliance market for many years, software and cloud-delivered form factors have been an increasing focus since I joined as CEO.

Speaker 1: Moving over to our firewall business. Broader than SASE, the future of network security is clear to us. It is centered around software. And while we have led and expect to continue to leave the hardware appliance market for many years, software and cloud-delivered form factors have been an increasing focus since I joined as CEO . There are multiple reasons why the shift to software is accelerating.

Nikesh Arora: There are multiple reasons why the shift to software is accelerating. In the changing macro environment, customers are more challenged in their CapEx budgets, which often fund appliance purchases. As a result, their interest in software and cloud-delivered form factors remain high. This is especially true when tied to strategic initiatives around cloud adoption. Illustrating this, we saw a significant uptick in customer requests to evaluate our virtual firewall offerings at the beginning of the pandemic. Customer interest in VMs was also sparked by supply chain challenges, where we saw evaluations sustain. We continue to see primarily net new demand for software and cloud-delivered form factors. However, we are seeing more appliance replacements and planning for this trend to continue and possibly accelerate.

There are multiple reasons why the shift to software is accelerating. In the changing macro environment, customers are more challenged in their CapEx budgets, which often fund appliance purchases. As a result, their interest in software and cloud-delivered form factors remain high. This is especially true when tied to strategic initiatives around cloud adoption. Illustrating this, we saw a significant uptick in customer requests to evaluate our virtual firewall offerings at the beginning of the pandemic.

Speaker 1: In the changing macro environment, customers are more challenged in their CapEx budgets, which often fund appliance purchases. As a result, their interest in software and cloud delivery form factors remain high. This is especially true when tied to strategic initiatives around cloud adoption. Illustrating this, we saw a significant uptick in customer request to evaluate our virtual firewall offerings at the beginning of the pandemic. Our interest in VMs was also sparked by supply chain challenges.

Customer interest in VMs was also sparked by supply chain challenges, where we saw evaluations sustain. We continue to see primarily net new demand for software and cloud-delivered form factors. However, we are seeing more appliance replacements and planning for this trend to continue and possibly accelerate. Beyond the strength I already covered in SASE, we saw VM-Series deals over $1 million more than double in Q3, including an eight-figure deal we signed with a government agency, where they moved from a primarily appliance-centric model to VM-Series as they fully leveraged public cloud as their primary infrastructure.

Speaker 1: where we saw evaluation sustained. We continue to see primarily net new demand for software and cloud deliver form factors. However, we are seeing more appliance replacements and planning for this trend to continue and possibly accelerate. Beyond the strength I already covered in SASE, we saw VMCs deal over $1 million more than double in Q3.

Nikesh Arora: Beyond the strength I already covered in SASE, we saw VM-Series deals over $1 million more than double in Q3, including an eight-figure deal we signed with a government agency, where they moved from a primarily appliance-centric model to VM-Series as they fully leveraged public cloud as their primary infrastructure. This year so far, our VM-Series bookings are up more than 40% year over year, and it grew over 55% in Q3. Most investors have equated our product revenue with hardware. However, given the drivers I have mentioned here, this has been rapidly shifting. Software now contributes 30% of our product revenue. This is up from about 10% two years ago. We expect this trend to continue, and as Deepak would remind you, bookings from our VM-Series and SASE transactions are recognized as revenue more over time than an appliance booking.

Speaker 1: including an eight-figure deal we signed with a government agency where they moved from a primarily appliance-centric model to VM series as a fully leveraged public cloud as their primary infrastructure. This year so far, our VM series bookings are up more than 40% year-over-year and it grew over 55% in Q3.

This year so far, our VM-Series bookings are up more than 40% year over year, and it grew over 55% in Q3. Most investors have equated our product revenue with hardware. However, given the drivers I have mentioned here, this has been rapidly shifting. Software now contributes 30% of our product revenue. This is up from about 10% two years ago. We expect this trend to continue, and as Deepak would remind you, bookings from our VM-Series and SASE transactions are recognized as revenue more over time than an appliance booking.

Speaker 1: Most investors have equated our product revenue with hardware. However, given the drivers I have mentioned, here, this has been rapidly shifting. Software now contributes 30% of our product revenue. This is up from about 10% three years ago.

Speaker 1: We expect this trend to continue and as Deepak would remind you, bookings from our VM series and SASE transactions are recognized as revenue more over time than an appliance booking.

Nikesh Arora: Given the conversation about AI, as I mentioned, there is a renaissance in artificial intelligence driven by significant advances in large language models, the development of more powerful and efficient computing, and the broad availability of large volumes of training data. As a result, we have all seen some of the fastest innovation cycles and launches of unique applications over the last several months. At Palo Alto Networks, we have been focused on this technology for many years, and our efforts have been accelerating over the last two years. We first introduced machine learning capabilities as part of our WildFire offering seven years ago. In the ensuing years, we added AI and machine learning capabilities across our network security portfolio, and it has been a critical driver of our innovation and differentiation in the market.

Given the conversation about AI, as I mentioned, there is a renaissance in artificial intelligence driven by significant advances in large language models, the development of more powerful and efficient computing, and the broad availability of large volumes of training data. As a result, we have all seen some of the fastest innovation cycles and launches of unique applications over the last several months.

Speaker 1: Given the conversation about AI,

Speaker 1: As I mentioned, there is a renaissance in artificial intelligence driven by significant advances in large language models. The development of more powerful and efficient computing is a broad availability of large volumes of training data. As a result, we have all seen some of the fastest innovation cycles and launches of unique applications in the last several months.

At Palo Alto Networks, we have been focused on this technology for many years, and our efforts have been accelerating over the last two years. We first introduced machine learning capabilities as part of our WildFire offering seven years ago. In the ensuing years, we added AI and machine learning capabilities across our network security portfolio, and it has been a critical driver of our innovation and differentiation in the market.

Speaker 1: At Palo Alto Networks, we have been focused on this technology for many years, and our efforts have been accelerating over the last two years. We first introduced machine learning capabilities as part of our Wildfire offering seven years ago. In the ensuing years, we added AI and machine learning capabilities across our network security portfolios.

Nikesh Arora: In 2020, we introduced the industry's first machine learning-powered next-generation firewall, where machine learning detection moved in line to prevent zero-day attacks. Since then, we have overhauled nearly all of our security subscriptions with advanced AI capabilities. DNS security, advanced URL filtering, advanced threat prevention, and Advanced WildFire all harness machine learning for inline detection and prevention of zero-day attacks. This means even new attacks that have never been seen before are blocked at the very first attempted use by an attacker. Additionally, we applied AI to IoT security to discover, identify, and secure IoT devices, and most recently, it was expanded to cover both medical IoT and OT security needs. We had a signature release in SASE that included AI-powered autonomous digital experience management, in addition to leveraging AI for SD-WAN, as well as AI-powered phishing prevention.

In 2020, we introduced the industry's first machine learning-powered next-generation firewall, where machine learning detection moved in line to prevent zero-day attacks. Since then, we have overhauled nearly all of our security subscriptions with advanced AI capabilities. DNS security, advanced URL filtering, advanced threat prevention, and Advanced WildFire all harness machine learning for inline detection and prevention of zero-day attacks.

Speaker 1: and has been a critical driver of our innovation and differentiation in the market. In 2020, we introduced the industry's first machine learning powered next generation firewall, where machine learning detection moved in-line to prevent zero-day attacks. Since then, we have overhauled nearly all of our security subscriptions with advanced AI capabilities DNS security, advanced URL filtering, advanced threat prevention, and more.

This means even new attacks that have never been seen before are blocked at the very first attempted use by an attacker. Additionally, we applied AI to IoT security to discover, identify, and secure IoT devices, and most recently, it was expanded to cover both medical IoT and OT security needs. We had a signature release in SASE that included AI-powered autonomous digital experience management, in addition to leveraging AI for SD-WAN, as well as AI-powered phishing prevention.

Speaker 1: and advanced wildfire all harness machine learning for inline detection and prevention of zero-day attacks. This means even new attacks that have never been seen before are blocked at the very first attempted use by an attacker. Additionally, we applied AI to IoT security to discover, identify and secure IoT devices and most recently,

Speaker 1: it was expanded to cover both medical IoT and OT security needs. We had a signature release in SASE that included AI-powered autonomous digital experience management in addition to leveraging AI for SD-WAN as well as AI-powered phishing prevention. In short, we have really been accelerating the application of AI to our network security stack.

Nikesh Arora: In short, we have really been accelerating the application of AI to our network security stack and is one of the most mature applications of AI in the security industry today. We are not only ahead in investments in AI and machine learning as a differentiator in our products, but these investments have driven tangible customer benefits. In a typical day, we analyze nearly 750 million, yes, 750 million new unique telemetry objects worldwide. This includes files, URLs, domains, DNS connections, and other signals. Our AI models analyze this data, and every day we see 1.5 million new attacks that have never been seen before. We take these new insights and add them to all the other things we have already known about, and we use them to block 8.6 billion attacks across our customer base daily.

In short, we have really been accelerating the application of AI to our network security stack and is one of the most mature applications of AI in the security industry today. We are not only ahead in investments in AI and machine learning as a differentiator in our products, but these investments have driven tangible customer benefits. In a typical day, we analyze nearly 750 million, yes, 750 million new unique telemetry objects worldwide.

Speaker 1: and is one of the most mature applications of AI in the security industry today.

Speaker 1: We are not only ahead in investments in AI and machine learning as a differentiator in our products, but these investments have driven tangible customer benefits.

Speaker 1: In a typical day, we analyze nearly 750 million new, unique telemetry objects worldwide. This includes files, URLs, domains, DNS connections, and other signals. Our AI models analyze this data and every day we see 1.5 million new attacks that have never been seen before.

This includes files, URLs, domains, DNS connections, and other signals. Our AI models analyze this data, and every day we see 1.5 million new attacks that have never been seen before. We take these new insights and add them to all the other things we have already known about, and we use them to block 8.6 billion attacks across our customer base daily.

Speaker 1: We take these new insights and add them to all the other things we have already known about and we use them to block 8.6 billion attacks across our customer base daily.

Nikesh Arora: This forms the foundation how we do better security across our network security platforms, and this is how we continue to get better and better at detecting zero-day attacks and being in a position actually to prevent those attacks as well. Moving on to Prisma Cloud. Our early lead in Prisma Cloud continues to strengthen. Most of our competitors continue to provide only point products, while customer demands continues to shift towards a platform approach. Within this, connecting the left side to the right side, otherwise known as code to cloud, is becoming paramount. As an example of our platform success, we continue to see strong usage of our cloud security posture management and cloud workload protection offerings. Customers are increasingly standardizing on these foundational modules, with 49% of Prisma Cloud customers using both CSPM and CWP.

This forms the foundation how we do better security across our network security platforms, and this is how we continue to get better and better at detecting zero-day attacks and being in a position actually to prevent those attacks as well. Moving on to Prisma Cloud. Our early lead in Prisma Cloud continues to strengthen. Most of our competitors continue to provide only point products, while customer demands continues to shift towards a platform approach.

Speaker 1: This form is the foundation how we do better security across our network security platforms and is how we continue to get better and better at detecting zero-day attacks and being in a position actually to prevent those attacks as well.

Speaker 1: Moving on to Prisma Cloud, our early days in Prisma Cloud continues to strengthen. Most of our competitors continue to provide only point products, while customer demands continue to shift towards the platform approach. Within this, connecting the left side to the right side, otherwise known as Code to Cloud is becoming paramount.

Within this, connecting the left side to the right side, otherwise known as code to cloud, is becoming paramount. As an example of our platform success, we continue to see strong usage of our cloud security posture management and cloud workload protection offerings. Customers are increasingly standardizing on these foundational modules, with 49% of Prisma Cloud customers using both CSPM and CWP.

Speaker 1: As an example of our platform's success, we continue to see strong usage of our cloud security posture management and cloud workload protection offerings. Customers are increasingly standardizing on these foundational modules with 49% of Prisma Cloud customers using both CSPM and CWP.

Nikesh Arora: This quarter, Gartner noted that in 2022, only 25% of enterprises buy these capabilities from a common vendor. They expect this will increase to 60% of enterprises by 2025. At the same time, we continue to stay ahead of the industry's need for new capabilities, which is core to our commitment as a platform. We are on track to launch our eleventh module as we innovate cybersecurity. We're also focused on driving industry certifications in Prisma Cloud. In this last quarter, we were accepted by the Joint Advisory Board and reached ready status for FedRAMP High, a first for a cloud security platform. This comes in addition to other certifications we have achieved, including recently announced Prisma Access achieving impact level five or IL5 provisional authorization. IL5 is the highest unclassified authorization level for DoD agencies under the FedRAMP process.

This quarter, Gartner noted that in 2022, only 25% of enterprises buy these capabilities from a common vendor. They expect this will increase to 60% of enterprises by 2025. At the same time, we continue to stay ahead of the industry's need for new capabilities, which is core to our commitment as a platform. We are on track to launch our eleventh module as we innovate cybersecurity. We're also focused on driving industry certifications in Prisma Cloud. In this last quarter, we were accepted by the Joint Advisory Board and reached ready status for FedRAMP High, a first for a cloud security platform.

Speaker 1: This quarter, Gartner noted that in 2022, only 25% of enterprises buy these capabilities from a common vendor. They expect this will increase to 60% of enterprises by 2025. At the same time, we continue to stay ahead of the industry's need for new capabilities, which is core to our commitment as a platform. We are on track to launch our 11th module as we innovate slider security.

Speaker 1: We also focus on driving industry certification in Prisma Cloud. In this last quarter, we were accepted by the Joint Advisory Board and reached ready status for FedRAMP High, a first for our cloud security platform. This comes in addition to other certifications we have achieved including recently announced Prisma Access Achieving Impact Level 5 for IL-5 provision authorization.

This comes in addition to other certifications we have achieved, including recently announced Prisma Access achieving impact level five or IL5 provisional authorization. IL5 is the highest unclassified authorization level for DoD agencies under the FedRAMP process.

Nikesh Arora: We continue to see steady growth in consumption of Prisma Cloud credits, which were up 44% year over year in Q3. Our platform is key to this steady growth. We continue to see customers increase their consumption as they deploy workloads and strategically leverage the public cloud at the core of their IT and business strategies. This includes migrating workloads to the hyperscale clouds, building new applications in the clouds, and leveraging new cloud services. They're also deploying new Prisma Cloud modules, of which we currently have 10. The number of customers using two or more Prisma Cloud modules grew 37% year over year, while the number using four or more modules almost doubled.

We continue to see steady growth in consumption of Prisma Cloud credits, which were up 44% year over year in Q3. Our platform is key to this steady growth. We continue to see customers increase their consumption as they deploy workloads and strategically leverage the public cloud at the core of their IT and business strategies. This includes migrating workloads to the hyperscale clouds, building new applications in the clouds, and leveraging new cloud services.

Speaker 1: I-05 is the highest unclassified authorization level for DOD agencies under the FedRAMP process.

Speaker 1: We continue to see steady growth in consumption of Prisma Cloud credits, which are up 44% year-over-year in Q3. Our platform is key to the steady growth.

Speaker 1: We continue to see customers increase their consumption as they deploy workloads and strategically leverage the public cloud at the core of their IT and business strategy. This includes migrating workloads to the hyperscale cloud, building new applications in the cloud and leveraging new cloud services. They are also deploying new Prisma Cloud modules of which we currently have 10.

They're also deploying new Prisma Cloud modules, of which we currently have 10. The number of customers using two or more Prisma Cloud modules grew 37% year over year, while the number using four or more modules almost doubled. We now have one in five of our Prisma Cloud customers using our Cloud Code module across our capabilities in Infrastructure as Code, SCA or software composition analysis, and secrets management, as they leverage the more efficient approach to detect and remediate security issues as core decision for cloud applications before it reaches production.

Nikesh Arora: We now have one in five of our Prisma Cloud customers using our Cloud Code module across our capabilities in Infrastructure as Code, SCA or software composition analysis, and secrets management, as they leverage the more efficient approach to detect and remediate security issues as core decision for cloud applications before it reaches production. Now moving on to Cortex. This has been a net new business for Palo Alto Networks, a business which was born in the belief that we need to bring next generation innovation to the SOC and all the related activities, just like we had brought the firewall business years ago. We're delighted to announce that Cortex achieved a billion-dollar booking milestone in the last 12 months. Cortex was born in 2019, and since then, we have focused intensively on ensuring we have industry-leading capabilities across endpoints, SOC automation, and attack surface management.

Speaker 1: The number of customers using two or more Prisma Cloud modules grew 37% a year, while the number using four or more modules almost doubled. We now have one in five of our Prisma Cloud customers using our Cloud Code module across our capabilities and infrastructure as code, SCA, our software composition analysis, and SICAS management.

Now moving on to Cortex. This has been a net new business for Palo Alto Networks, a business which was born in the belief that we need to bring next generation innovation to the SOC and all the related activities, just like we had brought the firewall business years ago. We're delighted to announce that Cortex achieved a billion-dollar booking milestone in the last 12 months. Cortex was born in 2019, and since then, we have focused intensively on ensuring we have industry-leading capabilities across endpoints, SOC automation, and attack surface management.

Speaker 1: as they leverage the more efficient approach to detect and remediate security issues as core decision for cloud applications before it reaches production.

Speaker 1: leverage the more efficient approach to detect and remediate security issues as co-decision for cloud applications before it reaches production. Now moving on to Cortex.jeff ilar

Speaker 1: This has been a net new business for Palo Alto Networks, a business which is born in the belief that we need to bring next generation innovation to the SOC and all the related activities.

Speaker 1: just like we had brought firewall business years ago. We're delighted to announce that Cortex achieved a billion dollar booking milestone in the last 12 months.

Speaker 1: Cortex was born in 2019 and since then, they have focused intensively on ensuring they have industry leading capabilities across endpoints, SOC automation, and attack surface management.

Nikesh Arora: In the last four years, we have risen to a leading player in automation, application of AI, attack surface management, and continue to climb the charts of the XDR industry as one of the most technically capable solutions. We are particularly proud of the fact that XDR has consistently led in security efficacy. XDR delivered 100% prevention and 100% detection across the 19 evaluation steps conducted by MITRE, and has had the highest quality detections of any product in the latest round of evaluations. On the back of our hard work driving these capabilities, we have built Cortex business to over $1 billion in bookings over the last 12 months, as I mentioned. This is up from $150 million in annual bookings when we launched Cortex as a business in 2019.

In the last four years, we have risen to a leading player in automation, application of AI, attack surface management, and continue to climb the charts of the XDR industry as one of the most technically capable solutions. We are particularly proud of the fact that XDR has consistently led in security efficacy. XDR delivered 100% prevention and 100% detection across the 19 evaluation steps conducted by MITRE, and has had the highest quality detections of any product in the latest round of evaluations.

Speaker 1: In the last four years, we have risen to a leading player in automation, application of AI, attack surface management, and continue to climb the charts of the XDR industry as one of the most technically capable solutions.

Speaker 1: We particularly pull out of the fact that XDR has consistently led in security efficacy. XDR delivered 100% prevention and 100% detection across the 19 evaluation steps conducted by MITRE and has had the highest quality detection of any part in the latest round of evaluation.

On the back of our hard work driving these capabilities, we have built Cortex business to over $1 billion in bookings over the last 12 months, as I mentioned. This is up from $150 million in annual bookings when we launched Cortex as a business in 2019. As we look forward, these three core capabilities in Cortex are precursors to leading a next-generation autonomous security operations center, which pulls this all together and was launched publicly a few months ago, called XSIAM. Our next-generation SOC platform, XSIAM, built totally on AI, is on track to be our fastest growing new offering.

Speaker 1: On the back of our hard work driving these capabilities, we have built Cortex's business to over a billion dollars in bookings over the last 12 months, as I mentioned. It is up from 150 million in annual bookings when we launched Cortex as a business in 2019.

Nikesh Arora: As we look forward, these three core capabilities in Cortex are precursors to leading a next-generation autonomous security operations center, which pulls this all together and was launched publicly a few months ago, called XSIAM. Our next-generation SOC platform, XSIAM, built totally on AI, is on track to be our fastest growing new offering. XSIAM represents another significant opportunity within Cortex as we fulfill our vision around autonomous security operations. Like network security a decade ago, security operations have evolved slowly. XSIAM is now paving the way for us to drive AI-driven security transformation outcomes. After our GA launch in late Q1, our design partners made significant commercial commitments to XSIAM. We followed that up in Q2 by broadening our go-to-market and achieving early success with $30 million in bookings.

Speaker 1: As we look forward, these three core capabilities in Cortex are precursors to leading the next generation autonomous security operations center, which pulls this all together and was launched publicly a few months ago, called XIM.

Speaker 1: Our next generation SOT platform, XIM, built totally on AI, is on track to be our fastest growing new offering.

XSIAM represents another significant opportunity within Cortex as we fulfill our vision around autonomous security operations. Like network security a decade ago, security operations have evolved slowly. XSIAM is now paving the way for us to drive AI-driven security transformation outcomes. After our GA launch in late Q1, our design partners made significant commercial commitments to XSIAM. We followed that up in Q2 by broadening our go-to-market and achieving early success with $30 million in bookings.

Speaker 1: XIM represents another significant opportunity within Cortex as we fulfill our vision around autonomous security operations. Like network security a decade ago, security operations have evolved slowly. XIM is now paving the way for us to drive AI-driven security transformation outcomes.

Speaker 1: After our GA launch in late Q1, our design partners made significant commercial commitments to XIM. We followed that up in Q2 by broadening our go-to-market and achieving early success with $30 million in bookings. This quarter, we established momentum for XIM, with quarterly bookings more than doubling sequentially as we signed our first eight-figure deal.

Nikesh Arora: This quarter, we established momentum for XSIAM, with quarterly bookings more than doubling sequentially as we signed our first eight-figure deal and transactions across all three of our major geographic theaters with this product. We remain optimistic about the prospects of XSIAM, with the product at the center of customer security operations center transformation. We're seeing XSIAM give us access to a broader swath of our customers' budgets. Based on what we have achieved this quarter and what we see in the pipeline, we're confident we can achieve our goal of $100 million in bookings faster than we originally anticipated. This would make it one of the fastest growing security platforms from Palo Alto Networks. Not only does XSIAM bring together the core capabilities of Cortex, it also brings AI-driven outcomes to customers. This heralds a new approach to security, an outcome-based approach.

This quarter, we established momentum for XSIAM, with quarterly bookings more than doubling sequentially as we signed our first eight-figure deal and transactions across all three of our major geographic theaters with this product. We remain optimistic about the prospects of XSIAM, with the product at the center of customer security operations center transformation. We're seeing XSIAM give us access to a broader swath of our customers' budgets

Speaker 1: and transactions across all three of our major geographic theaters with this product. We remain optimistic about the prospects of XIM with the product of the center of customer security operations center transformation. We're seeing XIM give us access to a broader swath of our customers' budgets. Based on what we have achieved this quarter and what we see in the pipeline, we're confident we can achieve our goal of $100 million in bookings faster than we originally anticipated. This would make it one of the fastest growing security platforms from Palo Alto Networks.

. Based on what we have achieved this quarter and what we see in the pipeline, we're confident we can achieve our goal of $100 million in bookings faster than we originally anticipated. This would make it one of the fastest growing security platforms from Palo Alto Networks. Not only does XSIAM bring together the core capabilities of Cortex, it also brings AI-driven outcomes to customers. This heralds a new approach to security, an outcome-based approach.

Speaker 1: Not only does XIM bring together the core capabilities of Cortex, it also brings AI-driven outcomes to customers.

Nikesh Arora: The inspiration came to us from our own SOC, where we were woefully slow in our own mean time to remediate five years ago. Our MTTR was in days, which, in today's adversarial environment, is unacceptable. With that insight in mind, we were able to collect billions of events, and then, using AI, reduce it down to just over a hundred alerts from a handful of incidents. From here, continuing to use AI and automation, we are able to investigate and respond while detecting incidents in a matter of seconds and responding to high priority ones in under a minute. This is one of the most compelling outcome stories in security. So far, in the early customers that are farthest along on this journey with us, we are seeing the benefits accrue in a similar way.

The inspiration came to us from our own SOC, where we were woefully slow in our own mean time to remediate five years ago. Our MTTR was in days, which, in today's adversarial environment, is unacceptable. With that insight in mind, we were able to collect billions of events, and then, using AI, reduce it down to just over a hundred alerts from a handful of incidents. From here, continuing to use AI and automation, we are able to investigate and respond while detecting incidents in a matter of seconds and responding to high priority ones in under a minute.

Speaker 1: This heralds a new approach to security, an outcome-based approach. The inspiration came to us from our own sock, where we were woefully slow in our own mean time remediate five years ago.

Speaker 1: Our MTTR was in days, which in today's adversarial environment is unacceptable. With that insight in mind, we were able to collect billions of events and then using AI, it reduces down to just over 100 alerts from a handful of incidents. From here, continuing to use AI and automation, we are able to investigate and respond while detecting incidents in a matter of seconds and responding to high priority ones in under a minute. This is one of the most compelling outcome stories in security.

This is one of the most compelling outcome stories in security. So far, in the early customers that are farthest along on this journey with us, we are seeing the benefits accrue in a similar way. We process over 3.5 petabytes of data a day across the customer base of XDR and XSIAM. From here, we apply approximately 1,000 AI models to detect attacks. We then leverage smart scoring and use automation to accelerate investigation response.

Nikesh Arora: We process over 3.5 petabytes of data a day across the customer base of XDR and XSIAM. From here, we apply approximately 1,000 AI models to detect attacks. We then leverage smart scoring and use automation to accelerate investigation response. We are seeing early indications that customers are able to see reductions in mean time to respond from days or weeks down to hours or minutes, just like we did. Stepping back, we are fortunate to be focused on the part of the technology market that is more resilient. Our customers depend on their partnership with us to address challenges that are only becoming more sophisticated. The market is tough and definitely more challenging than when we started the year. I'm proud that our team has executed through this environment.

Speaker 1: So far, in the early customers that are farthest along on this journey with us, we are seeing the benefits accrue in a similar way. We process over 3.5 petabytes of data a day across the customer state of XDR and XIM. From here, we employ approximately 1,000 AI models to detect attacks.

We are seeing early indications that customers are able to see reductions in mean time to respond from days or weeks down to hours or minutes, just like we did. Stepping back, we are fortunate to be focused on the part of the technology market that is more resilient. Our customers depend on their partnership with us to address challenges that are only becoming more sophisticated. The market is tough and definitely more challenging than when we started the year. I'm proud that our team has executed through this environment.

Speaker 1: We then leverage smart scoring in these automations to accelerate investigation response. We are seeing early indications that customers are able to see reductions and in the meantime respond from days or weeks down to hours or minutes just like we did.

Speaker 1: and smart scoring in these automation to accelerate investigation response. We are seeing early indications that customers are able to see reductions in the meantime to respond from days or weeks down to hours or minutes just like we did. Sh Zimbabwean.

Speaker 1: We are fortunate to be focused on the part of the technology market that is more resilient. Our customers depend on their partnership with us to address challenges that are only becoming more sophisticated. The market is tough and definitely more challenging than when we started the year. I'm proud that our team has executed through this environment.

Nikesh Arora: Our strategy, focused on having industry-leading capabilities, helping customers simplify their architectures, and consolidating vendors, is working. Given our diverse portfolio of products, some of our products are growing faster in any given quarter, others are moderating. Combined, you see this portfolio benefit in the top-line results we reported today. We also see significant opportunity as we begin to embed generative AI into our products and workflows. There are three ways that our concerted investment in generative AI will benefit us. First, generative AI will help us improve our core under-the-hood detection and prevention efficacy by further advancing the state-of-the-art AI and ML in our products that I spoke of today. Second, it will manifest itself in how our customers engage with our products.

Our strategy, focused on having industry-leading capabilities, helping customers simplify their architectures, and consolidating vendors, is working. Given our diverse portfolio of products, some of our products are growing faster in any given quarter, others are moderating. Combined, you see this portfolio benefit in the top-line results we reported today. We also see significant opportunity as we begin to embed generative AI into our products and workflows.

Speaker 1: Our strategy focuses on having industry-leading capabilities, helping customers simplify their architectures and consolidating vendors is working. Given our diverse portfolio of products, some of our products are growing faster in any given quarter and others are moderating. Combined, you see this portfolio benefit in the top-line results we reported today. We also see significant opportunity as we begin to embed generative AI into our products and workflow.

There are three ways that our concerted investment in generative AI will benefit us. First, generative AI will help us improve our core under-the-hood detection and prevention efficacy by further advancing the state-of-the-art AI and ML in our products that I spoke of today. Second, it will manifest itself in how our customers engage with our products.

Nikesh Arora: We will leverage our large cybersecurity dataset and telemetry to provide a more intuitive and natural language-driven experience within our products, which should improve NPS and drive efficiency benefits for our customers. And finally, as our employees leverage generative AI, we will drive significant efficiency in our own processes and operations across the enterprise. We intend to deploy a proprietary Palo Alto Networks security LLM in the coming year and are actively pursuing multiple efforts to realize these three outcomes. Our portfolio approach, company's overall scale, and focus on efficiency have enabled us to drive significant leverage. We are well ahead of schedule here, and we're not done. As we continue to execute our plans, we see additional opportunities for efficiency.

We will leverage our large cybersecurity dataset and telemetry to provide a more intuitive and natural language-driven experience within our products, which should improve NPS and drive efficiency benefits for our customers. And finally, as our employees leverage generative AI, we will drive significant efficiency in our own processes and operations across the enterprise.

Speaker 1: We will leverage our large cybersecurity dataset and telemetry to provide a more intuitive and natural language-driven experience within our products which will improve NPS and drive efficiency benefits for our customers. And finally, as our employees leverage generative AI, we will drive significant efficiency in our own processes and operations across the enterprise.

We intend to deploy a proprietary Palo Alto Networks security LLM in the coming year and are actively pursuing multiple efforts to realize these three outcomes. Our portfolio approach, company's overall scale, and focus on efficiency have enabled us to drive significant leverage. We are well ahead of schedule here, and we're not done. As we continue to execute our plans, we see additional opportunities for efficiency.

Speaker 1: We intend to deploy proprietary Palo Alto Network security LLM in the coming year and are actively pursuing multiple efforts to realize these three outcomes.

Speaker 1: Our portfolio approach, company's overall scale and focus on efficiency have enabled us to drive significant leverage.

Nikesh Arora: With our visibility into incremental leverage, we continue to see the operating profitability levels in our fiscal year 2023 guidance as a baseline to build upon. With that, I will turn the call over to Deepak to discuss the details of Q3 and our guidance.

With our visibility into incremental leverage, we continue to see the operating profitability levels in our fiscal year 2023 guidance as a baseline to build upon. With that, I will turn the call over to Deepak to discuss the details of Q3 and our guidance.

Speaker 1: We are well ahead of schedule here and we're not done. As we continue to execute our plans, we see additional opportunities for efficiency.

Speaker 1: With our visibility into incremental leverage, we continue to see the operating property levels in our fiscal year 2020 guidance as a baseline to build upon. With that, I will turn the call over to Deepak to discuss the details of Q3 and our guidance.

Dipak Golechha: Thank you, Nikesh, and good afternoon, everyone. For Q3, revenue was $1.72 billion and grew 24%. Product revenue grew 10%. Total service revenue grew 29%, with subscription revenue of $838 million, growing 31%, and support revenue of $495 million, growing 25%. Moving on to geographies, we saw revenue growth across all theaters, with the Americas growing 24%, EMEA up 23%, and JPAC growing 24%. The strength of our next-generation security capabilities continues to drive our results, with NGS ARR of $2.6 billion, growing 60%. We saw strength across all three platforms: network security, cloud security, and security operations. We delivered total billings of $2.26 billion, up 26% and above the high end of our guidance range.

Dipak Golechha: Thank you, Nikesh, and good afternoon, everyone. For Q3, revenue was $1.72 billion and grew 24%. Product revenue grew 10%. Total service revenue grew 29%, with subscription revenue of $838 million, growing 31%, and support revenue of $495 million, growing 25%. Moving on to geographies, we saw revenue growth across all theaters, with the Americas growing 24%, EMEA up 23%, and JPAC growing 24%. The strength of our next-generation security capabilities continues to drive our results, with NGS ARR of $2.6 billion, growing 60%.

Speaker 2: Thank you, Nikesh, and good afternoon, everyone. For Q3, revenue was $1.72 billion and grew 24%. Product revenue grew 10%. Total service revenue grew 29%, with subscription revenue of $838 million, growing 31%, and support revenue of $495 million, growing 25%.

Speaker 2: Moving on to geographies, we saw revenue growth across all theaters, with the Americas growing 24%, EMEA up 23%, and JPAC growing 24%.

Speaker 2: The strength of our next generation of security capabilities continues to drive our results, with NGS ARR of $2.6 billion, growing 60%.

We saw strength across all three platforms: network security, cloud security, and security operations. We delivered total billings of $2.26 billion, up 26% and above the high end of our guidance range. Total deferred revenue in Q3 was $8.1 billion, an increase of 38%. Remaining performance obligation, or RPO, was $9.2 billion, increasing 35%, with current RPO just under half of our RPO. Our non-GAAP earnings per share were significantly ahead of our guidance, growing 83% year over year.

Speaker 2: We saw strength across all three platforms, network security, cloud security, and security operations. We delivered total billings of $2.26 billion, up 26%, and above the high end of our guidance range.

Dipak Golechha: Total deferred revenue in Q3 was $8.1 billion, an increase of 38%. Remaining performance obligation, or RPO, was $9.2 billion, increasing 35%, with current RPO just under half of our RPO. Our non-GAAP earnings per share were significantly ahead of our guidance, growing 83% year over year. We again delivered strong cash flow in Q3, with trailing twelve-month adjusted free cash flow of $2.8 billion, growing 68% year over year. Moving on to the rest of the financial highlights. non-GAAP gross margin of 76.1% was up 320 basis points year over year, driven mainly by a higher software mix, reduced supply chain costs, and some efficiencies in customer support. Our non-GAAP operating margin of 23.6% increased 540 basis points year over year.

Speaker 2: Totaling the third revenue in Q3 was $8.1 billion, an increase of 38%. Remaining performance obligation, or RPO, was $9.2 billion, increasing 35%, with current RPO just under half of our RPO. Our non-GAAP earnings per share was significantly ahead of our day.

We again delivered strong cash flow in Q3, with trailing twelve-month adjusted free cash flow of $2.8 billion, growing 68% year over year. Moving on to the rest of the financial highlights. non-GAAP gross margin of 76.1% was up 320 basis points year over year, driven mainly by a higher software mix, reduced supply chain costs, and some efficiencies in customer support. Our non-GAAP operating margin of 23.6% increased 540 basis points year over year.

Speaker 2: highlights. non-GAAP gross margin of 76.1% was up 320 basis points year over year, driven mainly by a higher software mix, reduced supply chain costs and some efficiencies in customer support.

Dipak Golechha: In addition to improving growth margins, slower headcount additions contributed to our operating leverage. Based on our performance in Q3, we are raising our fiscal year 2023 non-GAAP operating margin guidance. Non-GAAP net income for the third quarter grew 86% to $359 million, or $1.10 per diluted share. Our non-GAAP effective tax rate was 22%. We again delivered GAAP profitability in Q3, with GAAP net income of $108 million, or $0.31 per diluted share. Now turning to the balance sheet and cash flow statement. We ended Q3 with cash equivalents and investments of $6.7 billion. It is worth reminding investors that our 2023 convertible note will mature on 1 July 2023, and we expect to settle the principal obligation with cash on our balance sheet of $1.7 billion.

In addition to improving growth margins, slower headcount additions contributed to our operating leverage. Based on our performance in Q3, we are raising our fiscal year 2023 non-GAAP operating margin guidance. Non-GAAP net income for the third quarter grew 86% to $359 million, or $1.10 per diluted share. Our non-GAAP effective tax rate was 22%. We again delivered GAAP profitability in Q3, with GAAP net income of $108 million, or $0.31 per diluted share.

Speaker 2: Our non-GAAP operating margin of 23.6% increased 540 basis points year over year.

Speaker 2: In addition to improving gross margins, slower headcount additions contributed to our operating leverage.

Speaker 2: Based on our performance in Q3, we are raising our fiscal year 23 non-GAAP operating margin guidance.

Speaker 2: non-GAAP net income for the third quarter grew 86% to $359 million or $1.10 for the living tax on their first winter in New York STAR.

Speaker 2: Our non-GAAP effective tax rate was 22%. We again delivered GAAP profitability in Q3 with GAAP net income of $108 million or 31 cents to value the GAAP.

Now turning to the balance sheet and cash flow statement. We ended Q3 with cash equivalents and investments of $6.7 billion. It is worth reminding investors that our 2023 convertible note will mature on 1 July 2023, and we expect to settle the principal obligation with cash on our balance sheet of $1.7 billion. The excess will be settled in shares.

Speaker 2: Now turning to the balance sheet and cash flow statement.

Speaker 2: We ended Q3 with cash, equivalents and investments of $6.7 billion.

Speaker 2: It is worth reminding investors that our 2023 convertible note will mature on July 1, 2023, and we expect to settle the principal obligation with cash on our balance sheet of $1.7 billion. The excess will be settled in shares. These shares have previously been accounted for in our non-GAAP diluted shares outstanding.

Dipak Golechha: The excess will be settled in shares. These shares have previously been accounted for in our non-GAAP diluted shares outstanding. Q3 cash flow from operations was $432 million, with total adjusted free cash flow of $401 million this quarter. Stock-based compensation declined by 90 basis points as a percentage of revenue sequentially. On a year-over-year basis, stock-based compensation was down 220 basis points as a percent of revenue. As we look forward, we remain focused on profitable growth. At our Analyst Day in 2021, we outlined plans to drive 50 to 100 basis points of margin expansion annually in fiscal year 2023 and fiscal year 2024. In the months leading up to this profitability commitment, we focused in depth on optimally balancing investments in our business and opportunities to capture efficiencies and benefit from our growing scale.

These shares have previously been accounted for in our non-GAAP diluted shares outstanding. Q3 cash flow from operations was $432 million, with total adjusted free cash flow of $401 million this quarter. Stock-based compensation declined by 90 basis points as a percentage of revenue sequentially. On a year-over-year basis, stock-based compensation was down 220 basis points as a percent of revenue. As we look forward, we remain focused on profitable growth.

Speaker 2: Huge free cash flow from operations was $432 million with total adjusted free cash flow of $401 million this quarter.

Speaker 2: Stock-based compensation declined by 90 basis points as a percentage of revenue sequentially. On a year-over-year basis, stock-based compensation was down 220 basis points as a percent of revenue. As we look forward, we remain focused on profitable growth.

At our Analyst Day in 2021, we outlined plans to drive 50 to 100 basis points of margin expansion annually in fiscal year 2023 and fiscal year 2024. In the months leading up to this profitability commitment, we focused in depth on optimally balancing investments in our business and opportunities to capture efficiencies and benefit from our growing scale.

Speaker 2: At our analyst day in 2021, we outlined plans to drive 50 to 100 basis points of margin expansion annually in fiscal year 2023 and fiscal year 2024. In the months leading up to this profitability commitment, we focused in-depth on optimally balancing investments in our business and opportunities to capture efficiencies and benefit from our growing scale.

Dipak Golechha: As a result, we came out of this effort with significant conviction in meaningful operating leverage. In fiscal 2022, we started implementing these plans, but faced supply chain challenges that unexpectedly drove higher costs. While the supply chain was uncertain as we entered fiscal year 2023, we also saw signs of a changing macroeconomic environment. As such, it was the right time to accelerate our efficiency plans. We focused our headcount additions in sales and R&D to fuel our medium-term growth prospects. Outside of these critical investment areas, we've leveraged our scale and employed technology to accommodate our growth in other business areas. Additionally, supply chain challenges have continued to abate at an increasing pace, helping to improve our gross margin.

As a result, we came out of this effort with significant conviction in meaningful operating leverage. In fiscal 2022, we started implementing these plans, but faced supply chain challenges that unexpectedly drove higher costs. While the supply chain was uncertain as we entered fiscal year 2023, we also saw signs of a changing macroeconomic environment. As such, it was the right time to accelerate our efficiency plans.

We focused our headcount additions in sales and R&D to fuel our medium-term growth prospects. Outside of these critical investment areas, we've leveraged our scale and employed technology to accommodate our growth in other business areas. Additionally, supply chain challenges have continued to abate at an increasing pace, helping to improve our gross margin.

Speaker 2: We also saw signs of a changing macroeconomic environment.

Speaker 2: As such, it was the right time to accelerate our efficiency plans. We focused our headcount additions in sales and R&D to fuel our medium-term growth prospects.

Speaker 2: Outside of these critical investment areas, we've leveraged our scale and employed technology to accommodate our growth in other business areas. Additionally, supply chain challenges have continued to abate at an increasing pace, helping to improve our gross margin.

Dipak Golechha: The result has been a significant acceleration in operating margin expansion through the first three quarters of fiscal year 2023, and also increases to our operating and free cash flow margin guidance through the year. As you see with our guidance for non-GAAP operating margin in fiscal year 2023, we're nearly 300 basis points ahead of the midpoint of our fiscal year 2024 range that we implied back in 2021. We now see our fiscal year 2023 non-GAAP operating margin as a baseline to build on in the future. Moving on to guidance. For the fourth quarter of fiscal year 2023, we expect billings to be in the range of $3.15 to 3.20 billion, an increase of 17% to 19%.

The result has been a significant acceleration in operating margin expansion through the first three quarters of fiscal year 2023, and also increases to our operating and free cash flow margin guidance through the year. As you see with our guidance for non-GAAP operating margin in fiscal year 2023, we're nearly 300 basis points ahead of the midpoint of our fiscal year 2024 range that we implied back in 2021. We now see our fiscal year 2023 non-GAAP operating margin as a baseline to build on in the future.

Speaker 2: The results have been a significant acceleration and operating margin expansion through the first three quarters of fiscal year 2023 and also increases to operating with recafelin margin guidance through the year.

Speaker 2: As you see with our guidance, the non-GAAP operating margin fiscal year 2023, we're nearly 300 basis points ahead of the midpoint of our fiscal year 2024 range that we implied back in 2021. We now see our fiscal year 2023 non-GAAP operating margins as a baseline to build on in the future. Moving on to guidance.

Moving on to guidance. For the fourth quarter of fiscal year 2023, we expect billings to be in the range of $3.15 to 3.20 billion, an increase of 17% to 19%. We expect revenue to be in the range of $1.937 to 1.967 billion, an increase of 25% to 27%. We expect non-GAAP EPS to be in the range of $1.26 to 1.30, an increase of 58% to 63%. For the fiscal year 2023, we expect billings to be in the range of $9.18 to 9.23 billion, an increase of 23% to 24%. We expect NGS ARR to be in the range of $2.80 to 2.85 billion, an increase of 48% to 51%.

Speaker 2: For the fourth fiscal quarter of 2023, we expect billings to be in the range of $3.15 to $3.20 billion, an increase of 17 to 19%. We expect revenue to be in the range of $1.937 to $1.967 billion, an increase of 25 to 27%.

Dipak Golechha: We expect revenue to be in the range of $1.937 to 1.967 billion, an increase of 25% to 27%. We expect non-GAAP EPS to be in the range of $1.26 to 1.30, an increase of 58% to 63%. For the fiscal year 2023, we expect billings to be in the range of $9.18 to 9.23 billion, an increase of 23% to 24%. We expect NGS ARR to be in the range of $2.80 to 2.85 billion, an increase of 48% to 51%. We expect revenue to be in the range of $6.88 to 6.91 billion, an increase of 25% to 26%.

Speaker 2: We expect non-GAAP EPS to be in the range of 126 to 130 and increase of 58 to 63%. For the fiscal year 2023, we expect billings to be in the range of $9.18 to $9.23 billion and increase of 23 to 24%.

We expect revenue to be in the range of $6.88 to 6.91 billion, an increase of 25% to 26%. We expect product revenue growth in the range of 15% to 16% for fiscal year 2023, as we see supply chain challenges normalize as we exit fiscal year 2023. For fiscal year 2023, we expect operating margins to be in the range of 23% to 23.25%. We expect non-GAAP EPS to be in the range of $4.24 to $4.29, an increase of 69% to 70%. We expect our adjusted free cash flow margin to be 37.5% to 38.5%, and we expect to be GAAP profitable for fiscal year 2023, including in Q4. Additionally, please consider the following modeling points.

Speaker 2: We expect NGS ARR to be in the range of 2.80 to 2.85 billion dollars, an increase of 48 to 51 percent. We expect revenue to be in the range of 6.88 to 6.91 billion dollars, an increase of 25 to 26 percent.

Dipak Golechha: We expect product revenue growth in the range of 15% to 16% for fiscal year 2023, as we see supply chain challenges normalize as we exit fiscal year 2023. For fiscal year 2023, we expect operating margins to be in the range of 23% to 23.25%. We expect non-GAAP EPS to be in the range of $4.24 to $4.29, an increase of 69% to 70%. We expect our adjusted free cash flow margin to be 37.5% to 38.5%, and we expect to be GAAP profitable for fiscal year 2023, including in Q4. Additionally, please consider the following modeling points. We expect our non-GAAP tax rate to remain at 22% for Q4 2023 and fiscal year 2023, subject to the outcome of future tax legislation.

Speaker 2: We expect product revenue growth in the range of 15 to 16 percent of fiscal year 23 as we see supply chain challenges normalized as we exit fiscal year 23. For fiscal year 23 we expect operating margins to be in the range of 23 to 23.25 percent.

Speaker 2: We expect non-GAAP UPS to be in the range of 4.24 to 4.29, an increase of 69 to 70%.

Speaker 2: We expect our adjusted free cash flow margin to be 37.5 to 38.5 percent and we expect to be that profitable for fiscal year 2023 including in 2.4.

We expect our non-GAAP tax rate to remain at 22% for Q4 2023 and fiscal year 2023, subject to the outcome of future tax legislation. For Q4 2023, we expect net interest and other income of $50 to 55 million. We expect Q4 diluted shares outstanding of 326 to 332 million. We expect fiscal year diluted shares outstanding of 322 to 324 million, and we expect Q4 capital expenditures of $35 to 40 million. With that, I will turn the call back over to Walter for the Q&A portion of the call.

Speaker 2: Additionally, please consider the following modeling points. We expect our non-GAAP tax rate to remain at 22%, the Q423 and fiscal year 23, subject to the outcome of future tax legislation. The Q423, we expect net interest and other income of $50 to $55 million. We expect Q4 diluted shares outstanding of $326 to $332 million.

Dipak Golechha: For Q4 2023, we expect net interest and other income of $50 to 55 million. We expect Q4 diluted shares outstanding of 326 to 332 million. We expect fiscal year diluted shares outstanding of 322 to 324 million, and we expect Q4 capital expenditures of $35 to 40 million. With that, I will turn the call back over to Walter for the Q&A portion of the call.

Speaker 2: We expect fiscal year diluted shares outstanding of 322 to 324 million and we expect Q4 capital expenditures of 35 to 40 million dollars.

Walter Pritchard: Thank you, Deepak. To allow for broad participation, I would ask that each person ask only one question. Our first question will come from Saket Kalia of Barclays, with Hamza Fodderwala from Morgan Stanley on deck. Saket, you're muted.

Walter Pritchard: Thank you, Deepak. To allow for broad participation, I would ask that each person ask only one question. Our first question will come from Saket Kalia of Barclays, with Hamza Fodderwala from Morgan Stanley on deck. Saket, you're muted.

Speaker 2: With that, I will turn the call back over to Walter for the Q&A portion of the call.

Speaker 2: With that, I will turn the call back over to Walter for the Q&A portion of the call. Thank you, Deepak.

Speaker 3: To allow for broad participation, I would ask that each person ask only one question.

Speaker 3: Our first question will come from Saket Kalia of Barclays with Hamza Fadarwala from Morgan Stanley on deck.

Speaker 3: question will come from Saket Kalia of Barclays with Hansa Fadarwala from Morgan Stanley on deck. Saket, you're muted.

Nikesh Arora: Right. Why don't we go to Hamza next?

Nikesh Arora: Right. Why don't we go to Hamza next?

[Analyst] (Barclays): Okay. Can you hear me now?

Saket Kalia: Okay. Can you hear me now?

Nikesh Arora: Oh, go ahead.

Nikesh Arora: Oh, go ahead.

[Analyst] (Barclays): Sorry, it didn't let me unmute. Thanks so much for taking the question here, and nice job to the team executing in a very challenging environment. Nikesh, maybe a lot of good things to talk about, but I'd love to just double-click on the operating margin improvement here that you've seen, and really a new baseline that the team is creating going into next year. Maybe the question is: Can you and Deepak maybe talk about what areas the team is finding efficiency in, and what are the opportunities for efficiency maybe going forward as well? Thanks.

Saket Kalia: Sorry, it didn't let me unmute. Thanks so much for taking the question here, and nice job to the team executing in a very challenging environment. Nikesh, maybe a lot of good things to talk about, but I'd love to just double-click on the operating margin improvement here that you've seen, and really a new baseline that the team is creating going into next year. Maybe the question is: Can you and Deepak maybe talk about what areas the team is finding efficiency in, and what are the opportunities for efficiency maybe going forward as well? Thanks. Thanks.

Speaker 3: Why don't we go to Hamza next. Can you hear me now? Go ahead.

Speaker 3: Sorry, it didn't let me unmute. Thanks so much for taking the question here. A nice job to the team executing in a very challenging environment. Nikesh, maybe a lot of good things to talk about, but I'd love to just double click on the operating margin improvement here that you've seen, and really a new baseline that the team is creating going into next year.

Speaker 3: Maybe the question is, can you and Deepok maybe talk about what areas the team is finding efficiency in, and what are the opportunities for efficiency maybe going forward as well? Thanks. Yeah, look.

Speaker 3: is can you and Deepak maybe talk about what areas the team is finding efficiency in and what are the opportunities for efficiency maybe going forward as well. Thanks.

Dipak Golechha: Thanks.

Nikesh Arora: Yeah, look, I'll preface that as Deepak highlighted, supply chain crisis is all but over, and, as you know, there were some adverse impacts to gross margins, driven by hardware. I think the product mix is in our favor, as we go from hardware to software, our gross margins are way better on software than they generally are on hardware, given software firewalls are much, much more profitable for us. Coupled with that, I think what Deepak really has been driving for the last year, as we flipped into the new macroeconomic environment, has been real focused on resource utilization, ROI, as well as making sure we are focused on hiring only on stuff where it's important. We also talked about streamlining sales forces.

Nikesh Arora: Yeah, look, I'll preface that as Deepak highlighted, supply chain crisis is all but over, and, as you know, there were some adverse impacts to gross margins, driven by hardware. I think the product mix is in our favor, as we go from hardware to software, our gross margins are way better on software than they generally are on hardware, given software firewalls are much, much more profitable for us.

Preface that as Deepak highlighted, supply chain crisis all but over and you know there were some adverse impacts to gross margins by given by hardware. I think the product makes us in our favor as we go from hardware to software. Our gross margins are way better on software than they generally are on hardware.

Coupled with that, I think what Deepak really has been driving for the last year, as we flipped into the new macroeconomic environment, has been real focused on resource utilization, ROI, as well as making sure we are focused on hiring only on stuff where it's important. We also talked about streamlining sales forces.

given software firewalls are much more profitable for us. Couple with that, I think what Deepak really has been driving for the last year as we flipped into the new macroeconomic environment has been real focus on resource utilization, ROI, as well as making sure

Nikesh Arora: If you remember, Saket, we had the conversation around making sure our SASE team is integrated with our core, which saved us hundreds of heads in terms of efficiency, as well as driving more outcome and output from a SASE perspective. So generally, those have been some of the key drivers, but Deepak, did you want to add something?

If you remember, Saket, we had the conversation around making sure our SASE team is integrated with our core, which saved us hundreds of heads in terms of efficiency, as well as driving more outcome and output from a SASE perspective. So generally, those have been some of the key drivers, but Deepak, did you want to add something?

we are focused on hiring only on stuff where it's important. We also talked about streamlining sales forces. If you remember, Saket, we had the conversation around making sure our SASE team is integrated with our core, which saved us hundreds of heads in terms of efficiency, as well as driving more outcome and output from a SASE perspective. So generally, those have been some of the key drivers, but Deepak, did you want to add something?

Dipak Golechha: No, I think you've covered it all. I think, Saket, we've talked this before.

Dipak Golechha: No, I think you've covered it all. I think, Saket, we've talked this before.

Nikesh Arora: Welcome.

Nikesh Arora: Welcome.

Dipak Golechha: Yep, you know, we scale well as a company, right? And I think that's across all the different elements of our P&L. I think Nikesh has talked about-

Dipak Golechha: Yep, you know, we scale well as a company, right? And I think that's across all the different elements of our P&L. I think Nikesh has talked about-

No, I think you've covered it all. I think we've talked this before. You're welcome. Yep. We scale well as a company, right? And I think that's across all the different elements of our P&L. I think Nikesh has talked about the supply chain. We talked about the OpEx. I just also mentioned cloud hosting, cloud consumption. As we get bigger and we consume more, we have the ability to go back to our service providers and try and negotiate better contracts. So I think across

Lee Klarich: ... the supply chain, we talked about the OpEx. I just also mentioned cloud hosting and cloud consumption. As we get bigger and we consume more, we have the ability to go back to our service providers and try and negotiate better contracts. So I think across all the areas of the P&L, we scale pretty well as a company.

Lee Klarich: ... the supply chain, we talked about the OpEx. I just also mentioned cloud hosting and cloud consumption. As we get bigger and we consume more, we have the ability to go back to our service providers and try and negotiate better contracts. So I think across all the areas of the P&L, we scale pretty well as a company.

Nikesh Arora: I think, to your question, in terms of where this goes, as Deepak said, this is a new baseline. We think there is continued opportunity from here, and we haven't even factored in the potential impact of Generative AI, as you've been hearing all the conversation in the industry. We're still working on it, we're understanding it, we're relooking at processes, but, you know, we believe there is a there there. We think there will be an opportunity in the future to get more efficiency from Generative AI as we go ahead and implement some of the capabilities to our organization.

Nikesh Arora: I think, to your question, in terms of where this goes, as Deepak said, this is a new baseline. We think there is continued opportunity from here, and we haven't even factored in the potential impact of Generative AI, as you've been hearing all the conversation in the industry. We're still working on it, we're understanding it, we're relooking at processes, but, you know, we believe there is a there there. We think there will be an opportunity in the future to get more efficiency from Generative AI as we go ahead and implement some of the capabilities to our organization.

all the areas of the P&L, we scale pretty well as a company. And I think to your question in terms of where this goes, as Deepak said, this is a new baseline. We think there is continued opportunity from here and we haven't even factored in the potential impact of generative AI as you've been hearing all the conversation in the industry. We're still working on it, we're standing here, we're really looking at processes, but

Now we believe there is a there there. We think there will be an opportunity in the future to get more efficiency from generative AI as we go ahead and implement some of the capabilities to our organization. So I think there's upside both in the continued efforts of what Deepak has been driving for the last nine months and there's the sort of the icing on the top is the potential after

Nikesh Arora: So I think there's upside both in the continued efforts of what Deepak has been driving for the last nine months, and there's the sort of icing on the top, which is the potential application of generative AI as we continue to grow business over the next few years.

So I think there's upside both in the continued efforts of what Deepak has been driving for the last nine months, and there's the sort of icing on the top, which is the potential application of generative AI as we continue to grow business over the next few years.

Walter Pritchard: Got it. Well done, thank you. Next question is from Hamza Fodderwala, from Morgan Stanley, with Brian Essex from JP Morgan on deck. Hamza, go ahead.

Walter Pritchard: Got it. Well done, thank you. Next question is from Hamza Fodderwala, from Morgan Stanley, with Brian Essex from JP Morgan on deck. Hamza, go ahead.

Hamza Fodderwala: Hey, guys. Good evening. I hope you can hear me okay. Maybe a question for Nikesh and Lee Klarich, if he's around. Nikesh, on AI, you know, you've clearly been thinking about this a lot based on what I can tell from your Twitter. You know, we were at RSA last month, and, you know, while there's a lot of opportunity-

Hamza Fodderwala: Hey, guys. Good evening. I hope you can hear me okay. Maybe a question for Nikesh and Lee Klarich, if he's around. Nikesh, on AI, you know, you've clearly been thinking about this a lot based on what I can tell from your Twitter. You know, we were at RSA last month, and, you know, while there's a lot of opportunity-

Maybe the questions for Nikesh and Lee Claire, if he's around. Nikesh, on AI, you've clearly been thinking about this a lot based on what I can tell from your Twitter. But we were at RSA last month and while there's a lot of opportunity...

Nikesh Arora: Okay.

Nikesh Arora: Okay.

Hamza Fodderwala: While there's a lot of opportunity around AI, there does seem to be a lot of risks around data security, around sort of the data that these models are trained on. So I'm curious, as you, as you have that AI-based conversation with your customers, how are you getting them comfortable around that, to really leverage the full capabilities of AI to automate their thoughts?

Hamza Fodderwala: While there's a lot of opportunity around AI, there does seem to be a lot of risks around data security, around sort of the data that these models are trained on. So I'm curious, as you, as you have that AI-based conversation with your customers, how are you getting them comfortable around that, to really leverage the full capabilities of AI to automate their thoughts?

While there's a lot of opportunity around AI, did there seem to be a lot of risks around data security, around sort of the data that these models are trained on? So I'm curious as you have that AI-based conversation with your customers, how are you getting them comfortable around that to really leverage the full capabilities of AI to automate their thoughts?

Nikesh Arora: Yeah, I think there's two different parts of it. I think one part is us using AI already in our products, where we have been using it for while, for a while. Look at pattern recognition, look at what it's telling us from a you know real-time analysis of data perspective. As I mentioned, we deploy over a thousand AI models to go look at what happens the next time. This is all proprietary, it's happening in our instance. This is not an LLM that's going out and getting trained. This is a proprietary AI model used by Palo Alto Networks, built by Palo Alto Networks, being used for a specific use case and a task for security.

Nikesh Arora: Yeah, I think there's two different parts of it. I think one part is us using AI already in our products, where we have been using it for while, for a while. Look at pattern recognition, look at what it's telling us from a you know real-time analysis of data perspective. As I mentioned, we deploy over a thousand AI models to go look at what happens the next time. This is all proprietary, it's happening in our instance.

Yeah, I think there's two different parts of it. I think one part is us using AI already in our products, where we have been using it for a while to look at pattern recognition, look at what it's telling us from a real-time analysis of data perspective, as I mentioned. We deploy over a thousand AI models to go look at what happens the next time. There's all proprietary is happening.

This is not an LLM that's going out and getting trained. This is a proprietary AI model used by Palo Alto Networks, built by Palo Alto Networks, being used for a specific use case and a task for security. Now, to the extent that we intend and will deploy conversational AI in our models, we are working with every public model and open source model out there to understand how can we build it using our own proprietary data. I don't know, Lee, did you want... Can you elaborate on that, please? Or did you want-

In our instance, this is not an LLM that's going out and getting trained. This is the proprietary AI model used by Palo Alto Networks, built by Palo Alto Networks, being used for a specific use case and a task for security. Now, to the extent that we intend and will deploy conversational AI in our models, we are working with every public model and open source model out there to understand how can we build it.

Nikesh Arora: Now, to the extent that we intend and will deploy conversational AI in our models, we are working with every public model and open source model out there to understand how can we build it using our own proprietary data. I don't know, Lee, did you want... Can you elaborate on that, please? Or did you want-

Lee Klarich: Yeah.

Lee Klarich: Yeah.

Nikesh Arora: Yeah.

Nikesh Arora: Yeah.

Lee Klarich: Yes, of course. It's very early in the large language model adoptions that we're seeing, and as you point out, there are a number of risks associated with them, particularly in enterprise use cases. You know, we've already seen some examples where data has fed into large language models without the understanding of how the data would be used, and the data's been publicly made publicly available, even though it was confidential. So it's very clear that there is sensitivity there. There's also sensitivity from a security perspective of things like prompts, injection attacks, data poisoning, and things like that, that have to be taken into account. The

Lee Klarich: Yes, of course. It's very early in the large language model adoptions that we're seeing, and as you point out, there are a number of risks associated with them, particularly in enterprise use cases. You know, we've already seen some examples where data has fed into large language models without the understanding of how the data would be used, and the data's been publicly made publicly available, even though it was confidential. So it's very clear that there is sensitivity there.

using our own proprietary data. I don't know, Lee, can you elaborate on that, please? Yes, of course.

It's very early in the large language model adoptions that we're seeing, and as you point out, there are a number of risks associated with them, particularly in enterprise use cases.

We've already seen some examples where data has fed into large language models without the understanding of how the data would be used, and the data has been publicly made public available even though it was confidential. It's very clear that there is sensitivity there.

There's also sensitivity from a security perspective of things like prompts, injection attacks, data poisoning, and things like that, that have to be taken into account. The And so I think what we'll see is, the enterprise use cases of LLMs will evolve a little bit more, actually, I should say, need to evolve a little bit more methodically and carefully to take these security challenges into account.

There's also sensitivity from a security perspective of things like prompt injection attacks, data poisoning and things like that that have to be taken into account.

Lee Klarich: And so I think what we'll see is, the enterprise use cases of LLMs will evolve a little bit more, actually, I should say, need to evolve a little bit more methodically and carefully to take these security challenges into account. At the same time, though, it's also important to recognize that they offer tremendous promise, as Nikesh mentioned earlier, in terms of being able to help guide product adoption, product usage, to help enhance security capabilities, and to drive greater efficiencies, across the business.

And so I think what we'll see is the enterprise use cases of LLMs will evolve a little bit more – actually, I should say need to evolve a little bit more methodically and carefully to take these security challenges into account.

At the same time, though, it's also important to recognize that they offer tremendous promise, as Nikesh mentioned earlier, in terms of being able to help guide product adoption, product usage, to help enhance security capabilities, and to drive greater efficiencies, across the business.

At the same time though, it's also important to recognize that they offer tremendous promise, as Nikesh mentioned earlier, in terms of being able to help guide product adoption, product usage, to help enhance security capabilities, and to drive greater efficiencies across the business. I think to cap it off, I think.

Nikesh Arora: Yeah, I think to, to cap it off, I think, you know, there is no doubt we will continue to deploy our proprietary AI models for XIM or for our network security use cases I highlighted. We believe in our preliminary analysis over the last three months, and driving a lot of these work streams internally, that there is a there there with generative AI. So we believe that we will be deploying generative AI over the course of the next few months, and we'll talk more about it at a later event. But we think that has an opportunity both to significantly improve our customer efficiency and the efficacy of our products, at the same time, also to drive efficiencies within the way we run Palo Alto Networks.

Nikesh Arora: Yeah, I think to, to cap it off, I think, you know, there is no doubt we will continue to deploy our proprietary AI models for XIM or for our network security use cases I highlighted. We believe in our preliminary analysis over the last three months, and driving a lot of these work streams internally, that there is a there there with generative AI. So we believe that we will be deploying generative AI over the course of the next few months, and we'll talk more about it at a later event.

There is no doubt we will continue to deploy our proprietary AI models for XIM or for our network security use cases I highlighted. We believe in our preliminary analysis of the last three months and driving a lot of these work streams internally, that there is a there there with generative AI. So we believe that we will be deploying generative AI over the course of the next few months.

But we think that has an opportunity both to significantly improve our customer efficiency and the efficacy of our products, at the same time, also to drive efficiencies within the way we run Palo Alto Networks.

and we'll talk more about it at a later event, but we think that has an opportunity both to significantly improve our customer efficiency and the efficacy of our products, at the same time also to drive efficiencies within the way we run Palo Alto Networks. I think last but not the least, which is something you didn't ask, but I'll say separately, Lee and his team have been working hard.

Nikesh Arora: I think last but not the least, which is something you didn't ask, but I'll say, you know, separately, Lee and his team have been working hard to see and look at the adverse impact that Generative AI could have in terms of adversaries using Generative AI to build new malware, to try and attack our customers. And there's a lot of work we're doing as well to make sure we are able to protect our customers against any such activity that is conducted using Generative AI.

I think last but not the least, which is something you didn't ask, but I'll say, you know, separately, Lee and his team have been working hard to see and look at the adverse impact that Generative AI could have in terms of adversaries using Generative AI to build new malware, to try and attack our customers. And there's a lot of work we're doing as well to make sure we are able to protect our customers against any such activity that is conducted using Generative AI.

to see and look at the adverse impact that generative AI could have in terms of adversaries using generative AI to build new malware to try and attack our customers. And there's a lot of work we're doing as well to make sure we are able to protect our customers against any such activity that is conducted using generative AI.

Walter Pritchard: Thank you. Thanks for your question, Hamza. Next question is from Brian Essex at JP Morgan, followed by Brad Zelnick from Deutsche Bank. Brian, go ahead.

Walter Pritchard: Thank you. Thanks for your question, Hamza. Next question is from Brian Essex at JP Morgan, followed by Brad Zelnick from Deutsche Bank. Brian, go ahead.

Thank you. Thanks for your question, Hamza. Next question is from Brian Essex at JP Morgan, held by Brad Zelnick from Deutsche Bank. Brian , go ahead.

Hamza Fodderwala: Yeah, hey, good afternoon. Thank you for taking the question. And you know, to follow up on Saket's comments, nice progression in operating margin here, and it's good to see cash flow margin guidance go up as well. If you could maybe, you know, peel back a couple layers on that, core drivers of that cash flow margin improvement and how sustainable it is. We noticed that, you know, CapEx looks like it's a little bit lower than you previously guided to. So just wondering, you know, as you kind of, you know, look at that as a, you know, foundational metric to lean on for valuation, how sustainable is that? And as we kind of forecast operating margins going forward, should that, I guess, gap between operating margins and cash flow margins remain relatively consistent going forward?

Brain Essex: Yeah, hey, good afternoon. Thank you for taking the question. And you know, to follow up on Saket's comments, nice progression in operating margin here, and it's good to see cash flow margin guidance go up as well. If you could maybe, you know, peel back a couple layers on that, core drivers of that cash flow margin improvement and how sustainable it is. We noticed that, you know, CapEx looks like it's a little bit lower than you previously guided to.

Yeah, hey, good afternoon. Thank you for taking the question and, you know, to follow up on Saka's comments, nice progression in operating margin here and it's good to see cash flow margin guidance go up as well. If I could take down, if you could maybe, you know, peel back a couple layers on that core drivers of that cash flow margin improvement how sustainable it is we noticed that, you know, capex look like

So just wondering, you know, as you kind of, you know, look at that as a, you know, foundational metric to lean on for valuation, how sustainable is that? And as we kind of forecast operating margins going forward, should that, I guess, gap between operating margins and cash flow margins remain relatively consistent going forward?

Lee Klarich: Yeah. So, Brian, thanks for the question. Let me just start off with, like, the biggest driver over the long term is really just the strength in your bookings, at least your billings, and then comes down. Then the foundation really is your operating margin, that then makes up the base that you can do on your cash.

Lee Klarich: Yeah. So, Brian, thanks for the question. Let me just start off with, like, the biggest driver over the long term is really just the strength in your bookings, at least your billings, and then comes down. Then the foundation really is your operating margin, that then makes up the base that you can do on your cash.

cash flow margins remain relatively consistent going forward.

Yeah, so Brian thanks for the question. Let me just start off with like the biggest driver over the long term is really just to strengthen your bookings, at least your billings and then comes down. Then the foundation really is your operating margin that then makes up the base that you can do on your cash. There are multiple other factors that

Andy Nowinski: ... You know, there are multiple other factors that do recognize that when we came into the year, the interest rates were at a different level. We have had the benefit of higher interest rates. We've deployed a lot of our cash that we earn interest income. We, you know, we're not predictors of interest rates, but fundamentally, we believe that that will continue to be a tailwind for our cash generation. And then last but not least, we do have PANFS. We have a certain amount of our business that, you know, we do structure and financing. Frankly, that's been broadly in line with what we assumed at the beginning of the year.

... You know, there are multiple other factors that do recognize that when we came into the year, the interest rates were at a different level. We have had the benefit of higher interest rates. We've deployed a lot of our cash that we earn interest income. We, you know, we're not predictors of interest rates, but fundamentally, we believe that that will continue to be a tailwind for our cash generation. And then last but not least, we do have PANFS. We have a certain amount of our business that, you know, we do structure and financing. Frankly, that's been broadly in line with what we assumed at the beginning of the year.

And then last but not least, we do have Panafest. We have a certain amount of our business that we do structure and financing. Frankly, that's been broadly in line with what we assumed at the beginning of the year, but those are really the drivers and we feel pretty comfortable on.

Andy Nowinski: But those are really the drivers, and we feel pretty comfortable on, you know, what we're able to do with those different drivers in delivering our numbers.

But those are really the drivers, and we feel pretty comfortable on, you know, what we're able to do with those different drivers in delivering our numbers.

Brad Zelnick: Thank you.

Brain Essex: Thank you.

Walter Pritchard: Great. Thanks, Brian. Next question from Brad Zelnick at Deutsche Bank, followed by Andrew Nowinski at Wells Fargo. Go ahead, Brad.

Walter Pritchard: Great. Thanks, Brian. Next question from Brad Zelnick at Deutsche Bank, followed by Andrew Nowinski at Wells Fargo. Go ahead, Brad.

what we're able to do with those different drivers and developing our numbers.

Brad Zelnick: Great, thanks so much for the question, and nice job both to Nikesh, Deepak, and the entire team. Nikesh, my question is about M&A, which I feel like typically comes later in the call, but I feel like it's such a great opportunity right now. What's the hurdle to doing a large deal? And can you remind us how you think about transformative M&A? And just related to that, your competitors naturally knock you on having grown through acquired innovation. Just to set the record straight, can you talk about how much a priority and a focus it is to have a deeply integrated product?

Brad Zelnick: Great, thanks so much for the question, and nice job both to Nikesh, Deepak, and the entire team. Nikesh, my question is about M&A, which I feel like typically comes later in the call, but I feel like it's such a great opportunity right now. What's the hurdle to doing a large deal? And can you remind us how you think about transformative M&A? And just related to that, your competitors naturally knock you on having grown through acquired innovation. Just to set the record straight, can you talk about how much a priority and a focus it is to have a deeply integrated product?

Nice job both to Nikesh, Deepak, and the entire team. Nikesh, my question is about M&A, which I feel like typically comes later in the call, but I feel like it's such a great opportunity right now. What's the hurdle to doing the large deal? And can you remind us how you think about transformative M&A and just related to that.

Your competitors naturally knock you on having grown through required innovation. Just to set the record straight, can you talk about how much a priority and a focus it is to have a deeply integrated product? Yeah, Brian , I think first of all, I'm amused that you're asking for transformation in M&A. I think I feel like somehow we at Power, the networks, have been going through a transformation already for the last time.

Nikesh Arora: Yeah, Brian, I think first of all, I'm amused that you're asking for transformational M&A. I think I feel like somehow we at Palo Alto Networks have been going through a transformation already for the last five years. Let me talk about it in two different parts. One, and I'd like to bust the myth of the notion that, you know, we've grown our innovation through M&A, because pretty much the entire XIM product that we built, which is now gonna be one of the fastest platforms at Palo Alto Networks, is homegrown. It was built by our team internally. It was designed, built, and delivered by the Cortex team. So I think it's a disservice to them to say that one of the fastest-growing platforms being built at Palo Alto Networks was acquired.

Nikesh Arora: Yeah, Brian, I think first of all, I'm amused that you're asking for transformational M&A. I think I feel like somehow we at Palo Alto Networks have been going through a transformation already for the last five years. Let me talk about it in two different parts. One, and I'd like to bust the myth of the notion that, you know, we've grown our innovation through M&A, because pretty much the entire XIM product that we built, which is now gonna be one of the fastest platforms at Palo Alto Networks, is homegrown. It was built by our team internally.

It was designed, built, and delivered by the Cortex team. So I think it's a disservice to them to say that one of the fastest-growing platforms being built at Palo Alto Networks was acquired.Similarly, our next-generation firewalls or our SASE product. Our SASE product, for the most part, is entirely homegrown, driven by the security capabilities that we built using our firewalls, as well as our virtual firewall business.

by our team internally. It was designed, built, and delivered by the Cortex team. So I think it's a disservice to them to say that some of the fastest growing platforms being built at Power Autom networks was acquired. Similarly, our next generation firewalls or our SASE product, our SASE product for the most part is entirely homegrown driven by the security capabilities that we built.

Nikesh Arora: Similarly, our next-generation firewalls or our SASE product. Our SASE product, for the most part, is entirely homegrown, driven by the security capabilities that we built using our firewalls, as well as our virtual firewall business. So I think the majority of our M&A has been focused on building our cloud security portfolio, where we felt where we needed to be assertive and be out there in the front. And I would say, you know, auxiliary capabilities, whether it's in automation with XSOAR or auxiliary capabilities around attack surface management. So, bottom line, we're very comfortable with the three platforms that we have and what we need to get done.

So I think the majority of our M&A has been focused on building our cloud security portfolio, where we felt where we needed to be assertive and be out there in the front. And I would say, you know, auxiliary capabilities, whether it's in automation with XSOAR or auxiliary capabilities around attack surface management. So, bottom line, we're very comfortable with the three platforms that we have and what we need to get done.

Nikesh Arora: I think we've been very clear about, from an acquisition perspective, we look for product capability, where we can take product capability and attach that and make sure we can solve more problems for our customers that they're looking at. So from that perspective, my view on M&A is consistent, that we find something interesting, an industry trend which is adding incremental tech capability, we will do it. I think from a transformational M&A, I think we can transform this company and have continued to transform it to where it is, based on our innovation and our balance of execution. I think we will continue to do that. I don't think the market is particularly cheap yet. If you were to try and look for a transformational M&A, and I think it's kind of a double-edge situation.

I think we've been very clear about, from an acquisition perspective, we look for product capability, where we can take product capability and attach that and make sure we can solve more problems for our customers that they're looking at. So from that perspective, my view on M&A is consistent, that we find something interesting, an industry trend which is adding incremental tech capability, we will do it.

capabilities and our tax surface management. So bottom line, we're very comfortable with the three platforms that we have and what we need to get done. I think we've been very clear about, from an acquisition perspective, we look for product capability, where we can take product capability and attach that and make sure we can solve more problems for our customers.

So from that perspective, my view in M&A is consistent that we find something interesting, an industry trend which is added incremental tech capability, we will do it. I think from a transformational M&A, I think we can transform this company and have continued to transform it to where it is based on our innovation and our balance of execution. I think we will continue to do that. I don't think the market is particularly cheap yet.

I think from a transformational M&A, I think we can transform this company and have continued to transform it to where it is, based on our innovation and our balance of execution. I think we will continue to do that. I don't think the market is particularly cheap yet. If you were to try and look for a transformational M&A, and I think it's kind of a double-edge situation.

Nikesh Arora: One, I think we continue to get stronger as we get execution under our belt, and we continue to grow in value as Palo Alto Networks. And if some of the large players out there end up committing missteps, then we'll go take a look at it. For now, I feel very comfortable with the position Palo Alto has in the industry. I feel very, very comfortable with the amount of cash we have on our balance sheet, and I believe it is our job to keep our heads down and keep executing because it's a tough market. And I think, you know, one of the things which, you know, was brought up just a minute ago, I think the opportunities from AI have not been fully comprehended by most enterprise businesses.

One, I think we continue to get stronger as we get execution under our belt, and we continue to grow in value as Palo Alto Networks. And if some of the large players out there end up committing missteps, then we'll go take a look at it. For now, I feel very comfortable with the position Palo Alto has in the industry. I feel very, very comfortable with the amount of cash we have on our balance sheet, and I believe it is our job to keep our heads down and keep executing because it's a tough market.

if you were to try and look for a transformation, and I think it's kind of a dual double.

edge situation, one, I think we continue to get stronger as we get execution under our bell, and we continue to grow in value as Palo Alto Networks. And if some of the large players out there end up committing missteps, then we'll go take a look at it for now. I feel very comfortable with the position Palo Alto has in the industry. I feel very, very comfortable with the amount of cash we have on our balance sheet.

And I think, you know, one of the things which, you know, was brought up just a minute ago, I think the opportunities from AI have not been fully comprehended by most enterprise businesses. I think we are going to undergo a transformation, both as Palo Alto Networks as well as generally an enterprise software industry over the next 12 to 24 months. As we embrace Generative AI, I think that's the real opportunity and challenge in front of us. I think half of the people out there will get it wrong, and hopefully, we're on the right side of history.

I believe it is our job to keep our heads down and keep executing because it's a tough market. And I think one of the things which was brought up just a minute ago, I think the opportunities from AI have not been fully comprehended by most enterprise businesses. I think we are going to undergo a transformation.

Nikesh Arora: I think we are going to undergo a transformation, both as Palo Alto Networks as well as generally an enterprise software industry over the next 12 to 24 months. As we embrace Generative AI, I think that's the real opportunity and challenge in front of us. I think half of the people out there will get it wrong, and hopefully, we're on the right side of history.

both as part of the network as well as generally an enterprise software industry for the next 12 to 24 months as we embrace generative AI. I think that's the real opportunity and challenge in front of us. And I think half of the people out there will get it wrong and hopefully we're on the right side of history. You're doing a great job. Keep it up. Thank you. Thanks for the question, Brad. Next question is from Andy Nowinski from Wells Fargo followed by Matt Hedberg from RBC. Andy, go ahead.

Brad Zelnick: You're doing a great job. Keep it up. Thank you, Nikesh.

Brad Zelnick: You're doing a great job. Keep it up. Thank you, Nikesh.

Walter Pritchard: Great. Thanks for the question, Brad. Next question's from Andy Nowinski from Wells Fargo, followed by Matt Hedberg from RBC. Andy, go ahead.

Walter Pritchard: Great. Thanks for the question, Brad. Next question's from Andy Nowinski from Wells Fargo, followed by Matt Hedberg from RBC. Andy, go ahead.

Andy Nowinski: Okay, thank you, and congrats on a great quarter. So nearly every single vendor and nearly every single reseller we, you know, we talk to says they're seeing an elongation of sales cycles, yet you seem to defy those headwinds with massive growth in large deals and customer spending $5 and 10 million dollars with you. I guess, would you view this as an important inflection point as it relates to sort of consolidation, in that if you can drive large deals in this macro-constrained environment, you could potentially see an acceleration of those consolidation trends, when the macro improves?

Andy Nowinski: Okay, thank you, and congrats on a great quarter. So nearly every single vendor and nearly every single reseller we, you know, we talk to says they're seeing an elongation of sales cycles, yet you seem to defy those headwinds with massive growth in large deals and customer spending $5 and 10 million dollars with you. I guess, would you view this as an important inflection point as it relates to sort of consolidation, in that if you can drive large deals in this macro-constrained environment, you could potentially see an acceleration of those consolidation trends, when the macro improves?

Okay thank you and congrats on a great quarter.

So nearly every single vendor and nearly every single reseller we you know we talked to you says they're seeing an elongation of sales cycles yet you seem to defy those headwinds with massive growth in in large deals and customers spending five and ten million dollars with you I guess would you view this as

inflect an important inflection point as it relates to sort of consolidation in that if you can drive large deals in this macro constrained environment you could potentially see an acceleration of those consolidation trends when the macro improves are you predicting a macro improvement Andy?

Nikesh Arora: Are you predicting a macro improvement, Andy?

Nikesh Arora: Are you predicting a macro improvement, Andy?

Andy Nowinski: I certainly hope so.

Andy Nowinski: I certainly hope so.

Nikesh Arora: Well, look, I think first and foremost, I don't want to leave you with any impression that the macro is not hard. It is hard out there. I think everything you're hearing from resellers, from other people in the industry is true. Customers are spending more time paying attention to deals. Customers are taking longer. Some are right-sizing deals, some are focusing on things that are important, some are looking for financing, some want to pay annually. So all the effects that you talked about are true in the industry. And we recognized this towards the end of our first quarter. And I'll tell you what, we've been working at double time. Like, literally, the day Deepak sort of shut the doors on us being able to book anything this quarter, we're out there hunting for next quarter.

Nikesh Arora: Well, look, I think first and foremost, I don't want to leave you with any impression that the macro is not hard. It is hard out there. I think everything you're hearing from resellers, from other people in the industry is true. Customers are spending more time paying attention to deals. Customers are taking longer. Some are right-sizing deals, some are focusing on things that are important, some are looking for financing, some want to pay annually.

I certainly hope so. Well look, I think first and foremost I don't want to leave you with any impression that the macro is not hard. It is hard out there. I think everything you're hearing from resellers, from other people in the industry is true. Customers are spending more time paying attention to deals. Customers are.

So all the effects that you talked about are true in the industry. And we recognized this towards the end of our first quarter. And I'll tell you what, we've been working at double time. Like, literally, the day Deepak sort of shut the doors on us being able to book anything this quarter, we're out there hunting for next quarter.

taking longer, some are right sizing deals, some are focusing things that are important, some are looking for financing, some want to pay annually. So all the effects that you talked about are true in the industry. And we recognize this towards the end of our first quarter. And I'll tell you what, we've been working at double time. Like literally the day...

Nikesh Arora: We have a big number to hit this quarter. We're out there in the field. We're executing. Our teams are out there. So, you know, as you probably appreciate, there's no magic in the world around the fact that our quarter ends on 31 July. There's no budget year-end for any part of the world on 31 July. It's just a date that's been created, that Palo Alto finishes the year, Q4 31 July, which means we have to run as hard as we can to get business done by 31 July. We know that's the end of our year. We know that's the end of our quarter. Our customers know that. So what we're doing is we're getting ahead of it.

We have a big number to hit this quarter. We're out there in the field. We're executing. Our teams are out there. So, you know, as you probably appreciate, there's no magic in the world around the fact that our quarter ends on 31 July. There's no budget year-end for any part of the world on 31 July. It's just a date that's been created, that Palo Alto finishes the year, Q4 31 July, which means we have to run as hard as we can to get business done by 31 July. We know that's the end of our year. We know that's the end of our quarter. Our customers know that. So what we're doing is we're getting ahead of it.

around the fact that our quarter ends on July 31st. There's no budget year-end for any part of the world on July 31st. It's a date that's been created, that Palo Alto finishes here, Q4 on July 31st, which means the year to run as hard as we can to get business done by July 31st. We know that's the end of our year. We know that's the end of our quarter. Our customers know that. So what we're doing is we're getting ahead of it. We're hoping that us.

Nikesh Arora: We're hoping that us getting ahead of it and continuing to rigorously execute is going to allow us to be able to improve our conversion rates. And our conversion rates on our pipeline are down. Guess what? You've drawn up more pipeline, therefore, your conversion rate that's down still allows you to make the number that you've promised the street. That's what we've been trying to do, and as I've said, the macro is hard, and we're going to keep trying to keep our heads down and execute.

We're hoping that us getting ahead of it and continuing to rigorously execute is going to allow us to be able to improve our conversion rates. And our conversion rates on our pipeline are down. Guess what? You've drawn up more pipeline, therefore, your conversion rate that's down still allows you to make the number that you've promised the street. That's what we've been trying to do, and as I've said, the macro is hard, and we're going to keep trying to keep our heads down and execute.

getting ahead of it and continuing to rigorously execute is going to allow us to be able to improve our conversion rates. Our conversion rates on our pipeline are down. Guess what? You've drawn up more pipeline, therefore your conversion rate that's down still allows you to make the number that you promised us to read. That's what we've been trying to do, and as I've said, the macro is hard, and we're going to keep trying to keep our heads down and execute. Thanks, Nikesh. Keep up the good work.

Gabriela Borges: Thanks, Nikesh. Keep up the good work.

Andy Nowinski: Thanks, Nikesh. Keep up the good work.

Walter Pritchard: Great. Thanks, Andy. Next question from Matt Hedberg at RBC, followed by Gabriela Borges at Goldman. Go ahead, Matt.

Walter Pritchard: Great. Thanks, Andy. Next question from Matt Hedberg at RBC, followed by Gabriela Borges at Goldman. Go ahead, Matt.

Matt Hedberg: Thanks, Walter. My congrats again, team, outstanding results. I guess, Nikesh or Lee, you know, on the success you've seen thus far with XSIAM, you noted, you essentially have full access to SIEM budgets right now. I'm curious, with some of the large deals you're seeing, are these generally replacing legacy SIEM vendors, or are you actually generating new TAM that didn't exist previously?

Matt Hedberg: Thanks, Walter. My congrats again, team, outstanding results. I guess, Nikesh or Lee, you know, on the success you've seen thus far with XSIAM, you noted, you essentially have full access to SIEM budgets right now. I'm curious, with some of the large deals you're seeing, are these generally replacing legacy SIEM vendors, or are you actually generating new TAM that didn't exist previously?

Great. Thanks, Andy. Next question from Matt Hedberg at RBC, followed by Gabriella Borges at Goldman. Go ahead, Matt. Thanks, Walter. My congrats again, team, outstanding results. I guess, Nikesh or Lee, on the success you've seen thus far with XIM, you noted you essentially have full access to SIM budgets right now. And I'm curious, with some of the large deals you're seeing, are these generally replacing legacy SIM vendors, or are you actually just seeing a lot

Nikesh Arora: So, Matt, I'll let Lee jump in and talk about some of the specifics, but I'll tell you what. Every one of these deals is a replacement of a legacy SIEM or a data store. In addition, we do not sell XSIAM without our endpoint products. So you have to buy Palo Alto Cortex XDR to deploy XSIAM because we believe the only way to have normalized good source, single source of truth data is to deploy our endpoint products, and then we use that, as I showed, in the AI funnel of how we can go cross-correlate that and go drive great security outcomes. So in every case, we are replacing an existing vendor. But I will tell you, the SOC industry is upside down.

Nikesh Arora: So, Matt, I'll let Lee jump in and talk about some of the specifics, but I'll tell you what. Every one of these deals is a replacement of a legacy SIEM or a data store. In addition, we do not sell XSIAM without our endpoint products.

So you have to buy Palo Alto Cortex XDR to deploy XSIAM because we believe the only way to have normalized good source, single source of truth data is to deploy our endpoint products, and then we use that, as I showed, in the AI funnel of how we can go cross-correlate that and go drive great security outcomes. So in every case, we are replacing an existing vendor.

we believe the only way to have normalized good source, single source of truth data is to deploy our endpoint products and then we use that as I showed in the AI funnel of how we can go cross-correlate that and go drive great security outcomes. So in every case we are replacing an existing vendor but I will tell you the sock

But I will tell you, the SOC industry is upside down. It was designed so far to go understand when a breach happens, how the breach happened, and try and figure out how to remediate it. Those remediation times, as I highlighted, are six days, and now most modern attacks are in and out in under 12 hours.

Nikesh Arora: It was designed so far to go understand when a breach happens, how the breach happened, and try and figure out how to remediate it. Those remediation times, as I highlighted, are six days, and now most modern attacks are in and out in under 12 hours. So if you've got a SOC infrastructure, which allows you to come up with what happened to you after six days, the bad actors have gone in and, in and out in 12 hours, you have a mismatch. That is a problem. But Lee, can you highlight some of the key, key use cases that what we've seen in the first 30-plus customers that we have, what's driven some of this transformation?

industry is upside down. It was designed so far to go understand when a breach happens how the breach happened and try and figure out how to remediate it. And those remediation times as I highlighted are six days and now most modern attacks are in and out in under 12 hours. So if you've got a SOC infrastructure which allows you to come up with what happened to you after six days, the bad actors have gone in and out in 12 hours.

So if you've got a SOC infrastructure, which allows you to come up with what happened to you after six days, the bad actors have gone in and, in and out in 12 hours, you have a mismatch. That is a problem. But Lee, can you highlight some of the key, key use cases that what we've seen in the first 30-plus customers that we have, what's driven some of this transformation?

you have a mismatch. That is a problem. But Lee, can you highlight some of the key use cases that were seen in the first 30 plus customers that we have, what's driven some of this transformation?

Lee Klarich: Yeah, look, so XSIAM is replacing the SIEM, it's also replacing other tools in the SOC as well. There's three core elements to how this is happening. The first is around data. As you saw, you know, 3.5 PB a day is being ingested and analyzed. Data is the key to driving good AI, and XSIAM is specifically designed to be able to ingest large amounts of data across different data sources into an AI data lake. Second, is how we drive AI-based analytics on that data, be able to detect attacks in real time. This is something that the traditional SIEM industry was just not well designed to be able to do. That is driving the mean time to detection that you're seeing.

Lee Klarich: Yeah, look, so XSIAM is replacing the SIEM, it's also replacing other tools in the SOC as well. There's three core elements to how this is happening. The first is around data. As you saw, you know, 3.5 PB a day is being ingested and analyzed. Data is the key to driving good AI, and XSIAM is specifically designed to be able to ingest large amounts of data across different data sources into an AI data lake. Second, is how we drive AI-based analytics on that data, be able to detect attacks in real time.

Yeah, but nearly, so ExAM is replacing the SIEM, it's also replacing other tools in the SOC as well.

There's three core elements to how this is happening. The first is around data. As you saw, three and a half petabytes of data is being ingested and analyzed. Data is the key to driving good AI, and XIM is specifically designed to be able to adjust large amounts of data across different data sources into an AI data lake. Second is how we drive AI-based analytics on that data.

This is something that the traditional SIEM industry was just not well designed to be able to do. That is driving the mean time to detection that you're seeing. And then three is the integration of automation natively into XSIAM that allows us to drive the mean time to remediation down from what in the past used to be, in many cases, days, down to hours and even minutes. And so in all of the XSIAM deployments we're seeing, it's amazing how quickly we're seeing the outcomes that we saw in our own SOC when we deployed and operationalized XSIAM.

be able to detect attacks in real time. This is something that the traditional sim industry was just not well designed to be able to do. That is driving the meantime the detection that you're seeing. And then three is the integration of automation natively into XIM that allows us to drive the meantime remediation down.

Lee Klarich: And then three is the integration of automation natively into XSIAM that allows us to drive the mean time to remediation down from what in the past used to be, in many cases, days, down to hours and even minutes. And so in all of the XSIAM deployments we're seeing, it's amazing how quickly we're seeing the outcomes that we saw in our own SOC when we deployed and operationalized XSIAM.

from what in the past used to be, in many cases, days, down to hours and even minutes. And so in all of the XIM deployments we're seeing, it's amazing how quickly we're seeing the outcomes that we saw in our own SOC when we deployed an operationalized XIM.

Nikesh Arora: I think the last thing I'll add here-

Nikesh Arora: I think the last thing I'll add here-

Matt Hedberg: Thank you.

Matt Hedberg: Thank you.

Nikesh Arora: Sorry, Matt. The only thing I'll add of this is that over the last fifteen years, what has happened is the cost and value equation in existing SOCs has diverged tremendously. So people are spending a lot of money collecting data in large data stores, and they're not getting adequate value out of it, and they're not getting adequate security outcomes out of it. So I think that is a big gap, and that gap is something we've built this product to try and fill, and now it really is very early days for us.

Nikesh Arora: Sorry, Matt. The only thing I'll add of this is that over the last fifteen years, what has happened is the cost and value equation in existing SOCs has diverged tremendously. So people are spending a lot of money collecting data in large data stores, and they're not getting adequate value out of it, and they're not getting adequate security outcomes out of it. So I think that is a big gap, and that gap is something we've built this product to try and fill, and now it really is very early days for us.

I think the last thing I'll add, sorry Matt, the only thing I'll add on this is that over the last 15 years what has happened is the cost and value equation in existing SOX has diverged tremendously.

So people are spending a lot of money collecting data in large data stores, and they're not getting adequate value out of it, and they're not getting adequate security outcomes out of it. So I think that is a big gap, and that gap is something we've built this product to try and fill. And now it really is, very early days for us, I think the fact that we'll get to $100 million.

Nikesh Arora: I think, you know, the fact that we'll get to $100 million in a time span, if you thought was aggressive or less than that, I think tells us there's a huge potential out there, which means we have to keep our heads down again, keep building, keep executing, and keep trying to solve the problems that our customers are presenting in front of us. But, you know, I have a good feeling about this.

I think, you know, the fact that we'll get to $100 million in a time span, if you thought was aggressive or less than that, I think tells us there's a huge potential out there, which means we have to keep our heads down again, keep building, keep executing, and keep trying to solve the problems that our customers are presenting in front of us. But, you know, I have a good feeling about this.

in a time span if you thought was aggressive, less than that, I think tells us there's a huge potential out there, which means we have to keep our heads down again, keep building, keep executing, and keep trying to solve the problems that our customers are presenting in front of us, but I have a good feeling about that.

time span if you thought was aggressive and less than that, I think tells us there's a huge potential out there, which means we have to keep our heads down again, keep building, keep executing, and keep trying to solve the problems that our customers are presenting in front of us. But I have a good feeling about that. Certainly seems that way. Thanks.

Matt Hedberg: Certainly seems that way. Thanks.

Matt Hedberg: Certainly seems that way. Thanks.

Walter Pritchard: Great. Thanks, Matt. Next question, Gabriela Borges at Goldman Sachs, with Adam Tindle from Raymond James on deck. Gabriela, go ahead.

Walter Pritchard: Great. Thanks, Matt. Next question, Gabriela Borges at Goldman Sachs, with Adam Tindle from Raymond James on deck. Gabriela, go ahead.

Gabriela Borges: Good afternoon. Thank you. Either for Lee or Nikesh, I wanted to ask about your cloud security strategy in Prisma, specifically with respect to how you think about the right balance of incentives that you give customers upfront to catalyze adoption, and then also how you think about the balance of top-down growth versus product-led growth, given that DevSecOps, DevOps, some of those tools seem to be driven by product-led growth as well. Thank you.

Gabriela Borges: Good afternoon. Thank you. Either for Lee or Nikesh, I wanted to ask about your cloud security strategy in Prisma, specifically with respect to how you think about the right balance of incentives that you give customers upfront to catalyze adoption, and then also how you think about the balance of top-down growth versus product-led growth, given that DevSecOps, DevOps, some of those tools seem to be driven by product-led growth as well. Thank you.

Great. Thanks, Matt. Next question, Gabriela Borges at Goldman Sachs with Adam Tindall from Raymond James on deck. Gabriela, go ahead. Good afternoon. Thank you. Either for Leona Cash, I wanted to ask about your cloud security strategy in Prisma, specifically with respect to how you think about the right balance of incentives that you give customers up front to catalyze adoption, and then also how you think about the balance of top down growth versus product led growth, given that DevSecOps, DevOps, some of those tools seem to be driven by product led growth as well. Thank you.

Thanks, Matt. Next question, Gabriella Borges at Goldman Sachs with Adam Tindall from Raymond James on deck. Gabriella, go ahead. Good afternoon. Thank you. Either for Leona Cash, I wanted to ask about your cloud security strategy in Prisma, specifically with respect to how you think about the right balance of incentives that you give customers up front to catalyze adoption, and then also how you think about the balance of top down growth versus product-led growth, given that DevSecOps, DevOps, some of those tools seem to be driven by product-led growth as well. Thank you. Please.

Lee Klarich: Yeah, Lee? Go ahead. Answer that question. So one of the challenges that we set out to address with Prisma Cloud was this, this fundamental challenge in, in enterprise cybersecurity, of sort of the proliferation of point products. Every time there's a new security need, there's a new product, and then customers become the system integrator of all these different point solutions, and they spend more time trying to be the system integrator than they are actually getting the value from the products. And so with Prisma Cloud, we've taken the unique approach of building a platform where we can deliver many different capabilities, pre-integrated from the same location. Now, at the same time we did that on the technical side, we also approached it from a sort of the adoption side, and I'll call it the procurement side of-...

Lee Klarich: Yeah, Lee? Go ahead. Answer that question. So one of the challenges that we set out to address with Prisma Cloud was this, this fundamental challenge in, in enterprise cybersecurity, of sort of the proliferation of point products. Every time there's a new security need, there's a new product, and then customers become the system integrator of all these different point solutions, and they spend more time trying to be the system integrator than they are actually getting the value from the products.

Go ahead, answer that question. So, one of the challenges that we set out to address with Prisma Cloud was this fundamental challenge in enterprise cybersecurity of sort of the proliferation of point products. Every time there's a new security need, there's a new product, and then customers become the system integrator of all the different point solutions. And they spend more time trying to be the system integrator than they are actually getting the value from the products.

Lee Klarich: And so with Prisma Cloud, we've taken the unique approach of building a platform where we can deliver many different capabilities, pre-integrated from the same location. Now, at the same time we did that on the technical side, we also approached it from a sort of the adoption side, and I'll call it the procurement side of-...

And so with Prisma Cloud, we've taken the unique approach of building a platform where we can deliver many different capabilities pre-integrated from the same location. Now, at the same time we did that on the technical side, we also approached it from a...

Lee Klarich: Having a single Prisma Cloud credit system that makes it really easy for customers to buy a level of capacity, and then simply use it to adopt as much of the platform as they need, and when they need. It's allowed us to focus more of our attention in terms of how we engage with customers and how the product works on, you know, in product adoption, guided adoption of additional capabilities, and enabling them to easily use more and more, the services as they need them, as opposed to having to go back and turn every module into a new transaction with a customer.

Having a single Prisma Cloud credit system that makes it really easy for customers to buy a level of capacity, and then simply use it to adopt as much of the platform as they need, and when they need. It's allowed us to focus more of our attention in terms of how we engage with customers and how the product works on, you know, in product adoption, guided adoption of additional capabilities, and enabling them to easily use more and more, the services as they need them, as opposed to having to go back and turn every module into a new transaction with a customer.

sort of the adoption side and I'll call it the procurement side of having a single Prisma Cloud credit system that makes it really easy for customers to buy a level of capacity, and then simply use it to adopt as much of the platform as they need and when they need. And so we've, it's allowed us to focus more of our attention in terms of how we engage with customers and how the product works.

on in-product adoption, guided adoption of additional capabilities, and enabling them to easily use more and more the services as they need them, as opposed to having to go back and turn every module into a new transaction with a customer. And as you saw from what Nikesh showed, the...

Lee Klarich: As you saw from what Nikesh showed, the new, you know, credit usage year over year, going up about 44% year over year, but then also the number of customers are two or more, three or more, or four or more modules, in the case of four or more, almost doubling year over year, shows how well that is working.

As you saw from what Nikesh showed, the new, you know, credit usage year over year, going up about 44% year over year, but then also the number of customers are two or more, three or more, or four or more modules, in the case of four or more, almost doubling year over year, shows how well that is working.

the new credit usage year over year going up about 44% year over year, but then also the number of customers, the two or more, three or more, four or more modules, in the case of four or more, almost doubling year over year shows how well that is working. Great, thanks Gabriella. Next up, Adam Tindall, Raymond James, followed by Greg Moskowitz and Mazuho. Adam, go ahead.

Walter Pritchard: Great. Thanks, Gabriela. Next up, Adam Tindle, Raymond James, followed by Greg Moskowitz, Mizuho. Adam, go ahead.

Walter Pritchard: Great. Thanks, Gabriela. Next up, Adam Tindle, Raymond James, followed by Greg Moskowitz, Mizuho. Adam, go ahead.

Adam Tindle: Okay, thanks. Good afternoon. I want to start by just acknowledging the progression in operating margin is really impressive, and commitment to that being a baseline is a really important point. If I'm thinking about tomorrow, some of the distracting questions that might come up would be around product revenue. I think you grew 10% year over year in Q3, and you had previously guided the fiscal year to 10%. But if I saw on the slides correctly, I think you're now raising that to 15% to 16%. So, what's driving that increase in product revenue and the acceleration in Q4, despite the cautionary comments? And anything we can think about in terms of puts and takes to product revenue as we think about fiscal 2024, so we don't get ahead of ourselves. Thanks.

Adam Tindle: Okay, thanks. Good afternoon. I want to start by just acknowledging the progression in operating margin is really impressive, and commitment to that being a baseline is a really important point. If I'm thinking about tomorrow, some of the distracting questions that might come up would be around product revenue. I think you grew 10% year over year in Q3, and you had previously guided the fiscal year to 10%.

Okay, thanks. Good afternoon. I want to start by just acknowledging the progression and operating margin is really impressive and commitment to that being a baseline is a really important point. If I'm thinking about tomorrow, some of the distracting questions that might come up would be around product revenue. I think you grew 10 percent year over year in 2-3 and you had previously guided the fiscal year to 10 percent.

But if I saw on the slides correctly, I think you're now raising that to 15% to 16%. So, what's driving that increase in product revenue and the acceleration in Q4, despite the cautionary comments? And anything we can think about in terms of puts and takes to product revenue as we think about fiscal 2024, so we don't get ahead of ourselves. Thanks.

But if I saw on the slides correctly, I think you're now raising that to 15 to 16 percent. So what's driving that increase in product revenue and the acceleration in Q4, despite the cautionary comments? And anything we can think about in terms of puts and takes to product revenue as we think about fiscal 24 so we don't get ahead of ourselves. Thanks.

Nikesh Arora: Yeah, Adam, I think there's two parts to it. One is, as you will appreciate, we highlighted that software has become 30% of our product revenue. So we, you know, whilst when you book a hardware firewall, you get a dollar for dollar for revenue. In software, you don't get a dollar for dollar for revenue. You know, there's some part of an amortized value we get from our software firewalls and some part of our SD-WAN, which becomes part of our product revenue. So we have to, we have to run harder on billings to be able to deliver, product revenue in the context of software. But as I mentioned, our virtual firewalls grew at 55% this quarter. They grew at 40% for the year so far. This is, a tailwind we had not expected.

Nikesh Arora: Yeah, Adam, I think there's two parts to it. One is, as you will appreciate, we highlighted that software has become 30% of our product revenue. So we, you know, whilst when you book a hardware firewall, you get a dollar for dollar for revenue. In software, you don't get a dollar for dollar for revenue. You know, there's some part of an amortized value we get from our software firewalls and some part of our SD-WAN, which becomes part of our product revenue.

Adam, I think there's two parts to it. One is, as you will appreciate, we highlighted that software has become 30% of our product revenue. So, we, you know, whilst when you book a hardware firewall, you get a dollar for dollar for revenue, in software you don't get a dollar for dollar for revenue. There's some part of an amortized value we get from our software firewalls and some part of our SD-WAN, which becomes part of our product revenue. So we have to run harder on billings to be able to deliver.

So we have to, we have to run harder on billings to be able to deliver, product revenue in the context of software. But as I mentioned, our virtual firewalls grew at 55% this quarter. They grew at 40% for the year so far. This is, a tailwind we had not expected.

product revenue in the context of software. But as I mentioned, our virtual firewalls grew at 55% this quarter, they grew at 40% for the year so far. This is a tailwind we had not expected. The same time the hardware, as I mentioned, is not as strong as we'd expected. So they balance each other out, but the balance is in favor of software for now, coming off a low base of last year. So as a result, we have been able to improve our product revenue guidance. So probably it costs 2020, 20 years since we launched the new app release. pulled like this, but not as cybersecurity as it, all thatscale. Our experience differences in what we do now with the existing technology ourselves. What's else is better out of applied Barack themselves and what Google thinks about these new technologies Let's take another little look at what technology hasDan

Nikesh Arora: At the same time, the hardware, as I mentioned, is not as strong as we'd expected, so they balance each other out, but in balance is in favor of software for now, coming off a low base of last year. So as a result, we have been able to improve our product revenue guidance. But obviously, it comes at the cost of services revenue, because some of our software has now had to work triple time to be able to deliver product revenue. So I think that's the context in which you should think about it overall, where there's been a draw from one side and a partial give on the other side, on the product revenue. However, given our RPO is growing way ahead of revenue, it just means we are saving up a lot of revenue for a future rainy day.

At the same time, the hardware, as I mentioned, is not as strong as we'd expected, so they balance each other out, but in balance is in favor of software for now, coming off a low base of last year. So as a result, we have been able to improve our product revenue guidance. But obviously, it comes at the cost of services revenue, because some of our software has now had to work triple time to be able to deliver product revenue.

So I think that's the context in which you should think about it overall, where there's been a draw from one side and a partial give on the other side, on the product revenue. However, given our RPO is growing way ahead of revenue, it just means we are saving up a lot of revenue for a future rainy day.

Nikesh Arora: Does that sound about right, financially?

Does that sound about right, financially?

Lee Klarich: No, that's, that's correct.

Lee Klarich: No, that's, that's correct.

Nikesh Arora: Saving revenue for a rainy day. There we are.

Nikesh Arora: Saving revenue for a rainy day. There we are.

Lee Klarich: The only other thing that I would maybe just add to that is simply the supply chain dynamics that Nikesh talked about in his remarks. I mean, that does have some factors, but we really have been able to, with a world-class team, get ahead of the supply chain reality, and so that may explain some of the variability you're seeing, Adam.

Lee Klarich: The only other thing that I would maybe just add to that is simply the supply chain dynamics that Nikesh talked about in his remarks. I mean, that does have some factors, but we really have been able to, with a world-class team, get ahead of the supply chain reality, and so that may explain some of the variability you're seeing, Adam.

for a future rainy day. So Tom, right financially? No, that's correct. Even if it's a rainy day, there we are. The only other thing that I would maybe just add to that is simply the supply chain dynamics that Nikesh talked about in his remarks. I mean, that does have some factors, but we really have been able to, with a world-class team, get ahead of the supply chain reality. And so that...

Walter Pritchard: Great. Thank you, Adam. Next up, Greg Moskowitz from Mizuho, followed by Shaul Eyal from Cowen.

Walter Pritchard: Great. Thank you, Adam. Next up, Greg Moskowitz from Mizuho, followed by Shaul Eyal from Cowen.

that may explain some of the variability you're seeing. Great, thank you, Adam. Next up, Greg Moskowitz from Mizzou, followed by Shaul Al from Talon. Thank you, can you hear me? Yes. Yes.

Greg Moskowitz: Thank you. Can you hear me?

Greg Moskowitz: Thank you. Can you hear me?

Nikesh Arora: Yes.

Nikesh Arora: Yes.

Greg Moskowitz: All right, I have a follow-up for Lee or Nikesh on generative AI. So, your comments on LLMs were helpful, but do you think gen AI will tilt the scales in favor of Palo Alto and perhaps some other security vendors over time? Or is it ultimately more likely to cause an even faster game of cat and mouse between the vendors and the attackers? How do you see this playing out?

Greg Moskowitz: All right, I have a follow-up for Lee or Nikesh on generative AI. So, your comments on LLMs were helpful, but do you think gen AI will tilt the scales in favor of Palo Alto and perhaps some other security vendors over time? Or is it ultimately more likely to cause an even faster game of cat and mouse between the vendors and the attackers? How do you see this playing out?

All right, I have a follow-up for Lee or Nikesh on generative AI. So your comments on LLMs were helpful, but do you think Gen AI will tilt the scales in favor of Palo Alto and perhaps some other security vendors over time? Or is it ultimately more likely to cause an even faster game of cat and mouse between the vendors?

Nikesh Arora: Well, you think, but first and foremost, the benefit of generative AI so far is twofold, right? One is in its ability to summarize data and give you access to information much faster. Can I imagine a sales rep at Palo Alto having access at their fingertips to about all Palo Alto information? Of course, I can. Can I imagine my customer support people having access to amazing amounts of information that's at their fingertips so they can answer customer questions much faster? Can I imagine for, you know, showcasing that information directly to my customers, as you're seeing in the industry now, suddenly, you know, a plethora of copilots start to emerge in every product? So I think that is going to become an obvious benefit of generative AI. Now, don't forget, it relies on one principle called having a lot of data.

Nikesh Arora: Well, you think, but first and foremost, the benefit of generative AI so far is twofold, right? One is in its ability to summarize data and give you access to information much faster. Can I imagine a sales rep at Palo Alto having access at their fingertips to about all Palo Alto information? Of course, I can. Can I imagine my customer support people having access to amazing amounts of information that's at their fingertips so they can answer customer questions much faster?

and the attackers? How do you see this playing out?

Well, first and foremost, the benefit of generative AI so far is twofold. One is its ability to summarize data and give you access to information much faster. Can I imagine a sales rep at Palo Alto having access to their fingertips about all Palo Alto information? Of course I can.

Can I imagine for, you know, showcasing that information directly to my customers, as you're seeing in the industry now, suddenly, you know, a plethora of copilots start to emerge in every product? So I think that is going to become an obvious benefit of generative AI. Now, don't forget, it relies on one principle called having a lot of data.

Can I imagine my customers support people having access to amazing amounts of information that's at the tip of their fingers so they can answer questions much faster. Can I imagine showcasing that information directly to my customers as you're seeing the industry now suddenly a plethora of co-pilots start to emerge in every product. So I think that is going to become an obvious benefit of generative AI. Now don't forget it relies on one principle called having a lot of data.

Nikesh Arora: It's very important that whether you're using it for sharing your own information from your customers to your customers, you need a lot of that data. You have to clean all your data processes and have that. Secondly, if you're in the security business, it definitely helps if you have the largest data lake in the world of security data. So from that perspective, I think it favors the people who have a lot of data already as part of their strategy, and they have built a business on the back of a data lake strategy. I think not just specific to security, in any industry, especially consumer internet, if you've been an AI company, you have something to worry about.

It's very important that whether you're using it for sharing your own information from your customers to your customers, you need a lot of that data. You have to clean all your data processes and have that. Secondly, if you're in the security business, it definitely helps if you have the largest data lake in the world of security data. So from that perspective, I think it favors the people who have a lot of data already as part of their strategy, and they have built a business on the back of a data lake strategy.

It's very important that whether you're using it for sharing your own information from your customers to your customers, you need all that data. You have to clean all your data processes and have that. Secondly, if you're in the security business, it definitely helps if you have the largest data lake in the world full of security data. So from that perspective, I think it favors the people.

I think not just specific to security, in any industry, especially consumer internet, if you've been an AI company, you have something to worry about. You know, if you're a travel booking operator or something that just takes other people's data and makes a better UI, you have something to worry about. So I think from that perspective, it favors companies which have tremendous amounts of data.

who have a lot of data already as part of their strategy, and they have built a business in the back of a data-led strategy. I think not just specific to security, in any industry, especially consumer internet, if you've been a UI company, you have something to worry about. And if you're a travel booking operator or something with just

Nikesh Arora: You know, if you're a travel booking operator or something that just takes other people's data and makes a better UI, you have something to worry about. So I think from that perspective, it favors companies which have tremendous amounts of data. I think the second thing is also important to understand. Now, if I have 14,000 people, and I spend thousands of, you know, a $1 billion in customer support or more, there is leverage. I can go spend $30, $40, $50 million deploying an LLM and saving half my cost. If you're running a small company and your entire cost is $50 million, it probably doesn't behoove you to go out and create an LLM-based generative AI project to go out and pay and take away $20 million of cost.

I think the second thing is also important to understand. Now, if I have 14,000 people, and I spend thousands of, you know, a $1 billion in customer support or more, there is leverage. I can go spend $30, $40, $50 million deploying an LLM and saving half my cost. If you're running a small company and your entire cost is $50 million, it probably doesn't behoove you to go out and create an LLM-based generative AI project to go out and pay and take away $20 million of cost.

takes other people's data and makes a better UI, you have something to worry about. So I think from that perspective, it favors companies which have tremendous amounts of data. I think the second thing is also important to understand. If I have 14,000 people, I spend thousands of, billion dollars in customer support or more, there is leverage. I can go spend 30, 40, $50 million deploying an NLM and saving half my cost. If you're running a small company and your entire cost is $50 million, it probably doesn't behoove you to go

Nikesh Arora: So I think it also benefits people of scale who are able to drive efficiency using Generative AI across the enterprise, allowing them to grow their business much faster with limited resources.

So I think it also benefits people of scale who are able to drive efficiency using Generative AI across the enterprise, allowing them to grow their business much faster with limited resources.

Walter Pritchard: ... Does that help?

... Does that help?

Matt Hedberg: It does. Thanks, Rakesh.

Matt Hedberg: It does. Thanks, Rakesh.

Walter Pritchard: Great. Great, thanks, Greg. And, Shaul Eyal from Cowen, our last question.

Walter Pritchard: Great. Great, thanks, Greg. And, Shaul Eyal from Cowen, our last question.

Shaul Eyal: Thank you for that. Good afternoon. Congrats, team. Rakesh, I want to go back actually. I know Brad was asking about M&A. I want to ask about the competitive landscape, but specifically with a focus, maybe on the CNAPP front. So my question is, how do you think about it? Any change, do you think that the product right now, as it stands, is comprehensive or anything you might be thinking of maybe augmenting, specifically on the CNAPP front? Thank you for that.

Shaul Eyal: Thank you for that. Good afternoon. Congrats, team. Rakesh, I want to go back actually. I know Brad was asking about M&A. I want to ask about the competitive landscape, but specifically with a focus, maybe on the CNAPP front. So my question is, how do you think about it? Any change, do you think that the product right now, as it stands, is comprehensive or anything you might be thinking of maybe augmenting, specifically on the CNAPP front? Thank you for that.

Good afternoon, congrats team. I want to go back, actually, you know Brad was asking about M&A. I want to ask about the competitive landscape, but specifically with a focus maybe on the CNAP front. My question is, how do you think about it?

Any change, do you think that the product right now as it stands is comprehensive or anything you might be thinking of maybe augmenting specifically on the C&F front? Thank you for that. That's by far the most comprehensive.

Lee Klarich: We have by far the most comprehensive cloud-native application protection platform there is. That doesn't mean that we do everything, but we do far more than any other solution out there. There's tremendous amount of focus on delivering capabilities that we've been building internally, organically amongst the team. We've seen the most recent one, we delivered with secret scanning just a few months ago. We've seen very good early adoption of that. At the same time, we're also delivering on the latest acquisition of Cider Security, where we expect that to become a new module in the next couple of months, available to all of our Prisma Cloud customers. And so, the...

Lee Klarich: We have by far the most comprehensive cloud-native application protection platform there is. That doesn't mean that we do everything, but we do far more than any other solution out there. There's tremendous amount of focus on delivering capabilities that we've been building internally, organically amongst the team. We've seen the most recent one, we delivered with secret scanning just a few months ago. We've seen very good early adoption of that.

cloud-native application protection platform there is. That doesn't mean that we do everything, but we do far more than any other solution out there.

There's tremendous amount of focus on delivering capabilities that we've been building internally, organically amongst the team. We've seen the most recent one we delivered with secret scanning just a few months ago. We've seen very good early adoption of that.

At the same time, we're also delivering on the latest acquisition of Cider Security, where we expect that to become a new module in the next couple of months, available to all of our Prisma Cloud customers. And so, the...

At the same time, we're also delivering on the latest acquisition of CIDR security, where we expect that to become a new module in the next couple of months available to all of our Prisma Cloud customers. And so Nikesh talked about how we've leveraged M&A in the past to help build some of the key technology areas of Prisma Cloud, which is absolutely true. We're going to take a look at the new version of the Prisma Cloud. So, let's take a look at the new version of the Prisma Cloud. So, let's take a look at the new version of the Prisma Cloud.

Lee Klarich: You know, Nikesh talked about how we've leveraged M&A in the past to help build some of the key technology areas of Prisma Cloud, which is absolutely true. We have also shown an ability to deliver new cloud security capabilities organically and be very successful at that, and right now, feel good about the balance of both those capabilities and how we're bringing them together, and how we continue to deliver new innovations.

You know, Nikesh talked about how we've leveraged M&A in the past to help build some of the key technology areas of Prisma Cloud, which is absolutely true. We have also shown an ability to deliver new cloud security capabilities organically and be very successful at that, and right now, feel good about the balance of both those capabilities and how we're bringing them together, and how we continue to deliver new innovations.

We have also shown an ability to deliver new cloud security capabilities organically and be very successful at that. And right now, feel good about the balance of both those capabilities and how we're bringing them together and how we continue to deliver new innovations.

Shaul Eyal: Thank you.

Shaul Eyal: Thank you.

Walter Pritchard: Thank you for the question. With that, we'll conclude the Q&A portion of the call, and I'd like to pass it back to Nikesh for his closing remarks.

Walter Pritchard: Thank you for the question. With that, we'll conclude the Q&A portion of the call, and I'd like to pass it back to Nikesh for his closing remarks.

Thank you for the question. With that, we'll conclude the Q&A portion of the call and I'd like to pass it back to Nikesh for his closing remarks. Thank you very much again everybody for joining us. We look forward to seeing you at the upcoming investor events. I also want to once again take an opportunity to thank all of our employees who worked very hard.

Matt Hedberg: Well, thank you very much again, everybody, for joining us. We look forward to seeing you, many of you, at the upcoming investor events. I also want to once again take an opportunity to thank all of our employees who work very hard in a very dedicated fashion, as you all know, to help us achieve the results. Not only that, a big thank you to all of our partners and our customers around the world. Have a wonderful day. Thank you.

Nikesh Arora: Well, thank you very much again, everybody, for joining us. We look forward to seeing you, many of you, at the upcoming investor events. I also want to once again take an opportunity to thank all of our employees who work very hard in a very dedicated fashion, as you all know, to help us achieve the results. Not only that, a big thank you to all of our partners and our customers around the world. Have a wonderful day. Thank you.

in a very dedicated fashion, as you all know, to help us achieve the results. Not only that, a big thank you to all of our partners and our customers around the world. Have a wonderful day. Thank you.