“`html

Image source: The Motley Fool.

Palo Alto Networks (NASDAQ: PANW)
Q1 2025 Earnings Call
Nov 20, 2024, 4:30 p.m. ET

Palo Alto Networks Kicks Off Fiscal 2025 with Strong Q1 Results

Summary of Today’s Call

• Prepared Remarks
• Questions and Answers
• Call Participants

Prepared Remarks:

Walter Pritchard — Senior Vice President, Investor Relations and Corporate Development

Welcome, everyone, to Palo Alto Networks’ first quarter 2025 earnings call. I’m Walter Pritchard, the senior vice president of investor relations and corporate development. This call is being recorded today, Wednesday, November 20th, 2024, at 1:30 p.m. Pacific Time.

Joining me are Nikesh Arora, our chairman and chief executive officer, and Dipak Golechha, our chief financial officer. After our prepared remarks, Lee Klarich, our chief product officer, will participate in the question-and-answer segment. For more information, including the earnings presentation, visit our website at investors.paloaltonetworks.com.

Investment Opportunities Highlighted

Are you worried about missing key stock opportunities? Pay attention to this.

Our expert analysts are advising on a “Double Down” stock recommendation for companies poised for growth. Don’t miss out—now could be the best time to invest:

• Nvidia: If you invested $1,000 when we doubled down in 2009, you’d have $381,173!*
• Apple: If you invested $1,000 when we doubled down in 2008, you’d have $43,232!*
• Netflix: If you invested $1,000 when we doubled down in 2004, you’d have $469,895!*

We are currently issuing “Double Down” alerts for three outstanding companies, presenting a unique investment chance.

See 3 “Double Down” stocks »

*Stock Advisor returns as of November 18, 2024

During today’s call, we will cover forward-looking statements regarding the company’s prospects. These statements carry potential risks and uncertainties that could lead to different outcomes than expected. We encourage you to review our press releases and SEC filings for more details on these risks. We are under no obligation to update any forward-looking statements made here.

This presentation includes non-GAAP financial measures, which should be considered alongside GAAP metrics. You can find the required reconciliations in the press release and investor presentation appendix. Unless noted, all results and comparisons are year-over-year for fiscal performance.

Management will also take part in the UBS Global Technology Conference. Now, I will turn the call over to Nikesh.

Nikesh Arora — Chairman and Chief Executive Officer

Thank you, Walter. Good afternoon, and welcome to our earnings call. We are pleased to announce a strong start to fiscal year 2025. In the first quarter, we focused on remaining performance objectives and achieved exceptional results, exceeding expectations in key areas.

The demand for cybersecurity remains robust and is growing faster than the overall tech market. Although technology spending is increasing due to AI, cybersecurity continues to capture significant investments. We saw substantial growth in our next-generation security solutions, especially with Cortex and NetSec, where NGS ARR rose by 40% to over $4.5 billion.

This performance outstripped both our own and analysts’ projections, aside from a one-time increase linked to our deal with IBM. On the profitability side, we improved our operating margin by 60 basis points year over year, benefiting from our ongoing efficiency initiatives, while also investing in growth. The net result was a 13% growth in EPS along with robust cash generation. We are proud of our ability to scale our operations while maintaining sound financial management.

We have long emphasized the importance of simplifying security architectures. This past quarter saw us accelerate our platformization efforts. Although I wish we had implemented these decisions more rapidly, we’ve observed significant momentum among our partners and customer relationships.

Notably, competitors in our industry are beginning to adopt similar platformization strategies. Recent research shows that Gartner estimates 75% of security leaders are pursuing vendor consolidation, yet fewer than 15% of large enterprises have deployed at least one security platform solution. They also project that by 2028, 45% of organizations will utilize fewer than 15 cybersecurity tools, a rise from just 13% in 2023.

I want to clarify our vision for platformization, which centers on utilizing advanced AI and automation to streamline threat detection and response. Our strategy focuses on consolidating security data from various sources to analyze effectively and respond swiftly against attacks. Though challenging, our XSIAM and cloud platforms are beginning to show promising results in this area.

Our network security approach represents a comprehensive solution in the industry, providing a single interface for a multitude of use cases. As noted by a customer, “That’s one pane of glass versus many glasses of pane.” While competitors are proclaiming their platform strategies, we are confident in our ability to lead in this domain.

“`

Cybersecurity Industry Shifts Towards Platformization: Strong Q1 Metrics Highlight Growth Potential

The cybersecurity industry is entering a new era, where major companies will dominate the market over the next five to ten years. Point solutions will likely get absorbed into these larger platforms.

Strategic Direction Enhancement at the Start of FY 2024

As we begin our new fiscal year, we are adjusting our marketing strategies to focus on platformization. Our aim is to enhance the effectiveness of our sales teams, equipping them to showcase the unique benefits of our comprehensive security solutions spanning network security, cloud security, and security operations. With the support of expert consultants and architects for each platform, we are sharpening our sales efforts.

Q1 Results Are Encouraging

Our first-quarter results affirm this direction. We achieved over 70 new platformizations, driven in part by our acquisition of QRadar SaaS, bringing our total to about 1,100 platformizations.

Growth in Annual Recurring Revenue (ARR) Per Customer

In addition to adding new platformizations, we noted a 6% increase in ARR per platformized customer compared to fiscal year 2024’s average. This rise stems from our success in securing larger contracts and our team’s continuous innovation that enhances existing deployments.

Advancements in Network Security Hit New Heights

In network security, we are seeing increased demand for advanced subscription services and additional modules in Secure Access Service Edge (SASE). Products like Autonomous Digital Experience Management (ADEM) and Cloud Access Security Broker (CASB) are critical as we aim to incorporate AI solutions in the future. Our strong Q1 positions us well for achieving between 2,500 and 3,500 platformization deals by fiscal year 2030, thanks to continued growth in our Next-Gen Security (NGS) ARR.

Market Drivers and Expansion into Cloud Security

Several factors are boosting our success, including network security customers increasingly opting for SASE and zero-trust security models. Beyond network security, we now boast over $2 billion in NGS ARR. Our cloud security division recently surpassed the $700 million mark, and our Cortex operations crossed $1 billion.

Major Transactions Signal Confidence

Recent large deals reflect our strong positioning. We secured a transaction exceeding $50 million with a tech firm, replacing multiple Security Information and Event Management (SIEM) systems with our XSIAM and XDR solutions. This client, previously using QRadar, expanded their relationship by adding SASE to their network security suite.

Significant Wins in Healthcare and Finance

In healthcare, we landed a deal with the National Hospital System, valued at over $15 million. They sought to enhance their network security after noting numerous high-profile breaches in the sector, opting for our firewalls and setting the stage for future SASE deployments. Additionally, a financial institution agreed to a $20 million contract, standardizing their security solutions with us following their strategic adoption of SASE last year.

Strong Growth in Large Deal Transactions

Overall, we recorded 305 transactions exceeding $1 million, marking a 13% increase, along with 60 transactions over $5 million, which is up 30% from previous results. Our three platforms are instrumental in driving this growth.

Increased Demand in Network Security Products

Steady demand in our product business is spurred by customer refresh initiatives and the desire to enhance network security across categories. As clients transition to cloud services, they are investing more in software firewalls to safeguard their cloud environments. The upgrade of our products supports these AI use cases while we maintain a positive outlook on our growth in cloud-deployed software firewalls, which constitute 70% of our total virtual firewalls ARR.

SASE’s Role in Transformation Opportunities

SASE continues to create transformation opportunities. We’ve integrated AI-based monitoring and expanded capabilities to manage AI applications within the platform. Notably, a 40% growth in new SASE customers underscores our capacity to evolve relationships and enhance the network security platform post-implementation.

Investments in Innovation Drive Customer Engagement

We remain committed to ensuring effective operations in operational technology environments, addressing challenges like limited visibility and unauthorized remote access. Our emphasis on AI and innovative products is evident as we engage more customers interested in our Secure AI by Design offerings.

In summary, our proactive strategy and robust performance metrics position us well for ongoing growth in the cybersecurity landscape.

Revolutionizing Security: New AI Tools and Integrated Services from Prisma Access

Prisma Access continues to lead the industry with its extensive suite of over 750 AI applications, a number that grows daily. Inline data loss prevention is now offered for more than 65 applications, reflecting a commitment to advancing cybersecurity measures.

Introducing the Strata Copilot for Enhanced Decision-Making

This quarter, we launched the Strata Copilot across our three platforms, driven by our focus on providing maximum accuracy. The feedback from users has been overwhelmingly positive. Trained on nearly 50,000 vetted sources, the Copilot helps customers make quicker decisions and streamline remediation processes. A version is also utilized by our customer support teams, which has already begun to improve our response times significantly.

Security Innovations: Prisma Access Browser and Talon Integration

In December of last year, we acquired Talon Cyber Security, recognizing the increasing need to secure unmanaged devices, such as those used by contractors. This strategic acquisition allowed us to be the first to integrate a secure browser into our SASE offering, leading to the development of the robust Prisma Access Browser.

We’ve integrated the Talon technology with our existing security, data loss prevention (DLP), and access services. The result is a secure browser that effectively addresses targeted attacks like phishing while also enabling access to high-risk web applications. Customers adopting the Prisma Access Browser find it seamlessly enhances their security without disrupting the user experience, particularly those using SaaS applications and new AI tools.

Moreover, the shift away from virtual desktop infrastructure (VDI) is gaining momentum. By introducing new protocols like SSH and RDP, along with mobile device support, we aim to increase our VDI user base. The Prisma Access Browser enhances the end-user experience, contributing to its increasing adoption, as demonstrated by the acquisition of over 1 million licenses and more than 115 new customers since integrating Talon.

Cortex: Surpassing $1 Billion in ARR and Strong Market Position

Cortex has achieved a significant milestone, crossing the $1 billion annual recurring revenue (ARR) mark in Q1. The portfolio has been meticulously developed over the last six years, starting with our Extended Detection and Response (XDR) solutions, and continues to receive recognition as a leader in the security market.

Our XSIAM offering has particularly excelled, showing strong innovation and market traction. We have released over 400 new machine learning detection modules using precision AI, with more than 150 active customers, including those generating high revenues. Additionally, our recent partnership with IBM, highlighted by the successful QRadar transaction, opens the door to further expansion, with over 550 QRadar SaaS customers now integrated into our STEM ecosystem.

With the integration of QRadar, we anticipate total contract value (TCV) surpassing $80 million as we execute strategic go-to-market programs. There is a robust pipeline for XSIAM with over 500 active opportunities valued beyond $1 billion, indicating a solid future in this sector.

Adapting to the Rapidly Changing Cloud Security Landscape

The pace of change in cloud technology is outpacing that of traditional on-premises solutions, presenting challenges for security teams. As new updates and services are deployed frequently, the demand for instant cloud security becomes critical. Our combined Prisma Cloud and Cortex offerings have seen a dramatic rise, with agent deployments increasing tenfold since our product launch in April. Current growth trends reflect a 15% year-over-year increase in our customer base.

About one-third of our Prisma Cloud customers are also utilizing Cortex products, illustrating the effectiveness of our integrated portfolio. Recent developments include the introduction of automated remediation capabilities within our data security posture management (DSPM) tools, enhancing our response to data security risks. Additionally, we are excited about the initial adoption of our AI copilots, aiming to create a balance between machine-led and human-supported security operations.

As we continue to innovate, the integration of DSPM capabilities from our Dig acquisition will empower customers to track potential attack paths in their cloud networks, fortifying their defenses against rising cloud data threats.

Our journey toward securing AI-driven solutions is well underway. By combining AI runtime capabilities with robust security offerings, we are set to redefine the landscape of cloud security.

Cybersecurity Leader Reports Strong Q1 Performance and Growth Plans

During a recent update, the management of a prominent cybersecurity company highlighted their strategies for growth and innovation in the competitive market. They also detailed early successes in cloud environments and a new initiative aimed at boosting managed security providers.

Key Developments in Cybersecurity Strategy

The company is witnessing solid industry recognition of its strategies, with Q1 reflecting consistent progress. Their focus on platformization is enhancing their Next-Gen Security Annual Recurring Revenue (NGS ARR), setting them on a path to achieve long-term goals while ensuring sustainable and profitable growth. They are forming significant partnerships with major global organizations, credited to the superior security outcomes their solutions provide, compared to alternatives.

Over the past six years, the cybersecurity firm has integrated its offerings across three AI-powered platforms, which it believes are among the best in network cloud and security operations. Continued investments in these areas are essential to staying at the forefront of the intersection between cybersecurity and AI. Customers’ requests for comprehensive solutions have led the company to enhance real-time security measures across their cloud and cortex systems, addressing pressing needs in an evolving landscape.

Commitment to Innovation and Market Leadership

The organization believes it is uniquely positioned as a dedicated cybersecurity company with the resources to promote ongoing innovation. They have rolled out features that outshine those of competitors, such as natively integrated browser and Secure Access Service Edge (SASE). Their advanced cloud and security operations portfolio positions them well for leadership in real-time cloud detection and response. Early indicators from product investments suggest growth potential for their extended Security Information and Event Management (XSIAM) platform.

Securing AI and Looking to the Future

The introduction of the Secure AI by Design portfolio marks a significant beginning for organizations wanting to integrate AI securely within their operations. Emulating successful platform strategies seen in sectors like Customer Relationship Management and Human Resources, the company aspires to replicate this success within the cybersecurity domain. Based on their robust performance, management has raised projections for NGS ARR, revenue, and earnings per share (EPS) for fiscal year 2025 and announced a 2-for-1 stock split to enhance accessibility for employees and investors.

Insights from Financial Performance

Dipak Golechha, Chief Financial Officer, shared insights into Q1 outcomes. The total revenue reached $2.14 billion, reflecting a 14% increase, surpassing projections. Product revenue grew by 4%, while services revenue surged 16%. Subscription revenue alone saw a remarkable growth of 21%.

Geographical performance showed robust double-digit growth across all regions, with the Americas growing by 12%, EMEA up by 21%, and JAPAC by 13%. Additionally, the company’s remaining performance obligations (RPO) rose by 20% to $12.6 billion, with a notable addition due to the QRadar SaaS acquisition, indicating strong continued demand.

The average contract duration has stabilized around three years. The NGS ARR increased impressively by 40%, reaching $4.52 billion, aided significantly by QRadar SaaS. However, a forecasted decline in the QRadar contribution is anticipated as the company transitions customers to the XSIAM platform.

Financial Health and Operational Efficiency

The organization reported a gross margin of 77.3%, slightly down from past performance, attributed to newer, still-scaling SaaS offerings. Despite challenges, efficiencies are being realized as the company prioritizes profitable growth, leading to improved operating margins and higher EPS.

On the balance sheet, debt levels decreased significantly by over $300 million, with the company benefiting from early conversions of convertible debt. The remaining debt, due in June 2025, may continue to see early conversions. Share repurchases remain opportunistic, with $1 billion still authorized until December 2025.

Efforts Towards Long-Term Value Creation

The management’s strategic pivot towards RPO and NGS ARR reflects their commitment to long-term value creation. Early results from Q1 are promising following efforts to optimize sales processes and enhance deal profitability. Noteworthy deals in sectors like semiconductor and healthcare demonstrate how structuring agreements around annual billing can expedite processes and align with customer requirements.

This focused emphasis on profitability and strategic alignment bolsters the company’s position as it navigates complexities in the cybersecurity landscape, aiming to drive further enhancements in predictability and overall growth driven by their innovative solutions.

Palo Alto Networks Sees Promising Growth and Stock Split Ahead

Company Provides Financial Guidance for Fiscal Year 2025

Last quarter, I noted that we anticipated our billings would grow by 12% this fiscal year if we maintained our current business practices. After evaluating Q1 results, this assumption remains valid. However, analyzing billings on a quarterly basis is becoming less relevant, as it no longer reflects our operational changes.

Positive Outlook for Cash Flow

Our strong Q1 performance reinforces our confidence in the cash flow outlook for the year. For fiscal year 2025, we project NGS ARR to be between $5.52 billion and $5.57 billion, which marks a significant increase of 31% to 32%. This projection accounts for around half of the $74 million in ARR from QRadar reported in Q1, along with additional momentum in our NGS offerings that Nikesh and I previously discussed.

The remaining performance obligation is expected to be between $15.2 billion and $15.3 billion, reflecting a growth of 19% to 20%. We expect total revenue to range from $9.12 billion to $9.17 billion, indicating a 14% rise. Operating margins are projected to be between 27.5% and 28%. Our diluted non-GAAP EPS is estimated to be between $6.26 to $6.39, also showing a 10% to 13% increase. For adjusted free cash flow margin, we anticipate values between 37% and 38%.

Looking specifically at Q2, we expect NGS ARR to fall between $4.70 billion and $4.75 billion, which would be an increase of 35% to 36%. Remaining performance obligation is projected to reach between $12.9 billion and $13 billion, a growth of 20% to 21%. Revenue expectations for this quarter are set between $2.22 billion and $2.25 billion, reflecting a 12% to 14% increase. Our diluted non-GAAP EPS is estimated to be between $1.54 to $1.56 per share, representing a rise of 5% to 6%. We have included our usual modeling points in the presentation for further examination.

Stock Split Announced

As Nikesh mentioned, we are excited to announce a 2-for-1 split of Palo Alto Network’s common stock. This decision stems from our confidence in ongoing business momentum, as well as our aim to make shares more accessible to employees and a wider pool of investors. Shareholders recorded at the close of trading on December 12, 2024, will receive one additional share for each share held, after the close of trading on December 13, 2024. The stock will commence trading on a split-adjusted basis on December 16, 2024.

This concludes our initial remarks, and we will now show a brief video before starting the Q&A session. [Commercial break]

Walter Pritchard — Senior Vice President, Investor Relations and Corporate Development

To encourage broad participation in the Q&A, each analyst may ask only one question. The first question will come from Saket Kalia from Barclays, followed by Brad Zelnick from Deutsche Bank. Please proceed, Saket.

Saket Kalia — Analyst

Thank you, everyone. It’s great to see a solid start to the year. This question might be relevant for both you, Nikesh and Dipak.

The platformization strategy appears to be showing results. We’ve discussed the long-term ARR implications, particularly regarding your long-term ARR target. Can we explore the margin implications of platformization as these deals usually involve larger amounts and higher lifetime value?

Nikesh Arora — Chairman and Chief Executive Officer

I’ll let Dipak elaborate, but here’s a quick overview. The most significant cost for any enterprise company typically comes from sales. Following that, the second highest cost is related to cloud expenses. Fortunately, we have strong agreements with two major cloud service providers, allowing us to maintain competitive margins similar to those of on-premise solutions due to our scale.

We expect this trend to continue improving. Furthermore, the more we can engage with existing customers through larger deal sizes, the more we can reduce our sales costs. For instance, rather than needing multiple deals to achieve $20 million, we can secure one deal that meets that threshold, minimizing incremental sales expenses. Additionally, through our revamped customer support systems, we’ve noticed faster resolutions for easier support cases by utilizing support copilots; thus, we foresee promising potential for future margin expansions across customer service, costs of goods sold, and sales costs.

Walter Pritchard — Senior Vice President, Investor Relations and Corporate Development

Thanks, Saket, for your question. Next, we have Brad Zelnick from Deutsche Bank, followed by Hamza Fodderwala from Morgan Stanley. Go ahead, Brad.

Brad Zelnick — Analyst

Thanks, and congrats on a solid start to the year. Nikesh, I see that your net security competitors are discussing hardware refresh cycles. While I know hardware represents a smaller aspect of your business, I won’t dive into why you’re not expecting benefits from refreshes.

Nikesh Arora — Chairman and Chief Executive Officer

However, we welcome their refresh cycles, as this provides us with opportunities to gain their customers. A refresh cycle in the market is a positive indicator for us.

Brad Zelnick — Analyst

That leads me to my question. How should we assess the impact of these refresh cycles on your opportunities? Specifically, could they be beneficial in allowing you to displace their customers? Conversely, could there be challenges if they use this opportunity to bundle in competing capabilities? Are you actively pursuing campaigns to attract these customers?

Nikesh Arora — Chairman and Chief Executive Officer

Let me clarify that. While I may have spoken quickly, I did mention that we view hardware positively. We see steady growth in hardware, spurred by customer refreshes, as well as a rise in demand for new use cases like ruggedized and IoT devices. Moreover, we are gradually acquiring more customers from our competitors. As SASE customers begin to reach the end of life for their current hardware, they often shift to Palo Alto because they are already familiar with our security interface. This transition allows them to continue using firewalls along with our SASE management pane seamlessly.

This change won’t happen overnight, but it will evolve gradually. Annually, we see an increase of 200 to 300 in our market share for hardware firewalls.

Palo Alto Networks Discusses Future Growth Amid Market Changes

In a recent earnings call, Palo Alto Networks’ executives outlined their strategies and expectations for growth as they navigate a shifting landscape in cybersecurity.

Market Dynamics: Who Will Share and Who Will Acquire?

Walter Pritchard, Senior Vice President for Investor Relations, emphasized the importance of understanding the market’s dynamics. As companies refresh their tech cycles, Pritchard noted, some will donate market share while others, including Palo Alto Networks, aim to acquire it. The company’s confidence in the hardware products driving growth was clear.

AI’s Impact on Security Spending

Hamza Fodderwala from Morgan Stanley raised concerns about the 2025 outlook, mentioning both optimism due to new products and hesitance from CIOs and CISOs regarding spending. In response, Nikesh Arora, Chairman and CEO, highlighted artificial intelligence as a transformative force over the next 12 to 48 months. As attacks grow more sophisticated, the need for enhanced security measures will likely push CIOs to increase their budgets. Arora explained that organizations are consolidating their security expenses by integrating multiple products, which helps reduce costs while improving efficiency.

Future Risks and Opportunities

Addressing concerns about possible reductions in federal budgets with shifts in administration, Arora indicated that heightened risks might also lead to greater returns. The company aims to align more closely with CIOs in the coming years, looking to address evolving security needs effectively.

Integration of Cortex and Cloud Strategies

Brian Essex from JPMorgan inquired about the collaboration between Cortex and the cloud services. Arora affirmed that the current cloud market has matured into three segments, with Palo Alto Networks emerging as a leader in network traffic management. The integration of cloud security features emphasizes the importance of real-time protection against threats, which the company believes will enhance its competitive position across its product segments.

Data-Driven Cloud Security

Lee Klarich, Chief Product Officer, elaborated on how the integration of cloud posture management and Cloud Detection Response (CDR) has begun to merge the two fields. This synergy aims to provide real-time security for cloud workloads while giving insights into potential vulnerabilities, enhancing overall safety.

Defying Market Trends

Joseph Gallo from Jefferies noted that despite a generally cautious outlook for Q4 cybersecurity performance, Palo Alto Networks projected growth in recurring revenue. CFO Dipak Golechha explained that the company’s diverse product portfolio and strategic acquisitions, such as the recent IBM deal, solidify their confidence in future opportunities. He reaffirmed that their approach focuses on internal metrics instead of external speculation about the general market.

This earnings call not only highlighted the company’s efforts in expanding its market share but also illustrated its commitment to delivering enhanced security solutions in an evolving digital landscape.

“`html

Palo Alto Networks Confident in SIEM Market Shift and Platform Win

Walter Pritchard — Senior Vice President, Investor Relations and Corporate Development

Thank you for the question, Joe. Next up, Matt Hedberg, followed by Gregg Moskowitz.

Matthew Hedberg — Analyst

Thanks for taking my questions. The success in large deals is impressive. You spent considerable time discussing platformization, particularly how Q1 enhances these efforts.

Could you elaborate on the SIEM segment? The NGS offers a notable next-gen SIEM replacement opportunity. We’ve discussed some competitors like Splunk. What factors could speed up these large replacement deals? I understand they can take a while, but are there specific strategies you can implement to expedite these processes?

Nikesh Arora — Chairman and Chief Executive Officer

Matt, we are quite pleased. In the two years since launching XSIAM, we are encouraged by our progress. We’ve surpassed $1 billion in ARR in our Cortex segment and are landing larger XSIAM deals—currently, we have 150 customers and a promising pipeline over a billion dollars. This is shaping up to be the fastest-growing product in cybersecurity history.

The SIEM market shows that 90% of existing systems are 10 to 15 years old. When you examine traditional SIEM solutions like QRadar, LogRhythm, and Splunk, many are outdated. We are witnessing a new wave of SIEM solutions poised to replace these legacy systems. Similar to the endpoint replacement cycle moving from Symantec and McAfee to XDR vendors, a significant transformation in the SIEM landscape is imminent.

Given our ability to significantly enhance security measures, detect issues quicker, and cut costs, our value proposition is compelling. If a customer is spending $10 million a year to run their SOC, we can do it for $9 million and substantially improve their median time to remedy from four days down to under four hours. This is a strong offer, and we’re observing huge market interest, especially from QRadar customers who are facing the need to migrate.

Ultimately, over the next three to five years, the entire $20 billion SIEM total addressable market (TAM) will see considerable upheaval.

Walter Pritchard — Senior Vice President, Investor Relations and Corporate Development

Thanks for your insights, Matt. Next, we have Gregg Moskowitz from Mizuho, followed by Rob Owens from Piper Sandler. Go ahead, Gregg.

Gregg Moskowitz — Analyst

Thank you for the opportunity. Nikesh, now that we’ve had a few quarters focusing on platformization, could you provide insights on its effectiveness? Are there specific strategies that have resonated most with customers, such as legacy trade-ins or multi-product incentives?

Nikesh Arora — Chairman and Chief Executive Officer

The factor that stands out most, Gregg, is the reduction of execution risk. When I approach a customer with a phased plan, where we start by deploying their SASE and later replace their firewalls, they appreciate the strategy. Customers are relieved when I say, “Let’s start now, and you can begin paying once the current deal expires.” This approach minimizes the risk of extending existing contracts, which could inflate future costs. Understanding that executing now means a smoother transition has proven effective.

In many cases, we have successfully combined XDR and SIEM requests for proposals (RFPs). With 50% of data likely shifting to XDR from various sources, it is crucial to ensure that this data enhances our SIEM capabilities for improved security outcomes.

Gregg Moskowitz — Analyst

Thank you.

Walter Pritchard — Senior Vice President, Investor Relations and Corporate Development

Next question comes from Rob Owens at Piper Sandler, followed by Gray Powell from BTIG.

Rob Owens — Analyst

Thanks, Walter. Nikesh, could you expand on your remarks regarding data security? This area is pivotal and, alongside next-gen SIEM, represents a significant opportunity. What insights do you have from end customers? I know you’ve made acquisitions to enhance your DSPM capabilities. How do you see Palo Alto evolving in this space?

Nikesh Arora — Chairman and Chief Executive Officer

Rob, I’ll hand this over to Lee for further details.

Lee Klarich — Chief Product Officer

Thanks, Rob. Looking back, data security has been a tough area due to challenges in accurate data classification and enforcement of policies across all platforms. We have evolved our data security strategy in two key ways. First, we’ve improved our coverage for where data may reside, enhancing our classification accuracy through AI and machine learning technologies. We’ve rolled out AI-based classification over the past six months, allowing for precise data protection across all environments.

The second crucial aspect is linking these efforts to our Prisma Access Browser. Understanding how users interact with data—accessing, sharing, and downloading it—presents some of the highest risks in data security. Using our secure browser, we can capture the necessary context to enforce effective policies.

“`

This rewrite enhances the clarity of the original text while preserving essential details. It combines professional tone with easy-to-understand language, presenting a coherent narrative suitable for high school readers.“`html

Palo Alto Networks Discusses Prisma Access Growth and QRadar Migration Strategies

Prisma Access Browser: Expanding Security Solutions for All Employees

Early users of the Prisma Access Browser highlight its role in enhancing data security across various devices. This tool, designed to better secure data interactions, is transitioning from focusing solely on unmanaged devices to supporting all devices within a company.

Walter Pritchard — Senior Vice President, Investor Relations and Corporate Development

Thank you, Rob, for your question. Next up is Gray Powell from BTIG, followed by Andy Nowinski from Wells Fargo. Please go ahead, Gray.

Gray Powell — Analyst

I appreciate the opportunity to ask my question. I have some confusion regarding the NGS ARR statistics. Looking at the numbers and excluding the QRadar deal, net new ARR increased by approximately 230 million this quarter compared to 270 million last year. This is the first time this metric has declined year-over-year. Is there something I missed or some aspect of the acquisition that needs clarification? Additionally, how much of the year’s increase in NGS ARR is organic versus being driven by QRadar?

Dipak Golechha — Chief Financial Officer

Let me address both your points, Gray. First, NGS ARR exceeded our guidance this quarter. Part of this variation stems from some cloud subscription products that transitioned to NGS ARR over the past year, particularly advanced versions of our firewalls. We anticipated this change, which is why we set our initial guidance accordingly. Regarding QRadar, we mentioned a one-time benefit. Our long-term strategy is to migrate all customers to XSIAM, with about half expected to transition within the year.

Nikesh Arora — Chairman and Chief Executive Officer

Gray, to clarify what Dipak noted, the organic NGS ARR peaked this quarter at 74 million from IBM. We expect about half of that to shift to us while the rest will remain on QRoC through the end of the fiscal year. No further net new inorganic NGS ARR is anticipated this year.

Gray Powell — Analyst

Got it, thank you for the clarification.

Walter Pritchard — Senior Vice President, Investor Relations and Corporate Development

Thanks again, Gray. Now we have Andy Nowinski from Wells Fargo, followed by Fatima Boolani from Citi. Andy, go ahead.

Andrew Nowinski — Analyst

Thank you. Good afternoon, and congrats on the strong results. I have a question about Prisma SASE. You noted several significant deals that either deployed or expanded the use of SASE. Could you update us on the ARR growth from this solution? Are the new customers coming from other vendors or were they previously without any SASE solution?

Nikesh Arora — Chairman and Chief Executive Officer

The answer is a combination of both. Some customers are transforming their networks and replacing outdated VPN solutions. Others are shifting from competitors that only offered basic services. Importantly, 40 percent of these new customers are entirely new to us, installing our SASE solution. As I’ve mentioned before, the SASE market is rapidly growing, and we are among the top three providers. We’re continually innovating within this space.

The Prisma Access Browser is available for existing SASE customers to utilize unused licenses, allowing them to experience our integrated solution seamlessly. We are looking forward to reaching the $1 billion milestone we’ve set for this segment.

Andrew Nowinski — Analyst

Thank you.

Walter Pritchard — Senior Vice President, Investor Relations and Corporate Development

Thanks, Andy. Next up is Fatima Boolani from Citi, followed by Roger Boyd from UBS. Fatima, please proceed.

Fatima Boolani — Analyst

Thank you, good afternoon, and I appreciate your time. The spotlight seems to be on QRadar and the more than 80 million in bookings achieved recently. I’d like to pivot to QRadar’s on-premise revenue. Nikesh, you mentioned the outdated technology in the SIEM market. How do you plan to transition the roughly 500 million in revenue from on-premise QRadar customers to XSIAM? Over the next 12 to 24 months, what impact do you anticipate this could have on the business?

Nikesh Arora — Chairman and Chief Executive Officer

Fatima, we had an interesting discussion in our recent board meeting about which deal will prove to be Palo Alto’s best. Mine is the IBM deal, while another board member preferred the Talon deal. Regarding QRadar, our teams are actively reaching out to the top 500 customers to facilitate the migration. This initiative applies to both QRoC and on-premise customers. The billion-dollar pipeline includes both groups.

Our message to on-premise customers is clear: these technologies will migrate over time. IBM has been extremely supportive in this transition, helping us reach out to customers. We recently collaborated on a call with a client, where we jointly discussed migration services and how to transfer their existing QRadar configurations to Palo Alto’s XSIAM.

Our commitment remains to provide comprehensive support during this transition, ensuring a smooth migration path.

“““html

Palo Alto Networks Eyes Top Three Spot in Cybersecurity with New Partnerships

Company Leaders Discuss Growth Prospects and Customer Engagement

“I haven’t seen a partnership like this in the cybersecurity industry yet,” said Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development. “While we have high expectations, achieving success will require hard work and execution. Our teams are focused and dedicated as we aim to propel ourselves into the top three Security Information and Event Management (SIEM) players in the market within the next two years, a space we were not in just two years ago.”

Fatima Boolani, Analyst, thanked Walter for his insights before handing the floor over to Roger Boyd of UBS, who posed the final question.

Roger Boyd — Analyst at UBS: “Dipak, you mentioned that contract durations on new business have stayed stable at around three years. Can you elaborate on renewal and upsell trends, especially regarding platform deals involving XSIAM, which tends to have longer contract durations? Should we expect contracts to lengthen as customers invest more strategically in your platform?”

Dipak Golechha, Chief Financial Officer, responded, “Thanks for the question, Roger. As a large company, we cater to a diverse range of customers. While some are extending their contracts, others are opting for shorter renewals in anticipation of future platform innovations. Overall, the renewal data shows a slight upward trend, though not significantly.”

Roger appreciated the clarification. Walter Pritchard concluded, “Thank you, Roger. This wraps up our Q&A session. I’ll now hand it back to Nikesh Arora, our CEO, for closing remarks.”

Nikesh Arora, Chairman and CEO, expressed gratitude: “Thank you all for participating. We are thrilled with our strong start to FY ’25 and look forward to connecting at future investor events. Special thanks to our hardworking employees for their dedication, and to our customers for trusting Palo Alto with their cybersecurity needs.”

Call Participants:

• Walter Pritchard — Senior Vice President, Investor Relations and Corporate Development
• Nikesh Arora — Chairman and Chief Executive Officer
• Dipak Golechha — Chief Financial Officer
• Saket Kalia — Analyst
• Brad Zelnick — Analyst
• Hamza Fodderwala — Analyst
• Brian Essex — Analyst
• Lee Klarich — Chief Product Officer
• Joseph Gallo — Analyst
• Matthew Hedberg — Analyst
• Gregg Moskowitz — Analyst
• Rob Owens — Analyst
• Gray Powell — Analyst
• Andrew Nowinski — Analyst
• Andy Nowinski — Analyst
• Fatima Boolani — Analyst
• Roger Boyd — UBS — Analyst

More PANW analysis

All earnings call transcripts

This article is a transcript of this conference call produced for The Motley Fool. While we strive for accuracy, there may be errors, omissions, or inaccuracies in this document. The Motley Fool advises readers to conduct their own research, including listening to the call and reviewing the company’s SEC filings. Please see our Terms and Conditions for further details, including our Obligatory Capitalized Disclaimers of Liability.

The Motley Fool recommends Palo Alto Networks. The Motley Fool has a disclosure policy.

The views and opinions expressed herein are those of the author and do not necessarily reflect those of Nasdaq, Inc.

“`