Palo Alto Networks, Inc.
Q4 2023 Earnings Call Transcript

Published: 18 Aug 2023

Walter Pritchard:

Good day, everyone, and welcome to Palo Alto Networks Fiscal Fourth Quarter 2023 Earnings Conference Call. I'm Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development. Please note that this call is being recorded today, Friday, August 18, 2023 at 1
Nikesh Arora:

Thank you, Walter, and good afternoon, everyone. Thank you for spending your Friday afternoon or perhaps some part of your Friday evening with us. Our choice of Friday has definitely made us the topic de jure these past two weeks and has made for some very interesting reading of all the analyst notes. We apologize to people who are inconvenienced but as we had mentioned in our press release, we wanted to give ample time to analysts to have one-on-one calls with us over the weekend, and we have a sales conference that kicks off on Sunday. We want to make sure all of our information was disclosed out there. So again, we apologize for the unique Friday afternoon earnings call. But clearly, we have enjoyed the attention. Well, let me go and just straightaway dive into our Q4 results. We started off the year focusing on excellence and execution. We stayed true to that and delivered strong results in Q4, capping off a strong fiscal year 2023, where we met or exceeded our original top line guidance and significantly exceeded our profitability and cash flow guidance. This year indeed required clear focus across our company, and we're all proud that our team delivered throughout the year and especially in Q4. Our Q4 revenue grew 26% making our -- marking our 12th consecutive quarter of revenue growth north of 20%. Our billings grew 18% of a very strong 44% growth in Q4 a year ago, and RPO grew 30% ahead of our revenue growth. Our Q4 operating margins expanded by 760 basis points, driving $1.44 in non-GAAP earnings per share, and we achieved 39% adjusted free cash flow margins for the year. Our performance in Q4 did not come as a surprise to us. We've been investing in our next-generation security portfolio for some time now to position ourselves in the leadership position for the future of the cybersecurity market. It is this next-gen portfolio driving -- that is our growth transformation and enabling our leverage. Lee and his team will expand on this in the forward-looking part of our program. We achieved several important milestones in this quarter, especially in our software and cloud-based businesses this year. Our combined SASE, Cortex and cloud bookings were north of $1 billion in Q4. Our Cortex platform surpassed $1 billion in annual bookings last quarter, and we achieved the same milestone with SASE this quarter. We also exceeded $500 million in Prisma Cloud ARR. These product performances are all contributed to the strong growth we continue to enjoy in NGS ARR. Remember, that our NGS business is largely a capability new to us in the last five years and is primarily cloud delivered. This quarter, we added more new ARR than any other pure-play cybersecurity company. Our platformization is continuing to drive large deal momentum. One way to illustrate the traction of our next-generation security capability across network security, cloud security and SOC automation, so look at the makeup of some of our largest deals. When we deliver best-of-breed products that are also integrated into platforms, we help customers simplify their architectures, lower their cost of ownership and benefit from differentiated cross-platform capabilities. This is a win-win scenario. 8 out of our top 10 deals saw a significant contribution from our next-generation security capabilities, five were essentially next-generation security deals. Here are some examples
Dipak Golechha:

Thank you, Nikesh, and good afternoon, everyone. Beyond providing the detailed results this quarter, I also wanted to highlight some additional business insights through the Q4 numbers to help you understand our results and provide context for our go-forward plans. As Nikesh mentioned, we saw strength across our various metrics, starting with the top line. This was especially true in our NGS ARR and RPO. NGS ARR grew 56%, driven by strength across our portfolio. RPO grew 30%, well ahead of our revenue growth. Broadly, the industry has experienced an increase in deal scrutiny as well as deal pushouts. The environment has become more challenging this year, and we started telling you about that at the beginning of our fiscal year. We got ahead of this changing environment by front-loading our sales hiring for the year, training our teams to address the tougher procurement processes and by having our sales management teams apply additional scrutiny to the pipeline earlier in the quarter. As a result of these efforts, we did not see a significant impact in Q4 from unexpected deal delays. We did see, however, see two impacts on the top line from the changing environment
A - Walter Pritchard:

Thanks, Dipak. We'll take about 15 minutes now, and we'll have a few questions. [Operator Instructions] For the first question, we'll go to Matt Hedberg from RBC with Rob Owens from Piper Sandler on deck. Please go ahead, Matt.
Matt Hedberg:

Great, guys. Thanks for taking my question Maybe, Nikesh, with you, the macro. Good results in the quarter. I wonder if you could just talk a bit more broadly about some of the broader trends that you're seeing. There's been some other -- obviously some comments from some competitors that are maybe a little bit different. But just broad brush strokes on high-level demand trends.
Nikesh Arora:

I think as I said, and as Dipak elaborated, look, it's -- interest rates are higher. CFOs are scrutinizing deals, which means you have to be better prepared to answer their question and show the business value that you bring to them with your cybersecurity products. We are lucky that we have been focusing on our platform strategy. So we can usually walk in and say, here, you can consolidate the following five, it doesn't cost you anymore, but you get a better outcome and you get a modernized security infrastructure. So from that perspective, that strategy of ours is resonating. But there is more scrutiny. There are deals that go through multiple levels. There are some that get pushed. There are some that get canceled. And again, you just have to get more on the top of the funnel. And as Dipak very clearly highlighted that eventually end up and there's a conversation about saying, wait, I used to pay you upfront. And I need to understand the cost of money. And is there a way, either my cost has to be lower from you, so I can sort of account for the cost of money or you've going to allow me to pay you later. From a deferred plan perspective, those are really the two effects. And I think the biggest -- and if I summarize Q4 for us, great execution. There's a lot of demand out there, and the two things which are -- were different is
Matt Hedberg:

Great guys.
Walter Pritchard:

Thanks Matt. Next question will be from Saket Kalia of Barclays with Brad Zelnick from Deutsche Bank on deck. Go ahead, Saket.
Saket Kalia:

Okay. Great. Thanks for taking my question here. Nice end to the year to the team. Dipak, maybe for you. Great to see the free cash flow margin for next year. I think a couple of things that we were all thinking about, as we model next year were cash taxes and the deferred payment plans that you referenced in your prepared commentary, of course, the profitability here is well ahead also. But maybe you could just talk us through some of the puts and takes you thought about within that free cash flow margin guide for next year.
Dipak Golechha:

Yes. So I think -- thanks for the question, Saket. I think the primary driver really is the stronger profitability, right? So that's really what underpins a lot of the cash flow confidence. We've also seen benefits of higher interest rates on the cash that we have, right? And that also helps. That's another put and take. But I would say, you're right, we've absorbed the additional headwinds from deferred payment terms. We've modeled in the cash taxes. And when you put all the different puts and takes, we feel pretty confident of where we are.
Saket Kalia:

Thank you.
Walter Pritchard:

Sorry to skip you Rob. We're going to go back to Rob Owens at Piper Sandler and then go to Brad Zelnick at Deutsche Bank. Go ahead, Rob.
Rob Owens:

Thanks Walter, and you know Saket is much interesting than I am. But want to build on that question just a little bit relative to deferred payments. And is there discounting when you're doing these multiyear deals? And will we actually see a longer-term economic benefit as people start to move towards annual payments? And I guess, given the shift in the portfolio and what you guys are selling, this should be no surprise. So if you could just comment on if there is a broader economic benefit to kind of moving to annual terms and understand that we'll probably address the midterm guidance on the next portion of the call.
Nikesh Arora:

Rob, I'm going to give you a little macro flavor and then Dipak can jump in as well. Look, on the macro front, the part I'm really excited about that Dipak and his team have basically navigated a significant part of our business into annual billings effectively through these deferred payment plans, right? And we were able to hold our free cash flow in spite of those downward sort of pressure. And we think we're going to keep absorbing some of that as it goes. In the end, it's an economic argument. It's like there's a cost of money. I can take the money up front and let the customers get a discount, and I can go try and get a return on that cash or I can let them pay when they're ready to pay and I can extract a better economic outcome in that context. And I think it's important to understand, given our portfolio-based approach, our customers -- different products lend themselves to different discussions. On cloud, we see a lot more of the shorter duration discussions because cloud is more of a consumptive event. On XSIAM, they want longer deals. They don't want even 3-year deals. They only want 5-year deals and they want price locks. So there also is a counter effect they're worried about inflation. So if you put it all together, as Dipak said, we're very comfortable with the way we've modeled it. There's definitely levers that go in different directions. And our sort of aspiration and desire and hope is that we keep transitioning seamlessly into more and more annual billings over time while being able to hold these metrics and these outcomes for ourselves. And Dipak?
Dipak Golechha:

Yes. No, I think Nikesh mentioned it well. The only comment that I would say is we're probably more focused on the economics of the actual deferred payments versus the upfront. I understand the argument that if you're more of a SaaS business, then you don't have to make as much like discounts to pull the deal through. We haven't really built that in, right? At this stage, we'll see how that goes. We're still going through the transformation.
Nikesh Arora:

And don't forget, there's still a reasonable part of our business that still has to be paid upfront, which is the hardware business.
Walter Pritchard:

Thanks Rob. We're going to take our last question in this segment from Brad Zelnick at Deutsche Bank. The IR team is available to take questions offline, and we will return at the end of this program to take more questions from you all. Go ahead, Brad.
Brad Zelnick:

Thank you so much Walter. So many questions to ask, but I'm going to keep it high level. Nikesh, heading next week into sales kickoff, you're going to once again rally the troops to perform even better next year, topping a fantastic fiscal '23. What are the highest level messages that you're going to focus on to ensure that they really step up their game and can overachieve and do even better next year?
Nikesh Arora:

Brad, sort of how I worked in sales and interacted with salespeople, majority of my life, salespeople like to win. And I think what has become apparent in fiscal '23 for our teams that can -- that we can win in each of these categories. They were used to winning in firewalls. I will tell you, our win rates have gone up tremendously in SASE. I mean we did $1 billion in SASE this past year. Winning in XSIAM has been a phenomenal surprise and a delight to all of us. And literally, I'm telling you what's going to happen on Sunday, every salesperson is going say, I want to be able to sell that product. This product is selling with an average ACV of $1 million hasn't happened in security before. So I think the just generating enthusiasm towards all these capabilities and solutions is kind of a key message for our team. There are some structural changes. Like last year, we took the SASE team and merged that with the core team, and you saw the outcomes. We managed to do that seamlessly without an impact to our business, in fact grew faster. We're doing that next year with Cortex. We're taking our Cortex team, and making them part of core. That's why Dipak talks about these constant ability to improve operating margins is we've hit sort of scale economics in our business. We've hit scale. Everybody has to do these deals. It's no longer a firewall business. So our teams want to do cross-product deals. So the message really is, we're winning in major categories, go out and win those deals. The message is cross-platform is working for us. The message is you are now empowered and trained to sell everything. And every year, we use the opportunity to tweak certain things, which have worked better than the others. So I mean, honestly, like sorry to drag you out on a Friday day afternoon, but I think it's important for a few thousand people next week that we shared all these results with them, and we just got caught in the trap. We're trying to get a Board meeting done and do that on Sunday, so here we are on Friday. But all I -- if it gives you any comfort, Dipak and me and the team are going to be working all Saturday and Sunday as well.
Brad Zelnick:

Awesome. Thank you.
Nikesh Arora:

Thank you.
Walter Pritchard:

Thanks, Brad. Thanks, everybody, for your questions. We will come back at the end to do more. We're now going to move to the forward-looking portion of our program and talk about our medium-term update. And with that, I'll pass it back over to Nikesh.
Nikesh Arora:

Well, that's a wrap on our Q4 results. The reason we wanted to make sure you had the opportunity to enjoy our Friday evening celebrations in the context of a long-term or midterm outlook from us was we wanted to make sure that you see our FY '24 guidance in the context of where we believe we are in the next three to five year journey. I think what's important to understand is that over the last five years, the cybersecurity TAM has continued to rise. It has grown at approximately 14%, and it has grown twice the pace at which the IT market has grown. Now the reasons for that are, as we get down these transformations that are going on in the world, we get more and more reliant on e-commerce, as we get more and more reliant on digital transformation movement is about and possibly now with the sort of arrival of AI as a mainstream opportunity, every one of us is trying to make sure we grab that with both hands. So we will continue to see the pace of technology spend go sort of up or forward. Similarly, we're going to see that cybersecurity is going to get more than its fair share of growth. So from an opportunity perspective from what's going on in the market, we believe the cybersecurity market is robust and will continue to be so in the next three to five years. Having said that, if you look deeper, there are actually three things going on in that market
Lee Klarich:

Thank you, Nikesh. Now in a second, we're going to go into more detail on our three leading platforms. But first, I want to share some context. After all, we're a cybersecurity company, what's happening in the threat landscape. And I'll just give you the really obvious answer, it's bad. The threat landscape is intensifying. $8 trillion of cost due to cybercrime. Attackers are becoming very sophisticated with the tools they use, whether that's automation, attacking the supply chain, et cetera. And just the sheer volume is off the charts, growing about 20x since 2011 to over 1 billion new malicious programs. This is incredible. So clearly, that is a challenge, but it's even more challenging than that. It wasn't that long ago when it took an attacker on average about 44 days from initial compromise to exfiltration. Now 44 days is basically the time period that an organization would have to detect, disrupt and potentially prevent the breach from happening. So in 44 days goes down to hours, which is what we're now starting to see. That is a huge problem. That requires a very different approach. But on average, the industry is able to respond and remediate attacks in about six days. That doesn't work. And even more challenging now with the SEC new rules of being able to disclose within four days, none of the math adds up. Now before we get comfortable in just solving these problems, there's one more challenge coming. Attackers have recognized the power of AI, just as much as everyone else has recognized the power of AI to do good things. Whether it's fraud GPT or worm GPT or other use of AI, it is clear this is going to become the next major tool used by attackers to launch more attacks, more sophisticated attacks and faster attacks. So we have to innovate. And we recognize that, Palo Alto Networks was built for innovation from day one. And today, we have over 4,400 product, engineering and other experts that are building and driving innovation. And you see just how fast we've ramped that over the last several years. In part, by being able to scale our organization across three main R&D centers in the world. In addition to this organic innovation engine we've built, we look at about 250 private companies every year to identify the absolute best teams, the absolute best technology that could become part of Palo Alto Networks in order to further drive our innovation engine. And we combine these two together, and we will continue to combine them together to have the best innovation capability. And then we combine that with AI. We recognized really how important AI would be to our innovation. And over the last several years, we have been infusing AI into our products in very unique ways to solve very challenging problems that only AI can. And from this foundation, we're only going to do more and better. We are going to accelerate our pace of innovation even further. We are going to leverage our proven playbook around M&A to be able to augment what we do organically. And we are going to take our capabilities in AI and turn that into an AI-first company. And why I'm so confident in our ability to leverage AI is we've built the right data foundation, we've combined that with the right architecture, and we've leveraged an amazing set of expertise across all of that. We collect more data per customer than anyone else, security data, relevant data for AI. We combine that with an architecture that over the last several years, we've been migrating every product into a cloud-based architecture because we know that, that sets us up to use AI in everything we do. And today, I have a team of over 150 AI experts that I can leverage across all three of our platforms to identify and drive even more AI capabilities and innovation. That's how we do innovation. How the industry does innovation is very different. The industry tends to look at this in the context of point products. Every time there's a new need, there is a new point product. This leads to incredible complexity for end customers. Think about having to stitch all of this together. Now it does create a large security market of about $210 billion, but it means that there is an incredible opportunity for disruption. And for a disruptive and innovative approach, which is why we've taken our platform-oriented approach because we recognize that the only way to achieve the real-time security outcomes that our customers need is by integrating natively all of those capabilities into a set of very focused platforms, around Zero Trust, code to cloud and security operations. In a moment, we'll go into detail on that. But last and certainly not least point, not all platforms are created equally. I shared with you how we think about innovation because that is so fundamental to the outcomes of our platforms. In addition to that, our platforms are designed to be as comprehensive as possible. It doesn't mean we do everything, but it means that we do all of the core set of capabilities necessary such that we can then selectively integrate and enable third-party technology to complement the platforms. Everything we do is integrated. It's designed to solve hard problems through integration that cannot otherwise be solved with point products. And that combination enables our platforms to be real time and enable real-time security outcomes for our customers. So with that, let's start our first deep dive with our Zero Trust platform. It's very clear in the network security market, what's happening. The point product approach that we've been fighting for so long as a company is getting harder and harder to sustain. There's more technologies, more capabilities needed. Those capabilities are needed across a broader attack surface with the advent of hybrid cloud and hybrid work. The only way to solve this is with a platform. we're going to share that in a second. In addition, the next set of trends is going to further propel the need for platformization as passwordless becomes common, as Quantum becomes common, as BYOD becomes enabled across enterprises. In all of these, there's going to be a decision. Do you want to try to enable them across 25 and 30 different standalone point products? Or do you want to enable them in a single platform? The answer is obvious and clear. And that is why we are well positioned to take advantage of the opportunity in front of us across all of network security with our Zero Trust platform. And to go into more detail is Anand Oswal, Leader of our network security Zero Trust platform team. Anand?
Anand Oswal:

Thank you, Lee. Before I talk about network security, let me first talk about the evolution of network security. Today, network security has become increasingly complex. In the past, when users were predominantly in the office and applications in the data center, network security was delivered by a centralized firewall. Data center virtualization and migration to the cloud required inspection of traffic moving to the cloud and many organizations had software firewalls. And with the hybrid workforce and protecting remote branches, many enterprises deployed a cloud-delivered stack, SASE. As you can see, many organizations today have three distinct and disparate stacks. This leads to complexity of architecture, poor operational experience, inconsistent security and poor user experience. What if you could take a radically different and new approach, ensuring that any user across any location, accessing any application and data is secured by unified security stack, which means we have one platform with a set of security services that ensure that users across all locations have consistent user experience. And administrators can now author policies in a centralized manner. This is enterprise-wide Zero Trust. Over the last five years, we've developed a Zero Trust platform with best-in-class products, and it has three key components
Lee Klarich:

Thank you, Anand. So clearly, huge opportunity in network security Zero Trust platform. Now turn your attention to the Cloud. Cloud is just absolutely gone through an incredible transformation. Today, there's over 500 million cloud native applications deployed. There's 33 million developers that are constantly pushing new capabilities in new applications. Nearly all enterprises are multi-cloud. That is just an amazing starting point when you think about what is going on. And at the same time, there's a, tremendous amount of innovation happening, because of the cloud. And a lot of this is being driven through the ability to leverage open source. That's being combined with custom code. That's being combined with infrastructure as code. All of that just enables the speed, this dynamic nature of the cloud, and it all needs to be secured. And very much like the rest of enterprise cyber security, the industry approach has been a whole bunch of point product that customers are somehow expected to stitch together. We have a different approach. We believe that all of these capabilities should be modules natively integrated and delivered in the platform. And when we get this right, we can not only secure in real time, but we can then fix at source. So, the issue doesn't happen again. And to go into more details on how we're able to achieve that is Ankur Shah, leader of our Prisma Cloud code-to-cloud platform. Ankur?
Ankur Shah:

Thanks, Lee. Like Lee mentioned, we live in an app economy. The average enterprise today uses over 100 applications, some for commercial and some for internal use. With AI-led code development, I expect this trend to continue. Before we talk about securing the apps, first, let's talk about how these applications are assembled in the code phase, there are some custom code, a whole bunch of open source code gets deployed using infrastructure as code. And ultimately, it moves through the pipeline goes into the run time and construct what we call the application. The key thing to note here is, that everything that happens in code phase gets multiplied in cloud, a single infrastructure as code or open source component can get deployed across hundreds of thousands of workloads and application component. What is true for infrastructure and the application layer is also true for the security risk. A risk, like an open source vulnerability, secret, pipeline risk introduced in the code phase, gets multiplied in the run time where - now you have hundreds of thousands of containers and application components running that risk. The attackers has more ways than ever before to exploit this risk and cause a data breach. Now there are two approaches to solving this problem. One approach is what the industry has always done, which is to have a point product per problem. In the code phase, there are about half a dozen different tools to scan security posture. In the infrastructure layer, you have yet another set of tools. And finally, in the run time, you have tools for cloud workload protection, network security and application security. Now this is not the right approach to solving this problem for two reasons
Lee Klarich:

All right. Thank you, Ankur. Again, clearly, huge opportunity in cloud security with our unique approach and what we're driving, really excited with where we are and what we're working on. And now for our third platform, our AI-driven SecOps platform. This is a market that I believe is ready for a fundamental transformation. Most of the technologies that companies use are - or were developed 15, in some cases, 20 years ago. That clearly does not work. They were not designed for an attacker sophistication that we see today. They were not designed for real-time detection, and automation remediation. These tools were not designed for supply chain attacks. These tools were not designed for the advent of attack AI being used by our adversaries. We have to reimagine security operations from the ground up. And in doing this, leveraging data, leveraging AI, leveraging automation as core tightly integrated foundational aspects to how an entire SecOps platform functions within the SOC. And this is the journey that we've been on for the last several years. Building this platform, refining it, developing the capabilities necessary, and then refining it again until we reach the point where we are today, where we have a set of leading products and an incredible platform, delivering incredible outcomes to take advantage of this entire security operations market in front of us. And to share more details I'm joined from our Tel Aviv R&D center by Gonen Fink, who leads our entire Cortex Product Organization. Gonen?
Gonen Fink:

Thank you, Lee. Let's take a deeper look at why existing SOC architecture doesn't work. With the growth of sophisticated alerts, multiple tools were created, each one designed to solve a specific problem. This leads to an extremely fragmented SOC, very hard to manage. It is the customer responsibility to integrate those tools into a human-driven workflow. The result of that is bad security outcome, low-confidence alert, energy shortage, unable to resolve those incidents in real time. So what is required to deliver real-time security operation? We need to replace this fragmented architecture with a unified single floor architecture. We need to replace multiple products that collect data with a single data platform and silo detection tools with an AI engine that is trained on a full data center. And then automation should be natively integrated into the flow rather than being placed as an afterthought. Five years ago, we recognized the criticality of data, AI and automation for the future of cybersecurity. We built three amazing products. Each of them became a leader in its respective category, and we continue to innovate in each of those categories to maintain our leadership. This drove Cortex to become a $1 billion business for us, and it also brought us into thousands of customers' security operation centers. Cortex XDR extended the EDR market, and it is the best AI tool for endpoint prevention and real-time detection of all security threats. Cortex XSOAR is the best-in-class security tool for automated threat response and Cortex XPAND proactively manage your attack surface and reduce that. But to harness the full potential of AI and automation in order to build a real-time SOC requires more than that. We need an integrated AI-driven architecture that reimagine the legacy 20 years old SOC architecture from the ground up. And this is what we brought to the market with XSIAM last year. So what happens is legacy SOC and how it has changed with XSIAM. Let's look at that. In order to detect attacks, silent tools just get alerts. But we are living in a dynamic world, unfortunately, looking at anomalies or alert in isolation might be suspicious, but there are many of them. Each of them we'll look at the world from a very narrow standpoint. And the result is that high volume of alerts that overwhelm the SOC. This means that SOC gives up on reviewing all of those alerts. And eventually, the SOC is missing the important ones. With XSIAM customer no longer needs to review low confidence alert and try to connect the dots themselves. XSIAM collect a large amount of data and uses AI to analyze low confidence signals, stitch them together with raw data and get enough context to resolve most of them automatically, presenting the user only with all of an incident and with a full context for each of those incidents. By grouping this into incidents prioritize them, restoring them, XSIAM provides a full picture view to the analysts, and allow the analysts to respond very quickly to the events. How do we do this management? Let me use our new product UI to explain the key elements that differentiate XSIAM on the rest of the products in the market. It starts with the data. We ingest normalized stitch together petabytes of data from dozens and hundreds of data sources to recreate the full story of each and every event in your environment. This stitched rich data set feed and sophisticated AI engine with over 3,000 models that produce high confidence alerts that groups those alerts into incidents, assigns a risk score to each and every incident, and then integrate natively built automation to resolve most of the incidents, leaving only a small number of incidents for human review and resolution. Like the copilots, you saw for both network security and cloud security, our new Cortex UI, we incorporate a copilot with an early alpha testing starting next month. We started working with Palo Alto Network SOC as our first partner as we design and build Cortex and XSIAM. Palo Alto is the largest security vendor. And as such, we have a lot of assets that we need to protect. In order to do proper job, we collect a lot of data. Over 1 trillion events are collected every month or 75 terabytes every day. With Cortex, Palo Alto Network's SOC can protect its network with a small team working on startup ships, resulting with less than one minute incident resolution. This is not heroic. This is relying on technology and AI and automation to achieve the right security outcomes. So when we launched XSIAM, we wanted to see how these plays with customers. And the early indications are remarkable. Our customers are able to ingest a lot more data than before, which provides them with broader coverage for their attack service. Even though they ingest a lot more data, product generates a lot less false positive. And those true positive alerts are being grouped together prioritized by AI, delivering much, much superior security outcomes. Better coverage shifting the median time to response from day to hours. As we look forward, we see tremendous opportunity in drawing Cortex and XSIAM. We continue to win and gain market shares with our best of breed products, XDR, XSOAR, and Expanse, That's not a basis to upsell our customers to the full XSIAM solution. Each of those customers is a candidate, is becoming a prospect to move to the full platform XSIAM. And we demonstrate this over the past 12 months in being able to convert a lot of the customer that use part of the platform to become a full platform users. For the most exciting part, is when we look at where we can expand XSIAM. We believe the era of AI automation is just beginning, and XSIAM is quickly becoming the largest security data platforms. And the technology we build with AI automation could be the basis to expand what we can deliver with XSIAM to new modules within the SOC, and across the entire security landscape. Thank you all and back to you, Lee.
Lee Klarich:

Awesome. Thank you Gonen going in. Clearly, an incredible opportunity in Cortex, and specifically with XSIAM as we think about the journey ahead where we are going to transform security operations in just absolutely incredible and amazing ways. And with that context across our three platforms. Let me now turn it over to BJ to share with you how we take all of this wonderful stuff to market. BJ?
BJ Jenkins:

Thanks, Lee. And it's great to be here with all of you. I couldn't be more excited to talk about our go-to-market transformation that, will allow us to take full advantage of the product innovation you heard about. I just had my two-year anniversary of Palo Alto Networks, and the evolution of this go-to-market organization in step with our customer needs and product innovation has been incredible. To understand how we can best serve our customers, we need to understand how organizations are tackling cybersecurity challenges today. On average, large companies have 75 plus security solutions. This leads to fragmentation and growing complexity as customers try to stitch together all these individual products and data. To add to this, they are dealing with overlapping vendor solutions, that don't talk to each other. Many customers are buying cybersecurity in this way. They recognize how unwieldly and ineffective it is, and they need our help. This is a call action for our industry to do a better job at helping our customers. And at Palo Alto Networks, we will do this through three key go-to-market transformations. First, we are transitioning from a transactional vendor to a true strategic partner, guiding customers on their transformation journey. Customers are looking to us for direction on how to secure their enterprises and keep their employees and end user customers safe. Second, we are transforming from selling point products to architecting outcomes in partnership with our customer's most trusted ecosystem solution providers. Our customer's ecosystem partners will become even more important as we work with them, to create more value through new services, and joint offerings. Third, we are moving from a reactive help model where customers only call us when they need us to a more collaborative model, where we are proactively driving success for every customer with an in it together mentality. Palo Alto Networks is well positioned to help our customers through these three key shifts, and we have made significant headway on each of these fronts. In the past, our go-to-market motion focused on technical domain experts, solving very specific product requirements. These conversations often revolved around price, and they were transactional in nature. Today, C suite executives are engaging us more and more, they are looking to transform their entire business, understand security strategy, and deliver better security outcomes. We now have a seat at the table for key architectural decisions and ongoing multiyear roadmap engagement. Our 3000 integrated sellers are set up to scale, and have these strategic conversations with our customers. Our ecosystem is also playing a critical role as we move from selling products, to architecting outcomes. Five years ago, we sold a single product, primarily hardware firewalls as part of a larger partner delivered motion. Most of our partners were focused on transactional fulfillment of customer orders. Today, we are deeply embedded with strategic partners across all routes to market and are co-leading the sales motions with our partners to deliver joint solutions. We have a 150, $10 million plus strategic partners today in our ecosystem. In the future, we're going to continue to strengthen our sell together motion by building integrated offerings with a shared focus on improving client outcomes. Our top 30 partners will become even more important, and we're looking to drive $10 million plus of business with them. Delivering the best security outcomes means that our customer's post sales experience must also undergo a shift. As I said to an in it together model, allowing them to be successful faster and get the most value from our solutions. Although we have consistently achieved a 90 plus percent CSAT score, we aren't stopping there. Continuous improvement is the goal. As part of our strategic focus on AI, we'll leverage AI to resolve customer issues more quickly. With AI enabled in product support, we plan to reduce our meantime to resolve for calls by over 65%. We also plan to scale our global network of 300 plus fully certified professional service partners in order, to further expand our ability to deploy our products with speed and agility. And last, but not least we'll increase adoption by staying with our customers throughout - their entire journey. We have a 600 plus person customer success team with deep expertise, helping to build customers for life. You've heard this from others today, but it bears repeating. We see massive opportunity ad for Palo Alto Networks, and our go-to-market model is transforming to meet it head on. As you can see in the chart, we're already well on our way with our global 2,000 customers with 54% of our customers on the journey across all three platforms. And we have great potential to extend our breath by selling, the full portfolio across our installed base, and our platform depth by covering our customer's full estate. I'll end where I started with a reflection on the opportunity, and unprecedented ability to help our customers secure and transform their business. Palo Alto Network platforms are the best in the industry, and we have a world-class go to market organization uniquely positioned to bring them to our customers and partners. Our go-to-market model is ready to scale and deliver real time security outcomes for every customer through the power of our platforms. Thank you everyone and back over to you, Dipak.
Dipak Golechha:

As you heard from Nikesh about our strategy, Lee and his team on products, and BJ around go-to-market, we have the entire company pointed in the same direction. I now wanted to bring this altogether to help you understand why we are confident, that we can capitalize on our opportunity and translate it into financial result that will drive superior total shareholder return. I will go through all four of the primary drivers of TSR, including revenue growth, profitability, cash conversion, and capital structure. First, on the top line, you heard about our TAM from Nikesh, we have proven over the last five years that we target the largest and most attractive parts of the market. We've been able to capitalize on an expanding opportunity taking share from within existing markets, and positioning ourselves in new markets to drive further growth potential. Our share today stands at just 7% of our addressable market, which is lower than the share of leaders in many other markets outside of the cybersecurity industry. As we plot the course to the larger term that Nikesh outlined over the next five years, we continue to see the opportunity to gain share in our existing markets, and continue to fuel above market growth for Palo Alto Networks. Looking at this through the product lens, Lee and his team outlined our platform leadership in our three areas, and showed you the innovation plans their teams have to continue to lead our markets. From my seed at the company, innovation is our lifeblood, and we will continue to spend aggressively on R&D. We do not focus on driving leverage to the bottom line, but rather we redeploy any savings we identify to invest in additional innovation. Our customers expect us to continue innovating, and we have consistently shown a strong return from these innovation investments. This includes recognition of our innovations, such as the Gartner single vendor SASE leadership position that we mentioned today. We expect our innovation to show through, and financial outcomes in each platform and the company overall. In network security, our investments across form factors, especially software-based and cloud delivered, enable us to further our market position and sustain our growth in FWaaP billings. Our market share and our software-based VM business is approximately two times what it is in hardware. In SASE, we believe that we are the number two player in this fast growing market. In cloud security, the growth algorithm is leveraging products and go-to-market capabilities to drive credit consumption ahead of the growth rate customers are deploying public cloud. Along the way, we are confident we can increase multi module consumption, to solidify our position as the definitive code-to-cloud leader. In Cortex, we have a solid business with XDR, XSOAR and Expanse, competing an attractive individual product markets. We've seen a shrinking number of players in the XDR market, and have steadily added several 100 customers per quarter. Adding customers across Cortex is important to allow us to drive larger, more strategic deals in the future, where we can further cross sell our products, including XSIAM. XSIAM is truly game changing innovation, where we are selling outcomes, and I'm confident that momentum will beget momentum here, after a very strong launch of the product in the first year. It should be clear from BJ's presentation that we've invested in building a large dedicated go-to-market organization, and are transforming how we engage with the market. Transformation here has been a nonstop effort and has driven growth - in the number of large deals each quarter. On the back of the core tenants BJ covered, we see the opportunity to continue to drive more strategic relationships with customers that can result in eight, and even nine figure relationships. At the same time that we have seen these large deal outcomes, we've consistently improved the productivity of our core apps, as they collectively become better at selling the broader portfolio. As Nikesh mentioned, SASE has been a big success here. Additionally, we have seen standout growth from new ecosystem partners, including the cloud service providers, and global system integrators. Not only has our business transacted through these channels increased, but more importantly, so has our success leveraging these partners as influences. We have the product portfolio that makes us an attractive partner to these players, along with the scale to make the investments to support the success of these partners. Bringing this together on the top line, as Nikesh noted, we're targeting growth of 17% to 19% in revenue and billings over the next three years, which is ahead of the cybersecurity market growth rates. We see hardware as a percentage of our total revenue decreasing to approximately 10% with NGS ARR exiting fiscal year '26 above 55% of our fiscal year '26 revenue. RPO remains an important metric as it captures the full value of our customer contracts independent of payment terms, and we expect growth of 25% annually through fiscal year '26. Additionally, we see about two-thirds of our revenue in fiscal year '26, driven by current RPO entering the year highlighting the increase in predictability of our revenue profile. Now moving to the cost side, and first with gross margin. As I hope Lee and BJ have impressed on upon you, we have significant advantages inherent in building and delivering platforms. There are characteristics of our platform business model that benefit gross margins. A higher software mix in our network security business, helps contribute to a higher gross margin, something we saw in fiscal year '23. On the cloud delivered side, most notably in SASE, and Cortex, we've aligned with public service, providers to enable us to instantly leverage their scale, and delivery capability as well as take advantage of their ongoing innovations and efficiencies. As we grow, we see improvements in our unit economics. Lastly, in customer support, with multiple scale products in each of our platforms and common customer support needs, we see leverage within our platforms and across the company. Above and beyond these platform benefits, as we talked about earlier in fiscal year '23, we accelerated some efficiency initiatives that contributed to higher gross margins. We also saw a normalization of the supply chain during fiscal year '23. Starting in in '23, we have increased our investments around generative AI to leverage this technology in customer support for efficiency, and better medium term customer outcomes. While we see these platform leverage, and efficiency opportunities in gross margins, we also leave room to invest in new cloud-based offerings, which generally have subscale gross margins in their initial phases. For this reason, we expect to relatively steady gross margin in fiscal year '26 as compared to fiscal year '23. Moving on to operating expenses. We see similar benefits from being a platform company across our major functional areas. At the top of this list is the sales productivity improvements already discussed. It's important to reinforce my point around the platform benefits in R&D. We choose to redeploy those resources to ensure we are leaning into innovation instead of driving overall financial leverage in R&D. Our fiscal year '23 focus on accelerated efficiency did yield benefits in terms of leverage and OpEx, and we expect to continue many of these initiatives. One to highlight is the consolidation of sales specialists. Similar to customer support, we also have generative AI initiatives to both improve outcomes across sales and marketing and our G&A functions that we expect will contribute to efficiency in fiscal year '24 and beyond. Translating this to operating margins, while some may see a 500 basis point improvement in one year as a milestone achievement from our 2021 Analyst Day, we simply see - this as a new beginning as we see many opportunities to drive this higher. We look for non-GAAP operating margins in the range of 28% to 29% in fiscal year '26, with a long-term opportunity for those to be in the low to mid-30s as we further scale our platforms, and gain confidence in the power of AI, and other business transformations. We're also committed to growing non-GAAP EPS on a compounded rate greater than 20% from fiscal year '23 to '26. Moving on to cash flow. We call that in fiscal year '21, we guided to 33% free cash flow margins. In front of that guidance, we spent considerable effort looking at our entire business end-to-end from the point of view of cash flow, and understanding all the drivers. We have now had two years' operating in this manner. We're confident we can sustain our high cash conversion, focusing on areas such as best-in-class working capital management, and low CapEx, business models. Our top line growth and underlying improvement in operating margin form the foundation of our strong cash generation. There are other factors impacting cash flow, that I want to highlight, and that we have already included in our forward-looking guidance. First, with a rising cost of money, we have seen more customers asking for deferred payments over the last three years, but especially in the last 12 months. As we previously talked about. Also, our rising GAAP profitability and some changes in U.S. tax law, we see rising tax - cash taxes. This has all been included in our forward-looking guidance. I want it to double click on the impact of deferred payments for a moment. We've already seen this have a significant effect on our cash flow. In the second half of fiscal year '20, along with the pandemic, we launched Palo Alto Networks Financial Services, or PANFS, to ease customers' challenges with short-term cash flow issues. As I mentioned, with a rising cost of money in the last year, we have seen this trend broaden. PANFS and deferred payments allow us to drive success partnering with our customers on long-term transformation of their security architectures while working with their cash flow constraints. The amount of bookings with deferred payments was up 4x in the fourth quarter as compared to three years ago. This impacted our reported cash flow in the last three years, yet we have maintained our strong cash generation. As we look to the next three years, we expect this impact to continue, and have accounted for this in our medium term targets. A byproduct of - the rise in deferred payments is greater predictability of our cash flow over time. For example, we now expect about a $1 billion in cash flow from deals entered into in prior years, where payments will now come in fiscal year '24. This $1 billion is twice what it was in contribution to our fiscal year '23 cash flow when we entered the year. Summarizing cash flow, I'm confident we can maintain a baseline of 37% free cash flow margins over the next three years after accounting for the factors I noted. This and the revenue growth targets, I covered should keep us on the aspirational path to Rule of 60 economics in our business. This combination of top line and cash generation puts us in a rare peer group, and allows us the flexibility to navigate the changing environment. Finally, I'll cover the capital structure as the last tenant in TSR. With all the opportunities ahead of us, organic investment in our business to drive growth will remain our number one priority. We have ample cash generation to make these investments. From here, we have three capital allocation priorities. As we've done previously, we will continue to balance these. Our first capital allocation priority is our M&A strategy. We have successfully acquired companies that are early leaders in adjacent, and emerging cybersecurity markets. Many times, these are markets in which, we've had an early organic effort, but we see external innovation that can significantly accelerate our time to market. We target companies - that have achieved product market fit, with teams that can accelerate their innovation inside Palo Alto Networks. Revenue is not a focus for us, but we do ensure that we have a solid plan to accelerate, the trajectory of our business. We've used $2.5 billion in cash over the last five years, pursuing the strategy successfully. Secondly, we manage a capital structure that gives us flexibility. For example, we use our balance sheet as a competitive advantage with PANFS, and deferred payments. We repaid our 2023 convertible debt in July, and have a have another convert coming due in about two years, which we also plan to settle for cash. Beyond enabling reasonable flexibility in our capital structure, we are also focused on minimizing dilution and reducing our organic stock-based compensation expense as a percent of revenue, by at least 300 basis points over the next three years. Lastly, we will use share buybacks opportunistically, something that you have seen from us over the last five years, as we have repurchased nearly $4 billion cumulatively. In concluding my section on bringing it altogether, I wanted to bring together the financial targets I've covered. As Nikesh mentioned at the outset, we're focused on an evergreen innovation led approach that will continue to fuel our transformation into a software, and AI driven cybersecurity company. I am more excited than ever about our growth prospects over the next several years and our plans to continue to do this profitably, benefiting from our platform business model. I hope my excitement comes through today, and you can clearly see that drives our confidence in these targets from the various presentation. With that, we'll now transition to taking your questions. And I will hand the call back to Walter to manage this. Walter?
Walter Pritchard:

We'll now take questions on the entire program. We're going to start first with Hamza Fodderwala from Morgan Stanley and go next to Andrew Nowinski from Wells Fargo. Hamza, please go ahead.
Unidentified Analyst:

Hi. Apologies. Can you guys hear me? Hi [indiscernible] dialing in for Hamza. Thank you guys so much for taking my question today and really congrats on the great quarter. You did mention that, you know, AI is a very large opportunity for the company going forward. And I know that you broke down, some of the gross margins as well as, potential operating margins impact, but could you just, let us know how we should think about the company's investment for AI going forward? Are there any upfront CapEx, or margin that that we should consider a little bit more. Thank you so much.
Nikesh Arora:

Hi. Yes. Thank you very much for your question. Like, it's early days in AI, as I mentioned on the precision AI side, we have been using it. We have been using it across our products. There's no incremental costs. So it's embedded in our current product development capabilities. On the generative AI side, I say you saw a sneak peek of all the copilots. The good news is all of those things, should generate positive outcomes for us either in terms of incremental modules that customers would like to buy, to enable certain functionality, or possibly reduce costs from our capabilities, to deliver much superior customer support. So, I think at this point in time, I would not in baking any incremental sort of spend expectations in our forecast, as it relates to the implementation of AI. Dipak has given you guidance that we can continue to see operating leverage, and operating margin, clearly some of that is driven by expectations in AI, but I'd say we're being normal about it. We're not overtly aggressive nor are we overtly conservative around it. And hopefully, there'll be upside in that, if and when we start to see the fruits of deploying it effectively across Palo Alto Networks.
Walter Pritchard:

Thank you. Next we're going go to Andrew Nowinski from Wells Fargo with Brian Essex from JPMorgan after that. Go ahead, Andrew.
Andrew Nowinski:

Thanks, Walter. And congrats on a nice quarter as well. So I wanted to ask about Zero Trust that's clearly a top priority - and really, it seems like it's the only architecture that's capable of stopping a sophisticated attack. And you showed how it requires hardware, software, and SASE components. So, if we think about Zero Trust demand continuing to ramp going forward, why would, firewall demand drop? I think you said the 10% of total revenue in fiscal '26, if it's such a critical component of the of your Zero Trust offering?
Nikesh Arora:

It's important to understand. We didn't say it will drop 10% of revenue. Everything else is growing really fast. I think it's important to understand, like, it's not growing as fast as everything else. Look, for the last five years, I've always been asked that hardware question. I've been trying to avoid it for five years unsuccessfully. So thanks again, Andrew, only took one question to get to it. I think it's important to understand, as we started moving to the cloud, people started coming to notion of software firewalls. And then with this whole pandemic thing, remote work, and sort of distributed network became a real thing. So what you're seeing is, that there are different form factors, which are really good in different circumstances. Against the public cloud, you put a software firewall, you use VMs in various scenarios, when throughput becomes really important hardware is still the best option. And I don't think the whole world is going to end up only in the public cloud. By the way, we also sell firewalls to the cloud provider believe it or not, they need firewalls in their data centers, because eventually the public cloud also runs in our data center. So, I think in that context, the demand for hardware is not going to go away. I think what Anand showed you beautifully that you're going to end up with all the form factors at most of our customers. And the key is these things need to work better together. I think if you go today, there are many customers who have a Palo Alto firewall and a firewall from another vendor. Now if we can give them SASE, we can give them software firewalls. There is no reason that they should be on two hardware vendors when they are a single software vendor, and a single SASE vendor. So, I think the point we want to highlight here is, there is a further consolidation opportunity in the firewall space driven by the Zero Trust needs as well as the UI that Anand gave you a sneak peek into. So, I think that's the way to think about it. We like hardware. It's great.
Andrew Nowinski:

Thanks.
Walter Pritchard:

Great. Thanks, Andy. Next question is from Brian Essex at JPMorgan followed by - Jonathan Ho at William Blair. Go ahead, Brian.
Brian Essex:

Great. Thank you, Walter. And thanks for taking the question. And Nikesh, thank you for making this a better Friday night than some of those conspiracy theories floating around implied?
Nikesh Arora:

We have 5,500 dialed in, Brian. That makes up, like, the last six earnings calls we've had. So I don't know maybe there's bear here.
Brian Essex:

Yes, so I just want to touch on the security copilot, Prisma Cloud copilot XSIAM I would imagine these work best with your platform products, but to what extent will you partner with other vendors? How do you incentivize the use of how Alto's platform with these products in mind. And will we get metrics to help us assess any improvement attach rate with these, copilots and AI tools may drive and when we might expect general availability, I know that's a lot of, but not one topic?
Nikesh Arora:

Yes. Let me tell you. I think that we've all heard of this concept called hallucination or the idea that it doesn't give you the perfect answer all the time, right.
Brian Essex:

Yes.
Nikesh Arora:

And I'd say we are working really hard to see how do, we reduce the error rate in the answers that the copilot comes up with, because in security, we can't afford wrong answers. So, I think our teams are working really hard. What we've discovered in the process, is that irrespective of which LLM you deploy, you need better knowledge articles, you need better integration of the UI. So our teams are busy doing a lot of non-regrettable work. And you saw them give you some sort of glimpses into what the art of the possible could be. I would say sometime before the end of the year, we will start testing it with a bunch of customers to get real feedback from customers, I think the best way to think about it is, like, the examples you saw, it's like security is complicated. UI and security is also complicated. If you don't know where to look, sometimes it's right there. You just don't know where to look. If you can ask that question, and give you the answer that improves the productivity of all of our customers. It, improves the configuration capability of all of our customers. It improves our ability to provide real time customer support to our customer setting. There's lots of advantages if done, right? And I say it's always like, people often, overestimate the short-term and underestimate the long-term. That's why we give you a three-year forecast. I think it may, we may get the three-month or six-month wrong, or we'll not get the three or five-year wrong. Three to five years from now, the world will be different. UI will be 50% natural language. We'll be generating tons of efficiency from people using AI driven tools. I think that's the opportunity. And you don't get there if you don't work hard now.
Brian Essex:

Fair enough. Thank you very much.
Walter Pritchard:

Thanks, Brian. Next is Jonathan Ho from William Blair. And after that, we're going to have Gabriela Borges from Goldman Sachs. Go ahead, Jonathan.
Jonathan Ho:

Thank you. And let me echo my congratulations as well. Just in terms of your comments around reducing vendor sprawl and platform consolidation, this has been a significant goal for the industry for some time. So why do you think it will be different this time? And how can you sort of sustain innovation across such a large set of products? Thank you.
Nikesh Arora:

So, Jonathan, I think, you saw, I think Dipak, Lee, myself, all of us have made this point, so did BJ around the fact that without innovation, we're out we're out of the game. We launched 74 different capabilities last year. And so, we'll probably do more next year than 74. But I think what's interesting, what you're seeing is these 74, many of these are existing point products in the industry, which we're re-launching by adapting them to our platforms. And the reason it's going to work this time, Jonathan, because it's working. Well, one of the deals we talked about, the SASE deal with a large professional services organization, we consolidated seven vendors, right? Our XSIAM deals, which totaled $200 million consolidate on average three to seven vendors in the SOC. So it's working. Now the question is, I'm already in the SOC. I've consolidated seven. I go to my customers running to them and saying, listen. You got these other five things hanging around. Look, I've got these five new modules in XSIAM. Why do you want to do five new vendors, and solutions which don't talk to each other, right? So I think what we have in opportunities, once it's kind of like, I think you like to call it land and expand. I think we're landing with our platforms. We used to land with SASE. We used to land with firewalls. Now we're going to say, listen. You have a hardware file. You have our SASE it looks beautiful UI. It brings it altogether when you clean up the rest of the infrastructure. I think it's an evolution in the industry. I think, five years ago as an idea, we're seeing it actually happen. You're seeing us put distance between ourselves and single product vendors in many categories, because people are seeing the power of the platform. That's just the opportunity. And that's something BJ, Lee, Dipak, me and the gang have to execute on, and it's just relentless execution that's needed.
Lee Klarich:

Jonathan, I'd like to add this to create my service. One is prior attempts to do this generally required a tradeoff for the customer. It was the capabilities that were delivered on their attempts to do a platform where not industry leading. And so, the customer had to make a tradeoff between, worse capabilities, but in one place, or best-in-class capabilities, and that's a hard trade off in cybersecurity. That is one thing that we're not asking our customers to do. We're making sure that everything we do is industry leading on its own. The second thing we're doing is making sure that when we integrate it, they're actually integrated together in solving hard problems that can't be solved as standalone capabilities. So, we're it's not just about consolidation, although that's a clear value. It's about delivering technical, outcomes through the integration that cannot be achieved otherwise.
Walter Pritchard:

Great. Thank you, Jonathan. Next, we're going to go to Gabriela Borges from Goldman Sachs. And after that, Roger Boyd from UBS. Go ahead, Gabriela, with your question.
Gabriela Borges:

Good afternoon. Thank you. My question is for BJ on the go-to-market, and I'm looking to understand to what extent NGS cross sell is or isn't still tied to the file of refresh cycle? And as you think about the conversations you're having with customer and platformization, I'm curious to what extent Microsoft is coming up in those conversations as a potential security platform, and how you help customers think through the advantages of standardizing on Palo Alto Networks instead of potentially Microsoft at some point in the future with security?
BJ Jenkins:

Good question. Look, I think all of this starts with what Lee ended with is, we get to sell I think the best products in the industry, and we deliver better customer outcomes. We have three primary consolidation motions. One has been around, network security services on the firewall, but also in the SASE. And actually, we have within that now, we've landed customers with SASE, and are going back, and getting the network firewall business. So our core reps, tend to focus on that. They are - the account owner - and represent the whole portfolio. The second motion is, we talked about, code-to-cloud, and we usually land with workload protect or posture management, and then branch out into other modules off of that to either shift left or get a complete platform for the customer on cloud security. With Cortex, we have three outstanding solutions that we land with. We either win with XDR, for customer focused on automation. XSOAR is a great starting place for us, attack surface management with Expanse. And, many of our first wins with XSIAM have been leveraging that installed base, to deliver a full SOC transformation. Again, on the surprising side, though, many of our XSIAM wins, we also didn't have an installed base in Cortex and the customer jumped completely in. We have specialists in those areas in both code-to-cloud and in Cortex. And so, the core team works with those specialists, to run those consolidation plays also.
Walter Pritchard:

Great. Thanks. Next question is going to come from Roger Boyd at UBS, followed by Patrick Colville from Scotiabank. Roger, go ahead with your question.
Roger Boyd:

Great. Thanks for the question. And a happy Friday. Nikesh, you mentioned you're now extending the Cortex to the core sales force. I'm wondering how you think about the repeatability of the success you've seen with SASE? I think you mentioned last quarter, 80% pipeline contribution from the core reps within a year of selling that product. But if I think about SASE versus Cortex, and SASE may be benefiting by being a little closer to the core network operation function that's buying firewalls, how do you think about that as a challenge with the core upselling Cortex? Any thoughts there would be great? Thanks.
Nikesh Arora:

Look, the whole idea originally was to have sales specialists because we were in the early stages of our products. We're trying to build them out. We had lots of changes. We want to make sure they were trained and available as extra resources. Now think about it, we did a $44 million XSIAM deal. Everybody was involved. The core rep wasn't going to let that deal go. That's a lot of money of commission for the core rep if he or she can understand XSIAM. So I'll tell you, BJ and I are going to have this wonderful sales conference starting Sunday. I promise you, every one of those guys will be lined up for the XSIAM session, because they want to learn more about it because, see, this deal size, deal size is equal to dollars for the company equal dollars for the salesperson. And they're all very smart people. So, they're going to go gravitate towards where the real business is. So, I think when you can get salespeople to lean in to learn something, it creates a great outcome. And also, guess what, I mean it's not like people suddenly woke up yesterday and became Cortex specialist. They used to sell cybersecurity before. They just did a good job of embracing and getting trained. So our products are at a point where we believe they are mature. We understand the differentiation of the market. There is reputation out there in the market. We have people in the back who can stand up POCs. I think we can do this. I think we showed that with SASE we can do this, and we can do this with Cortex. The cloud thing is slightly different. Cloud is still early in the customer and from an adoption perspective. It's a consumptive model. It's an ACV ARR model. So that it lends itself to a slightly different sales motion and there, we're not going to be in a hurry to merge that. But I think from a Cortex perspective, it's not just merging the team. It's opening up the floodgates for 3,000 people to sell it. That's the way we think about it.
Walter Pritchard:

Great. Thank you, Roger. Next question from Patrick Colville at Scotiabank followed by Michael Turits at KeyBanc. Go ahead, Patrick. Patrick, are you on? All right. We're going to go to Michael Turits at KeyBanc and will be followed by Tal Liani at Bank of America. Go ahead, Michael.
Michael Turits:

Hi, guys. Good evening. And just a sort of question for Dipak. So you have the 10% bogey for out there for hardware in the out year. How do we think about product, which is a broader category at this point, both in terms of how that ramps over the years? And what other products or categories might fall into that? SD-WAN has been in there, portions of the M-Series. So how should we think about that line in a dynamic way?
Dipak Golechha:

So I think, obviously, we've got the technical side of Watson products. There's VMs, there's SD-WAN. There's all of those different things that are in there. I think a lot of it will depend on like what customers want in terms of their network security architecture. We believe that the software side of the product continues to grow faster. We've been talking about that a lot. I think last quarter, we talked about, how 30% of product revenue was software. But honestly, we're not guiding to product anymore. And I think, the reason for that is, because it's not as relevant, right…?
Nikesh Arora:

I think, Michael, one of the things that, I think, we should tell you is that we're in the process of reexamining how to classify the revenue to make it much more easier for you guys to think about it, because product was the artifact of hardware. It comes from - in 1919 or 1930.
Dipak Golechha:

1970, yes.
Nikesh Arora:

SEC - 1970, thank you. FASB requirement that has to be physically tangible. And I think with the emergence of SaaS companies, it's become sort of hard to do that. So, I think we're going to take a look at that, and I didn't want to do it on a Friday night, and to add one more exciting thing you guys have to think about. So as the year progresses, we'll find a better way of letting you think about our revenue, which is more measurable, more trackable and possibly more predictable for you guys. But yes, this is like a product we have to [indiscernible] percent of product that's not hardware every time to tell you how to split that between hardware and software. I think it suffice us to say, we're looking at it as a business across the board. We look at RPO, we look at revenue, obviously. We look at margin. We look at free cash flow, which our numbers we're guiding to. And that's what we manage on a sort of day-to-day basis to run the business.
Michael Turits:

Just in case, Dipak, you weren't thinking about our workload, we do appreciate not having to rebuild the model tonight. Thanks, Nikesh.
Nikesh Arora:

I was hoping one of you guys was going to show up with a glass of wine, at least, but...
Michael Turits:

I got on my T-shirt and this as close as I'm going to get.
Nikesh Arora:

All right. That's good.
Walter Pritchard:

All right. Thanks, Michael, for your question. We're actually going to go back to Patrick Colville, who I understand is now connected from Scotiabank, and then we'll go to Tal Liani from Bank of America. Patrick, go ahead.
Patrick Colville:

Yes. Thanks, Walter. I never thought I was going to hear The Cure and Friday I'm in Love on an earnings call. So a really quality way to start a Friday evening. Dipak, another one for you. I mean you've shared lots of like juicy metrics with us. The standout metric, to me at least, was Palo Alto guiding to, was it 17% to 19% billings CAGR to fiscal '26. I mean, clearly, implicit in that is the firm's consolidation message you see resonating with customers, which we see as well. But what I wanted to ask is in that billings target, you mentioned your M&A philosophy, but I just want to double click. Does that billings target need a steady stream of tuck-in acquisitions to hit it? And then also would Palo Alto ever do a transformative deal? I mean what would kind of change your mind there to do a transformative deal?
Nikesh Arora:

Let me start with the second question first. If you don't think we've transformed the company in the last five years, I don't know, man. I don't know what else to do to make you happy, okay? I'm sorry. It's Friday night, I'm going home. So I think we've been doing transformative for the last five years, and what we've shown you is transformative in itself. And I'm just, in part, just - I don't - look, you don't need me to buy businesses for you. You guys, you're shareholders, you're smart, you can do it yourself. Unless there's a huge leverage that we can prove that something we can take 1 plus 1 and make that two, possibly 2.5 for you guys, it's not sensible for us to do it. And so far, we looked at everything in the world. We look at everything every day. We see what - how things operate. So far, we haven't felt compelled because we have a lot of work to do ourselves. I mean if we've been busy integrating a transformative acquisition, we'll miss the next 5 trends because we're busy. So that's how we think about it. It gives you some insight on how we think about it. As it relates to tuck-in acquisitions, I think the better way to see if it goes back to what I said. Look, there are technologies out there that other people are working on. But we are not the only security company in the world. We're not working on everything. And if something becomes relevant, something becomes an important feature that we think is needed by our customers, and we haven't been working on it, it behooves us to go out and partner or acquire, which is what I said. So should you expect us to maintain a rhythm around how we acquire companies? Yes. But you should understand, we have a five-year track record of doing that responsibility, doing it judiciously, doing it in a way that we integrate the acquisition, doing it in a way that would generate more ARR. And pretty much most of the ones we bought in the last five years have really not contributed on day 1 to the ARR or revenue because they've been mostly tech acquisitions. So I think that's the way to think about it, if that helps.
Walter Pritchard:

Next question from Tal Liani at Bank of America, followed by Joe Gallo at Jefferies. Tal, go ahead with your question.
Tal Liani:

I want to ask about the synergy between the various components of next-generation security. When you talk about Prisma Cloud and Prisma Access and Cortex and even firewalls, talk about the synergy to a customer. Are these the same customers that they have benefits of buying multiple solutions from you? Or are you addressing conceptually different customers with different products and kind of addressing the entire market?
Nikesh Arora:

Tal, you get the question of the evening award. In the last 5 years, we went out and we used our various products to do the land. We sold SASE where it was needed. We sold hardware firewalls where it's needed. We sold software firewalls where it was needed. 1,700 of our customers in some way, shape or form, have all of these things. I think the next step in our evolution is going back to them and saying, listen, you have the hardware firewalls. It works way better with SASE. You want to integrate this across as a network security platform? That's where we have to show value. And you started to see glimpses of that what I ensure you. Cloud XDR is a combination of endpoint and firewall data. That has been now expanded to all the data that you have in XSIAM across your entire state. So now you're - we're offering capabilities that Splunk has. We're offering capability that QRadar has, we're offering capability that Chronicle and Sentinel have in XSIAM, right? So we're doing that. To your question, you should expect us to say, listen, you have XSIAM, if you had Prisma Cloud, it will work a lot better. If you have the XDR, the Prisma Cloud host protection and XDR host protection should work a lot better. So you'll start to see us selectively start to create -- demonstrate value across our platforms. So it's a great question, I think. But it needs to -- customers need to be evolved to that because everybody has a bunch of products out there and not everybody is lined up with the same day for end of life. So I think you're right, you could see more of that from us in the next 3 to 5 years.
BJ Jenkins:

I'd just add one thing. For many of the large deals that you saw in the presentation, it's not just looked at as a solution acquisition cost. We put together for that customer not only the solution acquisition costs and the better security outcome you get, we talk about their operating costs, how they have to train their people, how many people do they need to operate these solutions in the environment and the savings they get. So that when they go to justify an 8-figure deal with their CFO, they're talking about reducing capital and operating costs with better security outcomes. And I think Lee hit on this in his earlier answer. There hasn't been a company that's really been able to do that before in this industry. And when you combine those two, I think it's what's helped us in a tough economic environment to continue to close larger and larger deals with those customers.
Walter Pritchard:

Great. Thank you. Next up, we have Joe Gallo from Jefferies. And our final question will come from Adam Borg at Stifel. Go ahead, Joe.
Joe Gallo:

And great results, and I appreciate the long-term framework. Just wanted to drill into the visibility into fiscal '24 guidance. You guys just stood up 18% billings growth, which is incredible on a 44% comp. I imagine that had some backlog benefit, though. Now you're guiding to an acceleration in billings next year relative to 4Q which, as an opening guide, we would presume to be conservative. So what underpins the confidence in that, especially as you have hardware and duration headwinds?
Nikesh Arora:

So first of all, Joe, you did a great job on CNBC today navigating the questions about our stock. So thank you very much. On your question, look, we have conviction in some of the platforms, like let's start with our favorite one today. It's like XSIAM came out of left field. It did $200 million for us. Even we - would have been happy at $100 million for our fiscal year. It came in at $200 million. So part of what you're seeing is that there are some products where we have tailwinds. And I think the part we're sort of normalizing for is the - not normalizing for, the part we sort of we said to you, the part that we're careful about is the hardware normalization, which we've been anticipating. We're always positively surprised every quarter, and it finally came home in spades in Q4. So I think the forecast we have is what we represent to our Board. That's what we're saying we're going to go do. That's what we're telling you. Now are we going to try and work hard to go beat it? Yes, of course, that's what we do every time. There's lots of puts and takes. So based on the puts and takes, based on where we are in different products based on what plans we have to launch different things, this is our best estimate as of now. And we're trying to give it our best to go out and deliver it. I think that's the best way to describe how you think about our numbers. Yes, of course, it's hardware headwinds. There's SASE tailwinds. I don't know if you saw, we became the only vendor in SASE far right in a single vendor, sort of SD-WAN plus SSE. So there's some good tailwinds we have. Customers pay attention to these kinds of things.
Walter Pritchard:

All right. Our last question from Adam Borg at Stifel. Go ahead, Adam.
Adam Borg:

Awesome. Maybe just for Nikesh or BJ, just on the federal vertical talk of some large deals in the quarter. Maybe just talk about the opportunity that you're seeing, especially as we head into the fiscal year-end for the government next quarter?
BJ Jenkins:

Yes. I think to Nikesh's credit, even before I came on board, there was a large investment in our federal team. And the knowledge that with many of the federal directives, the budget being put in, and obviously, some of the geopolitical events, it was an opportunity for the company. And so we're seeing the benefits of many of those forward investments, and we're going to continue to invest there. There's obviously large-scale projects that are occurring. We had one last year that we announced was our largest deal of the year. There - those take a long time to mature. And we're involved in many of them. So I feel like we have a great opportunity going forward in that space. There are specific ones obviously out there that we're looking to -- we've got some first orders and then gain momentum with them, and I think we'll be talking more about that in the coming quarters.
Walter Pritchard:

All right. Thanks, Adam, for your question. With that, we're going to close it out, and I'm going to pass it back to Nikesh for some closing remarks.
Nikesh Arora:

Thank you, Walter. I just want to take the opportunity one more time to thank all of you. I know this was a unique one. Will you be telling your future mentees that you're going to mentor in the analyst community, maybe talking about that one Friday afternoon call which Palo Alto hosted out of their sort of misdirected sense of trying to get you guys to go do this over the weekend for us. So, we really appreciate taking the time. We apologize for taking up some of your Friday. We will be available tomorrow and day after for some of you who've been kind enough to schedule time to talk to us because we want to make sure you get all your questions answered. It would be remiss of me not to both acknowledge and thank our employees, which is what makes all of this happen, and all of our partners out there who help us deliver this capability. And of course, I also want to thank my entire management team for delivering a really, really good FY '23 and what has been a yet another sort of different year. And I don't think I've had a normal year in the last five years between the pandemic and supply chain and inflation and money and this. So I look forward to possibly a normal year next year. And again, once again, thank you very, very much for all your support and your indulgence.

Palo Alto Networks, Inc. Q4 2023 Earnings Call Transcript

Other Palo Alto Networks, Inc. earnings call transcripts:

Palo Alto Networks, Inc.
Q4 2023 Earnings Call Transcript