Palo Alto Networks, Inc. (PANW) Earnings Call Transcript & Summary

All right. We will get going. Thank you all for being here on day 2 of the UBS Tech and AI Conference. I'm Roger Boyd. I cover cybersecurity. Very happy to have Nikesh Arora, CEO and Chairman of Palo Alto Networks. Thanks for being here.

Thank you for having me.

I wanted to start with a little fun. I want to rewind back to 2019. You were relatively new to the role, relatively new to Palo Alto Networks. You're making a lot of acquisitions that I think investors had questions about. And in hindsight, all those played out pretty well, I would say. I think when you look at -- if you fast forward to today, you've now announced 2 fairly significant acquisitions in the past 6 months and are once again kind of poised to expand the TAM of what Palo Alto looks at. I guess can you compare and contrast these time frames? And at a high level, what's different? What's the same? And how much of the cash of 2019 compares to the cash of 2025, '26?

I don't know, he's older. Hopefully, wiser. But look, if you peel back to 2019, we were 1 of 7 cybersecurity companies in the, give or take, $10 billion to $20 billion market cap range. And we had to figure out how do we break out of that over the next 5 years. I believe in enterprise, if you are not aspirational, don't get to $10 billion in revenue at some point in time in your line of sight, you are subscale, give or take. You start plateauing. And there's ample evidence of plateau to enterprise companies, which go sideways for many years. And you can plateau at up to $20 billion market cap, sometimes you plateau in a $100 million range, too. So the question as a CEO, your job is to figure out where is the next leg of growth going to come from? Is it going to come from natural evolution in my TAM? Am I going to add more TAM to it and when and where and how to do that. So at that point in time, our job was to reinvigorate the innovation pipeline in Palo Alto, which is what we did. It takes 4 years to build a decent product. I didn't have 4 years, so I wouldn't found companies which have been around for 3 or 4 years who are building interesting products, and I must have seen about 350 companies to decide which ones are going to fit the portfolio. That's kind of point one. So we got ourselves to, I'd say, product parity and perhaps product superiority in certain categories because when you work at Google, you get told by Larry Page every day, if your product sucks, you're never going to win. So you basically come and say, my product cannot suck. That's going to be generally a good idea. So we got enough of that done. That allowed us to go to our customers and go do a better job of selling to them. So the second insight in enterprise is that if a customer likes you, likes your product, it's a lot easier to sell them more stuff than to find a new customer to like you. So how do I go sell more to the same customer than constantly having to need new customers at $100,000 or $200,000. 2019, our -- our average customer -- our largest customer spent $4 million a year with us. Now it's $60 million a year with us. So the question is how do you take that $4 million customer and translate them to a $50 million to $60 million customer; it requires both, requires stuff that you can sell them and requires them to like you and trust you. So that's what got us to where we are. And we are, give or take, $130 million market cap company, and we can't just keep bolting on products to what we do. So then you look and say, where else can I expand my business? Where is the incremental TAM? The most significant inflection in cybersecurity in the last 2 or 3 years has happened in the SIEM and SOC space. This is a $40 billion TAM. People like ArcSight, LogRhythm, QRadar, Splunk; they are all 17-year-old technologies. They were ripe for, let's say, innovation that allowed us to build a product called SIEM. We got to $1 billion TCV, faster than any company in the world in that space. We have 400 customers. We're happy with that. Then this wave of AI showed up 2.5, 3 years ago, I think ChatGPT turned 3 yesterday. And that spurred on a whole different sort of conversation on infrastructure, speed, scale, which means it will create more inflection in cybersecurity in places like observability. We identified identity as the missing sort of platform in our portfolio. We think CyberArk is the best asset in the category. It is a security asset. And we're lucky enough to be able to conclude a deal with the founder, Udi. And I think we paid a reasonable price, 20-plus percent premium for an asset, which is #1 asset in the identity space. And having spent now 4 months, and I show my way to Israel next week with them, I feel even stronger that what we can get done with them is going to be better than what we thought. We're going to be able to get done and we're looking at from the outside. Now while all this was going on, I [indiscernible]there's a concept in security called security data pipeline. It seems to the rage. People are trying to figure out how to ingest less data. It's kind of silly, which means that we must not be doing an efficient job to let a third party come and tell people what data we should ingest. So we decided to fix our product instead of buy something, but I saw some of our peers bought some stuff. And in that process, we found Chronosphere. What is fascinating about Chronosphere is I learned that observability is 10% to 15% of infrastructure spend. If I believe half of what is out there in terms of all the compute and infrastructure that is going to get unleashed by AI with the $1 trillion of infrastructure coming on an annual basis, that must mean there's a TAM of $100 million out there. Let's even say it's overpriced, let's say, it's $50 billion. There's 5 players in observability, AppDynamics, Dynatrace, Datadog, Chronosphere and maybe Instana from IBM, pick your favorite fifth one. Most of the others other than Datadog target the on-prem market, not the cloud market. And I was intrigued when I found Chronosphere is going to become the underlying observability platform for one of the largest AI LLMs out there. So I talked to the founder of that and management has said, look, it scales and it's $0.40 of dollar of competitive options. So do the math, I like $0.40 of dollar of somebody else's revenue. It's better than 0. And it works at a 70-plus percent gross margin, which is what I like to lift. So we decided to do one more acquisition. And we think the 2 biggest inflections or 3 biggest inflections in the next 5 years are going to be in identity and continued inflection in SIEM and possibly continued migration to cloud-delivered observability. So it was a very long answer to your question.

Perfect. And maybe just to translate it back to the numbers. You took your long-term fiscal '30 NGS ARR target from $15 billion to $20 billion. Obviously, big numbers here. How much of that was attributed to CyberArk or Chronosphere? I think there was also an organic expansion component to that. And even when you look at $15 billion of organic business, what gives you the confidence in that number?

So look, our ARR is roughly 1/3 of that today. There is some part of that is migration from existing on-prem behavior to ARR. Most of that is net new business in our core business. I think part of that is bolstered by our comfort and success around our core business. I'd say 1/3 of that is about Chronosphere, give or take, and probably 2/3 is the CyberArk current growth expectations. So $20 billion is a big number. It hasn't been done in cybersecurity before. In fact, $10 billion revenue has been in cybersecurity before, unless you look at fuzzy math from large players who segment their cybersecurity spend.

Cool. Maybe to touch on identity. You mentioned this earlier, but just greater confidence in that acquisition having spent a few time -- spent a few months with it. I mean what's -- can you expand on that? And when you think about kind of the 3 pillars of the deal, it was bringing TAM to more users internally. It was being able to include identity within your broader platformization sale. And then this third idea of securing AI agents. Like how have each of those pillars kind of expanded after spending some time with?

Yes. Look, if you go back and correlate to the idea that my belief is that companies which are not generating $5 plus, $7 billion, $8 billion of revenue are subscale in the long term in the enterprise space. We think a lot of the scale, innovation, activities, processes we have, we can apply. It's not CyberArk's fault. We have scale. We can spend $10 million running AI experiments. $10 million is not a lot of money for them to run to optimize 20 people. We can have 200 there. So we can take all the leverage we have from scale, deploy it to them. I see no reason why after spending time with them that our margins shouldn't converge in 24 months with their, or their margin shouldn't converge with ours in 24 months, which would mean going from about 20% operating margins to 30-plus percent operating margin. That's a really good thing in math. So that's kind of helpful, one. Two, we think we can really help them on the go-to-market side with the customer base because they usually don't have the relationships with the CIOs and CSOs that we do, given our larger scale with them. So that's kind of hopefully -- and anecdotally, having talked to some of their customers and our common customers, the fear always is you get bogged and customers says s*** I don't want to deal with this company. But in this case, we have received positive affirmation. The customers like the idea. They like to work with Palo Alto. They like us to have an identity portfolio, and CyberArk is the best asset in the space. So that was the second sort of insight. And third, I think in a way, and I said this at the foundry yesterday and saw Moody, and I said like, you guys got a little happy and fat too soon. You have to go innovate. This is kind of where Palo Alto was in 2019. We kind of lost the innovation idea saying, this is my turf. I want to play in my turf. I make a lot of money in my turf. Well, we're going to light a bit of a fire under their innovation cycle. And that's why Lee Klarich, our Chief Product Officer, and me are spending a lot of time with them heading to Israel. And if you can do all 3 of those, it allows us to actually deliver the ARR uptick that we talked about. Yes.

And then just on Chronosphere, I think a lot of investors may be a little more surprised by that acquisition relative to CyberArk.

Investors were surprised by me taking the job at Palo Alto. They were surprised by me buying [ 17 ] companies. It's like their surprise is not my concern. My job is to deliver ARR growth. I promise investors will be happy if I keep delivering my growth rate and my margin and my free cash flow.

In terms of the rationale, you touched a bit upon this, but in terms of a data pipeline product versus the organic TAM that they have in their installed base versus the idea of bringing that into platformization, how do you balance those pillars of acquisition?

Look, the 2 largest third-party infrastructure data requirements are in observability and security. Everything else is on-prem customer data, et cetera, which is kind of what your core business is. From a third-party perspective, customers can't do their own observability. They need somebody else to watch their run time and infrastructure and tell you if it's working or not. They can't do their own security. We ingest 15 petabytes a day, even with our 450 customers in XSIAM, which are not fully deployed, all of them, 15 petabytes a day. Chronosphere does somewhat similar across the 450 customers. We're the largest ingesters of data in the world, a third-party company. That was possibly the top 5 customers of BigQuery at Google. So we're taking a large data problem, solving it at the right economics for our customers. And I'm pretty sure all of us have varied opinions on how much of this AI spend is going to be realized. We're going to spend $8 trillion or not. But everybody believes in this room, I hope that the data is going to keep compounding across enterprises. The more we spend time on AI, the more we run applications, the more people use it, data is going to compound. If you believe data is compounding, you need observability, you need security. So from that perspective, we think those are the right swim lanes to play in, then it's a matter of execution.

Yes. Just on the Chronosphere customer base, you mentioned 2 of the top 5 LLM providers. It's been pretty well reported that the largest LLM provider is a customer.

We're all shy of taking the name, right? Okay, sure. Artist formerly known as Prince, yes.

Yes, exactly. I mean, to your point, there's $1 billion, $1.5 billion of compute spend -- $1 trillion of compute spend that's coming online over the next 5 to 10 years. So how do you think about that market for observability expanding with AI? And how do you think about selling into that ecosystem?

Look, the observability world, the customers fall in 3 buckets, right? One bucket is where people have a lot of existing applications on-prem, which is where, as I said, Dynatrace, AppDynamics have built their business and they serve that use case. The second category is born in the cloud companies, SaaS companies that sell cloud-based services, which are pick your favorite SaaS company, pick your favorite consumer company, your DoorDash, your Uber, your Airbnb, they all have to have -- if their app is down for 10 minutes, it lost revenue. If your app is down for a few hours, the SEC will come and shut you down because you're not in compliance with some requirement to be available as a storefront for your financial customers. So from that perspective, observability ensures 99.9% visibility into availability. So if your stuff goes down, you're in trouble. What are you willing to spend to make sure that you can see when something goes down? As I said, the numbers in the market are 10% to 15%. I'm not saying Gemini tell me that or ChatGPT tell me that. So I take 10% to 15% if you believe that's an overpriced market and the right answer is 5% to 7%. If your numbers in $1 trillion, that's $50 billion, $70 billion. That's a $50, $70 billion TAM. I don't see that revenue in the market today. All that tells me is that, that market will keep growing, which means if I go spend the time and effort to spend -- sell -- I know like the second largest customer at Chronosphere is going to spend $20 million this year for start-up, $20 million of one customer. I like those businesses. I like small number of people spending a lot of money. I'd rather be like LVMH than Walmart. Small number of people spending a lot of money is a good idea because I can serve them better, keep them happier and make sure they get the value that they need. And that's where we play, and that's where platformization plays. That also reduces my cost to go to market across the board.

Okay. Maybe last question on the 2 recent acquisitions or pending acquisitions. I've gotten this question from investors, but how do you get comfortable integrating, managing fairly large integrations over the next kind of year, 1.5 years? And I know you mentioned Lee's recently promoted and spearheading a lot of this, but what does that look like internally?

Well, I think they're both different. I think Chronosphere is a great product. It has good traction. Customers like it. They want to spend money. So I don't have to go do like open heart surgery and fix the product. It's just -- it's working. We have to help them go to market. They have 7 salespeople, I have 3,000. I think we'll find a way of getting more people at Palo Alto sell it outside of the 7 they have. It's a very targeted sale. So integration in the case of Chronosphere is letting Martin do his job, give him more resources and support them where we can to let them off the races, right? So give them the comfort. Large companies make a mistake. They buy companies and then try and smother them. We're not going to smother. We're going to give them more money, more resources to run faster. One asset we have, which startups don't have, we have money, we have distribution. Our job is to figure out how to unleash that asset onto the acquisitions we have and not constrain them with our policies and processes. So that's what we're going to do. Martin is going to report to me. He's going to have full ability to go run as fast as he can because he has an open lane, he can run really fast. CyberArk is different. CyberArk is a reengineering, restructuring and make it work and fit. That's why I've spent a lot of time in the last 3, 4 months. My teams are all working on it. And that's why that's where our focus is. And at the same time, we're going to make sure our core business continues to deliver because that's kind of what gives us a right to play. So keep running our core business. We don't have any small acquisitions to integrate. We haven't done any. CyberArk has been thoughtfully done. We've spent 4 months. We'll spend another 2, 3 months before it gets closed. That's why we're flying to Israel. That's why we are working on plan. That's why we have stuff to figure out on a function-by-function basis. We have the top 50 people we like. We're talking to them about continue to stay at Palo Alto. So it's kind of like -- and we found the opportunity areas. Could there be a bump for a month or 2 months? Sure. happens. But do we believe that the long-term thesis is even more robust than we thought? Yes.

Great. Okay. Maybe shifting over to Bitcoin.

Investors always need something to worry about, for sure. Otherwise, it's like show me a stock that doesn't have a concern.

Okay. Shifting to the core business. SASE, you've got $1 billion, $1.3 billion of revenue, growing 34%. I think you're now in 1/3 of the Fortune 500. The growth there has been pretty steady. What's going right there? And competitively, have you seen any changes in the market? There's obviously more vendors that are talking about that.

I thought the market leader in SASE was here this morning. What did they say?

It's going well.

Great. So I'm glad it's going well for them. It's been going good for us too. It's great. 5, 6 years ago, we didn't play in this space. We were not -- we didn't have a right to play in SASE with 0 customers. We had to build it one customer at a time. We're now north of 6,000 customers. They have very large deals, which is good, which to me is a validation that we can come from behind, build the product, compete with the biggest players in the market and get to #2 in the category. #2 is a good place in a category, #3, #4 is a dangerous place because you spend all the money and you don't make the returns. So I like being at least #1 or #2 in the category. So we're happy we're #2. It's a steady business growing faster than the biggest business, which means it's good because it gives you -- the spread is narrowing. We believe our product is at parity or better in certain spaces, and that takes time because every time we go to a customer, you don't do this, you don't do that. So you do those things. So I think we have the right amount of investment and return going on. We have the right amount of happy customers. And we have done some things technically that allow us to tell our customers -- and our VPN customer Palo Alto, you can actually turn on SASE capability right off. So the biggest problem with SASE is every laptop has to be brought in and a new agent has to be put on it, which customers are scared of because you really want to stop your workflow and say, my God, I am going to deploy 200,000 new things. It is the last thing they really like IT coming is like, I'm here to install something in laptops, it is a holy s***. It's not working. So if you say it's already on your laptop, I'm going to turn on from the back. That's a much happier feeling. So we've gotten to a point where we have 80,000 firewall customers, many of them are VPN customers. We can turn their VPN client into a full SASE client without having to bring in the laptop and do open heart surgery. And the back ends are already configured. So the implementation is a lot easier for us than it was 2 or 3 years ago. So it makes it harder and harder for other people to come in and steal those customers. That's all. We'd be very happy if we had a $3 million ARR business in 3 to 5 years. That should deem that business, which you built in the last 5 years, itself should be worth $40 million.

You mentioned feeling like you have technological advantages in certain areas. And it seems like Prisma Access Browser has been one of those areas. It's been a pretty material element to new seat count growth in SASE. How important is that? How differentiated is it? And like big picture, the idea of like browser wars, AI browsers, how do you think about enterprises trying to secure AI through a browser?

I wish I could tell you that we anticipated secure AI, AI browser and cloud and Anthropic building browser and that sort. We bought a company because we thought we could manage devices in companies which were not being managed through a browser acquisition. We paid somewhere around $600 million for Talon. We have seen phenomenal adoption. Browsers are sort of the hidden threat. We did a 30-day pilot, a large company with 20,000 employees. We discovered through a 5,000 browser pilot that 167 browsers are compromised, which means attackers were in their browsers, 167 of them. Next week, they put out 210,000 browsers in the company. So that's the threat. Now if you carry that forward and think about the idea that you will have employees download the AI browser from OpenAI or Claude or from pick your peer at perplexity. -- the reason these guys are building browsers is I think the next battle in AI will be consumer agents. I think we confuse ourselves in this world to be agentic behavior enterprises. The real battle is consumer agents where we can all conceive that I should be able to tell my phone get me an Uber at the Phoenician, get me on whatever flies from Southwest to San Francisco. And when I land, get an Uber at the other end and make sure you make a dinner reservation for me and my wife tonight at 7:00 in Palo Alto. You can all imagine that seems possible if Sam Altman is going to raise $100 billion and Ali going to come tell us $134 billion, they must be doing some [indiscernible], right? If you believe that, how do I activate the agent? How does it know what my Uber account is? How does it know what my DoorDash account is? How does it know my -- whatever OpenTable account is? The only way it does that is if it has my credentials. If I'm on the phone, the iPhone controls your credentials to some degree. If I'm a laptop, the only place to harvest credentials is your browser. That's the only place when you log in and you click it, stays logged in. So actually, what you're seeing is a land grab for credentials on the desktop. That's all that this browser business is doing for the consumer guys. The problem is what's great for that scenario, sucks for Spotify, Uber, DoorDash, they're going to fight it [indiscernible] . That's bad news for enterprise. I don't want your browser to be logged into Salesforce and Workday and my trading app and portfolio management, I'm doing s*** which I don't know. So you will want to secure your browser as quickly as you can. So I am betting in the next 6 months, enterprises ban consumer browsers that you can't use OpenAI browser at JPMorgan or at Home Depot or at Walmart because I don't know that browser is going to take your credentials and do something in the back with an agent, I don't know how to control it. I have no security in place to control these agents. So what do you do, you ban them. But you ban Chrome. You ban Safari. What do you use? Now you say, there is my browser from Palo Alto. I supposed to say that...

That's a good pitch. There. All right.

It's like an ad, you'd like do it together.

All right. I wanted to switch gears to software firewall. You called it a hidden gem last earnings call. I don't think it's that hidden. ARR is growing 20% plus. You've got pretty material acceleration in product revenue. Can you talk about what's underpinning that strength and we'll go from there?

Yes. So the reason software firewalls are hidden gem is that I think the most fundamental thing for all of you guys to understand is that Security is pretty straightforward. Security means every bit must be inspected. It doesn't matter where it comes from. It comes from a laptop, comes from an application, comes from micro services, comes wherever, every bit should be inspected because that's where bad should happens, okay? You inspect bits in data centers using hardware, which is where firewalls come in. You inspect bits on your laptops using SASE or browsers, that's where SASE and browsers come in. When you're sitting in Google Cloud or AWS or OCI or IBM cloud, your bits have to be inspected. There's no boxes in the middle. You put a software firewall around your application, you inspect bits. For a while, people were using the cloud providers' software firewalls, whether using AWS or GCP. We slowly over the last few years have deployed a single form factor that works in every cloud. So if you're a Walmart, you can run the same firewall at GCP, AWS, Azure and you get a pane of glass. It's better than managing 3 different firewalls. And of course, we might have slightly more feature-rich firewalls because that's all we do for a living. Those guys do a lot more other stuff. So what's happened is there is realization, a, many customers are multi-cloud. They're not single cloud. So if you're multi-cloud, you want a common firewall, you don't want multiple firewalls. That's helped us. Two, they want more feature richness because they're discovering their attacks coming into the firewall architectures. And three, we made them work natively in the environment. You can spin up our firewalls just like you can spin up a Google or AWS firewall. So in that context, we probably have 50% market share in software firewalls from nowhere. We have 39% in hardware, 50% software. And our competitors are only individual cloud service providers. There's no large third-party cloud firewall business that competes with us. So that allows us to go in and show the value prop. What's really interestingly aiding the conversation is AI because our firewalls have been upgraded to protect model hijacking and the attacks we heard about a few weeks ago. So that's also helpful because we show them the AI firewall, then they buy the software from us, that is where the volume is. So it's kind of been helpful.

Yes. I want to double-click on that. And the concept of an AI firewall, you introduced Prisma AIRS earlier this year. You have model scanning, AI posture management, red teaming. Should we think about those as kind of attached services to an AI firewall? Or does it get sold separately? How does that work?

When you look at a company, how do they deploy AI? The company says, I'm going to put my own LLM into my company. And now you can talk to the LLM as a customer and decide if I can give you a recommendation and pick your favorite company and you set up your own LLM, it does a bunch of things called vector DBs, databases and has an Internet connection. And then I, as a consumer, talk to the chatbot. I can talk to the Bank of America chatbot and it does stuff in the back. Now every door you open to talk to your LLM is a door for it to be attached. So for example, in the very early days, every chatbot had this thumbs up or thumbs down. Do you like my answer or do you not like my answer. Guess what? I can spam you by saying, I didn't like your answer. I didn't like your answer. I didn't like your answer and force you to give a different answer. This was being used to manage perception. Like should I vote for President A or President B?, I said "No, no, no, no." And suddenly, you spam and then the model starts recommending President B because they didn't like the first answer. So you can do all kinds of things like it's called data poisoning in the model. It's got LLM hijacking, it's called prompt injection. You can inject prompts in the back in the middle of your question. So they come and say, "Hey, monkey" every time you ask a question. So you can do all kinds of bad things, which you need to look at bidirectional traffic. So we built all those controls into our software firewall, and it gets shown as an AI firewall to our customers. So that creates the desire for them to protect their AI LLM. So that's kind of what we sell. We have about 50 customers who deployed it. Every customer wants to talk about it. Again, it's a great conversation to have because every customer is bothered about AI security, but it lease back the [indiscernible] sale of software problems behind it.

Cool. Maybe to close, we're at the AI conference. There's been a lot of talk about potential AI bubble out there. I want to leverage your purview, your lens into the broader technology landscape. What's your opinion there? What do you think investors are potentially missing? And how do you think about security potentially enabling that or not enabling that?

Look, at a macro level, if you look at everything and you cut through the noise, there's hundreds of billions of dollars more that will be spent in the next 3 to 5 years than were anticipated last year or 2 years ago, right? It's going to be spent, whether you like it or not. Whether it's going to be $2 trillion or $1 trillion, you can decide, but it's going to be a lot more than we thought 5 years ago, which is causing a huge boom in everything related to infrastructure spend. It's unleashing IT budgets because everybody is spending more money on experimenting on AI than they ever plan to. So are we, so is everybody else. The consumer end will consume more AI capacity than you think is possible. Every new Nano Banano that comes out, every Gemini-III that comes out, you're going to suck out more and more AI compute than you think. So there is demand out there for that compute to get sucked out. And maybe your question about where the money is going to come from, but that's not my problem that's there. So that's going to happen. There will be compute builds and people will suck out the consumer stuff. Enterprise will be slower in adoption. There will be hidden gems of things that show up and people do it. That is not going to stop experimentation. And all I need -- all they need is 10 million companies to spend $1 million each and you get to a lot of money. So we're going to spend more money than we thought we're going to spend at Palo Alto. We spent a few million dollars this year from 0. Everybody is going to spend it. So it's all there. Now does that take the market cap of the biggest company down by $1 trillion or goes up by $1 trillion? It doesn't matter to me. There's a boom. AI does 2 things from a security perspective. One, it once again increases the attack surface. Now it can attack agents. I can attack browsers. I can attack a lot of things. The more -- the bigger the attack surface becomes, the more you have to spend to protect the attack surface, right? The bigger house you buy, the more you spend on security. The bigger attack surface in IT enterprise, the more you have to spend. So the attack surface is getting bigger. Two, as you saw in the attack 2 weeks ago, speed is getting faster. AI is going to -- attacks will happen in AI speed, which means defense has to happen at AI speeds. The entire cybersecurity plant is still outdated in the world. There's tons and tons of opportunity for all of that to get, let's call it, AI speed ready, which is where we point our guns. I'm sure many other companies will do better. They have 8% market share. We lose 92% of the time. Maybe we'll get to 16%, and we'll lose 84% of the time. That should double our company.

Awesome. We'll wrap it there.

Thanks, Roger.

Thanks for being here.

Thank you, everybody.