SentinelOne, Inc. (S) Earnings Call Transcript & Summary

Gabriela Borges. Delighted to have on stage with me, my colleague, Max Gamperl and Tomer and Barbara from the SentinelOne team. Thank you so much for taking the time today, especially on a day with an M&A announcement. So great to have you.

Our pleasure, thank you.

Tomer, I'd love to start on some of your core technology differentiation and that we can talk about Observo. So it was about this time last year where we were talking about seeing a noted step-up in market education, specifically around the differences of SentinelOne's technology approach versus kernel-based or other technology approaches in the endpoint space. So I wanted to open up with a little bit of a reflection over the last 12 months. How do you feel about your ability to illustrate that competitive differentiation in the enterprise in particular? And do you feel like you've made progress there with educating the market?

Yes. I mean I think it's definitely broader than just SentinelOne, right? I mean we've seen Microsoft also try and kind of create a program that allows vendors to move out of the kernel, to be able to monitor or get the same level of visibility from kernel free user space-based solutions. So as all I think it raised the awareness for how do you need to do security on the endpoint and the level of resilience you need to be operating at to make sure that you obviously don't cause any type of disruption. I think to date is something that customers always ask about. We take a lot of pride in the fact that you can use our endpoint software, even if it's completely disconnected from the cloud. Even if you have no connectivity. Even if there's no Internet connection, it remains as effective. And I think that's the biggest kind of differentiation point that we see when we talk about that kernel because at the end of the day, customers are going to be somewhat technical. And I think that the outcome is the thing that matters the most. So the outcome here is an always on an agent, no matter what happens with connectivity, which is a big thing. And if we take it to air gapped environment, certainly it is an opportunity. So to us, I mean, it's just another technical discussion point. I mean it goes alongside with our agents being more lightweight, our agent being faster, our agent being one with the most coverage in the market. Works completely kernel free, Linux environment. So I think it's still a big deal and was a big deal, even before the outage in known Windows environments. I think it's now also a consideration in Windows environment. That's probably the best way I would put it.

So I want to move out from talking about the core competency on endpoint to understanding your strategy with AI and SIEM. And so maybe actually a great place to start is with the Observo acquisition from this morning. So maybe give it to us in one-on-one terms, how does Observo give you something that you didn't have before? And where does it fit in the AI strategy and the next gen SIEM stack?

Yes. I mean, look, I'll open at the highest level. There is not a single AI or enterprise transformation that can happen today without routing data from one place to the other and typically from a legacy system and into an LLM based system. You want to have the data accessible by AI and for AI. And to do that, you really have to use something that's called the data pipeline. The data pipeline gives you the ability not only to connect to any source of data in the enterprise, but also to manipulate that data to transform it, to sanitize it, to enrich it and make it ready to be fed into LLM based systems. So broadly and outside of security, data pipelines are incredibly important. There's been 1 legacy in that market, legacy player in that market called Cribl that really had this more kind of structured, code-based data pipeline. But as we're seeing, obviously, to our SIEM motion, the need to migrate data specifically for security from one SIEM to the other, you start realizing all the deficiency points in the current approaches. And what we started doing, I think, it was kind of late March time frame is we started looking, okay. So can we find something that can allow us to move data freely with nonstructured schemas. Something that's really AI-driven, that can maintain connectivity no matter what the connection point is and no matter what the destination point is. Can we find something that can do it as close as it can be to real time? It can manipulate data in real time. Can we find something that has the most connecting capabilities to anything that you have in the enterprise? And we looked at about 11 vendors. And we POC'ed all of them, checked the performance, the security. We just published on our blog, like, I think, an 11 criteria type of -- just our internal evaluation of these solutions. And Observo was clearly just a mile ahead of all of those, and then we started talking to their customers, and we got the sense that, hey, you know what, we always felt like routing the data and the data lake story, like all of that needs to be more holistic. There's really not a lot of credence to just have that component separate and that component separate. If you can bring these 2 together, then you'll just be able to expedite pretty much every data opportunity that you have because now you're not leaning on a third party. The customer doesn't need to go and find a way to route the data. You could just bring it out of the box, which is what was another incredibly compelling thing with Observo is that it's almost fully self-served. So if you think about some of these SIEM migration projects today, what happens is that even if you win the heart of the customer and you say, "I got a much better SIEM for you." And they decide to move, they need to go about this long-haul project that needs to map out all the data sources, all the dashboards, all the rule sets, all the stuff. Sometimes they bring in SI. It's going to take them months to really fully wholly move. Suddenly with something like Observo, you're talking about an out-of-the-box capability that spins up SaaS, completely DIY and you click through your data sources. It connects and it moves the data and you're done. You can start migrating all the objects within some of these systems. So I sincerely believe the things that are going to be possible with these types of technologies call it, in the next year or 2 are going to change dramatically the barriers to entry. Once, I think maybe 2, 3 years ago, we talked about like the query language being a barrier to move, right? I think that obviously has been removed, but now you kind of hit all these other bottlenecks and with a robust data pipeline, I mean, you're removing the biggest barrier out there. So for us, owning that. We feel it's a very strategic layer in the enterprise. Again, it spans beyond security, and we would love to keep that offering as something that just allows you to move data even directly into LLM. So take your data from a legacy system, you massage it a bit, enrich it, make it ready, context ready and have an LLM get access to it. I mean that's huge. That's what everybody is trying to do right now. So again, an amazing accelerant and a complement to our data and AI motion, but more generally, a very strategic point for us, a point of insertion for us in any environment. And that to me is kind of the last point on this is we've always, throughout our journey, have been looking for ways to be relevant in any environment. I never liked the it's us or them dynamic, right? I mean a lot of us in cybersecurity, it's like you take my platform, all or nothing, right? I don't subscribe to that stuff. And for me, something like a data pipeline. I mean, it's amazing because you can come in into kind of a Microsoft-dominant environment and still be incredibly relevant. And then you can talk about the rest of the parts on your platform, but just getting that foot in the door, getting a unique capability out there, it's always something that expands your opportunity set.

So maybe just crystallize this for us. With your pipeline or your migrations that you've done so far on AI SIEM, how long does this data pipeline process typically take without Observo and what is it now you sort of essentially set it overnight, it sounds like.

Yes. I mean I definitely think that the 2, 3, 4 months' time frames that we're seeing today, which are quick, really, really quick. Like we built a pretty nice system to allow you to migrate. It wasn't as complete. So it's almost like you do, call it, 75% migration in 3, 4 months. And then you have the 15%, that's like the long tail of connectivity that you sometimes need. That goes away completely with Observo and the time to get up is weeks. So to us, in like a fully tested, validated approach. We've seen it happen with Observo in 2 weeks. We've seen it through us POCing, Observo in our own private data center with petabytes of data. The scale is immediate, the support in kind of getting on-premise sources or cloud sources, moving data from cloud to cloud, something that a lot of customers really want to try and do, really hard to do, unifying different SIEM solutions. Many, many, many customers have actually more than one data storage and one SIEM. If you actually want to do security as a holistic thing, you have to start unifying these SIEM solutions. So what Observo gives you is the ability to actually ingest data directly from the SIEM. So you don't have to go just to the sources, you can just connect to the SIEM, take the data from there. So a very different reality for us starting today, and we would love to translate that for customers for sure.

And how is it technically better than Cribl or in what ways is it technically better?

Go to our website. But basically, the CLI -- Cribl is very CLI based. Still a good solution, right? I mean performant, works well, but very, very rigid. So basically, they built manually almost all of their connectors. And a lot of them, the moment you have a change in the field or some form of data envelope change, you kind of have to maintain it all the time. So that part goes away with Observo. PII masking, real-time and only detection. All of those are just tremendous things. You can move a lot of logic into the pipe itself and just overall connectivity. I mean they got so many connectors. So it's just superior in pretty much every aspect that you want and even in performance. So to us, again, it feels like just a next-generation data pipeline more than anything else.

And Barbara, maybe I'll ask you the financial implications question. It seems like there is part 1, which is how quickly can you ramp Observo, any commentary on revenue and margin today? And then the second derivative question is, well, what are the implications for your emerging products portfolio and the SIEM piece in particular? Or even the data piece too, it sounds like both those pieces move together?

Yes. So just to echo what Tomer said, this is very, very strategic for us. From a financial perspective, in FY '26, the revenue is de minimis. It's pretty small. So there's not going to be a significant top line ARR or revenue impact in the current year. And then from a margin perspective, it's approximately dilutive by about 50 basis points. And then I think there's 2 pieces to it. Like we can sell the data pipeline stand-alone. And then we can sell it with our AI SIEM. And so the way we're looking at it is it's a catalyst to continue to drive our AI SIEM sales, but there's also the opportunity to sell it standalone.

Max, over to you?

Great, Tomer, can you bring us up to speed on what you're seeing in the core EDR market? You accelerated endpoint last quarter? What are you seeing changing in the competitive landscape? And what types of prospective customers are still using legacy solutions and what would catalyze them to make the switch?

Yes. So look, the most important part here is that 50% of the endpoint market is still -- I think it's probably the fourth year in a row that I'm sitting here and saying that about 50% of the market, it's still in the hands of incumbents, Symantec, Broadcom, sorry, Trellix, they changed name, but it's the same thing. Trend Micro, Webroot, there's a lot of it. That part of the market is half of it, but it's not in the Fortune 500, right? I mean Fortune 500 have largely made an endpoint decision. They have multiple footprints. Sometimes there's still some moves and shakes there. But basically, when you look at that incumbent part of the market, a brownfield, it's in the long-tail mid-market for endpoint protection. And the dynamic we're seeing there is one that we like a lot because it's a part of the market that cannot deal with complexity. And thus, when you look at our competitors, look at somebody like Microsoft, it's true to have the go-to-market engine and they're lending a lot of those just by force of an inertia basically. But for 100-type person SMB, the level of complexity that brings is really not great for them. So when they have their option and if they have the option, if they're not getting this massive benefit from going for like an E5 or an E3, they choose to go with SentinelOne, because it's super simple. It's plug and play. It's one of the best solutions in the market and it's easy to use at the same time. So it's highly, highly accessible for that part of the market. We typically don't see the other market participants. The other market participants, when they sell, they attach services to it, probably 99% of the time, that's not the greatest fit in that part of the market. It comes with a lot of commitment. Some others, you kind of have to have a complete platform desire for them to even be applicable. So when we look at the mid-market, where we have been traditionally strong, we just see continued strength. I mean we're seeing less competition. We're seeing a great fit with our solution, and I think that's what's driving the acceleration. That's where we're going to continue to focus in the endpoint market. So we talk a lot about emerging. We add capabilities, we acquire capabilities. It's 50% of our quarterly business now. But at the same time, if we had our pick, we would want to see the pie overall become bigger, not something eating from some not emerging, taking away from endpoint, not endpoint taking away for emerging, just expanding the pie. So it's a good market. We'll take incumbent displacements every day of the week. It's definitely a much easier sales motion. And I think it's just about creating pipeline, executing on the pipeline, and that's what we're doing there.

And in your emerging products portfolio across SIEM/data, cloud and Purple AI, what are you most excited about? What do you think is going to have the most meaningful impact in the next, say, 12 to 18 months?

Yes. Look, it's picking a kid, right? I really like what I see obviously with data. I mean, again, some of our components have strategic meaning. They are not just components. So obviously, owning the data pipeline juncture, amazing. Having a real-time data lake, one of the only in the market, amazing. Those two are catalysts for everything AI. Because where do you apply AI? You apply it on the data, where do you get the data? Through the data pipeline? Where do you store it? And how do you traverse through it? In the data lake. How do you then automate action? Through hyperautomation. So today, I mean, post this acquisition, we basically have a complete closed loop of all capabilities to build a true autonomous experience for customers out there, regardless of the surface, regardless of endpoint or cloud or whatever it's going to be. And that's what excites me the most, I would say, just the synergy of our products. All the way to our MDR service. Our MDR service is now becoming a supervisory layer to our overall AI SIEM and AI offerings. So I think the world of cybersecurity is going to move at some point from these models that we see today, the thoughts about products and platform and services into a more all-inclusive AI cybersecurity layer. That can start -- really kind of orchestrate all the other parts, also all the other controls of cybersecurity.

And in SIEM specifically, the incumbent products they're very sticky. How do you see the evolution between security-specific data lakes versus broader SIEM data lakes progress? And what would catalyze the customer to make the switch from an incumbent vendor?

Yes. I mean, look, a lot of it goes back to the. pipeline conversation. Just moving the data is pretty significant. Cost, a huge factor. Latency, huge factor. I mean we've just seen just last week, I mean, like 2 or 3 AI-borne cyber attacks. Now we can all argue about the level of sophistication or not. We've actually seen cybersecurity vendors get breached by those same types of attacks. But what you do see is the speed is increasing. And the velocity of these attacks, that's increasing as well. And you're at that point that if you don't have a system that can monitor in real time what's going on and help you orchestrate action in real time to what's going on, you're going to be 100% left behind. So it's not even about the detection logic. It's just about the completeness of visibility, the timeliness of visibility. So if I have -- I don't know, Splunk SIEM today, however sticky it is, I mean, at some point, I really need to figure out whether I'm comfortable with opening up that system and looking into the past. Because what I'm going to find there is going to be 10 minutes, hour, stale information sometimes. And that in our day of age, is just not acceptable, if you ask me. I mean, maybe acceptable for some, but it's not acceptable if you want to be truly protected. So it's sort of risk that's building in those systems. I mean it's across the entire legacy stack. I mean we're not going to be fair picking only on the SIEM. But I think that's where you're going to start seeing the inertia move with security. And maybe then later on to broader IT to your point. Our focus right now is security, but I can definitely see a world where it's so within reach that we're going to expand the offering as well.

And then one more question for me. You may have heard there's a renewed debate around the identity market and understanding where endpoint vendors might fit in the identity security market. And your strategy in identity? And which elements of identity do you think would belong to SentinelOne versus needing to be sold separately?

Yes. Healthy debate is always welcome. I think that right now, it's still a huge question mark on what's going to happen with identity or identity security. I mean the market is so nonstructured, not well formed nor the problem. Like if we think about the next problems in identity security, I don't know, and I'm sorry to say that if a 20-year-old PAM provider is going to solve the Agentic identity crisis. We just don't see how these solutions even map together. I think, by the way, if anybody is situated to do that, it's also not us. I mean it's going to be the IAM providers, the identity access manager providers. They, as the name would imply, are there to regulate access through identity. So I kind of feel like a lot of the talk about identity. It might be a little bit misguided, if you ask me, especially around like PAM and all that stuff. PAM was always like a very narrow footprint type of a solution. So to think that that's going to scale to like millions and millions and millions of ephemeral Agentic, spun up processes, just don't see it. I don't see it even meeting the scale like technically. So I don't know exactly what happens next in the identity market. I don't see a solution today in the market that can solve that. Our place is really around identity threat detection response and identity security posture management. I think that some of these models can be expanded to also deal with some Agentic workflows, not with all Agentic workflows. And I really think there is a new concept that's needed. And it might not even be identity borne. Like I don't think it's said and done that every ephemeral workload needs to have an identity of its own. I mean needs to have privileges, needs to have permissions. Needs to have a system that governs it. But to think that you can just manage all of those by saying, "Oh, Agentic thing is basically an equivalent to a human and let's put it in the system and put a policy and call it a day." I really don't see it. So I don't have an answer for you, but I don't like the current answers either.

So let's have a little bit of a discussion around go to market. And Barbara, I'd love to get your view on this as well. For the longest time, SentinelOne has just had this really solid reputation in core endpoint. And I think it's been a little bit of an evolution to become more a platform company, and now you're at the point where 50% of bookings are coming from emerging solutions. So maybe level set us, what do you think is working well in the go-to-market and having customers think of you as more of a holistic AI closed loop autonomous solution? And where do you still have more work to do.

You want to start?

I'll say a few words. I mean, obviously, it's something we've been working on for, obviously, more than a year now with the go-to-market evolution that we went through. Just the concept itself of moving from a product to a platform. It's a journey for every company. And we feel like we've made pretty significant strides. I think last quarter, our performance was heavily tied to just broad-based execution. A lot of it was the fruit of changes that we've made along the years, right? I mean not just anything specific. So that conscious effort to grow the emerging bucket. That conscious effort to move to sell the platform and introduce Flex. Like all these things have now created just better accessibility for our platform and more velocity for our go-to-market. Nobody is declaring victory internally, like we've still got a lot more work to do. And it's a constant evolution. I think marketing in itself is the place we're investing more. But as a whole, my job is to try and create the demand. Barbara is working hard on all the efficiencies and the proficiencies in the go-to-market engine. So...

Yes, I would say from my perspective, like getting the engine executing well, like especially after Q1, obviously, we were impacted by macro, but we also felt like that was something we could have executed better through. And you can see that execution and that focus really paid off for us in Q2. And then on the other side of the things, it's just really looking hard at the unit economics within our sales and marketing and how do we improve that? How do we increase sales productivity for our direct reps. And then as we look at kind of all of the helpers around the reps what's the right balance. We're doing a lot of benchmarking and focused on improving that metric over time. That's where we're really going to get the leverage in terms of expanding margins in the future.

And from a benchmarking standpoint, tell us a little bit more about how you go about that exercise? And what is the -- where are we in terms of -- how long till we get to the benchmark that you want to hit?

Yes, I would say we were just getting started, and we're starting to see some benefits of that. We'll see it in the second half with improved unit economics and it's all the things from quota per head and number of SEs per AE, what's the manager ratios. And so really looking at all of those very data-driven metrics within sales as well as our marketing spend to improve that metric over time.

And actually, this is a question for both of you as well. There is a little bit of a question around scale in the security industry. You've got Microsoft talking about $4 billion in security R&D. You've got Palo Alto and CyberArk now combined, will be a bigger company. You've got CrowdStrike that will say that they outspend you on sales and marketing already. So it's a little bit of a question on how do you think about your ability to punch above your weight and deliver the type of net new ARR acceleration that you just put up in 2Q with a smaller OpEx budget. When we know that in security, winning is not just what the technology, you have to say. It's the investment you're making in the technology road map and the go-to-market. So a little bit of a question, how do you think about your relative scale versus some of these bigger competitors?

Yes. I mean, look, it's a 10-year in the making type of a question because when you start a company kind of started the deficit point to begin with. And 10 years ago, it was Symantec and McAfee that could have said the exact same thing. I mean, you're a 2-person start-up, your R&D budget is always going to be smaller than that. But I do think, eventually, it comes down to innovation and it comes down to architecture. And when you think about what we're building, we're not spread around across like a hundred different things. I know it might look like from the outside. But at the end of the day, we got 4 things, 4 disciplines. We got endpoint protection that's leaning heavily on our data layer and our data layer is where everything else lives. So when we talk AI, it's built on the data layer. When we talk about the SIEM, it's an application that's built on the data layer. When we talk about our cloud security, it's another application that's built on our data layer. So at the end of the day, I think, we built -- and we've talked about it actually for many years, this idea that you can build a highly robust data platform which will enable you to then unlock applications on top of. And that's exactly how our R&D works. And we also -- we're pretty good in choosing what not to do. We got 30 plus capabilities on the platform, while others sometimes have 50 or 60 or 70. Not all of them are as important, not all of them are differentiated, not all of them are applicable in many of these accounts. So for us, I think just the focus and making sure when we invest R&D time, we invest it in strategic capabilities. When we make acquisitions, we invest it in strategic capabilities. The Prompt acquisition, Prompt Security was exactly the same thing. Huge need, clear need, no other solution that can do what Prompt can bring. The immediacy of the solution, which means that it can be deployed right now to solve a customer issue and the proximity to the endpoint, which is a great complement to the footprint that we already have. So even when you think about something like Prompt Security, it's not going to be net new R&D for us. It's going to lean on the existing R&D investments that we already have in the endpoint space. So when we look at all these components, for us, it's always about how do we harmonize it to the point that we invest in what matters and that we continuously kind of get compounded value. I think that's the only way to kind of look at these budgets that others have. But we're nimble, and we're incredibly efficient. And at the end of the day, I mean, you also got incredible talent, right? I mean people, sadly enough, have been trying to poach our people day and day out. Most of the management and our peers is coming from SentinelOne. So in many ways, we compete against SentinelOne. But it's all good. And we love to see the space progressing. We love to see the innovation. That's being copied sometimes. I mean it's all good. It's getting everybody more secure.

Barbara, anything you are at here? I know you've been at companies of all sizes.

It's focus, it's all about focus and kind of that ruthless prioritization and making sure you're getting the return on the investments you're making. So focus, focus, focus.

Let's pause for a moment. Questions from the audience. Max, do you want to hit on some of the financials?

Yes Barbara, let's talk about Q2. Rarely do we see a software company beat net new ARR by $15 million and raise the revenue guide for the year by $2 million. Help us reconcile this gap.

You want me to do the math.

That would be great.

Yes. No, great question. We had a really strong very Q2, very broad-based strength across the business. A couple -- there are 2 dynamics, right? Because we were in line on revenue for Q2, but a $15 million beat, as you said. And it was a very back-end loaded quarter. So when you think about outperformance large deals, primarily landed in the last week of the quarter, that doesn't contribute very much to revenue. So that's number one. And number 2 is professional services. It came in lighter than we were expecting. It's a small part of our business, but it did have an impact. And as we thought about the full year impact and being very prudent in terms of our outlook. We took those 2 dynamics into account. So more back-end loaded quarters and then lighter professional services in the second half. If we did not have those, yes, we would have a bigger raise. But instead, we had to. But feeling really good about Q3 and the back half of the year, a lot of confidence around that.

That's very clear. And you did mention some conservatism around on the outlook regarding the macro environment, particularly in the federal vertical. Is there anything specific that you can point us to in federal that's making you more cautious than some of the other vendors we heard, just anything.

Yes. I mean, we continue to feel really good about the opportunity we have in federal. I mean, the opportunities, the engagement we've got is all very encouraging. We've got a lot of different growth drivers there. If you think about our solutions, our key focus areas. Whether it's endpoint, AI SIEM, cloud, hyperautomation, Purple. They are all FedRAMP High. So it gives us a lot of confidence around federal, but timing around deals in federal can be -- it can shift depending on what budget cycles are and different program initiatives. And so we just took a more cautious outlook as we thought about federal pipeline. But overall, feeling really good about that side of the business for us.

Great. And you have time for one more?

Yes.

So when we look into next year or the next couple of years, and Street estimates are estimating stabilization at around 20% or more revenue growth over the next couple of years. At the same time, they expect margins to expand at a similar pace as in prior years. Help us reconcile being able to stabilize revenue growth while being able to expand margins at a similar rate?

Yes, I would say it's not either or, it's a balance. And the good news is we've been really focused this year on stabilizing revenue growth. So if you think about the first half, Q1 was 23%, Q2 was 22%, for the year 22%. So check, stabilizing revenue growth and then continued focus on driving efficiencies. So really focusing on driving efficiency. I talked about improving our sales unit economics as well and using some of that efficiency to reinvest for growth in the business, but overall, durable growth, continued operating leverage in the future and really starting to make steady progress towards that Rule of 40 metric and increasing our performance there over time.

Tomer, I want to end on a technology question. How do you think about the balance between deterministic and nondeterministic in the security operations center, knowing how risk-averse security people are, how do you put enough guardrails and something like Purple. So that it's safe or accepted while also having it be useful?

I have a really interesting vantage point on this one, given that 10 years ago or 12 years ago when we started, we introduced a complete heuristic-based nondeterministic thing that was called endpoint protect or EDR or whatever we called it back then. And we tried convincing people to go from a fully deterministic antivirus-based signature-based solution and into something that holds no signature and basically decide via heuristic, whether something is better or good without ever knowing the file or the signature or any of that sort. To the point that there was no test in the space to validate whether what we do is even apples-to-apples because there was no apples-to-apples ability to compare. So it took some time. I mean, it took some time. And I think that we had to prove to folks that this can be as accurate at least is the kind of old world of signatures, but obviously that it can detect the whole barrage of things that signatures will never have the ability to do. So I do think at the end of the day, it's going to be -- no matter the technology is going to be a market education. It's going to take some time, and you need to build a ton of trust in these systems. For us back then and also now transparency is going to be incredibly important. It is the ability to show what the system is doing to put benchmark evaluations out there that show the efficacy and what is being done, it's going to be key. My team likes to say, autonomy without accountability is not worth anything. And I really like that. Without having the ability to show exactly what happened to audit it and to have a supervisory layer. I think at least in the interim, you can never get to full autonomy. Even when you take Waymo, there's a human out there in the control center that's looking at everything. If there's an escalation, there's going to be somebody there. So don't get fooled by the fully autonomous stuff, right? And the same is going to go for security. And I think there's going to be, again, a supervisory layer, very deep technology that can do a lot of stuff autonomously, not everything autonomously, at least not in the immediate future. But that, I think, is how the known non-deterministic view or the deterministic stuff is going to shake out. The last thing I'll say is that back then and true to today as well, we felt like there was no other way. There is no way to scale cybersecurity with just deterministic stuff. There was just not enough prior knowledge. Attacks can be 0 days, which means that you can never detect them deterministically. So I think it's just a compromise, we're all going to have to live with, like almost everything we're doing today is becoming nondeterministic, non-biased, non-binary. Even when you drive our car and our car is going to start being more automated, that's nondeterministic, right? You press the gas pedal maybe it goes maybe it doesn't. But that's the world we live in.

A great place to end. Tomer and Barbara, thank you for your time.

Thank you so much.