Palo Alto Networks (PANW) Earnings Transcript

Image source: The Motley Fool.

Date

Wednesday, November 19, 2025 at 4:30 p.m. ET

Call participants

• Chairman and Chief Executive Officer — Nikesh Arora
• Chief Financial Officer — Dipak Golechha
• Chief Product and Technology Officer and Board Member — Lee Klarich
• Senior Vice President of Investor Relations and Strategic Finance — Hamza Fodderwala

Need a quote from a Motley Fool analyst? Email pr@fool.com

Takeaways

• Total Revenue -- $2.47 billion, representing 16% year-over-year growth and exceeding the high end of the guided range.
• Remaining Performance Obligation (RPO) -- $15.5 billion, growing 24% and reflecting long-term revenue visibility.
• Current RPO -- $6.9 billion, up 16% year-over-year and consistent average contract duration of approximately three years.
• Next-Generation Security (NGS) Annual Recurring Revenue (ARR) -- $5.85 billion, increasing 29% and surpassing prior guidance.
• SASE ARR -- Surpassed $1.3 billion with 34% year-over-year growth, now supporting about 6,800 customers including one-third of the Fortune 500.
• Product Revenue -- Increased 23% year-over-year, with 44% of trailing twelve-month product revenue attributed to software form factors, up from 38% last year.
• Services Revenue -- Expanded 14% year-over-year, with both subscription and support growing 14% each.
• Regional Performance -- Americas up 14%, EMEA up 18%, and JPEG up 22% in revenue growth, reflecting broad-based demand.
• Gross Margins -- Total gross margin at 76.9%; product gross margin was 80.2% (up 50 bps YoY, up 340 bps sequentially); services margin reached 76.2% (up 70 bps sequentially).
• Operating Margin -- 30.2%, representing a 140 basis point improvement year-over-year and marking the second quarter above 30%.
• Diluted Non-GAAP EPS -- $0.93, above the high end of guidance.
• Adjusted Free Cash Flow -- $1.7 billion, up 17% year-over-year, and cash and cash equivalents now exceed $10 billion.
• Large Deals Closed -- $33 million SASE deal with a U.S. cabinet agency, and a $100 million contract with a large U.S. telecom reflecting the largest XIM transaction to date ($85 million in XIM component).
• Platformization Momentum -- 16 net new platformizations completed; XIM platformizations more than doubled year-over-year.
• Prisma Airs AI Security -- ProtectAI acquisition integrated and Prisma AIRS 2.0 launched, with AI security deal volume more than doubling sequentially.
• Quantum-Safe Initiatives -- PanOS 12.1 Orion released for cryptographic risk discovery, Gen 5 firewalls launched for quantum security, and deeper partnership announced with IBM for QuantumSave Readiness and Remediation service.
• Cronosphere Acquisition -- Deal announced for $3.35 billion in cash and equity awards; Cronosphere at $160 million ARR with triple-digit growth, expected to remain largely standalone post-close.
• CyberArk Acquisition Update -- Integration planning is on track with expected close in fiscal Q3, receiving strong shareholder support and presenting "record net new ARR" in CyberArk's last reported quarter.
• Guidance for Fiscal Q2 2026 -- NGS ARR expected at $6.11-$6.14 billion (up 28%), RPO at $15.75-$15.85 billion (up 21%-22%), revenue $2.57-$2.59 billion (up 14%-15%), and diluted non-GAAP EPS of $0.93-$0.95 (up 15%-17%).
• Full-Year Fiscal 2026 Guidance -- NGS ARR $7.0-$7.1 billion (up 26%-27%), RPO $18.6-$18.7 billion (up 17%-18%), revenue $10.5-$10.54 billion (up 14%), operating margins 29.5%-30%, diluted non-GAAP EPS $3.80-$3.90 (up 14%-17%), adjusted free cash flow margin 38%-39%.
• Long-Term Targets -- Targeting 40%+ adjusted free cash flow margin for fiscal 2028 and $20 billion in NGS ARR by fiscal 2030, raising the prior ARR target.
• Capital Allocation -- No share repurchases in the quarter; $1 billion authorization remains through December 2026; strategy remains opportunistic.
• Product Innovations -- Agentyx AI agents launched, integrating with cloud security and Cortex Cloud to automate enterprise security workflows.

Summary

Palo Alto Networks (NASDAQ:PANW) reported double-digit growth across revenue, RPO, and NGS ARR, demonstrating strategic execution and operational discipline. The company announced the planned acquisitions of Cronosphere and CyberArk, targeting leadership in observability and identity security, while affirming that Cronosphere’s rapid ARR scaling and triple-digit growth will drive incremental value. AI and quantum security advances were highlighted through product launches and new partnerships with IBM and NVIDIA, positioning the firm at the forefront of next-wave enterprise security and cryptography markets. Fiscal guidance projects ongoing growth and solid profitability, with long-term ARR objectives revised significantly upward and free cash flow margin targets reiterated.

• Nikesh Arora underscored shifting customer preference from fragmented point solutions to platform-based security, citing large deals and rapid product adoption as evidence.
• Management stated, "Prisma AIRS is the essential circuit breaker layer to stop them," emphasizing the importance of securing emerging AI-driven attack vectors.
• The integration of data observability and security through the Cronosphere and Agentyx platforms is expected to unlock new remediation capabilities across large-scale enterprise environments.
• Leadership cited "overwhelming shareholder support" for the CyberArk acquisition as validation of the identity security strategic direction.
• Guidance indicates continued second-half weighting for revenue and NGS ARR as platformization accelerates among customers.
• Management maintained an opportunistic approach to capital return, confirming $1 billion in buyback capacity while prioritizing growth and integration initiatives.

Industry glossary

• RPO (Remaining Performance Obligation): Contracted revenues that have yet to be recognized and indicate future revenue visibility.
• SASE (Secure Access Service Edge): Cloud-delivered security model integrating network and security functions for remote or hybrid enterprise access.
• XIM (Extended Security Information Management): Palo Alto Networks’ advanced security operations platform for real-time telemetry and incident response, evolving from traditional SIEM.
• Prisma AIRS: AI Security platform from Palo Alto Networks, integrating multiple security layers to protect AI models, agents, and workflows.
• Agentyx: AI-driven automation and remediation platform for enterprise security operations, enabling custom or predefined agent deployment.
• PQC (Post-Quantum Cryptography): Cryptographic standards designed to withstand decryption efforts from quantum computers.
• PAN-OS: Palo Alto Networks’ operating system for firewalls and associated security appliances.
• Chronosphere: Cloud-native observability solution focused on large-scale data monitoring and cost-efficient analytics, newly acquired by Palo Alto Networks.
• Calypta: Acquired data pipeline provider that enhances Chronosphere’s observability and security data integration capabilities.
• CyberArk: Identity security company, pending acquisition by Palo Alto Networks, focused on privileged access management and enterprise identity controls.

Full Conference Call Transcript

Hamza Fodderwala: And welcome to Palo Alto Networks, Inc.'s first fiscal quarter 2026 earnings conference call. I am Hamza Fodderwala, senior vice president of investor relations and strategic finance. Please note that this call is being recorded today, Wednesday, November 19, 2025, at 01:30 PM Pacific time. With me on today's call to discuss our fiscal first quarter results are Nikesh Arora, our chairman and chief executive officer, and Dipak Golechha, our chief financial officer. Following our prepared remarks, Lee Klarich, our Chief Product and Technology Officer and Board member, will join us for the question and answer portion. You can find the press release and other key information to supplement today's discussion on our website at investors.paloaltonetworks.com.

While there, click on the link for quarterly results to find the Q1 2026 supplemental information Q1 2026 earnings presentation. During the course of today's call, we will be making forward-looking statements and projections regarding the company's business operations and financial performance, as well as the company's pending acquisitions. These statements made today are subject to a number of risks and uncertainties that could cause our actual results to differ from these forward-looking statements. Please review our press release and recent SEC filings for a description of these risks and uncertainties. Assume no obligation to update any forward-looking statements made in the presentation today.

The presentation contains non-GAAP financial measures key metrics relating to the company's past and future expected performance. Non-GAAP financial measures should not be considered a substitute for financial measures prepared in accordance with GAAP. The most directly comparable GAAP financial metrics and reconciliations are in the press release and the appendix of the investor presentation. Unless specifically otherwise noted, all results and comparisons are on a fiscal year-over-year basis. We also note that management is scheduled to participate in the UBS conference this quarter. I will now turn the call over to Nikesh.

Nikesh Arora: Thank you, Hamza. Good afternoon, and thank you everyone for joining us for our earnings call today. As you can see, we had a strong start to the year in Q1. We exceeded expectations across every guided metric, demand across our core business remains robust, and customers continue to platformize with us. Year over year, RPO grew 24% and GSAR was up 29%, and total revenue was up 16%. We saw strength across our portfolio in SASE, XIM, software firewalls, and even some early traction in our AI security platform, Prisma Airs. Our top-line growth was complemented by continued improvement in profitability, achieving our second straight quarter of 30 plus percent operating margin.

These results are a direct outcome of our strategy to delivering better security outcomes our platform is earning more and more the trust that used to be fragmented across dozens of point products. At the same time, the threat landscape continues to evolve faster than we expected because of AI. As many of you saw last week, with one of the major AI platforms, AI hackers, aren't a future threat They're here. Now. This is the first reported case of an AI agent autonomously conducting a large-scale nation-state cyber attack. The attacker was able to manipulate an agent to take steps on its own, with minimal human intervention. This is a turning point.

Proof that attackers are already weaponizing AI agents at scale even more importantly, they're able to attack fast, and will be able to exfiltrate faster. AI is exposing the cracks in our enterprise architectures which do not have robust security. Patches are incomplete, platforms are missing, there is a plethora of point products across the enterprise. This gap is exactly where attackers thrive. They're testing how far they can exploit a model. They're running prompt injections, jailbreaks, model manipulation. And now we're seeing the next phase. Autonomous AI agents being leveraged into the attack chain. AI is here, and with it, AI attackers are here too. Our message to customers is clear. Real-time visibility and security are essential for infrastructure.

This reality necessitates a paradigm shift in the industry, We must move away from today's fragmented security landscape and towards platformization. AI requires a seamless cyber data strategy. This platform approach allows security agents to be utilized effectively by the good guys to detect attacks, protect customers, and immediate security concerns. Fragmentation creates friction, which in turn causes latency, Latency is a critical enemy of real-time cybersecurity. This is the backdrop that informs our strategy as we go forward. Now let's get into the quarter. In Q1, platformization once again drove large deals across multiple industry verticals. This included US Federal, where we had a strong quarter and notable competitive wins.

One example was a $33 million SASE deal with a US cabinet agency securing 60,000 seats. This agency displaced a major SASE incumbent as they needed a platform to provide unified visibility across both their firewall estate and remote endpoints. Another example was a $100 million deal with a large US telecom provider, This included an $85 million commitment to XIM which is our largest Ex I'm deal ever. This customer chose us to consolidate their disparate point products based on the ability of our platform to deliver materially faster mean time to respond. The common theme across these large transactions is clear. Customers are moving from managing vendor sprawl to demanding superior, demonstrable security outcomes through platformization.

The natural place for customers to start their journey is network security, which remains our largest business. In Q1, we continue to see strength in our next-generation software form factors. SASE, had a phenomenal quarter. ARR grew 34% year over year, and surpassed $1.3 billion in Q1. Because the fastest growing SaaS provider at scale. We now have approximately 6,800 SASE customers including one-third of the Fortune 500, including leading technology companies like IBM and Oracle. Even though it's early days, we continue to see strong momentum with secure browsers. The arrival of AI and agentic browsers will expose security cracks on them focus the enterprise in ensuring widespread adoption of secure browsers.

In Q1, we crossed seven and a half million browsers sold while our bookings nearly quadruple year over year. One more product which I'm getting more and more excited about recently is a shift I'm observing in our customers deploying more and more software firewalls. And it's beginning to show in our results. Product revenues grew 23% year over year, Today, nearly half of our product revenues are driven by the software form factor. We now have over 12,500 customers and maintained our leading market position in software firewalls.

As AI transformation accelerates, growth in cloud work cloud workloads to software firewall provides essential runtime protection with new AI data center with its recent ability to step up and predict AI, expect continued momentum. Talking about predicting AI, let's talk for a bit about Prisma Airs. As I mentioned earlier, AI is moving faster than expected. This creates a critical moment for enterprise innovation. The reality is that while 78% of organizations are embracing AI, transformation, a staggering 94% still lack the necessary security guardrails presenting a massive risk. With our acquisition of ProtectAI now fully integrated, we introduced Prisma AIS two point zero in Q1.

The industry's most comprehensive end to end platform to secure AI protecting everything from autonomous agents to models that power And I'll predict here that AI agents will become a problematic insider threat not secured. Prisma AIRS is the essential circuit breaker layer to stop them. It denies deep model inspection, real-time agent defense against threats like prompt injection, and continuous autonomous AI red teaming in one platform. And once our acquisition of CyberArk closes, the addition of identity security will be critical to this mission. Providing the essential privileged controls to govern these new autonomous insider threats and prevent agent identity impersonation. Our commitment to AI security is driving new high-value partnerships.

Including a collaboration with NVIDIA, to secure the AI factory with Prisma Airs on Bluefield, and tight integrations with platforms like Glean IBM, Factory, and ServiceNow and securing the exploding number of agentic AI workflows. Early customer traction is strong, reflecting the general market need. The number of AIS deals in Q1 more than doubled versus last quarter. We believe we are the furthest ahead in AI security with marquee customers signing up with Palo Alto Networks, Inc. As they move from traditional to AI workloads, we believe we are going to continue to be in the pole position. And the same way I surprised the world with this pace, I wanna talk about something else.

That is going to become relevant from a technology shift and security perspective. Quantum. Quantum computing has seen significant innovations over last year. We're getting more and more optimistic on the arrival of quantum and expect it to be commercialized by 2029. As is widely known, quantum computing has the ability to break current encryption across technology stacks. Enterprises have less than five years to get their estates to quantum readiness. There is a fear some nation states will have quantum compute capability sooner than 2029. Since last month, our partner IBM announced they were able to run a key quantum error correction algorithm on commonly available chips.

The US government and many other nations are emphasizing PQC or post quantum cryptography to drive new cryptographic standards that are resistant to attacks from future large-scale quantum computers. To address this, we have launched and are going to be delivering a complete quantum safe strategy. First, we help you discover. In August, we launched our new version of PanOS, 12 dot one Orion, which provides a quantum readiness solution to give customers an automated inventory of their cryptographic risk. Second, we help you protect We launched our new fifth-generation firewalls which are optimized for quantum security.

Third, we help you accelerate our platform The unique Cypher translation capability can make legacy systems quantum safe immediately even if the application itself cannot be upgraded. Beyond this, we have just announced that we're deepening our partnership with IBM to deliver the QuantumSave Readiness and Remediation service, a complete end-to-end solution for PQC migration. Now moving to Cortex with the is a pillar of our security operations center strategy. ExIME continued its incredible trajectory in Q1. We now have approximately 470 customers with the average customer paying over $1 million in ARR. This includes large referenceable customers in every major industry. The success is no coincidence. Xi'M was built for large-scale data processing.

Organizing it normalizing it, making sense of it in real-time. Today, we're processing 15 petabytes of telemetry on a daily basis. The result is demonstrable security outcomes, Over 60% of our deployed ex Sion customers have reduced their MTTR or median time to respond from days or weeks down to minutes. I am also thrilled to announce the launch of Agentyx, this quarter. Agentyx brings powerful AI agents directly to the core of enterprise security challenge. In the future, the only effective countermeasure against Hacker AI will be our own AI agents. Purpose-built for advanced security detection and remediation. For years, the industry has struggled with two defining issues. Overwhelming alert fatigue and a massive global talent shortage.

AgenTeq is our definitive answer. This is a leap beyond mere automation, this is true autonomy. The ability to use predefined agents or build custom agents to secure enterprise is a step change in how security will work in the future. We are fundamentally transforming security operations and optimization by deploying autonomous AI agents that deliver enhanced speed, superior efficiency, and greater control for security practitioners. Right out of the box, EgenTech leverages a broad integration ecosystem connecting with thousands of existing security and IT tools and third-party environments. It provides customers with an intelligent fully governed, and completely transparent teammate across the enterprise.

Ready to operate on day one, AgenTex accelerates response, elevates quality, and frees up scarce human talent to focus on higher-order strategic work. Now shifting gears, I am pleased to announce our CyberArk integration plans remain fully on track and we're proud to have received overwhelming shareholder support for the acquisition which is now expected to close in fiscal Q3. Since our announcements in July, we've spent more time with the CyberArk team, we are even more excited about the growth opportunity and future product roadmap. This includes our vision of democratizing identity security across the enterprise and making identity the next platform for Palo Alto Networks, Inc.

Anecdotally, our customers share in our enthusiasm, and the early feedback has been encouraging. As many of you saw, CyberArk's business continues to execute, achieving record net new ARR in their most recent quarter. You know, and even as we invest ahead of the curve, our long-term financial model remains intact. The scale of our platforms, and operating leverage in our business reinforces our confidence in achieving 40 plus percent free cash flow margins by FY '28, inclusive of both the pending and Chronosphere acquisitions. We are executing from a position of strength and we see a clear path to drive both innovation and financial discipline. Now let's talk about our new announcement.

I'm sure all of you are wondering why Palo Alto Networks, Inc., who is in the midst of a large acquisition of CyberArk, would engage in an acquisition at the same time of Cronos Sphere. I think it's important to understand where we are in the AI cycle. The AI cycle is moving fast, There's never a day that goes by without significant announcements on investments in AI, data centers, AI infrastructure. This large surge towards building AI compute is causing a lot of the AI players to think about newer models for software stacks and infrastructure stacks in the future. The seventeen-year-old observability industry was not designed for the AI era. AI requires always-on comprehensive observability at gigawatt scale.

The challenge so far has been that full observability is cost-prohibitive for the customer. Chronosphere is one of the fastest-growing software companies in history. The observability solution from CronosFair has already been deployed and has demonstrated scale at a large frontier model where they continue to move workloads across. Leading board on the cloud consumer platforms are applying full comprehensive observability, offering 99.9 plus percent availability to their customers. Chronosphere is able to deliver this capability at a third of the cost of other industry-leading solutions. Yes. A third. With $1.5 trillion of compute coming online over the next few years, there will be continued demand for next-generation observability led by Cronosphere.

Really excited about the possibility of delivering remediation to the observability category by bringing together capabilities of CronosFair and our newly announced AgenTex platform. Chronosphere also recently had acquired a company called Calypta, a data pipeline provider. That was complementing their focus on observability and ensuring the right data got onto their observability platform. Calypta integrated with XIM will enable us to offer our Xi'M customers comprehensive security data pipelining capabilities in line with current industry trends. This acquisition perfectly aligns with our strategic playbook. We acquired the best technology, at an inflection point in the industry we invest in its development, utilize our go-to-market scale. To quickly deliver this game-changing innovation to our customers.

Remember, this is barely two and a half percent of our market cap. Which is consistent with our tuck-in strategy over the last seven years of acquiring companies. To summarize, we had a strong start there Our core business is firing on all cylinders, Platformization continues to take hold and overall demand is strong. Over the last years, we have shown our ability to scale billion-dollar plus ARR business in SASE and Cortex, Looking ahead, we think software firewalls is our hidden gem. And possibly the next billion-dollar opportunity. We maintain a relentless focus on innovation by tackling new challenges, in AI security and quantum, Finally, our ambitions continue to grow.

This year, we'll be significantly expanding our opportunity in new markets, as we close the acquisition of CyberArk and Chronosphere, in both categories of identity and observability. Which we believe are in the midst of an inflection due to AI. We are less than 5% penetrated into a TAM, reaching nearly $300 billion in the next three years. As such, we are raising our expectations from $15 billion to $20 billion in ARR for FY '30. With that, I'll hand over the call to Dipak to review the quarterly results in detail.

Dipak Golechha: Thank you, Nikesh, and good afternoon, everybody. We have an exciting opportunity ahead of us. We continue to execute with excellence and our TAM is expanding through the pending acquisitions of two category leaders in CyberArk and Cronosphere. Given that, I would like to provide some additional color around our acquisition of Cronosphere as well as an update on the CyberArk integration planning. Before moving into detail on our Q1 financial results and guidance. As Nikesh mentioned, we announced our intent to acquire Cronosphere for a total consideration of $3.35 billion in cash and replacement equity awards. Cronosphere's co-founders, Martin Mao and Rob Skillington, and their employees will join Palo Alto Networks, Inc. post-close.

While Cronosphere does have significant ARR, relative to most of our other acquisitions, we view this transaction to be more in line with the tuck-in acquisitions that we have done over the past eight years. The business has just over 250 employees with a customer base focused on large AI and born-in-the-cloud enterprises. The momentum Cronosphere has achieved to reach over $160 million in ARR with triple-digit growth has been impressive. For that reason, we expect Cronosphere to remain largely standalone post-close and in the near term, enabling us to balance integration timelines for the pending CyberArk. Acquisition. We expect this transaction to close in the second half of our fiscal year 2026.

On CyberArk, our integration planning is proceeding exceptionally well. Reflecting the strong collaborative spirit between our teams. We've had excellent cross-functional collaboration, at multiple levels, including dozens of integration planning workshops across various functions. We are firmly on track to hit the ground running post-deal close which we expect in fiscal Q3 subject to customary closing conditions. As you can tell from our Q1 results, we're pursuing these acquisitions from a position of strength. With that, let's dive deeper into the quarter. Remaining Performance Obligation, or RPO, grew 24% to $15.5 billion This metric is a key indicator of long-term revenue predictability and the scale of our committed business.

Note that our RPO from Q1 last year included $68 million acquired from our QRadar acquisition which took place in that period. Our current RPO, which reflects near-term revenue realization stood at $6.9 billion representing 16% growth. Reflecting stability in both the quality of our RPO and customer commitments, the average new contract duration, remain consistent at approximately three years. NGS ARR ended the quarter at $5.85 billion achieving 29% growth and exceeding the high end of our guidance. Adjusting for the $74 million contribution from the QRadar acquisition, in the comparable prior period, our net new ARR in Q1 grew over 20% The momentum was broad-based with strength from software firewalls SASE, and XIAM.

It is important to note that our NGS offerings drive all of our revenue line items, including product revenue, nearly half of which is from software over the last year, subscription revenue, and a growing portion of our support revenue. Total revenue reached $2.47 billion representing 16% growth which exceeded the high end of our guided range. Product revenue grew 23% year over year, 44% of our trailing twelve-month product revenue came from software form factors an increase from 38% in the trailing twelve months ending Q1 2025. This acceleration is fueled by growth in our software firewalls and PanOS SD WAN, within product revenue.

We continue to see stability in hardware appliances and early interest in our newly launched Gen five firewalls. Total services revenue grew 14% Within this, both subscription and support revenues grew 14%. Geographically, we saw broad-based strength across all major theaters, with Americas growing 14%, EMEA up 18%, and JPEG growing 22%. Having discussed our top-line strength, I'd like to take a moment to give an update on our platformizations in Q1. As Nikesh highlighted, platformization continues to take hold as customers look for a strategic security partner that can continually adapt and innovate with shifts in the cybersecurity threat landscape.

Our ability to deliver best-in-class products through our unified platforms Prisma Rares and Quantum Security in Q1, for example, is a critical motivation for customers to platformize with us. We completed approximately 16 net new platformizations this quarter. This momentum was driven by strength in XIAM, where platformizations more than doubled year over year affirming that customers are actively moving towards simplicity, and integration to have real-time outcomes. We now have nearly 170 customers with NGS ARR over $5 million and 50 customers with NGS ARR over $10 million both growing about 50% year over year. These results reinforce our target of $20 billion in NGS ARR by fiscal year thirty inclusive of the pending CyberArk and CronSphere. Acquisitions.

Moving down the income statement, our disciplined focus on profitability and operational leverage is clearly visible in the performance. Metrics we delivered. Total gross margin for the quarter was 76.9%, We delivered product gross margins of 80.2% an increase of 50 basis points year over year, and reflected a significant sequential improvement of 340 basis points compared to Q4 '25. The Services segment also demonstrated positive margin trajectory reaching 76.2%, which constitutes a sequential increase of 70 basis points. We continue to be pleased by the continued growth of our SaaS offerings and remain actively engaged in executing cloud cost efficiencies.

We delivered an operating margin of 30.2%, achieving expansion of 140 basis points year over year and our second consecutive quarter above 30%. This strong expansion reflects not only improvements in gross margin, but critically our ability to drive sustained scale and efficiency across all of the OpEx line items. We continue to apply an AI-first lens to all of our processes and functions. Notably, we have been able to deploy AI in our global customer support organization to drive three consecutive quarters of case volume reduction. And reduce time to resolve for 11 consecutive quarters. As a direct outcome of this disciplined leverage, our diluted non-GAAP EPS reached $0.93 which exceeded the high end of our guidance.

This execution provides the basis for strong adjusted free cash flow which came in at $1.7 billion up 17%. Our cash and cash equivalents at the end of the first quarter is now over $10 billion Finally, regarding capital allocation, our approach remains prudent. We did not repurchase any shares in Q1 Our buyback strategy remains opportunistic. We have $1 billion in share repurchase authorization remaining through December 2026. Ultimately, we remain focused on leveraging this efficiency to maximize long-term shareholder value. With that, I will move on to Q2 and fiscal 'twenty-six guidance. For the second fiscal quarter 2026, we expect NGS ARR to be in the range of $6.11 billion to $6.14 billion an increase of 28%.

Remaining performance obligation of $15.75 to $15.85 billion an increase of 21% to 22%, revenue to be in the range of $2.57 to $2.59 billion an increase of 14% to 15%. And diluted non-GAAP EPS to be in the range of $0.93 or 0.95¢, an increase of 15 to 17%.

For the fiscal year 2026, we expect NGS ARR in the range of $7 billion to $7.1 billion increase of 26% to 27% remaining performance obligation of $18.6 billion to $18.7 billion an increase of 17% to 18%, revenue to be in the range of $10.5 billion to $10.54 billion an increase of 14%, operating margins to be in the range of 29.5% to 30% diluted non-GAAP EPS to be in the range of $3.8 to 3.90. An increase of 14 to 17% and adjusted free cash flow margin in the range of 38% to 39%.

As Nikesh mentioned earlier, we are also reiterating our 40% cost adjusted free cash flow margin target for fiscal year twenty-eight inclusive of both CyberArk and Cronosphere. Furthermore, whilst we will provide more detailed guidance after closing the transaction, we expect to maintain an adjusted free cash flow margin of at least 37% for fiscal year twenty-six inclusive of both CyberArk and Cronosphere depending upon the timing of close.

We've included our typical modeling points in the presentation for your review, but I would like to highlight a few now One, as we noted last quarter, we expect to we continue to expect our net new NGS ARR and revenue to be second half in Q4 weighted as we continue to platformize with our customers Two, we expect product revenue growth for Q2 to be approximately 17% to 18% and finally, we expect $130 million to $140 million in CapEx in Q2 twenty-six, which is inclusive of a $90 million non-recurring real estate CapEx This $90 million will be removed from adjusted free cash flow in accordance with our typical treatment for these non-recurring items.

With that, I will turn it over to Hamza for Q and A.

Hamza Fodderwala: Okay, great. To allow for broad participation, I would ask that each analyst ask one question. With that, we'll start with Brad Zelnick from Deutsche Bank followed by Rob Owens from Piper Sandler.

Brad Zelnick: Great. Thanks, Hamza. And You know, it's great to see Vintage Nikesh coming out strong in Q1 even after a blowout Q4. So congrats to you and the team.

Nikesh Arora: Bolt position, Brad. First question.

Brad Zelnick: I love it. I love it. Nikesh, 2026 is setting up as a perfect AI storm. Where every vendor has a story to tell, and it seems all roads lead back to identity. Where you clearly are in process of acquiring the best asset out there. But stepping back it's rare that the winner in one technology generation remains the winner in the next. So what is it that you're doing outside of smart M&A to disrupt yesterday's Palo Alto Networks, Inc. to ensure success into an AI and quantum future. Thank you.

Nikesh Arora: Thank you, Brad. Well, I think there are enough examples in history of technology companies which have sustained multiple technology waves and continue to win. And I think you're seeing some of the multi-trillion dollar companies out there have been around for four, five, six, seven decades. So we hope we're one of those evergreen companies that persist and is able to execute on a similar trajectory. We are as you can see, we are very, very aware of the two biggest technology trends ahead of us, both AI and quantum. What's fascinating is the need for network inspection does not go away.

From our perspective, AI and quantum are gonna drive a, loss more volume, So more as the more bits that fly around, the more they need to be inspected, which means need for bit inspection technologies is not gonna go away. Just the way the need for server hasn't gone away since the time servers were created. So I think we don't have a threat to our core business of bit inspection, which is how I broadly describe our network security business. And AI is driving more volumes.

I was just talking to the CEO of a large cloud service provider earlier today, and the conversation was about how they go deploy gigawatts of capacity in short order given that large sort of thrust towards building AI compute, and how do we make sure those bits are secured? So I guess we are going to see sustained demand over time from a network security perspective. If you couple that with the trend that AI is driving, is the idea that now data can be sensed real-time and actions can be taken quickly as we discussed the recent cyber attack. That was an attack based purely on online availability of data. And the ability of persistent access.

From that perspective, we think the solution on the other side has to be a data-driven problem. Solution. And if you look at what we've been doing from an ex I'm perspective, we had four seventy customers three years ago, I remember you and I talking about Ex I'm as new product categories in the sock space, and your question to me was, makes you think you will succeed in a space you've never played in before? Well, Brad, we proved that we can get to close to 500 customers in a million ARR. I don't I don't think I know any company in recent history in cybersecurity which has an average ARR per customer of a million dollars.

On a product category. So I think we've proven that we are able to execute the backups. And last but not the least, you know, give rate. Was like, don't underestimate quantum. Quantum is gonna break every key. Which means every piece of infrastructure that hasn't been upgraded has to be upgraded. And I just learned something the other day, which Lee taught me, is you know, you don't even have to have a quantum computer to start breaking keys. You can actually start storing data today and break it later. So you can imagine nation states getting forward and saying, let's just ingest the data, hold on to it, Nobody's paying attention. I've got the data.

We'll crack it later. So I just think all these technology trends are in the right direction. We have products positioned in this category. And I'll tell you what, in three years from now, we'll look back and say, damn, that ConosWare acquisition was a very smart move. Because you need observability. If you want your stuff to work 99.9% the time, you need to know if something goes down ASAP. You can't know that if you don't have the data. And if you go back historically, the question's been the two largest category of data are security and observability. And that's where Splunk started, by the way.

All we've done is we are now the new platform for security and observability once we close Chronosphere. Thanks, Brad, for the question.

Brad Zelnick: Thank you.

Hamza Fodderwala: Alright. Next, we have Rob Owens from Piper Sandler. Followed by Saket Kalia from Barclays.

Robbie David Owens: Great. Thanks, Hamza. Good afternoon, everybody. Nikesh, just building on those comments, I wanted to touch on Chronosphere. And, you know, it has been challenging. I for a lot of vendors in security to get into observability. So we'd love to see or hear from you your perspective on number one, that convergence happening right now. And number two, I think Crotosphere has shown success with some of the largest AI native companies out there. Having two of the top five frontier models. Are there elements behind their product sets that are applicable to some of these other large AI natives that are that are growing rapidly that you think you can have success with. Thanks.

Nikesh Arora: So, Rob, you know, I've me and the team, actually, it's a funny story. We actually found Chronosphere because we were looking around to see, oh my god, everybody's going in abstracting data pipelining and everybody's gonna have a data pipelining capability in the future in the SIEM. And honestly, as a category, we think data pipelining is sort of an interim category, which is there because of you know, data inefficiency, but we don't think it has a sustainable future. So we kinda, like, walked away from data pipelining vendors, which I know that some of the industry has tried to ingest as part of their SIEM solutions.

But when we looked harder, and we ran the Chronosphere, we discovered you know and it's very rarely when your engineering team comes back and says, these guys are good. Generally, engineers have too much pride to tell you somebody else is good. But our team came back and said, these guys are the best engineers we run into. Now to be able to scale observability when you're ingesting you know, petabytes of data at LM model scale and be able to not create latency, provide observability in that kind of environment at a cost which is a third.

Look, by the right now, if you go talk to every customer, even we turn down our observability vendor because it's too expensive. At Palo Alto Networks, Inc. Like, can't afford to have real-time observability on this product platform because it's too expensive. The problem is you can't run financial services apps, you can't run large e-commerce businesses, you can't run large, you know, food delivery businesses without persistent observability. So what Colosfare has done has changed the observability model by a combination of open source and techniques where they can do scale sort of data observability at the right price.

So we think every born in the cloud company, every company that has a platform that requires customers to really access it seven by twenty-four, is a potential customer. And I think, again, it's gonna be another business like Xi, which we have an average year out of a million dollars at some point time. Alright. Thank you.

Hamza Fodderwala: Great. Next, we have Saket Kalia from Barclays followed by Matt Hedberg from RBC.

Saket Kalia: Okay. Great. Guys. Thanks for taking my question here. Nikesh, it's interesting to see you sign larger and larger XIM deals. I think you called out an $85 million deal in the quarter. While at the same time, incumbents in this space are really struggling to grow. And in the past, you've talked about how ex I am It's like it. It makes sense.

Nikesh Arora: Incumbents don't grow, we take market share, which means we grow, and they decline. That's how it works.

Saket Kalia: Totally understood. But maybe from a spending perspective, maybe the question is, do you find that x is able to capture at least what those customers were spending on incumbents? Is there an opportunity to capture more because of that faster mean time to respond? Does that does that make sense? It makes sense, Saket. I think the way to think about it differently is we do capture at least what the incumbent is the customer is spending on the incumbent, But in the process of delivering next time, we're able to consolidate multiple products. So not only do we get the incumbent spend of the SIM provider, but you have, you know, UEBA, you have other carriers, maybe Lee.

It's a good time for you to say something.

Lee Klarich: So ITDR, recent launches around email security, exposure management. So we're able to consolidate these sort of surrounding product categories back onto a single platform. So customer saves money, but we expand the overall footprint that we can deliver. Very helpful, thanks.

Hamza Fodderwala: K. Next, we have Matt Hedberg from RNC followed, followed by Tal Liani from Bank of America.

Matthew George Hedberg: Thanks, Hamza. Congrats from me as well on the results. Obviously, a lot of really positive developments here. The $30 billion the $20 billion fiscal '30 NGS ARR target is obviously super impressive relative to the prior target that you'd outlined. Obviously, there's some talking sort of M&A assumptions in there. But I guess I'm curious, like, from a high level, Nikesh, what are some of the biggest moving pieces that give you the confidence since you talked about the prior target just last quarter to raise it to such a significant margin.

Nikesh Arora: Well, that's a great question, Matt. So first of all, as I said, our core business continues to show strength. And, you know, as every time you're doing forecasting, somebody says, oh, the law, large numbers are gonna start making these growth rates go down. But you know, as I mentioned, SASE continues to be strong at $1.3 billion in ARR. We're going faster than know, independent public companies which run SASE. So we feel that's a strong part of our business. Software firewalls, I think, is our hidden gem. You know, 50% of our product 44 plus percent of our product revenue is coming from software. I don't think software firewalls are gonna stop.

As you put more and more cloud workloads out there, people are discovering they need a software firewall. We've been waiting for that trend. It's arrived. We are probably outside of the CSPs, the only large vendor in the software firewall. Space. So we feel strong that our core business will keep performing, which allows us to sustain our $7 billion target in FY twenty-six forward. If you take CyberArk, what we intend to do with it, we hope that business continues to transform from where they are to absorb more and more identity categories that we intend to do with them, I think Chronosphere, if you add all three of them up, that gets us very close.

Will there be tuck in between now and FY thirty? Sure. We will have tuck-ins. But as you've seen in the past, tuck-ins don't move the needles by billions of dollars. Tuck-ins move the needle by sustaining growth rates and giving you few $100 million. But I think the lion's share is gonna come from the three categories you've just outlined in our core business, identity, and in observability.

Hamza Fodderwala: Right. Next, we have Tal Liani from Bank of America. Followed by Meta Marshall from Morgan Stanley.

Tal Liani: Guys, two great acquisitions. Long term, very promising. The question is the transitory period What's the impact on dilution on margins or free cash flow margins? And then how long does it take to see the synergies the sum of parts is greater than two.

Nikesh Arora: Yeah. I'm gonna let Dipak answer the precise questions, the numbers. As I said, cyber you know, Chronosphere, we will run independently. Martin and team's done a great job. We will provide, obviously, the services from the HR finance marketing people, which is great because they don't have a large team in doing that. Basically a bunch of really smart engineers and forward deployed engineers as well as few salespeople. So we're gonna give them some support by introducing the right in the right targeted fashion. But Martin is very capable. He will run the business with his team. We trust him to do that.

We're just gonna provide the sort of the rocket fuel and him to go out and meet customers and execute on his plan. So kind of, it's a low because for us it's very important because all of our focus on integration perspective is on cyber. From a CyberArk perspective, you know, we, as I said, we've had some great meetings. We understand where it is. There'll be some you know, rational synergies on day one because we don't need certain things in duplicate. We think by the time we get to the end of this fiscal year, our fiscal year of FY '26, have a much better handle.

We'll be able to align their sales quotas and their teams and territories around our plans. So that's where I think a little bit of reshaping will happen. But I'm let Dipak talk about specific w and free cash flow mark. Yeah. So I think, Tal, like, the key part, just what I said in my prepared remarks is, like, with both acquisitions, we believe that we'll be able to get back to the 40% free cash flow by '28.

Your question is really about what in the in the interim And I specifically mentioned that we should be able to maintain at least 37% plus free cash flow margin even in the interim, like, you know, barring the one-time costs I think just highlights the bottom of the floor. So we're we're pretty deep into at our scale, pretty deep into understanding how much we can do how fast, and it doesn't really move the needle as much as you think it might. Between 37 to 40% over the next two years, and you know, 40 plus percent by 2028.

Tal Liani: Okay. Thank you.

Hamza Fodderwala: Thank you, Tal. Bye. Next, we have Meta Marshall from Morgan Stanley followed by Brian Essex from JPMorgan.

Meta Marshall: Great. Thanks, and apologize for the voice. Great traction with XIM and Prisma this quarter. Just what inning are you seeing customers in terms of AI adoption and is it different on AI for security versus kind of security for AI. Thanks. The look. It's still early innings on AI adoption. I mean, there's on one hand, what you see is this massive build-out of AI data centers and models and everything else. That's the leading indicator. But then when you start to look at enterprise adoption, there's you know, huge scale of production pilots and early deployments and things like that, and that's really just the tip of the spear of what we think is coming.

Having said that though, the security of that tends to be trailing that and so the recent attacks that we're seeing both of AI as well as AI launching attacks is obviously going to start driving more and more awareness of the importance really of trying to do both those things at the same time. It's what I see when I talk to customers is a growing desire for the production pilots of AI to be run-in parallel to the production pilots of AI security so that they're moving in lockstep. And so that's gonna require a bit more urgency, I think, on the security side to be up in lockstep with the IT deployment side.

And that's that's starting to happen, but it's but it's still early.

Nikesh Arora: Thanks. Alright.

Hamza Fodderwala: Thank you, and, feel better, Meta. Next, we have, Brian Essex from JPMorgan followed by Joseph Gallo from Jefferies.

Brian Essex: Thanks, Hamza, and, congrats on the results team. Yeah. I wanted to circle back on Quantum. Saw the partnership with IBM on Quantum Safe Readiness. I guess question for Nikesh, are customers focused on this yet? Is this gonna require know, some evangelism on your part? Or will this be kind of like a y two k event where they wait till the end, you know, till the last minute to address their exposure? And then maybe for Lee, how do we think about the technology advantage that you have that gives you maybe a superior white right to win for you know, post quantum readiness? Is it the depth of visibility that you have and into networks?

Is it data protection, all the above? You know, how do how do you frame that out?

Nikesh Arora: Hey, Stratham. Let's let's start with the your question on timing. So the there's a couple of things that are driving a level of urgency. One is as Nikesh was mentioning, this notion of harvest now, decrypt later is one of the concerns. So probably more nation-state level type attack, but collecting encrypted data and then waiting for quantum to be unreal in order to decrypt it later. And so there are certain types of data that will still be valuable you know, years into the future, and so that's that's one reason for urgency now. Second is it's it's not clear yet when quantum computers will be viable.

And it's possible that they'll be you know, viable before people are currently expecting, and so there's a certain that variability is also factored in, and I'd say third is this is likely for a lot of organizations a multiyear effort. And so if they don't start now, they won't be ready two, three, four years from now. And so all of that is adding up to what I've noticed over the last let's say, six, nine months is a pretty significant inflection in the number of customers who are starting to talk about this and plan for this. From an urgency perspective. On the technical side, the look.

Part of this is really just related to we started working on post quantum several years ago. So we did not wait to start working on this. We've had capabilities rolling out at the last few years with the biggest launch being a few months ago with Orion And that has put us in a very good position simply in terms of being ahead of many of the people out there to the our ability to sort of see across hardware stack, software stack, SASE stacks, browser stacks now, gives us I think, probably the one of the largest footprints where we can leverage existing deployments to get that visibility.

And to provide remediation versus having it all be net new. And, you know, the partnerships we announced are is really pretty powerful because it allows us to work with others that can complement the pieces that we already have.

Brian Essex: And the only thing I will say to that, Brian, is, like, I understand you're you know, I used to be I used to be on side of the world when I was y two k. We're all trying to figure out which stocks to buy, which ones not to buy. But the good news is you know, in the Vitocator, like, you had to go and reset everything. There was no quick fix across the enterprise. And in this case, yes, the long-term solution is to strengthen everything and make it more robust. In the short term, we actually have a solution where using techniques we can actually take existing legacy enterprise infrastructure and secure for Quantum.

So as a customer's CIO, rather take the risk or would you just rather spend a few million dollars and say, I am quantum secure? Until I can upgrade my infrastructure? The answer is yeah. Cybersecurity is insurance anyway. So buy a little more insurance.

Brian Essex: Are you seeing a compliance push yet, or is that still on the horizon?

Lee Klarich: Early stage of that, Brian. Early stages. It's it's coming. Yeah. Very helpful. Thank you. I appreciate it.

Hamza Fodderwala: Thank you, Brian. Next, we have, Joe Gallo from Jefferies followed by Patrick Colo from Scotiabank.

Joseph Anthony Gallo: Hey, guys. Thanks for the question. He made some architectural changes to the cloud security products earlier this year. Can you just update us on that? How's that received by customers? And any sense of how cloud security grew in 1Q versus 4Q?

Nikesh Arora: Yeah. The so we made some changes, Joe, as you noted, with the launch of Cortex Cloud early in the year. This was made for a number of reasons. It In large part, we were seeing an increased need from customers to be able to secure the full life cycle of their cloud deployments. From code to cloud deployments to runtime, even connected all the way all the way into the SOC. And so the that was that was the impetus behind this, and seen a lot of very positive feedback from customers in terms of aligning to their strategies as well. And then since then, we've been able to continue to drive further capabilities on that.

Earlier this year, we announced ASPM. So this is basically allowing us to prevent application security issues from working away into production. And then most recently, we announced the new cloud security agents or CDR agent we're able to be 50% more efficient in protecting cloud workloads with that. And so we continue to drive more and more innovation. Actually, the last one was with the launch of Agentyx. That is now natively available as part of Cortex Cloud as well. So we're we're even bringing agents to the cloud security mix to help automate customer workflows in the cloud. Thank you, Joe. Yeah. Next, we have Josh Hilton from Wolfe Research followed by Patrick Cole from Scotiabank.

Josh Hilton: Hey, guys. Can you hear me? Not sure if it's supposed to be me or Patrick.

Nikesh Arora: Hey, Josh.

Hamza Fodderwala: Go ahead, Josh.

Josh Hilton: Hey, guys. I just wanna follow-up on the first question, from Brad. I do think that today, the current investor view is that identity security is the market that is best positioned to benefit in an agentic future. But, Nikesh, I think in response to his question, you did mention that AI is increasing volume. And inspection. So what I'm trying to understand is how should investors expect the volume of network traffic to change in an agentic future And what does that mean for the traditional firewall business and the SASE business?

Lee Klarich: The look. I think the way to maybe think about it Josh, is the advent of AI is just create an extraordinary increase in the amount of data both data concentration, but also movement of data. Right? So we're we're seeing environments now that are beyond any scale that we've ever seen before just in terms of the amount of data that's moving around For example, you think about how much training data has to be brought to bear to entrain one of these models, let alone all different models are being built and different versions of models. And so that by itself is creating a noticeable influx in the amount of network traffic.

But somewhat concentrated toward the AI platforms themselves. The second part that comes with that, though, is as AI becomes more and more deployed across the enterprises, that will also drive a similar pattern, albeit maybe at a slightly smaller scale. And that's the part of what Nikesh was talking about both in terms of amount of data, but then that translates then to the reserve observability days, the visit the application criticality needs, and, of course, security on top of all of that.

Nikesh Arora: Yeah. I think just I think you probably are alluding the fact that we didn't we didn't expect explain the identity thing well enough. Look. Identity is a market The products were designed fifteen, twenty years ago. And with all respect, in our view, IAM is not identity security. It's hygiene and IT's IT capabilities. Like, the fact that you have a badge doesn't make me secure. I have I have a badge to enter Palo Alto Networks, Inc. not security. That keeps track of the fact that I'm in the building. It doesn't stop me from doing anything bad that I wanted.

So we believe true security in the world of identity happens when you start enacting privileged access type controls across identities. And our view with CyberArk is that the fact that why are only 500,000 people in the enterprise privileged when pretty much the remaining 15,000 people per auto could cause equal amount of damage to other ways using systems. So our view is in the future, almost every identity will get some version of privileged access management and CyberArk is the best platform from our perspective and asset in the industry to be able to leverage those capabilities.

Now we have to do some joint product work which is not unlike the fact that Mike came to Palo Alto Networks, Inc., we had another security company with four subscriptions. Today, we have 10. And possibly, we'll have 15 by the time, you know, Underpinnings of what is the size and opportunity. But, yes, there's bunch of work that needs to be As Lee and I were joking, yes, we call it back to the future. Very helpful, I think.

Hamza Fodderwala: Thank you, Josh. Next, we have Patrick Colwell from Scotiabank followed by Fatima Boolani from Citi.

Patrick Colwell: Alright. Cheers, Hamza. My question is for Nikesh on Chronosphere. I mean, we know many of the VC backers, and I totally agree with your comments earlier that you know, you're acquiring a top quality asset with a top know, with a toehold in a in a in a tier one foundation model vendor. Okay. Nice. There's more than a tool already, but we're we're working on getting the whole But my question is The dark foot's about to get to get there, Patrick. foot in there. Well, we're looking forward to seeing that. Okay. So, I mean, maybe that I guess, why has the advent of AI driven you to pull the trigger right now on the Conosphere deal?

And then and then I also, if I think about Chronosphere, the buyer is typically a dev. Or maybe a CIO. Which is quite different to your current buyer profile. So just talk me through your thinking of how you're gonna penetrate those new buyers.

Nikesh Arora: So, Patrick, what's interesting is that let me ask you that in three different ways. One, the actual buyer for Cronosphere is very often the CIO or even the CEO. You know, I had a conversation as part of our diligence with the CEO of a financial fintech company, I said, hey. Have you heard of Chronosphere? He's like, yes. I said, are they good? He's like, yes. I said, how do you know them? He looked at me, stared at me now and said, you think I don't know my tech stack? So I mean, these guys understand. Remember, if you're you know, you're restaurant app goes down, your ride hailing app goes down, every second is lost revenue.

What observability does is make sure it keeps track of whether any element of that stack is decaying. Is any element showing latency? Is there any performance issues across that stack? So you need constant persistent observability. The problem is it's expensive. The current vendors charge a lot of money. For it. Now Tronosphere is able to figure out is how to do the same thing at a third of the cost. So it's a combination of open source stack. It's a combination of enterprise-grade features. But they're pumping large amounts of data. So the two biggest problems are scalability, and cost. They solve both problems.

Now the cherry on the cake or the icing on the cake is we plan to take what you find in observability marry that with the Gentex, and provide remediation agents, which haven't been done before. So if you can take that entire life cycle say, found a problem, saw the problem, built an agent, fixed the problem. Right? Now these agents will be built and partnership with customers because no customer shall allow us to independently reset their infrastructure, but they can now write capability on top of the platform. Saying, I found a problem. I'm automate it. I'm gonna build an 75% of my customer conversations are CIOs. And 10% are CEOs. So I know the buyer.

And that's why Martin's gonna run the company. Listen, There are a 173 companies in the world which all need persistent observability. We know all of the names. We know exactly who's deployed. This is what Martin does for a living. We'll go one at a time and convince us as a platform to have. Each of those guys spends 5 or $10 million a year with us. We're home.

Hamza Fodderwala: Thank you, Patrick. Next, we have Fatima Boolani from Citi. Followed by Gregg Moskowitz from Mizuho.

Fatima Boolani: Thank you. Excuse me. Thank you for taking my questions. Nikesh, I was gonna ask you an out of the box question in accordance with how out of the box your thoughts around I would never expect anything else It's my brand now. So what I wanted to ask you, you really have kept hitting home the point around TCO scalability, cost efficiency as a conduit for this convergence of security and observability. Right? So in terms of the Cronosphere rationale, I wanted to ask you how much of the rationale there was for you to effectively modernize, insource, whatever terminology you wanna use to modernize or insource the underlying fabric of your cortex and ex cyan technology. Right?

So you know, in the context of everything you and Lee have talked about in absolute explosion of data, an explosion of telemetry that's that's gonna be hitting your iron, basically, for all your appliances. How much of the rationale for Conosphere was that, versus, you know, wanting to enter out right into a brand new market where you're gonna try to win budgets.

Nikesh Arora: I think that the latter, not the former. And if you go back, and I'm sure you've asked the question, and many of you guys have asked me the question. There's always been this sort of fantasy that observability and security will come together at some level. And I think this is what started when Splunk, half the data is used for observability, half the data is used for security. So it started there. But it never progressed past that. Most of the observability vendors were so caught up in trying to solve the observability problem that they dip their toes in security.

And I always say, you know, if it was so easy to build security with 20 more engineers, then God bless you, why do we exist? The same thing applies to observability. Like, if you don't these guys are spent They're, like, 200 plus engineers. They've spent the last three years doing this and have proven scale in the market. So yes, it's a phenomenal adjacent TAM which gonna grow in double digits for the next five to ten years. And, yes, we want a part of that.

And if you look at it from our ambition to get a $20 billion ARR, we're not to get there if customers are not spending a lot of their IT and cybersecurity spend with us. Now there is a connective tissue between data across enterprises, right? Over time, the best enterprises will have seamless data access across many of their data lakes whether it's the observable data lake, it's their security data lake, their IT data lake, because eventually you want agents to go and go figure out what's going on across multiple data lakes to solve their problem. And sometimes problems cross across multiple data lakes, right?

You know, if something's down, application, maybe the firewall shut it down so firewall's in the security lake. So if you want this agentic capability across data lakes, all we're trying to do is we're trying to build the enterprise fabric with our customers so over time we can provide more and more capability. Mean think of what lease at an XIM. We're building more and more modules on top because we can write more software on top of the existing data. Why does my firewall have 15 subscriptions in 2030? Why does it have 10 today? Same data. Same data. How do I get quantum cryptography visibility? I watch network data. I watch network data from malware.

I watch for URLs. I watch it for quantum. Jeez. So once you get the data right, you can build tremendous amount of software capability and one at time take out slivers of the industry. This is the third data platform in the enterprise. Which is observability. Once we get that data, imagine the amount of SRE activities and agents we can build over time. So I just think this is foundational to our ambition to be a very large tech company. And three to five years from now, we'll be sitting back and saying, oh my god, we get it.

Now you put a foray into the observability space, you got access to production data from enterprises that allows you to keep them running at 99.9% of the You can see I'm excited about this.

Hamza Fodderwala: Thank you, Fatima. And as promised, our last question will be Gregg Moskowitz from Mizuho. Alright. Thanks, Hamza. Nikesh, we continue to hear more and more adoption for your secure browser, certainly the data points you provided today back that up. But how pervasive can this become amongst your NetSec installed base? And how strong is the monetization opportunity associated with that?

Nikesh Arora: So I think, Greg, just, you know, connecting it back to what I was talking to Fatima about I think browsers are gonna get more and more prevalent in the enterprise. And if you look historically, browsers have been a threat vector and they're not secure. Right? Pretty much companies use browser that come out of the box with the OSs. And there's a bunch of things like, you know, we did a test POC with a customer, 5,000 of their browsers were tested. We found 167 were compromised. Right? So there's a wild, wild west of browsers out there, I think it's gonna get worse. When AI browsers come out of the JENTI capability.

So you have much more of a flood of all kinds of browsers in enterprise. But browser has become I'd say, 80 to 90% of the workspace for most white-collar workers. Even developers, you know, exclude the legacy guys, but percent, 90% of the work is being done in the browser. So Drowser does become a very strong entry point from a security tech perspective. It has both opportunities and challenges. The opportunities are far higher from a security perspective of the browser. So we just think the browser becomes an important part of the foundational fabric for us to deliver services in the future. Right?

But we need to wait for its pervasiveness or its ubiquitousness in time And that's why, again, it's one of those foundational things. If I can get a 100 million browsers out there, which are secure, I can deliver all kinds of security capabilities with way higher than that. To that extent, I think the monetization opportunities sort of in the future at scale course, there is monetization today. We don't get the browser away for free. And effectively as fungible as an endpoint agent from a SASE perspective. So right now, we're very keen on deployment and adoption and ubiquity of the browser. It has obviously financial impact on our SASE numbers, so you'll see $1.2 billion.

I think from a strategic perspective, the more we can get out there, the better security outcomes we can give them in the future.

Gregg Moskowitz: Great. Thank you.

Hamza Fodderwala: With that, we will conclude the Q&A portion of our call. I will now turn it back to Nikesh for his closing remarks.

Nikesh Arora: Thank you again, everyone, for joining us today to discuss our results. And the opportunities ahead. I also wanna thank our partners, our employees, and everybody who contributed to these great outcomes for us in Q1. We continue to plot along for Q2 and beyond. And I just wanna reiterate, really excited that we are now able to establish a toehold or perhaps a footprint in the spaces of identity and observability in the future.

This article is a transcript of this conference call produced for The Motley Fool. While we strive for our Foolish Best, there may be errors, omissions, or inaccuracies in this transcript. Parts of this article were created using Large Language Models (LLMs) based on The Motley Fool's insights and investing approach. It has been reviewed by our AI quality control systems. Since LLMs cannot (currently) own stocks, it has no positions in any of the stocks mentioned. As with all our articles, The Motley Fool does not assume any responsibility for your use of this content, and we strongly encourage you to do your own research, including listening to the call yourself and reading the company's SEC filings. Please see our Terms and Conditions for additional details, including our Obligatory Capitalized Disclaimers of Liability.

The Motley Fool recommends Palo Alto Networks. The Motley Fool has a disclosure policy.