Palo Alto Networks - Q2 2024

Transcript

Walter Pritchard (SVP of Investor Relations and Corporate Development)

Good day, everyone, and welcome to Palo Alto Networks Fiscal Q2 2024 earnings conference call. I'm Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development. Please note that this call is being recorded today, Tuesday, 20, February 2024, at 1:30 P.M. Pacific Time. With me on today's call to discuss Q2 results are Nikesh Arora, our Chairman and Chief Executive Officer, and Dipak Golechha, our Chief Financial Officer. Following our prepared remarks, Lee Klarich, our Chief Product Officer, will join us for the question-and-answer portion.

You can find the press release and other information to supplement today's discussion on our website at investors.paloaltonetworks.com. While there, please click on the link for Quarterly Results to find the Q2 2024 supplemental information and the Q2 2024 Earnings presentation. During the course of today's call, we will make forward-looking statements and projections regarding the company's business operations and financial performance.

These statements made today are subject to a number of risks and uncertainties that could cause our actual results to differ from those forward-looking statements. Please review our press release and recent SEC filings for a description of these risks and uncertainties. We assume no obligation to update any forward-looking statements made in the presentations today. We will also refer to non-GAAP financial measures. These measures should not be considered a substitute for financial measures prepared in accordance with GAAP.

The most directly comparable GAAP financial metrics and reconciliations are in the press release and the appendix of the investor presentation. Unless specifically noted otherwise, all results and comparisons are on a fiscal year-over-year basis. We would also like to note that management is scheduled to participate in the Morgan Stanley TMT Conference in March. I will now turn the call over to Nikesh.

Nikesh Arora (Chairman and CEO)

Thank you, Walter. Good afternoon, and thank you for joining us today for our earnings call. I'm pleased to report another quarter in which we successfully executed our profitable growth strategy, driving a combination of top-line growth, significant expansion in Non-GAAP operating margin, and strong free cash flow generation. Revenues grew 19% year-over-year and RPO grew 22%, capturing the full value of our future revenue.

Billings grew 16% year-over-year. Just as important as we focus on profitable growth, we again delivered substantial operating margin leverage and strong growth in free cash flow. Non-GAAP operating margins of 28.6% expanded nearly 600 basis points year-over-year, and we generated $2.9 billion in adjusted free cash flow on a trailing 12-month basis. Our strong profitability drove Non-GAAP EPS of $1.46, up 39% year-over-year, and our GAAP net income continued to grow meaningfully even without one-time items.

Beyond our financial results, we achieved a number of notable milestones in Q2 worthy of spotlighting. We continue to drive large deals, including a steady stream of million-dollar-plus deals and success in our largest deals, with 10 transactions over $20 million in the quarter. Our 10 highest-spending customers in Q2 increased their spend with us by 36% in the period. I also wanted to update you on key achievements across our three platforms.

In our network security business, we continue to see progress driving ARR growth in our SASE business. Q2 was our 5th consecutive quarter of 50% ARR growth. Additionally, more than 30% of our new SASE customers we signed in the Q2 were new to Palo Alto Networks, showing that we can win head-to-head in the market when leading with SASE.

We continue to drive innovation in network security, refreshing our high-end 7500 series platform and investing in new OT Security capabilities, which garnered a net new leadership position for us. In Prisma Cloud, we have made significant investments in the first half of the year to drive new customers and saw this pay off in Q2 with our highest new ACV growth in five quarters.

We continue to see strong trends in multimodular adoption, with approXSIAMately 30% growth in customers with two or more modules and approXSIAMately 60% growth in customers with three or more modules. Additionally, about a quarter of our customers are using five or more modules.

Our external recognition in this market continued, with Forrester Research positioning us as a leader in its Cloud Workload Security Wave report. In Cortex, XSIAM continues to be a significant catalyst for large transactions and growth across the business.

This is evidenced by ARR, with XSIAM customers being more than five times higher than that of Cortex customers who have not yet adopted XSIAM. We have seen significant progress in the milestone with XSIAM in Q2, including the most number of deals signed in a single quarter and bookings of over $90 million again this quarter. We've already displaced 19 different SIEM vendors to date, and with the confidence under our belt, we're now looking systematically on how we can accelerate this legacy SIEM displacement.

From a regional perspective, demand overall is healthy. We did see softness in the U.S. federal government's market. We were positioned well for several large projects where we had requisite certifications and won technical selection, but these deals did not close. The situation started off towards the end of Q1, but worsened in Q2, and as a result, we had a significant shortfall in our U.S. federal government business. We expect this trend will continue into our Q3 and Q4. Offsetting the billing weakness in Fed was some non-product backlog that we shipped this quarter.

With several leadership positions awarded in the Q2, including our addition as a leader of the Gartner Endpoint Protection Platform Magic Quadrant, we're now a recognized leader in 21 different categories across our three platforms. Five years ago, when we began our strategy, the industry believed building leadership across multiple categories wasn't possible. No one was talking about security platform. Instead, the word was "best of breed." Our success of the last five years has been driven by the shift to platformization.

We're committed to investing in innovation to extend our industry leadership position and platform. This unique leadership across our three markets is driving strong adoption of our platforms in our target Global 2000 markets. As of Q2, 79% of Global 2000 have transacted with us on at least two of our platforms and 57% in all three. This is up from 73% and 47% two years ago.

In most of these accounts, while they have adopted products from multiple platforms, we are early in driving each of our platforms wall-to-wall. This is a major area of focus for us as we move forward, driving consolidation within our three platforms. We know this is the right strategy as we see compelling economics with multi-platform wins. Our two-platform customers have an average customer lifetime value that is more than five times that of our single-platform customers.

For our three-platform customers, that is more than 40x larger. While we are driving platformization, I personally think we should be doing this faster. Not only is this showing up in our deal statistics, but as we have established the portion of our platforms position of our platforms, we are now seeing significant progress in consolidating vendors in our customer environments.

We have built our Zero Trust platforms through a consistent architecture across our appliance, software, and SASE form factors. Customers can now consistently manage security policy across these form factors and then leverage a consistent set of security subscriptions to consolidate network security capabilities. These capabilities provided by point vendors can include intrusion prevention, web proxies, URL filtering, SD-WAN, and DLP, just to name a few.

In Q2, we saw Zero Trust consolidation wins that included a large U.S. manufacturing company standardizing our network security platform in a $40 million transaction, replacing end-of-life competitive hardware, leveraging our security subscriptions, and removing a point competitor in SSE. We were the only company with the right certifications across all these offerings that could support their broad geographic footprint.

This deal was part of a consolidation and modernization effort across IT with positive ROI for the customer. We also had a seven-figure deal with a large law firm expanding our firewall footprint in the new data center and expanding their hybrid workforce initiatives with Prisma Access. As part of this, we won versus other firewall and SSE competitors and also consolidated their URL filtering and VPN capabilities.

In Prisma Cloud, we have built a code-to-cloud platform combining key best-of-breed capabilities that we have acquired or developed organically. Our common architecture and user experience spreads across 12 modules.

As our customers adopt multiple modules, they can consolidate a wide variety of vendors, including those in cloud security posture management, cloud workload protection, API security, SCA or software composition analysis, and infrastructure as code security, among others. In Q2, we closed a seven-figure Prisma Cloud new logo deal with a financial services company displacing multiple incumbent vendors. The customer was looking for a CNAPP solution to support their multi-cloud journey. The Prisma Cloud CNAPP streamlined several previously deployed point solutions and tools.

We also closed a seven-figure renew and expand deal with a leading North American technology company where the customer intends to expand the use of Prisma Cloud to seven modules and also value the consolidation and standardization delivered through Prisma Cloud.

Finally, in our Cortex platform with our autonomous security operations platform, XSIAM, we were able to establish our offering, which has enabled us to accelerate our platform value proposition with Cortex. A platform approach in the SOC is becoming a customer imperative as point products, each with their own data stores, cannot have full context nor drive appropriate action without overly complex integrations and high people costs.

In Q2, we saw consolidation wins that include a large insurance company that renewed their subscriptions and supported firewalls at the same time, added XSIAM and Expanse capability for a $25 million transaction. The XSIAM choice displaces the two leading EDR and SIM competitors in the market, enabling the customer to avoid the cost of adding other point products in their SOC.

Additionally, in Q2, we saw follow-on consolidation success with a Japanese manufacturing company that previously consolidated their network security across our SASE capabilities, leveraging Prisma Access and our DLP and CASB capabilities. The customer then added XSOAR into their SOC and expressed an interest in consolidating further. In Q2, they added XSIAM in a mid-seven-figure deal.

I know all of you have had a chance to look at our guidance. Our guidance is not a consequence of a change in the demand outlook out there. Our guidance is a consequence of us driving a shift in our strategy in wanting to accelerate both our platformization and consolidation and activating our AI leadership. We believe this is the time for us to invest, given our leadership position in the market and our leadership position across platformization and consolidation.

Before I talk about that more as to how we intend to accelerate our growth prospects in the future and drive towards a much higher aspiration of $15 billion in ARR by 2030, I want to give you a candid view of where we see the cybersecurity market and the demand function out there. The demand story is no different from prior quarters and, on the margin, continues to get stronger. There are multiple drivers fueling this. The threat landscape continues to challenge our customers with increasing scale and sophistication of attacks.

I'm personally getting calls from CEOs and members of boards that have had bad incidents, as well as those that have seen their peers adversely impacted. We're increasingly focusing on working with companies impacted by breaches, an important commitment as we continue to be the leader in this space.

Last quarter, we offered 1,500 of our top customers an opportunity to get our free support during a breach. Surprisingly, 400 customers have signed up in the last 90 days out of 1,500 to get our help on this topic. Clearly, there is awareness and concern around cybersecurity as has never been before. Heightened geopolitical tensions are driving significant nation-state activity, with national infrastructure being targeted.

Successful breaches and ransomware attacks are being perpetrated across many industries, with few repercussions for the bad actors, although we did see various law enforcement agencies this morning or over the weekend shut down LockBit, which is a promising sign. The new SEC mandate requires prompt disclosure of material incidents, which often result in companies reporting those incidents before a full assessment can be done or incidents remediated.

We see some companies making several disclosures in succession as they grapple with understanding the full extent of what they are facing. We see the results of these disclosure mandates recognizing the need for expedited action and security visibility and remediation in real time. The part that is new, despite the many demand drivers we're seeing, we're beginning to notice customers are facing spending fatigue in cybersecurity.

This is new, as adding incremental point products is not necessarily driving a better security outcome for them. This is driving a greater focus on ROI and total cost of ownership amongst most customers. There are also some key trends within the industry that I think are worth highlighting. Palo Alto Networks is unique in seeing gains in market share in hardware firewalls or in the product space.

This market is changing rapidly, with us seeing some of our competitors who had introduced price increases begin to roll them back. From our vantage point, we see this share shift happening in our favor because we see customers consolidating into our Zero Trust platforms. Customers, as I mentioned, 30% net new network security customers for SASE were new to Palo Alto.

Those are the customers who, over time, go ahead and consolidate their footprint and require our firewalls to be deployed to give them a consistent Zero Trust architecture. We see this as a promising trend. We intend to accelerate that opportunity. Along with the incremental focus on ROI and TCO, with single-product vendors having challenges in articulating compelling value, they're also forced to have platformization narratives.

When they're not able to convince the customers that their strategy is competitive, they're many times resorting to uneconomic pricing and putting pressure on transactions in this manner. We're beginning to see rogue behavior by some vendors in the space who are keen to retain their customers, primarily in the legacy vendor space and the startup space. We intend to combat that with investing in this space and trying to accelerate platformization and consolidation for our customers.

We're also seeing increased demand for AI, along with deploying AI in our products. We're beginning to see our customers asking us to help them protect for a successful and responsible deployment of AI in their infrastructure. Putting this all together, these trends of the market bolster our conviction that adopting platforms is the only viable strategy for customers, and leveraging AI is imperative.

We want to march faster to our aspiration to become the Salesforce, to become the ServiceNow or the Workday of cybersecurity. Customers have adopted platforms in other markets across technology, and this will inevitably happen in cybersecurity. These industry trends set up conditions that favor leaders that can drive consolidation. We intend to answer this challenge.

With all the promise that Platformization holds, adoption is not always easy for many of our customers. Until now, we have primarily assumed that our customers adopt our platforms at their own pace. The crux of the challenge is around execution. Customers face risk in executing or making significant changes to the environments, as well as economic exposure from these changes. Key friction points you've noticed include the challenge of replacing multiple products simultaneously, as well as the issues around double playing while working through complex contract terms.

Over the last six months, we have been quietly working to develop programs that enable us to help minimize and even share in the risks our customers face. You will see us tomorrow launching a significant number of platform offers to our customers to help drive this consolidation and Platformization strategy.

We believe we can build customer confidence in our platforms by approaching them well before their point product contracts expire. After we gain their contractual commitment, we have offered an extended rollout period where we can demonstrate our ability to deliver these platform benefits. Customers can then start paying us after their obligation to legacy vendors ends. With the experience we have gained over the last six months, we believe now is the right time to accelerate programs across our portfolio to drive this Platformization.

All these programs will have mechanisms to reduce customer friction, accelerate product deployment, help customers realize the value of our platforms, and consume new innovations sooner. While this is not an exhaustive list, I wanted to give you some examples.

We have begun to launch programs already that include legacy trade-ins, no-cost introductory offers, and product add-ons and incentives to accelerate estate standardization. Each of these programs has elements of reducing execution risk and dealing with the economic exposure that concern our customers. In that sense, we must bear the cost of the transition through lower upfront financial outcomes, but we are convinced these will yield amazing outcomes for us in the mid to long term.

We have developed these programs across all three platforms, and as I mentioned, we intend we have announced a few, and we intend to announce more starting tomorrow, in addition to expanding some of the programs that we already have.

Given this is an investor call and you're all focused on these numbers, I want to provide you a high-level understanding of the aggregate impact we expect this will have in the medium term and long term. I will then have Dipak talk more about this in his section and explain this much more eloquently and elaborately. We expect a typical customer entering into a platformization transaction will not pay us for our technology for a period of time. As these programs ramp over the next year, we expect a change to our billings and revenue growth over the next 12-18 months.

As customers move into the period where contracts have full billing and revenue contribution, we expect to see an acceleration in our top-line metrics. Beyond this dip and acceleration in our top-line metrics, we believe we can sustain higher growth rates for longer, driven by sticky and broad platform relationships with incremental customers, allowing us to aspire to the goal of $15 billion in next-generation security in 2030.

We also expect to achieve our transformation to a business with greater than 90% recurring revenue and industry-leading non-GAAP operating margins in the low-to-mid-30s. As Dipak will explain, we believe we can do this in a financially prudent and strong manner. Talking about bigger platforms and ARR aspirations cannot be done today without talking about AI. We have been working on AI for a long time as a company.

However, we did accelerate our efforts with the arrival of generative AI. I personally believe AI is going to be one of the biggest inflection points in technology in over a decade and, likely, more importantly, to significantly increase the total addressable market in cybersecurity. Gartner predicts by 2027, $300 billion will be spent on AI software.

This AI juggernaut continues to bring several challenges along with it from a security perspective: multiple vectors of attacks ranging from phishing to malware to nation-state activity and inflected negatively due to AI. Furthermore, customers are evaluating dozens of co-pilots-type offerings within end users where security is not necessarily front and center.

We see three discrete opportunities to drive additional growth in cybersecurity through AI, and we have internally put pen to paper to understand this opportunity, and we're in alpha or beta stages of many of these across our product capabilities.

First, organizations are concerned about their employees' access to AI in an insecure manner. Whether the consequence are unintended leakage of open source or other data models tampering or AI-driven phishing, we see an opportunity to add value across the growing volume of users we secure. We currently secure north of 100 million users and their access to applications both in the public cloud and in the data center. We expect each of these users is an opportunity for us to deliver an AI security sub for them. We believe it's a $3-5 billion opportunity over the next five years.

Secondly, organizations are increasingly deploying AI-related workloads in the cloud, just like they need to understand the overall security posture of their cloud estates and expeditiously identify and remediate issues. They must do this for AI-related workloads. We believe this in itself is a $5-6 billion opportunity in the next five years. Lastly, network traffic will increasingly have an AI context with interactions and transactions between applications and AI models.

Our more than half a million installed firewalls is the perfect place to inspect this traffic. We believe this is a $5-6 billion opportunity in the next five years. Overall, this combined $13-17 billion opportunity drives our conviction that investing in AI and maintaining our leadership can help us accelerate our growth towards $15 billion by 2030.

Beyond the larger opportunity, we also believe we are uniquely positioned to garner our fair share of the TAM. Our proprietary data and large technology footprint is a significant advantage in driving AI outcomes. We've already seen the early benefits of this AI in our newly developed product offerings. In Q2, our AI offerings, which include XSIAM, Autonomous Digital Experience Management, or ADEM and AIOps, crossed the $100 million in ARR milestone. We are possibly the first security companies to cross $100 million ARR in AI security.

This is above and beyond the AI capabilities we have embedded across all of our platforms, including our advanced subscriptions and our code-to-cloud platforms. Our co-pilots are in alpha and are in the hands of leading customers who are giving us feedback before we move to general availability. Looking forward, we have aggressive plans to roll out additional AI-based offerings by the end of this fiscal year. We have plans to offer three new product offerings, one to address each of the TAMs I talked about.

Before I wrap up and pass it on to Dipak, I'd like to summarize. We have established our Platformization notion, our clear industry leadership position with our best-to-be platforms, and the industry trends convince us we're in the best position to capitalize on this early trend and now focus on the next phase of cybersecurity, which is going to be all about consolidation.

One of the hardest things to do is to change a strategy that is working. We have spent time understanding how to accelerate our strategy further. We firmly believe, as a management team, that the changes we are making today are going to give us better prospects in the mid to long term and allow us to drive this consolidation much faster whilst giving our customers better ROI and total cost of ownership.

AI is an opportunity in the early stages. However, we are seeing the signs that there is significant demand there. It will prove to be an inflection point for cybersecurity, and today will be marked as a day where we will see that inflection begin to take hold as we start to deliver more AI security products over the course of the rest of the year. We have confidence we can drive our top-line growth trajectory higher for longer ahead of the growth trajectory we talked about back in August, despite absorbing some short-term impacts.

We have shown we run the business in a financially prudent manner, which we will continue to do as we drive this acceleration, hitting our original operating profitability and cash flow margin targets. With that, I will pass on to Dipak.

Dipak Golechha (EVP and CFO)

Thank you, Nikesh, and good afternoon, everyone. Given all that we have to talk about this quarter, I will do an abbreviated review of our Q2 results. You can refer to the press release and supplemental financial information on our website for our key numbers. For Q2, revenue of $1.98 billion grew 19%. Product revenue grew 11%, while total service revenue grew 22%, with subscription revenue growing 26% and support revenue growing 14%. Moving on to geographies, we saw consistent revenue growth across all of our theaters, with the Americas growing 19%, EMEA up 19%, and JAPAC also growing 19%.

We had some puts and takes during the quarter related to billings. As Nikesh mentioned, we saw weakness in the U.S. federal vertical related to some specific programs. This U.S. federal weakness was a meaningful headwind to our billings in Q2 after we saw a slow start in the year to Fed. The impact of these federal deals on our revenue is significant as they are relatively shorter than our average contract term.

At the same time, we saw a decrease in our non-product backlog, which offset this Fed weakness in our billings. We continued to see customers closely watching cash outlays around deals, which we discussed last quarter, although this trend played out largely as we expected 90 days ago. Remaining performance obligation, or RPO, was $10.8 billion, and current RPO was $5.2 billion. You likely noticed that our GAAP EPS was $4.89 and GAAP net income was $1.75 billion.

These benefited from a $1.5 billion release of a tax-related valuation allowance. This was a one-time item in fiscal year 2024, which has been adjusted out of our non-GAAP results. This amount also does not impact our cash taxes. Our average duration on new contracts was relatively flat year-over-year, with average duration for new contracts remaining at approXSIAMately three years, while total contract duration was down slightly year-over-year.

I did want to spend more time talking about our accelerated platformization and consolidation strategy and give you more of my perspective with some additional framing and detail with a financial lens. Nikesh talked about our programs to alleviate friction with customers. We believe that by moving from a deal-by-deal approach to a program-based and systematic approach, we can accelerate platformization with our customer base and drive vendor consolidation faster by mitigating platformization friction.

This results in a number of business benefits for us, ranging from a faster capture of the customer estate and larger platform commitment to higher renewal and expansion rates and faster adoption of our new innovations. For the customer, they are able to execute on the platform deployment with lower risk and consolidate vendors while benefiting from a lower total cost of ownership and a better security posture.

As Nikesh gave you the high-level trajectory in our opening line, I wanted to help you understand how we think about the medium term. Our platformization efforts to drive consolidation effectively provide customers a period of the contract for free as part of their commitment. We expect we may see a period of 12-18 months of pressure on our top-line growth rates, notably billings. Some of our platformization programs embed deferred payments into deal structures, which we have spoken about in the past.

We expect this will persist through fiscal year 2025 as we anniversary the rollout of these programs and result in billings below the target we provided in August of 2023. Beyond this period, we expect we can sustain higher growth than we provided in these targets in August.

From an NGS ARR perspective, we expect less impact on our year-end metrics, and we expect we can continue to meet or exceed our target, which calls for a 30% growth rate through fiscal year 2026. As Nikesh noted, we are establishing a long-term target of $15 billion of NGS ARR in fiscal year 2030. Underlying this trend, we expect customers deploying our full set of platforms to have a higher makeup of NGS products.

These offerings tend to be deeply installed in our customer's infrastructure, and once a customer deploys the platform, it's easier to continue to consolidate vendors and adopt new innovations. We expect this to drive a significant increase in our overall revenue mix that is recurring. From a revenue perspective, we expect to see less pressure on revenue as compared to billings.

Generally, we see a lag in changes in our revenue growth versus our billings growth, and we expect that this will happen here as well. As Nikesh mentioned, part of what gives us confidence to execute on the strategy, and especially to do so now, is our success in driving profitable growth. As we embark on a strategy that we expect will negatively impact the top line in the short term, we have significant confidence that our business scales well, and we can continue to see operating leverage from a number of drivers.

As I have mentioned multiple times before, we scale well across every line item of our P&L, ranging from customer support to cloud hosting to sales and marketing to G&A. We've seen significant payoff from focusing on internal efficiency across all areas of the business. Let me give you some specific examples for Q2.

First, in cloud hosting, we signed a significant extension with our primary cloud provider. This contract is constructed to enable us to drive further margin benefits as we scale. Second, within G&A, we're progressing well on a significant employee experience program. This started by analyzing all of our service desk tickets across all channels and identifying all the manual responses needed to address requests.

The combination of process re-engineering, re-engineering, automation, and AI is still in progress, but we have already seen positive savings and have a target of automating 90% of the more than 300,000 manual interventions. By the end of Q2, we have roughly halved the cost of our T&E servicing. We are now leveraging this program as a template across other business areas. In short, while we made a lot of progress, we still have significant opportunities on the profitability front.

That gives us confidence that we can maintain our medium-term operating margin and free cash margin targets beyond this year. Specifically, we believe that we can expand our operating margins by 100 basis points beyond this year, in line with the operating margin guidance we gave in August of 28%-29%.

This can continue to support our medium-term free cash flow margin target of 37%+. We expect that this will come despite us absorbing some billings impact, as we have both the benefit of some prior arrangements with deferred payments contributing, as well as efforts we have placed on optimizing the cash dynamics of our vendor spending.

In short, I wanted to reiterate what Nikesh said, that it is important for us to be able to manage through this platformization acceleration in a financially prudent manner, and we have set ourselves up well to do this over the next 12-18 months.

Now, moving on to the guidance for Q3 in the year. For the Q3 of 2024, we expect billings to be in the range of $2.30-2.35 billion, an increase of 2%-4%. We expect revenue to be in the range of $1.95-1.98 billion, an increase of 13%-15%. We expect non-GAAP EPS to be in the range of $1.24-1.26, an increase of 13%-15%. For the fiscal year, we expect billings to be in the range of $10.10-10.20 billion, an increase of 10%-11%.

We expect NGS ARR to be in the range of $3.95-4 billion, an increase of 34%-35%. We expect revenue to be in the range of $7.95-8 billion, an increase of 15%-16%. We expect operating margins to be in the range of 26.5%-27%, an increase of 240 to 290 basis points year-over-year.

We expect non-GAAP EPS to be in the range of $5.45-5.55 billion, an increase of 23%-25%. We expect adjusted free cash flow margin to be 38%-39%. In the interest of time and to get as many of your questions as possible, we've included the modeling points in the appendix of our earnings presentation. With that, I will turn the call back over to Walter for the Q&A portion of the call.

Walter Pritchard (SVP of Investor Relations and Corporate Development)

Thanks. We'll now proceed with Q&A. Please, in the interest of time, ask only one question with no follow-ups. Our first question will come from Hamza Fodderwala from Morgan Stanley, followed by Brian Essex from J.P. Morgan. Hamza, please go ahead with your question.

Hamza Fodderwala (Equity Research Analyst and Executive Director)

Good afternoon. Thanks for taking my question. I just wanted to clarify, Nikesh, your comment on spending fatigue. What exactly were you referring to there, just given you also said demand was quite good? Then, just the billings cut, it seems like it's a function of some bundling, discounting, as well as lower duration. Any way to quantify that at all? Thank you.

Nikesh Arora (Chairman and CEO)

Hey, thanks, Hamza. Thanks for the question. Yeah, I think I want to make sure there's no confusion in our characterization of spending fatigue. Over the last few years, most of our customers have ended up spending more on cybersecurity than on IT.

As a consequence, they're feeling like my budget for cybersecurity keeps going up in double digits every year because I'm trying to protect against every new threat vector, yet you see the number of breaches continues to rise.

Our customers are sitting down and saying, "If I spend more money, can you show me how I get a lower total cost of ownership across my enterprise? How do I spend less on the services that I have to deploy? How do I get better ROI?" I think it's more about optimizing their current cybersecurity budgets as opposed to there being no demand. Demand continues to be very strong. The customers are demanding to get more for the amount of money they've allocated to cybersecurity. That's where platformization and consolidation kicks in.

Hamza Fodderwala (Equity Research Analyst and Executive Director)

In terms of trying to quantify duration versus.

Nikesh Arora (Chairman and CEO)

Yeah, Just to be clear, Hamza, from a billings perspective, part of the billings guidance is related to the Fed that we talked about in the prepared remarks. Part of it is also because of the platform initiatives, platformization initiatives per se, but also part of it is we just expect there to be more deferred payments like annual billings, things like that, as we roll out these programs. That's what makes it up.

Walter Pritchard (SVP of Investor Relations and Corporate Development)

Thank you, Hamza. Next question from Brian Essex at J.P. Morgan, followed by Saket Kalia at Barclays. Brian, go ahead.

Brian Essex (Executive Director and Senior Equity Research Analyst)

Yeah, thanks, Walter. And maybe to follow up on Hamza's question, maybe for Dipak, one thing that caught my ear was the comment about discounting or offering a free period upfront for a certain period of time. I wanted to get a sense of what kind of headwind within that billings guidance is attributable to some of that discounting, and should we be looking at other metrics like average TCV or annualized TCV to get a sense of once those contracts hit a normal run rate, what would a normalized growth rate look like?

Nikesh Arora (Chairman and CEO)

Thanks, Brian. Hey, let me jump in here. Sure. I think let me clarify in terms of the discounting notion what's happening today is when I go to a customer and say, "Listen, I'd like to replace your estate with the entire platform." The customer says, "Wait, wait a minute. I got this vendor for IPS, this for SD-WAN, this for SSE, and I got half my firewalls from another vendor, and they all expired at different points in time.

I'd love to deploy Zero Trust, but it's going to take me 2-3 years as the end of life of these vendors happen. I'm scared that if I rip and replace this at this point in time, it's going to create execution risk. Not just that, it's going to create economic risk." The propositions we're going to customers is, "Listen, let's lay out a 2-year, 3-year cybersecurity consolidation and platformization plan. We'll go start implementing today. You pay us when they're done."

What it is, is more of a sort of like, "You can use our services until you have to keep paying the other vendor we'll take it from there." But that's taking away a lot of the economic exposure and the execution risk for our customers now, you can call that discount or you can call that a free offer.

Our estimate is approXSIAMately, it works out about six months' worth of free product capabilities for our customers on a rolling basis. I think in about 12 months, as our offers start lapping each other, we should go back to our growth rate we've been talking about. I think the right metric in the timeframe is to look at RPO.

Brian Essex (Executive Director and Senior Equity Research Analyst)

Great. Thank you. Great.

Walter Pritchard (SVP of Investor Relations and Corporate Development)

Thank you, Brian. Next question from Andrew Nowinski at Wells Fargo, followed by Gabriela Borges at Goldman Sachs. Go ahead, Andy.

Andrew James Nowinski (Senior Equity Research Analyst)

Thank you. I wanted to ask about the U.S. federal spending. You said it was soft in Q2, Nikesh, and I think it's going to remain soft for the next six months. But given your comments about how nation-state activity targeting the national infrastructure was increasing, I guess, why do you think there's a disconnect between that trend? Were those comments specific to your Palo Alto customers in the U.S. Fed or more broad-based?

Nikesh Arora (Chairman and CEO)

I think those part of it is particular to us. As you're aware, there was a large program we were part of downselected to be the only vendor. We'd expected we staffed it to make sure we could implement it and we could get the orders that program didn't materialize at the pace and at the spending levels we'd expected we saw an early glimpse in Q1 towards the end. We saw it not show up in Q2, and we have it staffed for Q3 and Q4. Remember, Fed is a lower-duration number, so it has this much more significant impact to revenue because Fed pays you on an annualized basis as opposed to on a TCV basis.

You're seeing the impact of that to our revenue for Q3 and Q4 and some of the billings miss in Q2, which we had to make up with shipping from non-product backlog. So that's kind of what happened in the Fed business.

Once bitten, twice shy. We're being very cautious about how we expect it to come back or not in the second half of the year it's more pertinent to that as opposed to a broader comment around the federal space. Don't forget, Fed in general is not a next-generation security adopter because they're usually slower on cloud services than they are on traditional cybersecurity products.

Andrew James Nowinski (Senior Equity Research Analyst)

Makes sense. Thanks.

Walter Pritchard (SVP of Investor Relations and Corporate Development)

Thanks, Andy. Apologies. We're going to go back to Saket Kalia from Barclays and then go to Gabriela Borges from Goldman Sachs. Go ahead, Saket.

Saket Kalia (Senior Equity Research Analyst)

Hey, great. Hey, thanks, guys. Nikesh, maybe for you, just to touch on the platformization item a little bit deeper. I almost think about these as ramping contracts, and you tell me if that's off. But specifically, as you look at the second half, maybe putting the mechanics of the ramp aside, how do you sort of feel about sort of underlying demand with metrics like ACV or bookings? What percentage of your book of business do you sort of expect to shift to sort of this ramping structure? Does that make sense?

Nikesh Arora (Chairman and CEO)

Yeah, that makes a lot of sense i think part of what we're noticing, Saket, is that we'd like to go from best-of-breed competitive behavior with legacy vendors or newer vendors and go straight to platform competition. Because we've noticed that we have a higher win rate on platform deals. We have a higher win rate in consolidation plays as opposed to best-of-breed head-ons, which end up costing more time and energy, and you see very, as I called it, rogue behavior where people start trying to desperately hold onto customers.

We are trying to shift our go-to-market towards a consolidation play and a platform play. I think, as I said earlier, the right number to look at in this context is RPO. The underlying demand is strong. Our book of business is strong. Our pipeline is strong. There is nothing going on on the demand side. It's just that we see this pushing out of the billings towards later parts as we get more and more consolidation offers and platform offers out there to give you an example, maybe acquire Talon. We made Talon free to every SASE customer.

Right? Instead of going and trying to upsell that to every SASE customer and run the risk of running into POCs or other secure browsers, we've decided to give it away free for the next 12 months until the customer's renewal comes up. Now, that has a billing impact in the 12-month timeframe and a revenue impact. However, at the end of 12 months, all these will be renewed because our aspiration is to get 50% of our customers to use the enterprise browser.

It's one of the best products we've acquired. It has tremendous market tractions. When we acquired it, there were 100 POCs in place going on at customers. We've told them, "Listen, if you're a Palo Alto customer, just use it.

It's part of our product. It's part of the licensing. You don't have to pay us more. You don't have to do a new contract." What that does, it allows us to penetrate a market segment which would end up being competitive we end up getting some share and spend the rest of our lives trying to create more traction and more market share in the future. It's like, "Great. It's free." Our incident response offer, we never had 400 Fortune 2000 customers dealing with us on incident response.

We launched an offer. In 90 days, we got 400 customers. We gave them 250 hours free. Right? That's 100,000 hours of breach consulting for free. That drives a future business for us where they become our cybersecurity partner of choice. We're trying to seed ourselves into our customers' platforming consolidation strategies so that we don't have to keep fighting on an individual breach or individual best-of-breed deal every time we go to a customer.

Saket Kalia (Senior Equity Research Analyst)

Makes sense. Thanks, guys.

Walter Pritchard (SVP of Investor Relations and Corporate Development)

Great. Thanks, Saket. We're going to go next to Gabriela Borges with Fatima Boolani from Citi on deck.

Gabriela Borges (Managing Director and Senior Software Equity Research Analyst)

Hi, good evening. Thank you. Nikesh, I wanted to ask how you think about the risk of potentially cannibalizing the customers that are willing to pay full price today as you implement the bundling strategy. Then how do you think about.

Nikesh Arora (Chairman and CEO)

If you find them, let me know.

Gabriela Borges (Managing Director and Senior Software Equity Research Analyst)

Okay.

Nikesh Arora (Chairman and CEO)

Sorry. Go ahead, please. Ask the question.

Gabriela Borges (Managing Director and Senior Software Equity Research Analyst)

How do you. Yeah, it's also a longer-term question on how do you think about maybe catalyzing a race to the bottom with pricing pressures? As you think about ramp deals, technology that may be worth $100 today or a year from now, by the time you get to renewal, is no longer worth $100 because you've created pricing competition or you've created a competitive response?

Nikesh Arora (Chairman and CEO)

I think there are two answers you asked to let me answer two parts of the question. I think this is to think about it as a price war is the wrong way to think about it. Actually, we're averting a price war by driving a platformization approach. And I'll explain how.

First of all, all of our customer deals are discussed, negotiated, POCed it's very rarely that we have a customer who does not understand the value of what they're offering because it's a competitive market, we have a price our competitors are who normally rational competitors have a price. We don't think that we're cannibalizing a full-price paying customer.

I think what we are doing, Gabriela, is that we're avoiding the unintended consequence where a customer says, "Oops, I have no time left." Because what happens is customers with all the right intentions will say, "I'll renew. I'll buy Palo Alto in 12 months from now when my current contract goes away." They take a little while analyzing, and they get to 6 months saying, "Oh my God, if I'm not able to deploy you in 6 months, I'm going to have an exposure. I'm going to go try and get a renewal."

When they try and get a renewal, the other vendors know this is not going to be their business for too long. That's when irrational pricing behavior happens. It's not when they execute early and deploy early. Actually, we're averting the last-minute race to the bottom, like you called it, by making sure our customers don't have to worry about the execution risk and trying to get renewals and trying to get best pricing in the last six months.

Gabriela Borges (Managing Director and Senior Software Equity Research Analyst)

Thank you. Great.

Walter Pritchard (SVP of Investor Relations and Corporate Development)

Thanks, Gabriela. Next up is Fatima Boolani from Citi. And now for that, Roger Boyd from UBS.

Fatima Boolani (Managing Director and Software Equity Research)

Hey, good afternoon. Thanks for taking my questions. Nikesh, on the platformization strategy, I was hoping you could drill into what the catalyst was for this to be a mid-year change. What were you hearing from customers where you said, "We've got to pull the trigger in the middle of the year?" Because it's admittedly atypical.

As a related note, when you're rolling this out, if you've got customers who are not paying you for six months, how are salespeople going to get compensated for that freemium sort of stance you're taking? Just how are you protecting, I guess, the piece of the go-to-market organization as it relates to the new strategy?

Nikesh Arora (Chairman and CEO)

Thank you. Dipak did warn me this one will take a little bit of explaining. Let me go back to what Saket said. For simplicity purposes, think about a ramp deal. Our salespeople still get paid on TCV. Right? So they're still going to do a three-year deal or a five-year deal. We're not doing six-month or 12-month deals.

You'll see that in our RPO. You'll still see us doing ramp deals where the first 6 months may not be charged, but the next 4.5 years is next 2.5 years is. Our salespeople will get paid on the TCV deals like they get paid today. Right? That's not a problem. I think that's the best way to think about it. I'm sorry, there was another part that I missed. I apologize. What now?

Fatima Boolani (Managing Director and Software Equity Research)

Just the impetus of it being a.

Nikesh Arora (Chairman and CEO)

Yeah, sorry. The impetus, Fatima, is fascinating because we've managed to double our business in the last 5 years. For us to get to a double from here and more, we've had to step back and say, "What do we do?" We got 21 categories where we're best in breed we realized we're still fighting best-of-breed deals while we should be selling the platformization strategy.

We realized selling the platformization strategy, which we have been for the last six months, as we said, we've been trialing this out we've been running this play for the last six months we're discovering when we go in with a platform approach, we win more often than if we go in with the best-of-breed only.

Otherwise, we get whittled down on price XDR to XDR or SASE to SASE. When we go with XSIAM, with XDR, ASM, and XSOAR, then we don't get whittled down on price because the customer sees the TCO value and the ROI of doing the entire replacement together. But the moment we go up with that, it's like, "Well, that's a lot of risk. I got to replace everything in the next six months. I'm not willing to commit. Let's go one at a time." When they go one at a time, I get whittled down on price with a legacy vendor.

Walter Pritchard (SVP of Investor Relations and Corporate Development)

Great. Thanks, Fatima. Next up, we have Roger Boyd. And after that, it'll be Jonathan Ho from William Blair. Great.

Roger Boyd (Stock Analyst)

Thanks for taking the questions. Another follow-up on the platformization. But as you get more accommodative on some of these offerings, more aggressive on discounting, what are you expecting to see from a contract duration perspective? It sounds like the focus is going to be on RPO, but are you expecting to see contract duration actually extend in exchange for some of this economic flexibility? Thanks.

Nikesh Arora (Chairman and CEO)

I think that's a great question. I think the way to think about it is that we still have two parts to our business we'll still have the regular part of our business, which is still going and competing best-of-breed. We expect that business to continue. Remember, this platformization really applies to where customers have the opportunity to consolidate and platformize there are still many who are in different parts of their cybersecurity journey or the IT journey.

To the extent that we are dealing with a customer who's willing to consolidate with us, you will see contract durations go up. Because we're not going to do this if you're not going to get a commitment for a 3-5-year deal. Because it does not behoove us to do those deals if you don't see a long-term commitment of the customer because we are going to be consolidating multiple security products for them and working with them to implement them across the enterprise.

Walter Pritchard (SVP of Investor Relations and Corporate Development)

Great. Thank you. Next question, Jonathan Ho from William Blair. And after that, we've got Adam Borg from Stifel.

Jonathan Frank Ho (Partner and Technology Analyst)

Great. Thank you for taking my question. I guess one thing I'm trying to understand a little bit better is, does this ability to standardize on the platform give you something similar to what Microsoft has done with their E5 bundling to sort of force customers or package very attractive terms for customers to switch? I guess how does that maybe play out in terms of a customer's willingness to commit to a single vendor platform? Thank you.

Nikesh Arora (Chairman and CEO)

That's a great question, Jonathan. Very apt question. Look, it allows us to do a much better job of putting stuff together across our portfolio as opposed to having to do each of these deals on an individualized basis. You're bang on on the idea that this consolidation benefits us and allows us to drive towards that platform much faster.

Roger Boyd (Stock Analyst)

That's helpful.

Nikesh Arora (Chairman and CEO)

I think it also gives us financial flexibility in terms of pricing deals. That's also very, very pertinent, very true. But I'll give you an example. Right? Just this morning, I was on the phone, and a customer is trying to buy an IoT capability. Independently, that IoT capability is going to cost them north of $5 million. They already have our firewalls. We allowed them to activate IoT off our firewalls, which cost us a lot less than $5 million. But that allowed them to consolidate. Now, when the renewal comes up in six months or 12 months, they're going to be able to renew for a higher amount.

That degree of flexibility that we can offer our customers where they don't have to go end up spending more and building yet another vector that they have to go consolidate in the future is what we're trying to drive to.

Walter Pritchard (SVP of Investor Relations and Corporate Development)

Great. Thanks, Adam. Next up is Keith Bachmann from BMO, followed by Tal Liani at B of A.

Keith Bachman (Managing Director and Senior Equity Research Analyst)

Hi. Thank you. You confused me, Walter. I think, Dipak, for you, you mentioned we certainly have the billings guide for Q3 and then implied for Q4 something like 10%. You indicated that this was going to be a 12-18-month sort of impact as you try to anniversary consolidating spend.

But is there any trough or any way to think about FY25? I mean, is it still double-digit billings growth that we should be thinking about, or any kind of metrics on how you think about the six to or excuse me, 12- to 18-month impact where you're trying to anniversary the program?

Dipak Golechha (EVP and CFO)

Our aspiration is that towards the second half of 2025, we should revert back to our original expectations of mid- to high double-digit growth. But as I said, so 12-18 is obviously we have to go experience these programs to see how they persist. But at some point in time, they will start to lap and give us better upside in the larger-sized deals that we're able to do.

Keith Bachman (Managing Director and Senior Equity Research Analyst)

Okay. All right.

Nikesh Arora (Chairman and CEO)

But I just want to make one more point. Sorry on this context. One of the things which I think should not be lost, what Dipak has said, we have maintained our absolute free cash flow guidance for the year and absolute EPS guidance for the year. We believe we can make all this happen while holding our earnings and free cash flow constant.

Keith Bachman (Managing Director and Senior Equity Research Analyst)

Yeah, noted. Great.

Walter Pritchard (SVP of Investor Relations and Corporate Development)

Thanks. Next, we're going to go back to Adam Borg, and then we're going to go to Tal Liani from B of A.

Adam Borg (Managing Director and Senior Equity Research Analyst)

Awesome. Thanks, Walter, and thanks, everyone, for taking the question. Maybe just on XSIAM, it was good to see the traction there. Maybe talk more about the displacement opportunity that you saw in the quarter. I think you talked about replacing up to 19 different vendors since being introduced. Talk more about how you plan to further penetrate that as part of this broader platformization approach. Thanks.

Nikesh Arora (Chairman and CEO)

Thanks, Adam, we've displaced 19 unique different SIM vendors. The reason that's relevant for us is that tells us that our platform has capability that spans multiple use cases and different types of products in the market it's not like we only replace one kind of SIM. We have been able to replace different kinds of SIM, which offer different capabilities in our customers.

We still believe this is the fastest and best cybersecurity product that has been created. We are north of 65 customers now in nine months. As we said, we have signed the largest number of deals this quarter on a deal-for-deal basis we did $90 million in TCV. We're really excited about it. This does resonate with our customers.

We are launching tomorrow an offer to replace endpoints for our customers who are stuck with legacy endpoints, which is one of the things that holds us back in being able to deploy XSIAM. We've also announced support of other non-legacy vendors that they have in their infrastructure our customers have been asking for that so we can support some of the other leading edge XDR capabilities in the market.

We are making a concerted play to be able to be the SOC of choice. It is radically different and better than most other SIEMs out in the marketplace. So we are putting a concerted effort and very excited about where we are with it.

Adam Borg (Managing Director and Senior Equity Research Analyst)

Great. Thanks.

Walter Pritchard (SVP of Investor Relations and Corporate Development)

Thanks a lot, Adam. Next up, Tal Liani from BofA Securities, followed by Brad Zelnick at Deutsche Bank.

Tal Liani (Managing Director and Senior Research Analyst)

Hi. First, just a clarification. You spoke about discounting or pricing. Is there any product where you see more discounting than others? Is it on the legacy firewall side, or do we see it on SASE or Cortex? Or should we look at it as a complete kind of pricing for the platform?

Nikesh Arora (Chairman and CEO)

I think the best analogy is Jonathan's analogy, which is the bundling of multiple things into one capability, more like a I don't want to call it that one. More like one of the other vendors has a certain bundling philosophy. I think it's more like that than it is about individual product categories because it's not about, "If you buy SASE, I'll make it cheaper if you buy XDR, I'll make it cheaper." It's about, "If you commit to my network security platform, the combined whole of it will be much better TCO and ROI for you, and I'll take the execution risk." Remember, the exit ARR for me is going to be no different than it is today.

Tal Liani (Managing Director and Senior Research Analyst)

Got it.

Nikesh Arora (Chairman and CEO)

I think that's why I don't like the word discounting or reduced pricing. The exit ARR will be consistent with what I would get today. I would end up taking the execution risk away from the customer.

Walter Pritchard (SVP of Investor Relations and Corporate Development)

Thank you, Tal. Next up, we have Brad Zelnick from Deutsche Bank. And after that, Matt Hedberg from RBC.

Brad Alan Zelnick (Managing Director and Senior US Software Analyst)

Great. Thanks so much. I want to ask another question from a go-to-market perspective, just extending on Fatima's question. Excuse me. Nikesh, how do you align the channel to execute on this platformization strategy where for you to win? somebody else has to lose? Their economics are typically a function of present-day billings, not LTV. Then also just extending on that, you've talked about the SIs as a real strategic opportunity for you. Where do they fit into this platform? I've got to practice the word. Platformization strategy. Thank you.

Nikesh Arora (Chairman and CEO)

I know it's a new word i only introduced it five years ago when you didn't believe us but now we've got to worry about consolidation thank you, Brad. When I start to make fun with you, I start forgetting your question look, your channel question. Two parts to it. It's a great question. First of all, channel does get compensated on TCV.

Look, I think part of what we said is our deals are 40x when they use all three platforms compared to a single platform deal. Our deals are north of 20x when they use two platforms. Right? Our top 10 customers spend 36% more with us than everybody else. That's all a function of as the deal size as we do this platformization, the deal size is going to get bigger.

The channel gets paid on TCV channel has a lot of incentive to help us drive this platformization. I think you hit on a very important point around SIs. We have been working really hard over the last six months with our SI partners to help activate and we're actually trying to get in front of their engagements with customers as opposed to wait for their RFPs.

We have very strong relationships with almost every SI out there. It's been a concerted effort. We have just hired Kristy Friedrichs, who was the CEO of New Relic, to drive our partnerships, the Chief Partnership Officer. We are putting a lot of attention and focus on it.

We're positively enthused about the traction we're getting with the SIs. Because think about it, the SIs are new to this business for the last 3-5 years. They used to have cybersecurity businesses, but they really doubled down and focused on it where you can take your favorite SI. and they all have a very strong practice in cybersecurity.

They would much rather partner with one large player or a few large players than the entire gamut of 3,000 cybersecurity companies that are out there. It fits their aspirations it fits our aspirations of getting ahead of it. They are a critical part of this platformization approach because these platform offers actually spin out a lot more services revenue than individual best-of-breed offers.

Brad Alan Zelnick (Managing Director and Senior US Software Analyst)

Thank you.

Walter Pritchard (SVP of Investor Relations and Corporate Development)

Great. Thanks. Next up is Matt Hedberg from RBC, followed by Joe Gallo from Jefferies.

Matthew Hedberg (Managing Director and Head of Global TIMT)

Great. Thanks, Walter. I think one of the important points, Nikesh, you made is, despite all these changes, free cash flow margins are unchanged for fiscal 2024 and the midterm targets. I guess the question for Dipak is, I just wanted to make sure I understood why that's the case it sounds like you said it was prior arrangements and optimizing vendor payments first of all, did I get that right? I guess, secondly, when we get into 2025, are there other variables that we think of that could potentially change that margin target or kind of confidence level that that margin target can hold into next year?

Nikesh Arora (Chairman and CEO)

No. While we're not guiding to next year, we're pretty confident in our free cash flow margin, as I said in my prepared remarks going forward. Just to be clear, the thing that buttresses our free cash flow margin the most is our operating margin. Okay? We do expect that to continue to increase. That's kind of one part of it.

Secondly, we've got more business that's coming off prior contracts that we've signed. We have visibility to that. We know when they're going to come. We also have some incremental focus on factors that impact our cash flow, for example, vendor payment terms. But when we put that all together, we're pretty confident on the cash flow side.

Matthew Hedberg (Managing Director and Head of Global TIMT)

Great. Thank you.

Walter Pritchard (SVP of Investor Relations and Corporate Development)

We'll take our final question from Joe Gallo at Jefferies. Go ahead, Joe. Hey, guys.

Joseph Gallo (VP, Senior Equity Research Analyst for Software and Cybersecurity)

Thanks for the question. Appreciate the candor, Nikesh, on spend fatigue and it's logical. But given your discounting comments, can you just give an update on the competitive environment, on win rates, or any metrics you're tracking, particularly in SASE? You've seen several vendors enter the market, several noting large eight-figure wins. You've certainly made eight-figure deals look easy over time. What gives you confidence this is not competitive and this is more of a short-term hiccup?

Nikesh Arora (Chairman and CEO)

First of all, I would not classify this as a short-term hiccup. I know you guys would love life that was linearly nice in quarters and moved up in a beat and race percentage basis. I'm trying to get this done in the next 3-5 years where we become even a bigger and a larger platform in cybersecurity. If I step back and look at what we've done in the last five years, we established the notion of the platform in cybersecurity it wasn't a notion that existed.

I'm trying to accelerate the deployment of the notion because I believe competitive advantage in product in this industry lasts 2-3 years. At this point in time, I believe we have the largest competitive advantage across our platforms in the market, starting with our XSIAM product in our SOC space. We think that is a 15-year-old legacy space, which we should get quickly and go and deploy as quickly as we can across the board and take away any friction in the process.

On network security, we did not have network security zero trust offers in the marketplace. We are starting to see where a customer bought $40 million of SASE and then came and replaced all their firewalls with us in the last six months. Right? We are seeing the customers show that behavior. We're trying to take all the friction out of the way so they can make that happen.

Now, if I break it down into the three categories we're in, I think in network security, you'll see more and more zero trust offers where hardware, software, and SASE have to combine. There's very few vendors in the space who can do that today. They're trying to hold on to their legacy positions. We're accelerating combination across that category. You can make your own judgments as to which vendors are going to benefit, which ones are not going to benefit as much.

In the SOC space, there is only one option: deploy AI in your SOC. The average technology in the SOC space is 13-15 years old. Right? That was not made for AI. It was not ready for AI. It doesn't matter who you buy. It doesn't matter what gets acquired. What is important is that you can actually have an AI-delivered data lake that delivers you the capability in XSIAM. On Cloud, it's a new space.

We're beginning to see what's fascinating is for us, our best cloud customers are the ones who are delivering SaaS software to their customers. You take the large platform players. They use our Cloud security because they understand the need to have an integrated cloud platform. We have green shoots we have trialed this. This is the time for us to double down and accelerate. That's what we're doing. It's not a hiccup.

Joseph Gallo (VP, Senior Equity Research Analyst for Software and Cybersecurity)

Makes sense. Thank you.

Walter Pritchard (SVP of Investor Relations and Corporate Development)

Great. Thanks, Joe, for that last question. With that, I'll pass it over to Nikesh for his closing remarks.

Nikesh Arora (Chairman and CEO)

I know this was exciting for all of you guys, even more exciting for us. We are committed. We believe this is the right way forward. We believe this is the way we can deliver a faster platformization, a faster way to consolidate the industry into a platform. We hope that in the next five years, this allows us to double our business from here, which is why I'm here. I want to say thank you to all of our employees, all of our partners, and of course, all of you for taking the time to listen to our earnings call.