Check Point Software Technologies Ltd.

Are we recording?

Yeah, I think I have to record.

Okay. Greetings and welcome to Check Point Software's 2026 First Quarter Financial Results Video Conference. I'm Kipi Meinzer, Global Head of Investor Relations. And joining me today, our Chief Executive Officer, Nadav Zafrir, and our Chief Financial Officer, Roy Galan. Before we begin, I'd like to remind everyone this conference is being recorded and will be available for replay on our website at Checkpoint.com. During the formal presentation, all participants are in a listen-only mode that will be followed by a Q&A session. During the presentation, Checkpoint's representatives may make forward-looking statements. Forward-looking statements generally relate to future events or future financial and or operating performance. These statements involve risks and uncertainties that could cause actual results to differ materially from those projected in the forward-looking statements. Any forward-looking statements made speak only as of the date hereof and Check Point Software undertakes no obligation to update publicly any forward-looking statements. In our press release, which has been posted on our website, we present GAAP and non-GAAP results, along with a reconciliation of such results, as well as the reasons for our presentation of non-GAAP information. If you have any questions after the call, please feel free to contact Investor Relations by email at kip.checkpoint.com. Now I'd like to turn the call over to Nadav.

Thank you, Kip. And thank you all for joining us. So I'm going to begin with the key operating dynamics of the quarter and obviously talk a little bit about how we're advancing our strategy to drive sustainable long-term growth. So to begin, in our first quarter, we delivered double-digit growth in non-GAAP earnings per share and adjusted free cash flow with revenue growth at 5%. Subscription revenue remained a key strength, driven by strong demand across our emerging technologies, which actually generated 45% growth in calculated billings led by email security, CTAM, and SASE. At the same time, we do see a decrease in appliance reference projects that resulted in lower than expected product revenues. As we discussed in our last earnings call, during the second half of 2025, we conducted a comprehensive go-to-market assessment with the objective of accelerating both new logo acquisition and increasing wallet share in large enterprise accounts in order to enable the successful execution of a multi-pillar platform strategy. So based on this, we implemented changes to our go-to-market model to align with these goals. And the transition to the new model did create short-term disruption to the rhythm of our sales execution and primarily affects our appliances business. Now, while we're confident that the changes made are setting us up for success in the mid and long term, we do see a short-term impact on our business that will negatively affect our 2026 revenue projections. We believe these headwinds are transitory and they reflect a deliberate reset to position our business for improved execution and scalability. We're already seeing that the current pipeline trends and ongoing customer engagements and our plans to further invest in our firewall business make us optimistic about the future growth trajectory. Beyond that, our strategy continues to be anchored around our four pillar approach, which we believe is well aligned with the evolving security requirements of enterprise, particularly as AI adoption expands the threat landscape. And in support of our go to market execution, we're strengthening our leadership team with four key appointments. So first, Sharif Sadiq has been named Chief Revenue Officer and will lead our go-to-market organization. Sharif has successfully led our international sales business over the past three years. He brings more than three decades of global sales leadership experience, and he'll be replacing Itay Grimberg. I want to take this opportunity to thank Itay for his continued support during my first year and for his leadership in the go-to-market changes. Beyond that, Yochai Korem, who has led our CTEM offering since the acquisition of Cyberint and has driven 96% year-over-year ARR growth, will join the leadership team. You know that as organizations operate in this increasingly agentic world, exposure management is becoming mission critical because it enables security teams to rapidly identify emerging threat and the most important part is materially accelerate their mediation. And I think we have an advantage here and I'm happy to welcome you. Hi. Alongside that, to lead our AI pillar, I'm happy to say that Adam Eli has joined as general manager of AI security, and will also join the leadership team. Adam brings deep experience at the intersection of cybersecurity and large-scale enterprise security operations, because in his previous roles, he was a CISO at Fidelity, deputy CISO at Walmart, but he's also a founder of Blue Box Security. I think Adam adds really a proven operator's perspective, which is so essential in this time, and he'll focus on building the platform, our AI security platform, to scale with the speed, the rigor, and a strong commercial pipeline. And then lastly, Rafi Kretschmer is appointed VP of Global Marketing. He'll replace Brett Theis, who we wish well in his future endeavors. Beyond that, look, you're all aware, AI is a watershed moment for the security industry. When you look at the emergence of these frontier AI models, including Mythos and GPT-Class, they're driving two structural shifts in cybersecurity. First one is that the barrier to sophisticated cyber attacks is literally collapsing because AI is democratizing capabilities that were once exclusive to nation state and some very large elite, quote unquote, criminal organizations. And this is exposing a far broader set of enterprises to material risk. That's number one. Number two, Cyber attacks are undergoing structural industrialization. The Gentic AI enables threat actors to continually scan global infrastructure, and they're generating a continuous flow of novel attack techniques. And so manual operations are giving way to automated attack pipelines, and this is what we call at Check Point the AI attack factories. Now, when you look at the convergence of these two forces, it really creates a different threat environment. Larger attack population that is executing more sophisticated campaigns with greater speed and volume, and the time to exploit is shrinking dramatically. And we believe, I believe, that this is directly validating our ethos of prevention first, which we're second to none in the industry, in my opinion. Beyond that, at Check Point, we're not waiting for this threat environment to materialize. Our response is ready and active. It's structured, of course, across our four-pillar framework, the security for AI, the network through our hybrid mesh, CTAM, and workspace security. Now, during this quarter, we introduced solutions to secure enterprise AI transformation. As an example, we launched the AI defense plane, which is designed to secure the agentic enterprises across employee AI usage, the applications, and the agents that both of these use, the people and the applications. Beyond that, we introduced the AI factory security blueprint. It's integrated with the NVIDIA GPU servers sitting on the server itself. And this provides end-to-end protection for AI infrastructure. And we're very bullish about this. Most recently, we also announced our partnership with Google Cloud. We're integrating this AI defense place with Gemini Enterprise Agent Platform, and this can deliver real-time runtime protection at scale. We also delivered AI driven exposure management, enabling customers to close the remediation gap through one, improved intelligence, then the risk prioritization, and finally safe remediation, which is critical, the time to remediate in organizations today. And then, Finally, we launched a secure AI advisory service to help enterprise govern, deploy, and ultimately scale AI with security and doing so responsibly. And so to close my opening remarks, while we're experiencing near-term headwinds in our appliance business and adjusting our annual revenue guidance, we remain confident in our ability to gain market share in this expanding security market. The emerging technologies continue to perform strongly and position Check Point are in a really good place to secure this rapidly growing enterprise attack surface driven by AI adoption. And we believe that our differentiated strategy, our core capabilities, our strong financial profile with its industry-leading profitability, and at the end of the day, a disciplined execution over time position us to really benefit from the accelerating demand for secure enterprise-grade AI, which is transforming organizations at scale. So before I take the questions with that, I'll turn to Roy to give you some of the financials.

Thank you, Nadav. One moment. Can you see my screen? Great. So thank you, Nadav, and thank you, everyone, for joining the call. So as Nadav mentioned, the first quarter was a solid quarter with 5% growth in revenues, driven by 11% growth in our subscription revenues. Our total revenues reached $668 million and were $2 million below the midpoint of our projection, as a result of lower revenues from firewall appliances that impacted our product revenues. When we were looking around subscription revenues, they grew by 11% to $323 million and were at the midpoint of our projections. Our adjusted free cash flow was very strong and reached $457 million, $17 million above the midpoint of our projection, and grew by 11%. Our non-GAAP EPS was $2.50 and exceeded our guidance with 13% growth year-over-year. So, as mentioned, we had 5% growth in revenues, while our deferred revenues grew by 8% to $2.6 billion. Our calculated billing totaled to $548 million, reflecting a 1% decline year-over-year, while our current calculated billing grew by 2%. Our remaining performance obligation grew by 7% and reached $2,592,000,000. So as Nadav indicated earlier in the call, we had lower than expected product revenues, mainly as a result of a disruption affected by the changes we made in the go-to-market organization. As we are looking into the second quarter, we do see this disruption still affecting our firewall appliances revenues. But based on the final that we see, we expect to see an improvement in the second half of the year. It is important to note that our renewal business continues to be stable and our firewall subscription ARIs continue to grow year-over-year. When we are looking at our subscription revenue, we do see a trajectory for re-acceleration. And we do expect to see acceleration in our subscription revenues in the second quarter and for the full year of 2026, driven by strong demand by emerging pillars, mainly by email security, CTEM, and SASE. So as indicated, our total subscription business continues to be strong. We continue to experience strong demand for emerging products, which remains the primary driver for our revenue growth. In Q1, our email security SASE and ERM in total exceeded 40% growth in ARR and over 45% in calculated billings year-over-year. It is important to know that although the revenues are still not significant for the total business, we see a significant growing funnel for our AI security offering, and that's together with the email security SITEM and SASE expect to drive the subscription revenue growth in the next few quarters. When we are looking at the revenues by geography, so 46% of our revenues came coming from EMEA, which had 6% growth year over year. 42% of the revenues came from America and delivered 4% growth year over year. And the remaining 12% came from Asia Pacific that had 2% growth year over year. When we are looking on the P&L for this quarter, so our gross profit increased from $564 million to $586 million, representing a gross margin of 88%. Our operating expenses, excluding R&D grants, increased by 14%, while on constant currency basis, our office increased by 12%. Q1 results include approximately $27 million of benefit from R&D grants to be received under the new Israeli incentive program law, which was ratified during the period. And that's reflecting the associated impact in our financial results. Our operating expenses net of R&D grants were $321 million and increased by 5% year-over-year. When we're looking at these grants, we do expect to have an approximately benefit for the total year of $100 million on our operating income, reflecting the new law that was just approved, was just finalized. The increase in our OPEX is primarily as a result of our increase in our workforce, as a result of investment in our AI security, and investment in sales and marketing programs. Looking on our non-GAAP operating income, it continues to be strong at $265 million or 40% operating margin. Our non-GAAP net income increased by 8% and reached $265 million, while our GAAP net income reached $192 million, similar to last year. Our non-GAAP EPS grew by 13% and reached $2.50, while our GAAP EPS was $1.81, represent 5% increase. Moving into our cash flow and cash position. So our cash balances as of the end of the quarter, together with market base securities and short-term deposit, reached $4.4 billion. During February, we completed the acquisition of Seattle and Cyclops for approximately $92 million of net cash consideration. Our adjusted free cash flow increased by 11% and reached $457 million. In addition, we continued our buyback program and purchased 1.9 million shares for a total of $325 million at an average price of $170 per share. To summarize, so strong double-digit growth, non-GAAP EPS, and adjusted free cash flow. We do see continuous strong demand for emerging technologies, SaaS, email security, CTAM, And from the other end, we do see in the near term lower new business from firewall that affected our revenues. I want to go into the guidance for the second quarter and for the full year. So for the second quarter, our total revenues are expected to be between $660 to $690 million. Our subscription revenues expect to be between $328 to $338 million. and non-GAAP EPS is between $2.40 to $2.50, while our GAAP EPS is expected to be around $0.70 less, while our adjusted free cash flow is expected to be between $145 to $175 million, Regarding the cash flow, the free cash flow, it's important to say that there are some payments, significant payments that move from Q3 to Q2. But again, that's mostly shifting from Q2 to Q3. When we are looking on the full year guidance, so as Nadav indicated, we are adjusting our revenues guidance, our total revenues guidance for the full year. The updated guidance is between $2,770,000,000 to $2,850,000,000. That's a reflection of expected lower revenues from firewall appliances, mainly in the second quarter. Our subscription revenues are not changing. We do see strong demand for emerging product, and we hope to finish in the upper end of the range, but we are keeping the same range for the full year. Same thing for non-GAAP EPS. We are not changing our non-GAAP EPS, expected to be between $10.05 to $10.85. GAAP EPS is going to be slightly higher, again, mainly because lower share count and slightly higher acquisition-related costs. And our adjusted free cash flow, we are not updating the guidance, same as we gave, between $1,150,000 to $1,250,000. I'll stop sharing. Keep. You're on mute, keep. Keep. Maybe it's better that you're on mute, but. Keep.

Unmute. All right. Sorry about that, guys. Having a little bit of technical difficulty. Starting off today's Q&A is going to be Brian Essex from JP Morgan, followed by Rob Owens of Piper Sandler.

Great. Thanks, Kip. Good morning, everyone, and thank you for taking the question. Nadav, I wanted to dig into product revenue performance. We'll take the easy question. Was macro or customer decisions to sweat assets not a factor at all? And if not, can you offer a little more color around the depth of the go-to-market changes? Where was the friction in the process most apparent? Where did the system break down? And what gives you confidence that this is just a near-term issue?

Thanks. So look, I don't think the macro is the issue here. When you look at the changes that we've made to our go to market, they're significant. So, you know, it's optimizing accounts to account managers. It's doubling down on our marketing, doubling down on our channels, but it did create a short-term headwind in terms of execution as many of our people changed their role or changed accounts. I see this as the main driver or the main headwind that we're seeing in terms of the firewall business. I don't think this is, we don't see a macro problem. We're actually already seeing that the engagement with our customers and the funnel going back to normal. So we're optimistic that this is sort of a blip. But it does take a little time to sort of get the motion back and everybody in their seat, et cetera. But for the long run, we believe this is the right thing to do and we're gonna continue to invest. Now this is just on the workforce. but also leadership changes in America, leadership changes in other areas. So there's a process here that we're going through. I think we're at the tail end of the disruption and very optimistic about the future. And at the same time, when I actually look at the demand side, we're seeing different areas of growing. So as an example, we're very bullish on new AI data centers where I think we have a very unique capability. So for the longer term, that's how we see the market and we're optimistic.

All right. That's helpful, Kala. Thanks. We'll keep Kip happy and keep it to one question.

Thanks, Brian. Next up is Rob Owens from Piper Sandler, followed by Joseph Gallo from Jefferies.

Great, thank you for taking my question and good morning here from the West Coast. Obviously the world's been changing quickly over the last six weeks and love to understand your perception relative to what's happening and how that's influencing Check Point's business. But in line with that, it feels like you're losing momentum at a critical time for cyber here. So how do you ensure that this, doesn't lead to longer term share losses as customers are having to make decisions in the near term to protect against these next generation threats.

Well, honestly, I actually think that we're gaining, not losing, when you look at the big picture. Take Mythos as an example. We think that, as I said, this is going to create a democratization, industrialization, and change the nature of the business. And I actually believe that we're really well-positioned. to answer that. At the same time, when you look at the relevant pillars, CTAM has grown 96%. Email, which we are one of the best in class in the industry and ready for this AI revolution, is growing over 40%, etc. So, That's one thing. The other thing is when you look at the fundamentals of the change in cybersecurity, I actually think that our ethos of prevention first is an example. If you look at the latest reports by NSS and Miracom, again, once again, we're at 99.9% ability to stop attacks of known CVEs. This was always important. I think now it's becoming really critical because that's exactly the change that's happening. You're going to have to be able to block as fast as possible or everything that is possible. And then you're going to have to remediate extremely fast. I think from both sides of the equation, we actually have an advantage here.

Next up is Joseph Gallo from Jefferies, followed by Adam Tindall of Raymond James.

Awesome. Thanks for the question. I know you talked about the impact to appliance execution, but I think the most exciting part of this story is the subscription growth and the potential for acceleration there. But if we look at current billings and you take out product, that only grew 3% year-over-year in one queue. So just you're guiding to 12% subscription growth and acceleration in the back half. Maybe just walk us through a little bit more about the confidence in that and then just any broader commentary on how we should think about billings going forward. Thanks.

So I'll take it. So you're right in terms of current billings excluding product, but that takes into account also maintenance and software and maintenance updates. And actually, it's pretty flattish right now. So if you're excluding that, so actually the growth of subscription is much higher, subscription billings. And we do see, by the way, we see the final even for the second quarter and mainly for the second half of the year. We see very strong demand for our subscription packages, for our subscription offering, if it's e-mail, SASE, CTEM we discussed, and also AI security. Also, the numbers are still not significant in terms of bookings for AI security, but we see very significant funnel that was created just in the last few weeks. We see the enthusiasm about it. We have a new leader there. And now that managing this business, definitely we feel positive about the subscription also for the next few quarters to re-accelerate.

Thank you.

Next up is Adam Tindall from Raymond James, followed by Shauli Al of TD Cowan.

Okay, thanks, Kip. Good morning, Nadav. I just wanted to just take a step back. There's kind of two major things that we're having to digest here on this call. The first one, I want to understand what exactly is happening to product revenue that is causing this revision? Is there changes to terms with distributors? Is there issues with supplies and shipping? What What exactly is changing and happening that's causing this mechanically? And the second thing that we're digesting here is the go-to-market changes that you're implementing. I wonder, you know, we've gone through this before with Check Point in the past, a number of changes to go-to-market leadership. When you look at these, if you could maybe compare and contrast some of the things that have been done in the past to this time, what you've learned and what might be different with these go-to-market changes. Thanks.

I can start on the first one, and Nadav, you will take the second. Yeah, so in terms of the product, why it's mainly affected the product. So we did changes in the go-to-market organization. Part of these changes were a lot of changes for assignments for car managers that worked on large enterprise and enterprises that moved from accounts to other accounts. This had some kind of, again, it's something that was expected, but that had more disruption than we expected. on the business, mainly on the new business. On the new business, I remind you that the funnel for refresh projects, for new business on firewall, takes a little bit more time than the sales cycle is longer than a sales cycle for selling CTEM, email, or other products, or this kind of product. For firewall, it usually takes longer. And we see disruption in funnel creation, mainly in Q1, that affecting mainly some of it in Q1, but mainly in the second quarter. And therefore we see the finance starting, we see a very nice improvement in the last few weeks after all people are at raw and the relevant roles and they are starting to work on their accounts. And we starting to see the finance created for the second half of the year. But as we mentioned, there is a new term Edwin specifically for the second quarter. Nadav, you want to take the second one?

Sure. Hey, Adam. Thanks for the question. Look, I would say a couple of things. Number one, it's my job to continue and optimize and see that I have, that we have the right leaders in the right place. I think that one change that we're doing, which is, I think, a differentiation is beyond just the structural changes that you spoke about. We're also investing more in marketing. We're doubling down on the channels. To your question about the personnel changes that we're conducting, we do want to bring strong leaders that come from the security business with the right experience, right? So in our last earnings call, we announced Ray Roberts, who's taking as president of Americas. and she has vast experience in the cybersecurity market. Tom Malone joined us and is leading Globals. Adam Eli comes from the industry and is going to lead the AI security. The idea is to bring seasoned leaders that know this business and then put like reorg the go-to-market organization so these two things work together and the third thing is what which we've been speaking about is the multi pillar approach that we're coming with so All in all, I'm very bullish about where that is going to take us. But I do acknowledge that in the first quarter, this has created disruption. But I think it sets us up for success as we go forward. And you'll see more people joining us at different levels from different companies as we are just getting the right people, the right data, the right processes to create this sustainable growth. And, you know, we have the vision, we have the mission. I really believe that we have meaningful headwinds with the products that we have. And we're bullish about where that's going to take us.

All right. Next up is Shauli Al, followed by Srinik Katharis.

Thank you. Good afternoon, guys. Nadav or Rory may be sticking with the product revenue question, as you guys know, Check Point, as well as its competitors. You guys are selling a number of appliance families, low, mid, high tier markets. Is there a specific market tier in which you're seeing increased pressure or the current softness is pretty much across all market tiers?

It's a cross, but I would say mainly around the large. And again, mainly as a result of the disruption in the go-to market, because there were many changes to assignment of enterprise and large enterprise that are mainly consuming the large boxes. So that's, I would say that's, but again, we see the cost of both, but more on the large one. I will say this, Shaul, that

Trying to put together the trends that are coming, and I know that this is sort of zooming out a little bit, right? But when you think about the priorities of large security organizations today and in the next couple of years, which I think are going to be chaotic, If you believe that this democratization, industrialization of the attackers and the changes that agentification is doing in everyone's networks is real, then I think that our firewalls are actually very well positioned for this future. If nothing else, because of the ability to prevent every known CVE and deploy it through our IPS in hours, not days or weeks. This is becoming more and more critical. I know that we've been preaching this for a long time, but I think this is now going to become more important and I think gives us an advantage, not only with the customer, like growing with the customers that we have, but going after new logos which is actually a part of the change that we've made in the go-to-market organization now as reese said getting new logos in ctam is much faster than Getting new logos in firewall. But I think we have what it takes and we've done the adjustments and put the right people in the right places. We'll continue to do it. It's never good enough. But I think it actually gives us a headwind, not only in the emerging categories, but also in the core, in the firewall, which is alive and kicking it. Forget checkpoint for a second. I think when you look at where the world is going right now, network security is becoming so much more important. It's one of the only places where you can really prepare an organization for the AI adoption. It doesn't happen overnight, but I truly believe this is a tailwind for Check Point.

Tailwind it is, yeah. Not a headwind.

Yeah, yeah.

Tailwind. Thank you. Next up is Sharnik Kotharis, followed by Keith Bachman from BMO.

Yeah, thanks a lot. Just maybe to switch gears from appliances. Nadal, you mentioned about data center, AI factory blueprint, and between that and the new AI defense plan, the chairman and I agent integration, the secure AI, it feels like you are trying to go after multiple layers of the enterprise AI security stack. Strategically, very compelling, and you talked about the opportunity, but just how should we think about monetization of this opportunity from here? Where do you see the near-term opportunity this year and the next four months?

Yeah. So I'll say this. It is a process. We're making very substantial investments, right? I think six months ago, we told you about the acquisition of LaCure as an example. This is where we're building a truly foundational model. We believe that if you look at the security for AI, you won't be able to use existing large language models that can do everything known to humanity, write poems and protect, but rather if you want the latency, the accuracy and the cost, we are going to have to train our own models. So that's a huge investment. We're investing in the researchers, we're investing in the GPUs, we're investing, you know, even thinking out of the box, we created a game called Gandalf where we have over a million worldwide users Thousands of them attack us every day so that we can put that into our small language model to continuously breed it so it can get better and better. That's a big investment. Now, on top of that, we're building security for AI as a platform. So for users, for employees, for applications, whether they're looking inside or to customers. And both of these, both people and applications using agents. And we're doing the security to the people. We're securing runtime. We're doing it, as I said, with Gemini. We're also doing it with CoPilot from Microsoft. Now, All this is heavy investment. Now Adam is coming in to lead also the commercial side of this. We're hiring the first salespeople to drive this. And we think that it's going to be, you know, still a small part of 2026, but huge potential for the future. That's one thing. Beyond that, it's also going to feed into our other pillars because by having those foundational models, we also have people that are simulating sort of in what we call the future lapse, what these attacks of the future are going to look like. So it's not just the AI pillar. It also feeds into our intelligence. It feeds into our email security. It feeds into our endpoint security. And I think over time, the value of real security, real proactive security is going to become more and more important. So at the end of the day, it's a big investment, but I think it's essential and I think it positions us well for what's coming. All right.

Thank you, Shrenik. Next up in place of Keith Bachman is going to be Todd Weller. Todd. And that'll be followed by Taliani at B of A. Thanks.

Thanks for the question. Just a question on memory pricing. What are you seeing in terms of impacts? More importantly, how are you thinking about it kind of going forward over the remainder of this year and then any kind of additional pricing actions being contemplated?

So memory pricing continued to inflate, to increase. I mean, we see this trend continues. As for, I mean, As for what we are looking at, how it's going to affect our revenue, our product revenues, I talked about it already when we gave the full year guidance, we took into account some disruption from the memory cost, from the memory cost also on the firewall business. Right now, I think it's tough to say if there is anything related to that. I mean, we're looking on the final for the second half of the year. We see good finance for firewalls. I mean, tough to say how it will impact right now. I don't know to tell you if it impacted the behavior of our customers in terms of buying firewalls, buying appliances. But definitely, I can tell you that the memory costs are continuing to surge, and I don't see it stop in the near term.

All right. Thank you, Todd. Up next is Taliani with B of A. Hi, guys.

Can you hear me? Yes. Yes. Nadav, I keep asking you the same question. I'm going to come back to the same question. You joined the company a few years ago with hope that growth is going to accelerate. You've done many things on sales, on products, and growth has decelerated instead of accelerating in the sense that we are now at 5% environment. It's just not big enough for such a great space there could not be a better space for you to grow and accelerate revenues, revenue growth. So the question is, what is not working with the strategy? What is not working? How can you change the growth trajectory to the point that we see double digits, sustainable double digit growth? And really to synthesize the question, the issue is what is the problem? Meaning, is it about sales execution? Is it about portfolio? Is it about the employee composition and the fact that maybe culture needs to change? I'm trying to understand what can you do in order to change the growth trajectory?

So first of all, I totally agree that we couldn't be in a better industry right now. And, you know, I think that, like you said, that's why I'm here and that's what I'm here to do. Look, as we said before, yes, some of it is execution, and that's why we're making these changes that we just spoke about, which are meaningful. You know, hundreds of people getting new accounts, moving seats, putting new leaders. I think it's essential, you know, giving us a short-term headwind, but I think will drive that sustainable growth that you're looking for. At the same time, I do want to say, that when you look at the total product portfolio that we have, although it's still not the biggest part of what we do, if you look at the emerging technologies that we have, right, email, CTAM, SASE, and now joining with security for AI, that, as we spoke about before, is growing really, really fast and becoming a bigger piece of what we're doing so you know all in all I think that I the vision and the strategy are there we're making the changes that we need to do it does take time and you know we need to continue course and and have the patience to get there because you know we need to do it with discipline and and that's what we're doing and it's going to take time but believe that we're in the right business with the right products In every one of the pillars that I spoke about, we're also looking at acquisitions. And I believe that when you bake all that together with the leadership that we're putting in place, we'll be in a good place in the future. Yeah. Thank you.

Thanks, Tal. Up next is Joshua Tilton from Wolf, followed by Jonathan Ho of William Blair.

Thank you, guys. I love getting no warning. But with that in mind, I'll keep it to one. Apologies. It's OK. You caught me off guard a little bit. Maybe one for Roy. Can you just reiterate exactly what you expect in the second half for appliance? I wasn't sure if you said stabilize or recover and maybe just talk to kind of the visibility you have or maybe the confidence you have around that view.

So for the second half of the year, I do expect to see improvement. Right now for the second quarter, we do expect to see a decline, a sharper decline in the product revenues. But for the third quarter and the fourth quarter, it's going to be gradually. We see a much better funnel also for the appliances. And we do expect to see improvement there. It doesn't mean that we're going to grow in Q3 and Q4 product revenues, but definitely we're going to show better performance compared to what we had in Q1 and what's expected for the second quarter. What we had in Q1 and what's expected for the second quarter. Healing myself.

And maybe just, you know, can you just talk to the confidence level around that? Like, just you're seeing in the funnel?

Someone, I'm healing myself. Can you hear it all? There is an echo. Someone, I'm healing myself. Can you hear it all?

Again, Josh Roy.

Again, Josh Roy.

Can you just talk to what's driving the confidence in that view? Is it just what you see in the funnel? Any incremental color would be helpful.

We see progress in the funnel. We see improvement in the funnel. If we are looking, we are checking all the time these metrics on a weekly basis. We see improvement in the funnel for the second half of the year. We see very nice deals, large deals in the funnel that are progressing. And again, we are doing these checks. We are doing the discussion with the go-to-market leaderships across the world. We feel more confident about the second half of the year. We do see even already some nice deals that we already won over competition, over competitors, win-backs of large enterprises. Of course, we're not going to see it as revenues in the second half of the year, but we see some of these kind of deals being closed and will affect our revenues in the second half of the year. But all of that together put us in a much better view for the second half. Helpful. Thank you.

All right. Next up is Jonathan Ho, followed by Peter Levine.

Hi, good morning. Thanks for taking the question. You referenced some strong growth in your security for AI solutions, but they're still relatively small contributors. But with that strong pipeline build, particularly in the last couple of weeks, when do you expect AI security to be more of a material contributor? And will this be more sort of standalone products? Or can there be maybe a stronger tip of the spear type solution where you can land some new customers? So cross-sell within your base versus landing new customers.

Yeah, thanks for the question. Look, early innings, right? And I think to become a substantial part of our revenue, that will only happen as a standalone. That will only happen in 2027. And it's a big investment. Organizations are going to inevitably Even those that are trying to sort of slow down the adoption inevitably need to adopt new AI for their employees, for their applications, etc. We're all seeing it in our own personal lives. We're seeing it in our businesses, etc. But it's a process. And so as a standalone business, I think to be substantial to Check Point 2027. Beyond that, you're right. It's not just a standalone. So, for example, it's part of our workspace pillar. where workspace employee usage is sold as a bundle through our workspace. When you look at the infrastructure level, where we spoke about the Firewall business being able to double down on the infrastructure and embed AI in the NVIDIA GPUs, again, as Rory said, we're only seeing the first glimpse of these projects happening, but as they happen, I think we're gaining advantages. So to answer your question, I think it's both as a standalone and as a contributor to our other pillars. And even to our, not just to their product, so one of the fastest growing things in security for AI is AI red teaming as an example, which is a part of our services business. So it does have an impact on each one of those and as a standalone. But to be a real impact on our revenue and, you know, become a significant part of 2027.

All right. Thank you, Jonathan. Next up is Peter Levine, followed by Saket Kalia.

Great. Thanks, Kev. Maybe just to double down, you know, so we last reported mid-February. Maybe just help us. When did these, like, when did you really see the material impact to the go-to-market strategy? And then maybe help us understand, the deals that were impacted are these upsells, renewals, or net new deals, meaning what's the level of confidence that if it was net new deals, these are still in the pipeline? Obviously, you talked about stabilization in the second half, but just help us understand the impact and where those deals flow.

I think when we reported back then in February, we were in the middle of the process. We started it sometime in January, but we're in the middle of the process. We did expect some kind of disruption back then, But when we looked at February and March, we did see this disruption affecting our funnel, affecting our funnel creation, mainly for the second quarter and some for the third quarter. We did see some delays of funnel creation. We did see these delays affecting it. And we see in the last few weeks, the impact. We see that in the last few weeks, we do see a significant change in the final creation. And these delays mainly impact the second half, the first half of the year. And again, of course, there are several deals that have been pushed from first half to the second half. It's important to say that renewal business, look stable. We don't see any. It's mainly affected new businesses and firewall in firewall. And that's that's the main change. I mean, when we talk back, I mean, we have been in the middle of the process. And as Nadav said today, we are I think we are in the last inning. We're almost done with this with these changes. And we are now more confident with what we see for the second half of the year.

Thank you. All right. Up next is Saka Kalia, followed by Eric Keith.

Okay, great. Hey, guys, thanks for taking my question here. I want to shift gears a little bit. And Roy, maybe the question is for you. You know, the growth in emerging ARR and billings was great to see. 40%, 45%, I think those numbers were. Can you just remind us how big those businesses are in aggregate as a percent of subscription revenue? And then I want to connect that back to some of the go-to-market changes. How can some of the go-to-market changes maybe support growth in those emerging products going forward?

So we're not disclosing it, but these specific free products are slightly below, I would say, slightly below 30% of our ARR for subscription. So think about that area, these specific free products. And Nadav, you want to talk about the go-to-market?

When you look at the go-to-market adjustments that we've made, it does support exactly what you said, right? We're doubling down investment on these pillars, but also integrating our work, our sales capacity. force together with them that is when we want to become a multi-pillar organization we want our account managers to be able not just to do firewall but also the emerging business so that's part of the change that we're doing beyond that we need to go to our channels and introduce them to these new products which some of them are novel to them so You're right. On the one hand, we need to push these emerging technologies and capabilities faster, and we're doing that. But at the same time, we are going to go after new logos, win backs, et cetera, with what I believe is a tailwind of what's happening from the attacker's perspective and our capabilities. And at the end of the day, it's obviously the change itself is disruptive. But now I think we're at the tail end of the disruption. As Doreen said, we're starting to see the upside. but it's never ending. We got to get the right people. We got to get the right data. We got to get the right processes. And then again, but ultimately it's putting a really big focus on our go-to-market all the way from a funnel creation, demand creation, channels, the people, the processes, et cetera. And that's what we're doing. And I think it positions us for the future. Very helpful.

Thanks. All right. Next up is Eric Keith followed by Roger Boyd.

Eric, unmute. There you go. There you go. A little slow on the trigger. Thanks, Kip. Thanks for taking the question. Nadav, I wanted to come back, I mean, to your comment about M&A. It's been part of the strategy with tuck-ins and you have the balance sheet strength, which is a strong suit for yourself and relatively muted valuations out there, broadly speaking. So just anything you can share about more transformational M&A as part of the strategy going forward. Thanks.

Yeah, thanks, Eric. So we're looking at this based on our pillar approach, right, which at least in my mind is very, very clear. What do we want to achieve in the hybrid mesh? What do we want to achieve in CTAM? What do we want to achieve in workspace? And in each one of them, our M&A teams are constantly hunting for, you know, early stage startups with with foundational technologies that we can take advantage of, but also larger opportunities. And I do think that one, our balance sheet, second, our discipline and third, the volatility in the market is going to create opportunities for us. And we are going to make those moves when, you know, when it's strategically within what we want to do in the pillar. We believe that from an execution, culture, you know, merge, we have the ability to do it. When all these ducks are lined up, that's when we're going to make those bigger moves.

Thank you. All right. Next up is Roger Boyd, followed by Matthew Hedberg.

Awesome. Thanks, Kip. Vinav, I wanted to come back to emerging products. I think you mentioned 90% growth in CTEM, 40% growth in email. Just any sense on where you are in terms of SASE growth and to what extent is that business impacted or not impacted by some of the dynamics you're seeing across product and firewall right now? Thanks.

Yeah, thank you. So look, SASE has become a fundamental part of the hybrid mesh network security. And we're making really big investments there. We have, you know, Our R&D part is rushing to complete our feature list. We're now able to go upstream to the larger enterprises and creating some differentiated unique capabilities. In terms of the impact, no, I don't think it was impacted by the go-to-market change. I think the go-to-market change primarily affected our core, our firewall. with people moving around. In fact, we're doubling down on our SASE sales capabilities. We joined forces with our CGNS, our cloud network security sales force with SASE. So in effect that we now have a bigger team and more salespeople that can do both. And as this matures, the most important thing for us is to make sure that our general account managers can also be selling SASE. And that's sort of the trajectory we're going into. But it is becoming more and more important around our hybrid mesh network security as organizations are, you know, moving. And in fact, I think adoption of AI is actually going to make this even more critical.

Very helpful. Thank you.

All right, and our last questioner today is going to be Matthew Hedberg.

Hey, thanks, Kip. Hey, Rudolf. You know, I think, you know, with all the advancements from some of the AI models, And with me, though, it's got to represent an incredible challenge for not only customers, but even for some of your engineers. What is the focus internally with keeping up with this rapid change from these frontier models? And how do we as a cyber community adapt to this?

Yeah, look, I think that's sort of the biggest question that we're all looking at, right? So when you think about it, we're witnessing democratization and industrialization from the attacker side. That's a huge shift. And our networks, as they become agentified, they really change the nature of the networks because if you really want to harness agents, you got to give them the ability to get into different data sets And so that create different pathways that we haven't seen before. This is not a new shift, but it's accelerating dramatically. And so, look, we're preparing for this era for a long time. It's not just about a single model announcement like Mythos. And I think we're executing intensively over the past year. I'll give you one example of what sets us apart. You know, we have the depth of the research. We have folks Tel Aviv in Zurich in San Francisco that are building this foundational model that we're constantly feeding in order to anticipate that future and again like I said before this this allows us not just for the latency and accuracy but also the cost structure we've started working on in different verticals, like banking, health, energy, with large design partners, so that not only we try to anticipate what the attackers are doing, but they also tell us what they're doing in order to optimize their own organizations. Irrelevant, not because of cyber, but because how they want to harness these models. And together, we're trying to understand how to securely adopt them. One of the things that I'm very... glad to see is that someone like Adam Eli is joining us. And then we're seeing like, you know, we're securing Microsoft Copilot, we're securing Gemini at Google. And so You're right. This is a fundamental change. I think at the end of the day, on the one hand, we want to move really fast with AI adoption. On the other hand, we need to use our decades of hardening our environments so that we can get ahead of the curve before exploits go public. In this case, I think that our IPS signature and WAF rules is best in the industry right now. And so I think it positions us well. I think there are going to be many more models. I think a lot of them are going to become publicly available. And so we're really just seeing the beginning of this. Zero days become one day. The time to patch is going to need to accelerate dramatically. This is where we're bringing our CTEM. capability. And again, when you put these things together, I really think that we have a proposition to customers that not just going to keep them more safe, but also allow them to do this AI adoption. Having said all that, look, there's a lot of unknown. I want to be very clear about that. Some of the things that we're seeing with these new models is truly a game changer. And so what we're doing in order to try to stay ahead of it is not just to try to see what's happening in the wild, but also to try to simulate how the attackers are going to take advantage of these tools. Because the whole attack process, everybody's talking about vulnerabilities, but there are so many other things that we need to be aware of in order to stay ahead of this. You know, in that sense, these are really exhilarating time. I think like was said before, this is a good time to be in this industry from a business perspective, but it's also one of the most important times to be in this industry so that we can keep this digital world running.

All right, guys. Thank you very much for attending. I'm sure we'll see you guys throughout the quarter, and we'll be speaking to quite a few of you over the next few days. Have a great day, and we'll see you guys soon. Bye-bye now. Thank you.