This conference call transcript was computer generated and almost certianly contains errors. This transcript is provided for information purposes only.EarningsCall, LLC makes no representation about the accuracy of the aforementioned transcript, and you are cautioned not to place undue reliance on the information provided by the transcript.
spk07: Good day and welcome everyone to Palo Alto Network's fiscal fourth quarter 2021 earnings conference call. I am Clay Bilby, head of Palo Alto Network's investor relations. Please note that this call is being recorded today, Monday, August 23rd, 2021 at 1.30 p.m. Pacific time. With me on today's call are Nikesh Arora, our chairman and chief executive officer, and Deepak Galecha, our chief financial officer. Our chief product officer, Lee Klarich, will join us in the Q&A session following the prepared remarks. today's discussion on our website at investors.paluetonetworks.com. While there, please click on the link for the events and presentations where you will find the investor presentation and supplemental information. In the course of today's conference call, we will make forward-looking statements and projections that involve risk and uncertainty and that could cause actual results to differ materially from forward-looking statements made in this presentation. These forward-looking statements are based on our current beliefs and information available to management as of today. Risks, uncertainties, and other factors that could cause actual results to differ are identified in the safe harbor statements provided in our earnings presentation and in our SEC filings. All of the networks assumes no obligation to update the information provided on today's call. We will also discuss non-GAAP financial measures. These non-GAAP financial measures are not prepared in accordance with GAAP and should not be considered as a substitute for or superior to measures of financial performance prepared in accordance with GAAP. We have included tables which provide reconciliations between non-GAAP and GAAP financial measures in the appendix to the presentation and in our earnings release, which we have filed with the SEC. We have several upcoming events, including a virtual analyst day on September 13th, starting at 9.30 a.m. Pacific time. Nikesh Arora, our chairman and CEO, along with members of the executive team, will provide an in-depth review of the company, including growth strategies, financial objectives, and capital allocation frameworks. Management is also scheduled to participate in uncoupling virtual investor conferences in September hosted by Citibank and Piper Sandler. And now I will turn the call over to Nikesh.
spk08: Good afternoon, everybody, and welcome to Palo Alto Network's Q4 conference call. I'm trying something new today, so please bear with me. You just got an opportunity to see our ad campaign. You're the first people to see it. We spent a lot of time working hard trying to understand what our customers really want to see from us. And the constant drumbeat we've got from them is innovation at the forefront of cybersecurity. Our ad campaign called We've Got Next amplifies the innovation that our teams have been delivering and our promise that we will be there with you as your partner. We've Got Next. I look forward to seeing this ad be the drumbeat for all of our broadcast media and covering our many platforms over time as we go out in the public domain and keep sharing this with our customers. Moving on, as you all are well aware, we've had a series of cybersecurity events over the last quarter. Against the backdrop where we've seen supply chain attacks, where bad actors try to hack into core infrastructure pieces, which allows them access to enterprises or government systems. These vulnerabilities are being exploited by ransomware actors. The ransomware threat continues to rise. Our Unit 42 team research shows that the average ransom demand in the first half of this year grew from 5.3 million, which is up 518% year-over-year. What these attacks are highlighting is the constant shortcomings of enterprises and of government infrastructure, continually spurring demand and consolidation as companies devalued their cybersecurity posture. It's against this backdrop that our platform approach is working. Three years ago, at our analyst day, we set out the strategy of the company on three fundamental tenets. One, that the network will transform with the introduction of the cloud. This is accelerated with the pandemic, with SASE and virtual firewalls leading the transformation. Not only that, we supplemented our firewall platform strategy with software capabilities like DLP, IoT, SaaS visibility, DNS security, and SD-WAN. Our second insight was the cloud is going to be big and it's here to stay. We have now seven modules in our cloud security platform, which is being used by over 75 Fortune 100 companies. And our third insight was more AI and machine learning will be needed to support the automation of our security platforms and our security operating centers. Our Cortex platform validates that for us every single day. Underpinning this innovation strategy has been a flurry of product releases of all of networks. When I came to the company, we sat down and decided what we needed to do was to get our innovation and product strategy right. Something many cybersecurity companies have struggled to do is stay relevant. You can see from the slide we've gone from 13 major releases to 29 this year, tripling our product release capability over three years of these 63 odd 11 of these 64, sorry, 11 of these have been through acquisitions. The other 53 have been done through organic innovation in the company. And this is not all. We're going to see a lot more innovation coming down the pike as we unfold this year. We will tell you more about this in the analyst deck. A rapid pace of innovation is also being validated by the industry. If you look at this slide, we used to be recognized by two in two categories for leadership in cybersecurity. In FY21, we were awarded six different accolades to validate that now we're leaders in six different categories. Our aspiration is to grow that category of leadership over this year and hopefully get into double digits by the end of this year. So our pace of innovation is alive and it continues. Breaking down into the three different platform pillars, our network driven pillar, which has been driven by SASE and virtual firewalls. I know at the beginning of the pandemic, there was a huge debate, like how long is the work from home trend going to last? Well, all I can tell you is it's far from over. This is going to become the norm. Hybrid work is about to become the norm, and SASE is going to lead that transformation. In this environment, all applications are going to need access to every app from any location. Only parallel networks can provide the comprehensive capability with our consistent network security across all of our platforms. We saw a phenomenal number of large deals in this category. One of our largest deals was with a bank in the JPEG region where it was highly competitive, and our customers spent over $10 million, but Prisma Access was a cornerstone of that strategy. After a phenomenal amount of growth in our SASE product category, we've seen our customer count grow by 50%, and now it's almost 2,500 customers. Also, 25% of these customers are net new to Palo Alto Networks, which is great. Not only are our firewall customers buying products from Palo Alto Networks, but our many new product capabilities are allowing us to penetrate the customer base even further. Beyond the initial demand we see for Prisma Access in our SASE category, we've realized customers want more capability. We recently announced Autonomous Digital Endpoint Monitoring, Experience Management, ADEM, which is fast becoming a standard. We've realized that Bundling the ADEM capabilities with other capabilities around Prisma Access allows us to uplift our Prisma Access deals over time by 25%. In addition to our SASE leadership, last quarter we introduced our fourth generation hardware with high performance and attractively priced appliances. The newly introduced PA400, which is 10 times, 10 times the performance of the predecessor, will expand our presence in the enterprise branch, SMB, and international markets. Most recently in our quarter, a US convenience store chain that previously used us only as a corporate infrastructure, deployed 400 series to 2,300 stores. Also on the high end of our hardware strategy, we're beginning to start seeing refreshes. This has been a trend which had been subdued. People were holding back, sweating their asses during the pandemic. And we realized as the pandemic has eased up, as companies are starting to come back to work, they've seen volumes go up. They have not created more infrastructure. As a result, we're seeing customers who are coming back, even in a hybrid form, starting to do refreshes in the hardware category, which has led to the hardware growth we saw this quarter, which has also underpinned some of the network-driven growth or network platform-driven growth for us at Palo Alto Network. Last but not the least, we continue to maintain a leadership position in our virtual firewalls. We recently launched our partnership with Google, powering their new cloud IDS with our VM series. As you can see, continued acceleration of our software firewall business in its multiple form factors has allowed us to deliver approximately 47% of FVAP billings in a quarter where we even saw hardware growth accelerate. We finished our fiscal year 21 with our software firewall and Prisma SASE next generation security RR at $425 million. As you will see, these numbers will add up to show that our NGS AR for the quarter was north of 1180. Moving to our cloud platform. As you know, we caught this trend early, investing three years ago in the cloud native security opportunity. You might have all seen the flurry of activity from venture capitalists trying to flood this market with a lot more cloud security companies. We're delighted that they're validating our strategy, but we think we're far ahead. A key measure we use for understanding how well our Prisma cloud services are performing is the consumption of our Prisma cloud service. In Q4, we had 2 million credits consumed. This consumption is broadening beyond our initial modules of cloud workload protection and CSPM. We've launched IAM and WAAS modules. We already have seen adoption by north of 100 customers in a quarter. Over one quarter of the global, our total 2,000 customers are Prisma Cloud customers, with total customers growing at 47%. We're also excited that with our BridgeCrew acquisition, we have seen increased adoption of BridgeCrew as customers shift left with cloud security. We're delighted with the results so far and the progress we're making in integrating BridgeCrew with Prisma Cloud. And we continue to see very large deals with Prisma Cloud. Our top three customers in Prisma Cloud committed over $40 million to bookings this quarter. Our largest deal was $20 million in Prisma Cloud, with the customer expanding cloud workload protection and CSPM and adding bridge crew for the entire cloud platform. Including our Marketplace VM and CN series, our Prisma Cloud business finished FI21 with ARR of $300 million. Moving on to Cortex. In Cortex, we have 2,900 customers for our XDR Pro and XR products, nearly doubling year over year. We booked our very first over $10 million fall on transaction for Cortex in the pharma industry. Different by the platform approach, our customer bought most of the platform, they want XDR, they want network traffic analysis, they bought XSort. Today, we announced XDR 3.0. This expands our pioneering XDR service to cloud and identity-based threats, giving organizations a single console for holistic analysis. Xpans continues to innovate as a leader in the emerging attack surface management space, as well as delivering unique integrations with our Palo Alto portfolio. In Q4, we released Xpans capability that enables unknown cloud assets to be discovered and brought under management of Prisma Cloud. We finished FY21 in Cortex NGACRR of over $400 million. And last but not the least, We're very excited about Unit 42. Unit 42 is our capability where we can actually proactively support our customers. This is how we go from being a peacetime company that provides products to our customers to a wartime ally when we are there for them when they need us. We launched proactive capability last quarter in our Unit 42 team. Our business went up 11x in Q4 for the proactive services capability. One of the key engagements we're experiencing is ransomware readiness. We have 39 ransomware readiness assessments where we got engaged and we have 300 more in the pipeline. Over time, we expect these service engagements to allow us to increase our product pull-through to our customers. You can see that our leadership signs where customers are integrating security and consolidating. As a company, we continue to focus on getting more presence in our customers and getting larger deals with them. I'm delighted to say we had 18 customers sign transactions over $10 million in the quarter. We had our first customer that surpassed $100 million in their book business during the fiscal year as the standardized and volatile networks across the entire enterprise. And our millionaire customers were up to 986 in Q4, approximately up 30% for the third quarter in a row. The strategy is showing in our financial results. You can see we saw revenue acceleration in Q4 to $1.2 billion. We also saw that our billings went up to $1.868 billion, up 34%. And our NGS billing of $1.18 billion was in excess of our guidance. Also delighted that our FY21 performance for ClaySec had an error of $734 million and revenue of $602 million. Going into FY22, we're further aligned around our one pilot networks strategy where we see the benefits of being able to cross-sell our platform. I also am very delighted to say we had our first $2 billion quarter ever. I know you see the billions at 1.868, but if you look at the difference between our PO and our revenue, we actually did more than $2 billion of book business this quarter. It's kudos to our team out there in the field and our customers who trust us with their cybersecurity. During Q4, it is clear that we continue to see momentum in our business. We saw product revenue accelerated at Palo Alto Networks. This is revenue which we believe will sustain into Q1 because we're seeing the refresh come in and we didn't ship everything that we saw in our product business in Q4. We're not able to. We've also seen phenomenal growth in our cross-platform adoption. You can see that customers 43% of our customers purchase all three of our platforms, 28% purchase two platforms, and 29% purchase one platform. What's interesting is for customers that acquired two of our platforms, deal sizes were three times the deal size for single platforms. Also, for Global 1000 customers that acquired all three of our platforms, Some of the deals were 14 times the deal size of the largest single platform deal. So it's very interesting to watch our platform approach of consolidation is beginning to show signs of success as we were able to go convince our customers that they should be deploying more than just one of our platform categories. It is clear to us that our transformation is working. In September 2019, our analyst day, we provided FY22 targets. Our just-released FY22 guidance materially exceeds the FY22 targets we set back in 2019, as you can see. As Deepak will highlight, our total company growth for revenue is in the mid-20s, ahead of our prior 20% CAGR target for two years ago. Our business is transforming faster. NGS is growing faster. I look forward to sharing new guidance for you for the next phase of Apollo Networks for the next three years at our analyst day in September. But it's clear that over the last years, our product and strategic transformation to being an innovator in cybersecurity is working. Now we have to share the strategy over the next three years of how we continue to scale this business effectively and efficiently. Multiple drivers give us conviction in objectives for FY22 and beyond. Just to lay it out for you, how do I see growth for FY22 and how do I see a scaling into that growth? One, I believe there's some pent up hardware demand, and we're going to see that come through in Q1 and the rest of FY22. We've also launched new form factor hardware, and we are very excited about the initial response by the customers to this new category of hardware. We also currently benefit from the cloud adoption around the industry, and we think that benefit continues going to FY22. As I said, work from home. is a new normal it's not something that's over i don't think the sassy train has barely left the station i think they have a lot of room to go not just for fi 22 but also beyond and last but not the least i don't believe uh manual processes can keep up with the accelerating pace of sophistication for cyber security so i believe there is tremendous growth going forward both for the cyber security industry and for palo alto networks on the scale front We introduced the concept of speedboats three years ago. Our speedboat model is working well. We continue to iterate and improve it for growth and productivity. We also see our multiple platform success. We believe there is room for synergies as we get into a more cohesive sales motion as we start to see these things working. There's also some products which we have not yet launched, which you will see us launching in the course of the year. And we hope as we launch those products, you're going to start seeing the benefits of our innovation and investments during this year and following years. And our journey to the cloud is well underway, but we also have much to go in terms of optimizing our cloud spend. So we believe there's opportunity to create margin expansion over the long term. We also believe there is sustainable growth in cybersecurity industry. We expect to see these drivers of our top line combined with a continued but moderate pace of investment in FY22 as we plan to add fewer employees in 22 than we did in FY21. Part of this is our expectation that acquisitions will be incremental versus substantive in the coming year. Beyond FY22, we expect to grow operating income faster than revenue. We will update investors further on this at our September 13th analyst day. Ending where I started. You can see why we're excited to talk about what we've got next as we head into FY22. With that, I will turn over the call to Deepak to talk about the details of our Q4 performance and our guidance.
spk05: Thank you, Nikesh.
spk01: Hello, everyone. Before I begin, please note that all comparisons are on a year-over-year basis unless specifically noted otherwise. We delivered results ahead of our guidance across all metrics as we continue to grow and transform our business. In Q4, we saw sequential revenue acceleration driven by strength in our hardware appliance business and in our next generation security portfolio. We also continue to grow billings and our remaining performance obligation ahead of revenue as we build future predictability with a higher mix of recurring revenue. As a reminder, Billings is total revenue plus the change in total deferred revenue net of acquired deferred revenue. In the fourth quarter of 2021, we delivered Billings of $1.87 billion, up 34% and well ahead of our guided 22% to 23% growth. The size of the deals with our large strategic customers grew and our total customer count expanded, with over 2,500 customers added in the quarter. Q4 revenue of $1.22 billion grew 28% and was above the high end of our guidance range. Growth was driven by strong demand across all geographies and major product areas. Total deferred revenue in Q4 was $5.02 billion, an increase of 32%. The remaining performance obligation, or RPO, was $5.9 billion, increasing 36%. We believe that RPO adds meaningful insight into our backlog as it includes both prepaid and contractual commitments from customers. By geography, Q4 revenue growth was strong across all regions. The Americas grew 29%, EMEA was up 25%, and APAC grew 28%. Our hardware appliance business accelerated in Q4, driving product revenue of $339 million, growing 11% and contributing 28% of revenue. Customer reaction to our refresh of the 400 series and 5,400 series appliances was positive. We saw strength overall in network and data center refresh and appliance pull-through from customers standardizing on our platform. Subscription revenue of $535 million increased 37%. Support revenue of $345 million increased 35%. In total, subscription and support revenue of $880 million increased 36% and accounted for 72% of our total revenue. Gross margin was 75.3%, up 100 basis points as compared to last year, driven by improvements in both our product and services gross margin. While the top line outperformed, operating margin was 17.5%, down year over year as expected, as some pre-COVID expenses returned in the fourth quarter, and we continued to hire top talent, adding headcount in our go-to-market and engineering organizations. We ended the fourth quarter with 10,473 employees. Net income for the fourth quarter increased 12% to $162 million, or $1.60 per diluted chair. Our non-GAAP effective tax rate was 22%. GAAP net loss was $119 million or $1.23 per basic and diluted share. For the full year, billings of $5.45 billion grew 27%, and total deferred revenue was $5.02 billion, an increase of 32%. Fiscal year revenue of $4.26 billion grew 25%, and operating margin of 18.9% was up 130 basis points as COVID-related impacts led to lower operating expenses throughout the year. Non-GAAP net income increased 27% to $614 million, or $6.14 per diluted share. Turning now to the balance sheet and cash flow statements. We finished July with cash, equivalents, and investments of $3.8 billion. Day sales outstanding was 74 days, a decrease of seven days from a year ago, driven by a combination of strong collections and improved billings linearity. Cash flow from operations was $326 million. Pre-cash flow was $298 million, as compared to $302 million last year, with a margin of 24.5%. For the full year, free cash flow of $1.39 billion was up 69% with a margin of 32.6%. Adjusted free cash flow for the year was also $1.39 billion, up 43% with a full year margin of 32.6%. Cash conversion remains an important part of our framework in supporting total shareholder return. Our firewall-as-a-platform, or FWAP, billings grew 26%, reflecting another strong quarter as we continue to grow faster than the market. While we saw an increased contribution to firewall-as-a-platform growth due to increased product demand, a majority of firewall-as-a-platform growth continues to be driven by software firewalls, including our VM series and Prisma SASE. Next Generation Security or NGS ARR exited the year at $1.18 billion, exceeding our original guidance of $1.15 billion. Within NGS, we continue to see exceptional growth in our SASE and software firewall portfolio, as well as strength in Prisma Cloud and Cortex. For ClaySec, we were happy to have achieved results that were consistent with our fiscal year 21 financial goals. As we have gone through our fiscal year 22 business planning and oriented the focus of the company around one Palo Alto networks, we wanted to ensure our metrics reflect this one Palo Alto network strategy. We believe a focus on NGS ARR growth and our transformation metrics are the best measures of progress on our strategy. In the appendix of our earnings slide deck, we've included the fiscal year 21 results, the NETSEC and CLASEC. Our capital allocation priorities are unchanged and aligned with the optimization of long-term shareholder return. We remain focused on investments for organic growth and targeted value creating acquisitions. We didn't close any acquisitions in Q4, and at this time, we believe we have assembled the key pillars needed to execute on our platform strategy. We expect only incremental M&A activity in fiscal year 22 as compared to the recent past. Under our share repurchase authorization, during the quarter, we acquired approximately 846,000 shares on the open market at an average price of approximately $388 for a total consideration of $328 million. Our board of directors authorized an additional $676 million for share repurchase, increasing the remaining authorization for future share repurchases to a billion dollars expiring December 31st, 2022. Moving now to guidance and modeling points. For the first quarter of 2022, we expect billings to be in the range of $129 to $131 billion, an increase of 19% to 21%. Revenue is expected to be in the range of $1.19 to $1.21 billion, an increase of 26% to 28%. Q1 product revenue growth percent to be in the low double digits. We are providing this transparency this quarter. Non-GAAP EPS is expected to be in the range of $1.55 to $1.58, based on a weighted average diluted count of approximately 101 to 103 million shares. For fiscal year 2022, we expect billings to be in the range of $6.6 to $6.65 billion, an increase of 21 to 22%. Revenue is expected to be in the range of $5.275 to $5.325 billion, an increase of 24 to 25%. We expect next generation security ARR to be $1.65 to $1.7 billion, an increase of 40 to 44%. We expect product revenue growth percent to be in the mid single digit to high single digit range year over year. We expect operating margins to be in the range of 18.5 to 19%. Our non-GAAP EPS is expected to be in the range of 715 to 725 based on a weighted average diluted count of approximately 104 to 106 million shares. Adjusted free cash flow margin is expected to be greater than 30%, and we will report RPO and recommend this as a tracking metric as it captures the full value of our contractual arrangements and is a good indicator of future revenue. Additionally, please consider the following additional modeling points. As I mentioned earlier, we hide aggressively in the second half of fiscal year 21, supported by confidence in our fiscal year 22 outlook for revenue and buildings growth. With expenses from this investment flowing into the first half of fiscal year 22 and some return of COVID expenses, we expect operating income will be shifted to the second half of the year in fiscal year 22 as compared to fiscal year 21, and we expect an approximate 43-57% first half to second half split during fiscal year 22. We expect our non-GAAP tax rate to remain at 22% for Q1 and fiscal year 22, subject to the outcome of future tax legislation. We expect net interest and other expenses of $4 to $5 million per quarter. We expect fiscal year 22 diluted shares outstanding of 104 to 106 million shares. And for Q1, we expect capital expenditures of $35 to $40 million. For the fiscal year, we expect capital expenditures of $205 to $215 million, which includes approximately $40 million related to our Santa Clara headquarters. Finally, I would like to invite you to join us for our Virtual Analyst Day on September 13th, when Nikesh, myself, and others from our team will provide an update on our company and product strategy, financial outlook, and ESG plans. In closing, we are entering fiscal year 22 with strong momentum. We're pleased with our operational execution and organic growth prospects as drivers of continued momentum. With that, I will turn the call back over to Clay for the Q&A portion of the call.
spk07: Thank you, Deepak. To allow for broad participation, I would ask that each person ask only one question. The first question will be from Socket Galea of Barclays with Keith Weiss of Morgan Stanley to follow. Socket, you may ask your question.
spk05: Okay, great. Thank you, Clay. Thanks for taking my question here. Nikesh, maybe for you, lots of good stuff to hit on in the quarter, but maybe I'll just focus on next year's billings guide to start. It was great to see, I think, the guide of 21 to 22% billings growth next year. That's better than where you started fiscal 21 in terms of billings growth expectations and, of course, subsequently B. Can you just talk about what's going into that higher starting point for fiscal 22? And maybe as part of that, how you're thinking about overall security spending in the areas of Palo Alto and Pete Center? Thanks.
spk08: Well, Saket, thanks for your question. As you know, When we went into FY21, we were all looking at what's happening with the pandemic. We were trying to figure out how the pandemic was going to impact security spend, how the pandemic was going to impact our customers coming back to work. What we realized in the course of the last year that Business must continue. In that context, customers have come back and realized this way of working is fine. Not only a way of working in terms of creating productivity and delivering their services, but also this way of working in terms of upgrading their IT infrastructure and, of course, staying ahead of the cybersecurity threat landscape. So in that context, we have a little more confidence going this year where we believe the customer is going to go. Of course, the pandemic hopefully will ease itself out over the course of the next few quarters. But in that context, we feel a little more confident. Therefore, we've been able to understand what we can do as a business and share that guidance with you. In terms of cybersecurity spend, as I said, The volumes of technology consumption have gone up in the pandemic, not down. I don't think this is a one-time blip that's going to normalize. I think this is a new normal. And that new normal needs to be protected. And to be able to protect it effectively, you're seeing customers are looking at consolidation strategies. I shared with you the three platform purchases, the two platform purchases. I don't know, in my three years at Palo Alto, I'm finally seeing customers wanting to consolidate and not deal with fragmentation. They're realizing this is a losing battle if you're going to take points, sliver products, and try to integrate them to yourselves. Now, that's our bet, has always been our bet, but it's not a bet which is contingent on you know, us having a platform, you have to buy it all. It's continuing us being able to deliver best of breed capabilities. And I shared, we've gone from two to six, hopefully from six to double digits this year, which means we actually deliver best of breed capability to our customers, even if all they want is that. So that's what gives us the confidence, I guess.
spk05: Thanks very much.
spk07: And our next question comes from Keith Weiss of Morgan Stanley with Rob Owens after that. Keith Weiss, you may ask your question.
spk15: Excellent. Thank you guys for taking the question. And very nice quarter. I think this quarter is probably going to surprise a lot of guys in terms of the level of overall strength you saw in Billings, NextGen doing really well, operating margins outperforming, the guide for operating margins outperforming. But probably the biggest area of contention that guys had coming into the print was product revenues. There's a lot of worry about supply chain issues and supply chain constraints. It doesn't really seem like that impacted you. If you talk a little bit about product revenues heading into FY22, does this account for any, the guide, does it account for any supply chain issues on a go-forward basis? And this new level of, for FY22, of mid to high single digit growth, is that durable beyond FY22 or is this a period of catch-up spend with that pent-up demand around hardware you were talking about previously?
spk08: So, Keith, thanks a lot for your question. I also want to thank you for a balanced note. I thought you had a good assessment of our opportunities and challenges going into the quarter. Like you said, we are seeing the pent-up demand get released. We are seeing some impact of refreshes. We are seeing some impact of some of our new form factors that we've launched. We are working diligently, as I'm sure everyone is, with our suppliers to make sure that we're able to bridge the supply and demand gap. So far, we've been able to make it through Q4. Based on current visibility, we don't see challenges for Q1 going into it, which is why we've given you a guide for Q1. And we'll keep working with our suppliers. I think the supply chain issue is going to mitigate itself in Q3 or Q4 timeframe anyway in the industry. I think that, you know, when there is a supply issue, a lot of the manufacturers, a lot of the chip companies are actually working twice as hard to try and bridge the gaps. And we're also working hard with them to make sure we're very transparent about our needs in the quarter. guided with the anticipation that we will be able to keep managing our supply chain balance the way we have been able to manage for Q4. And in terms of your sustainability, I would welcome you to the analyst day on September 13th, and we can talk more about it then.
spk15: Excellent. Sounds great, guys. Thank you.
spk07: Our next question comes from Rob Owens of Piper Sandler with Brian Essex to follow. Rob, you may ask your question.
spk06: Great. And thank you for taking my question. You talked a little bit in the prepared remarks about your success in the XDR segment. And I was wondering, given all the noise in that segment, Nikesh, if you could unpack a little bit where the competitive landscape is and why Palo Alto is winning at this point. Thanks.
spk08: Thanks, Rob. Look, XDR is a competitive space. It's the new transform endpoint space, which has a lot of players. And there were some legacy players in that space who lost ground to some of the newer players. players in the space, and we all know who they are. And, you know, Palo Alto came out with a product which was highly technically capable and competitive. As we've shared with you, we have won various benchmarks in the industry versus other players in the space. So we are seeing, you know, dogfights or catfights or whichever the right analogy is in the customer space when we get in contention with a competitor, and it gets competitive. And, you know, it becomes a question of, Can you deliver the XDR capability you want? But I think over time what's happening is that customer is looking at it as a more expansive approach, saying this is not just about the EDR part, the endpoint part. It also needs to look at how do you commingle that with your network traffic analysis? How do you take that together and minimize the number of alerts that you're getting from different parts of infrastructure? As we just announced this morning, we've integrated cloud capability in there. So now you can take a look at your cloud. estate and take the alerts from the cloud estate coming a lot of their end point coming a lot of their NTA and try and see how do you minimize the alert? And how do you see correlation amongst all those alerts? Not just that we introduce identity analytics this morning to it. So I think over time, the XTR category is is hurtling towards what used to be the same. And what's going to happen over time is XDR will engulf that space, but with a much more intelligent, normalized point of view where you can actually look at it and say, this is valuable to me. The SIM of the past was a data aggregation exercise, and the intelligence was left for the customer to determine. I think XDR is bringing that next generation capability to the SIM, where it's cross-correlating prior to that, reducing your noise, giving you more relevant information. That's what's going to be the future. So that's why XTR, whilst competitive, highly strategic, and it behooves us because we have multiple pieces of the puzzle where we actually have cloud security capabilities. We have you know, firewall capability, not just in hardware, but across the virtual form factors. So being able to bring all that data, make sense of it and provide value to the SOC is where I think XDR is going. I think we're well placed in that space.
spk06: Great. Thank you very much.
spk07: Our next question comes from Brian Essex of Goldman Sachs with Michael Turretts next. Brian, you may ask your question. Great.
spk12: Thank you for taking the question. Congrats on the results, Nikesh. One quick question on the ClaySac business. So wanted to understand, well, I guess maybe on NGS overall, Confidence in the guidance, you know, how much cushion is in that number? I understand it's nice to see you leading into ClaySec with investment. Where are you investing for growth, particularly in sales and marketing? And maybe to cap it off, management changes that we saw this quarter, particularly, you know, inviting, you know, BJ to join the company, how that plays into the investment in ClaySec, because that remains a meaningful opportunity for you.
spk08: Thanks, Brian. You know, as we went on the speedboat strategy, our first job was to make sure that we had product market fit. And in the early part of our strategy, we shared that we began to see product market fit, which really I think Q4 2019 was when we started to see traction in this space. We spent a majority of the last 18 months after that trying to make sure that our sellers were able to understand the power of all the capabilities that Palo Alto has to offer. And we have some phenomenal results in terms of what percent of our core sales team can sell Cortex, can sell Prisma. And those numbers keep rising because we're trying to make sure that our sales team is able to go pitch the entire portfolio to our customers. And that's exactly why we had the success we have been able to share with you in terms of customers buying three platforms, two platforms or one. And we believe that opportunity is still further ahead in terms of us being able to penetrate our entire customer base with our cloud capabilities, our SASE capabilities, our Cortex capabilities. So we think there's more room to go. We are investing in more coverage and more capability, both in the United States and North America, as well as in international markets. So that's one part of it. In terms of the management change, you know, delighted that BJ Jenkins has joined us at Powered Networks. He was the CEO of Barracuda Networks. He understands security really well. He's a very seasoned, phenomenal sales leader and also a great human being. He's going to come manage our teams, drive that growth continually further. I also shared with you that, you know, part of our success as a company is being driven by very large deals. If you want to be the platform provider of choice, we have to be able to engage at the highest level of our customers organization and convince them of our not just portfolio approach, but it's best to be capabilities. Amit is going to continue to do that. He's working closely with BJ and Rick Congdon, our head of global sales, and they're going to partner together and try and address the needs of the customers from the top down. which allows us more bandwidth, more capability, and more management strength in being able to do that. So this is all part of the plan is to create ability to go target customers at the highest levels, try and create large deals where they see a long-term transformation and be the cybersecurity partner of choice.
spk12: Great. Thank you.
spk07: Next question comes from Michael Turitz of KeyBank with Jonathan Ho next.
spk09: Hey, guys. Congrats on the quarter. On both XDR and on Cortex and on Prisma Cloud, I think the impression that a lot of us got last quarter was the competition was very tight. There was a bunch of significant incremental investment there that was needed. It sounds like those segments did well, and you've got it moderately in terms of margins for next year, but it doesn't seem like any big shift. So are things moving better than you expected or you're finding a more streamlined way to approach this?
spk08: Michael, I'll give you a quick sense of how things are, and I'm going to have Lee jump in and give you a sense of the capability we've built this year and capability you're planning to build over the next 12 months. There is a sales part of go-to-market part of it, which is working, as I said, in our top three customers committed over $40 million in public cloud spend. I think many of the investors who have invested in these new startups in cloud security, their total ARR is not what we got from our top three customers. So I think we are seeing traction in the market. We are seeing resonance and product market fit. But it's not a static market. That market is continually evolving. They've gone from zero to seven modules. There's a lot more capability that people are looking for. Same thing in XDR. But I'm going to have Lee jump in and share some of the trends and where we're investing in XDR and cloud.
spk10: Yeah, absolutely. Look, over the last 12 months, we've made tremendous amounts of progress in both these products. You look at Prisma Cloud, about halfway through the year, we introduced four new modules, three of which have been built internally by the teams, and one was the Apparetto acquisition being integrated for micro-segmentation. We've seen a lot of very good early customer adoption of those, and going forward, I anticipate we're going to start to see mainstream adoption across the install base and new customers as well. BridgeCrew is doing nicely as well with customers as they look more towards shift left. And in the not too distant future, we will have that come out as an integrated module Prisma Cloud, again, allowing us to more easily bring that to our existing install base. XDR, look with the announcement this morning with XDR 3.0, I think it just shows the continued innovation, pace of innovation that we're able to drive. Extending it to cloud, extending it to identity analytics, introducing the new forensics module, and a whole host of other capabilities as well. And as Nikesh already alluded, you're seeing us start to extend the analytics as well as the data aggregation layer to additional data sources and additional intelligence.
spk07: Our next question comes from Jonathan Ho of William Blair with Brent Phil up next. Jonathan, please ask your question.
spk14: Excellent. Thank you. I just wanted to go back to your comments around 2022. It potentially is maybe a digestion year in terms of M&A. How can we think about sort of the further leverage in terms of the acquisition pillars you've already made? And is it accurate to think of 2022 as a digestion year?
spk08: Thank you. Well, Jonathan, you know, We digest as we eat. So we took the 11 product capabilities and if you look at our NGS revenue or NGS billing, a lot of that NGS billing is from majority of acquisitions which we integrate into our platform. So it's not like we have undigested parts of our acquisitions. There are parts of our acquisitions where we'd like to see more traction and we're putting more sort of wood behind the arrows. But for the most part, I think the way to interpret it, Jonathan, is that when I walked in three years ago, there were many trends in the cybersecurity industry where we were not a player. We were not a player in SASE. We were not a player in cloud security. We were not a full player in the XTR space and the SOC. We needed to become a player, and the cost and time required to build capability would take us four to five years. that is where being able to look at the market scour it by the best in the market which has already teams which have already spent four to five years and shown product market fit was the right approach today we have to be very careful as we evaluate companies because pretty much in categories where we think there is relevant trends we already have a product So acquiring anything in that space would require us to spend a lot more time integrating, figuring out what to do with their customers. We have two competing products, and I principally do not believe in having two products in the same category because that creates confusion, destroys the strategy, and creates lots of unnecessary kerfuffle in the organization. So that's why our opportunities to go expand in categories are limited. We've decided there are some places we want to play and we want to play to win. There are some places we're not going to play. We're not going to play in identity. So it doesn't matter if that's an open space and there are companies out there. We're not playing there. We're playing in cloud security, where we'll be very aggressive. We're playing in automating the SOC and providing capabilities on the SOC. And we're playing a network firewall business. And there, we believe we have a huge complement of capabilities. And as you saw from the slide, we're building lots and lots of organic capability. We did 53 product releases in the last three years. These are all showing up, hopefully, in the billions that you're seeing, that we are able to provide more capabilities, more subscriptions to our customers. That's the way I would interpret the the M&A answer. And does it mean we might tuck in a product company here or there? Yes. But it also means that we're not looking for substantive acquisitions at this current point in time. Excellent. Thank you.
spk07: Our next question comes from Brent Thill of Jefferies with Gary Paul. After that, Brent, you may proceed.
spk11: Thanks. Nikesh, you mentioned that the SASE train has barely left the station. I'm curious if you can just I'll elaborate on that comment and talk through kind of the next couple stations that you expect to land in with this train.
spk08: Thank you, Brent. Look, I think the pandemic is partly to blame or give credit to the fact that the SASE train is moving fast. Over the last two years, what you've seen is customers go commit to a large cloud purchase. They get involved in the development process of that cloud purchase, and then they start to move their workloads to the cloud. As you begin to do that, there's years of MPLS, of data center spend, which has gone on, but customers realize, I don't need to bring all that traffic back home. I need to start taking the traffic and have it go where the data is, whether it's in the public cloud or in my data center. Now, those kind of traffic routing splitting capabilities require you to have pushed that routing to the edge, put SD-WAN in there. That also requires you to have security at the edge. Majority of our customers who have security in their data center with our firewalls can easily take that capability, push it to the edge with the Palo Alto capability or Prisma Access without having to change their policy infrastructure, allows them to be consistent across all form factors, all applications, all devices, which is actually true zero trust. And if you saw your leader in the zero trust quadrant by pretty much everyone else in the industry is behind. So from that context, to deliver true zero trust, With a SASE solution, we think we've reached a great position. We've also aggressively supplemented that with software capabilities. And I'm pretty sure every company out there in the Fortune 500 and Fortune 100, they're all going through that journey as we speak. I don't think that market is saturated by any means, shape or form. And it's not just a security play. Actually, it's a fundamental network play. People are shifting their traffic, taking it away from the MPLS world to a more cloud-delivered security and a cloud-delivered network world, where GCP, AWS, Azure, or others are providing the underlying network capability in addition to our security capability.
spk07: Our next question comes from Gray Powell of PTIG with Matthew Hedberg up next.
spk02: Great. Congratulations on the good results, and thanks for taking the question. So, yeah, on my side, I mean, we've heard that Palo Alto has implemented some price increases on the appliance side of the business. Can you just talk about what you're doing there? Is that correct? How widespread are the price increases, and does that have any sort of pull-through on attached subscriptions and support?
spk08: So, Gray, what has happened is with the supply chain issues that we saw in the industry, we've seen pretty much every player in the industry tweak their pricing for the upcoming year, and we've done something similar. It's in the low single digits from a price increase perspective. As you know, the net yield is contingent on a competitive situation, what the customer pays, what discounts have been negotiated with them. So usually, typically, you don't see the yield fully drop to European out. It will have some pull through to our numbers as and when those price changes are affected into the field, but it's low single digits. It is consistent with the supply chain issues that the industry is seeing.
spk07: Understood. That's really helpful. Thank you. And our next question comes from Matthew Hedberg of RBC with Jewel Fish Fine. Next. Matthew, please proceed.
spk04: Oh, hey, guys. Thanks for taking my question. Hey, Nikesh. Congrats on the quarter. You started out the call. Talking about, you know, all the cyber threats these days, all the cyber risks. You know, I was curious, from your perspective, as we head into the U.S. federal budget season, how do you think about that impacting your business? Is it a this year thing? Is it more so next year? Just kind of wondering about the cadence of federal cyber funding.
spk08: Well, as you know, the federal year end is September. So I think it's too late for them to have any material impact this fiscal year. I think they're busy trying to put a new government in place with change and a lot of people in the administration, they usually take, it takes in the first year of administration, it takes a few weeks, months to work through those changes. So I think we're going to see stuff happen in the next fiscal year for the government. They have great intentions. They want to make sure that the cybersecurity posture of the country, of infrastructure, is improved. You've seen some executive orders in that regard. There is a very positive mindset in terms of leaning in and solving many of these problems. I'm hoping that that leads to positive impact for the cybersecurity industry.
spk07: Thank you. Our next question comes from Joel Fishbein of Trust Securities with Keith Bachman up next.
spk00: Joel, you may proceed. Thanks. Hey, Nikesh, just wanted to follow up on one of the themes that you talked about during the call, and that is vendor consolidation. It's something that we've been looking for for a long time. What do you think the catalyst is there for that? And, you know, how are you positioned, you know, considering, you know, identity and endpoint are part of those two markets?
spk08: So Joel, I think, look, my personal view, and I'm new to the industry, even though I've been here for three years, is I didn't think there were many options in the industry to consolidate cybersecurity spend. I think there were some phenomenal players in the market who had amazing capability in their lane, in their swim lane. what we've done in the last years is build multiple swim lanes where you can buy the product in yours in that swimming or you can buy a product that connects across those swim lanes and that's what we're improving with our prisma cloud with our sassy strategy and our firewall strategy where we're adding more software capabilities so you know i I'm going to tell you about my book. I think we're well positioned for the consolidation around a majority of our platforms. At the same time, you don't have to buy it all from us if you don't want to. We still integrate with other players in the market if your infrastructure is so designed or you actually have infrastructure players that you deploy. In terms of Correlating that to identity and endpoint, well, we are an endpoint. XDR is the new endpoint play where we do both EDR capabilities and XDR capabilities. So as you see the transformation away from the traditional endpoint vendors to the XDR vendors, we have a play there. In terms of identity, I think the identity market will exist. I think there are players in the market. But remember, identity is about two-factor authentication and validating who you are. Once you're in the network, when you get past the initial identity checks, you're back in our network flow. You're back in our firewalls. You're back in our cloud instances. So we do participate. We only participate after we've been validated at the point in which we can get that information to integrating with existing identity players in the market. I don't know if the investors want me to go buy an identity player and make it better. because there are some very good identicals in the market.
spk07: Thank you. And our next question is from Keith Bachman of BMO with Ben Bowling next. Keith, you may proceed.
spk03: Thank you very much. Nikesh, I wanted to flush out a little bit on the consolidation fee, but in a different direction. If you could just talk about your SASE wins, and is there some common themes within the SASE wins? You know, where are you winning and why? And perhaps on the other side, where are you not winning? And what trying to understand as part of that theme is how are you winning within SASE within your installed base versus perhaps even getting into some new customers that might turn into something more for Palo Alto. But if you could just talk about some common threads within your SASE environment.
spk08: Keith, I'm gonna lean on Lee to tell you about why we win, where we win. But as I said in our prepared remarks, 25% of our Prisma Access customers are net new to Palo Alto. And this would typically be a customer who's got a deployed firewall, which cannot give that extended SASE firewall, SASE capabilities. They'd like to eventually replace those firewalls, but they're in midlife of those firewalls. So they will go with us on SASE with us, at least the hope and anticipation that we can go back and reverse into that with our hardware over time as those firewalls from the competitors come to end of life. Lee, do you want to jump in?
spk10: Yeah. I think there's been a significant change in the market in terms of what customers realize they need from sort of thinking about users and employees that are off the network and sort of being like a nice to have, like maybe I can connect them to some subset of applications some of the time and that will be acceptable. to the new realities of the hybrid workforce, where it's very clear that employees need to be able to access all applications all of the time. And for the enterprise, there needs to be a full security stack to protect that connectivity. And that shift really favors our position with Prisma SASE, our ability to secure all applications, our ability to provide true enterprise tested, enterprise grade security, and to do it in a way that is consistent with what many of our customers already have deployed for in their campus environments, branch office environments, etc. And as Nikesh mentioned, that trend can come from two different directions. It can come from an existing customer who's really happy with us and who's extending out to SASE or vice versa, customers that come in with SASE and then can extend into the campus and branch office environments.
spk07: And our next question, our last question for today comes from Ben Bolin of Cleveland Research. Ben, you may ask your question.
spk13: Good evening, everyone. Thanks for taking the question. When you look at recent performance and even the forward outlook, how do you think about your share performance, your share gains versus wallet share expansion within your customers? And then Nikesh, you talked a little bit about maybe within the networking, but what other IT silos do you feel like are donating spend into security as a whole? Thank you.
spk08: Thanks, Ben. You saw we highlighted that one of our customers became our first customer to spend $100 million a year with us. And we have a few who were just short of that, so it wasn't the only one who was getting there. So I think part of that gives you a sense of consolidation of spend and us getting a higher share of wallet. But I'd like to see it as us providing the capabilities to our customers where they're able to do everything with us so they don't have to go and go stitch together multiple vendors because today there is a very high cost of stitching security. because the cost is vulnerability. We're doing all the stitching for our customers, at least giving them the ability that they can go secure the enterprise and go do other stuff. In terms of a question about where different parts of IT are probably contributing, I think there is a large network contribution around the whole SASE topic, because SASE is effectively not just a security play, it also happens to be a network play. And that's where you'll see, and you'll find many times that our firewalls are procured either by the network team or the security team so you'll see that the whole network security space there is a back and forth between whether it comes on network budget or the uh the security budget i think the same thing in the cloud people haven't quite figured out that the cloud requires its own capability from a security perspective. And we're seeing that being baked into budgets, but very often that capability is coming out of the cloud spend where we're also able to go get credits from the public cloud CSPs to have the customer pay for that capability. Does that answer this question?
spk07: And with that, we will conclude the Q&A portion of our call today. I will now turn it back over to Nikesh for his closing remarks.
spk08: Well, I just want to say thank you, everyone, for joining us today. We look forward to seeing you at our upcoming investor events and especially our analyst day. And I do want to take a moment to say thank you, thank you, thank you to our employees, our partners, our customers, and everyone who made these results possible. Wonderful. Have a great day.
Disclaimer