Palo Alto Networks, Inc.

Good day everyone and welcome to Palo Alto Network's second quarter 2025 earnings conference call. I'm Walter Prichard, Senior Vice President of Investor Relations and Corporate Development. Please note that this call is being recorded today, Thursday, February 13th, 2025 at 1 30 p.m. Pacific Time. With me on today's call to discuss second quarter results are Nikesh Arora, our Chairman and Chief Executive Officer, and Deepak Galecha, our Chief Financial Officer. Following our prepared remarks, Lee Clarich, our Chief Product Officer, will join us for the question and answer portion. You can find the press release and other information to supplement today's discussion on our website at .palawaltonetworks.com. While there, please click on the link for quarterly results to find the Q225 supplemental information and the Q225 earnings presentation. During the course of today's call, we will make forward-looking statements and projections regarding the company's business operations and financial performance. These statements made today are subject to a number of risks and uncertainties that could cause our actual results to differ from those forward-looking statements. Please review our press release and recent SEC filings for a description of these risks and uncertainties. We assume no obligation to update any forward-looking statements made in the presentation today. This presentation contains non-GAAP financial measures and key metrics related to the company's past and expected future performance. Non-GAAP financial measures should not be considered a substitute or financial measures prepared in accordance with GAAP. The most directly comparable GAAP financial metrics and reconciliations are in the press release and the appendix of the investor presentation. Unless specifically noted otherwise, all results and comparisons are on a fiscal -over-year basis. All per share figures have been adjusted for the -for-one stock split that we announced November 20, 2024 and affected after the close of trading on December 12, 2024. We also note that management is scheduled to participate in the Morgan Stanley Technology Media and Telecom Conference this quarter. I will now turn the call over to Nakesh.

Thank you, Walter. Good afternoon, everyone, and thank you for joining us today for our earnings call. I'm excited about our Q2 results. Our team did a phenomenal job of executing its scale. We made considerable progress in platformization, allowing us to outperform both our top and bottom line expectations for this quarter. We delivered on our high RPO expectations towards the top of the range. This gave us strength in our NGS ARR and also allowed us to outperform our revenue expectations. In Q2, growth was pretty broad across the entire portfolio with strength across all three geographies and platforms. In particular, we saw a strong performance from large deals internationally and also a strong contribution from SASE, Software Firewalls, and XIM. On the profitability front, we delivered operating margins ahead of our internal target despite some one-time events. Our efficiency initiatives continue to bear fruit, including some promising early contributions from AI. These results allow us to raise our operating margin and EPS guidance for the year. We're also very happy with our free cash flow performance and continue to be confident in managing our free cash flow guidance over the next few years as outlined. More from Deepak on this later. From our vantage point, the outlook for cybersecurity seems to have been robust in Q2 and is likely to stay so over the rest of this year. Despite the settling in process of the new administration, we see signs that we are going to be able to see reasonable growth through the rest of the year. As the conversation around AI continues to get omnipresent and companies race to evaluate, experiment, and deploy AI, they're discovering that some of the legacy architectures come in the way of their aspirations. Interestingly, this is resulting in a resurgence of cloud transformation projects and consequently demand for network security and network transformation. While cybersecurity is a derivative effect, it is clear that the longer-term trend towards AI is going to continue to underpin technology transformations and hence continue to drive demand for security. The transformations are all geared to embedding AI capabilities across infrastructure. Additionally, many of them involve changing strategies towards data and a growing understanding that data security will be more and more important in the future. We see that from the heightened interest in data security posture management, where our acquisition of DIG seems to be proving presigned. To fully harness the power of AI, customers must unshackle their data from disparate legacy systems and providers and open up broader access and lean into the cloud. Cloud infrastructure is much more dynamic than on-prem IT, creating risk. As cloud data volumes grow and customers utilize new services from the cloud service providers, such as modern data repositories, they're doubling down and ensuring they're protecting their cloud environments from development to runtime, understanding who's accessing what data in the cloud, and putting controls around these new services. In other words, the cloud is becoming an integral part of the enterprise and the same level of security must be delivered. A constantly changing attack backdrop is also compounding this inflection we have seen. There are tangible signs that bad actors use AI to accelerate attacks. Google recently found that adversaries can use generative AI to more rapidly create attacks, including custom payloads, iterate on malicious scripts, and use evasion techniques. Additionally, bad actors are using gen.AI to do reconnaissance of target organizations, including their infrastructure and hosting providers, which are often exploited in attacks. We have a new technological revolution that requires us to secure AI. As customers leverage the cloud, transform on-prem infrastructure, and respond to the escalating threat environment driven by AI, they're transforming how they manage security operations. Legacy offerings cannot unify SecOps across cloud and on-prem, across multiple vendors, and also take advantage of AI. AI is key for providing automation to help stitch together overwhelming volumes of data and generate the near real-time analysis and remediation needed to keep pace. As I said, security is a data problem, and the data has to be all in one place for AI to have context and stop threats in their track. Our industry has to change the paradigm by shifting from fragmentation to platformization to enable the best security outcomes. In a recent study we did with IBM, platformized organizations take 72 days less to detect and 84 days less to contain a security incident. Our teams are busy helping customers as they accelerate cloud adoption and transformation across their environments. They need integrated security products and platforms for AI to be most effective in staying ahead of this active cybersecurity landscape. A year in, we're pleased with our progress in driving our platformization strategy and the adoption and endorsement of platformization broadly across the industry. As I mentioned a few quarters ago, I wish we had made this move earlier. We're seeing some interesting behavior that reinforces our conviction that the future state of cybersecurity will have to be AI-enabled platforms that can markedly improve the speed of response. We delivered approximately 75 new platformizations in Q2, up from approximately 45 new platforms in the year ago. We now have a total of over 1,150 platformizations within our top 5,000 customers. As you might expect, most of our platformizations start with network security and are from customers that are platformized in one area. However, our number of two-platform customers grew over 50% in Q2, and we're seeing our number of three-platform customers up three times a year. Also the number of customers platformized in Cortex is up more than three times, reflecting our strong XI momentum. We're excited to see the number of paths we have had success driving the strategy so far, and our Q2 performance keeps us in track to achieve our stated target of 25 to 3500 platformizations by fiscal year 2030. Investors have always asked me what platformization deals look like, so I wanted to provide a few examples based on deals we signed this quarter. A bank in Asia signed a transaction worth over $65 million in Q2, platformizing with us for the first time in Cortex with a significant XIM deployment. They have been leveraging XDR and other Cortex capabilities several years ago, but are also a network security customer and a Qradar customer. They had many point products in their SOC and were not getting the outcomes they needed, with limitations in the time to discover and remediate security incidents resulting in compliance issues. In platformizing in Cortex, our NGSAR with this customer increased by five times, so over $12 million -to-year. We look forward to driving a successful deployment here, which can be an avenue of platformizing in network or cloud security in the future for this customer. A U.S. municipality signed a transaction worth $60 million with us, which included renewal of its network, security, estate, and expansion across our portfolio. The customer leverages all three of our four form factors within network security and is already platformized there. The deal also included Cortex and Prisma Cloud, which positions us well for future platformization in these areas. Our NGSAR here increased over 40% in the last 12 months, to over $11 million. The European Automotive Manufacturers signed a $25 million transaction in Q2 that already platformizes us in network security and cloud security that had several capabilities as they renewed their firewalls and support footprints including IoT, virtual firewalls, and SASE. This is a complex customer and we also secure business with them in Cortex with XDR, XOR, and Xpans, as well as Prisma Cloud. In doing so, we are now well positioned in the future to consolidate the stock opportunity with XIM. For this customer, the NGSAR grew 50% to $9 million. More broadly than these anecdotes, the growth in our large deals tells the story. We had 74 accounts that did transactions over $500 in Q2, up 25% every year, and 32 accounts that did transactions over $10 million, up over 50%. Now moving on to an update about our first security platform, NetSec. Our Q2 NetSec momentum was driven by strong software demand. We continue to lead the market in network security, which is approximately 80% of our bookings. Our Zero Trust platform combines three -to-be form factors built into consistent architecture. This is fast becoming a requirement as applications proliferate across data centers, hyperscalers, SaaS, and Leverage.ai. Meanwhile, users are increasingly distributed across headquarters, remote locations at home, and other places. And also, there are now soon to be non-human users in the form of AI agents, where interactions with applications must be secured. Disjointed network security offerings require significant resource to be applied to integration, creating the possibility of gaps in security policies given the disparity of control panes, and more importantly, unless we can harmonize the data across the network, it will be challenging for customers to adopt AI-enabled security capabilities in the future. We have to believe that in the future, all solutions will need to integrate, harmonize data, and use that to train AI agents to solve security. Looking deeper into Firewall as a platform, our bookings accelerated and grew by 21%. Within this, we continue to see stable demand in the appliance market. That stability, coupled with us continuing to take market share, allowed us to grow our appliance bookings in the mid-single digits. There's a refresh cycle coming from many players in the industry, and we believe we are well positioned to benefit from it. Software and SASE make up approximately two-thirds of our Firewall as a platform bookings, and grew one and a half times faster than the rate of the total Firewall as a platform business. We have been on a multi-year journey to reinvent our security subscriptions, which we use consistently across all three form factors. Each of these advanced subscriptions are cloud-delivered, and we believe significantly differentiates with what's in the market. Delivering these incremental innovations into our platform, like advanced subscriptions and network security, makes our customers' adoption seamless. This is core to our strategy of staying ahead of our customers' security needs with future-proof innovation. It is also a win-win for Palo Alto and the customer. Next, let's dive deeper into SASE and our software Firewall business. As customers transform their networks to keep pace with delivering first-class security We continue to see demand for SASE. Many SASE projects are large and comprehensive, which is well suited to our rich offering. SASE continues to be our fastest growing form factor in network security and a strong contributor to our growth. We grew SASE customers by over 20 percent, while we grew bookings well north of 50 percent, and increased deals over $1 million in value by two and a half times. We now have over 5,600 SASE customers and over 23 million individual seats. Across our SASE base, as well as our GP customers, we have been chosen to help protect the base of over 100 million users. Meanwhile, the drivers of our SASE momentum are broadening. Bookings of newer modules of the SASE platform, such as Autonomous Digital Experience Management or ADEM, Cloud Access Security Broker or CASB, Prisma Access Browser, which you just saw unfold this year. Customers are happy with their initial SASE deployments and are adding these to derive a more modern security environment and streamline their vendor landscape. I am particularly excited about the momentum we are seeing with Prisma Access Browser. Roughly one-third of the new Prisma Access seats we sold in the quarter were for our secure browser. We signed a transaction in Q2 for over north of $10 million with one customer, with a total of over $30 million in Prisma Access Browser bookings in Q2 and growing seats by 95% quarter over quarter. We also continue to innovate in SASE, releasing the mobile version of our integrated secure browser. This browser, integrated with Prisma Access, offers mobile phone and tablet users the same robust security and access to private applications. We added capabilities to AI access, ensuring organizations can apply controls to how their users interact with AI-based applications. We can now provide real-time visibility into over 1,800 applications, up from 500 six months ago. AI access comes with -the-box policies to manage functions such as uploads, downloads, and sharing capabilities. In a short period of time, this quarter, we crossed 300 customers who use the AI access capability. We can also provide comprehensive data protection to secure sensitive data secrets and intellectual property. Now turning to software firewalls. This has been a strong area of growth. We saw 50% bookings growth in our software firewall business with AI and public cloud adoption continuing to be the strongest driver. Approximately 70% of our VM deployments are now in the public cloud. We continue to see customers adopt our software firewalls alongside our hardware appliances. As a testament to this, about two-thirds of our software firewall customers are also hardware showing the hybrid nature of the solution and the need for platformization. We also continue to innovate in this business. Early in Q2, we released our API-based AI runtime security capability, which added the ability for our product to directly secure AI applications without being in the traffic path. Later in Q2, we leveraged this capability to secure AI agents as many of our customers look forward towards the value propositions of agents, but need to secure them as they would need to secure any other user or application. This capability helped drive our first 7-figure software firewall transaction for AI in the quarter, and we have a healthy 8-figure pipeline for AI firewalls for the future. Now moving on to Cortex. This morning, we had an exciting announcement. We took our industry-leading Prisma Cloud platform, evolved it with more capability, merged it with our CDR capability and our Cortex platform to announce the introduction of Cortex Cloud. Cortex Cloud is now the industry's first -to-end cloud security platform, which deeply integrates into the SOC. As we have been delivering cloud security over time, we have learned that the customers are keen to ensure that they can trace the cloud security capability all the way into runtime production and do real-time security against this. We are also delivering a powerful data security DSP experience and real-time security capability with our cloud agent. Again, all of this is now natively connected to the Cortex platform. This is where cloud security is going. We have anticipated the market change in cloud security and it is one reason for our momentum and leadership in this space. Recall that in our early days, we entered the cloud security market in 2018 with two acquisitions and continued to build up these capabilities, pioneering the category and leading with our initial cloud posture capabilities. Soon after, it became apparent that too many security issues were reaching production and organizations could not keep up with it, immediately, once applications were deployed. We led the trend to shift left, connecting this to the cloud posture to address security issues before deployment. Attackers took note as customer deployment of mission-critical applications and sensitive data accelerated into the cloud. Our own Unity 42 research shows that 80% of security exposures are found in cloud attack surfaces. There's a 66% increase in threats targeting cloud environments. With these evolutions and the attack backdrop, we believe cloud security and security operations must be extracurricularly linked. Existing Prisma Cloud customers will have a seamless upgrade to Cortex Cloud to benefit from AI-powered prioritization, automated remediation, and new simplified powerful user experience. Additionally, they can also adopt Cortex's -in-class CDR capability to gain real-time cloud security capability. The unification of enterprise to cloud can further drive the adoption of XIM into the customer's cloud environment. Cortex Cloud natively integrates with cloud data, context, and workflows within Cortex XIM to significantly reduce the mean time to respond to modern threats with a single, unified, SecOps solution. More importantly, because we are natively integrating cloud solutions with SOC, XIM has now transformed into both a cloud and enterprise center. We're excited about the prospects for us to maintain or accelerate our strong XIM momentum. As I mentioned, we are making this announcement on the back of strong momentum in our cloud security and security ops business. I want to give you some highlights. We drove Booking's growth of approximately 50% in both Cortex and Prisma Cloud in Q2. In Cortex, we had healthy momentum with customer growth of approximately 20%. Fueling this customer growth, we again signed hundreds of new XTR customers in Q2, which become opportunities for SOC transformation on the broader Cortex platform in the future. Our XTR momentum continues to be fueled by the efficacy of our product. This quarter, we achieved further external recognition of this, achieving the leadership results in the most recent MitreTech evaluations. XIM, our AI-driven SecOps platform, surpassed the $1 billion QMint Booking milestone in Q2. While we know we have a winning product with XIM, we're also starting to see external validation of our leadership, with Frost and Sullivan and Omdia recognizing us as leaders in the same category. Contributing to our Cortex strength in Q2 was over $100 million in QRadar-related Bookings. Our pipeline on QRadar is equally strong, leaving us optimistic about our IBM partnership as a driver of Cortex. On the cloud side, we saw the adoption of our capabilities continue to broaden. With DSPM integrated into Prisma Cloud, we've seen early adoption to be one of the strongest ones of any of our new cloud security capabilities in the past. We're excited to see this success continue with DSPM as part of the Cortex Cloud product we announced this morning. We're also seeing particular success among some of the largest companies in strategic industries. For example, several SaaS companies signed significant cloud security deals with us in Q2. In this industry, some of the top 10 SaaS companies outside of the cyber security leverage our cloud security capabilities to secure the customer's environment. As you can see, we saw strong momentum across the business in Q2. We're seeing customer imperatives around AI driving accelerated cloud adoption and infrastructure investment, which is supporting strong cyber security demand. This healthy spending backdrop and strong execution from our team and platformization helped drive the healthy top-line trends we saw in Q2 across RPO, NG, SARR, and revenue. We remain optimistic about sustaining this momentum as our sales teams leverage our ecosystem, continue to become more adept at aligning our many capabilities into a unique platformization journey for each customer. We remain confident in our long-term and GSA and our forecast. Supporting this is a steady innovation stream and momentum across our portfolio. We're leading an early mover into new market categories like enterprise browser, secure AI by design, the AI-powered SOC, which are making it easy for our customers to adopt key new innovations with our platform approach. Lastly, we're driving profitable growth, balancing operating margin improvements with strong cash flow. We continue to make progress in driving a culture of efficiency at power networks, and you've seen the results of this over the last few years. This focus on efficiency and some early success in AI-based niches gives us the confidence to continue delivering profitable growth. I will now pass on to Deepak for his remarks.

Thank you, Nikesh, and good afternoon, everyone. To maximize our time spent on Q&A, I will provide you with highlights of Q2. You can review the results in our press release and the supplemental financial information on our website. In Q2, total revenue was $2.26 billion and grew 14% above the high end of our guidance. Within revenue, product revenue grew 8%, while total services revenue grew 16%. Drilling into total services revenue, subscription revenue grew 20% and support revenue rose 8%. Our product revenue is approaching 40% software on a trailing 12-month basis. We expect healthy software contribution to product revenue in the second half of this year, which we expect will increase our product revenue into the double-digit growth range. We also saw stable demand for firewall appliances in Q2, which we expect to continue through fiscal 2025, as the appliance market grows -5% as we have previously discussed. Moving on to geographies, we saw double-digit revenue growth across all theaters, with the Americas growing 13%, EMEA up 18%, and JPEG growing 17%. We were particularly encouraged by the volume of large deals we closed, with some notable large deals in EMEA and JPEG. For example, we had our largest deals ever in both EMEA and JPEG this quarter, each in excess of $50 million. As Nikesh noted, these deals demonstrate the broadening of our large deal success in North America to our international theaters. Also, I know many investors have had questions about the US federal market. We have had prudent expectations in this market this year, and we saw stable federal business in Q2. Much of our federal business is tied to renewals and existing programs with long-standing funding. During the quarter, we also received FedRAMP-high authorization across our network, cloud, and security operations platforms. We now have the most comprehensive suite of AI-powered cybersecurity solutions authorized for use in federal networks at the high-impact level. Total RPO grew 21% to $13 billion at the high end of our guided range. Our current RPO grew 17% to $6.1 billion. The average duration of new contracts remained at approximately three years. It did trend towards the high end of our historical range in Q2, based on our performance in large platformization deals, particularly customers making longer-term commitments to Exxiam. Our NGS ARR again delivered strong growth, growing 37%, finishing Q2 at $4.78 billion. Our NGS ARR was driven by the strength across our advanced subscriptions, SASE, and Cortex. Moving down the income statement, the gross margin of .6% was down slightly as we continue to see the impact to some of our newer SaaS offerings that are growing quickly but have yet to achieve scale. Also, we had some costs in Q2 related to inventory and product transitions that were higher than typical, and we don't expect that that will occur in the second half of the year. It is worth noting we have been transitioning our contract manufacturing facility in Texas as our primary manufacturing and fulfillment center, not only to enable scale and innovation in our appliances, but also to take advantage of our foreign trade zone that can help mitigate tariffs and products we ship to international destinations as we assemble and manufacture all of our firewall appliance products in the U.S. More broadly, we continue to see efficiencies across the company as we focus on driving profitable growth. We saw operating expenses as a percentage of revenue decreased by 120 basis points as we benefited from scale in our business model and initiatives as part of continuing to build our culture of efficiency. We delivered 81 cents of diluted non-GAAP EPS and a diluted GAAP EPS of 38 cents continues to grow along with our overall profitability. As a reminder, in the year ago period, we had a significantly positive impact to GAAP EPS from the large $1.5 billion release of tax valuation allowance that happened only in fiscal 2024. We generated adjusted free cash flow of over $509 million in Q2. On our balance sheet, you will see that our debt balance came down by over $100 million as we continue to see early conversions of our convertible debts, which occurred at the discretion of the debt holders and was settled by us in cash and equity. Our remaining debt of just over $500 million matures in June 2025, although we may continue to see some early conversions. We did not repurchase any shares in Q2 and our buyback strategy remains opportunistic. We have a bit billion dollars in authorization remaining through December 2025. As Nikesh mentioned, we are pleased with the momentum we are seeing in our platformization strategy and the outcome in driving our financial results. I wanted to update you on what we are seeing a year into this strategy. As you all no doubt remember, we announced our platformization strategy a year ago. Over the last 12 months, we've learned from our success and adapted where it made sense. We launched a number of structured sales programs that we highlighted to jumpstart this initiative. Our goal was to remove friction, both related to technology risk and budget challenges for the customer. We have now embedded these practices into how we do this business. A year in, we have seen both the industry rally around this approach, as well as some of our key ecosystem partners also put significant resources behind platformization. This has helped leverage our own investments on the sales and marketing side and brings us closer to enterprise accounts where ecosystem partners have strong relationships. Many of our large platformization deals have been pursued and closed with global system integrators. With these joint successes, partners collectively are putting more resources behind platformization. When we initially announced platformization, we had piloted the program, helping us build conviction in our aggressive launch. Predating our broad announcement, some of our top reps were driving deals with the principles that embody platformization. A year in, we have seen rep participation significantly increase, with approximately a third of our sales reps having already participated in a new platformization deal win in the last 12 months since we launched our accelerated strategy. Lastly, when we launched the program, we had assumed that platformization would enable us to increase our ARR per customer. As you can see in some of the large deal highlights that Nikesh covered, we have seen success signing larger deals and further expanding our ARR in platformized customers. As you can tell from both the tone and some of the details that we've provided, we are very happy with our progress here. I'll reiterate what Nikesh noted last quarter and earlier. Our biggest learning is that we should have made this move earlier. Now, turning to the bottom line, our confidence in future operating margin expansion is rooted in our visibility to continued leverage across our P&L. As Nikesh mentioned, we've seen some encouraging results from our AI-based initiatives across multiple areas of the company that give me greater confidence in this ability to drive leverage. I wanted to provide you with an update of some of these AI-based initiatives and what we're seeing so far. In the areas that we have focused on, we've seen meaningful efficiencies which either manifest as lower spending, enabling us to drive incremental innovation or absorb expected increases in volume without additional spending. One of our first AI-based initiatives was focused on our employee-facing processes. In the past, we have leveraged contractors in various business processes in IT. We are on track to reduce this contract labor by about 50% as we close out fiscal 2025, which will result directly in operating expense savings. In our global customer support business, we've leveraged an internally developed copilot to assist in case resolution. So far, we have seen our support copilot used in about 85% of cases in network security, which is where we first rolled out this technology. We're seeing approximately 50% reduction in the time to resolve cases. This results in a better experience for our customers and also our team is being able to absorb more case volume while adding less head count than in the past. Lastly, we are deploying copilot tools for our developers earlier and are seeing some exciting results. We've recently deployed the technology to all of our engineers. These and other initiatives that are still in their early stages give us consistent outcomes and that gives me more confidence on the tangible benefits to our business, including our cost structure. Before I turn to guidance, we have a lot of questions about how we get comfortable with the sustainability of our cash generation given some of the transitions happening in our business. We began to see an increase in deals with deferred payments in fiscal year 2022 and have seen a significant increase driven by larger transactions, particularly in our SaaS offerings over the last three and a half years. As we have absorbed an increase in deferred payments, our visibility into our free cash flow each year has increased. In fiscal year 2024, when we entered the year with a billion dollars in deferred payments scheduled for the year, that was 32% of our fiscal year 24 adjusted free cash flow. This year, that amount increased to $1.4 billion and our visibility increased to 41% of our expected adjusted free cash flow. Looking forward, we expect to enter fiscal 2026 with 2 billion in deferred payments scheduled for the year, further increasing our visibility into free cash flow in fiscal year 2026. We've progressed substantially over the last several years through the transition of deferred payments. We've also spent significant time over the course of this year ensuring that we're balancing this transition with other uses of cash and opportunities for cash flow optimization. Because our appliance bookings and smaller bookings predominantly are paid upfront and many of our large transactions already utilize deferred payments, we believe we can manage the trend towards more of our larger transaction bookings utilizing deferred payments as we have done over the last several years. Consequently, our expected increasing profitability as we scale and these financial dynamics give us improved confidence in our free cash flow generation. Our confidence holds for fiscal year 2025 where we continue to expect 37% to 38% adjusted free cash flow margin as well as our cash generation beyond this year. We are comfortable that we can generate adjusted free cash flow margins for fiscal year 2026 and fiscal year 2027 of greater than 37%. As a reminder, we do not guide free cash flow on a quarterly basis and we do see year to year fluctuations in our cash flow seasonality. In fiscal year 2025 relative to prior years, we expect to see fluctuations in seasonality driven by the timing of deferred payments from customers, the timing of bookings within the year, and the relative to the street that more of our free cash flow will come in Q4. With that, let me turn to guidance. For fiscal year 2025, we expect NGS ARR to be in the range of $5.52 to $5.57 billion, an increase of 31 to 32%. Remaining performance obligation of $15.2 to $15.3 billion, an increase of 19 to 20%. Revenue to be in the range of $9.14 to $9.19 billion, an increase of 14%. Operating margins to be in the range of 28 to 28.5%. Diluted non-GAAP EPS to be in the range of $3.18 to $3.24, an increase of 12 to 14%. And adjusted free cash flow margin in the range of 37 to 38%. For the third fiscal year 2025, we expect NGS ARR to be in the range of $5.03 to $5.08 billion, an increase of 33 to 34%. Remaining performance obligation of $13.5 to $13.6 billion, an increase of 19 to 20%. Revenue to be in the range of $2.26 to $2.29 billion, an increase of 14 to 15%. And diluted non-GAAP EPS to be in the range of $76 to $76 billion, an increase of $17.7 to $17.7 billion, an increase of 15 to 17%. We've included our typical modeling points in the presentation for you to review. Before I turn back to Walter for Q&A, we will roll one more video.

When I think about the relationship between Palo Alto Networks and Cognizant, the word that comes to mind is strategic. We are a $20 billion global technical services firm that employs over 340,000 associates worldwide. We had disparate technologies across the environment. Our data was also very disjointed. How do we optimize our entire technology strategy through platformization and to create a level of consistency across our entire enterprise? So our ability to protect and defend goes up, and the complexity to manage and maintain this technology that we've improved. We look at the promise of what we're seeking for XIM and where we're seeing the benefits. It's the ability to more effectively consolidate the visibility through all that data, and the ability to then rapidly accelerate creating runbooks and use cases out of that data in order to drive our response and our decision making. And the relationship between Palo Alto Networks and Cognizant is one that I get to see come into real life in terms of how we're going to transform and how we're re-envisioning our entire security program.

Thank you. We ask in the Q&A that each analyst only ask one question. Our first question will come from Saket Kahlia from Barclays, followed by Hamza Farawalla from Morgan Stanley. Saket, go ahead.

Okay, great. Hey guys, thanks for taking my question here. A nice quarter. Maybe a question for Nikesh and Deepak together. It's great to see free cash flow margins at 37% plus expected now through fiscal 27. Nikesh, can you just maybe talk about some of the success you're seeing in driving better profitability? And Deepak, can you just maybe go one level deeper into other drivers of that free cash flow like the deferred payments?

Yeah, no, Saket. First of all, thank you for the question. As Deepak highlighted, like we're beginning to hit scale. As you see, platform deals are actually a lot more efficient from a sales perspective because the larger deals, you know, I think you can see if you look at cybersecurity landscape, we're now clearly a large deal company compared to most of our competitors. So that definitely drives efficiencies for us from a scale perspective. If you look at any P&L in any enterprise business, 50 to 60% of P&L is sales, marketing, and customer support. If you can find efficiencies in that process, that's where leverage lies. So you've seen we've been, you know, improving our operating margins consistently now for over two and a half years. That's being driven from that efficiency lens. If you couple that with some of the early experiments we've shared on the AI front, we think this has tremendous potential in the future where, you know, enterprise companies should operate a much higher operating margin in the future from now. I'm not going to put a forecast just yet, but I think the trend is our friend. And that gives us tremendous comfort that we can underpin our performance with strong operating margins over the course of the next few years. Couple that with the way Deepak and his team have been able to balance the deferred payment products, which you can talk about, which as he said, gives us tremendous amounts of visibility. And we feel confident that the range for the next few years is there and possibly higher after.

If I can just build, Saket, like a lot of this is in the prepared remarks, but we've had a lot more visibility with a growing balance of deferred payments already in the past few years. There's parts of our business that are really never going to go to deferred payments, the smaller transactions that have a multi-tiered distribution network where everybody wants to get paid up front, the appliance business where it's industry standards pay up front, then you're left over with everything else. And we've already made a significant transition already. So there's not as much left to actually do. We're quite far along the journey. That's what gives us confidence. And that's what I was meaning to convey in the prepared remarks.

Very helpful. Thank

you.

Thank you, Saket. Next question from Hamza Farawalla from Morgan Stanley, followed by Brian Essex from JP Morgan.

All right. Great. Thank you for taking my question and good evening. Nikesh, I had a bigger picture question for you. I'll leave that to the others. Obviously, Palo Alto Network's been at the forefront of AI, whether it's AI for security operations when it comes to Cortex or securing AI now with Dig and Prisma Cloud. DeepSeq was a big moment for the AI trend in the market earlier this year. I'm curious, what do you think this means for the proliferation of AI in general and how this impacts security and specifically Palo Alto Networks?

That's a very good question coming from you, Hamza. Not that I wouldn't expect that from you, but it's a great question. Look, I think DeepSeq is a phenomenal pivotal moment for AI, not just for us, but across the industry. If you look at it across three parameters, there's the question around quality. Is it as good as the models that people are using out there, like OpenAI, Gemini, or Llama, et cetera? At least if you read the ratings out there, it seems like it's equally good, if not better, for technical answers. It does better coding, better math, better physics. It has a better reasoning engine out there. The next question becomes great. If it's equally good, what are the economics? Did they actually get it done for a lot cheaper? Now, we can debate that, and I don't know if you'll ever get to the bottom of it, but what's interesting is today you pay 14 cents for about a million words, and you pay $7.50 for every other model. So it's 2% of the cost of every other model. Now, that's driving experimentation. I have talked to many SaaS CEOs recently, and everybody's experimenting. So are we to see if DeepSeq can deliver that degree of performance. And the third question comes, okay, wait. This has come from a nation-state, maybe from somewhere where we don't want to trust the model. We've got to figure out how secure it is there. on-prem or in your own cloud instance, or require AI firewalls around it, if you can guarantee that your data doesn't get out of that sequestered sort of space, and if you can guarantee that you can put guardrails around the model, I think you'll see a lot more experimentation. So from that perspective, I think it's going to be a little, my only recommendation to every enterprise out there is make sure you don't deploy AI without running firewalls around it, make sure you don't deploy in a multi-tenant environment, but I think this is great for AI. And look, any technology is great for security because any technology requires you to put more security around it.

Great, thank you, Hamza. Next question is coming from Brian Essex at JPMorgan, followed by Gabriel Laborgius at GoldenSax. Brian, go ahead.

Yeah, good afternoon, and thank you for taking the question. I have a bit of a different AI question, and it comes from the perspective of leveraging AI across the platform to provide better security outcomes, and maybe if you could talk about what you're seeing in cloud security as an example, and win rates as you're able to provide code to cloud to SOC security across your entire platform, how does that affect your ability to compete against point solution providers in that space? How is that enabling you to kind of leverage the platform, as an example, in that cloud security space?

Hey, Brian, is any point solution business left? Every security company seems to claim their platform now, so I don't think this, I think that breed of point solution is gone, but anyway. What's the difference

between calling yourself

a

platform and actually being a platform?

That's what they say about us, too. But that notwithstanding, look, I was, I called Lee last night, and I said, you know what? I found a new resonant dead drift for platformization. Our earlier sort of narrative was that you need a platform so you get a single pane of glass, you can run zero trust networks, you can be harmonized across policies, there are no security gaps. But as we go down this journey, we're discovering, and we're talking about deploying agents, and why do we need human beings trying to do these complex tasks and trying to understand how security should be deployed? Why can't we have agentic personas that say, I'm your network configurator, I'm your phishing mediator, why can't we design security agents? When you quickly realize you can't design an agent unless you have the data. You can't have the data across 17 disparate products and make sense of it. So what we're discovering is this strategy that we deployed of platformization about two years ago, and really sort of put our weight behind a year ago, is resulting in us getting harmonious data. These 1,150 customers who are platformized have data that is harmonized, we can run and build agents on top of that. So from that perspective, the more platforms we sell, it creates tremendous opportunities for us. But I'm gonna let Lee talk about how this is helping us at the cloud security front.

Yeah. So you've seen what we've done in a number of places, right Brian? So in XIM, using AI for the SOC and reducing meantime remediation from days down to hours to minutes. You've seen us do this with in NetSec and across network security and SASE and other places. In cloud, what you can see is a couple of things. First is in the individual areas. So in AppSec, how we use AI in order to have better detection prevention of misconfigurations before they reach production. In production, how we use AI in order to better detect and remediate, prioritize, et cetera. And then with Cortex Cloud, which we announced earlier this morning, what that allows us to do is now not only apply AI on automation within each of these areas, but now connect that across the full end to end from AppSec into cloud, into runtime, into SOC. And that is incredibly powerful when you think about trying to become much more proactive in real time and cloud security.

Is that translating into better win rates? So if you look against a point solution vendor like a WIS in the cloud security space, are you starting to see the improvement in win rates?

Yes. Sorry, no, it's good.

Kesh jumped on that one. I will let him answer the question and I'm gonna say something

else. Go ahead. Yes, because it not only achieves better security outcomes, but it also translates to more efficient security operations of the teams that actually are responsible for managing all this on a day to day basis.

What I was gonna say, Brian, is that I think cloud security is gonna go through one more evolution and that evolution will be as it sort of started in the center, shifted left to go to code. Now it's doing a hard shift right. A hard shift right is you need to be in the sensor in production environments, understanding what's going on, protecting the production environment and using that to prioritize cloud security. So I think the bigger cloud security action is gonna be in runtime with agents and that's where more XDR players are playing. It's actually not the CNAP players who won the last round, if that makes any sense.

Super helpful, thank you.

All right, all right, thanks Brian for those two questions. We'll go next with Gabriella Borges from Goldman Sachs followed by Jonathan Ho from William Blair. Gabriella, go ahead.

Hey, good afternoon. Thanks for taking my question. Deepak, you mentioned earlier there are some deals that are always gonna be up front. Maybe just elaborate for us, what are the guardrails or what is the framework for your salespeople that determines when they go to multi-year versus one-year billings and when they can offer financing versus when you don't wanna offer financing, thanks.

Yeah, so I think it's all part of the actual sales motion and negotiation, so really, really where you see the majority of the requests for deferred payments is in the higher end, like distributors don't really want to have to deal with lots of back and forth with customers at the lower end and therefore that's typically all up front, right? So it's really at the higher end deal and on firewall, we typically get the money up front because that's being budgeted based on a refresh cycle. So those cases are part, it then becomes a negotiation. Our sales team will basically go and they'll explain that there is value in the cost of money, we expect to be paid up front and then it becomes part of the negotiation based on what is required and what's not required. We do have guardrails in place, everything from sales comp to approvals that are in place to make sure that we manage that tightly, but it really is with a view of enabling platformization at scale, which is why we've been working on this for a while and managed to transition pretty well so far.

Great, thanks Gabriella for that question. Next we'll go with Jonathan Ho from William Blair followed by Peter Wheat from Bernstein. Jonathan, go ahead.

Good afternoon, just wanted to understand a little bit better the decision to add in CNAP as part of the Cortex platform and can you talk a little bit about the ability to accelerate adoption or accelerate platformization as you take on this tactic, thank you.

Yeah, look as Nikesh was mentioning, a lot of the action in cloud is shifting toward real time, which means shifting toward runtime and even SOC. It's really critical though from our perspective that we bring in as much context as possible in order to be able to take those automated actions, right? And that context often comes from CNAP and even code security. That's the first critical reason. The second is the cleaner your cloud environment can be from preventing issues from ever making an inter-production or cloud posture where we're detecting and remediating those issues, the cleaner your cloud environment, the better that security posture is, the easier it is for the runtime and SOC capabilities to fire in real time because it's easier to pick out the attacks using machine learning AI and other types of capabilities like that. So ultimately we believe that the best outcome for customers is achieved when they connect all of the aspects of cloud together. And so you see that show up in terms of how we package the offering as well.

Great, thanks for that question, Jonathan. Next we'll have Peter Weed from Bernstein followed by Shaulay Al from Cowen. Peter, go ahead.

Thank you and congrats on the continued success on the platform. Maybe I asked the unsexy question, which is on the product side, I think we saw some nice strength this quarter and I know kind of the guidance is that's gonna remain a less exciting from a growth standpoint portion of the business, but that strength was important for delivering on the revenue and if we look forward, is that type of strength something that we should be able to look at as a support as opposed to maybe a drag on the overall growth or is this kind of a one time quarter? How will that evolve looking forward?

So Peter, I think it's probably one, that sounds like a broken record. I've always been saying that the hardware industry for us at least already is gonna deliver somewhere between five to 8%. And sometimes it's been flat and in a post pandemic, there was a sort of splurge, surge and it went back down. I think we're back to steady stage. So I think easily you can expect us to be going in low to mid single digits on the appliance side. But I think the real action for us is I think, you have to understand there's a series of transformations going on underneath like Deepak highlighted, cashflow transition. We've been transitioning our network security business as you saw from hardware to software. This is why you see that we're growing that category 21%, between hardware and software. So that just over time, reduces our reliance on hardware. Because I think that cloud transformation is underway, more and more cloud volume. But the good news is the cloud volume is going up faster than the data center volume is declining. So if we can manage this transition away, we can drive more and more software firewalling capability and not just recompense for the hardware business being slow growth compared to that. We can also over time, drive higher growth across the IONSR network security category for ourselves.

Thank you.

Great, thanks for the question. Next up is Shaulay Al from CalWin followed by Taliani from B of A. Go ahead Shaul.

Thank you, good afternoon guys. Nikesh, I'm interested in your views on the curator and overall IBM partnership this quarter. And is it coming in line or better than your initial views couple of quarters ago when you have gone after this asset, thank you.

Shaul, we had our board meeting yesterday and there was a comment that one day a Harvard Business School case would be written on this. For the right reasons. I'll tell you, this has been a spectacular partners for us. Not just our relationship with IBM, our go to market partnership together, where they are, we talked to a large deal, it's actually public in the UK. The home office deal where IBM and us partnered and it's a very large modernization contract. We partnered really well. Some of our very large deals as we highlighted one of our largest deals this quarter, the Asian bank was a curator customer, which now we were able to take the ARR up five times. So you can see that the sort of inroads in the partnership that IBM had with many of these customers has translated into very, very large opportunities for us. So it couldn't have been better.

Thank

you so

much.

Thanks, Shaul. Next we'll go to Tal Liani from B of A followed by Andy Nowinski from Wells Fargo. Tal, go ahead.

Hi, I wanted to ask about margins. Can you go over kind of what happened to margins this quarter that I saw a little bit of pressure and then what's the outlook for the year? What are the puts and takes for margins? Thanks.

Tal, just a clarifying question, you're talking gross margins? Is that what you're saying? Yes, gross margin

and also a little bit on the operating margin I saw.

Yeah, so really it's mainly

in the gross margin and it was all in my prepared remarks, like where, yep. So there the main parts were on the services gross margin. It was driven by faster growth on the newer SAS offerings, which just have more time to mature and scale. And on the hardware we did have some one-time inventory right off CNOs that will not repeat in the second half.

I think it's, we had a 40 basis point one-time right off, which impacted our gross margin on the hardware side, which is why it's a one-time event. But we still outperformed our margin expectations both internally and as per you guys.

Thanks.

All right, thanks Tal. Next we'll go with Andy Nowinski and our final question will be from Matt Hedberg from RBC. Andy, go ahead.

Okay, good afternoon, thank you. And I thought your quarter overall was very good as well. I wanna ask maybe a more difficult question on the NetNew ARR side. If you pull out the 74 million from Qradar in Q1, it looks like your NetNew ARR declined on a year over your basis for the last two consecutive quarters. And you have so many positive trends in these large platformization deals. Why aren't those translating into NetNew ARR growth over the last two quarters?

Yeah, so

Andy, we talked about this a little bit last quarter. I mean, we're very happy with the NetNew ARR growth. We did have some transitions of old attaches to cloud-delivered advanced subscriptions. That led to a significant increase in NetNew ARR a year ago. As we lapped that, we don't have the same step up. But the NetNew ARR on some of our newer products, what's driving a lot of the platformizations, continues to go from strength to strength.

Andy, I think just to add to that, the software firewall strengths we talked about, the SASE strengths we talked about, the cloud security strengths, the XIM strength, all these things contribute to NetNew ARR. That's what's allowing us to get it to the, I still remember six years ago, this was zero. So we're very happy that it's driving up hold of the $5 billion. And we still believe we're on track to get to 15 billion on NGSA ARR.

Got it. Great, thanks Andy. Our last question is from Matt Hedberg. Matt, go ahead.

Sure, thanks for taking my question, guys. Congrats on the results. Not an easy environment here. Yeah, I had kind of a high level question, maybe Lee, for you. I think we've all been talking about an agentic framework. And I think, and then Keshe, you mentioned on the call, I guess, Lee, from your perspective, a lot of people look at identity as sort of maybe the tip of the spear for agentic-based security. What's your perspective on the security foundation for a broader agent rollout?

Oh, I think it's a lot more complicated than that, Matt. Not necessarily in a bad way, but I think sometimes the industry can be quick to jump on a single magic bowl of identity, which is important, but there's a lot of other aspects to how these agentic platforms work. And I would actually start with, how do you secure the AI portion of the agentic platform and making sure that it's providing, if you're going to give it the authority to take independent actions, which effectively what agentic AI will do, you better make sure that that AI environment is fully secured from attackers and you have the proper guardrails enforced and everything else. Yes, that has to be combined with identity. All of that has to be combined with, it's gonna ramp up even just -to-machine level communication, how we secure it. So there'll be multiple facets to how agentic AI is secured as it matures.

Just to add to that, Matt, I think one of the things which is, from our perspective, fascinating is that we have now sold Exxiam more than 200 times in the last 24 months, making it one of the fastest growing products in cybersecurity. And in Exxiam, we see all the data. So we expect we will start seeing agentic activity in Exxiam. So identity is two parts. Identity is validating your credentials to make sure you are who you are, whether you're an agent or a human being, which is what typically MFA does with service accounts to an SaaS application. But watching the activity and being able to control the activity and stop the activity and change permissions will have to happen in some sort of AI-enabled SOC. So we think there is an opportunity for us in the future as the definition of agents and the deployment agent starts to settle in, that we will be able to build agentic sort of detection, remediation, and management within the Exxiam capabilities that we have.

All right, with that question, Matt, thanks for wrapping it up for us. We'll turn the call back over to Nikesh for his closing remarks.

I just want to say thank you very much to all of our customers, employees, and our ecosystem partners for all their hard work, and thank you for all of you for taking the time to listen in on our earnings call. We'll see you guys next quarter.