Palo Alto Networks (TICKER: PANW) Palo Alto Networks Inc Panw Q2 2023 Earnings Call Transcript

Palo Alto Networks, Inc. (NASDAQ:PANW) Q2 2023 Earnings Conference Call February 21, 2023 4:30 PM ET Company Participants Clay Bilby - Head, Investor Relations Nikesh Arora - Chairman & Chief Executive Officer Dipak Golechha - Chief Financial Officer Conference Call Participants Brian Essex - JPMorgan Hamza Fodderwala - Morgan Stanley Fatima Boolani - Citigroup Brad Zelnick - Deutsche Bank Tal Liani - BofA Keith Bachman - BMO Patrick Colville - Scotiabank Matt Hedberg - RBC Jonathan Ho - William Blair Saket Kalia - Barclays Joe Gallo - Jefferies Ben Bollin - Cleveland Research Clay Bilby Good day, everyone, and welcome to Palo Alto Networks Fiscal Second Quarter 2023 Earnings Conference Call. I am Clay Bilby, Head of Palo Alto Networks Investor Relations. Please note that this call is being recorded today, Tuesday, February 21, 2023, at 1:30 PM Pacific Time. With me on today's call are Nikesh Arora, our Chairman and Chief Executive Officer; and Dipak Golechha, our Chief Financial Officer. Our Chief Product Officer, Lee Klarich, will join us in the Q&A session following the prepared remarks. You can find the press release and information to supplement today's discussion on our website at investors.paloaltonetworks.com. While there, please click on the link for Events and Presentations where you will find the investor presentation and supplemental information. During the course of today's call, we will make forward-looking statements and projections regarding company's business operations and financial performance. These statements made today are subject to risks and uncertainties. We assume no obligation to update them. Please review the press release and our recent SEC filings to see these risks and uncertainties. We will also refer to non-GAAP financial measures. These measures should not be considered as a substitute for financial measures prepared in accordance with GAAP. The most directly comparable GAAP financial metrics and reconciliations are in the press release and the appendix of the investor presentation. All results and comparisons are on fiscal year-over-year basis, unless specifically noted otherwise. We would also like to note that management is scheduled to participate in the Morgan Stanley TMT Conference and JMP Securities Technology Conference in March. I will now turn the call over to Nikesh. Nikesh Arora Thank you, Clay. Good afternoon, and thank you, everyone, for joining us today for our earnings call. I'm pleased to report that we had another strong quarter with the balance of top line growth, significant expansion and non-GAAP operating margin and strong free cash flow. Billings and revenue each grew 26% year-over-year. Our RPO grew 39% as we continue to sign large multiyear deals with our customers. We also delivered an acceleration in our operating leverage in Q2 as we focused on driving profitable growth. Our non-GAAP operating income grew 55% year-over-year, supported by a non-GAAP operating margin, which exceeded 22% for the quarter, up over 440 basis points year-over-year. This translated to another quarter of profitability on a GAAP basis. We have now been GAAP profitable on a cumulative basis over the last four quarters. In addition, our strong free cash flow generation this quarter also puts us on track to outperform prior guidance. I know many of you are wondering about the macro environment, so I want to start with an update there. There's clearly a tougher macro emerging out there as the Fed continues on its crusade to tame inflation. The changing macro is clearly making business leaders more cautious. Some of our customers are seeing signs of a slight slowdown while others are less impacted. I, however, feel that we're not done yet. And while not expecting shocks, I do think we will see more cautious activity over the next few quarters. Clearly, caution is abundant, driving more scrutiny, making customers demand more value from their partners. We've seen some projects get delayed or descoped, non-canceled while most continue on track. We've always maintained that we expect cybersecurity to be resilient, and we continue to see evidence of that. On the large deal front, this behavior is definitely widespread. For us, this has meant we need to get ahead of this and work closely with our CIO and CSO partners. Not just that, it's creating more conversations around payment terms, discounts and scope of deal with purchasing teams, something we've been working with our customers on as well. I'm delighted that based on our field teams getting ahead of this problem, earlier this quarter, we did not see any major deals slip from the quarter. Our deal cadence quality was consistent with the same quarter last year. On an equally positive note, this environment drives the need for consolidation, not just to generate clear security outcomes, but also to reduce the security vendor sprawl that has been prevalent in our customers' infrastructure and the need for a long-term security strategy based on total cost of ownership and value. We feel fortunate that with our portfolio, we are best positioned to deliver this to our customers. Within our own business, two things have happened. One, we have become more focused on efficiency from early this year. For example, our headcount growth this year is likely to be lower than any of the last three years. At the same time, we do not anticipate slowing down the pace of our development or business outcomes. Dipak and his team have been rigorously inspecting our cost structures across our portfolio to ensure we are set up to deliver consistent gross margins in all areas. This has been one of the major drivers of our improved operating margin and we hope to continue to improve as we scale. Secondly, as anticipated, supply chain challenges and product have abated significantly versus six months ago. While this is evident in our product gross margins and our overall profitability, there are some lingering impacts, which we expect to further abate through the end of this year. Let's also take a moment to discuss hardware growth. Over the last 12 months, a lot of factors have impacted hardware growth, including supply constraints, uneven demand, given supply chain impacts and backlog. Additionally, we have noticed our customers continue to be more focused on their cloud, network and security operations and transformations and are willing to sweat their hardware assets longer. Underlying all this, we still believe that the industry hardware growth rate is in the low to mid-single digits. As all these extraneous factors mitigated over the next few months, we will see the long-term growth gravitate back to those levels. So what does this mean for the second half of this year and beyond? Somewhat counter to the market, we're raising guidance both on top-line metrics, metrics and profitability. Of course, this requires the current demand to sustain, and for us to maintain a continued focus on execution. We have a unique opportunity in this environment to strengthen our position in the market. Hence, we are investing with an eye towards disciplined growth and positioning ourselves to the partner of choice for customers looking to consolidate. You'll hear more about this from Dipak, but we are raising billings and next-generation security our guidance on the back strength in our software-based and cloud-delivered capabilities. In our hardware pipeline, we're seeing specific transactions that are on track for Q4, which has caused us to shift some forecasted revenue from Q3 to Q4 while maintaining our annual guidance. With all I have said about efficiency in better operations and the impact, we're now guiding to 21.5% to 22% operating margin for fiscal year 2023. Additionally, we're also increasing our cash flow guidance. Consolidation continues to be a key theme with our customers. Of course, customers are not willing to compromise on quality and cybersecurity. Given our market leadership in 13 categories, we are fortunate to be engaged in many such conversations. Those conversations are driving business, and many customers are on a long-term transformation path with us. The number of deals we closed over $1 million grew nearly 20% year-over-year, and the value of these transactions grew nearly 60%. Similarly, the number of greater-than-$5-million deals grew 84% and a number of greater-than-$10-million deals grew over 140%. We saw deal values in these cohorts grow significantly. This continued momentum is critical to us being able to drive platform consolidation. Time and again, we see early millionaire customers become an onboarding ramp to help us drive more cybersecurity value to our customers. Almost all of our $10 million deals involve multiple platforms on an underlying transformation that is driving vendor consolidation. Let's take a look at some of the ways we are driving consolidation. First, with Zero Trust transformations, we're helping customers standardize their appliance and software firewalls with a broad line of security subscriptions. A life sciences customer signed an eight-figure deal to standardize their operations using our next-generation firewalls, VMs and security subscriptions. In other cases, we're helping customers adopt SASE and software firewalls, and consolidate their security stack across our consistent set of offerings, driven by hybrid work and securing SaaS apps. A financial service firm recently signed an eight figure deal with us, because they wanted to transform their network and reduce both operational challenges and cost of ownership. They chose us over pure play SASE competitors, because of the breadth of our offering in our comprehensive Zero Trust network. Secondly, trial cloud transformations. We're using our Prisma Cloud and Prisma Access capabilities to help customers adopt hyperscale cloud and Software as a Service. Another financial services firm with a mandate to run over 90% of the apps in the cloud signed a high eight-figure deal to standardize in both Prisma Access and Prisma Cloud. Lastly, in SOC transformations, we're using our Cortex platform with XSIAM to help customers transform their security operations center and retool around high-fidelity data sources, AI and automation. A retail company started a relationship with us around Unit 42 incident response with an Expanse trial and small XDR deployment. They expanded the relationship with a high seven-figure deal to standardize on XDR and XSOAR. These strategic customer relationships and transformations would not have been possible without us building a new security industry paradigm, a paradigm around constant innovation. Our success is driven by investments in innovation and is increasingly clear to us that, there is a flywheel at play here. This starts with R&D investment, where we have the largest budget of all dedicated cybersecurity companies approximately $1 billion in non-GAAP spending on a trailing four-quarter basis. This is two to five times as much as our pure-play peers. Our scale also allows us to spread this budget across a larger revenue base and the shared needs of our three platforms. R&D investments then translate into a record number of product releases. Our first half major release is number 35, up 59% from the first half of last year. Some of the key releases in the first half included our flagship PAN-OS 11.0 Nova, our third advanced subscription, Advanced Wildfire, our new AI-based SOC platform XSIAM and new modules and updates in Prisma Cloud. This constant innovation is causing industry analysts to take notice. We recently received recognition for leadership in the cloud-native application protection platform category, or CNAPP, bringing our total number of active leadership recognitions to 13, which compares to nine a year ago. All these leadership positions have helped us grow our NGS ARR at 63%. We still believe there is a large untapped TAM for many of these services given the robust adoption of advanced software services that we have launched, which are all cloud delivered and us being in the early part of the SASE cloud life cycle, we feel confident in our future ability to drive NGS ARR. Let's take a deeper look at some of the highlights. I'll start with my personal favorite, our network security business. We launched our first SASE capability, Prisma Access, at the end of fiscal year 2019. In the first year, we booked less than $100 million in business. Over the last six quarters, we booked about $1 billion, with our largest deal last quarter being a TCV deal for $40 million for SASE. We now have over 4,000 customers and are growing ARR approximately 50%. In Q2, we saw a healthy number of large competitive wins in SASE, and SASE has one of our strongest pipelines looking 12 months out. Beyond the top line traction, we're also seeing improving economics in the business. Two years ago, we showed you how the five-year revenue from a SASE customer compares to an appliance customer. At that time, SASE was about two times higher. Since then, we've added additional value to SASE. We launched autonomous digital experience management in FY 2022, followed by AIOps and SaaS security posture management this year. AI has the power to transform SASE. Our integrated security services are now all powered by AI to detect and prevent even zero-day attacks. And we'll soon be introducing additional AI-driven capability to transform the user experience and using the platform. We now expect our five-year revenue from a SASE customer to be more than 2.5 times that of an appliance customer. We've also seen some improvements in our SASE gross margins over this period, as we have scaled to become more efficient. If you go to the other side of our network security portfolio, our software firewall business is going strong. This includes the broadest deployment options for customers, including VM-Series and CM series, which can run in their data centers or be purchased in the cloud marketplaces and the first-to-market integrated cloud next-generation firewall offerings for hyperscale clouds. We have the highest market share of any company in this market. We believe it's more than three times of our any closest competitor. The current macro environment is causing more customers to watch their CapEx budget. This shift, along with the fact that customers are transforming the data centers moving to the cloud, is leading more of them to adopt software firewalls. In Q2, the number of deals over $1 million for our software firewall was nearly doubled, and six of our top eight deals in Q2 included software firewalls in our offering. Moving onto our cloud security business. We continue to make steady progress with Prisma Cloud. Platform enhancements are important to our growth. We released the new API risk profiling capability to enhance our web application security module. This capability helps security teams assess their API stack surface, attack surface quickly based on more than 200 risk factors, including misconfigurations, exposure to sensitive data and access privileges. This helps teams prioritize the most significant risk and take preventive measures to address them. We also continue to shift left and focus on securing workloads as they are developed, solving our customers' application security channels. To that end, we closed the acquisition of Cider, and have brought their team under common leadership with our cloud code security team to help bring Cider's CICD security capability to our platform. After releasing Cloud Core Security a year-ago, over 15% of our customer base has adopted these capabilities. Our cloud core security customers in Q2 grew 30% over Q1. Our new secret management module launched in December scans code repos used by developers for hard-coded secrets like passwords and API keys to make sure this information is not exposed and used as a vector of attack. We continue to see these new capabilities and enhancements drive an increase in customer module adoption. For example, our customers with two or more modules grew over 40%, and customers with four or more modules more than doubled. Credit consumption of Prisma Cloud increased 48% year-over-year. This growth is being driven by new customer additions, customers increasing their cloud footprints and customers consuming additional modules. While there has been discussion on moderation and cloud consumption in the market, we believe the relatively early stage of cloud security adoption has and will continue to shelter us from this headwind. Before I move on to Cortex and talk about continuing signs of optimism I see in that category, I feel compelled to take a detour towards AI. Clearly, AI has been on everyone's mind given the continued conversation in the tech industry. Most of you know the story of arrival with the Palo Alto Networks. I talked about fragmentation and the need for a solution there, which we have talked a lot about. I also talked about automation and AI. We counted, I used the word AI more time than my first six months in Palo Alto Networks than platform or consolidation. The challenges you all know is that AI has been a data problem and continues to be so. Unlike consumer AI, where we can talk about Sonnets and ChatGPT's creative capabilities and the revolution that is going to drive in search or advertising, its ability to summarize data and continue to amuse and inform us, the demands from AI and enterprise are far more exacting and so are the returns. An enterprise AI needs to be clean. It has to have comprehensive data. And in security, especially it needs to be real time. So not only do you need to have the best data to create great security outcomes, you also need to be positioned in line to block threats. Let me make a case why with petabytes of data from trillions of events, billions of sessions, hundreds of millions of URLs and tens of millions of flies flowing -- files, not flies -- flowing through our product across cloud, network and endpoints daily, we are best positioned to deliver security outcomes using AI machine learning. Palo Alto Network's next-generation firewalls broke through the firewall industry in the early days because of our ability to then deliver next-generation security. These services were driven by expansive data collection capabilities, EAL, or enhanced application logs. We have since applied that capability across our entire network security stack. We estimate that this network secure data is just under half the valuable security data that is needed for any AI-driven outcome. We have over 60,000 customers where we can help them use this data. As we conceived with Cortex, we built XDR to ensure we collected the best endpoint data across the industry. We acquired and deployed the largest security automation footprint at XSOAR, but we're not stopping there. We then acquired and integrated Expanse, which looked at vulnerability data from a different and unique perspective. These formed the fundamental building blocks for XSIAM. With our leadership position in automation, analytics and attack surface management, again, we're driving an AI-based SoC transformation. With our 4,500 Cortex customers, we're able to bring what we believe is the next largest set of security data that is useful for AI. We applied the same thought and rigor as we built Prisma Cloud, integrating data from all hyperscalers, integrating shift-left data from developers. Slowly and steadily, the Prisma Cloud integration is being built on a stronger foundation of security data. Cloud is becoming an increasingly important contributor to AI, and our 2,000 customers will benefit from it. We have delivered unique AI-based outcomes, including blocking unknown yet malicious websites, command and control domain and files at scale. Also, we have shown in our own security operations center that we can reduce the mean time to detection to seconds and the meantime to respond to minutes. These are all outcomes that cannot be achieved without the data we have and the AI/machine learning expertise we apply. Let's take a look into how we believe this has made us more excited and encouraged us around XSIAM. In Q2, as part of the Cortex and XSIAM platform, we released important new capabilities, including SaaS-enabled XSOAR, delivering a cloud-based interface and Expanse active attack surface management allowing our customers to remediate issues discovered using XSIAM. We launched XSIAM and GA at the end of Q1. So far, we've closed approximately $30 million in business and have a growing pipeline of customers that are looking to transform security operations of the new platform. I think XSIAM is going to pave the way for us to drive AI-driven security transformation outcomes. We will continue to work hard with our early customers to drive evolution and success in XSIAM. I'm extremely positive, perhaps, and cautiously optimistic about XSIAM. Its early relevance, product market fit, and with the concurrent discussion on AI, it makes me hopeful that this could be the fastest ramp of any security product. We see our first milestone to getting to $100 million in bookings faster than Cortex SASE or Prisma Cloud in our portfolio. Before I turn the floor to Dipak, I want to put all this together and talk about where we're focused as we enter the second half of our fiscal year and beyond. We see a clear road map ahead of us. We intend to put our head down and execute. Right now, we're in the process of transforming our business to software-based and cloud delivery offerings. Our revenue, which is increasingly driven by our next-generation security capabilities, is becoming more recurring in nature, and we have an opportunity to own a greater share of our customers' cybersecurity budget. This should allow us to sustain high revenue growth for longer. Over the last couple of years, we set in motion a plan to expand our operating margin, including driving scale in our faster-growing businesses. Over the last six months, we've listened to investors who have encouraged us to focus on profitable growth and accelerate incremental leverage in our business, and we made good progress in Q2. We're now well positioned for the second half of the year. We are appreciably raising our margin target for FY 2023 up 200 basis points from our prior guidance and 250 basis points from our initial FY 2023 guidance. We believe we can continue to build on this into fiscal year 2024 and beyond, putting us three years ahead of our profitability targets we offered at our last Analyst Day in September 2021. As Dipak will describe, we believe the combination of sustaining higher top line growth and focus on efficiency sets up well to build on this base of higher profitability and grow EPS ahead of revenue. I want to emphasize that achieving GAAP profitability is an important milestone for our company. In support of this, we're actively focused on managing our stock-based compensation to continue bringing this down as a percent of our revenue. With that, I'll turn the floor over to Dipak to take you through our details of our results and guidance, and then we'll take questions. Dipak Golechha Thank you, Nikesh, and good afternoon, everyone. For Q2, revenue of $1.66 billion grew 26%. Product revenue grew 15%, whilst total service revenue grew 29%, with subscription revenue growing 32% and support revenue growing 25%. Moving on to geographies. We saw revenue growth across all theaters, with the Americas growing 22%, EMEA up 35% and JPAC growing 32%. The strength of our next-generation security capabilities continues to drive our results, with NGS ARR of $2.3 billion, growing 63%. Strength was broad-based across all three of our platforms: Network security, cloud security and security operations. We delivered total billings of $2.03 billion, up 26% and above the high end of our guidance range. Total deferred revenue in Q2 was $7.6 billion, an increase of 39%. Remaining performance obligation, or RPO, was $8.8 billion, increasing 39%, with current RPO representing about half of our RPO similar to recent quarters. Our non-GAAP earnings per share was significantly ahead of our guidance, and this metric, as well as our trailing 12 months adjusted free cash flow, accelerated. Non-GAAP EPS of $1.05 grew 81% year-over-year, while trailing 12-month adjusted free cash flow of $2.7 billion grew 76% year-over-year. Moving on to the rest of the financial highlights. Non-GAAP gross margin of 75.5% was up 150 basis points year-over-year, driven mainly by an increase in our software mix. On a quarter-over-quarter basis, we saw less pressure from incremental costs related to the supply chain. We've made significant progress in driving leverage. This is something that we articulated at our Analyst Day in September 2021 and kicked off in fiscal year 2022. And we have accelerated this in fiscal year 2023 with a focus on profitable growth as evidenced by our Q2 performance. Our operating margin of 22.8% increased 440 basis points year-over-year. This result was driven by improving gross margins and a slower level of headcount additions. We expect to see ongoing improvements in our operational efficiency. And as a result, we are raising our fiscal year 2023 operating margin guidance. Non-GAAP net income for the second quarter grew 79% to $332 million, or $1.05 per diluted share. Our non-GAAP effective tax rate was 22%. Delivering fiscal year GAAP profitability is another milestone in our balance of driving growth and profitability. For the quarter, GAAP net income was $84 million or $0.28 per basic share and $0.25 per diluted share. This was our third consecutive quarter of GAAP profitability. And as Nikesh noted, we have now been profitable on a cumulative basis for the last four quarters. We believe we now meet the criteria for inclusion in the S&P 500. Turning now to the balance sheet and cash flow statement. We ended Q2 with cash equivalents and investments of $6.2 billion. Our average duration -- our new contracts increased slightly year-over-year, driven by deals with strategic customers. It remains at approximately three years, where it has been historically. Q2 cash flow from operations was $695 million, with total adjusted free cash flow of $685 million this quarter. Our strong free cash flow in Q2 was driven by increased operating profitability, higher interest income and improvement in billings linearity due to improving supply chain conditions. During Q2, we repurchased approximately 1.8 million shares at the open market at an average price of approximately $139 per share for a total consideration of $250 million. As a reminder, our share repurchase program is opportunistic, and we are committed to this method of returning cash to shareholders over the medium-term. Stock-based compensation ticked up 20 basis points as a percent of revenue sequentially, related to the issuance of our annual grants and the impact from the Cider acquisition. On a year-over-year basis, stock-based compensation was down 350 basis points as a percent of revenue. Before I get to guidance, I wanted to cover my thoughts on operating margin. We have continued to drive improvements in the profitability for our fastest-growing businesses as they have gained scale. Also, over the last six months, we have developed and executed on detailed plans to accelerate our operating leverage. This includes raising the bar around the return on investment we expect as well as remaining prudent in our hiring. We've also spent a lot of time looking at our peer group and studying benchmark data. As we look towards the second half of the year and into fiscal year 2024, we believe we can continue to execute against our plans and drive higher operating margins. We expect that this will translate into us growing our EPS faster than our revenue growth rates. Now moving on to guidance. We're offering guidance for Q3 and also Q4 to make this explicit and then offering updated annual guidance. You'll see we're maintaining our annual revenue guidance and giving explicit guidance for Q3 to Q4 based on what we see in our pipeline for product revenue. For the third quarter of 2023, we expect billings to be in the range of $2.20 billion to $2.25 billion, an increase of 22% to 25%. We expect revenue to be in the range of $1.695 billion to $1.725 billion, an increase of 22% to 24%. We expect non-GAAP EPS to be in the range of $0.90 to $0.94, an increase of 50% to 57%. For the fourth quarter of the year, we expect billings to be in the range of $3.12 billion to $3.17 billion, an increase of 16% to 18%. We expect revenue to be in the range of $1.937 billion to $1.967 billion, an increase of 25% to 27%. We expect non-GAAP EPS to be in the range of $1.18 to $1.22 per share, an increase of 48% to 53%. For the fiscal year, we expect billings to be in the range of $9.1 billion to $9.2 billion, an increase of 22% to 23%. We expect NGS ARR to be in the range of $2.75 billion to $2.8 billion, an increase of 45% to 48%. We expect revenue to be in the range of $6.85 billion to $6.91 billion, an increase of 25% to 26%. We continue to expect product revenue growth in the range of 10% for the full fiscal year. For fiscal year 2023, we're expecting our operating margins to be in the range of 21.5% to 22%. And we expect our non-GAAP EPS to be in the range of $3.97 to $4.03, an increase of 57% to 60%. We expect our adjusted free cash flow margin to be between 36.5% to 37.5% and we expect to be GAAP profitable each quarter and for the fiscal year 2023. Additionally, please consider the following modeling points. We expect our non-GAAP tax rate to remain at 22% for Q3 and fiscal year 2023, subject to the outcome of future tax legislation. For Q3 and Q4, we expect net interest income -- net interest and other income of $45 million to $49 million. We expect Q3 diluted shares outstanding of 321 million to 327 million shares. We expect Q4 diluted shares outstanding of 326 million to 332 million. We expect fiscal year 2023 diluted shares outstanding of 320 million to 326 million. We expect Q3 capital expenditures of $35 million to $40 million, with full year capital expenditures of $165 million to $170 million. With that, I will turn the call back over to Clay for the Q&A part of the call. Question-and-Answer Session A - Clay Bilby Great. Thank you, Dipak. [Operator Instructions] The first question will be from Brian Essex of JPMorgan with Hamza Fodderwala to follow. Brian, you may ask your question. Brian Essex Great. Thank you, Clay and congrats to everyone on some fantastic results. Really, really strong here. Thanks for taking the question. Maybe Nikesh for you, I just have a question on SASE. Maybe if you could dig in a little bit to the competitive dynamics there. Does it really help to -- I guess, how much does it help the platform to have full end-to-end SASE? I see a lot of private vendors building out full end-to-end SASE platforms, or is this more of a transformational push or maybe there's a little bit of both? Thank you. Nikesh Arora Hey, thanks for the question. Look, the SASE market, I think traditionally was a market which was focused on Internet access. Customers use that as a proxy-based way to onboard Internet access and was fine. I think the pandemic really flipped the switch, coupled with the whole cloud transformations that are going on, our customers, especially larger customers, want to create a first -- first-class citizen of any user who's not sitting in the office or in the campus, and they want to get to Zero Trust. So, I think the confluence of Zero Trust, the confluence of the cloud transformation, the confluence to apply a full security stack opened the door for full SASE deployment to network transformations, couple that with the fact that people are trying to get away from large wide- network-type network architectures, SD-WAN type network. So, I think, our confidence on all of these things created a real spurt in the SASE market. We have 60-plus thousand customers who use our firewalls. Now, we're showing them a path to migrate from a firewall-based, campus-based, data center-based architecture to a Zero Trust architecture, which spans hardware, software, and any kind of remote access and campus solutions. So, I think that's what's driving that for us. And whilst your guys -- you're impatient, your brains move faster than our ability to execute sometimes, it's only been three years. And I think I could challenge anybody out in the market. Anybody -- everybody read the same Gartner Magic Quadrant on SASE. I want to see how many vendors can claim that the last six quarters, they sold $1 billion SASE, and who just did a $40 million deal in SASE last quarter. So, I think that's our execution, our ability to work with existing customers, our constantly listening to customers evolving our product is allowing us to get here. It's a competitive market, but I think we're down to two, two and a half vendors in this market who we see at every customer now. Clay Bilby All right. Our next question from Hamza Fodderwala with Morgan Stanley with Fatima to follow. Go ahead Hamza. Hamza Fodderwala Hey good afternoon. Thank you for taking my question. Maybe for Nikesh and Lee Klarich. Just curious around the early customer conversations around AI as customers look to automate their security operations. And to what extent is that aiding the conversation towards consolidation for Palo Alto Networks? Nikesh Arora That's a great question, Hamza. And I've been sort of on and off in terms of how to temper my enthusiasm for this space. And I was on my way to India to speak at a convocation, I experienced ChatGPT for the first time. And I turned around and rewrote my convocation speech saying, this is the best thing that happened to security, enterprise and to consumer, because I think it's kind of an inflection point, which is big. Now clearly, that's a conversation. I'd say, two months ago, customers were not asking us about AI, and now they all want to know, are you deploying AI in your security products? That's great. And that's why we spent some time on the earnings call trying to elaborate how we've been using this for a long time. The conversations are around how do I start making more sense of my data. I think the last iteration of using data in the security industry has been more about, I'd say, offline or reactive data analysis for the most part. And this is the first time the customers want real-time, proactive, block-the-threat outcomes, which is sort of our sweet spot, if I may say so. And that conversation is beginning to start. I'll tell you, on XSIAM, there's no deal less than $1 million. I haven't seen a security product that we launched in the industry which starts off at a minimum price of $1 million, right? We've done $30 million of business in the last 12 to 16 weeks, where our customers -- our teams are still getting trained. We're still getting traction. We still have, we think, 70%, 80% of the product developers still working on the rest of it as we get feedback from customers. So -- and I'm cautiously optimistic. And I think you will see this pave the way for deployment of AI. This is our first outcome-based product. This is the first time we can walk in and say, listen, I can reduce your mean time to respond, a mean time to detect. Otherwise, I'd say, use this, this is really good, it's going to save you, but he won't find out until something happens. In the case of XSIAM, I say, I can demonstrate efficiency, I can demonstrate lower cost of ownership for you. So, very hopeful. Don't get ahead of yourself. It's going to take a while. I really told you we'd be happy if I get $100 million faster than any of the product. And hopefully, this becomes another leg of growth for Palo Alto to give us more sustained top line over the long-term. Clay Bilby All right. Our next question from Fatima Boolani of Citigroup with Brad Zelnick like to follow. Go ahead. Fatima Boolani Good afternoon. Thanks for taking my questions. Nikesh, this one's for you. You were pretty explicit that you are having realistic conversations with customers about payment terms and extensions and financial circumstances as most organizations focus maybe more on cash flow preservation than they had in the past. So maybe to specifically ask, it's not very apparent in your numbers that you're having those types of conversations. So a, how are you managing to circumvent a lot of that? And how is Palo Alto Financial Services as a financing vehicle maybe helping you drive a lot of those conversations that's not apparent to us? Nikesh Arora Good. Fatima Boolani Good. Nikesh Arora It means we are doing a good job of managing our cash flow margins and making sure our customers are happy. And this very rarely do I get to make both shareholders and customers happy at the same time. So it's one of those moments. Look, on a more serious note, yes, you're right. We are having those conversations. And I'd say, Dipak and his team doing a phenomenal job in making sure that our sales teams are supportive when the customer is talking about payment terms, annual billing plans or specifically using PANFS. So I'm going to pass over to Dipak and explain how he's walking the tightrope and making sure that we're doing this effectively with our customers. I will say, we're blessed because, as Dipak highlighted, we have $6.2 billion of cash on our balance sheet. So we have the capacity to be able to do this for our customers. But Dipak? Dipak Golechha Yes. No, I think, I would just say that, it's been very selective and very purposeful looking at the actual customer interaction. We have a whole team, that are very experienced at this. We brought a lot of people in with external experience. And it really is a case-by-case piece here, but that's how you keep it like very selective and strategic. And that's the only time we really use it. Clay Bilby All right. Great. Our next question is from Brad Zelnick of Deutsche Bank, followed by Tal Liani. Go ahead, Brad. Brad Zelnick Great. Thank you, very much, and congrats, Nikesh and team. Great, great job. Nikesh, Palo Alto Networks is far more than a hardware company. And that's... Nikesh Arora Oh, my God, Brad. You're reminding me of the meeting we had 4.5 years ago in my office. Go on. Brad Zelnick I'm so glad that I left that impression on you, Nikesh. But I'm still waiting for the odd word by the way. You can see behind here. It's still -- even though I'm in front of the building, it's a bit sparse. But good to see you. So, far more than a hardware company today that's on full display, but you've downticked on your industry hardware growth expectations from what you said last quarter. I believe last quarter, you said 5% to 8%. Now you're saying low to mid-single digit. I don't know if it's a material difference, but I noticed the difference. If anything, what's changed at all in your market view? How should we expect your hardware business to perform versus market? And what would you say, Nikesh, to a skeptic that's perhaps skeptical that a lot of the success you see in everything else in next-gen is riding along on -- and opportunities created when a sales person shows up and is selling hardware? I guess how much of that motion is happening away from hardware that we should appreciate? Thanks. Nikesh Arora So, Brad, I think it's important to understand, that we have a very large installed base. We have 62,000 customers who deploy Palo Alto firewalls. And let's just say, in my 4.5 years at Palo Alto, I don't know any customer has decommissioned us yet. So, I think that the solution of the hardware is not being deployed or not being used is not true. So there is hardware and [indiscernible] customers. Even though somebody may not be buying hardware, a lot of our subscription growth, our ELA growth, is driven by the fact that people have hardware, which they are extending the software capabilities on and buying more software capabilities from us. So it's not just that a salesperson shows up only to sell hardware, they actually show up to deploy more security capabilities on the software front. And couple that in the case of SASE, if you look at our large pipeline, it's clearly driven by a customer of Palo Alto, who is a firewall customer, or a potential SASE customer who's saying, listen, I know your security services, I know your Zero Trust policies, I want to be able to expand into it and deploy a full end-to-end SASE solution or a Zero Trust solution for you. So, I guess I'm trying to say is that, our success in software is not hardware-dependent. All I'm highlighting is that I believe that the market was very confused last year with supply chain. You couldn't get chips. There were orders being made. Customers are getting jittery, saying, I have capacities, I might need more hardware. So a whole bunch of conflation of effects that happened hardware. I have constantly maintained that hardware grows. The industry grows at low to mid-single digits. You noticed that perhaps a slight downtick in my expectations, and that's probably fair. You're perceptive. But I don't think it changes the overall outcome for us as a company. I do worry about people who are purely hardware-focused, who don't have the ability to position a solution which includes software. I'll give you an example. A large retailer comes to us and say, I'd like to deploy a SASE solution across my entire retail base. I'd like to upgrade. I want to do AR, VR for my store. I want to go get more bandwidth in there. Technically, there are multiple ways to solve the problem. What you do is sell firewalls and say, hey, put a bigger firewall in your store. And I can deliver SASE because I have security capability. I can say, put an SD-WAN box in there, go deploy a lot of bandwidth in there, and do a software-based SASE implementation. A, it's going to be much easier to replace software in there, upgrade software. I take care of that for you. B, it's more secure because you have the most latest upgraded software available right away. Three, it's scalable, you can improve your bandwidth requirement and security requirements over time. And; D, for me, it's great because it's 2.5 times more valuable for me to have you deploy SASE than put a box, which I'd have to keep sending a truck every year to try and upgrade this offer. Brad Zelnick Makes perfect sense to me. Keep up the good work. Thank you. Nikesh Arora Thanks Brad. Clay Bilby Great. Next question from Tal Liani of BofA, followed by Keith Bachman. Go ahead, Tal. Tal Liani ...I wanted to show you my arc, I made it. Clay Bilby Tal? Tal Liani I wanted to ask you about the difference between revenue growth, billing and deferred revenue. You increased the guidance for deferred and billings that are very, very strong. We see less of an increase in revenue. What are the dynamics going forward? Nikesh Arora I'm going to let Dipak answer, but I will recommend you to try Dali. And you might be able to create a parallel poster of our, and we'll have to figure out who did, which one. Dipak Golechha Yeah. Look, Tal, I think at the end of the day, like we are an enterprise company. And as you see in our guidance, like we have a large Q4 guidance with a lot of customers sweating assets, as Nikesh mentioned in our -- in his script. I think, we're just trying to reflect that in our latest forecast, which is what drives the guidance. And so if you have people sweating assets, we don't know exactly what will fall in which quarter, and that's what drives the revenue. Nikesh Arora Yeah. Well, I think just to make sure that you don't -- we don't mix the forest from the trees. We are seeing better growth across our business on a TCV basis across our customers. That's driving the billings growth, which obviously then falls into revenue, both short-term and long-term and deferred. I think what you're seeing is the higher mix of software in our expectations going forward, which makes it more ratable over time. It gives us more predictability. Hence, the revenue looks consistent with expectations, and you see the software part, which is sitting in deferred grow faster. Dipak Golechha Certainly on SASE, that is the most... Tal Liani That makes sense. Clay Bilby All right. Great . Thanks. Our next question from Keith Bachman of BMO, followed by Patrick Colville. Go ahead, Keith. Keith Bachman Many thanks. Good afternoon, good evening. I wanted to ask you, Nikesh, about Cortex, if I could, more broadly, and I'll break it in two parts. The Cortex journey, the results have been solid, not just this quarter, but for some period of time now. And A, on the competitive front, we've been hearing a lot of discussion from some of the leading vendors that pricing has become much more material in winning share of the CrowdStrikes or what have you. It doesn't appear that that's the case at all in your results from the growth rates and the profitability. So I just want to hear a little bit about pricing. And then more broadly on B, just the competitive dynamics on your results, and you mentioned $100 million run rate on XSIAM, how has the portfolio helped shaping this outcome as you look out over the horizon over the next number of quarters in Cortex? Nikesh Arora So Keith, that's a great question. And I'm hesitating on my own analogy, which I was going to give you, but I don't think we should print that. It's clear, it's just -- I don't want to put a word against our Cortex business. First and foremost, look, I've always maintained that the opportunity in the security market arises when there's an inflection point. And I think the endpoint industry went through an inflection point a few years ago when we saw the emergence of EDR and XDR players. And you saw that, I'd say, perhaps the normalization of pure endpoint antivirus-type players in the market. And what's happened is if you look at the evolution, we've gone from a few endpoint players to many, and you're beginning to see convergence again down to two or three people. And I'd say that we are one of the three growing XDR vendors where customers are choosing us.