Palo Alto Networks (NYSE: NASDAQ:PANW) has reported a solid beginning to fiscal year 2025, with total revenue reaching $2.14 billion, marking a 14% increase from the previous year.
The company's next-generation security (NGS) annual recurring revenue (ARR) saw a substantial 40% rise to $4.52 billion, surpassing expectations. The firm also saw a 60 basis-point expansion in operating margins and a 13% growth in earnings per share (EPS).
Key Takeaways
- Palo Alto Networks' total revenue grew by 14% year-over-year to $2.14 billion.
- NGS ARR soared by 40%, reaching $4.52 billion.
- Operating margins expanded by 60 basis points.
- EPS increased by 13%.
Company Outlook
- The company raised its full-year 2025 guidance for NGS ARR to between $5.52 and $5.57 billion, which represents a growth of 31-32%.
- Revenue expectations were set at $9.12-$9.17 billion, indicating a 14% growth.
- Non-GAAP EPS is projected to be between $6.26 and $6.39, reflecting a 10-13% increase.
- A 2-for-1 stock split was announced to make the company's shares more accessible to employees and investors.
Bearish Highlights
- The earnings call did not highlight specific bearish aspects of Palo Alto Networks' performance.
Bullish Highlights
- The platformization strategy has resulted in over 70 new platformizations, with a total of approximately 1,100.
- Strong demand in network security, with growth in software and SaaS form factors.
- 40% of new SaaS customers are entirely new to the company.
- The Cortex platform crossed $1 billion in ARR.
- Prisma Cloud surpassed $700 million in ARR.
Misses
- The summary provided does not indicate any misses in the company's performance or expectations.
Q&A Highlights
- CEO Nikesh Arora emphasized the success of the platformization strategy in driving NGS ARR growth and achieving long-range targets.
- Arora also highlighted the company's unique position as a dedicated cybersecurity firm capable of consistent innovation.
- The acquisition of QRadar from IBM (NYSE:IBM) is expected to create significant SIEM replacement opportunities.
- Talend Cybersecurity browser integration is set to enhance secure access capabilities.
- AI-powered innovations, including CoPilot capabilities, are being introduced across the company's platforms.
In summary, Palo Alto Networks' emphasis on integrating security solutions into comprehensive platforms has been central to its growth strategy. The company's focus on innovation and strategic acquisitions, such as QRadar and Talend Cybersecurity, is expected to further strengthen its market position. With raised guidance for the fiscal year 2025, Palo Alto Networks is demonstrating confidence in its continued growth trajectory.
Full transcript - Palo Alto Networks Inc (PANW) Q1 2025:
Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development, Palo Alto Networks: Good day, everyone, and welcome to Palo Alto Networks' Q1 2025 Earnings Conference Call. I'm Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development. Please note that this call is being recorded today, Wednesday, November 20, 2024 at 1:30 p. M. Pacific Time.
With me on today's call to discuss first quarter results are Nikesh Arora, our Chairman and Chief Executive Officer and Deepak Golecha, our Chief Financial Officer. Following our prepared remarks, Lee Klarich, our Chief Product Officer will join us for the question and answer portion. You can find the press release and other information to supplement today's discussion on our website at investors. Paloaltonetworks.com. While there, please click on the link for quarterly results to find the 1Q 'twenty five supplemental information and 1Q 'twenty five earnings presentation.
During the course of today's call, we will make forward looking statements and projections regarding the company's business operations and financial performance. These statements made today are subject to a number of risks and uncertainties that could cause our actual results to differ from these forward looking statements. Please review our press release and recent SEC filings for a description of these risks and uncertainties. We assume no obligation to update any forward looking statements made in the presentation today. This presentation contains non GAAP financial measures and key metrics relating to the company's past and expected future performance.
Non GAAP financial measures should not be considered a substitute for financial measures prepared in accordance with GAAP. The most directly comparable GAAP financial metrics and reconciliations are in the press release and the appendix of the investor presentation. Unless otherwise noted today, all results and comparisons are on a fiscal year over year basis. We also note that management is scheduled to participate in the UBS Global Technology Conference. I will now turn the call over to Nikesh.
Nikesh Arora, Chairman and Chief Executive Officer, Palo Alto Networks: Thank you, Walter. Good afternoon, and thank you, everyone, for joining us today for our earnings call. We're delighted to report a strong start to fiscal year 2025. In our Q1 of focusing on RPO and NGS ARR, we saw strength in both metrics and saw them perform well ahead of our expectations. The market for cybersecurity continues to be robust and continues to grow faster than the overall technology market.
Despite the acceleration of technology spend due to AI, cybersecurity continues to outpace technology spend. We saw particular strength in our next generation security offerings, notably in Cortex and in NetSec. NGS ARR grew 40 percent to over $4,500,000,000 It is still well ahead of our and the streets expectations, independent of a one time increase due to the IBM deal. On the profitability front, we expanded our operating margin by 60 basis points year over year, as we continue to see benefits from our broad efficiency focus while making the necessary investments to sustain our growth. This translated into a 13% EPS growth and strong cash generation.
We are particularly pleased with our continued execution at scale where we are able to balance our growth initiatives within our financial investment envelope, allowing us to deliver upside to our EPS guidance. We've been talking about the benefits of simplifying security architectures and consolidating point products into platforms for a while now. I'm sure all of you remember our eventful quarter where we changed gears on platformization. And as I've said before, I wish we could have made our good decisions faster. We continue to see momentum across our partner ecosystem and our customers.
More recently, our industry peers have been evangelizing the virtues of platformization and industry experts have begun to weigh in. I had our teams go back and compare the growth in the mentions of the word platform on cybersecurity earnings calls this year versus last year, we found an overall 50% increase amongst our peers. As they say, imitation is the highest form of flattery. As another point of reference, in recent research, Gartner (NYSE:IT) sees 75% of security leaders actively pursuing a vendor consolidation strategy, although less than 15% of large enterprise customers have implemented at least any one security platform solution. Gartner expects that by 2028, 45% of organizations will use fewer than 15 cybersecurity tools in their product portfolio, up from 13% of organizations in 2023.
I do want to reiterate the definition of what we want to achieve as a platform. Central to stopping threats of the future is a robust AI and automation platformization strategy, and data is at the heart of it all. Our approach is to ingest all relevant security data once, stitch and analyze this with precision AI technology, and natively automate end to end workflows. It's a tall order to take data from many different security vendors, analyze it on the fly, and make a decision to stop an attack fast enough. But we're encouraged with the early success of our XIM and cloud platform to do exactly this.
In network security, we also collect all data across all Palo Alto network security products and enable our customers to operate on a single pane of glass with consistent services, which work across all our form factors. We believe our network security strategy is the most comprehensive platform available in the industry, encompassing a majority of the use cases via a single consistent interface. As one of our customers recently said, that's one pane of glass versus many glasses of pane. So while many of our competitors are talking about their platform approach, we don't believe they're equipped to deliver it in the way we can. We feel the cybersecurity industry is embarking into its next phase, where the market will continue to converge towards a fewer set of platformization players over the next 5 to 10 years.
Point solutions will continue to get subsumed in these platform plays. Having started this trend, we intend to be one of those few players. With this being the Q1 of our fiscal New Year, we further oriented our go to market enablement around platformization. Our goal is to broaden the effectiveness of our solution selling across thousands of sellers and arm them to sell the value of our differentiated security outcomes across network security, cloud security, and security operations. With platform specific domain consultants and architects, we are able to bring tremendous focus to our go to market efforts.
I'm again pleased with the results we're seeing. These came through in our Q1 metrics. We added more than 70 new platformizations with about a third coming from our acquisition of Creator SaaS. We ended Q1 with approximately 1100 platformizations. Beyond the number of new platformizations in Q1, we also saw strength in ARR per platformized customer.
Our Q1 ARR per platformized customer was up 6% versus the average we saw during fiscal year 2024. The improvement in ARR is driven not only by our success signing larger transactions, it is also driven by our team's ability to expand existing platformized deployments continuously with new innovation that is delivered. For example, in network security, we have seen significant value from the adoption of advanced subscription services and uptake of add on modules in SASE, such as ATEM or Autonomous Digital Experience Management or CASB. ATEM and CASB are essential for us to be able to deliver AI solutions and AI access capabilities in the future, and we believe this capability will become existential for all SaaS customers. Our Q1 performance keeps us on track to achieve 2,500 to 3,500 platformization deals by fiscal year 2,030.
We're happy with our continued strong growth in NGS ARR in Q1, fueled by our continuous platformization momentum. We see multiple drivers here. Network security customers are increasingly deploying our software and SaaS y form factors, including adopting advanced Zero Trust security subscriptions across them. Over time, these customers have a significant incentive to converge their network security architecture towards adoption of our full suite of 3 form factors. Outside of network security, where we now have well over $2,000,000,000 in NGS ARR, we are also seeing our Cloud Security and Cortex Security Operations business become significant as well.
Last quarter, Cloud Security crossed the $700,000,000 milestone, and this quarter, Cortex crossed the $1,000,000,000 milestone. Looking at the large platform deals, we see a variety of opportunity across all of our customers. We signed a transaction with large technology firm for over more than $50,000,000 This deal was headlined by a SOC transformation where we both replaced multiple SIMs with XIM and XDR. The customer is facing rising costs in their SOC with little automation and adequate visibility into the rising number of tailored attacks at leveraged AI. The customer was a Curate our customer and a year ago had platformized with us in network security.
In this transaction, they added SD WAN as well. Next (LON:NXT), we had a deal north of $15,000,000 in value to the National Hospital System platformizing their network security, which included DLA for our firewalls. The customers focused on both preventing a breach after observing the many high profile incidents in the healthcare industry, as well as reducing operating costs. We displaced a legacy firewall vendor and also set ourselves up for future SASE deployments. In SecOps, we also have an initial Cortex footprint and disputing our customer with an X4 deployment.
A financial institution customer standardizing our firewalls, including an ELA in a transaction for over $20,000,000 after standardizing on our network security platform with SASE in fiscal year 2024. While we had to win the firewall business based on the capabilities of our appliance, our SASE platformization and our consistent NetSec architecture across form factors was a big differentiator. With the benefit of our consistent network security architecture, we were able to streamline operations across the network and drive lower costs. Last but not the least, retrying the transaction greater than $30,000,000 with a physical security services company. The customer signed a large transaction with us last year, platformizing network security and security operations.
In this quarter, the customer expanded both its XiIM and XDR deployments and added SASE network security. This is a challenging deal as there were significant changes as a customer with new IT leadership, including someone who had previously deployed a SASE point product from a competitor. We were able to show both cost savings and a better security outcome from our consistent NetSec architecture. Our expanded Cortex footprint was driven by the customers' confidence that we are helping them identify and stop attacks. Overall, these are representative of our large deal momentum where we saw 3 0 5 transactions over $1,000,000 up 13% and 60 transactions over $5,000,000 up 30% this quarter.
Switching gears, let's take a look at our 3 platforms and how they're supporting our growth. In Network Security, we continue to see steady demand in our product business. The demand continues to be a function of customer refreshes, capacity expansion and selective competitive takeouts driven by the customers' desire to deploy our network security platform across the category. We're also seeing customers who as they move to the cloud are beginning to deploy more and more software firewalls to protect their cloud instances. With the recent upgrade of our products to be able to solve AI use cases, we continue to feel positively about strength in public cloud deployed software firewalls.
These represent 70% of our total virtual firewalls ARR and are driving our growth in this area. SASE continues to drive transformation deals as you saw in our customer stories. The true power of SASE and its extensibility now to our newer use cases helps validate the case for many of our new customers. Our SASE platform has recently integrated AI based monitoring, incremental capabilities to manage AI applications, and even more recently, the Prisma Access Browser, which we will talk more about in a minute. Whilst our SaaS customers grew 20%, more interestingly, 40% of our SaaS customers this quarter are net new to Palo Alto Networks.
This is exciting since it creates a future opportunity post implementation to drive consistency by evolving these customers to the full network security platform. This was true for the financial services customer I mentioned. In addition to landing these Sassy customers, we also have seen success driving large deals with Sassy transactions over $1,000,000 in contract value up 40% in Q1. Critical sustaining our NetSec performance are investments we're making innovation. We released an enhanced security capability for operational technology environments to address the growing challenges our customers face as the number of non IT connected devices accelerate.
Challenges in OT environments include a need for more visibility, a lack of segmentation and unsanctioned remote access. We have brought Precision AI to bear on this challenge, along with our new line of ruggedized firewalls. We also saw strong interest from customers in our broad secure AI by design portfolio with AI access leading the way. Our teams have been busy driving customer engagement. We have hundreds of customers leveraging AI access.
We currently secure over 750 AI applications, a volume which we believe leads the industry and are growing this figure by the day. We are also providing inline data loss prevention for more than 65 applications with this number growing as well. Lastly, as part of our general availability release of our CoPilot capabilities across our 3 platforms, we rolled out the Strata CoPilot. In our development process, we prioritized delivering superior accuracy and we've had fantastic feedback. The Strata CoPilot trained on nearly 50,000 vetted sources, leverages best practices to help guide customers to faster decisions and help accelerate remediation.
We have made a version of Copilot available to our customer support teams, which is beginning to positively impact our time to resolving customer issues, which we believe will continue to improve significantly going forward. I wanna spend a few minutes on the Prisma Access Browser. We acquired Talend Cybersecurity in December of last year. We knew this technology would become increasingly important to secure unmanaged devices such as those used by contractors. We saw an opportunity to acquire high quality scarce asset and be first to natively integrate a secure browser into a SASE offering.
Since then, we have been integrating the Talend Browser with our leading security, DLP and access services and leveraging our broader network security capabilities. This has resulted in a much more robust secure enterprise browser, our Prisma Access Browser. What has been rewarding has been the surge in interest and emergence of various use cases. The browser is the ideal place to counter targeted attacks such as phishing, secure privileged users, and enable access to risky web applications. Customers are deploying Prisma Access Browser as an additional security control that is transparent to the end user.
Customers running the heart of their business on SaaS applications and leveraging emerging AI applications are especially seeing the benefits of Prisma Access Browser as a critical end user security control. Also, the replacement of virtual desktop infrastructure, or VDI, is also starting to emerge as an opportunity. This is a legacy technology for which users are collectively unhappy. We are working to expand the pool of VDI users, which you can address by adding new protocols such as SSH and RDP, and securely enabling mobile device users. Adding our ADEM capabilities to Browser can further enhance the end user experience with Prisma Access Browser compared to VDI.
We've seen significant commercial transaction for Prisma Access Browser, with over 115 new customers and 1,000,000 licenses sold since the time of the Talend acquisition. This traction to Palo Alto Networks ASE customers, including some of our largest customers, highlights our ability to successfully integrate the innovation and the innovative technologies that we acquire and rapidly take to market. Prisma Access has about 16,000,000 active licenses today. Our enterprise customers, the largest Prisma Access cohort, are now eligible to leverage this license to adopt Prisma Access Browser. We're seeing strong interest in this newly integrated capability.
Now moving on to Cortex. A strong momentum in this business continued with us crossing the $1,000,000,000 ARR milestone in Q1, as I mentioned before. We have built the Cortex portfolio steadily over the last 6 years, starting with XDR. Our Cortex offerings have both been recognized as leaders in their markets, but also work together seamlessly as a platform that can deliver superior security operations outcomes for our customers. In Q1, our leadership position continued to be reinforced by third party recognitions, including from Gartner in endpoint protection, Forrester in attack surface management and KuppingerCole in security automation, orchestration response or SOAR.
XIM is a standout within Cortex and we have made significant progress since its release with GA about 2 years We continue to deliver both strong innovation and commercial momentum at XIM. We released over 400 new machine learning detection modules leveraging Precision AI to broaden the scope of our autonomous SOC capabilities. We now have over 150 active XIM customers, about 40 of which have more than $1,000,000 in ARR. We also rolled out a program for managed security service providers in Q1. One of the key highlights this quarter has been our partnership with IBM, including the QRadar transaction that closed this quarter.
This is an amazing burgeoning relationship. I'm excited about the early momentum we're seeing from customers to migrate from QRadar to XIM. Following the close of the deal at the end of August, we have added over 550 QRadar SaaS customers to our Cortex customer base. Since announcing the transaction, we have seen a number of customers sign QRadar to XIM transaction for a total TCV of so far over $80,000,000 as we execute against our well planned go to market programs. Over 500 active XIM customer opportunities on the pipeline across the full SaaS and on prem curated R base worth over $1,000,000,000 in total value.
We're also seeing further opportunity across this customer set with our broader Cortex offerings. This opportunity we see is global, with over half of the installed base outside the United States. We believe that this deal will help us to become one of the top 3 players in the SIM space over the upcoming years. Beyond our success in Cortex and with Excience specifically, I wanted to highlight another trend we see in the market. Many of the attacks we see on our customers are targeting their cloud environments.
The pace of change in cloud is far faster than on prem is challenging for security teams to keep up with, as new code is sometimes being pushed multiple times per day and new cloud services are constantly being adopted by developers. This demand for real time cloud security is driving us to bring together the capabilities of our leading CNAV portfolio, Prisma Cloud, and our Cortex security operations capability, Stop Cloud Attacks. Against this backdrop, we have sold millions of cloud detection and response agents with these deployments up 10x in the 2 quarters since the April launch of our new offering. This has helped drive our combined Prisma Cloud and Cortex customer base, which is up 15% year over year. Interestingly, about a third of our Prisma Cloud customers already use at least 1 Cortex product.
Our combined portfolio can bring superior security, value and operational improvement to our customers. We recently released a new capability integrating our XOAR automation capability in Cortex with our data security posture management or DSPM in cloud to automate the remediation of data security risks identified. We also released our AI co pilots for Prisma Cloud and Cortex to general availability. While early in their adoption, we see significant promise here, driving towards security operations that are machine led and human empowered. In our Cortex co pilot beta, nearly half of users trusted to take security action on their behalf.
With the recent flurry of conversations around AgenTek AI, we have begun embedding AgenTek capabilities across our co pilots. We believe this AgenTek vision of AI will be hugely impactful in security, and we're moving swiftly to adopt that into our products. We continue to drive innovation in our cloud security offerings. We released DSPM from our DIC acquisition. We integrated that into Prisma Cloud to counter the rise in cloud data attacks.
These critical DSPM capabilities enable customers to trace potential attack paths in their cloud environment to determine what sensitive data is at risk, appropriately prioritize their response and remediate automatically. Along with our overall launch of secure AI by design, our AI runtime and AI SPM offerings targeted at cloud environments have also seen positive early traction. Lastly, we also launched another program for managed security providers as customers to enable partners to deliver security service in the customer cloud environment. Before I wrap up and hand the call over to Deepak, I'm going to leave you with a few thoughts. One, we're seeing growing industry validation of our strategy with Q1 marking yet another steady quarter progress.
Platformization is fueling the growth of our NGS ARR and puts us on track to hit our long range targets as we drive sustainable profitable growth. We're signing large transactions with leading global organizations because our approach delivers better security outcomes than the alternative. Over the last 6 years, we have integrated our solution across 3 AI powered platforms and this approach is driving our business. We believe we have the best network cloud and security operational platforms and we will continue to invest across these areas and keep them ourselves at the forefront of the nexus of cybersecurity and AI. Over time, we will steadily bring these platforms closer together to solve problems, leveraging our integrated capabilities and common data.
We hear our customers asking for it and we are delivering on it today with real time security across cloud and Cortex. We also intend to lead these platform convergence opportunities that arise in the future. As you can see in Q1, our conviction and platformization and momentum gives us the confidence to make significant investments, notably in innovation. I believe we are the only dedicated cybersecurity company with the resources and focus to drive consistent innovation and harness a substantial dedicated go to market capability to fuel our differentiated strategy. We are releasing capabilities that our single form factor competitors' network security are not able to offer such as our natively integrated browser in SASE.
Our leading cloud and SecOps portfolio position us to lead in real time cloud detection and response. We're also seeing good early signs from our product and go to market investments around the opportunity to create our customer base to accelerate our Xi momentum further. As for securing AI itself, our secure AI by design portfolio is off to a great start, enabling organizations to confidently and securely leverage AI in the enterprise. If I look at the broader technology industry, we have seen evergreen companies that successfully execute in a platform approach in markets such as CRM, HR, ITSM. We think this will happen in cybersecurity and we are poised to be that company.
Boiling this down to the impact on our fiscal year 2025 outlook, we are raising our full year 'twenty five NGS ARR, revenue and EPS on the back of the strong performance. Also reflecting our belief in the company's future and the momentum and confidence we have in our strategy, we announced a 2 for 1 stock split. This was also done to help ensure our shareholders are accessible to all our shares are accessible to all employees and investors. I'll now turn the call over to Deepak to give you more details of our Q1 performance and higher guidance.
Deepak Golecha, Chief Financial Officer, Palo Alto Networks: Thank you, Nikesh, and good afternoon, everyone. To maximize our time spent on Q and A, I will provide you with highlights of Q1. You can review the results in our press release and the supplemental financial information on our website. Note that we have removed billings and added NGS ARR and RPO to our supplemental financials, reflecting our focus on the latter metrics. In Q1, total revenue was $2,140,000,000 and grew 14%, above the high end of our guidance.
Within revenue, product revenue grew 4%, while total services revenue grew 16%. Drilling into services revenue, subscription revenue grew 21% and support revenue rose 8%. As Nikesh mentioned, the demand for firewall appliances was stable in Q1 and we continue to expect growth of 0% to 5% as we have previously discussed. Our support revenue is mainly tied to our appliance form factor. Moving on to geographies, we saw double digit revenue growth across all of our theaters, with the Americas growing 12%, EMEA up 21%, and JAPAC growing 13%.
Total (EPA:TTEF) RPO grew 20 percent to $12,600,000,000 We added approximately $68,000,000 in RPO sequentially from the acquisition of the QRadar SaaS business. Approximately $30,000,000 of this RPO was also included in our deferred revenue. Our current RPO grew 18% to $5,900,000,000 The average duration of our new contracts remained at approximately 3 years, in line with the year ago quarter and slightly down from Q4. Our NGS ARR grew 40%, finishing Q1 at $4,520,000,000 We added $74,000,000 in NGS ARR from QRadar SaaS. We expect this QRadar NGS ARR to decline to approximately half this amount by Q4 as we focus on upgrading these customers to XIM and growing our XIM ARR.
Also, it is worth noting that about a third of our new platformizations in Q1 came from QRadar. These customers have both, both have over 100,000 in QRadar ARR and are active customers of Cortex XDR and or Cortex XSAR. That is a one time increase as we completed the acquisition. Moving down the income statement. Gross margin of 77.3% was down slightly as we saw the impact of some of our newer SaaS offerings that haven't yet scaled.
We continue to see efficiencies across the company as we focused on driving profitable growth. This resulted in 60 basis points of operating margin expansion and along with some higher interest and other income drove upside to our earnings per share. Our diluted GAAP EPS continues to grow along with our overall profitability and we generated strong free cash flow in Q1 based on collections of our substantial Q4 bookings. On our balance sheet, you will see that our debt balance came down by over $300,000,000 We have continued to see early conversion of our convertible debt, which occurred at the option of the debt holders and was settled by us in cash and equity. Our remaining debt matures in June 2025, although we may continue to see early conversions.
We did not repurchase any shares in Q1 and our buyback strategy remains opportunistic. We continued we have $1,000,000,000 in authorization remaining through December 2025. Before I turn to guidance, I wanted to touch on the early impact we saw as we shifted our focus squarely to RPO and NGS ARR as our top line metrics. We did this believing it would help further drive company wide behavior to optimize our business for long term value creation, and we are encouraged by the early results in Q1. As we drove sales enablement and training to kick off the year, we focused the teams on maximizing exit ARR and deal profitability as compared to specific invoicing structures.
I'm encouraged by some early signs we saw in Q1 where we reduced cycle times within certain steps of our deal close process. We also saw a handful of larger deals that worked their way through the process more smoothly than in the past. For example, a 7 figure Sassy deal with 1 of the world's largest semiconductor companies accelerated through our process after we structured the deal around annual billings as compared to prior Panafest proposals, which would have needed longer scrutiny and approvals at our customer. In another 7 figure transaction for XTR with a healthcare customer, we were able to structure a deal to accommodate the customer's payment terms requirements, while focusing on maximizing exit ARR. We look forward to building on this to drive further improvements and predictability in our business as we focus squarely on NGS ARR and profitability in our deals.
In Q1, we focused our PanFS financing capability on transaction where it was best suited, resulting in a meaningful reduction in the volume of these transactions. Instead of Panafest, we leveraged annual invoicing, which can be simpler for customers, especially when procuring SaaS offerings. Last quarter, I mentioned to you that we would have expected our billings to grow 12% this fiscal year if we did not change any of the practices in our business that impact billings. After reviewing Q1 results, this would continue to be true under the same assumptions. The quarterly analysis of billings is no longer meaningful as it does not reflect how we now run the business.
Based on our Q1 performance, we also remain confident in our cash flow outlook for the year. With that, let me turn to guidance. For the fiscal year 2025, we expect NGS ARR to be in the range of $5,520,000,000 to $5,570,000,000 an increase of 31% to 32%. As a reminder, this guidance includes the contribution of QRadar SaaS of about half of the approximately $74,000,000 in ARR from QRadar in Q1 as well as incremental momentum in our NGS offerings Nikesh and I discussed. Remaining performance obligation of $15,200,000,000 to $15,300,000,000 an increase of 19% to 20% revenue to be in the range of $9,120,000,000 to $9,170,000,000 an increase of 14% operating margins to be in the range of 27.5 percent to 28 percent diluted non GAAP EPS to be in the range of $6.26 to $6.39 an increase of 10% to 13% and adjusted free cash flow margin in the range of 37% to 38%.
For the 2nd fiscal quarter, we expect NGS ARR to be in the range of $4,070,000,000 to $4,750,000,000 an increase of 35% to 36 percent remaining performance obligation of $12,900,000,000 to $13,000,000,000 an increase of 20% to 21% and revenue to be in the range of $2,220,000,000 to $2,250,000,000 an increase of 12% to 14%. We expect diluted non GAAP EPS to be in the range of $1,540,000 to $1,560 per share, an increase of 5% to 6%. We included our typical modeling points in the presentation for you to review. Finally, as Nikesh noted, we announced today a 2 foot 1 split of Palo Alto Networks common stock. This decision is supported by underlying confidence in our continued business momentum and by our desire to make our stock more accessible to our employees and a broader group of investors.
Shareholders of record at the close of trading on December 12, 2024 will receive 1 additional share after the close of trading on December 13, 2024 for every outstanding share held on December 12. Our stock will begin trading on a split adjusted basis on December 16, 2024. With that, we will roll one more video and then we'll start Q and A.
Customer Representative, NXP (NASDAQ:NXPI): NXP is a global semiconductor company with operations in more than 30 countries. We are a trusted partner for innovative solutions in the automotive, industrial and IoT, mobile, and communications infrastructure markets. Upon a comprehensive evaluation of available solutions, it became clear that Palo Alto Networks offers a holistic and integrated approach through a unified management platform. This platform not only supports our 0 Trust strategy and digital transformation initiatives, but also addresses the complexities and risks associated with managing diverse point solutions across multiple teams. By capitalizing on Palo Alto Networks AI ready platform approach, we anticipate improved security outcomes through operational efficiencies and accelerated response times in our modern security operation center.
We expect this platform to enable us to simplify security by conducting a thorough review of all cybersecurity tools and identifying opportunities for consolidation.
Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development, Palo Alto Networks: To allow for broad participation in the Q and A, I ask that each analyst only ask one question. Our first question will come from Saket Kalia from Barclays (LON:BARC), followed by Brad Zelnick from Deutsche Bank (ETR:DBKGn). Go ahead, Saket.
Saket Kalia, Analyst, Barclays: Okay, great. Hey, guys. Thanks for taking my question and nice start to the year. Maybe this is a question for both you, Nikesh and Deepak. The platformization strategy is clearly starting to hit its stride.
And we've talked about the ARR implications of that longer term, specifically the long term ARR target. But I'm curious if we can just talk about the margin implications from platformization long term as those deals tend to be bigger and also tend to have higher lifetime value?
Nikesh Arora, Chairman and Chief Executive Officer, Palo Alto Networks: Well, I'm going to add Deepak to add, but look, we look at margin. If you look at the biggest cost on any enterprise company's P and L, it's cost of sales by far. The 2nd largest cost is your COGS as it relates to cloud spend. Now, we are privileged to have some amazing deals with 2 large cloud service providers, which allow us to maintain margins that are consistent almost with on prem solutions that other people do because of our scale. And we expect that to continue to improve over time.
So that at one end, that's a significant factor. The second significant factor towards margin improvement is, as I mentioned, cost of sales. So the more we can platformize with existing customers and have large deal sizes of customers, it reduces our effort. We don't have to get 20 deals to get 20,000,000 dollars like some of our peers. We get one deal for $20,000,000 which means the cost of sales is lower on an incremental basis as we establish the land and expand strategy from a customer perspective.
And last but not the least, I sort of alluded to it. We're noticing some very interesting outcomes from a customer support perspective, which ends up being the 3rd largest area of cost. We're seeing, in some cases, our Tier 1 support cases are getting solved by support co pilots, which our support teams are using. So we're significantly reducing the time to resolution of support tickets, at least on the sort of simpler end for now. But we as I said, we've trained 50,000 data points into our network security co pilot.
I think as we get better and better at training our models and training their customer support co pilots where we have fully revamped the way we collect data on customer issues, I think there's tremendous potential there to give us future margin expansion. So, I think across the board, margin expansion on COGS, margin expansion from lower cost of sales, and margin expansion from customer support automation.
Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development, Palo Alto Networks: Great. Thanks, Saket, for the question. Next up is Brad Zelnick from Deutsche Bank, followed by Hamza Fodderwala from Morgan Stanley (NYSE:MS). Go ahead, Brad.
Brad Zelnick, Analyst, Deutsche Bank: Great. Thanks so much, and congrats on a strong start to the year. Nikesh, your NetSec competitors are talking about hardware refresh cycles, and I appreciate hardware is a much smaller part of your mix. So I won't bother asking why you're not expecting a refresh benefit like they are.
Nikesh Arora, Chairman and Chief Executive Officer, Palo Alto Networks: Over to their refresh cycle, so we get a chance to take out their customers and replace them with Palo Alto. So I'm delighted there's a refresh cycle in the market.
Brad Zelnick, Analyst, Deutsche Bank: And that's exactly what I wanted to ask. Instead, how should we think about their refresh impacting your opportunity, both in the positive sense that you can go in and displace them as their boxes reach end of life, but also perhaps as a headwind? If they're using the event to bundle in SASE, SecOps and other next gen capabilities, are you running campaigns actively to go after this? Thank you.
Nikesh Arora, Chairman and Chief Executive Officer, Palo Alto Networks: So Brad, let me parse that out. Actually, I know I spoke fast and English is my second language. So I did try to subtly land in there that I am positive about hardware. Or I said we're seeing steady growth in hardware both from refreshes of boxes for our customers. We're seeing expanded demand for new use cases like ruggedized and IoT etcetera.
And last but not the least, we are seeing slow and steady takeouts of other customers. So what's happening is our SaaSie cohort from 2 or 3 years ago, very landed with SaaSie. As that end of life happens and that customer base for firewalls, they turn to us and say, Now I know the Palo Alto security interface. I don't have to learn it. And they can just put firewalls hardware firewalls against that SASE management pane.
Because we have the same security management pane across SASE. So, it's not going to be revolutionary, but it is going to be evolutionary. If you look every year, our market share hardware firewalls goes up 2 to 300 basis points. So we think there are donors in the market of market share who will constantly keep donate market share as they hit their refresh cycles. And there are acquirers of market share and we're hopefully one of those.
So I actually have a steady expectation from product hardware, which I think is going to underpin our growth across the board over the next few
Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development, Palo Alto Networks: years. Great. Thanks for the question, Brad. Next is Hamza Fodderwala from Morgan Stanley, followed by Brian Essex from JPMorgan (NYSE:JPM). Hamza, go ahead.
Hamza Fodderwala, Analyst, Morgan Stanley: All right. Great. Good afternoon. Thank you for taking my question and great to see the success with Prisma Access Browser year into that acquisition. Nikesh, I wanted to get your just maybe early view into 2025.
I mean, on the one hand, there's some optimism on the macro. You have a lot of new products. On the other hand, CIOs, CISOs, they still want value for what they're spending. There's some talks about the incoming administration looking to perhaps roll back certain regulations, maybe cut entire civilian agencies. You're a big seller into the federal government.
So I'm just curious how you weigh those puts and takes as you look into 2025. Thank you.
Nikesh Arora, Chairman and Chief Executive Officer, Palo Alto Networks: Thank you Hamza for a great question. Like I think the most if you separate signal and noise, the biggest signal is AI in the next 12 to 48 months. And AI is already having significant impact both on the attack side. Attacks are getting faster and faster and quicker. Is AI is possibly being used to evaluate what are the more vulnerable parts of your infrastructure so we can go after that.
So I think from a cyber incident perspective, unfortunately, it's not going to slow down. Right? And that's the biggest driver of improved security posture and improved higher spend from CIOs. I think you're right. There is a consolidation.
Let me spend less money for security. And there we are discovering it's a more top down motion than it is a bottom up motion. And as you're aware, we're expending a lot of effort towards interacting with CIOs and C level executives. And actually we're spending a lot more time with our GSI partners trying to address that issue because they are typically involved in the transformation stage where we say let's take all of this stuff and put it together and replace it. So we're seeing early success.
As I said, we should have done that sooner because when we sit across this here and say look you have 9 different products. You could bundle it together, take it down, have one management pain, and you'll save a lot of costs because and they understand because we're not ingesting data 9 times across 9 products. We're ingesting it once, analyzing it 9 times, and giving them the outcomes want. So I think the trend is in our favor. As regards the incoming administration, I think clearly a higher standard deviation administration by the sounds of it.
And higher standard deviation implies more risk and more risk implies possibly a more return.
Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development, Palo Alto Networks: All right. Thank you, Hampta. Next up is, Brian Essex from JPMorgan followed by Joe Gallo from Jefferies. Go ahead, Brian.
Brian Essex, Analyst, JPMorgan: Thanks, Walter. Thank you for taking the question. And great to see the strong profitability and cash flow, by the way. I want to ask about the integration between Cortex and Cloud and wanted to understand, when did that kind of hit the market? Is it typically led by Cortex or cloud?
And how should we think about how that positions you competitively, not just in the cloud security market, but across all of Strata, Prisma, Cortex segments of the business.
Nikesh Arora, Chairman and Chief Executive Officer, Palo Alto Networks: So look at a higher level, the cloud market is effectively right now three parts, right? There's the entire configuration management part, which is the CNAB part and posture management part. There is the blocking real time threats and protecting enterprises part, which is the CDR cloud detection response part. And then there's the cloud net the network traffic that needs to be inspected from a firewall perspective. We're clearly leaders in the network traffic part as we talked about.
70% of our use cases now public facing cloud service provider traffic. We are still one of the leaders in the CNAP space from our early start in Prisma Cloud. But what I think is going to happen in the next few years is market is going to shift more and more towards the real time security side on cloud, which is where CDR, Cloud Socks, XIM become more and more important. So almost every one of our XIM deals, there is a portion of that that is deployed towards cloud security now. And having that data together allows us to prioritize all the configuration issues and separate again signal from noise.
So, I'm going to let Lee describe a bit more about how we see that evolving. But I think that will chain the cast of characters who are going to win in Cloud security in the future.
Lee Klarich, Chief Product Officer, Palo Alto Networks: Yeah. Thanks Nikesh. Thanks, Brian, for the question. You picking up where Nikesh left off, if you think about sort of end to end cloud security, there's the all of the work that goes into sort of the cloud posture side generates a lot of data and understanding about what assets are deployed, what workloads are deployed, how they're configured, how they might be vulnerable or susceptible to attack. And by connecting that with CDR, it allows us to both leverage that for better protection of the Cloud workloads in real time and vice versa, it allows us to leverage all the runtime Cloud runtime components back into posture from a mediation perspective.
And so we initiated this, earlier this year with the initial launch of CDR, which basically connects Prisma Cloud with Cortex. And then since then we've been continuing to iterate on that and drive closer and closer integration between those two platforms.
Brian Essex, Analyst, JPMorgan: Great. Thank you.
Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development, Palo Alto Networks: Great. Thanks, Brian. Next up, Joe Gallo from Jefferies followed by Matt Hedberg from RBC. Go ahead, Joe.
Joe Gallo, Analyst, Jefferies: Hey, guys. Thanks for the question. I think you could characterize cyber guidance broadly for calendar 4Q is tepid at best, but yet your F2Q guide calls for an acceleration in RPO and really strong ARR. So I mean, what are you seeing with budget flush or Fed or pipeline that's allowing you to kind of defy the gravity that others are feeling? Thanks.
Deepak Golecha, Chief Financial Officer, Palo Alto Networks: Well, I think we covered a lot of these, Joe, in our prepared remarks. I mean, we've got a product portfolio that we feel very proud of. We've just recently done an IBM acquisition where we have a lot of additional pipeline that's coming through the pipeline there. And hopefully we've proven over the last few years that we have a forecasting process that we feel comfortable like manages the business. So, I don't want to comment about others, but we really focus more on what we see.
And maybe your comment is just proof positive that our platformization strategy is working and it's somewhat unique.
Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development, Palo Alto Networks: Great. Thanks for the question, Joe. Matt Hedberg, go ahead, followed by Greg Moskowitz after that.
Speaker 0: Thanks for taking my questions, guys. What stood out to me with the large deal success was striking. And you spent a lot of time talking about platformization. It seems like Q1 brings a whole another level to it. Could you talk about specifically on the SIEM side of it?
The NGS, it really does seem like there's a next gen SIEM replacement opportunity here. And we've talked a lot about some of the competitors with Splunk (NASDAQ:SPLK). Can you talk about just like what could what are some of the catalysts to get unlocked some of these large replacement deals? I know they take a long time, but curious if there's anything that you guys can do to accelerate that.
Nikesh Arora, Chairman and Chief Executive Officer, Palo Alto Networks: Matt, look, we're very happy. In 2 years since, going GA on XIM, we're positively enthused about the progress we've made. We've crossed $1,000,000,000 in ARR and Cortex. We're seeing larger and larger XIM deals. We have 150 customers.
And as we mentioned, we have a robust pipeline north of $1,000,000,000 And this is the fastest growing product in the history of cybersecurity at scale. Now, the good news is there are 2 or 3 very interesting characteristics of the SIEM market. If you look at the SIEM market, 90% of the SIEMs are of technology that is 10 to 15 years old. If you go back and look at the history of what SIEMs are, whether it's QRadar, LogRhythm, Exabeam, JASP, Sumo Logic, Splunk, these things are 10, 7, 10, 15 years old. I think there's a new breed of SIM players that is fast coming in to replace these legacy SIMs.
I think we're going to go through a SIEM replacement cycle that we went through the endpoint replacement cycle from Symantec (NASDAQ:GEN) and McAfee to the XDR vendors. I think it is the moment of SIEM now for the next 5 years. Now interestingly, every SIEM deal that we see, we are able to deliver a much better security posture and mean time, median time to remediate and detect, which is better than the current deployment and we're able to save cost. So, from a compelling proposition perspective, this is a no brainer. You come and say, I know you're spending $10,000,000 a year running your SOC.
I can do it for 9. I can consolidate and I can improve your median time to remediate from 4 days in many cases from 19 minutes to 4 hours. So, that's a compelling proposition. We are seeing tremendous amount of interest in the market. We have created a compelling event in the case of QRadar customers because they have to migrate to us or elsewhere.
And we're seeing enough traction where people are considering Palo Alto instead. So, I think the next 3 to 5 years, you will notice that the entire $20,000,000,000 TAM of SIEM is going to go through upheaval.
Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development, Palo Alto Networks: Great. Thanks for the question, Matt. Next up, Greg Moskowitz from Mizuho (NYSE:MFG), followed by Rob Owens from Piper Sandler. Go ahead, Greg.
Greg Moskowitz, Analyst, Mizuho: Great. Thanks for taking the question. Nikesh, now that we're a few quarters into the platformization go to market, I'd love to get a little more of a flavor of how it's going. Is there an aspect or 2 of the strategy that's been most successful so far? For example, if you were to look at traction with legacy trade ins versus introductory offers or more multiproduct incentives, what would you say is resonating the most with that with customers?
Nikesh Arora, Chairman and Chief Executive Officer, Palo Alto Networks: The thing that seems to resonate the most, Greg, is elimination of execution risk. And what I mean by that is when I go to a customer saying, okay, let's go do this in a phased manner, we'll replace your SASE or deploy SASE for you and then Phase 2 will come in and replace your firewalls, they like that. If I say, don't worry, I'll start executing today and you can start paying me when you stop paying the other vendor, that's kind of the that's like the golden bear hug because the biggest risk they have is wait. I have to go extend that other deal by 1 year. Guess (NYSE:GES) what?
That you're sending a signal to the other vendor. You're out in the air, so the prices go up. And when I say, don't worry about it. Let's start executing now. When we're deployed, you can pay me when the current contract expires.
So that elimination risk is resonating the most. Again, the customers fully understand that we're going to get our pound of flesh in the year 2 or year 3 of that deal. So they understand there is no free lunch. But eliminating that execution risk goes a long way. I think the, as I said to Hamzah and I said in our prepared remarks, it really helps us step back and say, Look, what are you trying to achieve?
I mean, in many cases we've been able to converge XDR and SIM RFPs, for example. Saying, Listen, 50% of data is going to go into XDR, which is going to be 1 vendor. That data is needed for AI based or machine learning based analysis across the entire stack. Why wouldn't you make sure that that data can be part of the SIEM and be used to improve your posture and get better, faster outcomes?
Greg Moskowitz, Analyst, Mizuho: Thank you.
Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development, Palo Alto Networks: Great. Thank you, Greg. Next question, Rob Owens from Piper Sandler followed by Gray Powell from BTIG.
Rob Owens, Analyst, Piper Sandler: Yeah. Thanks, Walter. And Nikesh, as part of your prepared remarks, I'd love for you to build on the data security. And you know, another one of those holy grails alongside next generation SIM, of course, is data that everybody's chasing. So what you're seeing from end customers, I know you've made acquisitions of a DSPM capability in the space, but how you see Palo Alto's evolution longer term relative to the data opportunity?
Thanks.
Nikesh Arora, Chairman and Chief Executive Officer, Palo Alto Networks: Rob, this is my perfunctory question I have to give to Lee otherwise he's talking
Rob Owens, Analyst, Piper Sandler: to me. Sounds good.
Lee Klarich, Chief Product Officer, Palo Alto Networks: Thanks, Rob. Look, if you take a step back, data security is a longstanding sort of product category that's often been very painful. It's difficult to be accurate in data classification. It's difficult to figure out what policies to enforce, and it's difficult to do that holistically everywhere the data might exist and need to be protected, right? There's so there's 2 pieces to our, data security strategy that you've seen us evolve.
1st is around getting coverage of all the places where data might exist and improving the data classification capabilities within those. So, over the last 6 months we've launched AI based data classification, leveraging large language models, machine learning models to get more and more accurate in the data classification, being able to apply that to all different places where data can exist and move. The second piece, and very importantly, is the tie in with Prisma Access Browser. The way that users interact with data, access it, download it, share it is one of the highest risk areas for data security and historically has been very difficult to get all of the necessary context for enforcing an accurate policy. Within the secure browser, we get all of the context needed.
And what we're already seeing with the early adopters of Prisma Access Browser is the realization that this one component of what it does is effectively a next gen data security component for how they secure data interaction with all of their employees. And this is part of the reason why the browser is expanding from being primarily focused on unmanaged device and third party contractors to actually being something that applies to all devices and all users across the entire enterprise.
Nikesh Arora, Chairman and Chief Executive Officer, Palo Alto Networks: Great.
Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development, Palo Alto Networks: Thanks, Rob, for the question there. Next up is Gray Powell from BTIG, followed by Andy Nowinski from Wells Fargo (NYSE:WFC). Go ahead, Gray.
Gray Powell, Analyst, BTIG: All right. Great. Thanks for letting me ask a question on the call. I really appreciate it. So I have to admit, I'm a little confused on the NGS ARR statistics.
If I look at the numbers and back out the QRadar deal, you added around $230,000,000 in net new ARR this quarter versus $270,000,000 a year ago. That metric has never been down on a year over year basis before. So is there something I'm missing or something with the acquisition that maybe I'm not thinking about? Or just like what was the driver there? And then for the full year increase to NGS ARR, how much of that is organic versus full visibility on the QRadar asset?
Deepak Golecha, Chief Financial Officer, Palo Alto Networks: So let me answer both, Graeme. Let me just start off with the NGS ARR was above our guidance. So some of this we already knew when we provided the guidance. But some of the products that move into NGS ARR have also been the advanced versions of our cloud subscriptions from a year ago. So things that were attached to our firewalls where we made them cloud enabled, some of that happened last year, which is what led to a lot of the increase in the ARR.
We're now lapping that. We're not so that's really the bigger explanation of the base. We knew that. That's why we included that in our guidance to begin with. When it comes to what's happening with QRadar, we talked about the one time benefit.
Our strategy is to convert all of the customers to XIM. Over time, we expect about half of that to occur within this year. So, we would expect maybe half of that, additional NGS ARR to be there by the end of the year. Great.
Nikesh Arora, Chairman and Chief Executive Officer, Palo Alto Networks: I think to recast what Deepak said, you have seen the peak inorganic NGSA ARR this quarter at $74,000,000 or is that the number from IBM? And half of that we will migrate to us and we expect half of that still stay on KeyRoc for through the end of this fiscal year. So there's no more net new inorganic NGSA are expected this year.
Brad Zelnick, Analyst, Deutsche Bank: Understood. Okay. Thank you.
Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development, Palo Alto Networks: All right. Great. Thanks, Ray. Next up, Andy Nowinski from Wells Fargo followed by Fatima Balani from Citi. Go ahead, Andy.
Andy Nowinski, Analyst, Wells Fargo: Great. Thank you. Good afternoon, and great results, this afternoon. I wanted to ask you about the Prisma SaaS. You highlighted a number of large deals that either deployed SaaS or they expanded with SaaS.
And I know it's bringing in a lot of new customers, which is great. But I was wondering if you could provide an update on the growth of ARR from that solution, whether, you know, those new customers you're bringing into Palo Alto onto the platform are coming at the expense of other vendors, Or are those, were they just not using any SaaS solution previously? Thank
Nikesh Arora, Chairman and Chief Executive Officer, Palo Alto Networks: you. So any, all of the above. There are some customers who are going through a network transformation and they're now replacing their legacy VPN clients or other solutions they've had in the past. In some cases, there are competitor vendors who only had a internet proxy based deployment with legacy VPN, or in some cases Palo Alto VPN, which is converting to a full SASE solution from us. So we see all variants of that.
As we said, 40% of them are net new logos to us, which means they were not deploying a Palo Alto VPN. They are deploying our SaaS solution. So we're seeing all of that. I just think the SaaS market, as I've said in the past, is a fast growing market. We have clearly established ourselves as one of the top 3 players in the market.
I think we're definitely growing faster than some of the others, one or at least one more of the other top 3 players in the market. And we particularly like the SaaS space because we're always innovating, providing new stuff. As you know, we've basically, as I said in my remarks, we've made it available to every existing SaaS customers. They can deploy Prisma Access Browser for the unused licenses. So they can actually experience the browser.
It's integrated. It's in the same management pane. There's the same UI. Yeah. So I guess feel positive about it.
We haven't quite reached $1,000,000,000 yet as the way we've told you, but, we're looking forward to it.
Brad Zelnick, Analyst, Deutsche Bank: Thank
Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development, Palo Alto Networks: you. Great. Thanks, Andy. Fatima Boolani from Citi is up next. And our last question will be from Roger Boyd from UBS.
Fatima, go ahead.
Fatima Balani, Analyst, Citi: Thank you. Good afternoon. I appreciate you taking my questions. I think the topic du jour is definitely QRadar and a lot of the momentum that you've been seeing, the $80,000,000 or more than $80,000,000 of bookings that you've already seen in a short amount of time. What I wanted to actually shift gears on is on the on premise side of the QRadar business.
And Nikesh, some of your commentary, which I think is so apropos, there is just a stodgy, stale technology in the SIM market, right? So that $500,000,000 or so of revenue that is just still captive in the QRadar on premise space, what is the thought process, the strategy to really forklift those customers to the Goody's and XIM? And as you think about the arc of the next 12 to 24 months, how should we think about, you know, a multiplier effect on that business to really, give Cortex booster shot to have it potentially be your biggest pillar?
Nikesh Arora, Chairman and Chief Executive Officer, Palo Alto Networks: Yeah, Fatima, I, we had our board meeting yesterday and one of my board members and I had this debate about which deal is going to look like the best deal Palo Alto ever did. And my bet isn't the IBM deal. He bet on the Talend deal. Of course, I like both of them to be equally successful. But specifically as it relates to Curator, our teams are very focused.
Since close, we've called the top 500 customers and reached out to see if we can support the migration from Curator to Palo Alto. This is irrespective of whether they are Que Rock or on prem. I mentioned a $1,000,000,000 pipeline. That $1,000,000,000 pipeline is a hybrid pipeline of both Que Rock and on prem customers. The message is out there to on prem customers that this technology will also over time be migrated.
And I have to say IBM is doing a phenomenal job working with us and being proactive with those customers. We go I had a call yesterday with the CIO where IBM and us were together in the room where we're talking to the customers saying they will provide the migration services. They'll work on the on the migrating the rules from QRadar to Palo Alto XIM and we're going to do it together. So look, it's we haven't done a partnership like this ever in the history of our company. I haven't seen 1 in the cybersecurity industry yet.
We have a lot of expectations, but it's a lot of execution, a lot of hard work. It's not going to happen because I snap my fingers. But our teams are focused. We're dedicated. We're trying to do that.
I think this will propel us into the top 3 SIM players in the market in the next 2 years from nowhere. We did not play in this space 2 years ago.
Brad Zelnick, Analyst, Deutsche Bank: Thank you.
Fatima Balani, Analyst, Citi: Appreciate that.
Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development, Palo Alto Networks: Last question, Roger Boyd, to wrap it up. Go ahead, Roger.
Roger Boyd, Analyst, UBS: Great. Thanks, Walter. Deepak, you noted that contract duration on new business remained constant at roughly 3 years. Can you comment on what you're seeing with renewal and upsell business? And particularly when customers are renewing on a platform deals and adopting Ex I'm which carries longer duration.
I guess as we look to gauge the success of some of these platformization deals, shouldn't we expect to see contracts lengthen as customers, place more strategic bets on your platform? Thanks.
Deepak Golecha, Chief Financial Officer, Palo Alto Networks: Yes. So I think Roger, it's a thanks a lot for the question. Look, at the end of the day, we're a large company with lots of different customers. We're definitely seeing the dynamic that you mentioned on some customers. We also see dynamics where other customers are saying, look, I know there's a lot more innovation to come.
Let me go shorter duration on the renewals because that could be ahead of a large platformization in the future. So we see a little bit of everything. I think on the renewals, just the data trended slightly up, but nothing significant.
Brad Zelnick, Analyst, Deutsche Bank: Got it. Super helpful. Thank you.
Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development, Palo Alto Networks: Great. Thank you, Roger. And that will end the Q and A. I'll turn the call back over to Nikesh for his closing remarks.
Nikesh Arora, Chairman and Chief Executive Officer, Palo Alto Networks: Thank you everyone once again for joining us. As I said, I'm very excited about our great start to FY 'twenty five. We look forward to seeing many of you at upcoming investor events. I also want to thank all of our employees who put in a lot of hard work to help us deliver these amazing results. And also of course, want to thank all of our customers to Trustee in Palo Alto, for delivering, cybersecurity solutions to them.
With that, have a wonderful day.
This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.