Palo Alto Networks Q2 2025 Earnings Call Transcript

Quartr
Provided by Quartr
February 13, 2025

There are 14 speakers on the call.

Operator

bravely. Good day, everyone, and welcome to Palo Alto Networks' second quarter twenty twenty five earnings conference call. I'm Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development. Please note that this call is being recorded today, Thursday, 02/13/2025, at 01:30 p. M.

Operator

Pacific Time. With me on today's call to discuss second quarter results are Nikesh Arora, our Chairman and Chief Executive Officer and Deepak Golecha, our Chief Financial Officer. Following our prepared remarks, Lee Klarich, our Chief Product Officer will join us for the question and answer portion. You can find the press release and other information to supplement today's discussion on our website at investors.paloaltonetworks.com. While there, please click on the link for quarterly results to find the Q2 twenty twenty five supplemental information and the Q2 twenty twenty five earnings presentation.

Operator

During the course of today's call, we will make forward looking statements and projections regarding the company's business operations and financial performance. These statements made today are subject to a number of risks and uncertainties that could cause our actual results to differ from those forward looking statements. Please review our press release and recent SEC filings for a description of these risks and uncertainties. We assume no obligation to update any forward looking statements made in the presentation today. This presentation contains non GAAP financial measures and key metrics related to the company's past and expected future performance.

Operator

Non GAAP financial measures should not be considered a substitute or financial measures prepared in accordance with GAAP. The most directly comparable GAAP financial metrics and reconciliations are in the press release and the appendix of the investor presentation. Unless specifically noted otherwise, all results and comparisons are on a fiscal year over year basis. All per share figures have been adjusted for the two for one stock split that we announced 11/20/2024, and affected after the close of trading on 12/12/2024. We also note that management is scheduled to participate in the Morgan Stanley Technology Media and Telecom Conference this quarter.

Operator

I will now turn the call over to Nikesh.

Speaker 1

Thank you, Walter. Good afternoon, everyone, and thank you for joining us today for our earnings call. I'm excited about our Q2 results. Our teams did a phenomenal job of executing at scale. We made considerable progress in platformization, allowing us to outperform both our top and bottom line expectations for this quarter.

Speaker 1

We delivered on our high RPU expectations towards the top of the range. This This gave us strength in our NGS ARR and also allowed us to outperform our revenue expectations. In Q2, growth was pretty broad across the entire portfolio with strength across all three geographies and platforms. In particular, we saw strong performance from large deals internationally and also strong contribution from SASE, software firewalls, and XIM. On the profitability front, we delivered operating margins ahead of our internal target despite some onetime events.

Speaker 1

Our efficiency initiatives continue to bear fruit, including some promising early contributions from AI. These results allow us to raise our operating margin and EPS guidance for the year. We're also very happy with our free cash flow performance and continue to be confident in managing our free cash flow guidance over the next few years as outlined. More from Deepak on this later. From our vantage point, the outlook for cybersecurity seems to have been robust in Q2 and is likely to stay so over the rest of this year.

Speaker 1

Despite the settling in process of the new administration, we see signs that we are going to be able to see reasonable growth through the rest of the year. As the conversation around AI continues to get omnipresent and companies race to evaluate, experiment, and deploy AI, they're discovering that some of the legacy architectures come in the way of their aspirations. Interestingly, this is resulting in a resurgence of cloud transformation projects and, consequently, demand for network security and network transformation. While cybersecurity is a derivative effect, it is clear that the longer term trend towards AI is going to continue to underpin technology transformations and hence continue to drive demand for security. The transformations are all geared to embedding AI capabilities across infrastructure.

Speaker 1

Additionally, many of them involve changing strategies towards data and a growing understanding that data security will be more and more important in the future. We see that from the heightened interest in data security posture management where our acquisition of DIG seems to be proving presigned. To fully harness the power of AI, customers must unshackle their data from disparate legacy systems and providers and open up broader access and lean into the cloud. Cloud infrastructure is much more dynamic than on prem IT creating risk. As cloud data volumes grow and customers utilize new services from the cloud service providers such as modern data repositories, they're doubling down and ensuring they're protecting their cloud environments from development to runtime, understanding who's accessing what data in the cloud and putting controls around these new services.

Speaker 1

In other words, the cloud is becoming an integral part of the enterprise, and the same level of security must be delivered. A constantly changing attack backdrop is also compounding this inflection we have seen. There are tangible signs that bad actors use AI to accelerate attacks. Google recently found that adversaries can use generative AI to more rapidly create attacks, including custom payloads, iterate on malicious scripts, and use evasion techniques. Additionally, bad actors are using Gen AI to do reconnaissance of target organizations, including their infrastructure and hosting providers, which are often exploited in attacks.

Speaker 1

We have a new technological revolution that requires us to secure AI. As customers leverage the cloud, transform on prem infrastructure, and respond to the escalating threat environment driven by AI, they're transforming how they manage security operations. Legacy offerings cannot unify SecOps across cloud and on prem, across multiple vendors, and also take advantage of AI. AI is key for providing automation to help stitch together overwhelming volumes of data and generate the near real time analysis and remediation needed to keep pace. As I said, security is a data problem, and the data has to be all in one place for AI to have context and stop threats in their track.

Speaker 1

R and D industry has to change the paradigm by shifting from fragmentation to platformization to enable the best security outcomes. In a recent study we did with IBM, platformized organizations take seventy two days less to detect and eighty four days less to contain a security incident. Our teams are busy helping customers as they accelerate cloud adoption and transformation across their environments. They need integrated security products and platforms for AIB to be most effective in staying ahead of this active cybersecurity landscape. A year end, we're pleased with our progress in driving our platformization strategy and the adoption and door and endorsement of platformization broadly across the industry.

Speaker 1

As I mentioned a few quarters ago, I wish we had made this move earlier. We're seeing some interesting behavior that reinforces our conviction that the future state of cybersecurity will have to be AI enabled platforms that can markedly improve the speed of response. We delivered approximately 75 new platformizations in q two, up from approximately 45 in the year ago. We now have a total of over eleven fifty platformizations within our top 5,000 customers. As you might expect, most of our platformizations start with network security and are from customers that are platformized in one area.

Speaker 1

However, our number of two platform customers grew over 50% in Q2, and we're seeing a number of three platform customers up three times year over year. Also, the number of customers platformized in Cortex is up more than three times, reflecting our strong XIM momentum. We're excited to see the number of parts we have had success driving the strategy so far, and our Q2 performance keeps us on track to achieve our stated target of 2,500 to 3,500 platformizations by fiscal year two thousand and thirty. Investors have always asked me what platformization deals look like, so I wanted to provide a few example based on deals we signed this quarter. A bank in Asia signed a transaction worth over $65,000,000 in q two, platformizing with us for the first time in Cortex with a significant XIM deployment.

Speaker 1

They have been leveraging XDR and other Cortex capabilities several years ago, but also a network security customer and a QRadar customer. They had many point products in their SOC and were not getting the outcomes they needed, but limitations in the time to discover and remediate security incidents resulting in compliance issues. In platformizing on Cortex, our NGSIAR with this customer increased by five times, over $12,000,000 year over year. We look forward to driving a successful deployment here, which can be an avenue to platformizing a network or cloud security in the future for this customer. A US municipality signed into that transaction over $60,000,000 thus, which included renewal of its network security estate and expansion across our portfolio.

Speaker 1

The customer leverages all three of our four form factor of our form factors within network security and is already platformized there. The deal also included Cortex and Prisma Cloud, which positions us well for future platformization in these areas. Our GSAR here increased over 40% in the last twelve months to over $11,000,000 European automated automotive manufacturers signed a $25,000,000 transaction in q two that already platformizes us in network security and cloud security, that has several capabilities as they renewed their firewalls and support footprints, including IoT, virtual firewalls, and SASE. This is a complex customer, and we also secure business with them in Cortex, with XDR, XR, and Expanse as well as Prisma Cloud. In doing so, we're now well positioned in the future to consolidate the SOC opportunity with XIM.

Speaker 1

For this customer, the NGS ARR grew 50% to $9,000,000 More broadly than these anecdotes, the growth in our large deals tells a story. We had 74 accounts that had transactions over $5,000,000 in Q2, up 25% year over year, and 32 accounts that had transactions over $10,000,000 up over 50%. Now moving on to an update about our first security platform, network security, NetSec. Our Q2 NetSec momentum was driven by strong software demand. We continue to lead the market in network security, which is approximately 80% of our bookings.

Speaker 1

Our Zero Trust platform combines three best to beat form factors built in a consistent architecture. This is fast becoming a requirement as applications proliferate across data centers, hyperscalers, SaaS, and leverage AI. Meanwhile, users are increasingly distributed across headquarters, remote locations at home, and other places. And also, there are now soon to be nonhuman users in the form of AI agents where interactions with applications must be secured. Disjointed network security offerings require significant resource to be applied to integration, creating the possibility of gaps in security policies given the disparity of control planes.

Speaker 1

And more importantly, unless we can harmonize the data across the network, it will be challenging for customers to adopt AI enabled security capability in the future. We have to believe that in the future, all solutions will need to integrate, harmonize data, and use that to train AI agents to solve security. Looking deeper into firewall as a platform, our bookings accelerated and grew by 21%. Within this, we continue to see stable demand in the appliance market. That stability coupled with us continuing to take market share allowed us to grow our appliance bookings in the mid single digits.

Speaker 1

There's a refresh cycle coming from many players in the industry, and we believe we are well positioned to benefit from it. Software and SASE make up approximately two thirds of our firewall as a platform bookings and grow over 1.5 times faster than the rate of the total Firewall as a Platform business. We have been on a multiyear journey to reinvent our security subscriptions, which we use consistently across all three form factors. Each of these advanced subscriptions are cloud delivered and, I believe, significantly differentiates with what's in the market. Delivering these incremental innovations into our platform, like advanced subscription and network security, makes our customers' adoption seamless.

Speaker 1

This is core to our strategy of staying ahead of our customer security needs with future proof innovation. It is also a win win for Palo Alto and the customer. Next, let's dive deeper into SASE in our software firewall business. As customers transform their networks to keep pace with delivering first class security capabilities for remote users and branch offices, we continue to see demand for SaaS. Many SaaS projects are large and comprehensive, which is well suited to our rich offering.

Speaker 1

SaaS continues to be our fastest growing form factor in network security and a strong contributor to our growth. We grew SaaS customers by over 20% while we grew bookings well north of 50% and increased deals over 1,000,000 in value by 2.5 times. We now have over 5,600 SaaS customers and over 23,000,000 individual seats. Across our SASE base as well as our GP customers, we have been chosen to help protect a base of over hundred million users. Meanwhile, the drivers of our SASE momentum are broadening.

Speaker 1

Bookings of newer modules of the SASE platform, such as autonomous digital experience management or ATEM, cloud access security broker or CASB, Prisma Access Browser, which you just saw an ad for, and AI access grew nearly fourfold this year. Customers are happy with the initial SASE deployments are adding these to drive a more modern security environment and streamline their vendor landscape. I'm particularly excited about the momentum we're seeing with Prisma Access Browser. Roughly one third of the new Prisma Access seats we sold in the quarter were for our secure browser. We signed a transaction in q two for over north of $10,000,000 with one customer with a total of over $30,000,000 in Prisma Access Browser bookings in q two and growing seats by 95% quarter over quarter.

Speaker 1

We also continued to innovate in SASE, releasing the mobile version of our integrated or secure browser. This browser, integrated with Prisma Access, offers mobile phone and tablet users the same robust security and access to private applications. We added capabilities to AI access, ensuring organizations can apply controls to how their users interact with AI based applications. We can now provide real time visibility into over 1,800 applications up from five hundred six months ago. AI access comes with out of the box policies to manage functions such as uploads, downloads, and sharing capabilities.

Speaker 1

In a short period of time, this quarter, we crossed 300 customers who use the AI access capability. We can also provide comprehensive data protection to secure sensitive data secrets and intellectual property. Now turning to software firewalls, this has been a strong area of growth. We saw 50% bookings growth in our software firewall business with AI and public cloud adoption continuing to be the strongest driver. Approximately 70% of our VM deployments are now in the public cloud.

Speaker 1

We continue to see customers adopt our software firewalls alongside our hardware appliances. As a testament to this, about two thirds of our software firewall customers are also hardware firewall customers, showing the hybrid nature of the solution and the need for black optimization. We also continue to innovate in this business. Early in Q2, we released our API based AI runtime security capability, which added the ability of our product to directly secure AI applications without being in the traffic path. Later in Q2, we leveraged this capability to secure AI agents as many of our customers look forward towards the value propositions of agents, but need to secure them as they would need to secure any other user or application.

Speaker 1

This capability helped drive our first seven figure firewall, software firewall transaction for AI in the quarter, and we have a healthy 8 figure pipeline for AI firewalls for the future. Now moving on to Cortex. This morning, we had an exciting announcement. We took our industry leading Prisma Cloud platform, evolved it with more capability, merged it with our CDR capability and our Cortex platform to announce the introduction of Cortex Cloud. Cortex Cloud is now the industry's first end to end cloud security platform, which deeply integrates into the SOC.

Speaker 1

As we have been delivering cloud security over time, we have learned that the customers are keen to ensure that they can trace the cloud security capability all the way into runtime and production and do real time security against this. We're also delivering a powerful data security, DSPM experience, and real time security capability with our cloud agent. Again, all of this is now natively connected to the Cortex platform. This is where cloud security is going. We have anticipated the market change in cloud security and is one reason for our momentum and leadership in the space.

Speaker 1

Recall that in our early days, we entered the cloud security market in 2018 with two acquisitions and continued to build up these capabilities, pioneering the category and leading with our initial cloud posture capabilities. Soon after, it became apparent that too many security issues were reaching production and organizations could not keep up with remediating them once applications were deployed. We led the trend to shift left, connecting this to cloud posture to address security issues beyond before deployment. Attackers took note as customer deployment of mission critical applications and sensitive data accelerated into the cloud. Our own Unit forty two research shows that 80% of security exposures are found in cloud attack surfaces with a 66% increase in threats targeting cloud environments.

Speaker 1

With these evolutions and attack backdrop, we believe cloud security and security operations must be inextricably linked. Existing Prisma Cloud customers will have a seamless upgrade to Cortex Cloud to benefit from AI powered prioritization, automated remediation, and new simplified powerful user experience. Additionally, they can also adopt Cortex best in class CDR capability to gain real time cloud security capability. The unification of enterprise to cloud can further drive the adoption of XIM into the customer's cloud environment. Cortex Cloud natively integrates with cloud data, context, and workflows within Cortex XiM to significantly reduce the mean time to respond to modern threats with single unified SecOps solution.

Speaker 1

More importantly, because we are natively integrating cloud solutions as SOC, Exime has now transformed into both a cloud and enterprise SIEM. We're excited about the prospects for us to maintain and accelerate our strong Exime momentum. As I mentioned, we are making this announcement on the back of strong momentum in our cloud security and security ops business. I want to give you some highlights. We drove bookings growth of approximately 50% in both Cortex and Prisma Cloud in Q2.

Speaker 1

In Cortex, we had healthy momentum with customer growth of approximately 20%. Fueling this customer growth, we again signed hundreds of new XTR customers in Q2 that become opportunities for soft transformation on the broader Cortex platform in the future. Our XTR momentum continues to be fueled by the efficacy of our product. This quarter, we achieved further external recognition of this, achieving the leadership results in the most recent MITRE ATT and CK evaluations. XIM, our AI driven SecOps platform surpassed the $1,000,000,000 cumulative bookings milestone in Q2.

Speaker 1

While we know we have a winning product with ExaM, we're also starting to see external validation of our leadership with Frost and Sullivan and OMDIA recognizing us as leaders in the same category. Contributing to our Cortex strength in Q2 was over $100,000,000 in Curator related bookings. Our pipeline on Curator is equally strong, leaving us optimistic about our IBM partnership as a driver of Cortex. On the cloud side, we saw the adoption of our capabilities continue to broaden. With DSPM integrated to Prisma Cloud, we've seen early adoption to be one of the strongest of any of our new cloud security capabilities in the past.

Speaker 1

We're excited to see this success continue with DSPM as part of the Cortex Cloud product we announced this morning. We're also seeing particular success among some of the largest companies in strategic industries. For example, several SaaS companies signed significant cloud security deals with us in Q2. In this industry, SEM has the top 10 SaaS companies outside of cybersecurity leverage their cloud security capabilities to secure the customers' environment. As you can see, we saw strong momentum across the business in Q2.

Speaker 1

We're seeing customer imperatives around AI driving accelerated cloud adoption and infrastructure investment, which is supporting strong cybersecurity demand. This healthy spending backdrop and strong execution from our team and platformization helped drive the healthy top line trends we saw in Q2 across RPO, NGS, ARR and revenue. We remain optimistic about sustaining this momentum as our sales teams leverage our ecosystem, continue to become more adept at aligning our many capabilities into a unique platformization journey for each customer. We remain confident in our long term and GSA IRR forecast. Supporting this is a steady innovation stream and momentum across our portfolio.

Speaker 1

We're leading early mover into new market categories like enterprise browser, secure AI by design, the AI powered SOC, which are making easy for our customers to adopt key new innovations with our platform approach. Lastly, we're driving profitable growth, balancing operating margin improvements with strong cash flow. We continue to make progress in driving a culture of efficiency at PowerUp Networks, and you've seen the results of this over the last few years. This focus on efficiency and some early success in AI based initiatives gives us the confidence to continue delivering profitable growth. I will now pass on to Deepak for his remarks.

Speaker 2

Thank you, Nikesh, and good afternoon, everyone. To maximize our time spent on Q and A, I will provide you with highlights of Q2. You can review the results in our press release and the supplemental financial information on our website. In Q2, total revenue was $2,260,000,000 and grew 14%, above the high end of our guidance. Within revenue, product revenue grew 8%, while total services revenue grew 16%.

Speaker 2

Drilling into total services revenue, subscription revenue grew 20% and support revenue rose 8%. Our product revenue is approaching 40 percent software on a trailing twelve month basis. We expect healthy software contribution to product revenue in the second half of this year, which we expect will increase our product revenue into the double digit growth range. We also saw stable demand for firewall appliances in Q2, which we expect to continue through fiscal twenty twenty five as the appliance market grows 0% to 5% as we have previously discussed. Moving on to geographies, we saw double digit revenue growth across all theaters with The Americas growing 13%, EMEA up 18% and JAPAC growing 17%.

Speaker 2

We were particularly encouraged by the volume of large deals we closed with some notable large deals in EMEA and JAPAC. For example, we had our largest deals ever in both EMEA and JPAK this quarter, each in excess of $50,000,000 As Nikesh noted, these deals demonstrate the broadening of our large deal success in North America to our international theaters. Also, I know many investors have had questions about The U. S. Federal market.

Speaker 2

We have had prudent expectations in this market this year, and we saw stable federal business in Q2. Much of our federal business is tied to renewals and existing programs with long standing funding. During the quarter, we also received FedRAMP high authorization across our network, cloud and security operations platforms. We now have the most comprehensive suite of AI powered cybersecurity solutions authorized for use in federal networks at the high impact level. Total RPO grew 21% to $13,000,000,000 at the high end of our guided range.

Speaker 2

Our current RPO grew 17% to $6,100,000,000 The average duration of new contracts remained at approximately three years. It did trend towards the high end of our historical range in Q2 based on our performance in large platformization deals, particularly customers making longer term commitments to XIM. Our NGS ARR again delivered strong growth, growing 37%, finishing Q2 at $4,780,000,000 Our NGS ARR was driven by the strength across our advanced subscriptions, Sassy and Cortex. Moving down the income statement, gross margin of 76.6% was down slightly as we continue to see the impact to some of our newer SaaS offerings that are growing quickly, but have yet to achieve scale. Also, we had some costs in Q2 related to inventory and product transitions that were higher than typical, and we don't expect that that will recur in the second half of the year.

Speaker 2

It is worth noting, we have been transitioning our contract manufacturing facility in Texas as our primary manufacturing and fulfillment center, not only to enable scale and innovation in our appliances, but also to take advantage of our foreign trade zone that can help mitigate tariffs and products we ship to international destinations as we assemble and manufacture all of our firewall appliance products in The U. S. More broadly, we continue to see efficiencies across the company as we focus on driving profitable growth. We saw operating expenses as a percentage of revenue decrease by 120 basis points as we benefited from scale in our business model and initiatives as part of continuing to build our culture of efficiency. We delivered $0.81 of diluted non GAAP EPS and our diluted GAAP EPS of $0.38 continues to grow along with our overall profitability.

Speaker 2

As a reminder, in the year ago period, we had a significantly positive impact to GAAP EPS from the large $1,500,000,000 release of tax valuation allowance that happened only in fiscal twenty twenty four. We generated adjusted free cash flow of over $5.00 $9,000,000 in Q2. On our balance sheet, you will see that our debt balance came down by over $100,000,000 as we continue to see early conversions of our convertible debts, which occurred at the discretion of the debtholders and was settled by us in cash and equity. Our remaining debt of just over $500,000,000 matures in June 2025, although we may continue to see some early conversions. We did not repurchase any shares in Q2 and our buyback strategy remains opportunistic.

Speaker 2

We have $1,000,000,000 in authorization remaining through December 2025. As Nikesh mentioned, we are pleased with the momentum we are seeing in our Platformization strategy and the outcome in driving our financial results. I wanted to update you on what we are seeing a year into this strategy. As you all no doubt remember, we announced our Platformization strategy a year ago. Over the last twelve months, we've learned from our success and adapted where it made sense.

Speaker 2

We launched a number of structured sales programs that we highlighted to jump start this initiative. Our goal was to remove friction, both related to technology risk and budget challenges for the customer. We have now embedded these practices into how we do business. A year in, we have seen both the industry rally around this approach, as well as some of our key ecosystem partners also put significant resources behind platformization. This has helped leverage our own investments on the sales and marketing side and brings us closer to enterprise accounts where ecosystem partners have strong relationships.

Speaker 2

Many of our large platformization deals have been pursued and closed with global system integrators. With these joint successes, partners collectively are putting more resources behind Platformization. When we initially announced Platformization, we had piloted the program, helping us build conviction in our aggressive launch. Predating our broad announcement, some of our top reps were driving deals with the principles that embody platformization. A year in, we have seen rep participation significantly increase with approximately a third of our sales reps having already participated in a new platformization deal win in the last twelve months since we launched our accelerated strategy.

Speaker 2

Lastly, when we launched the program, we had assumed that platformization would enable us to increase our ARR per customer. As you can see in some of the large deal highlights that Nikesh covered, we have seen success signing larger deals and further expanding our ARR and platformized customers. As you can tell from both the tone and some of the details that we provided, we are very happy with our progress here. I'll reiterate what Nikesh noted last quarter and earlier, our biggest learning is that we should have made this move earlier. Now turning to the bottom line.

Speaker 2

Our confidence in future operating margin expansion is rooted in our visibility to continued leverage across our P and L. As Nikesh mentioned, we've seen some encouraging results from our AI based initiatives across multiple areas of the company that give me greater confidence in this ability to drive leverage. I wanted to provide you with an update of some of these AI based initiatives and what we're seeing so far. In the areas that we are focused on, we've seen meaningful efficiencies, which either manifest as lower spending, enabling us to drive incremental innovation or absorb expected increases in volume without additional spending. One of our first AI based initiatives was focused on our employee facing processes.

Speaker 2

In the past, we have leveraged contractors in various business processes in IT. We are on track to reduce this contract labor by about 50% as we close out fiscal twenty twenty five, which will result directly in operating expense savings. In our global customer support business, we've leveraged an internally developed co pilot to assist in case resolution. So far, we have seen our support CoPilot used in about 85% of cases in network security, which is where we first rolled out this technology. We're seeing approximately 50% reduction in the time to resolve cases.

Speaker 2

This results in a better experience for our customers and also our team is being able to absorb more case volume while adding less headcount than in the past. Lastly, we are deploying CoPilot tools for our developers earlier and are seeing some exciting results. We've recently deployed the technology to all of our engineers. These and other initiatives that are still in their early stages give us consistent outcomes, and that gives me more confidence on the tangible benefits to our business, including our cost structure. Before I turn to guidance, we have a lot of questions about how we get comfortable with the sustainability of our cash generation given some of the transitions happening in our business.

Speaker 2

We began to see an increase in deals with deferred payments in fiscal year twenty twenty two and have seen a significant increase driven by larger transactions, particularly in our SaaS offerings over the last three point five years. As we have absorbed an increase in deferred payments, our visibility into our free cash flow each year has increased. In fiscal year twenty twenty four, when we entered the year with $1,000,000,000 in deferred payments scheduled for the year, that was 32% of our fiscal year twenty twenty four adjusted free cash flow. This year, that amount increased to $1,400,000,000 and our visibility increased to 41% of our expected adjusted free cash flow. Looking forward, we expect to enter fiscal twenty twenty six with $2,000,000,000 in deferred payments scheduled for the year, further increasing our visibility into free cash flow in fiscal year twenty twenty six.

Speaker 2

We've progressed substantially over the last several years through the transition of deferred payments. We've also spent significant time over the course of this year ensuring that we're balancing this transition with other uses of cash and opportunities for cash flow optimization. Because our appliance bookings and smaller bookings predominantly are paid upfront and many of our large transactions already utilize deferred payments, we believe we can manage the trend towards more of our larger transaction bookings utilizing deferred payments as we have done over the last several years. Consequently, our expected increasing profitability as we scale and these financial dynamics give us improved confidence in our free cash flow generation. Our confidence holds for fiscal year twenty twenty five, where we continue to expect 37% to 38% adjusted free cash flow margin as well as our cash generation beyond this year.

Speaker 2

We are comfortable that we can generate adjusted free cash flow margins for fiscal year twenty twenty six and fiscal year twenty twenty seven of greater than 37%. As a reminder, we do not guide free cash flow on a quarterly basis, and we do see year to year fluctuations in our cash flow seasonality. In fiscal year twenty twenty five, relative to prior years, we expect to see fluctuations in seasonality driven by the timing of deferred payments from customers, the timing of bookings within the year and the timing of cash tax payments. But this year, we expect relative to The Street that more of our free cash flow will come in Q4. With that, let me turn to guidance.

Speaker 2

For fiscal year twenty twenty five, we expect NGS ARR to be in the range of $5,520,000,000 to $5,570,000,000 an increase of 31% to 32%. Remaining performance obligation of $15,200,000,000 to $15,300,000,000 an increase of 19% to 20% revenue to be in the range of $9,140,000,000 to $9,190,000,000 an increase of 14% operating margins to be in the range of 28% to 28.5% diluted non GAAP EPS to be in the range of $3.18 to $3.24 an increase of 12% to 14 and adjusted free cash flow margin in the range of 37% to 38%. For the third fiscal of 'twenty five, we expect NGS ARR to be in the range of $5,030,000,000 to $5,080,000,000 an increase of 33% to 34% remaining performance obligation of $13,500,000,000 to $13,600,000,000 an increase of 19% to 20% revenue to be in the range of $2,260,000,000 to $2,290,000,000 an increase of 14% to 15% and diluted non GAAP EPS to be in the range of $0.76 to $0.77 an increase of $0.15 to 17%. We've included our typical modeling points in the presentation for you to review. Before I turn back to Walter for Q and A, we will roll one more video.

Speaker 3

When I think about the relationship between Palo Alto Networks and Cognizant, the word that comes to mind is strategic. We are a $20,000,000,000 global technical services firm that employs over 340,000 associates worldwide. We had disparate technologies across the environment. Our data was also very dis jointed. How do we optimize our entire technology strategy through platformization and to create a level of consistency across our entire enterprise?

Speaker 3

So our ability to protect and defend goes up, and the complexity to manage and maintain this technology that we've improved. We look at the promise of what we're seeking for XIM and where we're seeing the benefits is the ability to more effectively consolidate the visibility through all that data and the ability to then rapidly accelerate creating runbooks and use cases out of that data in order to drive our response and our decision making. And the relationship between Palo Alto Networks and Cognizant is one that I get to see come into real life in terms of how we're gonna transform and how we're reenvisioning our entire security program.

Operator

Thank you. We ask in the q and a that each analyst only ask one question. Our first question will come from Saket Kalia from Barclays followed by Hamza Fodderwala from Morgan Stanley. Saket, go ahead.

Speaker 4

Okay. Great. Hey, guys. Thanks for taking my question here, and nice quarter. Maybe a question for Nikesh and Deepak together.

Speaker 4

You know, it's great to see free cash flow margins at 37% plus expected now through fiscal twenty seven. Nikesh, can you just maybe talk about some of the success you're seeing in driving better profitability? And Deepak, can you just maybe go one level deeper into other drivers of that free cash flow like the deferred payments?

Speaker 1

Yeah. No, Saket. That's first of all, thank you for the question. As Deepak highlighted, like, we're beginning to hit scale. As you see, platform deals are actually a lot more efficient from a sales perspective because the larger deals you know, I think if you see if you look at the cybersecurity landscape, we're now clearly a large deal company compared to most of our competitors.

Speaker 1

So that definitely drives efficiencies for us from a scale perspective. If you look at any p and l, in any enterprise business, 50% to 60% of p and l is sales, marketing, and customer support. If you can find efficiencies in that process, that's where leverage lies. So you've seen we've been improving our operating margins consistently now for over two point five years. That's being driven from that efficiency lens.

Speaker 1

If you couple that with some of the early experiments we've shared on the AI front, we think this has tremendous potential in the future where enterprise companies should operate a much higher operating margin in the future from now. I'm not gonna put a forecast just yet, but I think the trend is our friend. And that gives us tremendous comfort that we can underpin our performance with strong operating margins over the course of the next few years. Couple that with the way Deepak and his team, have been able to balance the deferred payment products, which he can talk about, which, as he said, gives us tremendous amounts of visibility. And we feel confident that that the range for the next few years is there and possibly higher after.

Speaker 2

Yeah. If I can just build, Saket, like, a lot of this is is in the prepared remarks, but we've had a lot more visibility with a growing balance of of deferred payments already in the past few years. There's parts of our business that are really never gonna go to deferred payments, the the smaller transactions that have a multi tiered distribution network where everybody wants to get paid up front, the appliance business where it's industry standard pay up front, then you're left over with everything else. And we've we've already made a significant transition already, so there's not as much left to actually do. We're quite far along the journey.

Speaker 2

That's what gives us confidence, and that's what I was meaning to convey in the prepared remarks.

Speaker 4

Very helpful. Thank you.

Operator

Thank you, Saket. Next question from Hamzah Fodderwala from Morgan Stanley followed by Brian Essex from JPMorgan.

Speaker 5

Alright. Great. Thank you for taking my question, and good evening. Nikesh, I had a, you know, bit of a bigger picture question for you.

Speaker 1

Hey. Do you wanna

Speaker 5

talk about the border? Down. I'll leave that to the others. No, obviously, Palo Alto Networks been at the forefront of AI, whether it's AI for security operations when it comes to Cortex or securing AI now with DIG and Prisma Cloud. You know, DeepSeek was a was a big moment, for for the AI trend in the market earlier this year.

Speaker 5

I'm curious, what do you think this means for the proliferation of AI in general and how this impacts security and specifically Palo Alto Networks?

Speaker 1

That's a very good question coming from you, Hamza. Not that I wouldn't expect that from you, but it's a great question. Look. I think DeepSeek is a phenomenal pivotal moment for AI, not just for us, but across the industry. And if you look at it across three parameters, right, there's the question around quality.

Speaker 1

Is it as good as the models that people are using out there like OpenAI, Gemini, or Lama, etcetera? And at least if you read the ratings out there, it seems like it's equally good, if not better, for technical answers. It does better coding, better math, better physics. So it looks like for for sort of it has a better reasoning engine, out there. So that's interesting.

Speaker 1

Then the next question becomes great. If it's so good at if it's equally good, you know, what are the economics? Did they actually get it done for a lot cheaper? Now we can debate that, and I don't know if you'll ever get to the bottom of it. But what's interesting is, today, you pay 14¢ for about a million words, and you pay $7.50 for every other model.

Speaker 1

So it's 2% of the cost to every other model. Now that's driving experimentation. I have talked to many SaaS CEOs recently, and everybody's experimenting, so are we, to see if Deepsea can deliver that degree of performance. And the third question comes, okay. Wait.

Speaker 1

You know, this has come from a nation state, maybe from somewhere where we don't wanna trust the model. We gotta figure out how secure it is. Now look. Any AI model that is gonna be used by enterprises will be used in a sequestered fashion, either on prem or in your own cloud instance or require AI firewalls around it. If you can guarantee that your data doesn't get out of that sequestered sort of space and if you can guarantee that you can put guardrails around the model, I think you'll see a lot more experimentation.

Speaker 1

So from that perspective, I think it's gonna be pivotal. My only recommendation to every enterprise out there is make sure you don't deploy AI without running firewalls around it. Make sure you don't deploy in a multi tenant environment. But I think this is great for AI. And look, any technology is great for security because any new technology requires you to put more security around it.

Operator

Great. Thank you, Hamza. Next question is coming from Brian Essex at JPMorgan followed by Gabriela Borges at Goldman Sachs. Brian, go ahead.

Speaker 6

Yeah. Good afternoon. Thank you for taking the question. I have a bit of a different AI question. And, you know, it comes from the perspective of, you know, leveraging AI across the platform to provide better security outcomes.

Speaker 6

And maybe if you could talk about, what you're seeing, in cloud security as an example and win rates as you're able to provide code to cloud to SOC security across your entire platform. How does that affect your ability to compete against point solution providers in that space? And, you know, how how is that enabling you to kind of leverage the platform maybe as an example in that cloud security space? Thanks.

Speaker 1

Hey, Brian. Is any point solution business left? Every security company seems to claim their platform now. So I don't think there's I don't think there's there's I think that breed of point solution is gone. But anyway

Speaker 6

Was it different between calling yourself a platform and actually being a platform?

Speaker 1

So Yeah. That's what they say about us too. Those guys. But that notwithstanding, look, you know, I was I was, I called Lee last night, and I said, you know what? I found a new raison d'etre for platformization.

Speaker 1

Our earlier sort of narrative was that you need a platform so you get a single pane of glass, you can run zero trust networks, you can be harmonized across policies. There are no security gaps. But as we go down this journey, we're discovering and we're already talking about deploying agents, and why do we need human beings trying to do these complex tasks and trying to understand how security should be deployed? Why can't we have agentic personas that say, I'm your network configurator? I'm your, you know, phishing remediator?

Speaker 1

Why can't we design security agents? When very quickly realize, you can't design an agent unless you have the data. You can't you can't have the data across 17 disparate products and make sense of it. So what we're discovering is this strategy that we deployed of platformization about two years ago and really sort of put our our weight behind a year ago is resulting in us getting harmonious data. Right?

Speaker 1

These 1,150 customers who are platformized have data that is harmonized. We can run and build agents on top of that. So from that perspective, the more platforms we sell, it creates tremendous opportunities for us. But I'm gonna talk to let Lee talk about how this is helping us on the cloud security front. Yeah.

Speaker 1

So

Speaker 7

you've seen what we've done in in our replaces. Right, Brian? So the in in XIM using AI for the SOC and reducing meantime remediation from days down to hours to minutes. You've seen us do this with, in NetSec and across network security and SASE and other places. In cloud, what you've what you can see is a couple of things.

Speaker 7

First is in the individual areas. So in AppSec, how we use AI in order to have better detection and prevention of misconfigurations before they reach production. In production, how we use AI in order to better remediate, and detect and remediate, prioritize, etcetera. And then with Cortex Cloud, which we announced earlier this morning, what that allows us to do is now not only apply AI automation within each of these areas, but now connect that across the full end to end from AppSec into cloud, into runtime, into SOC. And that is incredibly powerful when you think about trying to become much more proactive in real time in cloud security.

Speaker 6

Is that translating into better win rates? So like if you look against the point solution vendor like a whiz in the cloud security space, are you starting to see the improvement in win rates?

Speaker 7

Yes. Sorry. No, please go ahead.

Speaker 6

Just jumped on that one.

Speaker 1

I'm going to let him answer the question, and I'm going to say something else.

Speaker 7

Go ahead. Yes. Because it not only achieves better security outcomes, but it also translates to more efficient you know, security operations, of the teams that actually have a response for managing all this on a day to day basis.

Speaker 1

What I was gonna say, Brian, is that I think cloud security is gonna go through one more evolution. Yeah. And that evolution will be as it you know, it sort of started in the center, shifted left to go to code. Now it's doing a hard shift right. A hard shift right is you need to be in the sensor in production environments, understanding what's going on, protecting the production environment, and using that to prioritize cloud security.

Speaker 1

So I think, you know, the the bigger cloud security, action is gonna be in runtime with agents, and that's where more XDR players are playing. It's actually not the the CNAP players who have had who won the last round, if that makes any sense.

Speaker 6

Super helpful. Thank you.

Operator

Alright. Alright. Thanks, Brian, for those two questions. We'll go next with Gabriela Borges from Goldman Sachs followed by Jonathan Ho from William Blair. Gabriela, go ahead.

Speaker 8

Hey, good afternoon. Thanks for taking my question. Deepak, you mentioned earlier there are some deals that are always gonna be upfront. Maybe just elaborate for us, what are the guardrails or what is the framework for your salespeople that determines when they go to multiyear versus one year billings and when they can offer financing versus when you don't want to offer financing? Thanks.

Speaker 2

Yeah. So I think it's all it's all part of the actual sales motion and negotiation. So really, really where you see the majority of the requests for deferred payments is in the higher end. Like distributors don't really want to have to deal with lots of back and forth with customers at the lower end, and therefore, that's typically all upfront, Right? So it's really at the higher end deal.

Speaker 2

And on firewall, we typically get the money upfront because that's being budgeted based on a refresh cycle. So those cases apart, it then becomes a negotiation. Our sales team will will basically go and they'll explain that there is value in the cost of money we expect to be paid upfront, and then it becomes part of the negotiation based on what is required and what's not required. We we do have guardrails in place, everything from sales comp to approvals, that are in place to make sure that we manage that tightly. But it really is with a view of enabling platformization at scale, which is why we've been working on this for a while and managed the transition pretty well so far.

Operator

Great. Thanks, Gabriela, for that question. Next, we'll go with Jonathan Ho from William Blair followed by Peter Weid from Bernstein. Jonathan, go ahead.

Speaker 9

Good afternoon. Just wanted to understand a little bit better the decision to add in CNAP as part of the Cortex platform. And can you talk a little bit about the ability to accelerate

Speaker 1

adoption or accelerate platformization

Speaker 9

as you take on this tactic? Gig? Thank you.

Speaker 7

Yeah. Look, the as as Nikesh was mentioning, a lot of the action in cloud is is shifting toward real time, which means shifting toward runtime and and even SOC. The it's really critical, though, from our perspective that we bring in as much context as possible, in order to be able to to make take those automated actions. Right? And that context often comes from CNAP and even code security.

Speaker 7

That's the first critical reason. Second is the cleaner your cloud environment can be from preventing issues from ever making into production or cloud posture where we're detecting and remediating those issues. The cleaner your cloud environment, the more, the the the better that security posture is, the easier it is for the runtime and and SOC capabilities to to to fire in real time because there it's easier to pick out the attacks, using machine learning, AI, and other types of capabilities like that. So ultimately, we believe that the the best outcome for customers is achieved when they connect the all of the aspects of cloud together. And so you see that show up in terms of how we we package the offering as

Operator

well. Great. Thanks for that question, Jonathan. Next, we'll have Peter Weed from Bernstein followed by Shaul Leal from Cowen. Peter, go ahead.

Speaker 10

Thank you. And congrats on the continued success on the platform. Maybe I asked the unsexy question, which is, on the product side, I think we saw some nice strength this quarter and I know kind of the guidance is that's going to remain a less exciting from a growth standpoint portion of the business. But that strength was important for delivering on the revenue. And if we look forward, is that type of strength something that we should be able to look at as a support as opposed to maybe a drag on the overall growth?

Speaker 10

Or is this kind of a onetime quarter? How will that evolve looking forward?

Speaker 1

So, Peter, I think it's probably one like, it would sound like a broken record. I've always been saying that the hardware industry, for us, at least our end, is gonna deliver somewhere between five to 8%. And sometimes it's been flat in the in the post pandemic. There was a sort of splurge surge and it went back down. I think we're back to steady state.

Speaker 1

So I think easily you can expect us to be going in low to mid single digits on the appliance side. But I think the real action for us is, I think, you have to understand, there's a series of transformations going on underneath, like Deepak highlighted the cash flow transition. We've been transitioning our network security business, as you saw, from hardware to software. This is why you see that we're growing that category 21% between hardware and software. So that just, over time, reduces our reliance on hardware, because I think, you know, that cloud transformation is underway, more and more cloud volume.

Speaker 1

But the good news is the cloud volume is going up faster than the data data center volume is declining. So we can manage this transition in a way we can drive more and more software firewalling capability and not just recompense for the hardware business being slow growth compared to that. We can also, over time, drive higher growth across the entire network security category for ourselves. Thank you.

Operator

Great. Thanks for the question. Next up is Shaul Eyal from Cowen followed by Taliani from BofA. Go ahead, Shaul.

Speaker 6

Thank you. Good afternoon, guys. Nikesh, I'm interested in your views on the Curator and overall IBM partnership, this quarter? And, is it coming in line or better than your initial views couple of quarters ago when you have gone after this this asset? Thank you.

Speaker 1

Shal, we had our board meeting yesterday, and there was a comment that one day a Harvard Business School case would be written on this, and, for the right reasons. I'll tell you, this has this has been a spectacular partnership for us, not just our relationship with IBM, our go to market partnership together where they are you know, we talked to a large large deal. It's actually public in The UK. The home office deal where IBM and us partnered and it's a very large modernization contract. We partnered really well.

Speaker 1

Some of our very large deals, as we highlighted, one of our largest deals this quarter, the Asian bank, was a QRad customer, which now we were able to take DRR up five times. So you can see that the the sort of inroads in the partnership that IBM had with many of these customers has translated into very, very large opportunities for us. So it couldn't have been better.

Speaker 6

Great. Thank you so much.

Operator

Thanks, Shaul. Next, we'll go to Tal Liani from BofA, followed by Andy Nowinski from Wells Fargo. Tal, go ahead.

Speaker 11

Hi. I wanted to ask about margins. Can you go over kind of what happened to margins this quarter? I saw a little bit of pressure and then what's the outlook for the year? What are the puts and takes for margins?

Speaker 11

Thanks.

Speaker 2

So, Tal, just a clarifying question, you're talking gross margins? Is that what you mean?

Speaker 11

Yes, gross margin and also a little bit on the operating margin I saw.

Speaker 2

Yes. So really, it's mainly in the gross margin. And it's all it was all in my prepared remarks like where yes, so there the main parts were on the services gross margin. It was driven by like faster growth on the newer SaaS offerings, which just have more time to mature and scale. And on the hardware, we did have some one time inventory write offs, E and O's, but will not repeat in the second half.

Speaker 1

So I think it's we had a 40 basis point one time write off, which impacted our gross margin on the hardware side, which is why you so it's a one time event, but we still outperformed our margin expectations both internally and as per you guys.

Operator

Thanks. Alright. Thanks, Tal. Next, we'll go with Andy Nowinski. And our final question will be from Matt Hedberg from RBC.

Operator

Andy, go ahead.

Speaker 12

Okay. Good afternoon. Thank you. And I thought your quarter overall was was very good as well. I want to ask maybe a more difficult question on the net new ARR side.

Speaker 12

If you pull out the $74,000,000 from QRadar in Q1, it looks like your net new ARR declined on a year over year basis for the last two consecutive quarters. And you have so many positive trends in these large platformization deals. Why aren't those translating into net new ARR growth over the last two quarters?

Speaker 2

Yes. So, Andy, we talked about this a little bit last quarter. I mean, we're very happy with the net new ARR growth. We did have some transitions of old attaches to cloud delivered advanced subscriptions that led to a significant increase in net new ARR a year ago as we lack that. We don't have the same step up, but the net new ARR on some of our newer products, what's driving a lot of the platformizations continues to go from strength to strength.

Speaker 1

And, yeah, I think just to add to that, like, you know, the software firewall strength we talked about, the SaaS strength we talked about, the cloud security strength, the XIM strength, all these things contribute to net new ARR. That's what's allowing us to get it to the I still remember six years ago, this was zero. So we're very happy that it's driving up wholly to $5,000,000,000 and, you know, we still believe we're on track to get to 15,000,000,000 on NGS ARR. Got it.

Operator

Great. Thanks, Andy. Our last question is from Matt Hedberg. Matt, go ahead.

Speaker 13

Thanks for taking my question, guys. Congrats on the results. Not an easy environment here. Yes, I had kind of a high level question, maybe Lee, for you. I think we've all been talking about Agentic, and Agentic framework.

Speaker 13

And I think, Nikesh, you mentioned on the call. I guess, Lee, from your perspective, a lot of people look at identity as sort of maybe the tip of the spear for Agentic based security. What's your perspective on the security foundation for a broader agent rollout?

Speaker 7

Oh, I think it's, I think it's a lot more complicated than that, Matt. Not necessarily in a bad way, but I think sometimes the industry can be quick to jump on a single magic bullet of identity, which is important, but there's a lot of other aspects to to how these agentic platforms work. And, I would actually start with how do you secure the AI portion of the agentic platform and making sure that it's providing, if you're going to give it the authority to take independent actions, which effectively what agentic AI will do, you better make sure that that AI environment is fully secured from attackers and and you have their proper guardrails enforced and everything else. Yes. That has to be combined with with identity.

Speaker 7

All that has to be combined with, it's gonna ramp up even just machine to machine level communication, how we secure it. So there'll be multiple facets to how, agentic AI is is secured as it as it matures.

Speaker 1

Just to add to that, Matt, I think one of the things which is, from our perspective, fascinating is that we have now sold XiM more than 200 times in the last twenty four months, making it one of the fastest growing products in cybersecurity. And in XiM, we see all the data. So we expect we will start seeing agentic activity in XIM. So, you know, identity is two parts. Identity is validating your credentials to make sure you are who you are, whether you're an agent or a human being, which is what typically MFA does or service accounts to a SaaS applications.

Speaker 1

But watching the activity and being able to control the activity and stop the activity and change permissions will have to happen in some sort of AI enabled SOC. So we think there is an opportunity for us in the future as the definition of agents and the deployment agents starts to settle in that we will be able to build agentic sort of detection remediation and management within the XIM capabilities that we have.

Operator

Alright. With that question, Matt, thanks for wrapping it up for us. I will turn the call back over to Nikesh for his closing remarks.

Speaker 1

I just wanna say thank you very much to all of our customers, employee employees and our ecosystem partners for all their hard work, and thank you for all of you for taking the time to listen in our earnings call. We'll see you guys next quarter.

Remove Ads
Powered by Quartr
Earnings Conference Call
Palo Alto Networks Q2 2025
00:00 / 00:00
Remove Ads