All right, we will get started. Thank you all for being here at the UBS Tech Conference. I'm Roger Boyd. I cover Cybersecurity for UBS here. Very happy for this next session to be hosting Nikesh Arora, CEO of Palo Alto Networks. Nikesh, thanks for being here.
Thank you for having me.
Yeah. For all you in the audience, we're gonna do a quick fireside. You can submit questions through the, the Q&A app, and we'll, I'll be happy to, to forward them on to Nikesh. But, maybe just to start, I wanna touch on the threat environment. A couple weeks ago on the earnings call, you pointed out that there's just a never-ending supply of threats. And I think point in case, we're seeing ransomware evolve from standard encryption, to double extortion, to they're gonna now file SEC complaints for you. We're seeing the, what, what's happening with SolarWinds. We're seeing attacks that are causing hundreds of millions of dollars in lost revenue. Just how do you think about that contributing to the demand environment security, which I think you would argue is still strong?
Well, first of all, thank you for having me, and thank you for being here. I think in the last 12 months, what has begun to happen, and you saw signs of this earlier, if you go back four or five years ago, the cyberattacks were... You equated a cyberattack with some kid sitting in a basement on a computer and trying to get into the NSA or the FBI and say, "I'm so cool." Right? That was like, you get cool cred by doing a cyberattack. Yeah, then sort of nation-states got into it. They started trying to figure out how to do cyberattacks and build offensive capability. And then you saw a switch, and the switch was, it said: "Why are we wasting our time going after one person at a time?
Let's go crack the code on some piece of software that everybody's got." You know, many of you guys used to work for a large tech company, and we saw that, you know, they were trying to get into the back end of Gmail, right? So that way, they could go find anybody they wanted. And sort of that, that became a theme. So when you see SolarWinds, you look at some of the CVEs that have been exploited from Microsoft or some of the stuff from many tech vendors, 'cause once you get in the back end of a software supplier, then you can go to all their customers and hack them. So sort of that trend began to happen. Coupled with that, this notion of this wonderful thing called crypto, which we figured out is a way of collecting money.
If you look back, does anybody here know how many people have been convicted for cyberattacks in the last 12 months? Less than 10. Does anyone know how much money has been paid in ransomware in the last 12 months? B illions of dollars. This is the best ROI bad thing in the world. You don't get arrested, you don,t get caught, you collect a lot of money. So that's what's causing this huge amount of activity out there. There's people out there, there's... You, you mentioned this, I think I found this was the funniest thing that ever happened. This group was, this company was hacked. They didn't respond to the ransomware emails. Four days later, the ransomware actors filed an SEC complaint, saying, "These guys have not disclosed the fact that they've been hacked." So that's what's going on out there. It's not getting... It's not slowing down.
Yeah.
It's getting bigger, and the dollar amounts that are being asked are getting bigger.
Yeah. Do you think that the buy-in from the C-level, the board level of companies is getting there? I mean, there's a lot of talk about the new SEC regulations and the increased oversight that they want on boards in reports and filings. Do you think we're getting there? Is that meaningful?
Look, the way we parse it, and I think you'll hear that from every cybersecurity company, not just us, there is no lack of attention to cybersecurity as an issue at C-levels or boards around the world. Pick your company, they're all paying attention. How does that translate for, into money? How does that translate into, excuse me, business? The way it translates to business is cybersecurity budgets do not get cut, right? You see your chief security officer show them, says, "I'd like to do this," the CEO doesn't say, "Oh, you can't do this. Do it next year." Because now they're petrified that if they're the ones who said, "Don't do that project," they take responsibility for postponing the project, and then CISO says, "Okay, you said I can't do it. I don't have the money." They'll tell them, "Get a better deal.
Try and break it down into milestone. Try and phase it out." So you see those things which, which means it's one of the most robust tech spending sectors because the budgets aren't getting cut. The more hacks, the more attacks that happen, the more people need to go upgrade their infrastructure, and the more awareness there is. So I think all of the stuff we've talked about, whether it's the threat actors or it's whether it's the C-level attention or the SEC attention, it just tells you that the demand environment does not have any systemic issues. Now, will they get negotiate? Yes, they'll negotiate. Will there be payment duration changes? There'll be payment duration changes. But it's hard to find an industry or tech subsector where you can say, other than possibly AI chips now, that the demand factor is not turned in the macro.
What do you think the answer is here? I mean, there's a lot of talk about generative AI, and I think you've been pretty clear with some skepticism around what we're seeing in the security operations around generative AI being meaningful in detecting attacks. I think you made the comment that you don't want ChatGPT driving your car, and similarly-
I don't want ChatGPT driving my car.
I think generative AI-
There's a Waymo stuck on the way. If you just... I just drove up here, and there's a car stuck in the corner. There's nobody in there. It's just stuck. It's kind of pointing towards the hedge, but... It is. You can go out and look at it.
I think one thing that the Copilot era is shedding more light on is all the investments that cybersecurity vendors like yourselves have been making for years around machine learning, detection algorithms. One, can you talk about the data scale that Palo has, what that means, to drive machine learning through that side of it? And then again, with generative AI, how meaningful do you really think that will be to security operations?
Good. So let's do the quick two-minute version of AI, right? Good news is, with all this ChatGPT and all this AI conversation, suddenly everybody's focused on AI. This is a good thing, right? Because people are paying attention to AI. The way we see it, that there's, on one side, this world of precision AI, where you need to be right, and you need to know this is a hedge, not the road, otherwise you'll get stuck there in your car. So you don't want precision AI to hallucinate. Cybersecurity uses precision AI. Most car driving algorithms will use neural networks and machine learning and for reinforcement learning. So there's a category of learning that uses precision AI. You need a lot of data to get it right, because you need to know where every tree, every bush, every...
You need to know all normal behavior to figure out the anomalous behavior, right? That's how we work in security. When we see anomalous behavior, we need to know what normal looks like, and need to watch everything to be able to find what's anomalous, right? You can't look at a little bit and say, "Oh, a little bit tells me the answer. The answer, I got to look at everything." As a consequence, we have on a daily basis, we ingest 5 PB of data. We have 1 EB of security data stored in Google Cloud. We are the largest storers, if that's a word, of security data in the world. Not only that, we're the largest storage in Google Cloud of any company in the world, after Google. And we only have 35 customers running our XSIAM product so far.
We want to have hundreds of them getting there. So just imagine the amount of data we're gonna have. What do we do with that data? It belongs to every company. We look at all the normal, look for the abnormal, and then identify the abnormal and try and stop it mid-flight, right? So security is interesting. It's only done in two ways. Either you know some known bad, you stop it. You see a bad URL, bad IP address, you stop it. If it's a suspicious thing, you send an alert, or we got to get better at looking at suspicious things and having a point of view, saying, "This is bad," and stop it. And that's what you need a lot of data for. So there's the world of precision AI. Then there is this world called generative AI, which is beautiful because there...
The way I describe it is, it's a phenomenal tool when many good answers are possible, you don't have to be right. So you can go to, you know, Midjourney or Runway and say, "Show me a bird with a blue background. Show me a white bird with a blue background." It's going to show you 17 white birds with blue backgrounds. You may like one, you may like the other, and she may like another one. That's fine. There's no wrong answer. It's a, it's an ugly answer, but it's not a wrong answer.
Mm-hmm.
You can see that. You go to, "Write me a rap song about the Warriors." My 8-year-old boy does that. He goes, "Write me a rap song about the Warriors in Shakespeare style," and pops up something pretty crappy, but it's not a wrong answer, it's just a bad answer. So that's where generative AI is very interesting. It has three values. One, it can let you talk in natural language. Two, it can summarize large amounts of data statistically and give you the better answer. And three, over time, it can give you insights from disorganized data. So if I took all my customer calls and put them in a large database and ran and learned them against it, it might come back and give me insights I didn't know I had.
So from that perspective, I think generative is gonna be hugely transformative in how we conduct our business, how we deliver... I said the word Copilot, how we deliver assistance to our customers who are—the cybersecurity is complex. So I think every cybersecurity company is working on some version of a Copilot, which the purpose of Copilot is gonna be to make your products easier to use-
Mm-hmm
... not solve security problems.
Do you see that becoming table stakes, or do you think it can be a differentiator? And you've done some unique things. You've introduced-
Look, I think it's gonna become table stakes in the next 12-18 months. I spent six hours doing an AI review yesterday across all of our products. The two biggest challenges are latency and hallucination.
Yeah.
Right? The problem is, I know when I look at the answers it's giving, that one out of seven times, one out of 10 times, it's hallucinating. You don't know.
Yeah.
You can't figure out which one of those 10 is wrong, so you have to decide which one is wrong. Would you want a product where you, where I tell you, "Listen," it's like playing... What is that game people play? You put a bullet to your head and roll the thing, and there's one bullet and keep shooting, and one of them is gonna kill you. That you could get one wrong answer in security, use it. You say, "Oh, this is a great question. Reboot your firewall.
Yeah.
You reboot your firewall, and poof! Goes the magic dragon. So we're still waiting for the hallucinations to minimize, latency to get better, but I think 12-18 months, we'll see copilots in most products. I think the question will become: How do I deal with so many copilots?
Yeah.
Because you have 40 security vendors, you have 40 security copilots now. How to deal with them? So then that goes back and reinforces the theme of consolidation, platformization. And then the question is, can every small start-up afford to build a security product and a copilot next to it?
Makes sense. I wanted to shift to XSIAM. I think it's what you would call a huge opportunity over-
Mm-hmm
... the next couple of years. And XSIAM is really aiming to solve pain points that have existed in security for years. Can you just talk to those pain points and improvements you've seen with your own deployment of the technology and what you're seeing from the initial customers that have picked it up?
Yeah. So let me give you a little bit of background around why we think it's interesting. If you look, security has, you know, big streams or big categories and then smaller categories. There's a big category of firewalls or firewalling, big category of identity, big category of endpoint protection, big category of SOC management, now a big category developing cloud security. So there's four or five big categories out there. We play in four out of the five. We don't play in identity.... Now, if you look historically in security, every one of those categories has hit an inflection point at some point in time. Firewalls hit an inflection point. There used to be Juniper, a bunch of other companies I don't even know, I wasn't there. And then suddenly, Palo Alto came out with a next-generation firewall. That was an inflection point. People wanted the next-generation firewall.
It was good enough for them to rip out what they had. If you look at the endpoint business, there's McAfee and Symantec, and you found an inflection point called EDR. You saw the likes of CrowdStrike and Cylance, and all these others show up, and McAfee and Symantec had to take a backseat. You take a look at, you know, what happened in, in the world of SASE. You know, Zscaler came out, did a great job, built what they build, and now every one of us is chasing SASE. So these, these, there are inflection points in the industry, and those come when technology changes. There's 10- to- 12-year-old software in that category. There's not a lot of innovation that's happened, and somebody builds something so amazing that it's worth ripping out the old stuff.
I think that inflection point is now coming to SOC management, right? Where there's 12-to -15-year-old technology in the whole SIEM category, in the SIEM space, which was designed to be reactive security. Now we need, you know, real-time security. To do real-time security, you have to look at data very differently, right? You just can't take data you used to store last year and run AI against it. As most people will tell you, who are here or over here, that the biggest problem with AI is we don't have good data. So we're all busy cleaning up data.
Well, four or five years ago, we said, "Well, an inflection point will arrive in SOC management that will require better data." So we went and instead of buying many of the options that were out there, and one of them got sold recently, we went and said, "We're gonna build it from scratch." That is how we're able to ingest and store 1 EB of data in GCP and run AI against it and machine learning against it to go make that happen. So early days, don't want to get out of my skids, but really good, promising outcomes. We are able to bring down the meantime to remediate a security incident from five to six days to, on average, one to three hours. Now, that dovetails with SEC requirement. You have to report within four days when you get breached.
So everybody's looking and saying, "Oh, cool, I'd like to get my security issues resolved much sooner, so I don't want to be telling the SEC I've been breached, and oh, my God, I haven't solved the problem yet." So it's promising. We've had a few really big deployments recently, which have gone really successfully. There's a lot of customer interest, so we're building capacity, we're building capability, and we're working with third-party partners, and you'll hear more about it from us in the coming months. That we're creating other people who can go deploy this for us because we think this is a huge opportunity. And I think most inflection points last two, three years, then everybody starts to flood in there with their own versions of products and starts getting parts.
We think we have a, you know, 18-24-month window, and it boils down to how quickly and well it can be executed at that, yeah.
I mean, you've talked about this $1 billion dollar pipeline-
Yes.
-and less than a year of launching it. It's, it's really impressive. I think you just talked about 18-24 months, but how, how do you think about the customers you're going after? You have 5,300 Cortex customers that I think would be kind of the logical first step, but how do you think about it? I mean, you talked about this being-
Mm-hmm.
a transformational shift
Yes
in SOC technology. How do you think about that being something that brings customers to Palo Alto?
Yeah. So look, there's three categories. One category of customers, they've already deployed our XDR product, which is somewhat a prerequisite for us to deliver the AI capabilities XSIAM. So those become much easier conversations because an upsell. You say you already have the hard work is done. Let me sit on top and show you all the bit of analytics I can do and replace a whole bunch of stuff. And in the meantime, I'm building more capability every day on XSIAM, so I can create more outcomes for my customers. That's, that's one stream, and we know those customers. They're fully deployed, they're happy. Another stream is people who are going through as part of their regular process. "This year, we're gonna redo our SIEM or SOC. It's coming up for renewal in 12 months. It's too expensive. We don't like the current solution.
We have to reevaluate what's going on in the market." So there we show up and say, "Look, please consider us. We have this very cool project, product. It's new, it's amazing. Please try." So that's kind of another opportunity, right? There's other opportunities where we're working with third parties, like SIs, people who advise people to redo their cybersecurity architecture. We're trying to get ahead of that and say, "Listen, bake us in into the thought process as you go create this new architecture." So they all have sort of differing, life cycles in terms of when they're gonna get done, but, like, it's early days. You know, so two to five years, I'm sitting here, hopefully, you can turn around and say, "This is the fastest-growing security category and product that, that we saw in the industry.
You, you just talked about XDR being a prerequisite, and you've been building credibility in the EDR/XDR market for some time. You have— It's, it's not the Traps product anymore.
Yes.
You've got credibility from MITRE and third-party evaluations. Any color you're willing to provide on where you think you are in terms of market share, kind of growth there and customer awareness?
Look, the XDR product, or it, started off as a replacement to the endpoint. The whole. The last version of endpoints was, I pushed a lot of signatures to your endpoint. It checked at the door. If it's a bad thing, I told it's a bad thing, and I stopped it. The world figured out, well, latency is gone. You can send stuff to the cloud process and send the signal quickly back. So we came up with EDR, where you collect the data at the endpoint, you ship to the cloud, you analyze it, and you stop things mid-flight. Much better because it's more real-time, and you can do all kinds of wonderful AI stuff.
We're taking it one step up, so you can now collect more data from there, send to the SOC, and use that as a basis of cross-correlating across multiple security categories. So yes, XDR is a prerequisite to doing better SOC management. It also is a category in itself, but I think over time it's gonna blend into this category of redoing SOC, especially AI, is gonna be relevant. So if you think about it, five years ago, there were north of 10 players in the endpoint space. Some of them are sort of naturally attriting, some of them are up for sale, some of them being shut down. So there's a lot of movement. I think we're down to four or five real contenders in that space.
I think we probably end up with two or three as it starts to consolidate around, you know, AI plus SOC management, plus sort of the endpoint capability. It's not hard to figure out who those three are likely to be.
... Do you think that Palo needs to be more aggressive in that space in particular, or do you think that, kind of to your point, as people look at SOC modernization, that kind of just pulls along that category?
Look, I don't know what so aggressive, more aggressive means, you know? I mean, look, we, we're not not aggressive, when it comes down. We don't say, "Oh, yeah, you take this one, I'll take the next one." We don't do that. We fight every one of them like everybody else. So we do have a broader portfolio. It's kind of, I guess the question becomes. There are two or three ways you can think about business, right? One way is that I want every customer, every small, medium-sized customer, who gives me $5,000, $2,000, and I need 1 million of those, and I'll make a lot of money. Now, that's great if you have a self-sign-up product and you don't have to have a sales truck drive and do a sales call. You don't have to have customer support.
That works beautifully in products which are sort of developer-led or user-led. It's harder in complicated security products, where you actually, they want to talk to you, and they want to deploy it, and it's a really important product. So, you know, there's theories out there. If you can sell one customer a lot of things, your cost of sales goes down, right? I think the hard-known understanding of enterprise is that the largest enterprise companies in the world that are out there, their cost of sales is about 30%. If you look on my P&L, the biggest cost is cost of sales and marketing, even today. If you look across enterprise, G&A, R&D is 10%-15%. Pick your favorite tech company, north of $5 billion-$10 billion, that's roughly where it is, 8%-15%.
8% will be struggling in a year. In a few years, 15% is probably where they're doing lots of innovation. Look at G&A, it's between 4%-8%. If you're Broadcom, it's probably a lot less, but whatever, right? 4%-8%. So majority of your difference between operating margin and your sort of revenue is cost of sales. So enterprise CEOs should pay attention: how do I minimize my cost of sales long term as I scale my business? That's the way to get lots of operating margin expansion. The only way to do that is to sell more things to the same customer. So we're trying to make sure that we can sell more things to the same customer, which is good for them, by the way, because it gives them consolidation from a platform perspective.
You give them a better security outcome. It's better business for us. So from that perspective, I don't look at these things as individual streams that I got to go sell individually, a lot of them. I look at collectively, how can I give a platform to a customer, which gets them a bit of a better security outcome? They make Palo Alto a big trusted partner. I think there's tons of room out there in the market to do that.
Makes sense. Maybe shifting to firewall, you've been very candid about your expectation that that market should slow down to kind of a low single-digit pace for a couple quarters now, that the last two years have been maybe abnormally strong period of demand for a number of factors. And then within your medium-term guidance is an expectation that the hardware side of product kind of grows at the low end of that. How should investors think about the software piece of firewall? You've been kind of a leader on the software form factors. How should we think about growth of that, especially as you push into areas like firewall as a service and Prisma Cloud?
So, let's go back to basics, right? What are firewalls? They inspect traffic. When there's traffic, you got to look at the traffic to see if it's got bad IPs, bad internet, bad DNSs, bad URLs. Is there bad stuff floating in your network? Let's just say, the amount of traffic in the world continues to double every three to five years, generally speaking, and each one of those bits has to be inspected, right? There's no, like, free traffic. You have to decrypt it, inspect it, and, you know, re-encrypt it. Some people don't decrypt it, don't look at encrypted traffic, and that's kind of one part of it. But, so, a volume is continuing to double. This is like, you know, whatever the right version of Moore's law for traffic is, it's happening, and it's not gonna stop.
It doesn't stop, right? More internet shit, more videos, more everything, more Zoom. There's more and more traffic in the world. So the, the act of inspecting traffic is not gonna go away. Historically, the act of inspecting traffic happened in the data center or large volumes came in, and you had a big box of firewall, which is hardware. Now, hardware, by the way, is the most efficient way to inspect, because hardware is generally cheaper than software, right? What happened, though, is that people said: Wait a minute, now I need to inspect traffic when everybody's working remotely. Traffic's getting distributed. I don't need a big box. I can have small boxes. And then people said, "Well, you don't need a small box.
You just spin up a piece of software that does that for you." So what has happened is the form factor is changing, but the demand is not going away. Now, some companies are very over-indexed on hardware, so they don't have a lot of software form factors. They don't have SASE. They don't have software firewalls. Some companies, like us, have hardware, software, and SASE, right? In the last 5.5 years, I'd say we've shifted 30%-40% of our demand to software, and we know that. We can somewhat control it. You go to a customer and says, "Hey, give me a solution to inspect this traffic." I'm like: "You can have the small box, or I can run a VM." I think technically, VM is much better. I can upgrade it much easier.
You don't have to have somebody go upgrade the firewall if it goes down. I can remotely upgrade, and I can remotely upgrade all the software. "That's a good idea. We'll take the software one." Now, if you only have hardware, you can't sell them a software one. So we've done a lot better. We have north of 50% market share in software firewalls. We have SASE, which we think we have 50%-60% of Zscaler's business, give or take. So we've been shifting there. We see what's happening in hardware, right? The only problem is, for investors, hardware is recognized as instant revenue, software becomes ratable, so it gets confusing, right? You took $1 of hardware, you recognize the revenue. Took $1 of software, you recognize a third, a third, a third. Oh, shit, now what do I do?
So all you're seeing is dollar transitions happening on our P&Ls. The volume is not going away. The demand is not going away. Yes, hardware is constrained because software is winning compared to hardware in the firewall space for lower sort of traffic volume use cases.
... On SASE, I think including Palo, there's maybe three or four vendors with, call it fifteen-
I said 2.5, but okay, yeah.
3, 3, 2.5, with call it maybe-
four or five now, yeah.
Yeah. With maybe 15,000 customers total. And it's been a huge growth area for Palo, 60% growth over the past couple of years, but it still feels very early in the adoption curve, and I'd love to get your perspective on if you think we're gonna start to see SASE become more mainstream. I mean, there's a reason why-
Well, I heard people here in the States say firewall is gonna go away, and it's all gonna be SASE, so it's great.
Yeah.
We're in the SASE business, too. We like that.
Yeah.
Look, I think the more simplistic way of thinking about SASE is like this: when everything was going back to the data center, you had a big box there. Now, everything is distributed between public cloud, between remote access from home, between the data center, so you have a new network topology. It used to be one topology going back. Now, it's a distributed topology. Re-architecting your network security on the distributed topology can be called SASE. The right way to do it is to have some hardware for a data center. It's still cheaper to do it that way, have some VMs for your certain use cases and have, you know, remote access for certain use cases. So that, that sort of hybrid architecture is what is the Zero Trust SASE architecture. I think the whole world is going there.
You will see in the next 5 to 10 years that, you know, SASE, as we know it, is gonna become bigger and bigger because hardware, as we know it, is gonna become smaller and smaller, and, you know, more software firewalls will kick in because, as I said, the traffic continues to increase. There is a natural demand of traffic, which is causing the drive in SASE, and there's a shift from hardware to software going on. I don't think it's a category. That's why in the early years, we used to have this thing called firewall as a platform, and that thing's still growing at double digits, right? It's still growing at 15%-20% range, has been consistently. We think the market is growing at 15%-20%, and there is a form factor shift happening in the middle of it.
So, yeah, so SASE is gonna be a very large category, will continue to be a large category. Now, it's kind of sort of bringing in SD-WAN into it as well.
Yeah. A lot of talk about all the entrants into that market, some of your direct competitors ramping up investments there. Microsoft wants to be in the conversation. How do you think about the competitive environment, and how important is it to customers to have that track record of having had this solution in the market for four or five years?
It's very funny. I was on holiday last week, and some other security companies are gonna report this week, and my wife said to me, she was like, "What do you think is gonna happen?" I said, "I'd like all of them to do well," which means the market is strong and demand is strong, and they all did. The way I think about competition, remember, 5 years ago, we had 1.5% market share of a $180 billion market. We probably have 3.5% now, which means 96% of the time, somebody else has got the business. This I live happily with competition. It's great. It's wonderful. Drives more innovation. Our platformization continues to get us more and more share.
The more people there are in the market, the more innovation there is, the more they could tell customers and say, "Listen, you should move to SASE." You know what happens when a customer is told, "You should move to SASE?" They say, "Let's do an RFP and see what else Palo Alto has." So I'm happy that people are out there telling them that SASE is important, and they should go deploy SASE, because then it allows us to go participate in that market. So I, I think right now, we can all grow without trying to steal from each other.
Yeah, fair enough. Maybe last question on cloud security. You recently disclosed some pretty impressive module adoption stats. I think the pushback I get from investors, maybe that's not directly translating to ARR growth, but it's still very early market. Architectural decisions are still being made. How do you think cloud security evolves from here? Are we at a point where we're moving past visibility as the main pain point, some of the vendors that have done very well, solving that use case, into a place where detection response and code to cloud are becoming more important and driving more money?
That's a great question. Look, I think we all get confused because you read large numbers from the hyperscalers that come out and say, "I did so many billions of dollars of business." If you look at the world of actual deployment on the other side, I'd say there's three sets of companies. There's the cloud SaaS companies. You take the Workdays and the ServiceNows and all these people who are... They deliver SaaS products. They have to have good cloud security. Those guys are busy buying platforms. They're not buying point solutions because they know their entire business depends on making sure they can keep those customers' data secure. So most SaaS companies are moving to platforms already out there. Then there's a bunch of people who are sort of early in their deployment lifecycle of public cloud.
If you go ask your traditional company and say, "How much of your mission-critical applications are in the public cloud?" The answer is, "Not many." Okay, 10%, 15%, because they haven't moved their mission-critical stuff there. The moment they move their mission-critical stuff there, they're gonna get more serious about cloud security. And the third ones are people still dabbling around, still doing development, looking at point solutions. So I think you're right. It is an early market. There's no doubt in our minds it's gonna be a large market. It's going through its phases and slowly growing. We track consumption. Our consumption shows that 30%-40% growth is consistent over the last few years.
We think that stays at those levels for the next five to 10 years, and if something is consumed on a consistent basis at 30%-40% a year, I think revenues follows that consumption track, and we're very happy that we keep building platform, the platform in the process. We need growth levers in the future.
Yeah.
Otherwise, you guys won't like us, so it's all good.
Right on time. Thank you so much for an insightful discussion. Thank you all for being here.