All right, we will go ahead and kick it off. Thanks, everyone, for joining us. Day one, Goldman Sachs Communacopia and Technology Conference. I'm Gabriela Borges. I lead our cybersecurity research here, and I'm excited to have on stage with me, Nikesh Arora, CEO of Palo Alto Networks. Thank you for joining us.
Thank you for having me.
Nikesh, one of the things you've said a couple of times now over the last six months is, you wish you had started the platformization strategy sooner. One could argue, looking at Palo Alto for the last three years, you've been selling three different platforms pretty consistently. So talk to us about what's different on the ground in 2024 with the platform conversations that you're having at some of your largest customers.
Yeah, first of all, thank you for having me, Gabriela. And, I've said that when I was listening to a podcast by Reid Hoffman interviewing Eric Schmidt, and he asked him, "Hey, Eric, if you were younger, you could go back and do something differently, what would you do?" And he said, "I'd execute on my good ideas faster." So the same reason I say we should have done platformization faster. What's different? Look, we have been integrating, selling a platform for a while, but we hadn't been consistently leading with the platform. We've been trying to meet the customer where they were and say, "Okay, you want this?
I got this." But now, our entire sales team has pivoted to leading with a platform, saying, "Listen, I know you want this, but if you got it in this flavor, it'll all work better together." And that's a mindset change in our field. And eventually, these are the people who talk to customers and convince them about what they need. So getting them reoriented towards a platform approach allows our sales teams to go in that way. Also, it changes the competitive dynamics for us because then the other competitors have to respond to our platform strategy as opposed to say, "Oh, I can beat you on SD-WAN, or I can beat you on SSE, or I can beat you on enterprise browser," like that. Can you beat me when they all work together?
If you think about one of the topics in security around the fragmentation of the long tail, we've talked about how the largest companies in security have a much smaller amount of market share than in some of the other segments of software. So what have been some of the best practices that you've taken from outside the security industry on how to cross-sell and how to sell platform at the highest level of the organizations at your customers?
Yeah, I think if you go back, and I've said this before, I apologize if it's repetitive, but if you go back 20 or 30 years ago, a lot of the current SaaS platform companies didn't exist. So all of those things were done with 15 or 20 different applications in your enterprise, whether it was all the CRM stuff, all the customer support stuff, or the HR stuff, or financial stuff. I worked at Fidelity 30 years ago, and we had applications that did all of these things, and you had to put them together. You fast-forward, look at 30 years hence, you know, you'd never dream of having 30 different applications that manage customers for you. You'd buy a platform.
I think cybersecurity is the same space, where we all believe that we need forty different vendors to solve this problem because each of these is a point problem. Actually, it's a broader problem. You want to secure the enterprise. So the question is, why has it not happened before? Because there was no such company or vendor or platform available. So it's very hard to say, "I'll take it," if it doesn't exist. So we're trying to get us there where we can have that platform at play. And in terms of what sells it better, is you need commitment from the CIOs and the senior leadership. And typically, companies, when they do these transformation projects, end up hiring system integrators. They'll hire the Accenture, the Pricewaterhouse, the IBMs, the Wipros, the Infosys.
We have a very large concerted effort over the last two years of working with those companies. I've spent more time with them in the last year or so, and CIOs, than I ever did in the first five years, and that's bearing fruit. Now, today, like, people hire Accenture or Pricewaterhouse or, or IBM to say, "Transform my network or transform my SOC." Now that they understand our solutions better, they don't want to deal with 14 vendors. They'd rather deal with one, because they're making money elsewhere.
I want to stay on this topic of transformation, catalyzing your land and expand with customers, and particularly on how it intersects with AI.
Yes.
So talk to us about what you're hearing from some of your largest customers on their AI investment plans, and how does that then impact how they want to spend on security?
I think, almost every customer is horribly confused about AI. They're all trying to figure out how this thing becomes real. I think, we've been working on it for the last nine months. It's clear that a lot of the early use cases, if you're not on the consumer side, which are more creative, you know, "Make me a video, show me an image, or write me a story," those are great on the consumer side. But on the enterprise side, you're seeing all of them as enhanced productivity applications. "Can I get my customer services to be better? Can I get some process to be better? Can I do better pattern recognition on data? Can I analyze my MRIs better?" So you're seeing a lot of those use cases.
So it's a large data management, higher quality of data, analyze that using an LLM, and create a conversational interface against it. So that's kinda what we're seeing. In that context, I'd say almost every one of our enterprise customers is experimenting with deploying some sort of version of a model in their sort of infrastructure or in their public cloud infrastructure, one. And two, I'd say about 20-30% of the employees of every company, especially the younger ones, are playing with the AI apps to see if they can get their jobs done easier, right? "Write me a blog post," or, "Try to answer this email." Now, in both those cases, there are security opportunities. In the case of your employees using AI, the security opportunity is that they shouldn't be putting any proprietary data into a public-facing app or LLM.
So we can intercept it with our Prisma product, in our access products or VPN products. We can look at what people are entering. We can intercept it, stop them from putting stuff into public LLMs or public apps... We rate about 500 apps on their threat levels today, which are AI apps. So we can say, "This is a very risky app. Don't put your data in there." Nobody else in our space has deployed that capability yet. We went live about three weeks ago. The second use case is everybody deploying these LLMs requires effectively what we call an AI firewall.
So when you deploy ChatGPT or Gemini Enterprise and you have your, you know, AI bot talking to your customers, you got to be careful nobody intercepts that bot and starts giving away free cars or free airline tickets or free clothing, because you can do that just for fun. Hackers would love to do that just to show that they can penetrate your AI chatbots. You put a firewall against it to make sure that it cannot be prompt injected or model poisoned, et cetera, et cetera, which is an AI firewall. So both of those are going to be interesting opportunities from an AI perspective.
Is an AI firewall different technically from a classic virtual firewall that's monitoring north-south traffic?
It's enhanced because you have to put in all the checks and balances for prompt injection, model poisoning, and a whole bunch of stuff which didn't exist as concepts before. And for the first time, you have to monitor traffic both ways because a LLM can give silly answers, and you don't want a customer to get a silly answer. I can give you malware in response to a normal question, right? You know, like those beautiful chatbots say, "Did you like the answer? Did you not like the answer?" If I do a lot of like the answer, the LLM learns to give that answer. So I could bombard your LLM and like all the wrong answers for a long time, and your LLM suddenly learns all the wrong answers are good answers. You don't want that either.
A similar question on data center firewalls. As we spend time at the industry level, thinking about the rollout of data centers to support all of these model training and inference.
Yes
Use cases, is there then a second derivative impact on the demand profile for your data center firewall business?
So there's been a fallacy that when we go to the cloud, the firewalls will go away. I have a trick question: Where does all the cloud run on? It actually runs on data centers. So you still need firewalls to run the cloud provider data centers, which used to run in an enterprise. So it's a zero-sum game. It moves from one side, goes to the other side. That's why we run an obstinate industry where we don't go away. There is going to be more need for data center firewalls as people build these large AI data clusters, but unfortunately, we don't enjoy the pricing of a GPU. We still sell them at the same price.
I want to also spend a little bit of time on the AI use cases that you're exploring in-house. So maybe actually we can start on the R&D side. Are there a couple of AI use cases that you're most excited about, that your engineering team is working on over the next couple of years?
Yeah. So there are some... You know, we went early on this AI sort of journey internally, and if you look at it, you tackle them based on your cost basis. Our largest cost basis are customer support people, developers, and salespeople. How can I use AI to make my life more efficient and more productive? On the customer support side, that seems to be the happy use case every AI company is chasing down. The big determinant there is not who your AI company is or what LLM you're using, it's how good is the quality of your data. Do you understand how you solved each problem? Do you understand what data is needed to solve a problem? So there's a lot of effort we put into place where we are collecting more data than we ever did on every case that we solve for our customers.
I told my team, every eleventh time the same thing shows up, it better not be a human being solving the problem, which requires a fundamental rethink about how you collect that data. It's interesting, our best and for that, we've designed, as always, an internal customer support copilot. Our people use it. Our best customer support people who know how to use the copilot are 40% more efficient than non-copilot users, which is an interesting sign. What is also interesting is, somebody who learns how to use the copilot is equally productive after three months, like a person who's been there for four years. These are both interesting signs that tell us that we can actually tackle that problem at scale. We just need to get better from a data perspective.
I think there's an opportunity there in the next two to three years of making ourselves more efficient from a customer support perspective. Our second big constituents are developers. Our best developers are 30%-40% more productive than our non-Copilot-using developers, which is also interesting. Only a third of their time is spent developing, the other two-thirds is spent doing other things, which we're also working on figuring out how to make that more optimal. But there's also hope there that not only can you get better code from a quality perspective, but you can have a much more productive employee on the coding side, which allows us to maintain our cost bases and grow faster. And third, on the sales side, we're taking a slightly different perspective. We believe the biggest errors happen when the salespeople aren't well informed.
So, we have a lot of efforts going towards where every one of our salespeople can pull out their phones and ask a question about our own product capabilities and portfolio and capabilities without having to call another person. So, we're trying to get them information at their fingertips using AI and LLMs, hoping that that will make them more productive and reduce our or increase our win rate.
Are there any examples of AI applications today in-house at Palo Alto, where you had thought that they would show more promise earlier, and instead, it's actually taking a little bit longer than what perhaps the industry would have expected?
I think there's a general understanding now. All of us rushed to build copilots, and we've all discovered copilots are more complicated and less accurate than we want them to be, and in our business, you know, it's not the 90% that matters, it's the 10%, which is not accurate, that matters. You don't want to give a 10% wrong answer, so don't worry about it. I'm right nine out of ten times, because that one out of ten times you're wrong is when the breach will happen, so the focus on accuracy is more relevant for cybersecurity, and I'd say we're all reaching the current limitations of hallucinations and accuracy in the 80%-90% range, which does not allow us to have autopilots.
So they're Copilots, and you have to be very careful when you give a Copilot that you say, "This answer could be, you know, could require some more validation." So I think we're all, again, the problem is you can't get to 100 if you don't get to 90. So it's not like you can't wait and not start because it's not 100% accurate. You just have to go through the motions to understand it. So I think that progress will happen. It does require better inferencing, and I think you can see lots of technologies are out there that are trying hard to work towards inferencing and prompt injection. So we'll see.
So one of the areas where a lot of these themes intersect, I'm thinking AI, pattern recognition, copilots, platformization, is with Cortex and some of the work that you're doing in the SOC. Talk to us about how we're about a year on now from training and enabling all of Palo Alto salespeople to go sell Cortex. What are some of the limiting factors today in your ability to take share in what has historically been an incredibly sticky market? And do you still get pushback on, "Well, Cortex works great if you're fully embedded in the Palo Alto ecosystem, but it doesn't work great if I have to embed other vendors as well?
Not at all. So first of all, for those of you who are not aware, you know, if you step back, cybersecurity industry goes through inflection points, and inflection points are moments when vendors get replaced. So when Palo Alto started the next-generation firewall, we replaced a whole bunch of firewall vendors because we came up with new technology. If you look at what happened in the endpoint market with McAfee and Symantec, and the emergence of CrowdStrike and Cylance, at that time, Carbon Black, Cybereason, Palo Alto, that was another inflection point where the technology was so good and so different that customers said, "I got to get rid of the old stuff. I got to go to the new stuff." And I think SIEMs are in that space right now.
People will replace SIEMs because they're horribly expensive, not fit for purpose anymore, not using machine learning historically, and they're designed for human querying of the data, which needs to be queried using some sort of machine learning. So XSIAM is that inflection point for us. In the last 18 months, we've sold 130 of them, which is way more than you would expect, and the average deal size for our top 30 is north of $1 million. There has not been a cybersecurity product whose average deal size was $1 million out of the gate. Our largest deal is $50 million, which is also rare. There's no cybersecurity product that in 18 months comes out and does a $50 million deal, which underpins a large enterprise. So I actually think it's fast enough. It doesn't need more acceleration.
However, because I'm impatient, we went and did a deal with IBM, which is one of the three leaders in the market in SIEM, and we bought their SIEM business, which creates an incentive and motivation for those customers to migrate to us. We might lose some, but we hopefully intend to get a significant share. We think there are three vendors in the SIEM inflection point space, where us being one of them, and don't ask me to name the other two. And if I can get a third of that market, it's great. It's a $20 billion market.
Let me ask you a little bit about the thought process with the IBM deal, because one could argue in a lot of these subsectors of security, where you're seeing an inflection, you're gaining share regardless, and so there is a trade-off between buying the share versus gaining it organically and paying S&M for it, so how did you think about that when it came to IBM, and are there other cases in Palo Alto's future where you think a similar unit economics dynamic might apply?
You can argue. I think that's a lazy argument.
Sure.
Because don't forget, if IBM, it's IBM's customer, there's a gravitational pull where their salespeople are saying: "Don't leave us. We've got some cool stuff for you." So there's no incentive for the customer to migrate, and they're getting the service. Now, with this, every customer knows they have to either migrate to us or somebody else because IBM's not in the business for the long term. And the IBM salespeople are actually incenting them to move to Palo Alto. So it's very different forces at work than waiting organically, and when you're doing it organically, then you're looking at everything in the market and spending time. I'm walking up to you and saying, "Listen, you are now my customer. Let me help you, walk you through how I take you seamlessly with low execution risk, low economic risk, straight to Palo Alto." It's a different conversation.
So no, it's not organic share take versus come to Palo Alto.
I think part of the wins in SOC are tied to your endpoint product and how the interfaces between Cortex, Endpoint, and XSIAM will kind of tie in together. Talk to us a little bit about how your conversations have changed post-July nineteenth. And internally, when you and your team look at the resiliency of the Palo Alto platform, how do you protect yourself against that kind of Black Swan outage impact?
So two different things. First, that's what I thought two years ago, that our fate on SIM would be very dependent on our endpoint ownership. We discovered that the economics are that for $1 of endpoint, the same as $4. So why get sort of parochial and say, "I want the $1 to give you my $4 product?" I'm like: Great, we can use any endpoint as long as it's of high quality and of the recent kind, as opposed to the old kind. So we pivoted about six months ago. So we'll take the data from anybody else and use that in our SOC product to give you the same outcome we do with our own product. So it's a big shift. So we don't force our customers to require our endpoint anymore in our SOC product.
We ingest four hundred vendors of data. What's another three? Right. So that's four hundred and three instead of four hundred. It's not a big deal. So that's one part of it. In terms of your question of how, do we protect for the outage that happens, is that the question?
How do you think about instilling resiliency into your own products and services, given how much mission-critical positioning you have in your product?
Right. I think if you're referring to. There are two different scenarios where resilience becomes relevant from us. Obviously, our products, for the most part, to provide security, sit in line with our customers. So our firewalls have been around for 17 years. They sit in customer infrastructure, and a bad firewall could bring your infrastructure down. So we understand that we are very critical to the resilience that our customers need. It gets sort of further sort of exacerbated, or customers become more reliant in the case of endpoints, which you saw the recent outage was an example, or we also have a similar product, and so do other people in the market. Now, that was a Black Swan event, to be honest.
are very rare situations where we interface with a customer's endpoint device where it can get to the kernel, and we know that's a specific issue, and hopefully, that gets remediated over time. But also, we have different policies in place than some of the other vendors in the market, which we believe are more resilient. We do not deploy to 8.5 million customers at the same time in 47 minutes. We actually do it in a very phased manner, 1%, 5%, 10%. We take two weeks to do what some people might be doing faster than us, so... and of course, all of us have gone back and relooked at our processes to make sure we are doing that. We have a bunch of failover provisions, but let's just say that it could happen to most people, and put that aside.
The other area which becomes interesting or relevant is SASE. Our SASE product is a service, which means if our SASE infrastructure is down, you're down. You cannot use your laptops if you were probably the SASE provider of the company, so we, on purpose, took a very different architectural approach than most other people in the market. We don't run our own data centers anywhere in the world to deliver SASE. We run on Google Cloud and AWS, which means if Google Cloud is down, then you're down. But we also have a hot switch where some of our customers, if they choose, we can move them from Google to AWS in the back, so if both Google and AWS are down, I don't think you'd be worried about SASE. Something else is going on in the world.
Fair. I want to ask you a little bit. You mentioned spending more time with the system integrators over the past year, and I believe you're just coming off a sales kickoff in the beginning of the fiscal year 2025.
Yeah.
What were some of the highlights coming out of sales kickoff? How are you balancing what is an incredibly motivated, talented group of enterprise salespeople at Palo Alto with some of the partnerships that you have on the system integrator side so that everyone wins?
Our salespeople are still a critical part of that equation because they're the ones who interface with the relevant systems integrator partners who are talking to the customer. So there's a customer who says, "I want to do a big network transformation. You know, my name is Accenture, my name is Pricewaterhouse, my name is Deloitte, my name is Infosys." They still need a Palo Alto salesperson to sit with them and come up with a solution and design the solution and get the quotes to them because they're interested in a larger piece of the pie or a sub-part of that pie. But it still needs to go through a tremendous amount of process to get the win and try and get, sort of, eventually get that transformation done. But, you know, it goes full circle to where we started.
More and more of our platform deals require us to be part of a transformation narrative as opposed to a point solution narrative. And the transformation narrative is often driven by either the customer or most often with them in partnership with an SI or a telecom company, which in Europe mostly provides the same capabilities.
Other highlights from sales kickoff?
Yeah, we did a virtual sales kickoff. We actually decided that bringing people to Vegas, giving them lots of opportunity to go gamble or drink, is not a good way to teach people. Wouldn't you do that to your kids? "Okay, guys, we're going to Disney World, and we're going to have lessons." No. So we did it virtually. You had to go pass a whole bunch of technical tests to have a watch party in the office. So our highlights were that people didn't have to travel for a week and be unproductive for that week and not learn a whole lot.
Very good. I want to come back to next gen.
It's true. You're laughing. I find it very amusing when I go to Vegas. There's eighty thousand people walking around with badges and saying, "I'm here to learn." This is a bizarre enterprise phenomenon I do not understand. This is what you get for not working in enterprise for twenty-five years.
It's an excellent point. I want to ask you a little bit about renewals.
Who?
Renewals.
Yes.
One of the most interesting charts in the 4Q earnings presentation was the number of customers that are moving to advanced add-on subscriptions.
Yeah.
I'm thinking of URL going to Advanced URL.
Yeah.
The list price for advanced URL is, on paper, 50% more than classic URL. How do you think about that conversation in renewals? It's obviously a balance between extracting the value that you're providing and pricing the premium products appropriately. How do you balance that with the customer saying, "Hey, on paper, I have to now pay 50% more for something similar?" How do you navigate that conversation?
Look, list prices are an interesting phenomenon in, in enterprise, right? I think, most customers don't end up in the list price. It changes the yield that you get out of it. But again, the price is the wrong way to start the conversation. The conversation starts as to what incremental capability do I bring? So fundamentally, how it works is you have a firewall, your employees are trying to go to an internet address, you type, it goes to the internet address, if it's a legit one. If it's a bad one, we've already told the firewall, "Don't let them go to bad internet addresses." That's kind of how traditionally it worked. The advanced services work like I, at Palo Alto, try to go to a bad one. I found out it's a bad one.
We take that, we update our cloud databases to 62,000 customers in the world in an instant, and everyone has now got the advanced protection because something I found in one has been deployed to 62,000. You're telling me you don't want that capability? Sure, you can have the old capability, which updates every two hours, except you're exposed for the next two hours. "No, I want the new capability, and I'm happy to pay the extra $0.10.
How does that conversation then transition into the SASE conversation? So if I think about something like Advanced URL Filtering, and then the holistic way that you approach distributed network security with SASE... How do those two things come together when you sell SASE at-
Yeah, so it actually comes at it from a slightly different perspective, right? I think what happened was the world of SASE was. Wow, mood lighting. So the world of SASE was, everybody had VPNs that you used to access your applications in your company. And this whole thing came about called the internet. So we had this thing called internet access. So the new company formed, which is, if you want to go to the internet, come to me. If you're gonna go to VPN, go to Palo Alto or any firewall vendor. What happened in the pandemic, we all discovered that we want to be able to work seamlessly from anywhere. I don't care where I'm going, whether I'm going to a private instance or I'm going to an internet instance. Which is where we sort of came into play because we lived in the private access world.
We built the internet access world for ourselves. Other vendors who are on the internet side tried to build a private access world, right? Now, what's happening is, I'd say about 10% of the companies in the world are SaaSified. 90% are still going through a network transformation. And the way it works is that eventually you have a device. All of you have a device in front of you. Some of you are accessing the internet, SaaS applications. Some of you may still be going to some data center backend, you know, install. Customers don't want the differentiation. You can't have four different products to do the same thing. You can't have an agent for internet access, an agent for private access, an enterprise browser for a third situation. You want it all to come together.
So our conversations usually are, I can provide you an integrated such situation where all the capabilities are a part of one platform, all the services are deployed against that one platform. So that's how the conversation happens. And it was, I think, our mistake that we didn't have an internet access product when it came about, and we let it go for so long. But now, in the last three, three and a half years, we're about 40% of the business of the largest player in the market, which is a good start. We think we are on track to be the largest SASE player in the next three to five years.
So on that note, every year we have a conversation about how fiscal year planning is unpredictable, and every year there are puts and takes to how you come up with
A lot of unpredictability, interest rates, elections, wars. Yeah.
Yeah.
If you give me an answer to all those, I'll give you the answer to my plan.
With all of that context-
Yes
you're guiding to 19%-20%.
RPO growth.
RPO growt
Yes
for fiscal year 2025.
Yes.
You just printed 20%.
Yes.
You're guiding to essentially zero deceleration in the business. Talk to us a little bit about how you're able to, at the large numbers that you have, guide to business continuing to grow at the same pace this year over the next twelve months as you just did in the July quarter.
A lot of analysis, a little bit of praying.
Maybe share a little bit about the
The prayer?
the analysis.
Look, like, we all try and forecast. Every company out there tries to forecast how best to understand the business. Now, you have an existing book of business. If you look at the spectrum, some of us have a large existing book of business and marginal incremental growth. Some of us have all net new growth because we're fast growers and we're new in the market. We sit somewhere in the middle, right? We have a large book of business in hardware and our software services business, and then we have incremental business in XSIAM and SASE. So in the book of business, we have reasonably good visibility. Our churn rates are low. Customers don't leave us, so we know what we are going to have to upsell or renew into the existing book of business.
70-80% of business is more predictable than the other 20%. On the other 20%, you rely on the pipeline, the opportunity in the market, the conviction that security is not going away, the conviction that... I haven't met a CIO or CISO says, "Oh, I'm not going to spend on security because I'm spending on AI." That doesn't happen in our industry. So there's reasonably robust predictability on the demand function, give or take. Yeah, they might want a better price, but they're not going to go away. Then the question is, how much am I going to win in that space? Or is there something that's going to happen that's going to be from left field, I'm not gonna-- my win rate goes away.
You put all that together in a big jar, you shake it really, really hard, you see what number comes out and say, "Is Gabriela going to be happy with that number? Oh, shit, she's not going to be happy. Let's go work really hard again and shake it again and make sure we execute better.
What do you think is different about the next twelve months that allow you to start out with that starting point? If I think about the last several-
Do you think I should have done it lower though this time?
No, I'm trying to understand-
I'm trying to understand what you want. I give you what you want. Just tell me. It's easier.
What do you think is unique about this year that's allowing you to guide to a better demand function based on all of the block and tackle?
I think it's a good demand function. It's consistent with our experience, and you have to make sure that all the investments we made in SASE or Cortex XSIAM, that we have to have some... With the IBM deal, all that has to factor into our expectations for next year. So I told you, the friction on selling XSIAM should go down, given that we just went and acquired a large customer base we can upsell into it. So put all of that together, as I said, and you have to still go out and execute.
I want to spend a couple of minutes on how you think about unit economics of the business, and we've talked before about how as you cross-sell into our largest customers, there's an incredibly rich LTV to CAC, so to speak, that comes off of that business, and then we've talked about the renewals business as well. What are some of the metrics that you look at internally to measure unit economics? It's not as clean as a pure SaaS model, where you just look at LTV to CAC, so a little bit of insight on how you think about that.
You think SaaS model has clear unit economics?
It's all subscription, whereas you'll have-
Yeah, but it's
a little more of a hybrid model.
There's a ramp, an early deployment cost for net new business, which makes it very hard to understand SaaS unit economics, right? All the customer support deployment is early, loaded out into the SaaS deal. It's a per-user deal, so you got to make sure the users show up on the customer side. All I'm saying is SaaS economics are also, unit economics are no easier than our economics. Look, at the end of the day, we understand our businesses. We understand what it takes to land the product. We understand the upsell opportunity is. You got to make sure you don't give away the farm in your first deal. We understand the consumption curve. I think the biggest shift we've had to make on the unit economics side is that the consumption is consistent with our sales.
'cause you don't get the consumption that we sold, and the risk is you won't get the right renewal, and the economics work really well for the land, but then you may not get a renewal, and your business becomes bad. So we have had to pivot some of our business practices as we've sold more and more SASE, more and more cloud, more and more XDR, to make sure we're watching consumption and making sure we have people who go there and talk to customers saying, "Listen, you bought a lot of product.
We wanna make sure you're using it, because come three years from now, you're gonna have to go renew that deal." So that allows us to understand the unit economics today, but what's most important is not just today's unit economics, because unit economics get way better on renewal, 'cause all the early costs are out. So we look at it from a longer-term perspective. I don't know what LTV CAC means, but-
Fair. So you made an interesting comment on consolidation last week.
Yes.
Specifically, some of your peers, other industry companies in security, that are at a smaller scale and are looking at the scale that you've accomplished and saying, "How do we get there?" Share with us a little bit about how you think of the future of the industry in terms of consolidation.
Look, there was a wave in the last six years that we walked in this industry, we said, "This industry, people need to think about it more coherently and more cohesively than individual swim lanes." Cybersecurity was a swim lane industry six years ago. I do endpoint, I do firewalls, I do SOC, I do identity, and the customer stitches them together. We said. We tried to break the paradigm and say, "No, we do cybersecurity. We do three, we do four out of the five now," right? And we don't do the fifth one yet, but we take the data and integrate it. So we changed the paradigm. We said, "We need to make this work together for the customers." We discovered we had technical debt. We didn't have products in those categories, so we had to go out and fill that technical debt with great companies.
So we went out and said, "We're gonna buy some companies. We're only going to buy number one or number two in the market. Number three is number three for a reason. We're gonna take one or two." We ended up buying about nineteen companies in the timeframe. I would say we have a 75% hit ratio. I think a quarter didn't work as well as we thought, I think three quarters worked. We deployed very specific principles as to how to integrate, deploy, and merge, and work with them. We're at a point today where we're done with the easy purchases, so we can't buy companies and slap them and go to our go-to-market motion. So we've now gone back to building from scratch ourselves, because it's easier to build on our platforms than to go integrate third-party companies.
With that said, we discovered after the first year, and people said, "What's this crazy guy doing buying cybersecurity companies? It doesn't work like this." Now, we have tracked that every time you buy a company, four other companies in the same sector get bought by competitors. So it's good, which means that we're causing more M&A for VCs. They should be happy, right? I think that trend is also gonna be done for now because there's possibly 500 cybersecurity companies funded in the last one year, which are gonna focus on AI. I don't think most of them are gonna make it, because AI requires inline security, and a lot of the existing vendors will deploy that capability themselves. I do think that we're coming to a place where 300-700 million ARR cybersecurity businesses are gonna be in the graveyard.
They'll be like, they'll be struggling to figure out how to get past and break the sound barrier to get ahead, because I've said this before, customers want more, better security at a good price, and it's very hard. Customers have discovered that the number of breaches is going up, irrespective number of point solutions they deploy. So you will see that shift towards platformization. I think since we started talking about it, every other player in the industry has now said they also have a platform, which is good, which means you're in the right direction. So I think you'll see some consolidation. If you look around, there's a lot of three- to seven-billion-dollar market cap cybersecurity companies for sale, because they figured out it's very hard to break through the sound barrier. So we'll see.
Very good. Please join me in thanking Nikesh for his time. Nikesh, thank you.