Good day everyone and thank you for joining us today to discuss our announcement of Palo Alto Networks' agreement to acquire CyberArk. I am Hamza Fodderwala, Senior Vice President of Investor Relations and Strategic Finance at Palo Alto Networks. Please note that this call is being recorded today, Wednesday, July 30, 2025 at 6:30 A.M. Pacific Time. With me on today's call to discuss the announcement are Nikesh Arora, Chairman and CEO of Palo Alto Networks, Dipak Golechha, CFO of Palo Alto Networks, and Matt Cohen, CEO of CyberArk. Following our prepared remarks, we will conduct a short Q and A session. You can find the press release, shareholder letter, and investor presentation on our investor relations website at investors.paloaltonetworks.com. While there, please click on the links for Events and Presentations to find the aforementioned items.
During the course of today's call, we will be making forward-looking statements regarding the proposed acquisition of CyberArk. These statements made today are subject to a number of risks and uncertainties that could cause the actual results of the proposed transaction to differ from these forward-looking statements. Please review our press release and recent SEC filings for a description of these risks and uncertainties. We assume no obligation to update any forward-looking statements made in the presentation today. This presentation is not intended as an offer to buy or sell any securities in connection with the proposed transaction. Palo Alto Networks intends to file with the SEC a registration statement on Form S-4, which will include a proxy statement of CyberArk that also constitutes a prospectus of Palo Alto Networks' common shares to be offered in the proposed transaction.
Investors are urged to read the registration statement on Form S-4 when it becomes available as it will contain important information about the proposed transaction. For more information, please see the investor presentation and the legends contained therein. With that, I will turn it over to Nikesh.
Thank you, Hamza. Good morning, everyone, and thank you for joining us today at such short notice. As you can see by our announcement, this is an exciting day for Palo Alto Networks. Earlier this morning, we announced our intent to acquire CyberArk. This establishes our entry into the identity security space. Over the last seven years, I've always been asked at different points what is our view on identity, and I've always given the same answer that every time there is an inflection in a cybersecurity swim lane, we look at the inflection possibility and decide and evaluate the market to see if this is the right time to enter it. We've done that successfully in the SASE space, where we believe we're number two in the market currently. We've done that successfully in the XDR and security operations space with XDR and XSIAM.
Most recently, we acquired the browser, and now you can see the number of people trying to build browsers in the new agentic AI world. I think the same opportunity has now come upon us with the identity space. In identity, we believe that the emergence of agents is going to create a huge inflection point where they will have to be protected just like machines are. At the same time, given the amount of ransomware attacks you're seeing, 88% of the ransomware attacks are driven by credential theft, which reminds you that identity is an unsolved problem. From that perspective, we also believe we have to stop talking about identity management and start talking about identity security. From our vantage point, CyberArk is the only and largest player in the identity security space and hence allows us the opportunity to enter the identity security space.
This will allow us to accelerate our platformization by adding a net new platform for identity security. Not just that, it allows us to cover a larger TAM of about $29 billion, again allowing us to be the cybersecurity company that provides the most comprehensive set of platforms across the industry that deliver against the customer's need of security. Financially, this deal is going to be accretive on the date of close from a revenue and gross margin perspective and also will allow us to be accretive in free cash flow margins by fiscal year 2028. Not just that, this does not include any revenue synergy potentials and TAM expansion potential that we believe this deal is going to offer. From our perspective, this is the point in time where we can execute against this strategy. It has been working.
We are a leader in over 20 cybersecurity categories today and we are seeing tremendous uptake and excitement about our platform strategy. From that perspective, the next chapter of our multi-platform journey is going to be identity security. I think that's a very large TAM, it's a large opportunity. As agents and agentic AI continue to evolve, we're going to see the opportunity in that direction. Going back to the space of identity, identity has historically been separated in multiple categories. Very fragmented market. You have privileged access, you have identity security, identity management, you have identity governance, you have agentic AI, you have machine identity. From all these perspectives, there's about 100 vendors in the space. Again, we've seen this movie before. We've seen that movie in network security, we've seen that movie in security operations and SOC, both of those have now been platformized over time.
We believe the platformization opportunity has to arrive in the identity space. There's a fundamental difference in the way we've done acquisitions in the past. We believe that new vendors are going to come into place and replace existing legacy players. In the identity space, what is interesting to watch is that this is not going to be a new vendor space. We believe the current players in identity have tremendous technology, have tremendous assets, and identity is something that customers are unlikely to change in short order. It's more than likely that an existing vendor who can deliver best-of-breed and world-class capabilities is going to have the opportunity to expand on their customer bases.
From that perspective, we believe the 70,000 customers that we bring, the 8,000-plus customers that CyberArk brings, provide a phenomenal playing field and opportunity for us to integrate these security capabilities, deliver an identity security platform both as CyberArk in the future and with the combination of XSIAM from Palo Alto Networks, which allows actually both of us to go address the space with a novel set of solutions once this deal is closed and actually finally solve the identity security market and deliver the much-needed platformization that is going to be required in this space. The one unknown, as we all know, is the world of AI. Two years ago we were not talking about AI. We saw the emergence of ChatGPT. We saw people getting excited about LLMs and generative AI. That has changed.
We started talking about agentic AI, MCP servers and the fact that agents are going to work in the background and make things happen. Guess what? All these agents are going to need permissions and access to deliver these capabilities. For them to have permissions and access, we have to envisage a future world where agents are acting like humans or acting like machines and with permissiveness are going to execute tasks on our behalf. We need to manage these agents just the way you would have managed identities for machines or humans. What's important is every one of these agents is going to be unsupervised. Unsupervised creates the opportunity for security challenges. In that context, every one of these agents must be treated like a privileged agent or a privileged user.
Hence, we believe that CyberArk is well positioned to expand into the opportunity that is going to be presented by agentic AI. The fact that each of these agents will be treated like a privileged user or privileged agent or unsupervised agent, take your pick. In that context, again, CyberArk allows us the opportunity to go ahead and plot a flag in the future market of agentic AI. We're really excited about the fact that they have a phenomenal privileged access solution. Not just that, they are playing sort of a leadership role in the machine identity space, coupled together positions them really well from an agentic AI space. With that, that allows us to cover the majority of the TAMs in cybersecurity again. We started our journey at a $40 billion addressability from a TAM perspective.
Today we believe we can cover all major swim lanes of cybersecurity now going forth. It's for us to put these together in amazing platforms, deliver the capabilities our customers have, are beginning to build the credibility with us. We're building credibility with our customers in delivering the platforms around network security, around SASE, around cloud security and our security operations. We believe that gives us the right to work with CyberArk and deliver an identity platform and hence provide the five major platforms that are required in the cybersecurity industry as a one stop shop partner vendor that allows our customers to go ahead and execute consistently towards their business objectives and their strategies in this constantly evolving world of AI. That couldn't be more excited to welcome and introduce Matt, who's the CEO of CyberArk, who's going to tell us more from a CyberArk perspective.
It's really, really amazing to be here this morning and it's good to see.
All of you here.
You know, we're just so incredibly excited about the announcement. This combination represents a unique opportunity to accelerate everything we've been building here at CyberArk and to do it with the scale, the reach, and the resources with one of the most respected names in cybersecurity. Together with Palo Alto Networks, we will bring our vision for identity security to the world faster. We will bring it at greater scale and we'll do it better than we could have done on our own. Today, every organization is navigating a surge of identities, human, machine, and increasingly AI. We believe every one of those identities must be secured with the right level of privilege controls at all times and across all environments. With Palo Alto Networks, we'll be able to innovate faster, we'll reach more customers, and we'll solve their toughest identity security challenges even more effectively.
What probably excites me most about this, though, is how our technologies will work together. Post closing, CyberArk brings deep identity intelligence. We bring context and privilege awareness across every type of identity. That context is strengthened by what Palo Alto Networks already discovers around powerful real-time security enforcement and an operations platform. Together, we'll create a virtuous security cycle where identity insights improve enforcement and enforcement reinforces identity posture. We're also incredibly aligned on where the world is headed next, and that's agentic AI. Autonomous agents are by nature privileged actors. They need to be governed and secured like every other identity, only in this case more dynamically. That's where we come in together. We're uniquely positioned to secure the next wave of innovation. In closing, I just want to say how proud I am of the CyberArk team and what we have done together.
We've always believed in building for the long term and this is the next chapter in that journey. I'm personally energized, excited, and ready to take this forward together with Palo Alto Networks. With that, I'll turn the call back to Nikesh.
Dipak, can you say a few words?
Sure.
Thank you. Thank you, Matt. Thank you, Nikesh. I too couldn't be more excited for the CyberArk team to join forces with Palo Alto Networks after closing. We firmly believe that today's threat landscape requires a platform approach, combining CyberArk's leading identity security platform with our leading multi-platform strategy and will enable customers to respond to threats in near real time. Following the close of the transaction, we look forward to welcoming the CyberArk employees, the shareholders, and the customers to a better, together combined company. We've reached an agreement to acquire CyberArk for $45 per share in cash and 2.2005 shares of Palo Alto Networks common stock for each CyberArk share, which represents a 26% premium to CyberArk's share price and total equity value of approximately $25 billion. The transaction was unanimously approved by the Board of Directors of both Palo Alto Networks and CyberArk.
It is expected to close in the second half of Palo Alto Networks' fiscal year 2026 ending on July 31, 2026, subject to the approval of CyberArk shareholders and subject to the satisfaction of customary closing conditions, including applicable regulatory approvals. Post closing, we expect CyberArk to be immediately accretive to Palo Alto Networks' revenue growth and gross margin. Furthermore, we expect the transaction will be accretive to free cash flow per share in fiscal year 2028 following the first full year of realization of synergies. We will update our guidance for Palo Alto Networks with CyberArk only after the transaction has closed. At this time, we are reiterating our standalone fiscal fourth quarter and fiscal year 2025 guidance, which we initially shared in our fiscal third quarter earnings call on May 20, 2025. You can find the details of this guidance on our investor relations website.
Also, Palo Alto Networks will be hosting its fiscal fourth quarter 2025 earnings call on Monday, August 18, 2025 at 1:30 P.M. We look forward to discussing our results as well as additional details of this announcement at that time. With that, I'll pass it back to Hamza for any Q and A.
Thank you, Deepak. To allow for broader participation, we ask that each analyst ask one question. We will take questions only on today's announcement, but we will not be addressing any questions regarding our fiscal Q4 results or CyberArk's fiscal Q2 results. With that, we'll take the first question from Saket Kalia from Barclays, followed by Jonathan Ho from William Blair.
Okay, great. Hey, thanks for taking my question and let me just start by saying congrats to both companies here on the announcement. You know, I think a lot of us will agree there's clear industrial logic here uniting two leading platforms. Congrats to Nikesh, Matt, and the whole, you know, both combined teams. Nikesh, maybe for you, how Palo Alto Networks has driven revenue synergies from prior deals just given the exceptional customer reach. I'd imagine that's going to be the case here as well as we.
Talked about in the prepared remarks.
You said something really interesting which is about moving from identity management to identity security and I think CyberArk has.
Been a big part of that.
Maybe the question is how do you think about that shift and how that can contribute to revenue synergies longer term.
Thank you for the setup. Look, I think when the idea of identity management and security was conceived about 20 years ago, I carry a badge which allows me to enter my office and come in. The badge doesn't know what I'm doing once I'm inside the office. It's kind of like what identity management does. It authenticates you at the entry but has no idea what you did or once you got in the systems. As you move laterally where you got into, what systems you went into thereafter. I think that's kind of why 88% of cyber attacks or ransomware attacks are through credentials. Despite having a flourishing identity management market in the world now, the only place we've deployed privileged access in the case of Crown Jewels, which is where CyberArk has 8 million users.
The question I ask myself, why can't 100 million users have privileged access? What stops us at 8 million? And the answer lies in the fact that 20 years ago the cost to deliver the privileged access was much higher than the cost to deliver identity security today. Technology has enabled us to deliver that at a much cheaper cost. The question is, how do I work with my friend Matt and UDI to make sure that we can deliver privileged access to every user at a lower price? If I can unlock that, it doesn't matter what we paid. What it does is it takes the 8 million user TAM and turns that into hundreds of millions of user TAM in the future. Really the question is how do we move from identity management to treating every user as a privileged user?
Not just that, to treat every agent as a privileged user. I think that's the inflection point in identity and we can forget about all the other 22 various swim lanes in identity. The biggest shift is going to happen in the two major swim lanes of identity going from identity management to privileged access management.
Very helpful. Thank you.
Great. Thank you, Saket. Our next question will come from Jonathan Ho from William Blair, followed by Keith Weiss from Morgan Stanley.
Good morning.
Let me echo my congratulations as well. First off, can you talk a bit about the customer overlap between Palo Alto Networks and CyberArk and where maybe you see the most opportunity to drive that platform vision too, particularly as CyberArk and Palo Alto Networks together create this combined broader AI platform that clearly has an intricate AI play. I just want to understand a bit more where those synergies can show up and particularly on the customer overlap side.
Thank you.
Thanks, Jonathan.
Look, Jonathan, there are three vectors, right? Vector number one is how does CyberArk work with us to innovate fast and expand within their own customer base? They spend a lot of time, a lot of effort getting in. The average number of users per customer is anywhere from 500 to 2,000 on an employee base of tens of thousands. Why can't they deliver the capability not just for 500, 2,000 users, why can't we expand the capability to 20,000 users in an enterprise? That is kind of Matt and me working together with his product team to make sure we can create that expansion capability. The second vector is how can I convince the platformized Palo Alto customers to say, listen, I have this great identity platform, work with me.
It integrates loosely with our other platforms, it provides a comprehensive security capability and you have one throat to choke. From that perspective, it is how can I take that from a go to market perspective and expand that into my customer base and allow us to give identity security capabilities? You know, geographically we are way bigger in Europe and Asia Pacific than CyberArk is. There are obvious go to market capabilities that can bring to bear. The third vector is really over time. How can we build an identity platform as part of XSIAM to go ahead and change the narrative around the stuff? How can we do that for AI security? Sort of the future growth factor, if you will, for the 72,000 customers that we have and introduce them to the idea of agentic AI and machine identity and the future of identity security.
Thank you.
Thank you, Jonathan. Our next question will be Keith Weiss from Morgan Stanley, followed by Rob Owens from Piper Sandler.
Excellent. Thank you guys for taking the question and congratulations on having a bit of.
A deja vu moment. It used to be this guy who's asking you to ask the question exactly.
Every time. Congratulations on the transaction. I think it is a bold strategic move, but one that makes a ton of sense. I think most investors are optimistic and agree with you on the increasing strategic nature of identity security. It makes a lot of sense on that side of the equation. We all like CyberArk and you can tell by the valuation and the valuation you have to pay to get it over the line. The stock is down right now because people are probably apprehensive about the size of the acquisition and the execution risk. You came into Palo Alto Networks and at the time investors did not like any M&A within security.
There was not a good track record and you showed a really good track record of buying small technology startups, like going where the puck is going or sort of buying where the puck is going rather than buying existing technologies or existing companies. This feels a little bit different. CyberArk is definitely an existing company. It is a large scale company. How do you take your learnings from sort of the initial tranche of acquisitions that you have done and help us get comfort that you can execute to this large acquisition, that large acquisitions of companies make as much sense as large. Those smaller acquisitions of the speedboats that you talked about earlier made sense and the execution will be as solid going forward.
Thank you, Keith. Very comprehensive question. I appreciate your articulating the concern. I think let's start at the top where you said everybody believes identity security makes sense, is something we have to have now. I think it's important to go back and reflect what I said from an inflection point. I believe identity is inflecting in the next two to three years. If you believe that, they're on the same page. The question is, in the inflection moment, who wins? If you look at the inflection endpoint, we saw a whole cast of characters go away and a new cast of characters come, let alone that even firewalls. We saw that happen. Now you're seeing that happen in the SIEM space. The question is, why doesn't the market belong to future identity vendors in the identity space where it belonged to newer vendors in the existing space?
There's one very important reason. If you ask a customer which part of the infrastructure are they comfortable overhauling and revamping, they're petrified of taking the identity infrastructure and replacing it because they don't know what's connected to what. They don't know what is going to shut down, they don't know what's going to stop working because it's connected to legacy systems, it's connected to SaaS systems, it's connected to futuristic systems. If an existing cybersecurity vendor can provide the glide path to make that transition to new technologies, innovation, and the new agentic AI threats out there, customers are more than likely to work with them than replace the entire stack. We've discovered that in the SIEM space where we've been able to make a big technological leap and make that happen. If you believe, one, identity security is inflecting. Two, this market is going to be different.
Existing good players are going to be able to travel the journey with their customers as opposed to new players. The question becomes, great. Now Palo Alto, how are you going to take care of three things, which is your point about integration? One, how are you going to keep the pace of innovation? Guess what? Seven years ago when I came to Palo Alto, we had to accelerate innovation. I've had long conversations, Udi and Matt, we agree that they have to accelerate the pace of innovation and that we know how to do. We can work with them to accelerate the pace of innovation. It is non-overlapping with our product portfolio. It is non-contentious. We work with them to get them to move on identity faster. That's the first question. So that's not going to create stress in our system. The second question becomes, great, you've done that.
Two, how do you create the integration points at scale? Because this is a larger company both on the operating side and on the go to market side. Those are two different parts. Now remember we have been actually internally over the last seven years taking speedboats, scaling them and merging them into our go to market infrastructure. Three years ago we had a separate sales team for SASE. Today our SASE sales team is our core sales team. Right. Last year we had a separate team for security operations management. We're in the process of integrating that into our core team because we need to go target $10 billion-$20 billion of TAM. Guess what, identity is a scale team. At CyberArk, our job is to see how do we deploy the same techniques to go integrate that into our core team once we close this deal.
So our identity becomes front and center as one more platform. Guess what, our teams have learned how to sell three. Going from three to four is a lot easier than going from one to two. So we believe we understand how the go to market motion needs to be executed from a scale perspective. At the same time we also work with our customers to understand how to do a platform buy with Palo Alto. The good news is we work with the customers, we work with our teams to make that go to market transition happen. We'll do that too. In terms of the organizational synergy, which is the third pillar, is how do we make sure that we can run that business much more efficiently over time.
I have no question that my team in the IT side, my team in the finance side and operational side is going to be able to make that happen. To be honest, that is not time critical, that is not in a short fuse. We can run that business. Our first job is to drive innovation, drive capability to customer end. Our next job is to make sure that we can expand the capability from a go to market perspective. And thirdly, over time make sure the back end integration happens so that we can run this more effectively and more smoothly. Very well said.
Thank you.
Sorry, Keith.
The last thing is like seven years ago I didn't know anything about cybersecurity, so let alone integrating small acquisitions. I didn't know how industry works. In seven years, hopefully build the credibility and credit with our investors that we know how to do this. We've learned and we'll get this next one done too.
Definitely shown the track record of success. Congratulations.
Thank you.
Thank you, Keith.
Our next question will be Rob Owens from Piper Sandler and we'll wrap up with Shaul Eyal from Cowen. Thanks.
Hamza Nikesh. I'm impressed you got Hamza to put.
A sport coat on first of all. So congrats on we had to subsidize it.
Congrats on the transaction. I think we can obviously see the distribution synergies, but in Matt's prepared comments he talked about being excited when the technologies work together. Now, you said XSIAM could be the glue here. I'm just curious how much heavy lifting from an integration perspective, because obviously the portfolios really do not overlap, number one.
Can you give us a sense.
Of the more holistic view around agentic protection and what this looks like in the future. Thanks.
Rob, great question. Look, first and foremost we have to drive innovation just in the category of identity security and work with them to turn that current set of products into a platform. We have done that with network security on our side. I have had preliminary conversations with Udi and Matt. They are working on it and I think we will get there collectively because just the way we have done the other 20-plus acquisitions, we have spent inordinate amounts of time ensuring our product visions are aligned. I do not make an acquisition unless the incoming management team is willing to lead on a consistent joint product vision. I am delighted to say that Matt, Udi, the entire product team at CyberArk is well aligned with our point of view.
Obviously they are the domain experts, but they understand our feedback and they are willing to accept it and work on a joint strategy. One, we have to do that. I think the point of integration with XSIAM is that over time I think security is going to break down the sensors, enforcement points on sensors, and a large security data lake. With XSIAM we have proven that we have a large security data lake capability across hundreds of customers so far, which continues to grow. We think over time connecting those to sensors, enforcement points, only the way security is going to get done. We work that with our SASE, we work that with our XDR capabilities. We will do the same thing with identity. That does not mean like every other platform. Palo Alto, you do not have to buy XSIAM to get identity security.
It works better with XSIAM. It works equally well as identity security on its own. Our job again here is to make that platform work and make sure we can show to our customers the benefit of better together, where as and when they are fully deployed XSIAM, if they involve the identity platform, they will get a better set of security outcomes.
Thank you. Okay, great. We'll take our last question from Shaul Eyal from Cowen & Company.
Thank you for that. Hamza, Nikesh, Dipak, Matt, Uri, Hamza as well. Congrats to all of you. Maybe just a comment building on Keith Weiss's prior point. Actually we have been posing the same question to Matt Cohen back in May 24 when he acquired Venafi, which at the time marked the largest acquisition CyberArk has done at the time. So probably he has some inputs as to how a company migrates from a path of tuck-ins into much bigger transactions. My question is about the acquisition. The way I look at it, absolutely offensive rather than defensive move, highly positive. We're still, Nikesh, waiting for the Google Wiz acquisition to close. Do you see Google Wiz longer term, once and if it closes, as going after the identity arena? Is that something that comes to mind on your end?
Look, I can't comment on which party other people are going to go to, so I'll let them decide which party they want to go to. I will sort of repeat what I said. I'm going to ask Matt to see if he has a perspective on this. I think identity is sticky. I think trying to overhaul the identity infrastructure in a company is trying to change the wheels on a flying airplane. I don't know why you'd want to do that, but it's like that. I think it's a lot easier if your identity vendor is showing you the right strategy, the right products, and the right execution in your emerging categories. It's a lot easier to make it happen. I think the challenges of over time, it will be impossible to separate agents from humans and from machines and infrastructure.
Anybody who's going to protect agents has to protect users and machines because they'll be interoperable. What's the difference between me doing a task and an agent doing a task? It's one entity doing a task. The question is, can you manage permissions across those entities? Today those permissions are being managed on machines, they're being managed on users. On the privileged access case by CyberArk, there's no reason why the same consistent approach cannot be deployed to agents. You have to have the same control plane, you have to have the same permission controls, you have to have the same visibility, the same trackability that you need from a machine and from a user perspective. This is me with my short-term learning identity. Matt, did you want to add something to this? Yeah, thanks.
Short term it's still pretty accurate. Which is the special sauce here in identity is the ability to be able to both secure all of these ident and to be able to not only see and visualize these identities, the risk, the posture, but also be able to slap on the controls, dynamically control those identities themselves. When you think about Shaul, where you started with some of the competitors out there, they're living only in the discovery layer, only in the ability to be able to visualize and they have no ability to be able to control and they certainly don't have the ability.
As Nikesh said, to be able to.
Move across all identities and within agency and a machine-first kind of strategy. Our ability to be able to do that, to do what Nikesh has been describing today, is special in the market. When you combine that then into all of the data sources that sit within Palo Alto Networks as a whole, we can do things on a dynamic nature that no one else will ever be able to do.
Thank you.
Congrats.
Thanks, Raul. I guess with that I want to thank all of you for joining us on such short notice. I appreciate all the kind words of support and both me and the management team have spent a lot of time ideating and understanding if this is something we could take on and execute on. We feel confident that this is the right strategy for Palo Alto Networks at this moment. This is the right answer for our customers from an industry perspective in terms of what we want to deliver from a multi platform comprehensive security perspective. I think what Matt and Udi have built is spectacular. We have seen tremendous amounts of candor, resonance and the right cultural fit and values on the CyberArk front. We think that if anybody can get this done right, hopefully it is the two teams at Palo Alto Networks and CyberArk.
For that, thank you to all of you and thank you to all of our collective employees. We are going to make sure we make them all proud.