We'll get going. Thank you all for being here on day two of the UBS Tech and AI Conference. I'm Roger Boyd. I cover cybersecurity. Very happy to have Nikesh Arora, CEO and Chairman of Palo Alto Networks. Thanks for being here.
Thank you for having me.
I wanted to start with a little fun. I wanted to rewind back to 2019. You were relatively new to the role, relatively new to Palo Alto Networks. You were making a lot of acquisitions that I think investors had questions about. And in hindsight, all those played out pretty well, I would say. I think when you look at, if you fast forward to today, you've now announced two fairly significant acquisitions in the past six months and are once again kind of poised to expand the TAM of what Palo Alto looks at. I guess, can you compare and contrast these time frames? And at a high level, what's different? What's the same? And how much of the cash of 2019 compares to the cash of 2025, 2026?
I don't know. He's older. Hopefully wiser. But if you peel back to 2019, we were one of seven cybersecurity companies in the, give or take, $10 billion-$20 billion market cap range. And we had to figure out how do we break out of that over the next five years. I believe in enterprise, if you are not aspirational, don't get to $10 billion in revenue at some point in time in your line of sight, you are subscale, give or take. You start plateauing. And there's ample evidence of plateaued enterprise companies which go sideways for many years. And you can plateau at up to a $20 billion market cap. Sometimes you plateau in the $100 billion range too. So the question as the CEO, your job is to figure out where's the next leg of growth going to come from?
Is it going to come from natural evolution in my TAM? Am I going to add more TAM to it? And when and where and how to do that? So at that point in time, our job was to reinvigorate the innovation pipeline at Palo Alto Networks, which is what we did. It takes four years to build a decent product. I didn't have four years. So I went and found companies which had been around for three or four years who were building interesting products. And I must have seen about 350 companies decide which ones are going to fit their portfolio. So it's kind of point one. So we got ourselves to, I'd say, product parity and perhaps product superiority in certain categories because when you work at Google, you get told by Larry Page every day, if your product sucks, you're never going to win.
So you basically come and say, "My product cannot suck." That's going to be generally a good idea. So we got enough of that done. That allowed us to go to our customers and go and do a better job of selling to them. So the second insight in enterprise is that if a customer likes you, likes your product, it's a lot easier to sell them more stuff than to find a new customer to like you. So how do I go sell more to the same customer than constantly having to need new customers at $100,000 or $200,000? 2019, our average customer, largest customer, spent $4 million a year with us. Now it's $60 million a year with us. So the question is, how do you take that $4 million customer and translate them to a $50 million or $60 million customer? Requires both.
requires stuff that you can sell them and requires them to like you and trust you. So that's what got us to where we are, and we're, give or take, a $130 billion market cap company. We can't just keep bolting on products to what we do. So then you look and say, where else can I expand my business? Where is there incremental TAM? The most significant inflection in cybersecurity in the last two or three years has happened in the SIEM and SOC space. This is a $40 billion TAM. People like ArcSight, LogRhythm, QRadar, Splunk; they're all 17-year-old technologies. They were ripe for, I'd say, innovation that allowed us to build a product like XSIAM. We got to a $1 billion TCV faster than any company in the world in that space. We have 450 customers. We're happy with that.
Then this wave of AI showed up three years ago. I think ChatGPT turned three yesterday. And that spurred on a whole different sort of conversation on infrastructure, speed, scale, which means it will create more inflection in cybersecurity in places like observability. We identified identity as a missing sort of platform in our portfolio. We think CyberArk is the best asset in the category. It is a security asset. And we're lucky enough to be able to conclude a deal with the founder, Udi, and I think we paid a reasonable price, 20%+ premium for an asset, which is number one asset in the identity space.
Having spent now four months, and I'm heading back to Israel next week, with them, I feel even stronger that what we can get done with them is going to be better than what we thought we were going to be able to get done when we're looking at it from the outside. Now, while all this was going on, I ran into. There's a concept in security called security data pipelining. It seems to be the rage. People are trying to figure out how to ingest less data. It's kind of silly, which means that we must not be doing an efficient job to let a third party come and tell people what data we should ingest. So we decided to fix our product instead of buy something. But I saw some of our peers bought some stuff. In that process, we found Chronosphere.
What is fascinating about Chronosphere is I learned that observability is 10%-15% of infrastructure spend. If I believe in half of what is out there in terms of all the compute and infrastructure that is going to get unleashed by AI, there's $1 trillion of infrastructure coming on an annual basis. That must mean there's a TAM of $100 billion out there. Let's even say it's overpriced. Let's say it's $50 billion. There's five players in observability: AppDynamics, Dynatrace, Datadog, Chronosphere, and maybe Instana from IBM. Pick your favorite fifth one. Most of the others, other than Datadog, target the on-prem market, not the cloud market. And I was intrigued when I found Chronosphere is going to become the underlying observability platform for one of the largest AI LLMs out there.
So I talked to the founder of that and management, and they said, look, it scales, and it's $0.40 of a dollar off competitive options. So we looked at the math. I like $0.40 of a dollar of somebody else's revenue. It's better than zero. And it works at a 70%+ gross margin, which is what I like to live. So we decided to do one more acquisition. And we think the two biggest inflections, or three biggest inflections in the next five years, are going to be in identity and continued inflection in SIEM and possibly continued migration to cloud-delivered observability. Sorry, that was a very long answer to your question.
Perfect. And maybe just to translate it back to the numbers, you took your long-term fiscal 2030 NGS ARR target from $15 billion- $20 billion. Obviously, big numbers here. How much of that was attributed to CyberArk Chronosphere? I think there was also an organic expansion component to that. And even when you look at $15 billion of organic business, what gives you the confidence in that number?
So look, our ARR is roughly a third of that today. There is some part of that is migration from existing on-prem behavior to ARR. Most of that is net new business in our core business. I think part of that is bolstered by our comfort and success around our core business. I'd say a third of that is about Chronosphere, give or take. And probably two thirds is the CyberArk current and growth expectations. So $20 billion is a big number. It hasn't been done in cybersecurity before. In fact, $10 billion revenue hasn't been in cybersecurity before, unless you look at fuzzy math from large players who segment their cybersecurity spend.
Cool. Maybe to touch on identity, you mentioned this earlier, but just greater confidence in that acquisition, having spent a few months with it. Can you expand on that? And when you think about kind of the three pillars of the deal, it was bringing TAM to more users internally. It was being able to include identity within your broader platformization sale. And then this third idea of securing AI agents. How have each of those pillars kind of expanded after spending some time with it?
So yeah, look, if you go back and correlate to the idea that my belief is that companies which are not generating $5+ billion, $7 billion, $8 billion of revenue are subscale in the long term in the enterprise space, we think a lot of the scale, innovation, activities, processes we have, we can apply. It's not CyberArk's fault. We have scale. We can spend $10 million running AI experiments. $10 million is not a lot of money for them to optimize 20 people. We could have 200 there. So we can take all the leverage we have from scale, deploy it to them. I see no reason why, after spending time with them, that our margins shouldn't converge in 24 months with their, or their margins shouldn't converge with ours in 24 months, which would mean going from about 20% operating margins to 30%+ operating margins.
That's generally a good thing in math. So that's kind of helpful, one. Two, we think we can really help them on the go-to-market side with the customer base because they usually don't have the relationships with the CIOs and CISOs that we do, given our larger scale with them. So that's kind of hopefully, and anecdotally, having talked to some of their customers and our common customers, the fear always is you get bought and the customer says, "Oh, shit, I don't want to deal with this company." But in this case, we have received positive affirmations. The customers like the idea. They like to work with Palo Alto. They like us to have an identity portfolio. And CyberArk is the best asset in the space. So that was the second sort of insight. And third, I think in a way, and I said this to the founder yesterday.
I was talking to Udi, and I said, "Look, you guys got a little happy and fat too soon. You had to go innovate." This is kind of where Palo Alto was in 2019. We kind of lost the innovation idea, saying, "This is my turf. I'm going to play in my turf. I'm going to make a lot of money in my turf." Well, we're going to light a bit of a fire under their innovation cycle. And that's why Lee Klarich, Chief Product Officer, and me are spending a lot of time with them, heading to Israel. And if we can do all three of those, I think that allows us to actually deliver the ARR uptick that we talked about.
And then just on Chronosphere, I think a lot of investors may be a little more surprised by that acquisition relative to CyberArk.
Investors were surprised by me taking the job at Palo Alto. They were surprised by me buying 13 companies. It's like their surprise is not my concern. My job is to deliver ARR growth. I promise the investors will be happy if I keep delivering my growth rate and my margins and my free cash flow.
Yeah. I don't disagree.
That should be a surprise.
In terms of the rationale, you touched a bit upon this. But in terms of a data pipeline product versus the organic TAM that they have in their install base versus the idea of bringing that into platformization, how do you balance those pillars of acquisition?
Look, the two largest third-party infrastructure data requirements are on observability and security. Everything else is on-prem customer data, et cetera, which is kind of what your core business is. From a third-party perspective, customers can't do their own observability. They need somebody else to watch their runtime and infrastructure and tell you if it's working or not. They can't do their own security. We ingest 15 PB a day, even with our 450 customers in XSIAM, which are not fully deployed, all of them, 15 PB a day. Chronosphere does somewhat similar across the 45 customers. We're the largest ingestors of data in the world as a third-party company, and we're possibly the top five customers of BigQuery and Google. So we're taking a large data problem, solving it at the right economics for our customers.
I'm pretty sure all of us have varied opinions on how much of this AI spend is going to be realized. We're going to spend $8 trillion or not. But everybody believes in this room, I hope, that the data is going to keep compounding across enterprises. The more we spend time on AI, the more we run applications, the more people use it, data is going to compound. If you believe data is compounding, you need observability. You need security. So from that perspective, we think those are the right swim lanes to play in. Then it's a matter of execution.
Yeah. Just on the Chronosphere customer base, you mentioned two of the top five LLM providers. It's been pretty well reported that the largest LLM provider is a customer.
You're all shy of taking the name, right? Okay, sure. Artist formerly known as Prince, yes.
Yeah, exactly. I mean, to your point, there's a billion, billion and a half of compute spend, a trillion of compute spend that's coming online over the next five to 10 years. How do you think about that market for observability expanding with AI? And how do you think about selling into that ecosystem?
Look, the observability world, the customers fall in three buckets, right? One bucket is where people have a lot of existing applications on-prem, which is where, as I said, Dynatrace, AppDynamics have built their business, and they serve that use case. The second category is born in the cloud companies, SaaS companies that sell cloud-based services, which are pick your favorite SaaS company, pick your favorite consumer company, your DoorDash, your Uber, your Airbnb. They all have to have if their app is down for 10 minutes, it's lost revenue. If their app is down for a few hours, the SEC will come and shut you down because you're not in compliance with some requirement to be available as a storefront for your financial customers. So from that perspective, observability ensures 99.9% visibility into availability. So if your stuff goes down, you're in trouble.
What are you willing to spend to make sure that you can see when something goes down? As I said, the numbers in the market are 10%-15%. I'm not saying Gemini told me that or ChatGPT told me that. So I take 10%-15%. If you believe that's an overpriced market, and the right answer is 5%-7%, if your numbers are at a trillion, that's $50 billion-$70 billion. That's a $50 billion-$70 billion TAM. I don't see that revenue in the market today. All that tells me is that that market will keep growing, which means if I go spend the time and effort to spend, sell, I know the second largest customer at Chronosphere is going to spend $20 million this year for a startup, $20 million for one customer. I like those businesses.
I like a small number of people spending a lot of money. I'd rather be like LVMH than Walmart. So a small number of people spending a lot of money is a good idea because I can serve them better, keep them happier, and make sure they get the value that they need. And that's where we play, and that's where platformization plays. That also reduces my cost to go to market across the board.
Maybe last question on the two recent acquisitions or pending acquisitions. I've gotten this question from investors, but how do you get comfortable integrating and managing fairly large integrations over the next kind of year, year and a half? And I know you mentioned Lee's recently promoted and I think spearheading a lot of this, but what does that look like internally?
Well, I think they're both different. I mean, Chronosphere is a great product. It has good traction. Customers like it. They want to spend money on it. So I don't have to go do like open heart surgery and fix the product. It's working. We have to help them go to market. They have seven salespeople, that's 3,000. I think we'll find a way of getting more people at Palo Alto to sell it outside of the seven they have. It's a very targeted sale. So integration in the case of Chronosphere is letting Martin do his job, give him more resources, and support him where we can, and let him off to the races, right? So give him the comfort. Large companies make a mistake. They buy companies and then try and smother them. We're not going to smother them.
We're going to give them more money, more resources, run faster. One asset we have, which startups don't have, we have money. We have distribution. Our job is to figure out how to unleash that asset onto the acquisitions we have and not constrain them with our policies and processes. So that's what we're going to do. Martin's going to report to me. He's going to have full ability to go run as fast as he can because he has an open lane. He can run really fast. CyberArk is different. CyberArk is a re-engineering, restructuring, and make it work and fit. That's where I've spent a lot of time in the last three, four months. My teams are all working on it, and that's why that's where our focus is.
At the same time, we're going to make sure our core business continues to deliver because that's kind of what gives us a right to play. So keep running your core business. We don't have any small acquisition to integrate. We haven't done any. CyberArk has been thoughtfully done. We've spent four months. We'll spend another two, three months before it gets closed. That's why we're flying to Israel. That's why we have plans. That's why we have stuff figured out on a function-by-function basis. We know the top 50 people we like. We know we're talking to them about continuing to stay at Palo Alto. So it's kind of like, and we found the opportunity areas. Could there be a bump for a month or two months? Sure, happens. But do we believe that the long-term thesis is even more robust than we thought? Yes.
Great. Okay. Maybe shifting over to the big corporate.
Investors always need something to worry about.
For sure.
Otherwise, it's like, show me a stock that doesn't have a concern.
Yeah. Okay. Shifting to the core business, SaaS, you've got $1 billion-$1.3 billion of revenue, growing 34%. I think you're now 1/3 of the Fortune 500. The growth there has been pretty steady. What's going right there? And competitively, have you seen any changes in the market? There's obviously more vendors that are talking about SaaS.
I talked to the market leader in SaaS. He was here this morning. What did they say?
He is.
It's going well.
Great.
I'm glad it's going well for them.
Yeah.
It's going great for us too.
This is great.
Sorry. Five, six years ago, we didn't play in this space. We didn't have a right to play in SaaS. We had zero customers. We had to build one customer at a time. We're now north of 6,000 customers in very large deals, which is good, which to me is a validation that we can come from behind, build a product, compete with the biggest players in the market, and get to number two in the category. Number two is a good place in a category. Three, four is a dangerous place because you spend all the money and you don't make the returns. So I like being at least one and two in the category. So we're happy we're number two. It's a steady business, growing faster than the biggest business, which means it's good because it gives you the spread is narrowing.
We believe our product is at parity or better in certain spaces. That takes time because every time you go to a customer, say, you don't do this, you don't do that. You do those things. I think we have the right amount of investment and return going on. We have the right amount of happy customers. We have done some things technically that allow us to tell our customers, send your VPN customer Palo Alto, you can actually turn on SaaS capability right off the bat.
So the biggest problem with SaaS is every laptop has to be brought in and a new agent has to be put on it, which customers are scared of because you really want to stop your workflow and say, "Oh my God, we're going to deploy 200,000 new things." One of the last things we really like IT coming and saying, "I'm here to install something on laptop." And say, "Holy shit, it's not working." So if it says, "It's already on your laptop, I'm going to turn on from the back," that's a much happier feeling. So we've gotten to a point where we have 80,000 firewall customers. Many of them are VPN customers. You can turn their VPN client into a full SaaS client without having to bring in the laptop and do open heart surgery. And the backends are already configured.
So the implementation is a lot easier for us than it was two or three years ago. So it makes it harder and harder for other people to come in and steal those customers. That's all. We'd be very happy if we had a $3 billion business.
Yeah.
In three to five years, that should mean that business which you built in the last five years itself should be worth $40 billion.
Yeah. Yeah. You mentioned feeling like you have technological advantages in certain areas. And it seems like Prisma Access Browser has been one of those areas. It's been a pretty material element to new seat count growth in SaaS. How important is that? How differentiated is it? And big picture, the idea of browser wars, AI browsers, how do you think about enterprises trying to secure AI through a browser?
I wish I could tell you that we anticipated a secure AI browser and cloud and Anthropic building browser and that sort of thing. We bought a company because we thought we could manage devices in companies which were not being managed through a browser acquisition. We paid somewhere around $600 million for Talon. We've seen phenomenal adoption. Browsers are sort of the hidden threat. We did a 30-day pilot at a large company with 200,000 employees. We discovered through a 5,000 browser pilot that 167 browsers were compromised, which means attackers were in their browsers, 167 of them. Next week, they put out 210,000 browsers in the company. So that's the threat.
Now, if you carry that forward and think about the idea that you will have employees download the AI browser from OpenAI or Claude or from pick your favorite, Perplexity, now the reason these guys are building browsers is I think the next battle in AI will be consumer agents. I think we confuse ourselves in this world of agentic behavior enterprises. The real battle is consumer agents where we can all conceive that I should be able to tell my phone, "Get me an Uber at the Phoenician. Get me on a," whatever flies from here, Southwest to San Francisco. And when I land, get me an Uber at the other end and make sure you make a dinner reservation for me and my wife tonight at 7 o'clock in Palo Alto." You can only imagine that.
It seems possible if Sam Altman is going to raise $100 billion and Ali Ghodsi is going to come tell us $134 billion, they must be doing some shit like that, right? If you believe that, how do I activate the agent? How does it know what my Uber account is? How does it know what my DoorDash account is? How does it know my whatever OpenTable account is? The only way it does that is if it has my credentials. If I'm on the phone, the iPhone controls your credentials to some degree. If I'm on my laptop, the only place to harvest credentials is your browser. That's the only place. When you log in and you click, it stays logged in. So actually what you're seeing is a land grab for credentials on the desktop. That's all that this browser business is doing for the consumer guys.
The problem is what's great for that scenario sucks for Spotify, Uber, DoorDash, so they're going to fight it. Let's set that aside. That's bad news for enterprise. I don't want your browser to be logged into Salesforce and Workday and my trading app and financial management. I'm doing shit which I don't know. So you will want to secure your browser as quickly as you can. So I'm betting in the next six months enterprises ban consumer browsers. That you can't use OpenAI's browser at JP Morgan or at Home Depot or at Walmart because I don't know that browser is going to take your credential and do something in the back with an agent. I don't know how to control it. I have no security in place to control these agents. So what do you do? You ban them. But you ban Chrome? You ban Safari?
What do you use? Now you say, "Prisma Browser from Palo Alto." You're supposed to say that, Roger.
That's a good pitch.
There we go. All right. So like an ad, we do it together.
Yeah. Of course.
All right.
I wanted to switch gears to Software Firewall. You called it a hidden gem last Thursday's call. I don't think it's that hidden. ARR is growing 20%+ . You've got pretty material acceleration product revenue. Can you talk about what's underpinning that strength? And we'll go from there.
Yeah. So the reason software firewalls are a hidden gem is that I think the most fundamental thing for all of you guys to understand is that security is pretty straightforward. Security means every bit must be inspected. It doesn't matter where it comes from. It comes from your laptop, comes from an application, comes from microservices, comes from every bit should be inspected because that's where bad shit happens, okay? You inspect bits in data centers using hardware, which is where firewalls come in. You inspect bits on your laptops using SaaS or your browsers. That's where SaaS and browsers come in. When you're sitting in Google Cloud or AWS or OCI or IBM Cloud, your bits have to be inspected. There's no boxes in the middle. You put a software firewall around your application, you inspect bits.
For a while, people were using the cloud provider software firewalls rather than using AWS or GCP. We slowly, over the last two years, have deployed a single form factor that works in every cloud. So if you're a Walmart, you can run the same firewall in GCP, AWS, Azure, and you get a one pane of glass. It's better than managing three different firewalls. And of course, we might have slightly more feature-rich firewalls because that's all we do for a living. Those guys do a lot more other stuff. So what's happened is there's realization, many customers are multi-cloud. They're not single cloud. So if you're multi-cloud, you want a common firewall. You don't want multiple firewalls. That's helped us. Two, they want more feature richness because they're discovering there are attacks coming into the firewall architectures. And three, we made them work natively in the environment.
You can spin up our firewall just like you can spin up a Google or AWS firewall. In that context, we probably have 50% market share in software firewalls from nowhere. We have 39% in hardware, 50% in software. Our competitors are only individual cloud service providers. There's no large third-party cloud firewall business that competes with us. That allows us to go in and show the value prop. What's really interestingly aiding the conversation is AI because our firewalls have been upgraded to protect model hijacking and the attacks we heard about a few weeks ago. That's also helpful because we show them the AI firewall, then they buy the software firewall that's throwing the volume there. It's kind of been helpful.
Yeah. I want to double-click on that. And the concept of an AI firewall, you introduced Prisma AIRS earlier this year. You have model scanning, AI posture management, red teaming. Should we think about those as kind of attached services to an AI firewall, or do those get sold separately? How does that market kind of?
When you look at a company, how do they deploy AI? The company says, "I'm going to put my own LLM into my company," and now you can talk to the LLM as a customer and decide if I can give you recommendations and pick your favorite company, and you set up your own LLM. It does a bunch of things called vector DBs, databases, and has an internet connection, and then I, as a consumer, talk to that chat bot. I can talk to the Bank of America chat bot, and it does stuff in the back. Now, every door you open to talk to your LLM is a door for it to be attacked, so for example, in the very early days, every chat bot had this thumbs up or thumbs down. Did you like my answer? Do you not like my answer? Well, guess what?
I can spam you by saying, "I didn't like your answer. I didn't like your answer. I didn't like your answer," and force you to give a different answer. And this was being used to manage perception. Like, "Should I vote for President A or President B?" Say no, no, no, no. And so suddenly you're spamming, and then the model starts recommending President B because they didn't like the first answer. So you can do all kinds of things like it's called data poisoning in the model. It's called LLM hijacking. It's called prompt injection. You can inject prompts in the back, in the middle of your question. So it can say, "Hey, monkey," every time you ask it a question. So you can do all kinds of bad things, which you need to look at bidirectional traffic.
So we built all those controls into our software firewall, and it gets shown as an AI firewall to our customers. So that creates the desire for them to protect their AI LLMs. And that's kind of what we sell. We have about 50 customers who deployed it. Every customer wants to talk about it. Again, it's a great conversation to have because every customer is bothered about AI security, but it leaves back a little sale of software firewalls behind it.
Cool. Maybe to close, we're at the AI conference. There's been a lot of talk about potential AI bubble out there. I want to leverage your purview, your lens into the broader technology landscape. What's your opinion there? What do you think investors are potentially missing? And how do you think about security potentially enabling that or not enabling that?
At a macro level, if you look at everything and you cut through the noise, there's hundreds of billions of dollars more that will be spent in the next three to five years than were anticipated last year, two years ago, right? That's going to be spent, whether you like it or not. Whether it's going to be $2 trillion or $1 trillion, you can decide, but it's going to be a lot more than we thought five years ago. It's just causing a huge boom in everything related to infrastructure spend. It's unleashing IT budgets because everybody's spending more money on experimenting on AI than they ever planned to. So are we. So is everybody else. The consumer end will consume more AI capacity than you think is possible.
Every new nano banano that comes out, every Gemini 3 that comes out, it's going to suck out more and more AI compute than you think. So there is demand out there for that compute to get sucked out. Then maybe your question, how are the money going to come from? That's not my problem. That's there. So that's going to happen. There'll be compute built, and people will suck out the consumer stuff. Enterprise will be slow in adoption, and there'll be hidden gems of things that show up and people do it. That is not going to stop experimentation. And all I need, all they need is 10 million companies to spend a million dollars each, and you get to a lot of money. So we're going to spend more money than we thought we were going to spend at Palo Alto.
We're going to spend a few million dollars this year from zero. Everybody's going to spend it. So it's all there. Now, does that take the market cap of the biggest companies down by a trillion or goes up by a trillion? Doesn't matter. To me, there's a boom. AI does two things from a security perspective. One, it once again increases the attack surface. Now I can attack agents. I can attack browsers. I can attack a lot of things. The bigger the attack surface becomes, the more you have to spend to protect the attack surface, right? The bigger house you buy, the more you spend on security. The bigger your attack surface in IT enterprise, the more you have to spend. So the attack surface is getting bigger. Two, as you saw in the attack two weeks ago, speed is getting faster.
AI attacks will happen at AI speed, which means defense has to happen at AI speeds. The entire cybersecurity landscape is still outdated in the world. There's tons and tons of opportunity for all of that to get, let's call it AI speed ready, which is where we point our guns. I'm sure many other companies will do better. They have 8% market share. We lose 92% of the time. Maybe we'll get to 16%, and we'll lose 84% of the time. That should double our company.
Awesome. We'll wrap it there.
Thanks, Roger.
Thanks for being here.