Session at the Goldman Sachs Communications and Technology Conference. I'm Gabriela Borges. I cover the emerging software vertical here at Goldman. Delighted to have on stage with me, Tomer Weingarten, CEO and founder of SentinelOne, and David Bernhardt, CFO. Thank you, gentlemen, for your time.
Thank you for having us.
Tomer, I wanted to start out with a little bit of strategic conversation on the importance of the real estate that you earn at the endpoint. I think there are a couple of big secular themes happening between AI and data integration, data security across different vectors in security. Maybe that's better described as consolidation. Where does the endpoint fit longer term in terms of the strategic value it can deliver within the security budget?
Yeah, it's a pretty interesting question, and my answer might be a bit compounded, because I think on one part, it's by far the most strategic aspect of enterprise defense. There's no you know, more important point for defenders in terms of telemetry, in terms of posture, in terms of the ability to actually deliver on what cybersecurity is supposed to do, which is, you know, fend off attackers. So the endpoint is incredibly important. I think it also is one of these massive data generators. So if you kind of think about cybersecurity as a data problem, as a visibility problem, endpoint and EDR products specifically generate the most telemetry out of any, you know, any security product out there. So it's important, clearly.
I do think that if you zoom out, the way to solve cybersecurity is really not about any one of these components. So it's not just about endpoint, no matter the gravity that comes with endpoint, and it's not just about the firewall, it's not just about the network, and it's just not just about email or identity. I think to truly achieve a different outcome in cybersecurity, and also what we're seeing in the threat landscape, which is multi-surface attacks right now. If in the past 10 years, attacks were very surface specific, you had malware, malware is endpoint. You had something that punched through the firewall, that was network attacks.
Now you see, you know, different attacks that kind of cross the chasm between all these different components and are harder and harder to see if you focus on just one of these surfaces. Which brings me to where I believe endpoint will play a role, is the data feeder to a more wider, call it enterprise-wide cybersecurity platform. It's not—so without a qualifier, it's not an endpoint cybersecurity platform, it's not a network cybersecurity platform. It's a cybersecurity platform that will be able to really see everything you have in the enterprise and bring together what up until today is very siloed, and then cross-correlate these data points, help you connect the dots of how an attack actually manifests, no matter the surface.
When you think about AI, you think about the power of, you know, what that can do in a complete enterprise-wide setting. The level of automation that you can run now, the level of orchestration, that is by far greater, and the outcome is much more, you know, much more automated than just focusing on AI for the endpoint. Which is kind of what we've done in the past 10 years. I mean, we've had a very autonomous structured AI focused on making sure that you detect something and you can remediate it autonomously with no human intervention. Now, think about that at the entire enterprise level.
Think about that, you know, with healing the firewall and telling the firewall that something is bad, and think about that in cleaning up the email and running the report and mitigating the endpoint, but also in validating the user. That's how you deal with a breach today, because the distance between what an endpoint product can do and what, think about an incident responder should do when they handle a breach, is just immense. An endpoint protection product can deflect a threat. An incident responder needs to fix the entire environment, clean up the enterprise environment, and give you back the keys to something that is supposed to be cleansed of an attacker. There's no product that's automated enough to do that, and I think that's where endpoint is an important component, but it's not the sum total of all of it.
I do think that by dealing with all the volume of data that comes from the endpoint, endpoint vendors might have the leg up. They might, you know, kind of already know how to deal with high fidelity logs. You know, for us, dealing with AI obviously gives us some leg up on how you apply that to the enterprise level. So I think there are some advantages in that, but the future of cybersecurity is at the enterprise level. It's with an enterprise, you know, wide platform and not with single surface protection. And it doesn't, by the way, just to end on that note, it doesn't mean that you need to have all these different surfaces protected by the same vendor.
Like, that might be something that, you know, some of the vendors here are saying, but to me, the approach is open. I don't suspect that anybody today in the enterprise will consolidate into a single vendor. No single vendor will sell you email security, identity security, endpoint security, firewall security, SASE, all of these different... They're not going to come from a single vendor. And most companies out there, they buy best of breed. They buy the best EDR product out there, and they buy the best firewall out there. How do you marry the best firewall out there with the best EDR out there? Who knows? Remains to be seen.
... I want to focus on two different parts of what you said. The first is the data that you have and collect, and then the second is how you apply it. So you mentioned the endpoint and the fidelity of the data being higher than perhaps outside of the endpoint. Help us crystallize why the way SentinelOne collects and processes data is better or different to how your peers on the endpoint do it?
You know, it's not necessarily different. I think for most endpoint providers, the level of data collection is the same. Like, what we see, there's no magic in here. I mean, what we see are low-level system operations. I think the top three vendors. I think, you know, if you kind of look at the top three vendors, we are as good in monitoring every single bit that moves on the machine. I think that's not the secret sauce for anybody, the monitoring piece. But then it's what you do with that data, and I think that's where, you know, there's major separation between the different models. Do you just look at all that signal as just events in time, separated events? This is what most competitor in this space do. What we do, is we actually stitch it to what we licensed and patented as Storyline.
So we actually contextualize and build the actual progression. How do these data points actually correlate to one another? How do they relate to one another? And that is the main difference in what we do. We basically take, you know, all these disparate data points that typically are just massive log data of every operation on the endpoint, and we create a contextual meaningful story of what's happening. And that's the way that you can start connecting the dots between things that might look completely disconnected. A new program downloaded, but something got, you know, deleted, or, you know, suddenly a process is beaming out information while a new user connected to the endpoint. In a sense, these are two separate events. If you have a way that can contextualize those and say, "You know what?
The UUID of the process that did that is actually the same one that called the kernel at the same time that the other one did it," okay, now you have a connection. Now you can build a story. And that part is a part of what we call behavioral detection, something that we patented and something that's unique to us. And if you take that, you understand that the level of accuracy goes, you know, much, much higher than other vendors, and that in turn allows you to run AI models autonomously. 'Cause AI is not accurate. If any of you, you know, ever used ChatGPT as an example, that stuff is hallucinating, it's not, it's often wrong, and it's very broad and unstructured.
But if you take machine learning and you structure it on something, you train it to be very, very structured, then you can reach an accuracy level where you say: You know what? I can deploy this model, and SentinelOne has, you know, more than 11,000 customers. This is now deployed on tens of millions of endpoints across the world, and it's an autonomous AI algorithm that runs on each and every one of these machines and takes decisions in real time with 0 human intervention to decide whether something is bad or something is good. If it's bad, shut it down. If it's good, let it go. Don't interrupt the user. So you need to reach a level of accuracy. I think that's where... It's not just applying AI, it's applying AI with a level of accuracy that makes it, makes it actionable.
Because you don't want more alerts, you don't want more noise. You want something that actually is doing the work for you. And I think that's also... You know, I talked recently about new applications in generative AI. Everybody's plastering, you know, some chatbot, you know, conversational capabilities. Let's take an open source LLM, you know, splash it on our data, and lo and behold, we're generative AI-enabled now, and thus, you know, we're the best company on the planet. And to me, you know, it's kind of first order of magnitude applications that you can build. Very, very easy to build. Like, literally, any kid can build such an application with leveraging APIs. The next step would be building predictive algorithms that are accurate enough to run the show for you.
Not to get commands from you and give you output back, and then decide what you want to do with the output, but get to the point that stuff is done for you in an auto magic way. But basically, that is the next step function in Generative AI capabilities, and I think we're not that far away from it, honestly. You know, we've been lucky to invest in Cohere, which is one of these foundational LLM companies. And you kind of get a glimpse of what the next models are looking like. We work a lot with Anthropic, and you get a glimpse of, you know, what these models look like.
You know, I think what we're seeing today and what people are rushing to instill in their applications is just kind of the, you know, the first iteration of what we're gonna see. There's gonna be many more, but this one specifically seems to me like, you know, everybody wants to say that they're doing it, but, you know, it's kind of a nice-to-have capability for me. It's almost like I wish we could leap that stage and go into the real stuff.
Where do you think Purple is, your tool for security operations center analysts, where do you think Purple is in realizing that vision of having the work done for you?
We're definitely pushing there. You know, we're investing, I think, the majority of our team's time to build something accurate and autonomous and predictive. So my assertion is that conversational capabilities will be table stakes. They should be table stakes. I think that that's easy to do. And in part, that's also a very important part of the equation, because you want to use conversational capabilities and that, you know, call it speech to query or speech to data retrieval capability that LLMs can allow. Basically, democratize the access for data. If up until now, you know, a cybersecurity analyst had to be incredibly proficient in crafting queries to retrieve data, now you can just ask the questions, and I think that is an amazing thing for cybersecurity.
And I think everybody's gonna have to have it in one shape, you know, way or form. I think it's also gonna change the way where people today are kind of stuck on a platform. And I don't wanna pick names, but, you know, think about one of these SIEM vendors, right? I mean, massive market opportunity, $40 billion data analytics opportunity. Customers kind of love that platform, and they've been trained to use that platform for maybe 10, 15 years. They know the query language. They, you know, they know how to work it. Overnight, that's not gonna be the case anymore. You're not gonna have to know the query language.
So it removes the barrier to moving, you know, away from these platforms that up until now, everybody was kind of standardizing on, and nobody wants to move away because they don't want to learn a new language. They don't want to learn something new. Guess what? You don't need to. You now can use just plain English or any other language to that extent, and, you know, you can do things that are much more complex. And basically, you know, you kind of remove the barrier to entry, which was a deep competitive moat for some of these folks, that, in my view, is just gonna go away. And then you can start focusing on some of the disadvantages that some of these systems have. Like, they were designed on-prem, they were designed for terabyte scale.
We operate at the petabyte age right now, if not the exabyte. So it's different scale, different speed, different cost. All of these elements now will take the front seat when you remove that usability barrier, and that usability barrier will be removed with LLMs. And then you can, you can start think about, okay, you know, now I can think about predictability, I can think about predictive algorithms, I can think about true automation when I have these very robust platforms that can see all the data and retrieve it almost in real time. Because the other element is that in security, it's incredibly important to have an outcome that is manifested in close to real time. Otherwise, you can be as accurate if you want. If you're telling me that something happened two days after, it's game over.
If you're telling me that something happened 1 hour after, most likely it's game over. 8 minutes after, most likely game over. So, you know, the ability to do it in real time, I think, is also something that, you know, we all need to pay attention to, because it's not gonna be just about housing more data. It's also how do you action it in lightning fast speeds?
You made an interesting comment there, which was investing the majority of the team's time.
Yes.
Is it fair to say that this AI challenge is the next big technical challenge that you're looking to solve? And it sounds like that then unlocks the $40 billion SIEM opportunity for you. Is that a fair way to frame it?
I think to unlock that opportunity, I think you need to go through the first step. You need to go through the LLM enablement. I think that part, coupled with what we do today... I mean, we have a security Data Lake, you know, a broad-based data lake technology. We're already doing, you know, a lot of Lift and Shift from these incumbents and vendors.
Yes.
Can't say we can rip and replace every, you know, every use case out there still. I think putting an LLM, democratizing the query language, that's one big barrier that gets removed, and then you can start, I think, doing more and more, kind of in earnest attempts to lift and shift some of that market share.
That makes sense.
I think the prediction is where you become, you know, just incredibly more meaningful for some customers. And you start showing outcomes that I think others are just not working on right now. I mean, they're very focused on just, "Oh, yeah, let's plaster something, you know, call Generative AI and move on.
There is one other piece of the strategy discussion that I wanted to touch on, which is your comments on the earnings call on the importance of remaining a public company. I believe you've also commented on the board being aligned in maximizing shareholder value. Help us reconcile those two comments. How do you think about the industrial logic of potentially getting acquired by another company, potentially partnering with another company? Walk us through some of your thinking.
Yeah, I mean, I don't know. To me, it's fairly simple. I mean, you got a $100 billion market opportunity. You got the fastest growing company on the public market. I don't know that I need to say more than that. I think that we have unbelievable technology. I haven't seen anybody else on the market do something even remotely close to us. I think we got competitors that, you know, got technology that's quickly becoming obsolete, if not legacy. And I think they might be a bit panicky about it. There's nothing that stopped us from growing throughout this entire, you know, route as a public company, also as a private company. You know, some of our peers have enjoyed years of growth in a zero interest environment. You know, we're doing that...
With no competitors, by the way. We're still demonstrating, you know, incredible growth rate, incredible margin improvement, in what you all will describe a highly competitive environment. I will call it my day-to-day for the past 10 years. And you know, in a very rough economic environment. So I think with all the odds stacked against us, I would posit, we're still doing incredibly well. So all in all, I mean, I sincerely believe in our ability to continue and execute. I think the human talent in the company is second to none. I think the technology is fully proven. Customer estate-... you know, growing significantly every single quarter. We're still very focused on net new market share.
Then you got the opportunity to go back to your estate and, you know, even expand there, which is not the point of focus for us. So to me, it's opportunity. I mean, yes, it's hard work, I'll give you that. I mean, you know, some people want to sell, but for us, it's what we do. Like, I don't know any other way. So, you know, you read all these rumors and speculations, and we get it, it's exciting. But, you know, for us, it's another day, and there's, I think, a lot of conviction, not only for our customers, not only for our employees, but yeah, also for our board.
I think I wouldn't speak on behalf, you know, of our investors, but at least the one that I know and I sometimes interact with. I think they, you know, they fully believe in our ability to continue and grow. So again, I mean, unless you had a better reason, I'd love to hear it. Maybe I'm missing something.
I have two follow-up questions on your comments. So the first is your comment on competition. And I think, Dave, I would appreciate your colleague here as well, which is: do you think, or how would you describe the ways in which competition is different today versus 3, 5 years ago? And what we tend to see in security and in technology more broadly is the older generation functionality gets more commoditized. That's where you see the pricing pressure. The newer generation functionality, something like Purple, something like Data Lake, is where you see the ability to extract more value because it's more innovative. And so two, two-part question: How do you think competition is changing? Maybe a comment specifically on Microsoft as well.
The second part of the question is, Dave, how do you think about pricing holistically and being able to extract value while the lower end of the market may be getting commoditized?
Go for it.
You know, just thinking about the lower end of the market and, you know, our ability to increase margins, increase the top line. I mean, there's a lot of opportunity for us, whether it's, you know, pushing out identity, which is continuing to go, data, you know, cloud. I mean, those are all massive opportunities. So there's a lot of upward trajectory of the company in terms of the pricing, especially. You know, something like cloud or data can be, you know, 2 to 5 to 7x the multiple that we would get when we're selling endpoint. So there's a large opportunity there.
You know, even thinking through, you know, just our suite of products and what we're enabling to the channel and the MSSPs now, you know, they're now getting the broad platform versus before, where they were more traditional endpoint. So there's an opportunity there as well. And then I think what's most important is just our strategy. You know, we collect this data. You know, once we've collected the data, every additional module we add is very high incremental margin. So there's a lot of profitability that we're unlocking. If you remember back at the IPO, I think we were 53% gross margin going into the IPO. We're 77% now, so we're talking two years later, that's massive growth.
You know, we gave a range of 75%-80% at the IPO, and I think people kind of rolled their eyes, and here we are two years later, we're right smack dab in the middle of it, and, you know, now we're looking, you know, to approach 80%+.
Yeah. And I think, I mean, on Microsoft, look, it's... The word platform is freely used here.
Yeah.
In a sense, in my view, like in my world, when you say platform, you think Salesforce, right? I mean, you literally log into one platform, and you get multiple capabilities into that platform. If you think about Microsoft, that's like seven different distinct products. If you think about even, you know, Palo Alto Networks, these are four different product lines that they have. It's not even a real true platform, you know. Even our nearest competitor got two distinct different solutions, one for EDR, the other for logging stuff. We're literally one of the only singular platform out there where you, whether it's endpoint or cloud or identity or data or whatever it is that you use, you go to the Singularity Platform, and it's there.
When you add more, another component to it, they're both there together, and the data is both there together. The actions that you take, you can apply on all of what you have in that platform. So to me, it, it's also this realization for some customers that they can buy into a dream with Microsoft that is not gonna be the outcome that they're looking for. I think we're seeing that more and more, and it's not for free. We're seeing that more and more because Microsoft actually hikes up their prices more and more. So it becomes more and more apparent that for workload pricing, as an example, it's not that cheap. For experts pricing or MDR, it's not that cheap. The uplift from E3/E5 is not that cheap.
So we need to do a better job at articulating to our customers that our value proposition is as good, in many cases, even better than what they would get with Microsoft. Not to mention the security outcome, not to mention the OpEx saving, not to mention the level of automation and productivity. Those are indisputable. Like, it's, it's really hard to work in a Microsoft environment. I don't know if you've all ever seen, like, a Microsoft console. It, it's like a, you know, it's like a cockpit for, you know, for an F-16. I mean, you get, like, so many knobs and, you know, it's, it's, it's really hard to operate, and it's not autonomous, it's not automatic. And, and I think that, you know, that is, that is a big difference to these customers, and it's not best of breed security.
Now, I go back to that $100 billion TAM point because I think it's important. The world is more than just Microsoft. I mean, in an AWS-dominant environment, Microsoft is not that, not kind of not a go-to vendor for everything, when you want to secure workloads on AWS cloud, the immediate thought is not going to be, I'm going to put Microsoft Cloud protection there. You have the opportunity to work with other vendors that are natively integrated into AWS, just as an example. Same goes with someone like Palo Alto Networks, which, you know, totally respect that company. They got about 70,000 customers. Their software is mainly applicable to their own estate, which they're doing a great job, you know, harvesting more and more.
But if you think about the other part of that world, the other part of that TAM, you know, companies like Check Point, companies like Fortinet, you know, Palo is not that applicable to that part of the market, so that remains a complete untapped opportunity. And I think part of the work for us is just identifying the easiest to win opportunity, because it's a very, very big TAM. I don't need to fight for every single one of these opportunities. I'd much rather focus, you know, we gave this example with, in one of our previous—like water, just go with the path of least resistance, right? I mean, we can work with some of the others. We can unlock these opportunities first. Doesn't mean by any degree that we're not going after the Palo estate. We're going to do that, too.
But obviously, you're going to see, much like in the incumbent days, going after a Symantec or a McAfee replacement was the easiest thing to do. You're not going to go after a Carbon Black replacement, as an example. That's going to be harder. We're doing those, too. But obviously, there are some that are easier, some that are not. And the TAM is so big, you know, it's sustained about 12 or 13 endpoint vendors in the, in the past 20 years, lots of them with multi-billion-dollar revenue. So it's a huge TAM. It's also quite understated. The dollar today that we sell on endpoint is not just for antivirus, it's for MDR, it's for more end capabilities, it's for data retention. There are many other elements that go into it.
So again, we just need to continue, you know, and execute and make sure strategically we're using our time in the most efficient manner. And, you know, Dave mentioned MSSP. That's an amazing segment for us, right? I mean, we're practically the monopoly in, you know, North America MSSP, and there's more room to grow there. And all these partners have built their entire practices on top of our platform. So, you know, to us, it's just knowing what to sell, where to sell it, and where to invest the time.
How would you characterize the commonalities between easy displacements today versus hard displacements?
I think we evolved with the displacement cycles.
Okay.
I think that obviously, you know, five years ago, it was all about just proving your worth against, like, a McAfee and Symantec-
Yeah
... and, you know, winning a POC. I think today, we're seeing more consolidation of products, which means that, you know, you're seeing, like, Carbon Black coming off of a, call it a $500,000-- $500 million revenue, kind of post the deal acquisition.
Sure.
You see them a lot in tandem with the antivirus. Suddenly, it's not just a Symantec replacement-
Okay
... it's a Symantec plus Carbon Black replacement.
That makes sense.
Which is, by the way, it's a great opportunity because now we can save more money for the customers. It's actually pretty efficient. And it's still head-to-head with the usual suspects, right? I mean, nothing changed in that, in that dynamic. And it's just more of the same. I think the only thing that changes in this market for at least the past three years, no new breakthrough technology by our competitors, I would posit. I don't know if anybody else has seen something. The level of noise, that's the only thing that fluctuates in this market, and hopefully, we're not the ones inducing that, but that, that's the only thing that changes. I mean, the technologies are the same technology. You know, the breadth of the platform, I think, is always expanding for us, for others as well.
It's, you know, kind of keeping it odd with, you know, with the motion of the market, I would say.
That makes sense. Dave, I want to ask a question on the demand environment. Based on the data sets that you look at, what are you seeing in terms of trends or observations in terms of customer willingness to spend? And I ask this through a lens of helping investors gauge the downside risk of us rolling off a really healthy endpoint cycle with demand.
Yeah, I mean, we talk to customers every day. So you know, when we have customers come to us, you know, we know roughly what their budgets are, and they are more constrained than they were, you know, a year or two years ago. So we want to work with our partners and our customers to make sure that we can provide them with the best service, as long as the pricing also makes sense for us. So, you know, with us, it's how do we maintain the margins or improve on the margins we currently have? How do we make sure that they have, you know, the completeness of the security that they need to protect themselves? So that, that's something we work with and partner with our customers.
You know, this is something, you know, where, you know, at times will we look at deals that maybe don't quite fit that dynamic? Yes. Is the majority of it above that dynamic? Yes. So you're seeing us, you know, in this environment, we're raising our ASP. You know, we're seeing the average deal size continue to increase. We're still protecting customers. We're growing new customer count. So the demand is there. You know, I think when we gave guidance at the end of last quarter, you know, we anticipated that the demand environment would get worse, and I think it has plateaued a bit. It may not be as bad as we thought within Q2. Q3 is also looking like it may be kind of in that plateau.
You know, beyond that, your guess is as good as mine, but, you know, we feel good about, you know, where we're at short term, and that's why we raised our guidance for Q3 and for the year.
You made a comment there on new logos. How should we think about the trend of new logos, especially given that not all logos are created equal?
Sure. So you know, if you look back a year ago, I think we were adding about 750 new logos a quarter. This last quarter, we added 700. It's a misleading statistic because especially right now when budgets are constrained, there is a push towards MSSP. MSSPs are counted as one customer. So what I would focus on is the net new ARR growth. I would focus on revenue, you know, focus on total ARR. I think that gives you a better dynamic because there just is more of a push to MSSPs because, you know, talent is hard to get right now. It can be easily managed by an MSSP.
They're more flexible with payment terms than maybe we are, where, you know, a customer could be paying monthly or quarterly, whereas traditionally, we've been annually or, you know, even 2, 3-year contracts. So it offers some flexibility, and to us, it makes no difference because now they can do the support for it. It offers us better margins.
Absolutely. Let me pause and go to the audience questions. Let's stay on the MSSP topic. So, Tomer, you made a really interesting comment on the potential for penetration. Out of the MSSP customers, MSSP partners that you already have, how do you think about benchmarking the level of penetration you have today, and is there any reason it can't go to 100%?
Yeah, I mean, there, there are a couple of things, two, two different vectors, or maybe three different vectors. I mean, one, net new MSSP partners, which on one end, I mean, we were kind of—we thought that we were tapped out with kind of the MSSP ecosystem, and then we get a new partner that, you know, it's a multimillion-dollar partner, you know, from kind of a segment that we didn't really realize. And they're coming to us, and we're seeing more of that in our pipeline. So net new expansion for net new MSSPs, still happening. We push a lot of these, sub-million dollar MSSPs to other MSSPs, so we don't, we don't take them direct.
We kind of have this unspoken, you know, alliance with our MSSPs, where we try to engage only with, you know, what we call top-tier MSSPs, and everybody else goes through our distribution partners. So there's some growth in that vector. Within the current MSSPs that we have, what's interesting is that, and we, we've known that for a few good years. When we onboarded some of those, we didn't come into a vacuum. There was a vendor there. Sometimes it's, you know, Bitdefender or Webroot or Sophos or some of these, not the Symantec and McAfees, typically.
If you take a look at someone like ConnectWise, as an example, which is a great partner of ours, they got close to, if I'm not mistaken, I mean, close to between 8 and 10 million, 10 million endpoints under management, under RMM business. We're deploying in maybe, I don't know, 2 million of those. So by proxy, you can sort of understand what's the penetration level for us on some of these MSP partners. I think generally we're satisfied with just moving organically and growing in their estate, but we're also now becoming more strategic on how we continue to expand with them. So to me, you know, that is a very repeatable story with some of the other MSSPs. So, I think, there's a lot more growth there.
I think it's a very, very, sorry, natural motion for them to continue to grow with us versus onboarding another vendor. No other vendor out there has the complete multi-tenancy capabilities, which is a huge deal for MSSPs. I mean, imagine that you can have one platform that can manage 100,000 customers with the same one click that you do, versus a different platform, where you need to spin a different node for each and every one of the customers. Obviously, you're talking about two completely different, you know, economies of scale. And that's why, you know, I think that we've, we've seen a lot of resilience in our MSP ecosystem, and I think we're going to continue to see that. The third last vector is just modules.
And while it's clear that, you know, selling a Data Lake proposition to a micro SMB is probably not gonna fly, vulnerability management, as an example, is a perfect fit for that market, and MDR is a perfect fit for, for that market. So for us, also honing in on these specific capabilities that are relevant for each part of the market is incredibly important, which is also why we're doing more million-dollar deals, which is also why ARR per customer is going up, which in tandem... You know, obviously, the number of customers that we acquire every quarter will shrink a tiny bit because we are pushing upstream. So there's all these dynamics at play that, you know, to me, are just incredibly positive, and, again, there's just a lot of room to grow in this market.
Absolutely. Thank you both for your time. We appreciate it.
Absolutely. No, thank you all.