Q2 2026 Palo Alto Networks Inc Earnings Call [BACKUP]
Nikesh Arora: Single-digit churn. This proves that once customers adopt our platform, they not only stay, but continue to invest more with us over time. This momentum isn't accidental. It's a result of a deliberate flywheel motion we've built. When we committed to our platformization strategy years ago, we were betting on a shift that has now become an industry standard. This approach allows us to not only solve today's problems, but also provides the foundation to address new ones as they emerge. It starts by providing multiple clear landing paths. In network security, customers can begin with SASE, hardware or software firewalls, and now AI security with Prisma AIRS. In the SOC, they can land on our Cortex platform via XDR, cloud security, or directly onto XSIAM. From any starting point, customers experience the superior outcomes of an integrated platform, which leads them to adopt more deeply across our ecosystem.
Nikesh Arora: In a market changing this quickly, we believe our responsibility is to anticipate the next inflection and ensure our platform is ready. That philosophy guides our strategic investments, and the results give us the confidence to continue. Our secure browser, for example, was one such early investment that is now accelerating our SASE business, with over 9 million licenses sold to date. Similarly, in AI security, Prisma AIRS, launched just a few quarters ago and already rapidly scaling with over 100 customers ending in Q2. This is a discipline we now plan to apply to two large established markets poised for inflection: identity and observability. If AI becomes the new interface for how work gets done, identity security will be required to create the permissions and boundaries that teams can trust. And as, as AI introduces unprecedented scale, observability is essential for building resilient systems that can operate reliably.
Nikesh Arora: By bringing our Platformization discipline to these new pillars, we believe we can deliver even greater value to our customers and solidify our role as a trusted partner to navigate the complex security and data challenges of the AI era. Let me share a few examples of how this strategy is translating into deeper, more strategic customer relationships. First, a global automotive leader selected us for a major security transformation. Their goal was to modernize their security architecture and dramatically improve efficacy. This resulted in an over $50 million deal, including $30 million for SASE and $20 million for XSIAM to run their global SOC. Similarly, a global technology supplier selected us for a transformation initiative for over $40 million, choosing XSIAM to modernize their security operations globally while expanding their investment in SASE. Finally, a transaction with a leading IT service provider perfectly illustrates our flywheel.
Nikesh Arora: Building on existing investments, they committed for a $20 million expansion centered on XSIAM, and have now platformized across network security and security operations. These aren't just transactions. They're architectural decisions. When the stakes are highest, these wins validate that industry leaders are choosing the superior outcomes delivered by Palo Alto Networks. With that, let's dive deeper into the individual performance of our platforms, starting with our largest segment. Our network security business delivered a standout quarter, demonstrating the power of a platform designed to be customers wherever they are in their hybrid journey. In Q2, our SASE business continued to go from strength to strength, surpassing the $1.5 billion ARR milestone while growing approximately 40% year-on-year, solidifying our position as the fastest growing SASE provider at scale.
Nikesh Arora: What's particularly telling in the shift we are seeing in the market, many early adopters of SASE, who made choices 4 to 5 years ago during the pandemic, are now finding that those early solutions are not comprehensive enough for today's threats and complexity. As a result, they're reconsidering their first-generation point products in favor of a platform approach that provides a single unified architecture to secure their entire hybrid environment, from the data center to the cloud, and the remote workforce. A key driver of these wins is also our secure browser, which stems from a strategic bet we made over 2 years ago with the acquisition of Talon. Our thesis was that the browser is the most critical, unmanaged edge, where users, data, and now AI agents intersect. The results show our customers agree.
Nikesh Arora: As of Q2, Prisma Browser has been adopted by over 1,500 customers, 10% of which are in the Global 2,000, with an additional 2 million license seats sold in Q2. This success has clearly not gone unnoticed. It's encouraging to see others in the industry waking up to the idea that they must secure their browser layer, validating the importance of this increasingly critical control point. While many of these approaches simply extend existing architectures into the browser, we continue to believe the browser itself should function as a native security platform, architected for real-time control rather than retrofitted through extensions. We also continue to see strong momentum in our software firewall business. Last quarter, we called it our hidden gem. That was validated once again in Q2.
Nikesh Arora: Our ARR growth was approximately 25%, driven by the need to secure increasingly dynamic multi-cloud environments, a need that grows as AI workloads scale. This is complemented by our strongest hardware performance in several quarters, with revenue up nearly 10%, driven in part by early adoption of our latest Gen 5 firewalls. Finally, we remain focused on where the market is going, and that includes preparing our customers for the post-quantum era. The threat is already here. Adversaries are using a harvest now to decrypt later strategy, stealing encrypted data today to break in the future. We've seen this become a C-level priority in our early customer conversations, and the broad interest in this topic was confirmed by nearly 5,000 attendees at our Quantum Summit last month.
Nikesh Arora: This is a critical part of our customer's long-term roadmap, and we believe we are uniquely positioned to guide them through this coming architectural uplift and shift. Now, moving to Cortex. Customers continue to partner with us on their AI SOC modernization. In Q2, XSIAM surpassed the $500 million ARR milestone. We welcomed almost 150 new customers, bringing our total base to over 600, paying an average of nearly $1 million in ARR... But the key story here remains not just the growth; it's the outcomes. Over 60% of our deployed customers are now achieving mean time to remediation of less than 10 minutes, a profound shift from the days or weeks they measured before. The success of XSIAM is a great example of our ability to identify a market inflection early, invest aggressively, and execute to scale.
They normally stay but continue to invest more with us over time.
This momentum is an accidental is a result of a deliberate flywheel motion we built.
We are committed to our platform station started years ago, they're betting on the shift that has now become an industry standard disappear.
Nikesh Arora: We made a bet on the AI-driven SOC well before it became an industry-wide team, and the results are showing its scale in just 3.5 years after GA. The same focus on what's next led us to develop Agentics. The simplest way to think about it is, we're enabling our customers to build a workforce of autonomous AI agents. But the key differentiator, and what makes this a real breakthrough, is where these agents can operate. Unlike traditional security tools confined to their own ecosystem, our agents can securely extend into first- and third-party infrastructure. This means an agent can not only detect an issue in XSIAM, but then can go out and auto-remediate it directly in a cloud console, an identity provider, or a firewall with machine speed. This capability, already enabled by 200 XSIAM customers, is the key to delivering true enterprise-wide automation.
This approach allows us to not only solve today's problems, but also provides the foundation to address new ones as they emerge.
It starts by providing multiple clear landing path and that for security customers can decommit sassy hardware or software firewalls, and now AI security with Bristol Myers in the sock, they can learn or our cortex platform via Xdr cloud security are directly under X I am from any starting point customer experience superior outcomes of an integrated platform.
Which leads them to adopt more deeply across our ecosystem.
In a market changing this quickly I believe our responsibilities to anticipate the next inflection and ensure our platform is ready that philosophy, guys. Our strategic investments and gives us gives us the confidence to continue.
Secure browser for example was one such early investment is now accelerating our SaaS business with over 9 million licenses sold to date similar.
Nikesh Arora: This is a powerful example of how we use AI to create better security outcomes. But that's only one part of our AI security strategy. Over the last couple of years, we have expanded our AI security capabilities aligned to what our customers need as they deploy AI at scale. We're bringing those capabilities together as part of a universal AI security platform, one designed to protect AI deployments across models, agents, and the environments in which they operate. It starts with Prisma AI to secure AI models and AI-powered applications across their lifecycle, from model scanning and red teaming to runtime defense. We launched this platform just a few quarters ago, and its adoption has been remarkably strong. From Q1 to Q2, we more than tripled our customer count to over 100.
Similarly in AI security Prisma Harrah's, Las just a few quarters ago.
Already rapidly scaling with over 100 customers ending in Q2.
This is the discipline, we now plan to apply for two large established markets poised for inflection identity and observer ability.
If AI becomes a new interface for how work gets done I didn't the security required to create the permissions and boundaries that teams can trust.
As they are introduced unprecedented scale of.
Absorbability is essential for building resilient systems that can operate reliably.
By bringing up acquisition discipline to these new pillars, we believe we can deliver even greater value to our customers and solidify our role as a trusted partner to navigate the complex security and data challenges of the AI era.
Nikesh Arora: While bookings also doubled during the same period, with a nine-figure pipeline already materializing, it's clear the market has been waiting for a comprehensive platform to secure AI. At the same point, we're also seeing a new class of autonomous AI agents emerge, software that can perform tasks and interact with local systems on its own. This naturally extends security requirements to the endpoint. This is why I'm excited to announce our intent to acquire Koi, a pioneer in securing the next major inflection point in security, the agentic endpoint. Koi will enhance our endpoint capabilities in XDR 2.0, while also becoming an integrated part of our universal AI security platform, extending security and governance to autonomous agents at the device layer. We are witnessing a dramatic shift. Now software lives on the endpoint. Traditional security tools are often blind to the new AI layer of software.
Let me share a few examples of how this strategy is translating into deeper more strategic customer relationships for our global automotive leader selected us for a major security transformation. The goal was to modernize their security architecture and dramatically improve efficacy. This is altered and over $50 million deal, including tournament for sassy and.
'twenty moved for Exxon to run their global saw similarly.
Our global technology supplier selected us for our transformation initiative for $40 million choosing Exxon to modernize their security operations globally, while expanding their investment in sassy finally, a transaction with leading Iot service provider perfectly illustrates a fly a flywheel building on existing investments they committed for $20 million expansion centered on X I am and have now.
Nikesh Arora: The massive rise of MCP servers, browser extensions, plugins, and ephemeral code that bypasses standard security controls. This represents a significant unmanaged attack surface. We identified this new threat vector early, and Palo Alto Networks has been a customer of Koi since summer of 2025. On my recent trip to Israel in December, Lee Klarich and I met with the Koi team and were immediately impressed by their foresight into the next generation of endpoint threats. Since then, we've seen this risk pattern intensify, including security concerns that have been recently popularized by the widespread adoption of OpenCloud. We believe this is the latest example of what the future of an AI attack surface will look like, and that Koi will help our XDR platform remain well-positioned to provide the most innovative security solutions to our customers.
Somebody's across network security and security operations.
Arne just transactions their architectural decisions when the stakes are highest these wins validate that industry leaders are choosing the superior outcomes delivered.
Okay.
By Palo Alto networks.
That.
Let's dive deeper into the individual performance of our platforms, starting with our largest segment.
Our network security business delivered a standout quarter demonstrating the power of our platform designed to meet customers wherever they are in their hybrid journey in Q2.
<unk> business continued to grow from stem to stern, surpassing the $1 5 billion there are milestone while growing approximately 40% year on year. So.
So let me firing our position as the fastest growing SaaS provider at scale.
Nikesh Arora: After closing, Koi will also be able to provide unique extensions to Prisma AIRS and Prisma Browser to ensure that our customers have visibility to any AI software and browser that are only present on the endpoint, resulting in the most comprehensive visibility to the AI attack surface. Over time, this will help ensure that the endpoint becomes more agentic. Our customers will remain fully protected. Now, this focus on visibility is critical, but to act with precision, you first need to see with clarity. This is why a new level of observability is so essential, which brings me to Chronosphere. In the age of AI, Chronosphere offers a unique value proposition, deliver observability at a massive scale, proven in production today by many of the world's leading born-in-the-cloud and AI-native companies.
What's particularly Italian this shift we are seeing in the market. Many early adopters of sassy, who made choices four or five years ago. During the pandemic and are finding that those early solutions not comprehensive enough for today's threats and complexity as a result, they are reconsidering their first generation point products in favor of a platform approach that provides a single unified architecture to secure.
The entire hybrid environment from the data center to the cloud and the remote workforce.
A key driver of these wins is also our secure browser with.
This stems from our strategic bet, we made over two years ago with the acquisition of Dallas R.
Pieces was that the browser is the most critical unmanaged edge, where users data and now yeah agents intersect.
<unk> show our customers agree as of Q2, Brisbane browser has been adopted by over 500 customers, 10% of which are in the global 2000.
Nikesh Arora: During Q2 and after we closed the Chronosphere acquisition, we signed a multi-year, nine-figure expansion deal with a leading AI model provider, a testament to Chronosphere's ability to scale the largest and most complex environments. The momentum is clear in the numbers, with the company generating approximately $200 million in ARR as of Q2, well above our expectations. The end-to-end observability platform is also gaining traction, with over 80% of new logos last year landing with multiple products such as metrics, logs, and traces. By combining Chronosphere's deep visibility with the automated action of Agentics, we are enabling our customers to build the self-healing, autonomous enterprises of the future. So we have prevention, we have visibility, and we have automation. But every action, whether by a human or an AI agent, is governed by an identity. Which brings me to our next newest major pillar.
With an additional 2 million licenses seats sold in Q2.
This success is clearly not gone up gone unnoticed. It is encouraging to see others in the industry waking up to the idea that they must secure their browser Lear validating the importance of this increasingly critical control point.
While many of these approaches simply extend existing architecture to the browser. We continue to believe the browser itself should function as a native security platform architecture for real time control rather than retrofitted through extensions.
We also continue to see strong momentum in our sulfur firewall business last quarter, we called our hidden gem.
That was validated once again in Q2.
Our air growth was approximately 25% driven by the need to secure increasingly dynamic multi cloud environments. The need that grows as AI workload scale.
Nikesh Arora: We're delighted to have closed the acquisition of CyberArk early in Q3, and are ready to execute on what I believe is a massive opportunity in identity security. As many of you noticed earlier this month, CyberArk is coming off an exceptional December quarter with a record net new ARR and 30% of subscription ARR growth at scale. We've been rigorously building and defining our integration plans and are moving fast to put these plans into execution. This includes aligning our go-to-market engines. We're already well underway on detailed account planning and aligned sales incentives to ensure our teams are collaborating from day one. From a product perspective, the innovation roadmap here is massive. We aren't just looking at legacy IM, which in our view is basic hygiene. We're building a next-generation identity security platform that protects across humans, machines, and AI agents.
This is complemented by our strongest hardware performance in several quarters with revenue up nearly 10% driven in part by early adoption of our latest Gen five firewalls.
Finally, we remain focused on where the market is going that includes preparing our customers for the post gone tomorrow, but that is already here anniversaries or using a harvest now equipped latest strategy stealing encrypted data today to break in the future.
Christine this is become a C level priority and our early customer conversations.
The broad interest in this topic was confirmed by nearly 5000 attendees at our content summit last month. This is a critical part of our customers' long term road map and we believe we are uniquely positioned to guide them through this coming architectural uplift.
<unk> now.
Now moving to cortex.
Customers continue to partner with us on the AI sock modernization.
Nikesh Arora: We also look forward to delivering machine identity and certificate lifecycle management to our 65,000-plus firewall customers. Longer term, we remain excited about the opportunity to address the growing needs of identity to secure AI agents... We bought CyberArk because when AI agents start logging in at machine speed, logging in becomes the primary attack vector. We believe we are now the only company that can verify the who, and secure the what simultaneously. Given the momentum in the business currently and our innovation roadmap, we believe we are well positioned to become the largest identity security player of all time. In summary, we continue to execute against our Platformization strategy in Q2, with momentum building across multiple areas of business.
In Q2 ex science surpassed the $5 billion milestone, we welcomed almost 150, new customers, bringing our total base to over 600 paying an average of nearly $1 million in Iraq.
He is doing here I mean, it's not just a go see outcomes over.
Over 60% of our deployed customers now achieving meantime, remediation of less than 10 minutes, a profound shift from the days or weeks they measured before.
The success of its time is a good example of our ability to identify a market inflection early invest aggressively and execute to scale.
They've made a bet on the idea of a softball before it became an industrywide team that is also showing at scale and Jessica and a half years after G E.
Nikesh Arora: Our core innovation engine remains strong, with great traction in new products like AIRS and Agentics, and are ready to put our innovation plans into action with CyberArk and Chronosphere. Before I hand over to Deepak, I want to take a few minutes to reflect on the recent advancements in AI. We're seeing significant innovation in new agentic platforms targeting the enterprise, and while it's still early, it is causing some companies to reassess how their applications are built, how workflows are automated, and what decisions are made. Long-standing assumptions about systems of record are being revisited, and perhaps even more so, the analytics layer built on top of them. In many enterprise applications, data reflects structured business processes within defined workflows. Security data is different.
The same focus on what's next led us to develop a gentex. The simplest way to think about it is we're enabling our customers to build a workforce of autonomous agents, but the key differentiator.
What makes it real breakthrough is where these agents can operate.
Unlike traditional security tools confined to their own ecosystem, our agents can securely extend into first and third party infrastructure. This means in Egypt can nominally detect issuing next time, but then can go out and how to remediate it directly and across console and identity provider or a firewall that machine speed. This.
This capability.
Enabled by 200 X time customers is a key to delivering true enterprise wide automation.
This is a powerful example of how we use AI to create better security outcomes.
Nikesh Arora: In our case, it is real-time threat activity generated at the control point, where our platforms operate and continuously refine to more than 30 billion attacks blocked daily, and 15 petabytes of telemetry processed in our AI SOC. That distinction matters. When we say precision AI, it is not AI layered onto a feature set; it is AI trained on a proprietary dataset and embedded directly at those critical control points. As AI begins interacting autonomously across applications infrastructure, fragmented security introduces delay at precisely the wrong moment. Security must operate as a coordinated system, unified, consistent, and real time. Because our platform sits at these control points, we see these shifts as they happen. The data generated across network, cloud, identity, endpoint, and browser continually informs our models, creating a feedback loop that compounds with scale. But scale is not enough.
But that's only one part of our AI security strategy.
Over the last couple of years, we have expanded our air security capabilities aligned to what our customers need as they deploy at scale or bringing those capabilities together as part of a universal AI security platform when designed to protect their deployments across models agents and the environments in which they operate.
It starts with Prisma access to secure air models, and AI powered applications across the lifecycle for modal setting and red teaming with one time defense.
We launched this platform just a few quarters ago and as adoption has been remarkably strong from.
From Q1 to Q2, we more than tripled our customer count to over 100.
Our bookings also doubled in the same period for the nine figure pipeline already materializing, it's clear the market has been waiting for a comprehensive platform secure out.
At the same point.
We're also seeing a new class of autonomous agents emerge software that can perform task interact with local systems on its own.
Nikesh Arora: Sustained leadership requires a willingness to adapt and challenge our own assumptions. Technology cycles change, architectures evolve. For the past 7.5 years, we've consistently aimed to invest ahead of inflection points in technology, even when the path is not fully defined. Maintaining this discipline is vital to ensuring that we remain the digital guardian for our customers-consumers, however, the technology stacks could evolve. With that, I will hand over the call to Deepak to review the quarter results in detail.
This naturally extend security requirements to the endpoint. This is why I'm excited to announce our intent acquire coy a pioneer in securing the next major inflection point in security.
<unk> and point Cove.
We will enhance our endpoint capabilities as an extra 2.0, while also becoming an integrated part of our University I security platform, extending security and governance to autonomous agents at the device layer.
Dipak Golechha: Thank you, Nikesh, and good afternoon, everyone. As Nikesh noted, our strong Q2 results reflect the consistent execution of our platformization strategy, coupled with a robust demand environment. The increasing adoption of our platforms is most evident in our next generation security ARR, which grew 33% to $6.33 billion. This includes a $200 million contribution from our recent acquisition of Chronosphere. On an organic basis, NGS ARR was up 28% year over year, and net new ARR was up 11% year over year. This performance was driven by an acceleration in SASE and software firewall ARR, alongside continued momentum in XSIAM. A key contributor to our software firewall growth in recent quarters is Prisma AIRS. As customers increase their AI deployments, they're looking for a trusted partner to secure this critical transformation.
We are witnessing a dramatic shift in our software lives on the endpoint professional security tools are often blind to the new software the massive rise in MCP servers.
The extensions plug ins and ephemeral code that bypass a standard security controls.
This represents a significant unmanaged attack surface.
We identified this new tech back early and Palo Alto networks has been a customer of course since summer of 2025.
On my recent trip to Israel in December Lee Klarich, and I met with a great team.
Really impressed by the foresight into the next generation of endpoint threat.
Since then we've seen does this patent intensified including security concerns that have been recently popularized by the widespread adoption of open call to lead to the latest example of what the future of any I attack surface will look like.
And of course, we will help our xdr platform well positioned to provide the most innovative security solutions to our customers.
After closing.
Dipak Golechha: Prisma AIRS directly addresses this need, and as Nikesh mentioned, it is scaling rapidly with over 100 customers ending Q2. Our remaining performance obligation, or RPO, grew 23% to $16.0 billion. This includes approximately $150 million of RPO from our Chronosphere acquisition. It's important to note that RPO balances for Chronosphere can fluctuate from period to period, given usage-based pricing, with ARR and revenue being more representative of business performance. Our current RPO, which represents the near-term revenue realization, was $7.1 billion, representing 18% growth. Total revenue was $2.59 billion and grew 15%. Given the close of our Chronosphere acquisition came near the end of fiscal Q2, the revenue contribution was immaterial during the quarter.
Also be able to provide unique experiences to prisma Harris, because my browser to ensure that our customers had visibility to 'twenty as offering a browser that are only present on the endpoint.
The most comprehensive visibility to the attack surface.
Overtime. This will help ensure that the endpoint because more agenda, our customers will remain fully protected.
Now the spokesman visibility is critical.
With precision you first need to see with clarity. This is why a new level of Absorbability, So essential which brings me to Kronos there.
And the age of AI offers a unique value proposition deliver observed body of the massive scale proven in production today, but many of the world's leading born in the cloud and AI native companies doing.
During Q2 and after we close the transfer acquisition, we signed a multi year nine figure expansion deal with a leading air model provider a testament of course, there's the ability to scale, the largest and most complex and violence.
Dipak Golechha: Product revenue was up 22%, with 45% of the product revenue coming from software form factors over the trailing twelve months, which was up from 38% in the trailing twelve months ending Q2 2025. This was driven in part by strong demand for software firewalls, as noted earlier. Our software growth was complemented by improving hardware demand, led by the adoption of our latest Gen 5 firewall appliances and SD-WAN. Total services revenue grew slightly above 13%. Within this, subscription revenue was up 14%, while support revenue grew 12%. From a geographical perspective, we saw broad-based strength across all of our major theaters, with the Americas growing 14%, EMEA growing 17%, and JAPAC growing 17%. Moving further down the income statement, our discipline and focus on profitability and operational leverage continued to deliver strong results in Q2.
The momentum is clear in the numbers for the company generating approximately 200 million in Iraq as of Q2, well above our expectations.
The <unk> of the ability of platform is also gaining traction with over 80% new logos last year landing with multiple products, such as metrics logs and traces by combining <unk> deep visibility for the automated action of a gentex, we are enabling our customers to build a self healing autonomous enterprise of the future.
So we have prevention.
We have visibility and we have automation, but every action whether by humans and AI agent is governed by an identity, which brings me to our next nearest major pillar.
We are delighted to have closed the acquisition of cyber or early in Q3 and are ready to execute on what I believe is a massive opportunity in Idaho security.
As many of you noticed earlier this month cyber Ark is coming off an exceptional December quarter, the record net new <unk> and 30% of subscription that are good at scale.
Vigorously building and refining our integration plans and moving fast to put these plans into execution. This includes aligning our go to market engines, we're already well.
Dipak Golechha: Given the timing of the Chronosphere acquisition, the impact of this transaction to our PNL financials was immaterial. Our total gross margin for the quarter was 76.1%. Within this, product gross margin was 78.2%, an increase of 150 basis points year-over-year, driven by a higher software mix compared to last year. As noted earlier, we did see improvement in our hardware business during Q2. Therefore, on a sequential basis, the higher mix of hardware and product revenue resulted in a 180 basis point decrease to product gross margin versus Q1. The services segment delivered gross margin of 75.6%, down 100 basis points year-over-year. The year-over-year change in services gross margin reflects a positive mix shift towards our high-growth SaaS offerings, which remain in the earlier part of their scaling curve.
Underway on detailed account planning and align sales incentives to ensure our teams are collaborating from day one.
From a product perspective innovation roadmap here is massive.
Just looking at legacy I am which in our view is basic hygiene I believe and next generation identity security platform that protects the cost humans machines and they are agents.
Also look forward to delivering machine identity, instead of Vic lifecycle management to a 65000, plus firewall customers longer term for him and excited by the opportunity to address the growing needs of identity security agents, we brought cyber Ark because on AI, even start logging into the machine speed.
Blogging and becomes the primary attack vector. We believe we are now the only company that can verify the who are secure the work simultaneously.
Given the momentum in the business currently and our innovation roadmap. We believe we are well positioned to become the largest identity security player over time.
Dipak Golechha: We continue to be pleased by the growth of our SaaS offerings and remain focused on driving efficiencies here. Now, turning to the supply chain, we observed a marginal impact on product COGS this quarter from higher memory and storage pricing, but we believe we are well-positioned to manage through these dynamics. First, our high and growing software mix provides a natural hedge. Second, we will leverage our scale, deep supply chain expertise, and lessons learned through COVID and prior supply chain constraints. And third, pricing actions taking effect later this fiscal year will help offset corresponding cost increases. We have proactively factored these considerations into our Q3 and full year outlook. We delivered our third consecutive quarter of 30%+ operating margins, with Q2 operating margin of 30.3%, a 190 basis point expansion versus Q2 of last year.
In summary, we continue to execute against that plan transition strategy in Q2 with momentum building across multiple areas of the business.
Our core innovation engine remains strong with great traction in new products like Arizona, Gentex I'm ready to put our integration plans of action on the sidewalk in Gaza.
Before I hand over to Deepak I want to take a few minutes to reflect on the recent advancements in AI.
We're seeing significant innovation and new agenda platforms targeting the enterprise and while its still early it is causing some companies to reassess all the applications are built our workflows and automated.
I've made long standing assumptions about systems of record are being revisited and perhaps even more so the analytics, they're built on top of that.
And many enterprise applications data reflects structured business processes within defined workflows.
Security data is different in our case.
It is real time chat activity generated at the control point.
Dipak Golechha: The strong expansion reflects our ability to drive consistent scale and efficiency across all OpEx line items. Our diluted non-GAAP EPS reached $1.03, which once again came in above the high end of our guidance. Q2 adjusted free cash flow was $502 million. On a trailing twelve-month basis, we generated $3.75 billion in adjusted non-GAAP free cash flow, representing a margin of 37.9%. Our cash and cash equivalents for the period was $7.9 billion, reflecting a $2.6 billion cash consideration for the Chronosphere acquisition. Given the recent close of our CyberArk acquisition, we expect a $2.3 billion cash outlay in Q3. This results in total combined cash outlay of $4.9 billion.
Our platform's operating continuously refine to a more than 30 billion attacks blocked daily and 15 petabytes of telemetry processed in our <unk>.
That distinction matters, and we see a precision AI, it's not yeah layered onto a feature set it as are trained on our proprietary dataset and embedded directly at those critical control points.
Begins interacting autonomously across applications infrastructure.
Fragmented security introduces delay episodically the wrong moment security must operate as according to the system unified consistent and real time.
Because our platform sits of these control points with these shifts you see these shifts as they happen.
In general across the network cloud identity endpoint in a browser.
Informs our model, creating a feedback loop that composite scale.
But scale is not enough sustained leadership requires a willingness to adopt a challenge around a central technology cycles change architectures evolve for the past seven and half years, we've consistently aimed at the head of an inflection point in technology.
Dipak Golechha: In connection with our acquisition of CyberArk, we guaranteed the payment obligations under CyberArk's convertible senior notes due 2030. The acquisition resulted in a make-whole fundamental change under the notes, and we will be making an offer to repurchase the notes in the coming days. We also issued 112 million shares in consideration for the CyberArk acquisition. Before I turn to guidance, I also want to extend a warm welcome to the over 4,000 talented individuals from CyberArk and Chronosphere. We're thrilled to have them on board and excited to execute on our integration plans to unlock the full value of these acquisitions. Our focus is on a frictionless onboarding experience for our new colleagues, and within just the first few days, we've provided access to collaboration tools for every individual to work as one cohesive team.
<unk> is not fully defined.
Maintaining this discipline is vital to ensure that'd be demand the digital guardian for a customer of yours.
The technology stack put them all.
With that I will hand over the call to deeper to the quarter's results in detail.
Thank you Kash and good afternoon, everyone.
As Nick has noted our strong Q2 results reflect the consistent execution of our <unk> strategy, coupled with a robust demand environment.
The increasing adoption of our platform is most evident in our next generation security <unk>, which grew 33% to $6 33 billion.
This includes a $200 million contribution from our recent acquisition of Kronos Saint.
Dipak Golechha: We remain confident in our ability to deliver significant scale and leverage across every line of each of our financial statements. From an operational standpoint, integration is being executed with the same rigor that we apply to running our core business. We've established clear governance, defined work streams across all functions, including IT, finance, IT, HR, product, and go-to-market, and implemented measures to ensure continuity for customers, partners, and employees. Our priority is maintaining business momentum while methodically bringing platforms, reporting structures, and operating rhythms together. Taken together, we believe this disciplined approach to integration reinforces our confidence in delivering sustained growth and operating leverage, enabling us to achieve our target of 40% free cash flow margin by fiscal 2028, and our longer-term goal of $20 billion in NGS ARR by fiscal 2030. Now, let me take you through the guidance.
On an organic basis, <unk> was up 28% year over year, and net new <unk> was up 11% year over year.
This performance was driven by an acceleration in SaaS and software firewall era alongside continued momentum the nexsan.
A key contributor to our software firewall growth in recent quarters as prisoner <expletive>.
As customers increase the AI deployments, they're looking for a trusted partner to secure this critical transformation.
Crisman as directly addresses this need and as Nick has mentioned is scaling rapidly with over 100 customers and in Q2.
Our remaining performance obligation or IPO, 23% to 16.0 billion.
This includes approximately $150 million of IPO from our Kronos Air acquisition.
It is important to note that <unk> balances the krona say it can fluctuate from period to period, given usage based pricing with Ara in revenue being more representative of business performance.
Dipak Golechha: Please note that our Q3 and full year 2026 guidance is inclusive of both the CyberArk and Chronosphere acquisitions, which have been aligned to our fiscal year and our definitions of certain non-GAAP metrics. This includes NGS ARR, which reflects only the subscription portion of CyberArk's ARR, and has been conformed to our standard revenue-based definition. Our Q3 and full year 2026 guidance assumes reported NGS ARR for CyberArk will be approximately 2 to 3% lower than the equivalent under CyberArk's previous bookings-based ARR definition. Please see the appendix of our earnings presentation for more detail on the comparison of the two ARR definitions. For the fiscal third quarter of 2026, we expect NGS ARR to be in the range of $7.94 to 7.96 billion, an increase of 56%.
Our current <unk>, which represents a near term revenue realization was $7 $1 billion, representing 18% growth.
Total revenue was $2 five 9 billion and grew 15%.
Given the close of our chromosomes acquisition came near the end of fiscal Q2, the revenue contribution was immaterial during the quarter.
Product revenue was up 22% with fleet, 5% of the product revenue coming from software form factors over the trailing 12 months, which is up from 38% in the trailing 12 months ending Q2 25.
This was driven in part by strong demand for software firewalls as noted earlier.
Our software growth was complemented by improving hardware demand led by the adoption of our latest Gen five firewall appliances and SD Wan.
Total services revenue grew slightly above 13% within this subscription revenue was up 14% while support revenue grew 12%.
Dipak Golechha: This includes a $1.47 billion contribution from M&A. Remaining performance obligation of $17.85 to $17.95 billion, an increase of 32% to 33%. This includes a $1.6 billion contribution from M&A. Revenue to be in the range of $2.941 to $2.945 billion, an increase of 28% to 29%. This includes a $340 million contribution from M&A. Our fully diluted share count is 812 to 817 million shares, which accounts for the close of the CyberArk acquisition on 11 February. Diluted non-GAAP EPS to be in the range of $0.78 to $0.80.
From a geographical perspective, we saw broad based strength across all of our major theaters with the Americas growing 14% EMEA growing 17% and <unk> growing 17%.
Moving further down the income statement, our disciplined focus on profitability and operational leverage continued to deliver strong results in Q2.
Given the timing of the chromosphere acquisition the impact of this transaction to our P&L financials was immaterial.
Our total gross margin for the quarter was 76, 1% within this product gross margin was 78, 2% an increase of 150 basis points year over year, driven by a higher software mix compared to last year.
Dipak Golechha: For the fiscal year 2026, we expect NGS ARR to be in the range of $8.52 to 8.62 billion, an increase of 53% to 54%. This includes a $1.52 billion contribution from M&A. Remaining performance obligation of $20.2 to 20.3 billion, an increase of 28%, which includes a $1.6 billion contribution from M&A. Revenue to be in the range of $11.28 to 11.31 billion, an increase of 22% to 23%. This includes a $760 million contribution from M&A. Operating margins to be in the range of 28.5% to 29%. Diluted non-GAAP EPS to be in the range of $3.65 to 3.70 per share.
As noted earlier, we did see improvement in our hardware business. During Q2, therefore on a sequential basis the higher mix of hardware product revenue resulted in 180 basis point decrease the product gross margin versus Q1.
The services segment delivered gross margin of 75, 6% down 100 basis points year over year the year over year change in services gross margin reflects a positive mix shift towards our high growth SaaS offerings, which remain in the early part of that scaling health. We continue to be pleased by the growth of our SaaS offerings.
I remain focused on driving efficiencies.
Now turning to the supply chain, we observed a marginal impact on product Cogs, this quarter and higher memory and storage pricing, but we believe we are well positioned to manage through these dynamics.
Dipak Golechha: Our fully diluted share count of 768 to 773 million shares, which accounts for the close of the CyberArk acquisition. An adjusted free cash flow margin of 37%. We've included our typical modeling points in the presentation for your review, but I would like to highlight a few now. First, note that under our accounting policy, the upfront portion of term licenses and any perpetual license revenue from CyberArk will be recognized as product revenue. All of our Chronosphere revenue will be included in services. For Q3, we expect product revenue growth of 25%, and for the year, we expect product revenue growth in the low 20s. With that, I will turn it back to Hamza for Q&A.
First a high and growing software mix provides a natural hedge second we will leverage our scale deep supply chain expertise and lessons learned through COVID-19 and prior supply chain constraints.
Third pricing actions taking effect later this fiscal year will help offset corresponding cost increases we are proactively factored these considerations into our Q3 and full year outlook.
We delivered our third consecutive quarter of 30% plus operating margins with Q2 operating margin of 33%, a 190 basis point expansion versus Q2 of last year.
The strong expansion reflects our ability to drive consistent scale and efficiency across all Opex line items.
Diluted non-GAAP EPS reached one point $1.03, which once again came in above the high end of our guidance.
Hamza Fodderwala: Okay, thank you, Deepak. For our analysts, please limit yourself to one question to allow for maximum time for Q&A. First, we've got Rob Owens from Piper Sandler, followed by Brad Zelnik from Deutsche Bank.
Q2, adjusted free cash flow was $502 million on a trailing 12 month basis, we generated 3.75 billion and adjusted non-GAAP free cash flow, representing a margin of 37, 9%.
Rob Owens: Great. Thank you, Hamza, and good afternoon, everyone. Nikesh, looking back at 2018, 2019, there was a prevailing fear that cloud computing would render parts of the cybersecurity stack obsolete. At that time, you leaned into M&A and repositioned the portfolio. You know, obviously, the business has tripled since that today. Now we enter this AI era, and the narrative feels oddly similar. Could you compare the existential nature of this AI shift to, to what we saw in cloud, and maybe what areas you think will be obsolesced? And then specifically, is M&A the primary lever again this time around, or does your starting position differ at Palo Alto from where you were, let's say, at the start of the cloud cycle? Thanks.
Our cash and cash equivalents for the period was $7 9 billion.
Reflecting a $2 $6 billion cash consideration for the Kronos Air acquisition.
Given the recent close of our cyber Ark acquisition, we expect that $2 $3 billion cash outlay in Q3.
This results in total combined cash outlay of $4 9 billion.
In connection with our acquisition of <unk>, we guaranteed the payment obligations on the sidewalks convertible senior notes due 2030 the acquisition resulted in a make whole fundamental change under the notes and we will be making an offer to repurchase the notes in the coming days.
Nikesh Arora: That's a long one question, Rob. Nice to see you again. So that's a, that's a good question, Rob. Look, I think when we looked at in 2018, 2019, you were trying to manage two challenges. One challenge was, how do we get customers to get off on-prem to cloud and then deliver them cloud security? And the other challenge was, you know, how do we deliver services off the cloud the customers would accept because they're being delivered from the cloud? And that's kind of where, you know, us, we had to refactor our entire security service in the firewall, delivered them from the cloud, which was a huge opportunity. We made a lot of acquisitions to deliver cloud security. We fundamentally architected XSIAM at that point in time as a cloud-delivered SOC, which was generally not the prevailing trend.
We also issued 112 million shares and considerations of the Sidebar acquisition.
Before I turn to guidance I also want to extend a warm welcome to the over 4000 talented individuals from cyber Aachen Krona said, we're thrilled to have them on board and excited to executing our integration plans to unlock the full value of these acquisitions.
Our focus is on a frictionless onboarding experience for our new colleagues and within just the first few days, we've provided access to collaboration tools for every individual to work as one cohesive team.
We remain confident in our ability to deliver significant scale and leverage across every line of each of our financial statements.
From an operational standpoint integration is being executed with the same rigor that we apply to running our core business. We've established clear governance defined work streams across all functions, including it.
Nikesh Arora: I think this time, I, I'm still, you know, confused why the market is treating AI as a threat to at least cybersecurity. I can't speak for all the software, because one thing we're definitely seeing, that customers have figured out that they need to drive more consistency in their security stack to be able to respond faster using AI. You cannot respond fast if you've got seven different vendors who have different data, different logs, different APIs running. So we are seeing a trend towards more consolidation, more platformization, and that's evident in what we said. We did our best number of platformization this quarter than we've ever done, barring a Q4, which is seasonally strong. So I think that's one trend we're seeing. And the other trend we are seeing is, you know, slow adoption on the enterprise side, slower than the consumer side of AI.
Finance it HR products and go to market and implemented measures to ensure continuity of customers partners and employees.
Our priority is maintaining business momentum, while methodically, bringing platforms reporting structures and operating rhythms together.
Taken together, we believe this disciplined approach to integration reinforces our confidence in delivering sustained growth and operating leverage enabling us to achieve our target of 40% free cash flow margin by fiscal 2028, and our longer term goal of $20 billion in GSA are all by fiscal 'twenty three.
Nikesh Arora: But as the adoption is beginning to happen, we're beginning to hear conversations around security, which, as you see with Prisma AI, as we delivered 100+ customers, this is much faster than we did in cloud security. So people are adopting it faster. So from my perspective, AI is inevitable. It is gonna be used by enterprises. As enterprises start putting more critical functionality in the hands of AI, they will want control of AI agents or of their AI infrastructure, and that requires more security. So I think generally it's a positive trend towards more security adoption. I particularly believe it's a bigger trend towards platformization and consistency of data and harmonization of data in the enterprise. We're not collecting enough data right now to get security, good security outcomes.
Now, let me take you through the guidance.
Please note that our Q3 and full year 2026 guidance is inclusive of both the cyber Ark and Kronos air acquisitions, which have been aligned to our fiscal year and our definitions of certain non-GAAP metrics.
This includes N G S. A R R, which reflects only the subscription portion of sidewalks era and has been conformed to a standard revenue based definition.
Our Q3 and full year 2026 guidance assumes reported NDS era, the <unk> will be approximately 2% to 3% lower than the equivalent on the sidewalks previous bookings base base.
Our all definition.
Please see the appendix of our earnings presentation for more detail on the comparison of the two definitions.
Rob Owens: All right. Thank you.
Hamza Fodderwala: Okay. Thank you, Rob. Next, we have Brad Zelnik from Deutsche Bank, followed by Saket Kalia from Barclays.
For the fiscal third quarter 2026, we expect.
Dipak Golechha: Great. Thanks so much. Nice to see everybody. Nikesh, I pay close attention to the acquisitions you make and the things that you tell us, because you've proven very astute at identifying future opportunities. As we think about XSIAM and the AI-driven SOC, I've heard investors concerned lately that LLMs are gonna kill SIEM tools. How do we think about the balance of opportunity and threat of LLMs doing a lot of the things that we relied upon SIEMs for? And even if you're competitive from a product standpoint, is there a risk that you now face a new strong competitor for these modernization opportunities?
<unk> to be in the range of 794% to $7 $96 billion, an increase of 56%. This includes a 1.4 dollars 7 billion contribution from M&A.
Remaining performance obligation of $17 eight 5% to $17 95 billion, an increase of 32% to 33%. This includes a $1 6 billion contribution from M&A.
Revenue to be in the range of $2 nine for one to $2 94 $5 billion, an increase of 28% to 29%. This includes a $340 million contribution from M&A.
Nikesh Arora: So I think, Brad, the LLMs are a net positive and additive to our capability to deliver security. Like, LLMs are very useful for data classification when we're doing DLP, because we've relied on very traditional approaches towards matching, exact matching data and trying to do DLP. And LLMs are much able to understand context to say, "Oh, this definitely looks like something that is data that is restricted or PII." So I think there are certain examples where generative AI and LLMs are extremely useful. All the examples you see, they're really good at looking at patterns and finding gaps, and you'll see in offensive security or red teaming, LLMs are being helpful.
Our fully diluted share count of 812 to 817 million shares which accounts for the close of the <unk> acquisition on February 11th.
Diluted non-GAAP EPS to be in the range of 78 to 80.
For the fiscal year 2026.
We expect <unk> to be in the range of $8 five to $8 $62 billion, an increase of 53% to 54%. This includes a 152 billion contribution from M&A.
<unk> performance obligation of $22 billion to $23 billion, an increase of 28%, which includes the $1 6 billion contribution from M&A.
Nikesh Arora: I think the challenge that LLMs will face or do face in providing comprehensive security is, it's not the 95% of the time they're right, it's the 5% of the time they're not right, you need to be right, right? This is like we're fighting bad guys who have to be right once. We have to be right 100 times, 100% of the time. So LLMs, until they get to 99, 99.9% accuracy, are not a threat to delivering security. They are tools that can be used to summarize capabilities. There will be agentic actions that can be used to get a lot of the pre-work done from a precision AI perspective and get that data together. So I think AI helps the cause. Every security company is going to have to use AI to deliver the capabilities that they deliver today.
Revenue to be in the range of 11 to eight to 11, three $1 billion, an increase of 22% to 23%. This includes a $760 million contribution from M&A.
Operating margins to be in the range of $28, 5% to 29%.
Diluted non-GAAP EPS to be in the range of $3 six 5% to $3 seven zero.
Rose.
Sure.
Our fully diluted share count of 768 to 773 million shares which accounts for the close of the <unk> acquisition.
Nikesh Arora: So, and I think it's not a secret, every one of us is working hard. Almost every AI, every security product has some version of a copilot that now runs in tandem with the product. This helps you understand the patterns, understand the capabilities, and be able to answer questions faster. I don't think it's, it's going to replace the security product anytime soon. And don't forget, Brad, one more thing is, in most cases, our security products sit at edges and create new data and logs that didn't exist from everything that's around them. So to the extent we are creating proprietary data and security, that is not going to be replaced by an LLM. We're not a system of record, we're not a system of work.
And adjusted free cash flow margin of 37%.
We have included a tripling typical modeling points in the presentation for your review.
Like to highlight a few now.
First note that under our accounting policy the upfront portion of term licenses and any perpetual license revenue from <unk> will be recognized as product revenue all of our Kronos sale revenue will be included in services.
The Q3, we expect product revenue growth of 25% and.
And for the year, we expect product revenue growth in the low twenties.
Nikesh Arora: We are generating specific domain-specific data based on threats we see out in the environment, and then using that analytically to figure out how the customer should protect themselves.
With that I will turn it back to Hamzah for Q&A.
Yeah.
Lee Klarich: Awesome. Super clear, super helpful. Thank you.
Hey, Thank you Deepak.
Brian <unk>, please limit yourself to one question to allow for maximum time for Q&A.
Hamza Fodderwala: Okay, thank you, Brad. Next, we have Saket Kalia from Barclays, followed by Mita Marshall from Morgan Stanley.
First we've got Rob Owens from Piper Sandler followed by Brad Zelnick from Deutsche Bank.
Saket Kalia: Okay, great. Hey, thanks for taking my question here. Congrats on closing Chronosphere and CyberArk. Nikesh, maybe on that point, I'd love to dig into the joint pipeline opportunity with CyberArk a little bit. You know, you have a big go-to-market machine that we can leverage here, so I'm just kind of curious how you think that opportunity unfolds. And maybe relatedly, Deepak, for you, you gave some breadcrumbs earlier on CyberArk, but or on inorganic, but wondered if you could help us bridge maybe how much ARR we can include for CyberArk this year, as we kind of think about that buildup of organic versus inorganic.
Great. Thank you Hamzah and good afternoon, everyone.
Looking back at 2018 2019, there was a prevailing fear that cloud computing would render parts of.
The cyber security stack obsolete at that time, you mean via M&A and reposition the portfolio.
Obviously, the business has tripled since that today now we entered this AI era in the early fuels oddly similar could you compare that.
Essentially nature of this AI shift to what we saw in cloud and maybe what areas you think will be Obsolesce and then specifically is.
Nikesh Arora: So, Saket, you know, the good news is that CyberArk has a phenomenal team out there in the field, so does Palo Alto Networks. We have very carefully sort of been working with them after the close. Both teams have been made aware of how to pursue joint opportunities together. We understand our pipeline, we understand their pipeline. We've built a roadmap for overlapping pipeline, where both customers have opportunities in the timeframe of the next three to six months, and we've already armed the teams with plans as to how to address the joint opportunity. But what's fascinating is, you know, just anecdotally, just as we were informing the teams, we already have had CyberArk reps come tell us they have an opportunity for Palo Alto's products in an account they're particularly strong at.
Is M&A the primary lever again, this time around or just your starting position different Palo Alto from where you were let's say at the start of the cloud cycle.
As long one question are up nice to see it again.
So that's a good question look I think when we looked at in 2018 19, where you were you were trying to manage two challenges one challenge was.
How do we get customers to get off on Prem to cloud.
And then deliver them cloud security and the other challenge was.
How do we deliver services off the cloud the customers would accept because they are being delivered from the cloud.
And that's kind of where you know us we have re factor our entire security services. The firewall delivered them from the cloud, which was a huge opportunity. We've made a lot of acquisitions to deliver cloud security me fundamentally Architected X Io at that point in time as a cloud delivered sock, which is generally not a prevailing trend.
Nikesh Arora: And I know that Peter Jenkins, their president, was in a call over the weekend trying to help close a customer for CyberArk reps with Palo Alto capability. So... and it's happening in both directions. But I think it's early days, but I think the opportunity is real, and as the teams get to know each other, as they get to know each other's processes, I think we're gonna see more and more momentum with both the teams. It is gonna be a bit of a crawl, walk, run, because right now, both our systems are different, so we have to do this stuff manually, and we have people helping us build sort of a central acceleration team, which drives both.
I think at this time I'm still.
No.
Confused why the market is treating it as a threat to at least cyber security I can't speak for all the software because one thing we're definitely seeing that customers have figured out that they need to drive more consistency in their security stack to be able to respond faster using AI.
Nikesh Arora: But as CyberArk teams understand more and more of the Palo Alto products and the capability of the platform, and as Palo Alto teams understand the CyberArk capabilities, and also, you know, as we work with CyberArk team to build the next generation of products that we've been sort of ideating with them recently, I think we're gonna see continued momentum in both, both those pursuits.
Cannot respond fast if you've got seven different vendors, who have different data different laws different API is running so we are seeing a trend towards more consolidation more black from additional that's evidenced in what we said we did our best number of privatization of this quarter than we've ever done barring a Q4, which is seasonally strong. So I think that's one trend we're seeing in the other trend.
Dipak Golechha: Yeah. And then if I can just take the breakout. So look, we're not breaking out every M&A deal that we do separately all the time. However, just as a baseline, Saket, we did say that CyberArk NGS ARR was about $1.2 billion as of December 2025. And I just said that in my prepared remarks, that $200 million of ARR came from Chronosphere. And then I've also guided what the total M&A contribution is. So I think it's hopefully, you'll agree that it's a lot more than breadcrumbs to be able to allow you to do the math there.
We are seeing is in a slow adoption on the enterprise side slower than the consumer side of AI, but as the adoption is beginning to happen. We're beginning to hear conversations around security, which as you see with Bristol Myers, We delivered 100 plus customers. This is much faster than we did in cloud security. So people are adopting it faster so from my perspective.
Yeah.
AI is inevitable, it's going to be used by enterprises as enterprises start putting more critical functionality in the hands of AI. They will want control of AI agents are off their infrastructure that requires more security. So I think generally it's a positive trend towards more security adoption I, particularly I believe.
Lee Klarich: Full English breakfast.
Saket Kalia: We'll take it. Thank you.
Hamza Fodderwala: All right. Thank you, Saket. Next, we have Mita Marshall from Morgan Stanley, followed by Josh Tilton from Wolfe Research.
Meta Marshall: Great, thanks, and congrats on the quarter. Maybe it's a question for me on SASE business. We saw a nice reacceleration in that business in fiscal Q2. Just any commentary about what you're kind of seeing, driving some of that strength?
It's a bigger trend towards black from Ization and consistency of data and harmonization of data on the enterprise.
We're not collecting enough data right now to get security good security outcomes alright. Thank you.
Lee Klarich: Yeah, good question. We're obviously very excited by seeing that business accelerate at scale. I think Nikesh said it fairly well when he talked about sort of this notion of a first-gen adoption of customers. It tended to be more sort of point product type adoption. They're trying to solve a particular problem, and the, you know, the existing solution at the time were pretty good at solving that one problem. And now we're seeing both new customers as well as many of those customers come back and look for a more comprehensive solve. Their employees might all in one day show up to an office, work from home, and work while traveling, and if they get three completely different experiences and application access and everything else, it doesn't work for them from a productivity perspective.
Okay. Thank.
Thank you Rob next we have Brad Zelnick from Deutsche Bank, followed by Saka Collyer from Barclays.
Great. Thanks, so much nice to see everybody.
I play I paid close attention to the acquisitions, you made and the things that you can tell us because you prevent various students and identifying future opportunities as we think about X I am in the AI driven stock I've heard investors concerned lately that <unk> are going to kill send tools, how do we think about the balance of opportunity and a threat.
<unk> is doing a lot of the things that were relied upon <unk> four and even if you are competitive from a product standpoint is there a risk that you're now facing a strong competitor for these modernization opportunities.
But the elements are a net <unk>.
Positive and additive to our capability to deliver security like islands are very useful for data classification, we're doing the L. P. Because we would rely on very traditional approaches towards matching exact matching data and trying to D. L. P and L. A is there much he's able to understand context. They know there's definitely looks like something that is a data that is restricted or P. I.
Lee Klarich: And so what we're able to do by delivering this as a platform is we can bridge how we apply network security from a hardware perspective, software perspective, SASE perspective, and even all the way down into the browser with Prisma Browser, all in a very consistent way, both for security outcomes as well as the end user experience, and the productivity they achieve. Like, that is the overarching trend that I see in what's driving the business right now in SASE, and the customer excitement about what we do.
So I mean, there are certain examples regenerative AI and airlines are extremely useful.
All the examples you see they're really good at looking at patterns and finding gaps. If you will see an offensive security of Red teaming and lenders are being Hess and helpful. I think the challenge that all of them will face are do face and providing comprehensive security is it's not the 95% on the right is a 5% of time, they're not right you need to be right, but this is like we're fighting.
Meta Marshall: Great. Thanks.
Hamza Fodderwala: ... All right. Thank you, Mita. Next, we have Josh Tilton from Wolfe Research, followed by John Diffucci from Guggenheim.
Bad guys, who have to rewrite the ones we have to be right 100 times, 100% of the time, So I will let them until they get to 90, 999% accuracy are not a threat to delivering security. They are tools that can be used to summarize capabilities. There will be agenda actions that can be used to get a lot of the pre work done.
Josh Tilton: Thank you, guys. Maybe just a high-level one for me. What are you guys seeing in regards to the volume of network traffic from your customers, as they move more out of the experimentation phase and actually start to really adopt agents enterprise-wide? And how, if at all, will that impact the demand for, you know, the broader network security suite, whether that's firewall or SASE?
Precision AI perspective, and get our data together. So I think it helps to cause every security company is going to have to use AI to deliver the capabilities that they deliver today. So I think it's not a secret everyone of us working hard almost every hour every security product has some version of a copilot that now runs in tandem with a product that helps you understand the pattern the understand the Cape.
Nikesh Arora: It's too early to tell. I think if you look at the AI adoption in the enterprise, there is a surge of AI adoption in the coding space, so people using Codex, Cursor, Cloud Code, and equivalent. You're seeing a lot of that. Those are very application-specific, and actually, that fits exactly where Koi operates. Because when you start doing coding and vibe coding off your desktop, you'll see server, MCP servers and clients spun up on edge, edges. You'll see a whole bunch of code that is sitting at the edge, which is not visible to traditional XDR capability. That's why, you know, that was a solution we were using, Koi, and that's where, you know, we saw they had traction.
Abilities and be able to answer questions faster.
I don't think its going to replace the security product anytime soon.
And don't forget about one more thing is in most cases, our security products sit at edges.
And create new data and logs that didn't exist for everything that surrounds them.
So to the extent, we are creating proprietary data and security that is not going to be replaced by a lot. We're not a system of record where not a system of work. We are generating specific domain specific data based on trust, we see out in the environment and then using that analytically to figure that out and how is the customer to protect themselves.
Nikesh Arora: They had 40, 50 customers, and we were a customer there, and so this is an unsolved problem in security, and this is kind of where all the action is from an enterprise adoption perspective. Outside of that, there is now enterprise adoption that we're beginning to see where customers are running perhaps millions of tokens in 1 or 2 particular applications they're working with some of the LLM providers on, and that's where we see the traffic. That traffic is, again, more within the network. I don't think it's traffic that networks cannot handle. I think the challenge right now is consolidating that traffic. How do you get all the AI traffic to be in one place so you can understand it, provide visibility, look at the ability to control it, and be able to act on it?
Awesome Super clear Super helpful. Thank you.
Thank you Brad next we're socket call here from Barclays.
All led by a meta Marshall from Morgan Stanley.
Okay, Great Hey, Thanks for taking my question here Congrats on closing chromosphere in cyber Ark.
And the cash maybe maybe on that point I'd love to dig into the the joint pipeline opportunity with cyber Ark, a little bit you have a big go to market machine that we can leverage here. So I'm just kind of curious how you think that opportunity unfolds and maybe relatedly Deepak for you you gave some bread crumbs earlier on <unk>, but are on.
Nikesh Arora: So I think that's gonna be the next bastion as to how do we figure out the solution for all this traffic that is beginning to have a different nature in enterprise, and it needs different set of controls and tools. But, it's not really impacting the network-level traffic yet, and I say yet, because as adoption grows, I fully expect... I mean, you can't build $600 billion worth of data centers and not expect traffic to grow, and, you know, can't expect that, that not to happen. So I think that's gonna happen. The data center is being built. It's early days, and consumer actually is far outstripping enterprise for the moment, but we expect enterprise will surely and slowly get on that bandwagon.
Inorganic, but wondered if you could help US bridge, maybe how much <unk>. We could include for <unk>. This year as we kind of think about that buildup of organic versus inorganic.
So it was.
The good news is that <unk> has a phenomenal team out there in the field. So that's about all the networks, we have very carefully sort of been working with them. After the close both teams that have been made aware of how to pursue joint opportunities together, we understand our pipeline we understand their pipeline built a road map for overlapping pipeline, where both customer happen as quickly.
Josh Tilton: Super helpful. Thank you.
<unk> in the frame of the next three to six months and we are already on the teams with plans as to how to address the giant opportunity, but what's fascinating is it'll just anecdotally just as we were informing the teams we already have had cyber our reps come to us to have an opportunity for volatile product Senate account. They are particularly strong at and I know that BJ Jenkins president wasn't a call over the weekend.
Hamza Fodderwala: Thank you, Josh. Next, we have John Diffucci from Guggenheim, followed by Gabriela Borges from Goldman Sachs.
John DiFucci: Thank you for taking my question. Nikesh, I agree with you, everything you said, -
Nikesh Arora: Thank you, John. I'm gonna sleep better tonight.
John DiFucci: Next question.
Nikesh Arora: You can stop now. It's good. Great question.
John DiFucci: I don't always agree with you, but I really do on this.
Trying to help close the customer for cyber Ark reps with Palo Alto capability, so and it's happening in both directions, but I think it's early days, but I think the opportunity is real.
Nikesh Arora: Okay, good.
John DiFucci: I agree with you on everything you're saying about AI. It's positive effects on security. I actually really like the acquisitions you've done here. But if AI is gonna be good for security, and I think it will in both cases, both you need to secure the AI.
As the teams get to know each other as it gives them each of those processes I think we're gonna see more and more momentum with both the teams. It is going to be a bit of a crawl walk run because right now what our systems are different. So we have to do this stuff manually and we have people, helping us build sort of a central exploration team, which drives both but as cyber our teams understand more and more of the biological products and the capabilities.
Nikesh Arora: Yep.
John DiFucci: Also, AI is gonna... I could be a hacker if I want to be. But if that's the case, when are we gonna see it? 'Cause it doesn't show up in the numbers - it doesn't show up... I mean, not that it doesn't show up in your numbers yet. It doesn't show up in anybody's numbers yet, really. Maybe a couple, but not really. And I mean, when it - Is this-
The platforms and as volatile teams understand the sidewalk capabilities and also and as we work with our cyber our team to build the next generation of products that we've been sort of ideating with them recently I think we're going to see continued momentum in both both those pursuits.
Nikesh Arora: No, I think that's. Look, I think, John, if you-- I think the best analogy I can give you is, if you look at cloud security, you didn't see cloud security numbers for a while. Because typically, cloud adoption in enterprises lagged the consumer, and then even then, it was literally a two-year cycle, a two-year cycle before enterprises fully got all their application and workloads moved onto the cloud. So I expect there, right now, if you look at it, you tell me, how many enterprise AI apps are you using which, which are driving tremendous amounts of throughput? And I can't think of anything but coding apps. Now, coding apps are not resource intensive on your infrastructure, they're resource intensive on the endpoint. So, like, endpoint capability and LLMs are where all the action is. So I think it's early days.
Yes.
The breakout so we're not breaking out every M&A deal that we do separately all the time, however, just as a baseline.
We did say that <unk> was about $1 2 billion.
As of December 2025, and I, just said that in my prepared remarks that $200 million. They are all came from krona Sir.
And then I've also guided what the total M&A contribution is so I think it's hopefully you'll agree that it's a lot more than bread crumbs to be able to allow you to do the math at full English breakfast.
We'll take it thank you.
Alright. Thank you next we have meta Marshall from Morgan Stanley followed by Josh Tilton from Wolfe Research.
Nikesh Arora: What I'm heartened by the fact is that, you know, our number of customers of Prisma AIRS is kind of following the same trajectory as XSIAM. The volume isn't there because the throughput's not coming through LLMs right now. So I think it's early days. Look, you have to have one of two beliefs, John. You have to be in one camp or the other. Either you have to believe that the $600 billion of data centers being built are gonna be consumed. And if you believe that, which most people seem to do, then that consumption is gonna be 80/20, 80% consumer, 20% enterprise. But those data centers are yet to be built. I think what is happening is we're all laying the groundwork right now.
Great. Thanks, and congrats on the quarter and maybe it's a question for me on the SaaS business, we saw nice reacceleration in that business.
Fiscal Q2, just any commentary about what you're kind of seen driving some of that strength.
Yeah.
Your question, where we're obviously very excited about seeing that business accelerate at scale.
I think Nick cash set up fairly well when he talked about.
Nikesh Arora: It's a bit of a, sort of an arms race to try and see who can get the AI security sort of platform up and running as quickly as we can. And you can see innovation is happening in every direction. That's why you see us buy Protect AI, which is now well integrated. We took the firewall, made an AI Firewall. Now we're taking Koi. We see that that's where the action is. The next question is gonna be: How do you consolidate all the AI traffic in one place? So I think you're seeing the piece parts being built mid-flight. I think you just have to be a bit patient.
Sort of this notion of a first gen adoption of customers. It was tended to be more sort of point product type adoption, they're trying to solve a particular problem.
And the you know the existing solution at the time, where we're pretty good at solving that one problem and now we're seeing both new customers as well as many of those customers come back.
And look for a more comprehensive solve.
Their employees my all in one day show up to an office and work work from home and work, while traveling and if they get three completely different experiences and application access and everything else. It doesn't work for them from a productivity perspective, and so what we're able to do by delivering this as a platform as we can bridge how we.
John DiFucci: Okay. I'm not always patient, but I'm gonna try. Thank you.
Nikesh Arora: Thank you, John.
Hamza Fodderwala: All right, John, thank you for the question. Next, we have Gabriela Borges from Goldman Sachs, followed by Adam Tyndall from Raymond James.
Josh Tilton: Hey, good afternoon. This one is for Lee. It's a CyberArk question, but it's a product-based CyberArk question. If we think about CyberArk historically being strong for privileged users at the high end, what is the technical lift that has to be done to make that technology more accessible for every user? And I'm, I'm curious what you've learned in the last six months or so from your customer base on the method to securing agentic identity between PAM, IGA, and IAM. Any learnings from the last six months would be curious to hear. Thanks so much.
We apply network security from a hardware perspective software per sector, SaaS perspective, and even all the way down into the browser with Prisma browser.
All in a very consistent way both for security outcomes as well as the end user experience in their productivity their chief but that is the overarching.
Ching trends that I see and what's driving.
The the.
The business right now in SaaS and the customer excitement about what we do.
Hamza Fodderwala: Yeah. Thanks, Gabriela. Good question.
Great. Thanks.
Lee Klarich: ... First, let me start with the first question. I think just the general space of privileged access management has largely been a more sort of sophisticated category. And as such, the more sort of security-conscious enterprises have been the biggest adopters. And there's already sort of a transformation underfoot of sort of this notion of modern PAM and moving to just-in-time controls and zero standing privileges and things like that. And part of that is actually improving security, but part of it actually is also about making it easier for the end user to actually interact with these systems. So that's already happening.
Alright. Thank you Peter next we have Josh Tilton from Wolfe Research.
All led by John to Fuji from Guggenheim.
Thank you guys.
Maybe just a high level one for me.
What are you guys seeing in regards to the volume of network traffic from your customers as they move more out of the experimentation phase and actually start to really adopt agents enterprise wide and how if at all would that impact the demand for the broader network security suite, whether that's firewall for SaaS.
It's too early to tell I think if you look at the area of adoption in the enterprise. There is a surge of AI adoption in the coding space. So people using codecs cursor Claude code.
Lee Klarich: The further we have ideas for how we can leverage integrations between CyberArk and, for example, Prisma Browser, in terms of how do we integrate capabilities in a place where the user is already doing work, in order to make it even easier for them to take advantage of these capabilities. So there's already a lot of progress, and we have more ideas for how we're gonna continue to make that easier, so we can drive broader adoption across the existing customers, but also make it easier for non-customers to adopt. And then ultimately, we think that leads to the broader sort of full human identity solution that we're excited about. Now, as that is happening, yes, there is the agentic identity sort of market that is rapidly forming.
Equivalent or you're seeing a lot of that those are very application specific and actually that fits exactly where quite operates because when he started doing coding and vibe, calling off your desktop you'll see server MTB servers and clients went up on edge edges, you'll see a whole bunch of code that is sitting at the edge, which is not visible to the traditional xdr capability.
And that's why that was the solution we were using coil and that's where we saw they had traction. They had 40 50 customers and we were a customer of theirs. All of this is a solves a problem in security and this is kind of where all the action is from an enterprise adoption perspective outside of that there is now enterprise adoption that we're beginning to see.
Lee Klarich: And look, my view on agentic identity is, it's going to have sort of aspects of machine identity and privileged users sort of wrapped into one. And this is partly why we I think CyberArk is well suited for being able to go after this because of their leadership in both of those foundational spaces. And then it's how do we adapt, add to, and then optimize for agentic use cases? And again, some of that will be sort of, I'll call it standalone CyberArk from a identity platform perspective, and some of it will be how we think about that in concert with Prisma AIRS, where we already have hooks into the AI infrastructure, and we'll have, again, integration opportunities to be able to bring solutions to our customers.
Where customers are running perhaps millions of tokens in one or two particular applications are working with some of the Olympia wider zone, and that's where we see the traffic that dropping again.
More within the network I don't think it's stomach the networks cannot handle I think the challenge right now is consolidating that traffic how do you get all the AI traffic to be in one place. So you can understand it provide visibility look at the ability to control it and be able to act on it. So I think that's gonna expenditures as to how do we figure out the solution for all of this traffic that is beginning.
To have a different nature and enterprise and it leads different set of controls and tools, but this is not really impacting the network.
Level of traffic, yet and I say, yet because as adoption grows I fully expect I mean, you can build $600 billion worth of data centers and I would expect traffic to grow and kind of just going to kind of expect that not to happen I think that's going to happen.
Adam Borg: That makes sense. Thank you.
Hamza Fodderwala: All right. Thank you, Gabriela. Next, we have Adam Tyndall from Raymond James, followed by Shaul Eyal from Cowen.
Adam Tindle: Okay, thanks, Hamza. Nikesh, in your comments, you talked about it with Chronosphere, a nine-figure expansion deal with a leading AI provider. I just want to pick on that and just ask about the key attributes that help Chronosphere get that level of commitment. Were you displacing an existing vendor, the timing for that, the rationale for it, and maybe even the pipeline beyond that? And just a quick clarification, Deepak, just because I know this is coming up in after hours, after you talked about ARR in total. I think investors are shipping out the $1.47 billion from Q3 NGSRR, and looking like organic net new NGSRR is down a lot. I think there's probably some flaws to that, but just want to toss that out there and have you clear the air. Thanks.
The data center is being built.
It's 30 days and consumer actually is far outstripping enterprise for the moment, but we expect enterprise will surely slowly get on that bandwagon.
Super helpful. Thank you.
Thank you Josh next we have John Fucci from Guggenheim, followed by Gabriela Borges from Goldman Sachs.
Thank you for taking my question.
I I agree with you everything you said thank you Jonathan.
I'm going to sleep better Tonight. Thanks, Craig.
We can sell them now it's good good question I don't always agree with you, but I really view on this.
Nikesh Arora: All right, Adam, first things first. Look, Chronosphere is a highly scalable solution, and its scalability is dependent on a net new architecture design for observability, which is different from what the current incumbents in the space have. So that scalability allows them to deliver those capabilities at approximately half the price, if not more than, or less than some of the other players out there. So they are displacing another vendor in that space. They have been partnering with the large language model over the last six months or so, and they have passed every technical hurdle, which allowed them to make a commitment to Chronosphere. We expect the full transformation over the next six to 12 months, or the full transition from the other vendor. Part of the $200 million ARR is from one of those large LLM vendors.
With you on everything you're saying about AI.
Its positive effects on century, I actually really like the acquisitions you've done here.
AI is going to be good for security and I think it will in both cases spoke you need to secure.
Also AI is going in.
It can be a hacker if I wanted to be clear.
But if that's the case when are we going to see it because it doesn't show up in the numbers it doesn't show.
It doesn't show up in your numbers, yet doesn't show up in any of those numbers yet really.
Maybe a couple but not really.
What it is.
No I think look I think John if you I think the best analogy I can give you is we look at cloud security you didn't see cloud security numbers for a while because typically cloud adoption in enterprise has lagged the consumer and then even then it was literally a two year cycle of three year cycle before enterprises fully got.
All of our applications and workloads moved onto the cloud. So I expect there right now if you look at our you tell me how many enterprise AI apps are you using which which are driving tremendous amounts of throughput and I can't think of anything but coating apps now coding apps are not resource in that intensive on your infrastructure, the resource and Delta only endpoint so like endpoint.
Nikesh Arora: We expect that to continue to grow. In addition to that, there are other customers who are significant customers, and they are going to pursue significant customers over the next 3 to 6 months in partnership with us. But, you know, that's why we bought the company, because of its scalability, because of the capability from a technical as well as a commercial perspective. And we're, Lee's gonna... Lee can talk more about the product capabilities that we're gonna give it, but we hope that that will allow it to be a full, sort of full-scale replacement option for both DIY, many customers do DIY in that situation, as well as being able to compete effectively with some of the big observability players out there.
Capability in Netherlands are where all the action. So I think it's early days.
What I am heartened by the fact is that you know our number of customers. The prism Arris is kind of following the same trajectory as X I am the volume isn't there because the superstar coming through right now. So I think it's early days like you have to have one or two beliefs. Johnny you have to be in one camp or the other either you have to believe that the $600 billion of data centers are being built are going to be consumed.
Lee Klarich: Yeah. Look, I'll just give you a high level. There's, they've built something very unique for that very high end of the market, scalability and the economic aspects, even the start of some of the AI analytics and that will complement with agentics. The next phase is going to be: how do we build out a lot of sort of enterprise, sort of off-the-shelf kind of features that make it just really easy to do integrations, to basically replace existing incumbent infrastructure, whether that's commercial products or open source? We think in both cases, Chronosphere will scale down into that large enterprise segment very nicely.
And if you believe that it's most people seem to do and that consumption is going to be 80, 20, 80% consumer 20% enterprise.
But those data centers are yet to be built I think what is happening is rolling the groundwork right now is a bit of a sort of an arms race to try and see who can get the AI security sort of platform up and running as quickly as we can and you can see innovation is happening in every direction. That's why you'll see us buy protect our AI, which is now well integrated.
So the firewall matter, namely firewall now taking coy, we see that that's where the action is the next question is going to be how do you consolidate all that traffic in one place. So I think we've seen the piece parts being built mid flight.
I think it had to be a bit patient.
Dipak Golechha: Then, Adam, just on your question on NGSRR, just to be clear, our organic NGSRR is roughly in line with consensus, for you know Q3, and we reiterated the full year. So maybe folks just haven't fully appreciated that Chronosphere has closed before Q2, but we'll make sure that's all cleared up. Thank you.
Okay.
All of these patients.
Try thanks, all right. Thank you John <unk> John Thank you for the question next we have Gabriela Borges from Goldman Sachs, followed by Adam Tindle from Raymond James.
Hey, Good afternoon, just one is finally at a favorite question that attach rate.
If we think about historically been strong travel like she was at the high end.
It is the technical work that has to be done to make that technology more accessible to every year.
Hamza Fodderwala: Okay, looks like Shaul is not here, so next we'll go with Adam Borg at Stifel, followed by Greg Moskowitz, from Mizuho.
Carefully planned in the last six months or so from that customer base.
Adam Borg: Great, and thank you very much for taking the question. Maybe, Nikesh, you talked about a little bit in the prepared remarks about the quantum opportunity. You talked about a little bit last quarter. Love to hear more about kind of the early learnings from kind of the discussions with the customers from the panel a few weeks back, and ultimately, how you're thinking about the opportunity in coming years. Thanks so much.
Printing method to securing a gentleman named between Pan Jane I am any learnings from the last six months.
Sure. Thanks, so much.
Thanks, Kevin Good question.
Firstly, let me start with your first question D. I think the just the general space of privilege access management has largely been a more sort of sophisticated category.
Nikesh Arora: ... Look, and as part of the CyberArk deal, we've acquired Venafi. I'm gonna have Lee talk about a new capability we're building called the Next Generation Trust subscription, plus our quantum capability. We have been in discussion with 100 customers who are experimenting our beta customers of the product. We have tremendous feedback for them. Our quantum capability is not just for Palo Alto Firewall, for firewalls; it actually looks at the enterprise capability. So we have actually integrated 10 other vendors worth of quantum data into our quantum sub, and I'm gonna let Lee talk about the, the sub.
And as such is spend the more sort of security conscious enterprises have been the biggest adopters.
And the there's already sort of a transformation under foot of.
Sort of this notion of modern Pam and moving to just in time controls and zero standing privileges and things like that and part of that is actually improving security, but part of it actually is also about making it easier for the end user to actually interact with these systems.
We so that's already happening.
Further we have ideas for how we can leverage integrations between cyber Ark and for example prisoner browser in terms of how do we integrate capabilities in a place where the user is already doing work in order to make it even easier for them to take advantage of these capabilities. So we there is already a lot of progress and we have more ideas for how we're going to continue to make.
Lee Klarich: I think the yeah. The in both of these cases, whether it's, you know, cryptography and DQC or certificates and managing them, the alternative is largely a very manual sort of human-centric, repetitive kind of task approach. It's either some poor person or people that have to constantly sort of manually go look at certificates, look at their renewal dates and ages and everything like that, and then redo them manually, or we can do it through technology. The same is true with quantum cryptography. It's either a lot of manual, you know, consultation going through and trying to figure out what exists or we can use technology.
That easier so we can drive broader adoption across the existing customers, but also make it easier for non customers to adopt and ultimately we think that leads to the broader sort of pool human identity solution that are that we're excited about now as that is happening yes. There is the agentic identity.
Hi.
Sort of market that is rapidly forming and.
The my view on on a gentle identity is it's going to have.
Sort of aspects of machine identity, and privileged users sort of wrapped into one and this is partly why.
Lee Klarich: And so in both cases, we figured out, obviously, Venafi in one case, that we'll be joining the team is, and then the NetSec team, is how do we use technology, largely our next-gen firewalls, but not only our next-gen firewalls, other data sources as well, to do that discovery, to be able to technologically discover everything it is needed, and then through automation, to then also be able to automate the process of remediation. And so this has obviously security benefits, but it also has reliability and uptime benefits as well, because you have to remember, in both of these cases, these are fundamental to how production systems operate.
I think <unk> is well suited.
For being able to go after this because of their leadership in both of those foundational spaces.
And then it's how do we adapt add too and then optimize for a genetic use cases and again some of that will be sort of I'll call. It standalone cyber art from our identity platform perspective, and some of it will be how we think about that in concert with Prisma errors, where we already have hooks into the area of infrastructure and we will we'll have again integration.
<unk> should be able to bring solutions to our customers.
That makes sense. Thank you.
Alright. Thank you Gabriele next we have Adam Tindle from Raymond James followed by shallow y'all from Cowen.
Hamza Fodderwala: Okay, thank you. We'll end it here with Greg Moskowitz from Mizuho.
Gregg Moskowitz: All right, last question. Thank you, Hamza. So, you know, closing Palo Alto's two largest-ever acquisitions within a couple of weeks of each other, it's exciting, the potential is tremendous, but it could also add an unprecedented amount of stress on the management team, engineering, go-to-market teams, et cetera. Nikesh, how do you keep everyone's eye on the ball, yourself included, and not be subject to execution or distraction issues? Thanks.
Thanks, Hamzah on the cash in your comments you talked about it with chromosphere, a nine figure expansion deal with a leading AI provider I just want to pick on that and just ask about the key attributes that help cross here get that level of commitment we are displacing an existing vendor the timing for that rationale for it and maybe even the pipeline beyond that and just a.
Quick clarification, Deepak just because I know this is coming up and after hours after you talked about.
Nikesh Arora: Well, Greg, these acquisitions, at least in the case of Chronosphere, has been in the works for the last 2 or 3 months, and CyberArk has been in the works for the last 7 months. And I've visited their Boston facility, spent days there with them. Lee and I were in Israel with the team and spent time with them. So CyberArk just didn't come upon us this week. It has been in the works for the last many 6 or 7 months. As you might have read, we had worked with the management team to fully understand what role every employee at CyberArk was going to have. So we were able to, on the date of close, inform every employee what their role in the future joint organization was gonna be, what their plans are, give OKRs, give targets to every one of them.
In total I think investors are shipping out the $1 47 billion from Q3, <unk> and looking like organic net new <unk> is down a lot I think there's probably some flaws to that but I just want to toss that out there and have you cleared the year. Thanks.
Alright, Adam first to first look Ghana is fair.
Is a highly scalable solution.
And its scalability.
Is dependent on a net new architectural design firms and mobility, which is different from what the current incumbents in the space have.
That's capability allows them to deliver those capabilities at approximately half the price if not more than or less than than some of the other players out there. So they are displacing another vendor in that space.
Nikesh Arora: So they all have that within the first 48 hours. So it's not like we've been waiting. There are some system transitions that we need to do in the case of CyberArk, which the teams are working, you know, hard, fast, and furious on. We've had the opportunity to plan, but they need to be so... Where we have our eye on the ball, that's our job, right? From a CyberArk perspective. And Chronosphere is honestly, other than the fact that the price tag was big, that it's still a 250-people engineering team that does observability, which is fundamentally different from anything we've done.
They have been partnering with the large language model over the last.
Six months or so.
And they have passed every technical hurdle, which allowed them to make a commitment to kronos fur we expect the full transformation over the next six to 12 months or the full transition from the.
Nikesh Arora: The only point of product interaction is they're working hard with the Cortex team to figure out how to incorporate the agentics into their platform, so they can have agents solve the observability problem, just, not just sort of be an observability company. Separate to that, you know, because they are... So they're whale hunters, they go after big observability clients, we are able to selectively and surgically help them on a client-by-client basis and help them drive what they need to do. So, this is our 32nd or 33rd acquisition, these two of them. You know, we have a lot of lessons from prior, prior acquisitions, which we have brought to bear.
Other vendor.
As far as the 200 million IRR is from one of those large.
L. M lenders, we expect that to continue to go in addition to that there are other customers who are significant customers and they are going to pursue significant customers over the next three six months in partnership with us.
But that's why we bought the company because because of the scalability because of the capability from a technical as well as a commercial perspective.
And then at least we can talk more about the product capabilities that we're going to give it but we hope that that will allow it to be a full set of full scale replacement option for both DIY. It. Many many customers do DIY and that situation as well as being able to compete effectively with some of the big was there but he plays out there.
Nikesh Arora: Our teams have been working really hard over the last many months, and we have been actually adding capacity at our end to make sure we can handle some of these transitions that are required.
Gregg Moskowitz: Terrific. Thank you.
Nikesh Arora: Thanks, Greg.
Yeah.
Hamza Fodderwala: Thanks, Greg. All right, that concludes the Q&A portion of this call. I'll pass it back to Nikesh for any closing remarks.
I'll just give you a high level there is.
Uh huh.
They've built something very unique for that very high end of the market scalability and the economic aspects, even the start of some of the AI analytics and that will complement with a gentex fee.
Nikesh Arora: Well, I just wanna say thank you to all of our customers, to all of our employees around the world, and thank you to all of you for joining us on our conference call. We will see you guys next quarter.
The next phase is going to be how do we build out a lot of sort of enterprise sort of off the shelf kind of features that make it just really easy to do integrations to basically replace existing incumbent infrastructure, whether that's commercial products or open source. We think in both cases, the courseware will scale down in.
So that large enterprise segment very nicely.
Okay and then just on your question on <unk>, just just to be clear, our organic and yes. They are roughly in line with consensus.
Four.
Q3, and we agreed we reiterated the full year, so maybe folks that haven't fully appreciated that Kronos has closed before Q2, but we will make sure that's all cleared up.
Thank you.
Okay.
Now here's the next we'll go with Adam Borg at Stifel, followed by Greg Moskowitz.
From Israel.
Great. Thanks, so much for taking the question.
I know you talked about a little bit in the prepared remarks about the quantum opportunity just talked about a little bit last quarter love to hear more about kind of the early learnings from that.
<unk>.
Huh.
The customer response on the panel a few weeks back and ultimately how you think about the opportunity in coming years. Thanks, So much.
But.
Part of the cyber or do believe required identify I don't know have Lee talk about a new capability. We're building called an exploration trust subscription plus our quantum capability. We have been in discussion with 100 customers, who are experimenting or beta customers the product they have tremendous feedback for them all.
Quantum capability is not just for Palo Alto.
Firewalls, it actually looks at the enterprise capability. So we have actually integrated 10, other vendors' worth of content data into our content and I will let Lee talk about the lease up.
Okay.
Yeah.
And both of these cases, whether it's you know.
Cryptography, and PTC or certificates and managing to.
The alternative is largely a very manual.
For human centric repetitive kind of task approach it's either.
Some some poor person or people that have to constantly sort of mainly go look at certificates look at there.
Renewal dates in ages and everything like that and then redo the manually or we can do it through technology. The same is true with contract recovery, it's either a lot of manual consultation going through and trying to figure out what exists or we can use technology and so in both cases, we figure it out.
Obviously identify in one case that will be joining the team is and then Vanessa team is how do we use technology largely our next gen firewalls, but not only our next gen firewall as other data sources as well too.
To do that discovery to be able to technologically discover everything that is needed and then through automation to then also be able to automate the process of remediation.
And so this has obviously security benefits, but it also has.
Reliability and uptime benefits as well because you have to remember in both of these cases. These things are fundamental to how production systems operate.
Okay. Thank you.
Ended here with Gregg Moskowitz from Mizuho.
Alright last question. Thank you Hamzah, so closing in Palo Altos, two largest ever acquisitions within a couple of weeks of each other it's exciting the potential is tremendous but it could also add an unprecedented amount of stress on the management team engineering go to market teams et cetera. The cash how do you keep everyone's eye on the ball yourself included and not.
Be subject to execution of our distraction issues. Thanks.
Well, Greg these acquisitions are at least as the case with Kronos food has been the works last two or three months and cyber or has been the work of the last seven months I've visited their Boston facilities spend days, there with them Lee and I with Israel with a team and spend time with them. So cyber are just didn't come upon us. This week it is.
Been in the works for lost money six to seven months as you might have read we had worked with the management team to fully understand what role every employee its Iraq was going to have so we were able to on the date of close inform every employee with the rule in the future joint organization was gonna be what their plans are gave okay ours give targets every one of them. So they all.
Have that within the first 48 hours. So it's not like we've been waiting.
There are some system transitions that we can do with it gives a cyber ark, which the teams are working.
Hard fast and furious on we have had we had the option to plan or they need to be so where we have our eye on the ball that's our job right.
From a cyber Ark perspective and of course, there is honestly other than the fact that the price tag was big but it's still at 250 people engineering team that does a durability, which is certainly different from anything we've done the only point of product interactions. They are working hard with the cortex team to figure out how to incorporate <unk> into their platform. So they can have agents solely of deliverability problems just.
Just sort of be an observer of the company and separate of that because they are so their whale hunters. They go after big Absorbability clients, we are able to selectively and surgically helped them on a client by client basis to help them drive them to do so.
This is our 32nd or 33rd acquisitions. These are two of them now we have a lot of lessons from prior of.
Prior acquisitions, which we have brought to bear our teams have been working really hard over the last many months and we have and actually adding capacity at our end to make sure. We can handle some of these transitions that are required.
Terrific. Thank you.
Correct.
Thanks, Gregg that concludes the Q&A portion of this call ill pass it back to the cash hernia closing remarks, well I just want to say thank you to all of our customers all of our employees around the world and thank you to all of you for joining us on our conference call.
We'll see you guys next quarter.