Nikesh Arora:

Thank you, Walter. Good afternoon, everyone, and thank you for joining us today for our earnings call. I hope everybody enjoyed our new marketing campaign teaser featuring Keanu Reeves that goes live on national media. Let's start at the beginning and I'll update you on what we have experienced in Q3. First and foremost, cyberattacks continue unabated. We're seeing a consistent stream of nation-state activity that is systematically looking for software supply chain and hardware zero-day vulnerabilities and attempting to exploit them at scale. Additionally, there continues to be a robust stream of attack activity targeted at large enterprises and pieces of critical infrastructure. We continue to see high-profile breaches, some of which were widely reported in the press again this quarter. Most organizations face the challenge of an ever-shrinking time window for a bad actor to enter their environments, find valuable data, and exfiltrate it. The window is now measured in hours. In comparison, the time it takes for an organization to discover a breach and stop the malicious activity continues to be measured in days and weeks. While not a new phenomena, with new disclosure mandates, this challenge is now clearly out in the open. With AI, we expect the attacks to come at an even faster pace. I don't need to elaborate on the current enthusiasm around AI. Almost every one of our customers is either experimenting with AI or plans to deploy some use cases in the near future. As usual, their employees are way ahead. Almost 50% of employees of most companies are using some sort of AI application, LLM or co-pilot, to explore, learn and make themselves more productive. Whilst this is great for the evolution and adoption of AI, this is introducing a whole new set of threats. As some of you are aware, we have recently announced a suite of products which are aimed to secure this AI usage by design. More about this later, but I expect this to continue to provide a tailwind to the cybersecurity industry. On spending for cybersecurity, we see no change of pace or trajectory. Most customers have a series of projects they want to get done, and the only limiting factor seems to be their execution capability. Customers continue to focus on zero-trust transformations, coupled with the need for new network architectures to adapt to a more hybrid infrastructure. The resurgence of cloud migrations is being driven by the need to get their data in the cloud to be AI-ready, causing discussions around the cloud security platform. And as you may all have noticed with all the M&A activity, the security operations space is getting rejuvenated, which is something we've been preparing for with XSIAM. At the accelerated pace of change in cyber, even with healthy increases in cybersecurity funding, many organizations aim to simply keep pace with the volume of threat activity they see. Most cannot do this and are increasingly receptive to a better way of tracking their security challenges -- tackling their security challenges, windows sprawl and architectural complexity. We firmly believe that answer is platformization of cybersecurity over time. I'm delighted to report, despite the concerns around our platformization approach after our last quarter, the customer feedback has been nothing but encouraging. We have initiated way more conversations on our platformization than we expected. If meetings were a measure of outcome, they have gone up 30%, and a majority of them have been centered on platform opportunities. In short, demand is robust, and my expectation is that we will continue to see it be that way for the next many quarters. With this backdrop, we are pleased with our strong Q3 results. As you can see, we delivered top-line growth ahead of the market and continue to drive growth while improving profitability. Our performance was highlighted by 47% growth in our next-generation security ARR. As we continue to transform our business to a security software business, we saw 23% growth in RPO, an uptick from last quarter. This translated into 15% revenue growth and 3% growth in our billings. As we have articulated earlier, we don't see the billing metric as a true indicator of business strength. It continues to be impacted by payment terms where more and more customers prefer annual billing plans. However, if you impede implied bookings, you will note that we saw an uptick over that in the last two -- over the last two quarters. We actually ended up billing – booking backlog -- billing backlog this quarter. We continue to operate our business efficiently. Our operating margin expanded by 200 basis points year-over-year, driving 25% growth in operating income and 20% in our EPS to $1.32. Our cash generation was strong and again our GAAP net income grew substantially year-over-year. Before I continue with highlights from Q3, I'm aware that our accelerated consolidation and platformization strategy created significant conversation last quarter. We have also had questions from analysts and investors on this topic since we reported our Q2 results in February. I thought I'd share more background on how we got here to provide context and also offer a platformization framework for you to help understand why we're convinced that we can build a much larger business over the next several years and platformization is key to achieving that. When we embarked on our journey to transform our company, we were keen to create interest and convince our customers that we could solve their problems not just with our next-generation firewalls and the associated subscriptions, but also with a set of best-of-breed products across 20-plus categories organized across three platforms. That strategy was hugely successful and saw us achieving nearly $4 billion in NGS ARR. The majority of focus of our teams was landing multiple products across our three platforms and our customers. Whether we were able to land at a brand new customer for Palo Alto Networks or we added products from new platforms to our existing customers, we were happy. Landing could range from a single product used in part of the organization to broader usage across the organization. From that lens, if you look at our top 5,000 customers, we have landed two or more of our platforms at about half these customers, and these customers contribute just over 80% of NGS ARR. If you look at it by -- this by platform, we have landed 97% of these top 5,000 network security, over 20% of them in Prisma Cloud, and over 40% with Cortex. By all means, our land-the-platform strategy was extremely successful. In landing with multiple platforms, many of our customers have leveraged our capabilities across key cybersecurity buying centers, such as network security, cloud security, and security ops. Most of this cross platform adoption has happened more organically with customers adopting incremental products on Palo Alto Networks at their own pace. Governed by the complexity of the environment and the friction of dealing with contracts with multiple vendors, not many of our landed customers are fully platformized. And the ones that are fully platformized, we saw encouraging results. We realized that for fully platformized customers, while they saw better security outcomes, our ARR profile was also very different. While our average next-generation security ARR for our landed customers ranges from $200,000 to $800,000, for our land strategy, we discovered that our ARR for fully platformized customers ranges from $2 million to $14 million, depending on how many platforms the customers are standardizing on. This drove us to accelerate the rollout of our platformization strategy at the end of the last quarter, following successful pilots earlier in the year. We created interest in the market, we started conversation with customers looking to begin their platformization journey, and spurring existing sales cycles to a more strategic outcome. Having personally reviewed over 500 of our top customers in detail this past quarter and having had a few hundred conversations with CSOs, CIOs and CEOs, I continue to be convinced of our opportunity to deliver full platformization to our strong -- to our top customers. We're still early in the results from full platformization. Across these top 5,000 customers, we have completed about 900 through Q3 2024. Our Q3 efforts resulted in approximately 65 incremental platformization sales in Q3, which is up 40% since Q2. It was this framework that was the foundation for our goal of $15 billion in next-generation security ARR by fiscal year 2030 that we first discussed last quarter. With our incremental momentum in platformization, we see a runway to delivering approximately 2,500-plus platformizations sales, up from the current 900, while continuing to land our multiple platforms in our customer base and adding new customers. I showed you the benefits we see in our ARR from our success-driving platformization. Our customers also see significant benefits as they adopt our full platforms. We have talked to you in the past about reduction in median time to resolution with XSIAM, which takes less than one-tenth of the time it took before XSIAM was deployed, as customers platformized on Cortex. IDC recently validated the benefits platform customers see in a study published earlier this year, independently proving much of what we have talked about. Customers saw productivity benefits, as much as 30% to 40% efficiency improvements and significant improvements in security outcomes. I could talk further about the benefits, but what really brings us to the forefront is some examples of our significant transactions in Q3. A U.S. county agency signed a seven-figure transaction, landing our firewall subscriptions as well as Cortex XDR and becoming a Palo Alto customer for the first time. We displaced a competitor that had sold both of these capabilities to the customer and competed against on -- us on an appliance vendor that could not offer best-of-breed capabilities across these two categories. A large U.S. financial services company that was an existing platform customer faced significant challenges in their SOC. Despite a staff of 40 in the SOC, they were not achieving their goals and sought a transformation plan. We signed an eight-figure deal including XSIAM, our ITDR, or identity threat detention and response, offering, and our managed detection and response service. A global data services provider was unhappy with his incumbent SASE provider facing outages that created lost productivity. It was also never able to integrate its VPN and URL filtering capabilities fully. The customer selected our SASE capability for approximately 65,000 mobile and branch office users, including CASB, DLP, enterprise browser, and ADEM capabilities for many of them. This was a highly competitive situation, but our ability to deliver consolidated capabilities through a platform across a half a dozen areas as well as our superior security versus incumbent won us the business. Finally, a large healthcare company experienced a breach and engaged our Unit 42 Incident Response Services. After we helped the customer remediate and get back online, we were able to educate the customer on the benefits of platformization. The customer fully platformized with us, standardizing on network security, Prisma Cloud, and Cortex. This transaction was the largest in the history of Palo Alto Networks at nearly $150 million of TCV. Beyond these showcase deals, our overall large deal activity was healthy in Q3, as shown by significant increases in our accounts with transactions over $1 million, $5 million, and $10 million in the quarter. We also recently announced our partnership with IBM. IBM and Palo Alto Networks have done what in my mind is a one-of-a-kind partnership. This partnership involves migrating the QRadar customers of IBM to XSIAM, where IBM will be able to deliver industry-specific capabilities on XSIAM using watsonx. Given their leadership position on the Gartner Magic Quadrant, now we can collectively deliver an even better solution to both their existing and new customers. Enabling over 1,000 IBM security consultants on the entire Palo Alto Networks portfolio will allow us to drive platformization in an accelerated fashion. We will be IBM's preferred cybersecurity partner across network, cloud, and SOC, while driving a significant book of business for IBM. Additionally, IBM will platformize on Palo Alto products. It will extensively leverage watsonx across both our operations and products. And lastly, but not the least, we will work on co-developing solutions for cloud security. Last quarter, when we rolled out our accelerated consolidation platformization strategy, we also activated our AI leadership strategy. Leading up to this, over the last year, we've oriented an increasing portion of our R&D investments towards AI. We have seen growth in customer interest and adopting AI to drive business value and bad actors using AI, as I discussed earlier. In early May, we announced our comprehensive suite of AI security offerings and believe we will be first to market the capabilities to protect the range of our customers' AI security needs. We rolled out three products to safely enable the use of AI from employees using AI to enterprises building AI into their applications. AI Access Security, AI SPM, and AI Runtime Security put us at the forefront of securing AI adoption. We also believe our co-pilots across our three platforms, which are context-aware, can perform and automate user action, surface alerts and best practices, and provide in-product support all with near-perfect accuracy. Furthermore, we announced our Precision AI Security Bundle to leverage inline AI to counter AI attacks with AI Defense. We have had strong early customer engagement with these offerings, which you expect to be made generally available beginning of July. As you heard from our teaser trailer with Keanu, this isn't sci-fi, this is precision AI. More broadly than AI, it has been a busy last three months from an innovation perspective. On our SASE 3.0 launch, which we rolled out early this month, debuted with several unique industry-defining capabilities. We announced industry's only secure enterprise browser integrated into SASE, and as end-user engagement with AI applications grow, the browser becomes an important defense layer against AI threats. Additionally, it is becoming clearer that the browser offers a better way to secure contractors, mobile devices, and managed devices, with SASE integration providing a simpler and more secure approach to adoption. We launched AI-powered data security integrated into SASE, leveraging industry's first LLM-powered data classification. This new classification engine combines the strength of context-aware machine learning models with the power of LLMs, understanding how to increase classification accuracy. Lastly, as part of our SASE 3.0, we launched application acceleration, which understands each user's journey within an enterprise SaaS and cloud applications and optimizes performance for these applications. Customers see performance up to 5 times faster than the user experience in the general Internet. This rapid cadence of innovation in SASE has enabled us to maintain SASE ARR growth above 50% for the sixth quarter in a row. At Prisma Cloud, we have completed the first phase of rollout of data security posture management, which came from the Dig Security acquisition. We also added support for more than 100 new APIs across the major hyperscalers to stay ahead of our customers by securing the cloud services [they were talking] (ph). Based on our Cortex Xpanse technology, we did launch Cloud Discovery and Exposure Management, leveraging our Xpanse data natively in Prisma Cloud. Over 100 customers now use this capability to evaluate Internet exposure risks and discover unknown Internet exposed cloud assets. Also during Q3, we launched CDR, Cloud Detection and Response, which extends our XDR capability into the cloud and give customers a unified view of their entire environment from cloud to endpoint to network. CDEM and CDR show the power of having both Cortex and Prisma Cloud platforms, as we can leverage these sophisticated capabilities to benefit cloud customers. Last but not least, on Cortex, we launched XSIAM about 18 months ago, and this offering has already elevated the profile of Cortex in the market. We see steady demand for XDR, the foundation of Cortex, where we are landing many new customers, and now we have north of 5,800 customers on XDR. With $400 million in cumulative XSIAM bookings coming out of Q3, this offering is really going mainstream with customers understanding the value proposition versus the traditional SIEM. XSIAM has accelerated our Cortex ARR growth and we continue to see a strong pipeline of opportunities. We are converting our innovation into recognized leadership, adding two new positions this quarter. One was in managed detection and response, the other in data security posture management, leveraging our Dig acquisition and demonstrating our ability to acquire technology and rapidly integrate into our platforms. As many of you have undoubtedly seen, our rollout of platformization has stoked a long-standing debate within the cybersecurity industry about whether customers desire a platform or best-of-breed cybersecurity. From the Palo Alto Network's perspective, we've proven it is possible to deliver best of platform. This is why we have invested in building leading products and we have now recognition for product leadership in 23 categories while also delivering on the benefits of integration across all three platforms. To summarize, before I pass off to Dipak, please take away a few conclusions from my prepared remarks. One, we put out strong Q3 results in a positive spending environment where cybersecurity priorities are well funded. Beyond the continuation of a challenging threat environment, new threat vectors from AI are starting to surface as the usage of AI grows. We've been pleased with the initial traction of our accelerated consolidation platform strategy. This drove an increase in bookings, with deferred payments and impact on our billings, something we expect will continue. We had a big quarter of innovation, especially as it relates to AI, where we strive to lead the industry in securing this powerful productivity medium while also doing so comprehensively. As we look forward, we have significant pipeline heading into our largest quarter of the year. We're just beginning to see the benefits of platformization accrue to our business. We will continue to make further investments here while balancing delivering profitable growth and have chartered a path with conviction towards being a $15 billion NGS ARR company. With that, let me pass you on to Dipak.

A - Walter Pritchard:

Thank you, Dipak. To allow for broad participation, I'd ask that each person only ask one question. The first question will be from Brian Essex at JPMorgan, followed by Brad Zelnick at Deutsche Bank. Go ahead, Brian. Brian, you're muted. Brian, you're muted. Brian, looks like you're on mute.

Dipak Golechha:

Yeah. So, thanks for the question, Brian. Look, I think we will -- I mean, platformization is something that is now our strategy, so I think in that sense it will continue for a while. But at some point, it just becomes a normal motion, and then we're lapping a period where we've been doing platformization already. So, really, what you're seeing in the financial metrics is the difference when it wasn't the normal motion and then it becomes the motion, and then in the future, it will just become lapping what is a consistent motion.

Brian Essex:

That's helpful. Thank you for the clarification.

Brad Zelnick:

Thanks very much. Thanks for taking the question. Nikesh, I was hoping you can give us an update on the state of the channel. There's a lot of noise from the traditional VAR channel. I wanted to get your sense on how they're acclimating to platformization, but you're also doubling down with the GSIs. You announced this super special deal with IBM. You also signed a deal with Accenture, too. We'd just love to hear your latest thinking in a particular more on the GSI strategy. I mean, how many more can you add that are up at that level of an Accenture and an IBM? Thanks.

Brad Zelnick:

Thanks very much for the color, and I love the pullover. That's a good one, Nikesh.

Brad Zelnick:

Thank you.

Walter Pritchard:

Thanks, Brad. Next, we'll go to Hamza Fodderwala from Morgan Stanley, followed by Matt Hedberg from RBC. Go ahead, Hamza.

Nikesh Arora:

Yeah, Hamza, look -- first, thanks for the question. As I mentioned in our prepared remarks, we have been reviewing all of our customers. We have been through 500 of them with the account teams. And every customer, there is an opportunity. There's an opportunity to deliver a platform, there's an opportunity to consolidate. And just that gives us hope and sort of some degree of conviction that there's a lot of business to be converted out there. It's really limited by the customers' speed and desire to execute or the resources to execute. So, we have a robust pipeline across most of our platforms to see, question is can we go out and convert as quickly as we need to, and that's what we're guiding to.

Walter Pritchard:

Great. Thanks, Hamza. Next question is from Matt Hedberg, followed by Tal Liani from Bank of America. Go ahead, Matt.

Nikesh Arora:

Yeah, that's a good question. Look, the Thunderdome contract got activated last quarter because of the zero-day vulnerability we found in certain VPNs out of the market. So, they wanted to quickly replace some of the VPNs because they were required to replace them in the classified agencies and non-classified agencies. So, we saw some activity around Thunderdome and that contract was activated where people used that contract that we have with DISA to be able to execute some transactions. But we still maintain. These are going to get one at a time, each of these missions are going to execute one at a time. So, we haven't changed our expectations in terms of how Thunderdome will evolve vis-a-vis how we will see it in our financials.

Walter Pritchard:

Great. Thanks, Matt. Next question from Tal Liani at Bank of America, followed by Saket Kalia at Barclays. Go ahead, Tal.

Nikesh Arora:

You do.

Nikesh Arora:

Well, Tal, I think if you listened carefully to what I said, we actually built backlog this quarter, which means we booked a lot more business than we built, which is the difference between contracts where we chose not to take their payment terms and just do annual billing. So, we're signing big deals. We have a lot of business that we're signing, and the way it gets reflected is in RPO. It depends on what we choose to either take as annual billings or to take through PANFS, right? It shows up in billings. What we choose not to take ends up in future or deferred payment plans or deferred billing. So, I think if you look at the implied bookings, you'll see there's a double-digit number in there in the quarter. I just think billing is an artificial metric. I think I understand you guys like it because it's been around for a long time. I think the cost of money has changed the quality of that metric. To me, a quality metric is implied bookings or RPO. And in both those, as I mentioned, we saw an uptick this quarter. So, we actually believe we saw a recovery faster than we expected this quarter. That's why we're surprised at the reaction of the market.

Saket Kalia:

Okay, great. Thanks, guys, for taking my question. Nikesh, maybe the follow up is on that point.

Saket Kalia:

Thanks, buddy. I appreciate it. So, just to that point, it was great to see RPO bookings, I think, actually accelerated year-over-year in this quarter, right? So, last quarter, I think we talked about more flexibility for customers with platformization, right, just consolidating and creating some of those [ramp] (ph) contracts. How much did that sort of play into the difference between bookings and billings?

Saket Kalia:

Got it. Very helpful. Thank you.

Gabriela Borges:

Hi, good afternoon. Thank you. I'm going to ask on the $15 billion NGS target for fiscal year '30. Either for Nikesh or Dipak, a little bit of color on how you arrived at that number? There's an interesting footnote here on assuming 5% annual growth per customer. And then, within that target, how do you think about cyclicality? Any comments on the cyclicality of firewall or the cyclicality of platformization impacting the linearity of getting to that target? Thank you.

Gabriela Borges:

Yeah. Just on the footnote here on the 5% within...

Gabriela Borges:

Yeah, benchmark that for us.

Gabriela Borges:

Got it. Thank you.

Gray Powell:

Okay, great. Thanks for taking the question. And it was good to hear the 50% growth on Prisma SASE this quarter. So, a question on Secure Service Edge. If I look at industry analysts estimates there, I think Secure Service Edge is probably about 25% of the network security market today. Give or take, that's rough. I'm just kind of curious, where do you think that penetration goes in maybe three or four years? Or maybe said differently, how should we think about the growth profile of that market going forward and your ability to grow at or above that?

Gray Powell:

Okay. Thank you.

Gregg Moskowitz:

Okay. Thanks, Walter. Thanks for taking the question. Nikesh, in order to reach your fiscal '30 goals, it looks like you'll need to sign an average, give or take, of around 75 new platformization deals per quarter, a little higher than what you did just in Q3. But if we're in the early days of this strategy and if you're just now building your go-to-market muscle around this, why shouldn't new platformization customers be a lot higher than that on a multi-year basis? Thanks.

Gregg Moskowitz:

Thank you.

Fatima Boolani:

Thank you. Good afternoon. Thank you for taking my questions. Nikesh, you talked a lot about the multiplicative impact and the monetization acceleration you can get from platformization. I'm curious if we can put a profitability lens on this, because you are driving between $2 million and $14 million of the ARR you mentioned from a platformized customer. But from a contribution margin perspective, can you share with us what that incremental profitability impact would be like? And why should we sitting here not think that's structurally your business as it moves towards being increasingly consolidated can see 30%, 35%, maybe even 40% operating margins?

Fatima Boolani:

Thank you.

Shaul Eyal:

Thank you. Good afternoon, guys. Question for Dipak or Nikesh on finance receivables. So, finance receivables up 34% sequentially. I know you don't guide, cannot guide this metric. If we look into next quarter and take into account your commentary about the strong pipeline, will we be seeing the finance receivables still expanding? Or maybe asked differently, will there be a point where would you like to see that this metric actually decelerating to a degree? What's the thinking along these lines?

Walter Pritchard:

Great. Thanks, Shaul. Next up is Andy Nowinski from Wells Fargo, followed by Joe Gallo from Jefferies. Go ahead, Andy.

Nikesh Arora:

Hey, Andrew, there's more than that. Remember, we explained to you that part of platformization is going to be able to transition customers of their existing contracts. Now the good news is we can transition these customers irrespective of term when they expire. That's great option value. I don't have to wait for three years to migrate them. I don't have to wait for an RFP. I can just walk up to them saying, "Listen, you're already my customer now, because I've acquired the contract. Why don't you come, we work on transitioning to XSIAM?" Not only that, it also allows the opportunity not just to go after the SaaS customer base, but also allows us to transition the on-prem customer base, which is a much larger prize, where IBM has economics from us, where they're able to transit -- they will get earn out based on how many of those customers transition to us. So, I mean, honestly, I think it's an amazing deal for us. I'm just delighted that IBM agreed to do this deal with us and partner with us. And also it gives me access to -- look in the history of IBM, they have not sold anybody else's cybersecurity portfolio with the enthusiasm we hope we can generate together for the thousand cybersecurity sellers. Until now they would sell one portfolio that was IBM. And today, this deal allows us to train all of them, all thousand of them, work with them on XSIAM and get it out to customers. I think it hopefully cements our place in the SIEM/SOC category at a pace that nobody would have anticipated, right? Until yesterday, there were three players in the Magic Quadrant, which was not us. This allows us to participate with one of the biggest players in the space and migrate as many of these customers based on merit and based on great proposition as quickly as we can.

Nikesh Arora:

That's [$5 million] (ph), and I didn't have to spend, what was the number? Never mind, I won't quote a large number. I didn't have to sell many, many, many billions of dollars and transition to the customers then.

Walter Pritchard:

Great. Thanks, Andy. Next up, Joe Gallo from Jefferies, followed by Ben Bollin from Cleveland Research. Go ahead, Joe.

Nikesh Arora:

First of all, do not introduce the word fatigue in our conference call. Secondly, as it relates to the free cash flow margins, I'll let Dipak jump in in a minute. But it's the fine balance of making sure that we can let our annual billings continue to grow as a proportion, because we think this interest rate environment is here to stay and we can manage our free cash flow margins at the same timeframe. The good news is because of nicely increasing profitability that allows us to have the capability to let our annual billings continue to get bigger and bigger, because eventually that's what gets you. Take the extreme example on either side. The other side extreme example is a SaaS company with annual billings, which can go back to the same degree of free cash flow margins that they have. So, our opportunities to see if we can migrate our customers to more and more annualized billings and continue to maintain the margins without creating a kink in there. That's what Dipak is very focused on. I don't know if there was something you want to add to that, Dipak.

Joe Gallo:

Thank you.

Ben Bollin:

Thanks, Walter. Good afternoon, everyone. Thanks for taking the question. Nikesh, one of the initial attributes around platform seems to be the potential for free use periods and as companies displace other vendors. Could you talk about what you've seen from the use -- those free use periods in those first 60-plus deals? And then maybe Dipak, could you talk through a little bit about what it means for revenue, RPO, ARR, billings, and like how that waterfalls over time? Thanks.

Walter Pritchard:

Great. Thank you, Ben. Next question, Jonathan Ho from William Blair, followed by Joel Fishbein from Truist. Go ahead, Jonathan.

Nikesh Arora:

So, I think if you look at some of our products as we articulated, there are three specific products we announced at RSA. And then, we said all of our co-pilots will be available and already are available to customers for beta reasons. And then, we have underlying capabilities in our products which are AI enabled. Now, in most of our advanced services on firewalls, and I'm making a broad statement here, so we've increased prices from 20% of the cost of firewalls to the sub to 30%. So, we have had an uptick in AI-delivered services on the firewall, and the customers see the value and majority of customers have opted into that capability which we've had for the last two or three years and today we've just launched the most recent one, which is Advanced DNS which will also be uptick to a 30% instead of 20% subscription. AI Access will be sold as an incremental capability and incremental subscription for all of our VPN and for our SASE customers. So, you will have monetization capability there. AI Firewall would be, again, an uptick on our virtual firewalls where you have AI capabilities so you'll pay a premium to protect AI installations over a traditional VM. We're still debating whether we provide AI SPM to the market, which is effective in security posture management capability as part of our firewall optionality or we charge for it separately. We will do that closer to when we launch the actual product towards July. Our co-pilots are for the most part available to our customers as a productivity tool, as an enhancement tool. In certain cases where we require them to ingest data to get advanced telemetry, they would have to buy the advanced telemetry module to make the co-pilot even more useful for them. So that's roughly the lay of the land. But one should expect that there should be three capabilities. One, better productivity for our customers, so they don't have to understand more complex UI. Two, they will have to pay certain more -- some on more in certain use cases where they are getting incremental value and we're making incremental effort from them. Then three, they might require to upgrade their underlying capabilities from base to advanced because we need the telemetry to make AI useful.

Joel Fishbein:

Thanks, Walter. I have an AI question, too, Nikesh, just to follow up on that. In terms of, can you talk about the customer appetite for AI security and maybe a couple of comments about the competitive landscape around companies that are delivering products around AI security as well?

Joel Fishbein:

Great. Thank you.

Nikesh Arora:

Well, I just want to thank all of you for joining our earnings call. I appreciate your attention. I also want to thank all of our employees for all the hard work that goes into delivering great quarters and all the innovation that they've delivered. And last but not the least, thank you for all of our customers for their trust in us. See you guys next quarter.

Nikesh Arora:

Thank you, Walter. Good afternoon and thank you for joining us today for our earnings call. I am pleased to report another quarter in which we successfully executed our profitable growth strategy, driving a combination of top-line growth, significant expansion in non-GAAP operating margin, and strong free cash flow generation. Revenues grew 19% year-to-year and RPO grew 22%, capturing the full value of our future revenue. Billings grew 16% year-to-year. Just as important as we focus on profitable growth, we again delivered substantial operating margin leverage and strong growth in free cash flow. Non-GAAP operating margins of 28.6% expanded nearly 600 basis points year-over-year and we generated $2.9 billion in adjusted free cash flow on a trailing 12-month basis. Our strong profitability drove non-GAAP EPS of $1.46 up 39% year-over-year, and our GAAP net income continued to grow meaningfully even without one-time items. Beyond our financial results, we achieved a number of notable milestones in Q2, worthy of spotlighting. We continued to drive large deals, including a steady stream of million dollar plus deals and success in our largest deals with 10 transactions that were $20 million in the quarter. Our 10 highest spending customers in Q2 increased their spend with us by 36% of the period. I also wanted to update you on key achievements across our three platforms. In our network security business, we continue to see progress driving ARR growth in our SASE business. Q2 was our fifth consecutive quarter of 50% ARR growth. Additionally, more than 30% of our new SASE customers we signed in the second quarter were new to Palo Alto Networks, showing that we can win head-to-head in the market when leading with SASE. We continue to drive innovation in network security, refreshing our high-end 7500 series platform, and investing new OT security capabilities, which garnered a net new leadership position for us. In Prisma Cloud, we have made significant investments in the first half of the year to drive new customers and saw this pay off in Q2 with our highest new ACV growth in five quarters. We continue to see strong trends in multi-module adoption, with approximately 30% growth in customers with two or more modules and approximately 60% growth in customers with three or more modules. Additionally, about a quarter of our customers are using five or more modules. Our external recognition in this market continued with Forrester Research positioning us as a leader in this Cloud Workload Security Wave Report. In Cortex, XSIAM continues to be a significant catalyst for large transactions and growth across the business. This is evidenced by ARR, for XSIAM customers being more than five times higher than that of Cortex customers who have not yet adopted XSIAM. We have seen significant progress in the milestone with XSIAM in Q2, including the most number of deals signed in a single quarter and bookings of over $90 million again this quarter. We've already displaced 19 different SIM vendors to date, and with the confidence under our belt, we're now looking systematically on how we can accelerate this legacy SIM displacement. From a regional perspective, demand overall is healthy. We did see softness in the US federal government's market. We were positioned well for several large projects where we had requisite certifications and one technical selection, but these deals did not close. The situation started off towards the end of Q1. We were worsened in Q2, and as a result, we had a significant shortfall in our US Federal government business. We expect this trend will continue into our Q3 and Q4. Offsetting the billing weakness in Fed was some non-product backlog that we shipped this quarter. With several leadership positions awarded in second quarter, including our addition as a leader of the Gartner Endpoint Protection Magic Quadrant, we're now a recognized leader in 21 different categories across our three platforms. Five years ago when we began our strategy, the industry believed building leadership across multiple categories wasn't possible. No one was talking about security platform. Instead, the word was best-of-breed. Our success over the last five years has been driven by the shift to platformization. We're committed to investing in innovation to extend our industry leadership position and platform. This unique leadership across our three markets is driving strong adoption of our platforms in our target Global 2000 markets. As of Q2, 79% of Global 2000 have transacted with us on at least two of our platforms and 57% on all three. This is up from 73% and 47% two years ago. In most of these accounts, while they have adopted products from multiple platforms, we are early in driving each of our platforms wall-to-wall. This is a major area of focus for us as we move forward, driving consolidation within our three platforms. We know this is the right strategy as we see compelling economics with multi-platform wins. Our two platform customers have an average customer lifetime value that is more than five times that of our single platform customer. For our three platform customers, that is more than 40 times larger. While we are driving platformization, I personally think we should be doing this faster. Not only is this showing up in our deal statistics, but as we have established the position of our platforms, we are now seeing significant progress in consolidating vendors in our customer environments. We have built our zero trust platforms through a consistent architecture across our appliance, software, and SASE form factors. Customers can now consistently manage security policy across these form factors, and then leverage a consistent set of security subscriptions to consolidate network security capabilities. These capabilities, provided by point vendors can include intrusion prevention, web proxies, URL filtering, SD-WAN, and DLP, just to name a few. In Q2, we saw zero trust consolidation wins that included a large US manufacturing company standardizing on our network security platform in a $40 million transaction, replacing end-of-life competitive hardware, leveraging our security subscription, and removing a point competitor in SSE. We were the only company with the right certifications across all these offerings that could support their broad geographic footprint. This deal was part of the consolidation and modernization effort across IT with positive ROI for the customer. We also had a seven figure deal with a large law firm expanding our firewall footprint in the new data center and expanding their hybrid workforce initiatives with Prisma Access. As part of this, we won versus other firewall and SSE competitors and also consolidated their URL filtering and VPN capabilities. In Prisma Cloud, we have built a core-to-cloud platform combining key best-of-breed capabilities that we have acquired or developed organically. Our common architecture and user experience spreads across 12 modules. As our customers adopt multiple modules, they can consolidate a wide variety of vendors, including those in cloud security posture management, cloud workload protection, API security, SCA or software composition analysis, and infrastructure as code security amongst others. In Q2, we closed a seven-figure Prisma Cloud new logo deal with a financial services company displacing multiple incumbent vendors. The customer was looking for a CNAPP solution to support their multi-cloud journey. The Prisma Cloud CNAPP streamlined several previously deployed point solutions and tools. They also closed a seven figure renew and expand deal with the leading North American technology company where the customer intends to expand the use of Prisma Cloud to seven modules and also value the consolidation and standardization delivered through Prisma Cloud. Finally, in our Cortex platform with our autonomous security operations platform, XSIAM, we were able to establish our offering, which has enabled us to accelerate a platform value proposition with Cortex. A platform approach in the SOC is becoming a customer imperative, as point products, each with their own data stores, cannot have full context nor drive appropriate action without overly complex integrations and high people costs. In Q2, we saw consolidation wins that include a large insurance company that renewed its subscriptions, support and firewalls at the same time, added XSIAM and Expanse capability for a $25 million transaction. The XSIAM choice displays the two leading EDR and SIM competitors in the market, and enables the customer to avoid the cost of adding other point products in their SOC. Additionally, in Q2, we saw follow-on consolidation success for the Japanese manufacturing company that previously consolidated their network security across our SASE capabilities, leveraging Prisma Access and our DLP and CASB capabilities. The customer then added XSOAR into their SOC and expressed an interest in consolidating further. In Q2, they added XSIAM in a mid-seven figure deal. I know all of you had a chance to look at our guidance. Our guidance is not a consequence of a change in the demand outlook out there. Our guidance is a consequence of us driving a shift in our strategy in wanting to accelerate both our platformization and consolidation and activating our AI leadership. We believe this is the time for us to invest, given our leadership position in the market and our leadership position across platformization and consolidation. But before I talk about that more as to how we intend to accelerate our growth prospects in the future and drive towards a much higher aspiration of $15 billion in ARR by 2030, I want to give you a candid view of where we see the cybersecurity market and the demand function out there. The demand story is no different from prior quarters and on the margin, continues to get stronger. There are multiple drivers fueling this. The threat landscape continues to challenge our customers with increasing scale and sophistication of attacks. I'm personally getting calls from CEOs and members of boards that have had bad incidents, as well as those that have seen their peers adversely impacted. We're increasingly focusing on working with companies impacted by breaches, an important commitment as we continue to be the leader in this space. Last quarter, we offered 1,500 of our top customers an opportunity to get our free support during a breach. Surprisingly, 400 customers have signed up in the last 90 days out of 1,500 to get our help on this topic. Clearly there is awareness and concern around cybersecurity, as has never been before. Heightened geopolitical tensions are driving significant national state activity with national infrastructure being targeted. Successful breaches and ransomware attacks are being perpetrated across many industries with few repercussions for the bad actors. Although we did see various law enforcement agencies this morning over the weekend shut down lock pit, which is a promising sign. The new SEC mandate requires prompt disclosure of material incidents which often result in companies reporting those incidents before a full assessment can be done or incidents to mediate it. We see some companies making several disclosures in succession as they grapple with understanding the full extent of what they are facing. We see the results of these disclosure mandates recognizing the need for expedited action in security, visibility, and remediation in [indiscernible]. The part that is new, despite the many demand drivers we're seeing, we're beginning to notice customers are facing spending fatigue in cybersecurity. This is new, as adding incremental point products is not necessarily driving a better security outcome for them. This is driving a greater focus on ROI and total cost of ownership amongst most customers. There are also some key trends within the industry that I think are worth highlighting. Palo Alto Networks is unique in seeing gains in market share in hardware firewalls or in the product space. This market is changing rapidly with us seeing some of our competitors who had introduced price increases begin to roll them back. From our vantage point, we see the share shift happening in our favor because we see customers consolidating into our zero trust platforms. Customers, as I mentioned, 30%, net new network security customers or SASE or new to Palo Alto. Those are the customers who over time go ahead and consolidate their footprint and require our firewalls to be deployed to give them a consistent zero trust architecture. We see this as a promising trend. We intend to accelerate that opportunity. Along with the incremental focus on ROI and TCO with single product vendors having challenges and articulating compelling value, they're also forced to have platformization narrative. When they're not able to convince the customers that their strategy is competitive, they're many times resorting to un-economic pricing and putting pressure on transactions in this manner. We're beginning to see rogue behavior by some vendors in the space who are keen to retain their customers, primarily in the legacy vendor space and the start-up space. We intend to combat that with investing in this space and trying to accelerate platformization and consolidation for our customers. We're also seeing increased demand for AI, along with deploying AI in our products or big needs to our customers asking us to help them protect for a successful and responsible deployment of AI in their infrastructure. Putting this all together, these trends of the market bolster our conviction that adopting platforms is the only viable strategy for customers and leveraging AI is imperative. We want to march faster to our aspiration to become the sales force, to become the service now, or the workday of cybersecurity. Customers have adopted platforms in other markets across technology, and this will inevitably happen in cybersecurity. These industry trends set up conditions that favor leaders that can drive consolidation. We intend to answer this challenge. With all the problems that platformization holds, adoption is not always easy for many of our customers. Until now, we have primarily assumed that our customers adopt our platforms at their own pace. The crux of the challenge is around execution. Customers face risk in executing or making significant changes to the environments as well as economic exposure from these changes. Key friction points you've noticed include the challenge of replacing multiple products simultaneously as well as the issues around double playing while working through complex contract terms. Over the last six months, we have been quietly working to develop programs that enable us to help minimize and even share in the risk of our customers' face. You will see us tomorrow launching a significant number of platform offers to our customers to help drive the consolidation and platformization strategy. We believe we can build customer confidence in our platforms by approaching them well before their point product contracts expire. After we gain their contractual commitment, we have offered an extended rollout period where we can demonstrate our ability to deliver these platform benefits. Customers can then start paying us after the obligation of legacy vendors ends. With the experience we've gained over the last six months, we believe now is the right time to accelerate programs across our portfolio to drive this platformization. All these programs will have mechanisms to reduce customer friction, accelerate product deployment, help customer realize the value of our platforms, and consume new innovation sooner. While this is not an exhaustive list, I wanted to give you some examples. We have begun to launch programs already that include legacy trade-ins, no-cost introductory offers and product add-ons and incentives to accelerate estate standardization. Each of these programs is elements of reducing execution risk and dealing with economic exposure that concern our customers. In that sense, we must bear the cost of the transition through lower upfront financial outcomes, but we are convinced these will yield amazing outcomes for us in the mid to long-term. We have developed these programs across all three platforms, and as I mentioned, we intend, we have announced a few and we intend to announce more starting tomorrow in addition to expanding some of the programs that we already have. Given this is an investor call and you're all focused on these numbers, I want to provide you a high level understanding of the aggregate impact we expect this will have in the medium term and long term. I will then have Deepak talk more about this in his section and explain this much more eloquently and elaborately. We expect a typical customer entering into a platformization transaction will not pay us for our technology for a period of time. As these programs ramp over the next year, we expect a change to our billings and revenue growth for the next 12 to 18 months. As customers move into the period where contracts have a full billing and revenue contribution, we expect to see an acceleration in our top line metrics. Beyond this dip and acceleration in our top line metrics, we believe we can sustain higher growth rates for longer, driven by sticky and broad platform relationships with incremental customers, allowing us to aspire to a goal of $15 billion in next generation security in 2030. We also expect to achieve our transformation to a business with greater than 90% recurring revenue, an industry leading non-GAAP operating margins in the low to mid 30s. As Deepak will explain, we believe we can do this in a financially prudent and strong manner. Talking about bigger platforms and ARR, aspirations cannot be done today without talking about AI. We have been working on AI for a long time as a company, however, we did accelerate our efforts with the arrival of generative AI. I personally believe AI is going to be one of the biggest inflection points in technology in over a decade and likely, more importantly, to significantly increase the total addressable market in cybersecurity. Gartner predicts by 2027 $300 billion will be spent on AI software. This AI juggernaut continues to bring several challenges along with it from a security perspective, multiple vectors of attacks ranging from phishing to malware to nation state activity and inflected negatively due to AI. Furthermore, customers are evaluating dozens of co-pilot type offerings with end users where security is not necessarily front and center. We see three discrete opportunities to drive additional growth in cybersecurity through AI and we have internally put pen to paper to understand this opportunity, and we're in alpha or beta stages of many of these across our product capabilities. First, organizations are concerned about their employees' access to AI in an insecure manner, where the consequences are unintended leakage over from source, other data models tampering, or AI-driven phishing, we see an opportunity to add value across the growing volume of users we secure. We currently secure north of 100 million users and their access to applications both in the public cloud and in the data center. We expect each of these users is an opportunity for us to deliver an AI security sub for them. It leaves us a $3 to $5 billion opportunity over the next five years. Secondly, organizations are increasingly deploying AI-related workloads in the cloud, just like they need to understand the overall security posture of the cloud estate and expeditiously identify immediate issues. They must do this for AI-related workloads. We believe this in itself is a $5 billion to $6 billion opportunity in the next five years. Lastly, network traffic will increasingly have an AI context with interactions and transactions between applications and AI models. Our more than half a million installed firewalls is the perfect place to inspect this traffic. We believe this is the $5 billion to $6 billion opportunity in the next five years. Overall, this combined $13 billion to $17 billion opportunity drives our conviction that investing in AI and maintaining our leadership can help us accelerate our growth towards $15 billion by 2030. The larger opportunity, we also believe we are uniquely positioned to garner our fair share of the stamp. Our proprietary data and large technology footprint is a significant advantage in driving AI outcomes. We've already seen the early benefits of this AI in our newly developed product offerings. In Q2, our AI offerings, which include XSIAM, Autonomous Digital Experience Management, or ADEM, and AIOps, cost the $100 million in ARR milestone. We are possibly the first security companies to cost $100 million ARR in AI security. This is above and beyond the AI capabilities we have embedded across all of our platforms, including our advanced subscriptions and our core to cloud platforms. Our co-pilots are in alpha, are in the hands of leading customers who are giving us feedback before we move to general availability. Looking forward, we have aggressive plans to roll out additional AI-based offerings by the end of this fiscal year. We have plans to offer three new product offerings, one to address each of the stamps I talked about. Before I wrap up and pass it on to Deepak, I'd like to summarize. We have established our platformization notion, our clear industry leadership position with our best-of-breed platforms, and the industry trends convince us we're in the best position to capitalize on this early trend and now focus on the next phase of cybersecurity, which is going to be all about consolidation. One of the hardest things to do is to change a strategy that is working. We have spent time understanding how to accelerate our strategy further. We firmly believe as a management team that the changes we are making today are going to give us better prospects in the mid to long-term and allow us to drive this consolidation much faster whilst giving our customers better ROI and total cost of ownership. AI is an opportunity in the early stages. However, we are seeing the signs that there is significant demand there. It will prove to be an inflection point for cybersecurity. And today will be marked as a day where we will see that inflection begin to take hold as we start to deliver more AI security products over the course of the rest of the year. We have confidence we can drive our top line growth trajectory higher for longer ahead of the growth trajectory we talked about back in August, despite absorbing some short-term impacts. We have shown we run the business in a financially prudent manner, which we will continue to do as we dive this exploration, hitting our original operating profitability and cash flow margin targets. With that, I will pass on to Deepak.

A - Walter Pritchard:

Thanks. We'll now proceed with Q&A. Please, in the interest of time, ask only one question with no follow-ups. Our first question will come from Hamza Fodderwala from Morgan Stanley, followed by Brian Essex from JPMorgan. Hamza, please go ahead with your question.

Nikesh Arora:

Thanks, Hamza. Thanks for the question. Yeah, I think I want to make sure there's no confusion in our characterization of spending fatigue. Over the last few years, most of our customers have ended up spending more on cybersecurity than on IT. As a consequence, they're feeling like my budget for cybersecurity keeps going up in double-digits every year because I'm trying to protect against every new threat vector. Yet, you see the number of breaches continues to rise. So our customer are sitting down and saying, if I spend more money, can you show me how I get a lower total cost of ownership across my enterprise? How do I spend less on the services that I have to deploy? And how do I get better ROI? So I think it's more about optimizing their current cybersecurity budgets as opposed to there being no demand. Demand continues to be very strong. The customers are demanding to get more for the amount of money they have allocated to cybersecurity. That's where platformization consolidation kicks in. In terms of trying to quantify duration versus.

Walter Pritchard:

Great. Thank you, Hamza. Next question is from Brian Essex at JPMorgan, followed by Saket Kalia at Barclays. Brian, go ahead.

Nikesh Arora:

Thanks, Brian. Let me jump in here. I think let me clarify in terms of the discounting notion. What's happening today is when I go to a customer and say, listen, I'd like to replace your estate with the entire platform. The customer says, wait, wait a minute, I got this vendor for IPS, this for SD-WAN, this for SSC. And I got half of my firewalls from another vendor, and they all expire at different points in time. I'd love to deploy Zero Trust, but it's going to take me two, three years as the end of life, so these vendors happen. And I'm scared that if I rip and replace this at this point in time, is going to create execution risk, not just that, it's going to hit economic risk. So the propositions we're going to customers is, listen, let's lay out a two-year, three-year cybersecurity consolidation and platformization plan. We'll go start implementing today, you pay us when they're done. So what it is, is more of a sort of like you can use our services until you have to keep paying the other vendor, we'll take it from there. But that's taking away a lot of the economic exposure and the execution risk for our customers. Now you can call that discount or you can call that a free offer. Our estimate is approximately it works out at about six months' worth of free product capabilities to our customers on a rolling basis. I think in about 12 months, as our offers start lapping each other, we should go back to our growth rate we've been talking about. And I think the right metric is the time frame is to look at RPO.

Walter Pritchard:

Thank you, Brian. Next question is from Andrew Nowinski at Wells Fargo, followed by Gabriela Borges at Goldman Sachs. Go ahead, Andy.

Nikesh Arora:

Look, part of it is particular to us. As you are aware, there was a large program. We were part of down selected to be the only vendor. We'd expected we staffed it to make sure we could implement it and we could get the orders. That program didn't materialize at the pace and at the spending levels we had expected. We saw an early glimpse in Q1 towards the end -- you saw it not show up in Q2, and we have it staffed for Q3 and Q4. Remember, Fed is a lower duration number. So it has a much more significant impact to revenue because Fed pays on an annualized basis as opposed to an TCV basis. So you're seeing the impact of that to our revenue for Q3 and Q4 and some of the billings miss in Q2, which we had to make up with shipping from non-product backlog. So that's kind of what happened in the Fed business. One's bidding, twice shy. So we're being very cautious about how we expect it to come back or not in the second half of the year. So it's more pertinent to that as opposed to a broader comment around the federal space. And don't forget, Fed is, in general, is not a next-generation security adopter because they're usually slower on cloud services than they are on traditional cybersecurity products.

Walter Pritchard:

Thanks, Andy, Apologies. We're going to go back to Saket Kalia from Barclays and then go to Gabriela Borges from Goldman. Go ahead, Saket.

Nikesh Arora:

Yes, yes, that makes a lot of sense. I think part of what we're noticing, Saket, is that we'd like to go from best-of-breed competitive behavior with legacy vendors or New Year vendors and go straight to platform competition. Because you noticed that we have a higher win rate on platform deals. We have a higher win rate and consolidation plays as opposed to best-of-breed head ones, which end up costing more time and energy and you see very, I call it, rogue behavior where people start trying to desperately hold on to customers. So we are trying to shift our go-to-market towards a consolidation play and a platform play. I think, as I said to earlier, the right number to look at in this context is RPO. The underlying demand is strong. Our book of business is strong. Our pipeline is strong. There is nothing going on in the demand side. It's just that we see this pushing out of the billings towards later parts as we get more and more consolidation offers and platform offers out there. To give you an example, when we acquired Talend , we made Talend free to every SASE customer, right? Is there going and trying to upsell that every SASE customer and run the risk of running the POCs other secure browsers. We've decided to give it away free for the next 12 months until the customer's renewal comes up. Now that has a billing impact in the 12-month time frame and revenue impact. However, at the end of 12 months, all these will be renewed because our aspiration is to get 50% of our customers to use the enterprise browser. It's one of the best products we've acquired. It has tremendous market traction. When we acquired it, there were 100 POCs in place going on at customers. And we told them, listen, if you're a Palo Alto customer, just use it. It's part of our product. It's part of the licensing. You don't have to pay us more, you don't have to do a new contract. What that does, it allows us to penetrate a market segment which would end up being competitive, we end up getting some share and spend the rest of our lives trying to create more traction and more market share in the future. Is that great. It's free. Our incident response offer. We never had 400 Fortune 2000 customers dealing with us on incident response. We launched an offer in 90 days, we've got 400 customers. We gave them 250 hours free, right? That's 100,000 hours of breach consulting for free, but that drives a future business for us where they become our cybersecurity partner of choice. So we're trying to seed ourselves into our customers' platform and consolidation strategies so that we don't have to keep fighting on individual breach individual best-of-breed deal every time we go to a customer.

Walter Pritchard:

Great. Thanks, Saket. We're going to go next to Gabriela Borges with Fatima Boolani from Citi on deck.

Nikesh Arora:

If you find them, let me know. Sorry, go ahead, please ask the question. How do you?

Nikesh Arora:

I think there are two answers. Yes, let me answer two parts of the question. I think this is -- to think about it as a price war is a wrong way to think about it. Actually, we're averting a price war by driving a platformization approach. I will explain how. First of all, all of our customer deals are discussed, negotiated POC. So it's very rarely that we have a customer who does not understand the value of what they're offering. Because the competitive market, we have a price. Our competitors are who normally rational competitors have a price. So we don't think that we're cannibalizing a full price paying customer we are possibly. I think what we are doing, Gabriela is that we're avoiding the unintended consequence where a customer says, oops, I have no time left. Because what happens to customers with all the right intentions we'll say, I'll renew, I'll buy Palo Alto in 12 months from now when my current contract goes away. They take a little while analyzing and they get to six months, oh my God, if I'm not able to deploy you in six months, I'm going to have an exposure, so I'm going to go try and get a renewal. When they're trying to get a renewal, the other vendors know this is not going to be their business for too long. So that's when international pricing behavior happens. It's not when they execute early and deploy early. So actually, averting the last minute race to the bottom like you called it, by making sure our customers don't have to worry about the execution risk and trying to get renewals and trying to get best pricing in the last six months.

Walter Pritchard:

Great. Thanks, Gabriela. Next up is Fatima Boolani from Citi. And after that, Roger Boyd from UBS.

Nikesh Arora:

Thank you. Dipak did warn me this one will take a little bit of explaining. And -- so let me go back to what Saket said. For simplicity purposes, think about a ramp deal. So our sales people still get paid on TCV, right? So they're still going to do a three-year deal or a five-year deal. We're not doing six months or 12-months deals. So you'll see that in our RPO. You'll still see us doing ramp deals for the first six months may not be charged, but the next 4.5 years is or the next 2.5 years to sort our salespeople will get paid on the TCV deals like they get paid today, right? That's not a problem. I think that's the best way to think about it and, I'm sorry, there was another part that I missed, I apologize.

Nikesh Arora:

I'd say the impetus, Fatima is fascinating. We are -- we've managed to double our business in the last five years. And for us to get to a double from here and more, we've had to step back and say, what did we do? We got 21 categories where we're best-in-breed to realize we're still fighting best-of-breed deals while we should be selling the platformization strategy and we realized selling the platformization strategy, which we have been for the last six months, as we said, we have been trialing this out, we've been running this play with about six months discovering, when we go in with the platform approach, we win more often than if we go into the best-of-breed only. Otherwise, we get whittled down on price, XDR to XDR or SASE to SASE. When you go with XSIAM with XDR, XSIAM and XSOAR, then we don't get a little down on price because customers see the TCO value and the ROI of doing the entire replacement together. But the moment we go up with that is like lots a lot of risk. I got to replace everything in the next six months. I'm not willing to commit, let's go one at a time. And they go one at a time, I get riddled down on price with a legacy vendor.

Roger Boyd:

Great. Thanks for taking the questions. Another follow-up on the platformization. But as you get more accommodative on some of these offerings, more aggressive on discounting. What are you expecting to see from a contract duration perspective? It sounds like the focus is going to be on RPO, but are you expecting to see contract duration actually extend in exchange for some of this economic flexibility? Thanks.

Walter Pritchard:

Great. Thank you. Next question, Jonathan Ho from William Blair. And after that, we've got Adam Borg from Stifel.

Nikesh Arora:

That's a great question, Jonathan. Very apt question. Look, it allows us to do a much better job of putting stuff together across our portfolio as opposed to having to do each of these deals on an individualized basis. So you're bang on the idea that this consolidation benefits us and allows us to drive towards that platform much faster. That's helpful. I think it also gives us financial flexibility in terms of pricing deals. That's also very important, very true. But I'll give you an example, right, just this morning, I was on the phone and the customer is trying to buy an IoT capability. Independently, that IoT capability is going to cost them north of $5 million. They already have our firewalls. We allowed them to activate IoT of our firewalls, which cost us a lot less than $5 million. But that allowed them to consolidate. And now when the renewal comes up in six months or 12 months, they're going to be able to renew for a higher amount. So that degree of flexibility that we can offer our customers, but they don't have to go end up spending more and building yet another vector that they have to go consolidate in the future is what we're trying to drive to.

Keith Bachman:

Hi. Thank you. You confuse me, Walter. I think Dipak for you, you mentioned we certainly have the billings guide for Q3 and then implied for Q4, something like 10%. And you indicated that this was going to be a 12 to 18 month sort of impact as you try to anniversary consolidating spend. But is there any trough or any way to think about FY'25? I mean is it still double-digit billings growth that we should be thinking about? Or any kind of metrics on how you think about the six to, or excuse me, 12 to 18 month impact where you're trying to anniversary the program?

Nikesh Arora:

I just want to make one more point, sorry, on this context. One of the things that I think should not be lost what Dipak has said. We have maintained our absolute free cash flow guidance for the year and absolute EPS guidance for the year. So we believe we can make all this happen whilst holding our earnings and free cash flow constant.

Walter Pritchard:

Great. Next, we're going to go back to Adam Borg and then we're going to go to Tal Liani for BofA.

Nikesh Arora:

Thanks, Adam. So Adam, we've displaced 19 unique different SIM vendors. And the reason that's relevant for us is that tells us that our platform has capability that spans multiple use cases and different types of products in the market. It's not like we only replace one kind of SIM. We have been able to replace different kinds of SIM, which offer different capabilities in our customers. And we still believe this is the fastest and best cybersecurity product that has been created. We are north of 65 customers now in nine months. As we said, we have signed a larger number of deals this quarter. And on a deal basis, we did a $90 million in TCV. So we're really excited about it. This does resonate with our customers. We are launching tomorrow an offer to replace end points for our customers who are stuck with legacy end points which is one of the things that holds us back in being able to deploy XSIAM. We've also announced support of other non-legacy vendors that they have in their infrastructure. So our customers have been asking for that so we can support some of the other leading edge XDR capabilities in the market. So we are making a concerted play to be able to be the SOC of choice. It is radically different and better than most other SIMs out in the marketplace. So we are putting a concerted effort, very excited about where we are with it.

Walter Pritchard:

Thanks a lot, Adam. Next up, Tal Liani from BofA followed by Brad Zelnick at Deutsche Bank.

Nikesh Arora:

I think the best analogy is Jonathan's analogy, which is the bundling of multiple things into one capability, more like I don't want to call it that one. More like one of the other vendors has a certain bundling philosophy. I think it's more like that than it is about individual product categories because it's not about if you buy SASE, I'll make it cheap, or if you buy XDR, I'll make it cheap. It's about -- if you commit to my network security platform, the combined whole of it will be much better TCO and ROI for you, and I'll take the execution risk. You don't remember, the exit ARR for me is going to be no different than it is today and I think that's why I don't like the word discounting or reduced pricing. The exit ARR will be consistent with what I would get today. I would end up taking the execution risk away from the customer.

Brad Zelnick:

Great. Thanks so much. I wanted to ask another question from a go-to-market perspective, just extending on Fatima's question. Nikesh, how do you align the channel to execute on this platformization strategy where for you to win, somebody else has to lose. And their economics are typically a function of present day billings not LTV. And then also just extending on that, you've talked about the SIs as a real strategic opportunity for you. Where do they fit into this platform -- I got to practice the word platformization strategy. Thank you.

Brad Zelnick:

Thank you.

Matt Hedberg:

Great. Thanks, Walter. I think one of the important points, Nikesh, you made is, despite all these changes, free cash flow margins are unchanged for fiscal '24 and the midterm targets, I guess the question for Dipak, I just wanted to make sure I understood why that's the case. It sounds like you said it was prior arrangements and optimizing vendor payments. First of all, did I get that right? And I guess, secondly, when we get into '25, are there other variables that we think of that could potentially change that margin target or kind of confidence level that, that margin target can hold into next year?

Walter Pritchard:

Great. Thank you. And we'll take our final question from Joe Gallo at Jefferies. Go ahead, Joe.

Nikesh Arora:

First of all, I would not classify this as a short-term hiccup. I know you guys would love life that was linearly nice in quarters and moved up in a beat-and-raise percentage basis. I'm trying to get this done in the next three to five years where we become even a bigger and larger platform in cybersecurity. If I step back and look at what we've done over the last five years, we established the notion of the platform in cybersecurity. It wasn't a notion that existed. I'm trying to accelerate the deployment of the notion because I believe competitive advantage in product in this industry the last two to three years. At this point in time, I believe we have the largest competitive advantage across our platforms in the market starting with our XSIAM product in our SOC space. We think that is a 15-year-old legacy space, which we should get quickly and go and deploy as quickly as we can across the board and take you any friction in the process. On network security, we did not have network securities, Zero Trust offers in the marketplace. We are starting to see our customer bought $40 million of SASE and then came and replaced all their firewalls with us in the last six months, right? So we are seeing the customers show that behavior. We're trying to take all the friction out of the way, they can make that happen. Now if I break it down into the three categories we're in, I think in network security, you'll see more and more zero trust offers where hardware, software and SASE have to combine. There's very few vendors in the space who can do that today. So they're trying to hold on to the legacy positions. We're accelerating combination across that category. You can make your own judgments as to which vendors are going to benefit, which ones are not going to benefit as much. In the SOC space, there is only one option, deploy AI in your SOC. The average technology in the SOC space is 13 to 15 years old, right? That was not made for AI. It was not ready for AI, it doesn't matter who you buy, it doesn't matter what gets acquired. What is important is that you can actually have an AI delivered data lake that delivers the capability of XSIAM. On cloud, it's a new space. And we're beginning to see what's fascinating is for us, our best cloud customers are the ones who are delivering SaaS software to their customers. So we take the large platform players, they use our cloud security because they understand the need to have an integrated cloud platform. So we have green shoots. We have trialed this. This is the time for us to double down and accelerate. That's what we're doing. It's not a hiccup.

Walter Pritchard:

Great. Thanks, Joe, for that last question. With that, I'll pass it over to Nikesh for his closing remarks.

Nikesh Arora:

Thank you, Walter, very good afternoon, everyone, and thank you for joining us today for our earnings call. Q1 was the first quarter of our three-year plan we presented in August. If I were to summarize the quarter I would say the following. We continue to execute amazingly well in what is a volatile environment. On the geopolitical front, we've been contending with what's happening in Israel and Ukraine. On the hardware or product front, as you see, there has been normalization in the industry, it's something we've been indicating for a while. Backlogs is being shipped, supply chain issues are behind us and product growth is normalizing in the industry, we continue to seize normal strength as we indicated in prior quarters in that category. On the macroeconomic front, business practices continue to adapt and adjust to a new normal with higher interest rates for longer. Internally, on the product side, we've had one of the strongest start to our fiscal year. In addition to various recognitions, we have delivered strong innovation across all three platforms. We launched an AI-enabled Cloud Manager and Network Security to continue our consolidation platformization efforts towards Zero Trust. In SASE, we announced our intent to deliver enterprise browsers, the Talon acquisition, which will solve one of the critical issues that more access, which is not addressed today by any SASE vendor. We released the industry's first integrated UI for Code to Cloud and Prisma Cloud and announced the acquisition of Dig Security, double-down on data security for Generative AI and Prisma Cloud. Last but not the least, in Cortex, we launched XSIAM 2.0 to bring your own AI. On-the-go to-market side, Q1 is seasonally a slower start as we kick off the new year, but the team delivered superior revenue and profitability and we had our highest cash collection quarter in our history. We continued to see steady execution - excuse me, in our firewall cloud and endpoint businesses and SASE, we continue to position ourselves in larger and more strategic deals, and XSIAM while in it's early days, continues to garner tremendous interest, giving us more comfort around our long-term intentions. So in summary, a strong start in Q1 towards our three-year journey, early days, but confidence is fired. Let's dig in the details. Our Q1 revenue grew 20% and our billings grew 16%, while our RPO growth of 26% exceeded both of these and was driven by our next-generation security capabilities. I would like you to pay particular attention to RPO versus billings, Dipak will talk about the difference at plan and explain why the street might be confused with our future billings guidance. Our Q1 non-GAAP operating margins expanded by 760 basis points, driving 1.38 in non-GAAP earnings per share and we generated record $1.5 billion adjusted free cash flow in Q1. If you look at what's going on from an overall cybersecurity perspective, we have never seen as much adversarial and consistent activity at scale as we have seen in the first quarter. Unfortunately, we don't expect this to abate anytime soon. As a consequence of this increased activity and in recognition of our customer's commitment to us, this week we announced the Unit 42 Rapid Incident Response Retainer at no cost to all of our strategic customers, and are providing additional support during this escalating threat landscape. Ransomware attacks are increasing in frequency and severity, the ransom amounts being paid are also increasing. Bad actors are doing damage in a much shorter amount of time. As an example, in the recent engagement of our Unit 42 team, we saw an instance where bad actors extracted 2.4 terabytes of data in just 14 hours. There is also some evidence that the adversaries are beginning to leverage Generative AI as a tool to make attacks more sophisticated. Not just that, based on what we're seeing in Unit 42, most attacks are not happening on the back of vulnerabilities in widely used software and APIs such as a widely exploited move it file transfer software. Unfortunately, these bad actors remain elusive with no apparent significant increase in convictions and high-profile attacks, and therefore not surprisingly this malicious activity continues. At the same time, U.S. publicly listed companies in the Board are confronted with new SEC disclosure requirements that are on prompt public reporting a material cybersecurity incident, the enhanced oversight responsibility that comes with them. This result is a continued focus across organizations and understanding security posture, cybersecurity risks, and how to mitigate this risk effectively. This increasingly involves not only the CISO, but the entire IT organization, legal, finance, and the CEO and the full Board of Directors. This pace of malicious activity and the Board-level focus on cyber security risk is fueling a strong demand environment. Customers have often have multiple strategic priorities in cyber security and our broad portfolio enables us to align with these priorities. In Q1, the cost of money remained a constant discussion and customers' significant focus on this topic is becoming the new normal. The way it manifests itself in our business is that there's always a payment in duration discussions in final negotiations. Given our strong balance sheet, we can use a mix of strategies to navigate the environment. This includes annual billing plans, financing through PANFS, and partner financing. Whilst this does not impact our business demand or the impact to annual revenue or annual metrics, it does create variability on total billings more than before depending on financing used or the duration of contracts. I'm not concerned about the demand for cyber security, for this quarter and upcoming quarters, though my concern about our ability to execute, the billings variability is a pure consequence of the payment conversation that we're having with our customers and this is validated by the fact that we continue to see strong RPO and low churn suggesting this is a cosmetic impact to our business. We continue to see strong interest across our next-generation security portfolio, and we're making progress on our platformization journey. I'll highlight a few deals to talk about the diversity of opportunity, cross-platform buys, as well as the geographical distribution of our deals. For example, the federal government agency signed a $25 million expansion transactions including adding Cortex XDR and Prisma Access in highly competitive situations, expanding the network security footprint. This customer has now spent over $100 million for its lifetime across SASE platform. A large global SaaS provider signed an $18 million Prisma Cloud transaction to consumer modules across the portfolio. The customer is already a customer for our network security and Cortex platforms. A large education organization expanded its relationship with us in the first quarter in a $15 million transaction adding XSIAM, Prisma Cloud, and an expansion of its network security footprint. And lastly, a nation-state signed a $28 million deal that is a first-of-its-kind, standardizing on both SASE and XSIAM. This is a long sales cycle and represents our systematic approach to platformization. Storing these deals have been playing out across our large customers, as of Q1, 56% of the Global 2000 has transacted with us across Startup, Prisma, and Cortex. This continued focus on customer cyber transformation has fueled a 53% growth in NGS ARR we reported this quarter as we broke through the $3 billion milestone. Another exciting news, as of Q1, recurring revenue across Palo Alto is 83% of our total revenue from 77% a year ago. Let's turn on to updates from our three platforms that are the engine driving our success. First, in network security, we continue to drive innovation across our portfolio and see momentum as customers drive towards Zero Trust architecture. This month we unveiled PAN-OS 11.1 or Cosmos and Strata Cloud Manager, unifying the management of all of our three form factors and all security services in a single pane of glass, and also leveraging AI to analyze security policies, reduced miss configuration that predict and prevent disruptions. Customers who have invested in our platform by deploying all three form factors continue to grow rapidly, up 34%. Of our top 100 network security customers, 60% have purchased all three form factors, up from 63% a year ago. On average, these platform customers spend more than 15 times of the rest of our network security customers spend. The story is similar in SASE. Having just seen our innovations gain multiple industry recognition in SASE in the second half of our fiscal year, we've continued to invest to build on our leadership position. We're seeing strong momentum in SASE with ARR growth of approximately 60% in Q1. We also saw a 35% of our 5 million or greater network security transaction includes SASE, up from less than 10% a year ago. Today, it was the first day of our event called SASE Converge, where we unveil several enhancements. We were able to SASE to access applications with performance faster than the Internet. We added visibility and control over interconnect SaaS applications, and enable safe access to Gen-AI tools and ensure data isn't inadvertently leaked. Lastly, we added Remote Browser isolation technology for an extra layer of security. M&A has always been an important part of our strategy. Last week, we announced our intent to acquire Talon Cyber Security. We see an opportunity to expand the addressable market for SASE and solve an important customer problem. As many as 36% of workers classify themselves as independent workers, who often use unmanaged devices for work. In addition, employees increasingly use personal devices for accessing business applications. To enable access of these devices, security teams have an impossible trade-off. There are forced to either ignore security entirely in favor of flexibility and user experience or trade-off cumbersome technologies like VDI. Talon is a pioneer in the emerging enterprise browser category and when combined with Prisma SASE after closing, we will enable users to securely access business applications from any device, including mobile devices and non-corporate devices for the seamless user experience. We intend to include this capability with Prisma Access after closing and customers will be able to extend the same best-in-class security to unmanaged devices. Moving on to Prisma Cloud. We continue to see a strong endorsement of our integrated platform strategy. This traction is evident in the strong growth of our multi-module customers. We have seen particular success here with modules released over the last two and a half years. There has been a consistent pattern of seeing 100 plus customers for new modules in the first full quarter of launch and rapid growth after that, as the benefits of these new modules are broadly understood. This enthusiastic adoption has driven our strong conviction in adding key new modules, including some through acquisitions. our IaC scanning capability which came through the Bridgecrew acquisitions and CICD Security, which came through Cider are two such examples. This new module traction is helping to accelerate Prisma Cloud new business ACV in the last quarter. In Q1, we also unveiled a major new Prisma Cloud released Darwin. Darwin further differentiates our unique position across code cloud infrastructure and cloud runtime, Darwin enables a view across all elements of cloud applications including cloud services, infrastructure assets, compute workloads, API endpoints data, and code, Darwin can also help customers understand risks with deep context and overlay active attack attempts in near real-time. Our full coverage from code to cloud to enables fixes to be applied immediately versus the months most vulnerabilities stake to be passed. About two weeks ago, we announced our intention to acquire Dig Security, which will bring an award-winning Data Security posture management capability Prisma Cloud. With almost 70% of organizations having data stored in the public cloud, the sprawl of new cloud data services and the adoption of generative AI, we see an increased need to identify sensitive data, effectively manage user access, and implement robust security measures to prevent unauthorized internal and external access to this data stored in the cloud. After the close of proposed acquisition. Dig's capabilities will be integrated into Prisma Cloud platform to provide near real-time data protection from code to cloud. Moving on to Cortex, we continue to invest across our product portfolio and expand our customer count, as we see continued adoption of XDR, XSOAR, Xpanse, and XSIAM. In Q1, we had several industry recognitions of our innovation, Cortex XDR is the only product in the industry to achieve 100% protection and detection in the Round 5 MITRE evaluation. Additionally, XSOAR, Xpanse, and XSIAM are all name leaders by third-parties this quarter. We grew our Cortex active customer count by 25% to over 5,300 customers. Attraction overall in Cortex is essential, as it allows us to sell our transformational offering XSIAM. XSIAM has had a very fast start since we released the product just over a year ago. After a strong FY '23, XSIAM's first year release which included over $200 million in bookings, we followed up with a strong Q1. You saw our first expansion purchase of XSIAM, an eight-figure deal, and in Q1, our largest XSIAM customer to date was deployed with over 300,000 endpoints. We're seeing XSIAM transform customer security operations and significantly improve their security outcomes. This includes significant reductions in the meantime to detect and resolve security incidents. On the back of potential customers, hearing about early XSIAM success, our pipeline for XSIAM is over $1 billion of which $500 million was created just in this past quarter. As I began my remarks, Q1 was the first quarter of us delivering on the three-year plan we presented in August. We're driving profitable growth, investing in innovation, next-generation security, and the industry's largest dedicated security go-to-market organization, at the same time, leveraging the scale of Palo Alto Networks. Demand for cyber security is strong given the backdrop of attacks, the ever increasing focus and scrutiny around cyber risk, execution continues to be paramount given the macro conditions and we will continue to adapt and respond to changes in the environment. We will manage for long-term growth, operating margin, and free cash flow, and ensure we continue to transform the business and build revenue predictably. You will also see this through RPO and most importantly our current RPO. Our long-term forecast thesis remains intact whilst we expect short-term variability in billings, we don't expect this to have a meaningful impact on our ability to deliver our three-year targets. With that, I will turn it over Dipak.

A - Walter Pritchard:

Thank you, Dipak. To provide as broad participation as possible, please limit yourself to one question. Our first question will be from Saket Kalia with Barclays followed up by Hamza Fodderwala from Morgan Stanley, go ahead, Saket.

Nikesh Arora:

Saket, thanks for your question. I'm going to take this one because it's more about demand function. I think repetition doesn't spoil the prayer, so I will repeat. The billings difference is not a change in demand for us or not a function of our pipeline. The billings change is a consequence of negotiations with customers and the customer says, you want me to pay you for three years upfront, you got to give me a bigger discount. You want to pay me, want me to do a three-year deal, you got to go finance it in benefits. I can do that, but I can say just pay me on an annual basis, I'm okay. I'll collect my money every year. If I go in that direction my billings changes. It does not change anything in my pipeline, in my close rates or in my demand function. Those are my point. So we're just giving ourselves flexibility because this quarter we saw a lot more negotiations around those topics, we just don't want to be held hostage to those kind of negotiations where we have to go finance deals to get DCV in there. Billings is a DCV metric. DCV is important if I am concerned about churn. I have very low churn across many product categories. So I'm very happy to collect my money on an annualized basis and that's what's needed to make sure that I don't get pressure on financing, I don't get pressure on having to give larger discounts. I retain flexibility. I do a lot of TCV deals. I do a lot of financing. This allows me the flexibility. So all I want to make sure is, there is no change in the demand function in the market. There is no change in our revenue forecasts.

Walter Pritchard:

Thanks, Saket. Next up is going to be Hamza Fodderwala from Morgan Stanley. Followed by Brian Essex from JPMorgan. Hamza go ahead.

Nikesh Arora:

So, Hamza, as, you know, Saket mentioned about pipeline, we have visibility to our pipeline, so we know there is business out there. We have not seen customers walk away from deals in Q1. It's not like people don't want to do business. We've been very consistent on hardware and hardware expectations for the last 12 months. We are regaining our consistent and expectations on hardware. We don't expect any lumpy movements up or down. We expect this is going to steadily in the 0% to 5% range as we've always been talking about. So I think from that perspective, I think to use Saket's word, we feel reasonably derisked on what's out there in the future. Q1 is the first quarter, allows us, you know, we have lots of pipeline, we have visibility to. I think I want to reiterate again, we are retaining flexibility. Can I go financing? Of course, I can. Can I go finance a three-year deal through PANFS or $7 billion of cash? I can, which will have a cosmetic impact of giving you better billings. But what I don't want to do is finance bad deals. This allows me the flexibility of not having to finance them nothing changes, I still get my revenue for the year. I still get my CRPO. I still get my annual billings. I just don't get year two and year three billings, but changes my total billings forecast for the year. It's cosmetic, it's mathematics, but it's interesting to see how the street interprets it.

Walter Pritchard:

Thank you, Hamza. Next up we have Brian Essex from JPMorgan, followed by Gabriela Borges from Goldman Sachs. Brian, go ahead, please. You're muted, Brian.

Nikesh Arora:

So, Brian, thanks for the question. Look, we have not changed our point-of-view. We have always maintained that we're going to sustain M&A at a level close to a billion here. So we haven't done one for a while or two. And if you see, if you split the two, we did a cloud security one, and we've been pretty consistent in that rough range in the $150 million to $250 million range in terms of adding cloud capability as we see the market evolves, so I think that's kind of consistent, where we are. We saw a unique opportunity, as I mentioned, 36% of workers are independent workers, they don't get SASE remote access solution. We saw more and more discussion in the market, where RBI was not covering every use-case and managed devices were not, all your mobile phones don't have management for security. Last few hacks that happened to mobile devices. So from that perspective customers asking, what is my solution, and now, what we didn't want to do is to have to deploy yet another independent solution, which is just disconnected from our overall SASE capability. And like we do, we will always pay attention to the market. We figured Talon had the best tech in the space and they were just about to go race to go to the go-to-market sort of implosion or explosion with other companies. So - and from that perspective, we saw an opportunity and we think it's a great fit. Actually, it makes us the most comprehensive SASE solution. We are going to integrate them deeply into our SASE solution. Our customers will be able to use Enterprise Browser RBI or our Prisma Access client, so it's - I don't want to call it a one-off, one-off sounds it will never happen again, but I think it's just happens to be the time where we did two at the same time, other than to different platforms, two different teams are integrating them, so it's not overhead to the organization. But we're going to keep our cautious approach towards meeting what we can digest. So you shouldn't expect anything that is off the regular pattern we've sort of shown it last time.

Walter Pritchard:

Great, thank you, Brian. Next question is going to be from Gabriela Borges of Goldman Sachs, with Roger Boyd at UBS on-deck. Go ahead, Gabriela.

Nikesh Arora:

So thank you, Gabriela. Look, the firewall business is actually is a one-shot business. You sell a piece of hardware and you get paid for it. It is not a ratable business, right? The ratability comes from our subscription and services part. It's usually there we have to look at it from an NGL perspective. Our duration this quarter was on the lower-end of duration. It reduced, went down, because we took more annual billing deals or we took shorter-duration contracts with our customers. So from that perspective, I think we feel comfortable given the visibility to our pipeline for the rest of the year that we have flexibility for ourselves on billing. You know, I think we're going to keep having this debate, where you keep calling it guiding down on billings, I'm going to keep calling it flexibility, you want to keep calling it guideline downward billing, so I'll keep telling it doesn't change my numbers. So we just agree that we're going to be saying that because I don't - nothing has changed the prospects of Palo Alto of three months ago.

Walter Pritchard:

All right. Thanks for your question, Gabriela.

Walter Pritchard:

Great, thanks, Gabriela there. Next question is from Roger Boyd at UBS, followed by Brad Zelnick at Deutsche Bank. Go ahead, Roger.

Nikesh Arora:

Yes, I'm trying to make sure Lee gets to ask some questions otherwise he doesn't want to show up next time. Yes, exactly.

Walter Pritchard:

Great, thank you for the question. Next question from Brad Zelnick at Deutsche Bank, followed by Fatima Boolani of Citi. Go ahead, Brad.

Nikesh Arora:

Yes, thank you. I always get excited about the Next-Gen firewall releases of course. Look, what we announced was a new high-end chassis, so one that scales beyond a terabit per second. And so there is, obviously, this is the largest highest performance networks out there, service provider and in some cases large enterprise environments, at the same ruggedized platforms, platforms that can go to plus 50 degree Celsius, minus 40 degrees Celsius, because there are harsh environments out there that also need to be protected, right? So, this is expanding the use cases that we can support with our hardware next-gen firewalls. The other pieces you mentioned are also equally exciting from a software perspective. You know, Quantum is still likely a ways off, but there's a lot of companies that are starting to prepare for that, thinking about what happens in post-Quantum cryptography in the advent of potential computers and what that will mean, and so this is the start of a set of Quantum security capabilities that we're launching for our customers. You mentioned, advanced WildFire, we added proxy capabilities. We added ADEM capabilities, so there's a lot of innovation that's in this release. Generally in what this drives is customers to look to be on our latest Gen IV or newer hardware architectures, which over time means hardware refreshes and upgrades. And so all of that is good and helps our customers get to the most secure state.

Walter Pritchard:

Great, thank you for that. Next question is Fatima Boolani at Citibank, followed by Joel Fishbein from Truist Securities. Go ahead, Fatima.

Nikesh Arora:

It's very kind of you to remember prior answers, but I'll try to give - I tried to give a preview of that in our prepared remarks where I said we continue to see steady execution and hardware endpoint and cloud, so they're following expected trajectory. We see the pipeline and I said the excitement and upside is coming out of SASE and XSIAM. And we see that there are large SASE network transformation deals out there, which these things have anywhere from six months to 12-month closing cycles. So we would have to know what's in the pipe for the rest of the year. Do you have some sense of comfort? We also said we grew that business 60% in the first quarter on SASE. We already - we cannot gush enough about XSIAM as you know so far, so the billion-dollar pipeline, we're hoping will close in that six to nine months. Interestingly, XSIAM pipeline closes faster than SASE pipeline deals, because SASE is often very competitive. There are POCs involved. There are future comparisons between us and one or two other companies. In the case of XSIAM, you're really competing with the incumbent.

Walter Pritchard:

Great, thank you, Fatima. Next question is from Joel Fishbein at Truist, followed by Joe Gallo at Jefferies. Joel, go ahead with your question.

Nikesh Arora:

Yes, so that's interesting, Joel. Let me connect that to something we announced yesterday. So first of all, I said, the activity is at an all-time high. Every day you read about ransomware attacks, now the SEC regulations are actually not kicked in yet. I think they kick in December. But you're seeing some companies go out there and start to do sort of self-report in anticipation because they're all petrified, of course, when you get attacked. So I think you're going to see more and more disclosure and we've be trying to parse, is it more activity or more disclosure? That's a good question. I think it's more activity. We've seen more and more activity. Our team does a research. We've had the maximum number of inbounds to our Incident Response Team in the last month than we had before. So clearly, anecdotally also, it's sort of come true that this is what's happening. Now, typically, the anatomy of an attack for us from our vantage point is that when we get engaged in incident response, typically, we go and we deploy a production sort of suite, where we go in and put XDR everywhere and we'll go run a bunch of analytics to make sure we understand what happened and where there is sort of the - that access may be still be resident in a customer's infrastructure. Now, typically when you do that and we leave, they don't want us to leave with our stuff, they want us to be one step back in case the guys come back. So from that perspective, you know. The incident becomes a need unfortunately because of these act, but it because the lead for us and that creates a whole bunch of product conversation around whether we're going to deploy endpoints, whether we need to upgrade their firewalls or whether they need to go down a cybersecurity transformation. I'll tell you nine times out of 10, every one of those customers ends up in the cyber security transformation because they discover that they have a lot of stuff that they should have upgraded or changed in that process. So that's kind of what happens. Those are the products, which typically end-up those customers.

Joel Fishbein:

Thank you.

Joe Gallo:

Hi, guys, thanks for the question. You've made several acquisitions further bolstering Cloud, congrats on that 12th module. Nikesh, when do you think the platform message truly cement itself in that market as it currently feels like the Wild West and then has the pricing environment stabilized there at all?

Joel Fishbein:

Thanks.

Gray Powell:

Okay, great. Thank you very much. Yes. So maybe a broader question. It's pretty clear that the firewall space or that there's headwinds across, you know, the firewall appliance space this year, it's impacting everyone. But you're still guiding Q2 billings to about 17% growth. Your closest competitor is guiding to minus 5%. Historically, you've been fairly correlated with them. So I know you can't speak to their business, but can you talk about what's different on your side? Why you're more insulated? Is it more the NGS portfolio? Is it data center exposure? Is it share gains? Is there just anything you can kind of help us to think through those dynamics?

Gray Powell:

Okay. Thank you.

Ben Bollin:

Good afternoon, everyone. Thanks for taking the question. I wanted to piggyback Gray - Gray's question a little bit. When you look at the underlying product revenue, how much of that is physical appliance versus the software form factor? And then a follow-on would be interested in your thoughts on how the trajectory of branch firewall looks over time as customers adopt, you know, more VMs and SASE to get that scale. That's it. Thank you.

Nikesh Arora:

You can see that in the gross margins. Our gross margins continue to improve for product because software is obviously a higher gross margin product for us.

Ben Bollin:

Thank you.

Ittai Kidron:

Thanks, Walter. Dipak, can I just - not sure I got the answer for Ben's question quite right. On hardware, can you tell us exactly hardware, what percent of revenue that is? And Cisco in conjunction to you right now reported also results, and they've talked about - they've significantly took down their next quarter guidance in the view that for the last two, three quarters a lot of hardware was sold but not installed and so there'll be some digestment period in there. My question to you, when you sell firewalls, how much visibility do you have into how much of that is actually goes and sit on the shelf which is actually gets deployed in the field? And so is there a risk or is there a blind spot here, where you might not know exactly how your customers are handling hardware - firewall hardware and could that catch up somehow with our business as well.

Ittai Kidron:

Yes. But I don't have any color to interact, but you have visibility especially again installing that.

Ittai Kidron:

Thanks you.

Patrick Colville:

All right. Thank you, Walter, for squeezing me in and got a sore throat, so sound a bit like Jason Statham. So forgive me for maybe quiet, to me, the standout metric was the non-GAAP operating margin, which was 28% typically 1Q is like the low watermark for margin, but based on your guidance is actually can predicted to be the high watermark. So I guess, you know, I presume Talon and Dig are going to be dilutive. But Dipak, are there any other puts and takes that you know we should consider around operating margin?

Walter Pritchard:

All right. Thank you, Patrick, for your question. Thanks everybody for participating. And with that, I'll pass it over to Nikesh for his closing comments.

Nikesh Arora:

Thank you, Walter, and good afternoon, everyone. Thank you for spending your Friday afternoon or perhaps some part of your Friday evening with us. Our choice of Friday has definitely made us the topic de jure these past two weeks and has made for some very interesting reading of all the analyst notes. We apologize to people who are inconvenienced but as we had mentioned in our press release, we wanted to give ample time to analysts to have one-on-one calls with us over the weekend, and we have a sales conference that kicks off on Sunday. We want to make sure all of our information was disclosed out there. So again, we apologize for the unique Friday afternoon earnings call. But clearly, we have enjoyed the attention. Well, let me go and just straightaway dive into our Q4 results. We started off the year focusing on excellence and execution. We stayed true to that and delivered strong results in Q4, capping off a strong fiscal year 2023, where we met or exceeded our original top line guidance and significantly exceeded our profitability and cash flow guidance. This year indeed required clear focus across our company, and we're all proud that our team delivered throughout the year and especially in Q4. Our Q4 revenue grew 26% making our -- marking our 12th consecutive quarter of revenue growth north of 20%. Our billings grew 18% of a very strong 44% growth in Q4 a year ago, and RPO grew 30% ahead of our revenue growth. Our Q4 operating margins expanded by 760 basis points, driving $1.44 in non-GAAP earnings per share, and we achieved 39% adjusted free cash flow margins for the year. Our performance in Q4 did not come as a surprise to us. We've been investing in our next-generation security portfolio for some time now to position ourselves in the leadership position for the future of the cybersecurity market. It is this next-gen portfolio driving -- that is our growth transformation and enabling our leverage. Lee and his team will expand on this in the forward-looking part of our program. We achieved several important milestones in this quarter, especially in our software and cloud-based businesses this year. Our combined SASE, Cortex and cloud bookings were north of $1 billion in Q4. Our Cortex platform surpassed $1 billion in annual bookings last quarter, and we achieved the same milestone with SASE this quarter. We also exceeded $500 million in Prisma Cloud ARR. These product performances are all contributed to the strong growth we continue to enjoy in NGS ARR. Remember, that our NGS business is largely a capability new to us in the last five years and is primarily cloud delivered. This quarter, we added more new ARR than any other pure-play cybersecurity company. Our platformization is continuing to drive large deal momentum. One way to illustrate the traction of our next-generation security capability across network security, cloud security and SOC automation, so look at the makeup of some of our largest deals. When we deliver best-of-breed products that are also integrated into platforms, we help customers simplify their architectures, lower their cost of ownership and benefit from differentiated cross-platform capabilities. This is a win-win scenario. 8 out of our top 10 deals saw a significant contribution from our next-generation security capabilities, five were essentially next-generation security deals. Here are some examples

A - Walter Pritchard:

Thanks, Dipak. We'll take about 15 minutes now, and we'll have a few questions. [Operator Instructions] For the first question, we'll go to Matt Hedberg from RBC with Rob Owens from Piper Sandler on deck. Please go ahead, Matt.

Nikesh Arora:

I think as I said, and as Dipak elaborated, look, it's -- interest rates are higher. CFOs are scrutinizing deals, which means you have to be better prepared to answer their question and show the business value that you bring to them with your cybersecurity products. We are lucky that we have been focusing on our platform strategy. So we can usually walk in and say, here, you can consolidate the following five, it doesn't cost you anymore, but you get a better outcome and you get a modernized security infrastructure. So from that perspective, that strategy of ours is resonating. But there is more scrutiny. There are deals that go through multiple levels. There are some that get pushed. There are some that get canceled. And again, you just have to get more on the top of the funnel. And as Dipak very clearly highlighted that eventually end up and there's a conversation about saying, wait, I used to pay you upfront. And I need to understand the cost of money. And is there a way, either my cost has to be lower from you, so I can sort of account for the cost of money or you've going to allow me to pay you later. From a deferred plan perspective, those are really the two effects. And I think the biggest -- and if I summarize Q4 for us, great execution. There's a lot of demand out there, and the two things which are -- were different is

Walter Pritchard:

Thanks Matt. Next question will be from Saket Kalia of Barclays with Brad Zelnick from Deutsche Bank on deck. Go ahead, Saket.

Dipak Golechha:

Yes. So I think -- thanks for the question, Saket. I think the primary driver really is the stronger profitability, right? So that's really what underpins a lot of the cash flow confidence. We've also seen benefits of higher interest rates on the cash that we have, right? And that also helps. That's another put and take. But I would say, you're right, we've absorbed the additional headwinds from deferred payment terms. We've modeled in the cash taxes. And when you put all the different puts and takes, we feel pretty confident of where we are.

Walter Pritchard:

Sorry to skip you Rob. We're going to go back to Rob Owens at Piper Sandler and then go to Brad Zelnick at Deutsche Bank. Go ahead, Rob.

Nikesh Arora:

Rob, I'm going to give you a little macro flavor and then Dipak can jump in as well. Look, on the macro front, the part I'm really excited about that Dipak and his team have basically navigated a significant part of our business into annual billings effectively through these deferred payment plans, right? And we were able to hold our free cash flow in spite of those downward sort of pressure. And we think we're going to keep absorbing some of that as it goes. In the end, it's an economic argument. It's like there's a cost of money. I can take the money up front and let the customers get a discount, and I can go try and get a return on that cash or I can let them pay when they're ready to pay and I can extract a better economic outcome in that context. And I think it's important to understand, given our portfolio-based approach, our customers -- different products lend themselves to different discussions. On cloud, we see a lot more of the shorter duration discussions because cloud is more of a consumptive event. On XSIAM, they want longer deals. They don't want even 3-year deals. They only want 5-year deals and they want price locks. So there also is a counter effect they're worried about inflation. So if you put it all together, as Dipak said, we're very comfortable with the way we've modeled it. There's definitely levers that go in different directions. And our sort of aspiration and desire and hope is that we keep transitioning seamlessly into more and more annual billings over time while being able to hold these metrics and these outcomes for ourselves. And Dipak?

Nikesh Arora:

And don't forget, there's still a reasonable part of our business that still has to be paid upfront, which is the hardware business.

Brad Zelnick:

Thank you so much Walter. So many questions to ask, but I'm going to keep it high level. Nikesh, heading next week into sales kickoff, you're going to once again rally the troops to perform even better next year, topping a fantastic fiscal '23. What are the highest level messages that you're going to focus on to ensure that they really step up their game and can overachieve and do even better next year?

Brad Zelnick:

Awesome. Thank you.

Walter Pritchard:

Thanks, Brad. Thanks, everybody, for your questions. We will come back at the end to do more. We're now going to move to the forward-looking portion of our program and talk about our medium-term update. And with that, I'll pass it back over to Nikesh.

Lee Klarich:

Thank you, Nikesh. Now in a second, we're going to go into more detail on our three leading platforms. But first, I want to share some context. After all, we're a cybersecurity company, what's happening in the threat landscape. And I'll just give you the really obvious answer, it's bad. The threat landscape is intensifying. $8 trillion of cost due to cybercrime. Attackers are becoming very sophisticated with the tools they use, whether that's automation, attacking the supply chain, et cetera. And just the sheer volume is off the charts, growing about 20x since 2011 to over 1 billion new malicious programs. This is incredible. So clearly, that is a challenge, but it's even more challenging than that. It wasn't that long ago when it took an attacker on average about 44 days from initial compromise to exfiltration. Now 44 days is basically the time period that an organization would have to detect, disrupt and potentially prevent the breach from happening. So in 44 days goes down to hours, which is what we're now starting to see. That is a huge problem. That requires a very different approach. But on average, the industry is able to respond and remediate attacks in about six days. That doesn't work. And even more challenging now with the SEC new rules of being able to disclose within four days, none of the math adds up. Now before we get comfortable in just solving these problems, there's one more challenge coming. Attackers have recognized the power of AI, just as much as everyone else has recognized the power of AI to do good things. Whether it's fraud GPT or worm GPT or other use of AI, it is clear this is going to become the next major tool used by attackers to launch more attacks, more sophisticated attacks and faster attacks. So we have to innovate. And we recognize that, Palo Alto Networks was built for innovation from day one. And today, we have over 4,400 product, engineering and other experts that are building and driving innovation. And you see just how fast we've ramped that over the last several years. In part, by being able to scale our organization across three main R&D centers in the world. In addition to this organic innovation engine we've built, we look at about 250 private companies every year to identify the absolute best teams, the absolute best technology that could become part of Palo Alto Networks in order to further drive our innovation engine. And we combine these two together, and we will continue to combine them together to have the best innovation capability. And then we combine that with AI. We recognized really how important AI would be to our innovation. And over the last several years, we have been infusing AI into our products in very unique ways to solve very challenging problems that only AI can. And from this foundation, we're only going to do more and better. We are going to accelerate our pace of innovation even further. We are going to leverage our proven playbook around M&A to be able to augment what we do organically. And we are going to take our capabilities in AI and turn that into an AI-first company. And why I'm so confident in our ability to leverage AI is we've built the right data foundation, we've combined that with the right architecture, and we've leveraged an amazing set of expertise across all of that. We collect more data per customer than anyone else, security data, relevant data for AI. We combine that with an architecture that over the last several years, we've been migrating every product into a cloud-based architecture because we know that, that sets us up to use AI in everything we do. And today, I have a team of over 150 AI experts that I can leverage across all three of our platforms to identify and drive even more AI capabilities and innovation. That's how we do innovation. How the industry does innovation is very different. The industry tends to look at this in the context of point products. Every time there's a new need, there is a new point product. This leads to incredible complexity for end customers. Think about having to stitch all of this together. Now it does create a large security market of about $210 billion, but it means that there is an incredible opportunity for disruption. And for a disruptive and innovative approach, which is why we've taken our platform-oriented approach because we recognize that the only way to achieve the real-time security outcomes that our customers need is by integrating natively all of those capabilities into a set of very focused platforms, around Zero Trust, code to cloud and security operations. In a moment, we'll go into detail on that. But last and certainly not least point, not all platforms are created equally. I shared with you how we think about innovation because that is so fundamental to the outcomes of our platforms. In addition to that, our platforms are designed to be as comprehensive as possible. It doesn't mean we do everything, but it means that we do all of the core set of capabilities necessary such that we can then selectively integrate and enable third-party technology to complement the platforms. Everything we do is integrated. It's designed to solve hard problems through integration that cannot otherwise be solved with point products. And that combination enables our platforms to be real time and enable real-time security outcomes for our customers. So with that, let's start our first deep dive with our Zero Trust platform. It's very clear in the network security market, what's happening. The point product approach that we've been fighting for so long as a company is getting harder and harder to sustain. There's more technologies, more capabilities needed. Those capabilities are needed across a broader attack surface with the advent of hybrid cloud and hybrid work. The only way to solve this is with a platform. we're going to share that in a second. In addition, the next set of trends is going to further propel the need for platformization as passwordless becomes common, as Quantum becomes common, as BYOD becomes enabled across enterprises. In all of these, there's going to be a decision. Do you want to try to enable them across 25 and 30 different standalone point products? Or do you want to enable them in a single platform? The answer is obvious and clear. And that is why we are well positioned to take advantage of the opportunity in front of us across all of network security with our Zero Trust platform. And to go into more detail is Anand Oswal, Leader of our network security Zero Trust platform team. Anand?

Lee Klarich:

Thank you, Anand. So clearly, huge opportunity in network security Zero Trust platform. Now turn your attention to the Cloud. Cloud is just absolutely gone through an incredible transformation. Today, there's over 500 million cloud native applications deployed. There's 33 million developers that are constantly pushing new capabilities in new applications. Nearly all enterprises are multi-cloud. That is just an amazing starting point when you think about what is going on. And at the same time, there's a, tremendous amount of innovation happening, because of the cloud. And a lot of this is being driven through the ability to leverage open source. That's being combined with custom code. That's being combined with infrastructure as code. All of that just enables the speed, this dynamic nature of the cloud, and it all needs to be secured. And very much like the rest of enterprise cyber security, the industry approach has been a whole bunch of point product that customers are somehow expected to stitch together. We have a different approach. We believe that all of these capabilities should be modules natively integrated and delivered in the platform. And when we get this right, we can not only secure in real time, but we can then fix at source. So, the issue doesn't happen again. And to go into more details on how we're able to achieve that is Ankur Shah, leader of our Prisma Cloud code-to-cloud platform. Ankur?

Lee Klarich:

All right. Thank you, Ankur. Again, clearly, huge opportunity in cloud security with our unique approach and what we're driving, really excited with where we are and what we're working on. And now for our third platform, our AI-driven SecOps platform. This is a market that I believe is ready for a fundamental transformation. Most of the technologies that companies use are - or were developed 15, in some cases, 20 years ago. That clearly does not work. They were not designed for an attacker sophistication that we see today. They were not designed for real-time detection, and automation remediation. These tools were not designed for supply chain attacks. These tools were not designed for the advent of attack AI being used by our adversaries. We have to reimagine security operations from the ground up. And in doing this, leveraging data, leveraging AI, leveraging automation as core tightly integrated foundational aspects to how an entire SecOps platform functions within the SOC. And this is the journey that we've been on for the last several years. Building this platform, refining it, developing the capabilities necessary, and then refining it again until we reach the point where we are today, where we have a set of leading products and an incredible platform, delivering incredible outcomes to take advantage of this entire security operations market in front of us. And to share more details I'm joined from our Tel Aviv R&D center by Gonen Fink, who leads our entire Cortex Product Organization. Gonen?

Lee Klarich:

Awesome. Thank you Gonen going in. Clearly, an incredible opportunity in Cortex, and specifically with XSIAM as we think about the journey ahead where we are going to transform security operations in just absolutely incredible and amazing ways. And with that context across our three platforms. Let me now turn it over to BJ to share with you how we take all of this wonderful stuff to market. BJ?

Dipak Golechha:

As you heard from Nikesh about our strategy, Lee and his team on products, and BJ around go-to-market, we have the entire company pointed in the same direction. I now wanted to bring this altogether to help you understand why we are confident, that we can capitalize on our opportunity and translate it into financial result that will drive superior total shareholder return. I will go through all four of the primary drivers of TSR, including revenue growth, profitability, cash conversion, and capital structure. First, on the top line, you heard about our TAM from Nikesh, we have proven over the last five years that we target the largest and most attractive parts of the market. We've been able to capitalize on an expanding opportunity taking share from within existing markets, and positioning ourselves in new markets to drive further growth potential. Our share today stands at just 7% of our addressable market, which is lower than the share of leaders in many other markets outside of the cybersecurity industry. As we plot the course to the larger term that Nikesh outlined over the next five years, we continue to see the opportunity to gain share in our existing markets, and continue to fuel above market growth for Palo Alto Networks. Looking at this through the product lens, Lee and his team outlined our platform leadership in our three areas, and showed you the innovation plans their teams have to continue to lead our markets. From my seed at the company, innovation is our lifeblood, and we will continue to spend aggressively on R&D. We do not focus on driving leverage to the bottom line, but rather we redeploy any savings we identify to invest in additional innovation. Our customers expect us to continue innovating, and we have consistently shown a strong return from these innovation investments. This includes recognition of our innovations, such as the Gartner single vendor SASE leadership position that we mentioned today. We expect our innovation to show through, and financial outcomes in each platform and the company overall. In network security, our investments across form factors, especially software-based and cloud delivered, enable us to further our market position and sustain our growth in FWaaP billings. Our market share and our software-based VM business is approximately two times what it is in hardware. In SASE, we believe that we are the number two player in this fast growing market. In cloud security, the growth algorithm is leveraging products and go-to-market capabilities to drive credit consumption ahead of the growth rate customers are deploying public cloud. Along the way, we are confident we can increase multi module consumption, to solidify our position as the definitive code-to-cloud leader. In Cortex, we have a solid business with XDR, XSOAR and Expanse, competing an attractive individual product markets. We've seen a shrinking number of players in the XDR market, and have steadily added several 100 customers per quarter. Adding customers across Cortex is important to allow us to drive larger, more strategic deals in the future, where we can further cross sell our products, including XSIAM. XSIAM is truly game changing innovation, where we are selling outcomes, and I'm confident that momentum will beget momentum here, after a very strong launch of the product in the first year. It should be clear from BJ's presentation that we've invested in building a large dedicated go-to-market organization, and are transforming how we engage with the market. Transformation here has been a nonstop effort and has driven growth - in the number of large deals each quarter. On the back of the core tenants BJ covered, we see the opportunity to continue to drive more strategic relationships with customers that can result in eight, and even nine figure relationships. At the same time that we have seen these large deal outcomes, we've consistently improved the productivity of our core apps, as they collectively become better at selling the broader portfolio. As Nikesh mentioned, SASE has been a big success here. Additionally, we have seen standout growth from new ecosystem partners, including the cloud service providers, and global system integrators. Not only has our business transacted through these channels increased, but more importantly, so has our success leveraging these partners as influences. We have the product portfolio that makes us an attractive partner to these players, along with the scale to make the investments to support the success of these partners. Bringing this together on the top line, as Nikesh noted, we're targeting growth of 17% to 19% in revenue and billings over the next three years, which is ahead of the cybersecurity market growth rates. We see hardware as a percentage of our total revenue decreasing to approximately 10% with NGS ARR exiting fiscal year '26 above 55% of our fiscal year '26 revenue. RPO remains an important metric as it captures the full value of our customer contracts independent of payment terms, and we expect growth of 25% annually through fiscal year '26. Additionally, we see about two-thirds of our revenue in fiscal year '26, driven by current RPO entering the year highlighting the increase in predictability of our revenue profile. Now moving to the cost side, and first with gross margin. As I hope Lee and BJ have impressed on upon you, we have significant advantages inherent in building and delivering platforms. There are characteristics of our platform business model that benefit gross margins. A higher software mix in our network security business, helps contribute to a higher gross margin, something we saw in fiscal year '23. On the cloud delivered side, most notably in SASE, and Cortex, we've aligned with public service, providers to enable us to instantly leverage their scale, and delivery capability as well as take advantage of their ongoing innovations and efficiencies. As we grow, we see improvements in our unit economics. Lastly, in customer support, with multiple scale products in each of our platforms and common customer support needs, we see leverage within our platforms and across the company. Above and beyond these platform benefits, as we talked about earlier in fiscal year '23, we accelerated some efficiency initiatives that contributed to higher gross margins. We also saw a normalization of the supply chain during fiscal year '23. Starting in in '23, we have increased our investments around generative AI to leverage this technology in customer support for efficiency, and better medium term customer outcomes. While we see these platform leverage, and efficiency opportunities in gross margins, we also leave room to invest in new cloud-based offerings, which generally have subscale gross margins in their initial phases. For this reason, we expect to relatively steady gross margin in fiscal year '26 as compared to fiscal year '23. Moving on to operating expenses. We see similar benefits from being a platform company across our major functional areas. At the top of this list is the sales productivity improvements already discussed. It's important to reinforce my point around the platform benefits in R&D. We choose to redeploy those resources to ensure we are leaning into innovation instead of driving overall financial leverage in R&D. Our fiscal year '23 focus on accelerated efficiency did yield benefits in terms of leverage and OpEx, and we expect to continue many of these initiatives. One to highlight is the consolidation of sales specialists. Similar to customer support, we also have generative AI initiatives to both improve outcomes across sales and marketing and our G&A functions that we expect will contribute to efficiency in fiscal year '24 and beyond. Translating this to operating margins, while some may see a 500 basis point improvement in one year as a milestone achievement from our 2021 Analyst Day, we simply see - this as a new beginning as we see many opportunities to drive this higher. We look for non-GAAP operating margins in the range of 28% to 29% in fiscal year '26, with a long-term opportunity for those to be in the low to mid-30s as we further scale our platforms, and gain confidence in the power of AI, and other business transformations. We're also committed to growing non-GAAP EPS on a compounded rate greater than 20% from fiscal year '23 to '26. Moving on to cash flow. We call that in fiscal year '21, we guided to 33% free cash flow margins. In front of that guidance, we spent considerable effort looking at our entire business end-to-end from the point of view of cash flow, and understanding all the drivers. We have now had two years' operating in this manner. We're confident we can sustain our high cash conversion, focusing on areas such as best-in-class working capital management, and low CapEx, business models. Our top line growth and underlying improvement in operating margin form the foundation of our strong cash generation. There are other factors impacting cash flow, that I want to highlight, and that we have already included in our forward-looking guidance. First, with a rising cost of money, we have seen more customers asking for deferred payments over the last three years, but especially in the last 12 months. As we previously talked about. Also, our rising GAAP profitability and some changes in U.S. tax law, we see rising tax - cash taxes. This has all been included in our forward-looking guidance. I want it to double click on the impact of deferred payments for a moment. We've already seen this have a significant effect on our cash flow. In the second half of fiscal year '20, along with the pandemic, we launched Palo Alto Networks Financial Services, or PANFS, to ease customers' challenges with short-term cash flow issues. As I mentioned, with a rising cost of money in the last year, we have seen this trend broaden. PANFS and deferred payments allow us to drive success partnering with our customers on long-term transformation of their security architectures while working with their cash flow constraints. The amount of bookings with deferred payments was up 4x in the fourth quarter as compared to three years ago. This impacted our reported cash flow in the last three years, yet we have maintained our strong cash generation. As we look to the next three years, we expect this impact to continue, and have accounted for this in our medium term targets. A byproduct of - the rise in deferred payments is greater predictability of our cash flow over time. For example, we now expect about a $1 billion in cash flow from deals entered into in prior years, where payments will now come in fiscal year '24. This $1 billion is twice what it was in contribution to our fiscal year '23 cash flow when we entered the year. Summarizing cash flow, I'm confident we can maintain a baseline of 37% free cash flow margins over the next three years after accounting for the factors I noted. This and the revenue growth targets, I covered should keep us on the aspirational path to Rule of 60 economics in our business. This combination of top line and cash generation puts us in a rare peer group, and allows us the flexibility to navigate the changing environment. Finally, I'll cover the capital structure as the last tenant in TSR. With all the opportunities ahead of us, organic investment in our business to drive growth will remain our number one priority. We have ample cash generation to make these investments. From here, we have three capital allocation priorities. As we've done previously, we will continue to balance these. Our first capital allocation priority is our M&A strategy. We have successfully acquired companies that are early leaders in adjacent, and emerging cybersecurity markets. Many times, these are markets in which, we've had an early organic effort, but we see external innovation that can significantly accelerate our time to market. We target companies - that have achieved product market fit, with teams that can accelerate their innovation inside Palo Alto Networks. Revenue is not a focus for us, but we do ensure that we have a solid plan to accelerate, the trajectory of our business. We've used $2.5 billion in cash over the last five years, pursuing the strategy successfully. Secondly, we manage a capital structure that gives us flexibility. For example, we use our balance sheet as a competitive advantage with PANFS, and deferred payments. We repaid our 2023 convertible debt in July, and have a have another convert coming due in about two years, which we also plan to settle for cash. Beyond enabling reasonable flexibility in our capital structure, we are also focused on minimizing dilution and reducing our organic stock-based compensation expense as a percent of revenue, by at least 300 basis points over the next three years. Lastly, we will use share buybacks opportunistically, something that you have seen from us over the last five years, as we have repurchased nearly $4 billion cumulatively. In concluding my section on bringing it altogether, I wanted to bring together the financial targets I've covered. As Nikesh mentioned at the outset, we're focused on an evergreen innovation led approach that will continue to fuel our transformation into a software, and AI driven cybersecurity company. I am more excited than ever about our growth prospects over the next several years and our plans to continue to do this profitably, benefiting from our platform business model. I hope my excitement comes through today, and you can clearly see that drives our confidence in these targets from the various presentation. With that, we'll now transition to taking your questions. And I will hand the call back to Walter to manage this. Walter?

Unidentified Analyst:

Hi. Apologies. Can you guys hear me? Hi [indiscernible] dialing in for Hamza. Thank you guys so much for taking my question today and really congrats on the great quarter. You did mention that, you know, AI is a very large opportunity for the company going forward. And I know that you broke down, some of the gross margins as well as, potential operating margins impact, but could you just, let us know how we should think about the company's investment for AI going forward? Are there any upfront CapEx, or margin that that we should consider a little bit more. Thank you so much.

Walter Pritchard:

Thank you. Next we're going go to Andrew Nowinski from Wells Fargo with Brian Essex from JPMorgan after that. Go ahead, Andrew.

Nikesh Arora:

It's important to understand. We didn't say it will drop 10% of revenue. Everything else is growing really fast. I think it's important to understand, like, it's not growing as fast as everything else. Look, for the last five years, I've always been asked that hardware question. I've been trying to avoid it for five years unsuccessfully. So thanks again, Andrew, only took one question to get to it. I think it's important to understand, as we started moving to the cloud, people started coming to notion of software firewalls. And then with this whole pandemic thing, remote work, and sort of distributed network became a real thing. So what you're seeing is, that there are different form factors, which are really good in different circumstances. Against the public cloud, you put a software firewall, you use VMs in various scenarios, when throughput becomes really important hardware is still the best option. And I don't think the whole world is going to end up only in the public cloud. By the way, we also sell firewalls to the cloud provider believe it or not, they need firewalls in their data centers, because eventually the public cloud also runs in our data center. So, I think in that context, the demand for hardware is not going to go away. I think what Anand showed you beautifully that you're going to end up with all the form factors at most of our customers. And the key is these things need to work better together. I think if you go today, there are many customers who have a Palo Alto firewall and a firewall from another vendor. Now if we can give them SASE, we can give them software firewalls. There is no reason that they should be on two hardware vendors when they are a single software vendor, and a single SASE vendor. So, I think the point we want to highlight here is, there is a further consolidation opportunity in the firewall space driven by the Zero Trust needs as well as the UI that Anand gave you a sneak peek into. So, I think that's the way to think about it. We like hardware. It's great.

Walter Pritchard:

Great. Thanks, Andy. Next question is from Brian Essex at JPMorgan followed by - Jonathan Ho at William Blair. Go ahead, Brian.

Nikesh Arora:

We have 5,500 dialed in, Brian. That makes up, like, the last six earnings calls we've had. So I don't know maybe there's bear here.

Nikesh Arora:

Yes. Let me tell you. I think that we've all heard of this concept called hallucination or the idea that it doesn't give you the perfect answer all the time, right.

Nikesh Arora:

And I'd say we are working really hard to see how do, we reduce the error rate in the answers that the copilot comes up with, because in security, we can't afford wrong answers. So, I think our teams are working really hard. What we've discovered in the process, is that irrespective of which LLM you deploy, you need better knowledge articles, you need better integration of the UI. So our teams are busy doing a lot of non-regrettable work. And you saw them give you some sort of glimpses into what the art of the possible could be. I would say sometime before the end of the year, we will start testing it with a bunch of customers to get real feedback from customers, I think the best way to think about it is, like, the examples you saw, it's like security is complicated. UI and security is also complicated. If you don't know where to look, sometimes it's right there. You just don't know where to look. If you can ask that question, and give you the answer that improves the productivity of all of our customers. It, improves the configuration capability of all of our customers. It improves our ability to provide real time customer support to our customer setting. There's lots of advantages if done, right? And I say it's always like, people often, overestimate the short-term and underestimate the long-term. That's why we give you a three-year forecast. I think it may, we may get the three-month or six-month wrong, or we'll not get the three or five-year wrong. Three to five years from now, the world will be different. UI will be 50% natural language. We'll be generating tons of efficiency from people using AI driven tools. I think that's the opportunity. And you don't get there if you don't work hard now.

Walter Pritchard:

Thanks, Brian. Next is Jonathan Ho from William Blair. And after that, we're going to have Gabriela Borges from Goldman Sachs. Go ahead, Jonathan.

Nikesh Arora:

So, Jonathan, I think, you saw, I think Dipak, Lee, myself, all of us have made this point, so did BJ around the fact that without innovation, we're out we're out of the game. We launched 74 different capabilities last year. And so, we'll probably do more next year than 74. But I think what's interesting, what you're seeing is these 74, many of these are existing point products in the industry, which we're re-launching by adapting them to our platforms. And the reason it's going to work this time, Jonathan, because it's working. Well, one of the deals we talked about, the SASE deal with a large professional services organization, we consolidated seven vendors, right? Our XSIAM deals, which totaled $200 million consolidate on average three to seven vendors in the SOC. So it's working. Now the question is, I'm already in the SOC. I've consolidated seven. I go to my customers running to them and saying, listen. You got these other five things hanging around. Look, I've got these five new modules in XSIAM. Why do you want to do five new vendors, and solutions which don't talk to each other, right? So I think what we have in opportunities, once it's kind of like, I think you like to call it land and expand. I think we're landing with our platforms. We used to land with SASE. We used to land with firewalls. Now we're going to say, listen. You have a hardware file. You have our SASE it looks beautiful UI. It brings it altogether when you clean up the rest of the infrastructure. I think it's an evolution in the industry. I think, five years ago as an idea, we're seeing it actually happen. You're seeing us put distance between ourselves and single product vendors in many categories, because people are seeing the power of the platform. That's just the opportunity. And that's something BJ, Lee, Dipak, me and the gang have to execute on, and it's just relentless execution that's needed.

Walter Pritchard:

Great. Thank you, Jonathan. Next, we're going to go to Gabriela Borges from Goldman Sachs. And after that, Roger Boyd from UBS. Go ahead, Gabriela, with your question.

BJ Jenkins:

Good question. Look, I think all of this starts with what Lee ended with is, we get to sell I think the best products in the industry, and we deliver better customer outcomes. We have three primary consolidation motions. One has been around, network security services on the firewall, but also in the SASE. And actually, we have within that now, we've landed customers with SASE, and are going back, and getting the network firewall business. So our core reps, tend to focus on that. They are - the account owner - and represent the whole portfolio. The second motion is, we talked about, code-to-cloud, and we usually land with workload protect or posture management, and then branch out into other modules off of that to either shift left or get a complete platform for the customer on cloud security. With Cortex, we have three outstanding solutions that we land with. We either win with XDR, for customer focused on automation. XSOAR is a great starting place for us, attack surface management with Expanse. And, many of our first wins with XSIAM have been leveraging that installed base, to deliver a full SOC transformation. Again, on the surprising side, though, many of our XSIAM wins, we also didn't have an installed base in Cortex and the customer jumped completely in. We have specialists in those areas in both code-to-cloud and in Cortex. And so, the core team works with those specialists, to run those consolidation plays also.

Roger Boyd:

Great. Thanks for the question. And a happy Friday. Nikesh, you mentioned you're now extending the Cortex to the core sales force. I'm wondering how you think about the repeatability of the success you've seen with SASE? I think you mentioned last quarter, 80% pipeline contribution from the core reps within a year of selling that product. But if I think about SASE versus Cortex, and SASE may be benefiting by being a little closer to the core network operation function that's buying firewalls, how do you think about that as a challenge with the core upselling Cortex? Any thoughts there would be great? Thanks.

Walter Pritchard:

Great. Thank you, Roger. Next question from Patrick Colville at Scotiabank followed by Michael Turits at KeyBanc. Go ahead, Patrick. Patrick, are you on? All right. We're going to go to Michael Turits at KeyBanc and will be followed by Tal Liani at Bank of America. Go ahead, Michael.

Dipak Golechha:

So I think, obviously, we've got the technical side of Watson products. There's VMs, there's SD-WAN. There's all of those different things that are in there. I think a lot of it will depend on like what customers want in terms of their network security architecture. We believe that the software side of the product continues to grow faster. We've been talking about that a lot. I think last quarter, we talked about, how 30% of product revenue was software. But honestly, we're not guiding to product anymore. And I think, the reason for that is, because it's not as relevant, right…?

Dipak Golechha:

1970, yes.

Michael Turits:

Just in case, Dipak, you weren't thinking about our workload, we do appreciate not having to rebuild the model tonight. Thanks, Nikesh.

Michael Turits:

I got on my T-shirt and this as close as I'm going to get.

Walter Pritchard:

All right. Thanks, Michael, for your question. We're actually going to go back to Patrick Colville, who I understand is now connected from Scotiabank, and then we'll go to Tal Liani from Bank of America. Patrick, go ahead.

Nikesh Arora:

Let me start with the second question first. If you don't think we've transformed the company in the last five years, I don't know, man. I don't know what else to do to make you happy, okay? I'm sorry. It's Friday night, I'm going home. So I think we've been doing transformative for the last five years, and what we've shown you is transformative in itself. And I'm just, in part, just - I don't - look, you don't need me to buy businesses for you. You guys, you're shareholders, you're smart, you can do it yourself. Unless there's a huge leverage that we can prove that something we can take 1 plus 1 and make that two, possibly 2.5 for you guys, it's not sensible for us to do it. And so far, we looked at everything in the world. We look at everything every day. We see what - how things operate. So far, we haven't felt compelled because we have a lot of work to do ourselves. I mean if we've been busy integrating a transformative acquisition, we'll miss the next 5 trends because we're busy. So that's how we think about it. It gives you some insight on how we think about it. As it relates to tuck-in acquisitions, I think the better way to see if it goes back to what I said. Look, there are technologies out there that other people are working on. But we are not the only security company in the world. We're not working on everything. And if something becomes relevant, something becomes an important feature that we think is needed by our customers, and we haven't been working on it, it behooves us to go out and partner or acquire, which is what I said. So should you expect us to maintain a rhythm around how we acquire companies? Yes. But you should understand, we have a five-year track record of doing that responsibility, doing it judiciously, doing it in a way that we integrate the acquisition, doing it in a way that would generate more ARR. And pretty much most of the ones we bought in the last five years have really not contributed on day 1 to the ARR or revenue because they've been mostly tech acquisitions. So I think that's the way to think about it, if that helps.

Tal Liani:

I want to ask about the synergy between the various components of next-generation security. When you talk about Prisma Cloud and Prisma Access and Cortex and even firewalls, talk about the synergy to a customer. Are these the same customers that they have benefits of buying multiple solutions from you? Or are you addressing conceptually different customers with different products and kind of addressing the entire market?

BJ Jenkins:

I'd just add one thing. For many of the large deals that you saw in the presentation, it's not just looked at as a solution acquisition cost. We put together for that customer not only the solution acquisition costs and the better security outcome you get, we talk about their operating costs, how they have to train their people, how many people do they need to operate these solutions in the environment and the savings they get. So that when they go to justify an 8-figure deal with their CFO, they're talking about reducing capital and operating costs with better security outcomes. And I think Lee hit on this in his earlier answer. There hasn't been a company that's really been able to do that before in this industry. And when you combine those two, I think it's what's helped us in a tough economic environment to continue to close larger and larger deals with those customers.

Joe Gallo:

And great results, and I appreciate the long-term framework. Just wanted to drill into the visibility into fiscal '24 guidance. You guys just stood up 18% billings growth, which is incredible on a 44% comp. I imagine that had some backlog benefit, though. Now you're guiding to an acceleration in billings next year relative to 4Q which, as an opening guide, we would presume to be conservative. So what underpins the confidence in that, especially as you have hardware and duration headwinds?

Walter Pritchard:

All right. Our last question from Adam Borg at Stifel. Go ahead, Adam.

BJ Jenkins:

Yes. I think to Nikesh's credit, even before I came on board, there was a large investment in our federal team. And the knowledge that with many of the federal directives, the budget being put in, and obviously, some of the geopolitical events, it was an opportunity for the company. And so we're seeing the benefits of many of those forward investments, and we're going to continue to invest there. There's obviously large-scale projects that are occurring. We had one last year that we announced was our largest deal of the year. There - those take a long time to mature. And we're involved in many of them. So I feel like we have a great opportunity going forward in that space. There are specific ones obviously out there that we're looking to -- we've got some first orders and then gain momentum with them, and I think we'll be talking more about that in the coming quarters.

Nikesh Arora:

Thank you, Walter. I just want to take the opportunity one more time to thank all of you. I know this was a unique one. Will you be telling your future mentees that you're going to mentor in the analyst community, maybe talking about that one Friday afternoon call which Palo Alto hosted out of their sort of misdirected sense of trying to get you guys to go do this over the weekend for us. So, we really appreciate taking the time. We apologize for taking up some of your Friday. We will be available tomorrow and day after for some of you who've been kind enough to schedule time to talk to us because we want to make sure you get all your questions answered. It would be remiss of me not to both acknowledge and thank our employees, which is what makes all of this happen, and all of our partners out there who help us deliver this capability. And of course, I also want to thank my entire management team for delivering a really, really good FY '23 and what has been a yet another sort of different year. And I don't think I've had a normal year in the last five years between the pandemic and supply chain and inflation and money and this. So I look forward to possibly a normal year next year. And again, once again, thank you very, very much for all your support and your indulgence.

Nikesh Arora:

Thank you for joining us. Thank you, Walter. Good afternoon, everyone, and thank you for joining us today for our earnings call. As you can see, once again our teams have delivered a balanced quarter between our top and bottom-line performance in the current macroeconomic environment. In Q3, our billings grew 26% year-over-year and revenue grew 24%, while RPO grew ahead of these at 35%. Our Q3 non-GAAP operating income and our trailing 12-month adjusted free cash flow, both grew about 60% year-over-year, while we achieved our fourth consecutive quarter of profitability on a GAAP basis. Let's talk about the macroenvironment. The overall macro trends of cautious spending, deal scrutiny, and cost and value consciousness persist. Moreover, the behavior continues to be more widespread across a larger swath of our customers. Against this backdrop, we have been staying ahead with rigorous execution. We've increased our own deal scrutiny, gotten ahead of the challenges, and continue to sharpen our business value focus while demonstrating superior security outcomes to our customers. From a technology trend perspective, there is no significant change. The teams we have seen around cloud adoption, automation, and hybrid work continue with minor variations. Network transformations, albeit with long cycles continue to be undertaken because they offer cost-savings and are part of the modernization stack for most customers as they go down their cloud and network transformation journeys. This in turn continues to drive a sustained demand for SASE and hardware and software firewalls. As we have shared before, the theme of consolidating around platforms continues to come up and we are well-positioned to offer solutions in this regard. Needless to say, in the last three months, ChatGPT and Generative AI have revived the interest in AI as a technology. As we have always maintained, AI is a data problem and security is a data problem and has an interesting -- AI has an interesting role to play in security, both for its ability to help deliver superior security outcomes in near real-time and unfortunately the potential threat associated with AI being used to generate attacks. We have and continue to work on these problems, we should talk more about this today. On the other hand, we continue to see limiting -- limited underlying growth in hardware in the industry whilst the supply chain crisis and its effects are all but over, there is a shift that the crisis created. We have seen a higher appetite for software-based solutions and networking and higher appetite for cloud delivered form factors. This is particularly salient to the current CapEx-constrained environment. On the adversary front, there seems to be no impending recession and threats, increased cloud activity and connectivity continues to drive the threat environment. This is best illustrated by recent findings in the seventh installment of our Unit 42 Cloud Threat Report. It still takes the average security team approximately six days to resolve a security alert. In contrast, it only takes a threat actor a few hours to exploit a newly discovered vulnerability. While over 7,000 malicious versions of open-source software packages were circulated in 2022, less than a quarter of those packages are sourced properly to ensure a clean software version is incorporated into a typical customer's code base. Regulatory interest continues to rise and is prevalent across multiple governments. There's sustained activity around incremental regulatory mandates and executive orders to create awareness around cybersecurity. This is true not only at the government level but also as company's Board of Directors are bringing additional oversight and drive an alignment of accountability for cybersecurity. This requires incremental organizational focus and investment by our customers. On the macro front, customers anticipate that global growth may slow. Some are grappling with rising capital costs and are watching their bottom lines more closely. This means looking for efficiencies in their business. Within cyber security, complex architectures, and long vendor rosters have come into focus, and many customers see this as an opportunity to simplify and drive consolidation. Five years ago, when I highlighted the need for platform architectures and consolidation, the idea was met with some resistance. But over the last few years, our industry-leading solutions three-platform approach has continued to take hold and has allowed us to provide a much-needed option for simplicity, a modern stack, and better security outcome for our customers. I mentioned earlier that our customers are engaging in more scrutiny of deals and value resulting in robust discussions internally and with us. We continue to work hard to stay ahead of deal cycles engaging the CFO and procurement departments. The cost of money continues to become a topic of conversation as customers enter into larger and longer-term relationships with us, some also seek more flexible business terms. A strong balance sheet allows us to accommodate customers, while we maximize our medium-term cash flow. Let's turn to efficiency and operations. As we started this fiscal year, we pivoted our efforts and focused our efforts in doing more with less. Our teams responded effectively. Coupled with the waning of the supply chain crisis, we have been able to adapt our operating model significantly. Dipak will get into specifics, but it's suffice is to say, we have found a new rhythm, and at our scale we believe we can continue to drive better margins for our business. We have achieved this through selective hiring in our customer-facing teams as well as streamlining our go-to-market efforts in addition to hiring for key innovation areas, which we expect to continue to do. These efforts are self-evident in our higher Q3 operating margins and our increased operating and free cash flow margin guidance for the year. We continue to see platformization in cybersecurity. I talked about consolidation earlier. A key part of our thesis at Palo Alto Networks has always been to drive superior cybersecurity outcomes for our customers. Due to that, we need a robust portfolio that works both individually and cohesively to reduce the burden on our customers who have to stitch together disparate cybersecurity products. We've had to navigate this fine line with our customers. We continue to see the benefits of this approach and think we are in a multi-year trend. We have the opportunity to do the security what we have seen done in financial software, HR software, or CRM where customers have adapted to platforms due to the inherently superior benefits from data integrity, integration, seamlessness, and outcome orientation. As they say, the proof is in the pudding. You can see our success here driving larger platform transactions. Across the board, the size of the transactions we are signing is increasing. This is evidenced by booking from transactions valued at over $1 million, $5 million, and $10 million in third quarter, which are up by year-over-year by 29%, 62%, and 136% respectively. We see a similar trend in cohorts of our customers. For example, when we look at the average lifetime value for our 200 largest customers, we've seen steady growth of 30% plus over the last three years. When we look at purchases of our platforms amongst the Global 2000, we see now that 53% of our customers have bought a product in all three platforms of Strata, Prisma, and Cortex, up from 48% a year ago and 33% three years ago. We see this as a continuing trend. It convinces us that the opportunity to impact outcomes for our customers is large if we can get this right. We see the paths to continued success with large customers and multiproduct expansion around installed base. I'll now update you on our three platforms starting with network security. We are the comprehensive Zero Trust Network Security Company. This quarter, we were proud to be named a new leader in Gartner's most recent Security Service Edge Magic Quadrant. This recognition is apt as our teams have been delivering significant innovation and seeing stronger customer adoption in SASE for years. This in addition to our leadership position in SD-WAN, makes us the only SASE vendor in the industry to be named a leader in the Gartner SSE and SD-WAN Magic Quadrants. Add to that, our leadership position in network firewalls and our number one market share position in virtual firewalls, we are the only vendor with clear leadership across Zero Trust Network Security. This leadership across our network security category is a testament to our ability to drive significant innovation in new markets while maintaining our leadership in core markets and offering this innovation as part of our cohesive platforms. Let's talk about SASE. SASE remains one of the fastest-growing markets within all of cybersecurity. Our ARR is growing over 50%. At scale, we have surpassed 4,200 customers in Q3. Our success has spread across all three major geographies, as highlighted by large deals in each of these territories in Q3. Let me tell you about three of these notable wins. First, a global beverage company with US headquarters signed a transaction north of $30 million, which includes $24 million of SASE for a complete SASE transformation that included Prisma Access, Prisma SD-WAN, and our ADEM, or Autonomous Digital Experience Management for tens of thousands of employees. Second, a Japan-based technology company signed an eight-figure transaction to modernize its network and its network security after an extensive POC. Before standardizing on our SASE, the customer replaced its legacy firewalls and other network security capabilities, and standardized on our next-generation firewalls, driving a full Zero Trust Network Strategy. Finally, a European technology company signed a high seven-figure SASE deal that was part of an overall transaction to Palo Alto Networks of once again, nearly $30 million in total value the customer bought from us because of our multiple network security form factors. In the broader transaction, we added capabilities such as IoT and fully adopted our core network security subscriptions. You all might remember at the beginning of this fiscal year, as part of our scaling efforts we combined our SASE sales organization into our core sales organization. Drive us here with that we saw SASE demand going mainstream and we saw encouraging signs that our core sellers could sell the more complex SASE offering. After three-quarters of executing as a combined organization, we're delighted to report that over 80% of our core reps participate in the creation of Prisma SASE pipelines as we enter Q4. Q3 was a strong quarter of innovation, highlighted by our AI-powered SASE launch. This flagship releasing capabilities to enable organizations to automate their increasingly complex IT and network operation center functions with AIOps. They need to improve monitoring for Networks and Apps in the branch office and significantly improves integration with IoT Security. Moving over to our firewall business. Broader than SASE, the future of network security is clear to us. It is centered around software. And while we have led and expect to continue to lead the hardware appliance market for many years, software and cloud deliver form factors have been an increasing focus since I joined as CEO. There are multiple reasons why the shift to software is accelerating. In the changing microenvironment, customers are more challenged in their CapEx budgets, which often fund appliance purchases. As a result, their interest in software and cloud-deliver form factors remain high. This is especially true when tied to strategic initiatives around cloud adoption. Illustrating this, we saw a significant uptick in customer requests to evaluate our virtual firewall offerings at the beginning of the pandemic. Customer interest in VM-Series is also sparked by supply chain challenges where we saw evaluation sustain. We continue to see primarily net new demand for software and cloud deliver form factors, however, we are seeing more appliance replacements and planning for this trend to continue and possibly accelerate. Beyond the strength, I already covered in SASE, we saw VM-Series deals over $1 million more than double in Q3, including an eight-figure deal we signed with a government agency where they moved from a primarily appliance-centric model to VM-Series as they fully leveraged public cloud as their primary infrastructure. This year so far, our VM-Series bookings are up more than 40% year-over-year and it grew over 55% in Q3. Most investors have equated our product revenue with hardware. However, given the drivers I have mentioned here, this has been rapidly shifting. Software now contributes 30% of our product revenue. This is up from about 10% three years ago. We expect this trend to continue and as Dipak would remind you, bookings from our VM-Series and SASE transactions are recognized as revenue, more over time than on appliance booking. Given the conversation about AI, as I mentioned, there is a renaissance in artificial intelligence driven by significant advances in large language models. The development of more powerful and efficient computing with the broad availability of large volumes of training data. As a result, we have all seen some of the fastest innovation cycles and launches of unique applications over the last several months. At Palo Alto Networks, we have been focused on this technology for many years and our efforts have been accelerating over the last two years. We first introduced machine-learning capabilities as part of our WildFire Offerings seven years ago. In the ensuing years, we added AI and machine learning capabilities across our network security portfolio and has been a critical driver of our innovation and differentiation of the market. In 2020, we introduced the industry's first machine learning-powered next-generation firewall, where machine learning detection move in line to prevent zero-day attacks. Since then, we have overall nearly all of our security subscriptions with advanced AI capabilities. DNS Security, Advanced URL filtering, Advanced Threat Prevention, and Advanced WildFire, all harness machine learning for in-line detection and prevention of zero-day attacks. This means even new attacks that have never been seen before are blocked at the very first attempt used by an attacker. Additionally, we applied AI to IoT Security to discover identify and secure IoT devices and most recently it was expanded to cover both medical IoT and OT security needs. We had a signature release in SASE that included AI-powered autonomous digital experience management in addition to leveraging the AI IFRSD-RAN as well as AI-powered phishing prevention. In short, we have really been accelerating the application of AI to our network security stack and it's one of the most matured application of AI in the security industry today. We are not only ahead in investments in AI and machine learning as a differentiator in our products, but these investments have driven tangible customer benefits. In a typical day, we analyze nearly 750 million, yes, 750 million new unique telemetry objects worldwide. This includes files, URLs, domains, DNS connections, and other signals. Our AI models analyze this data and every day we see 1.5 million new attacks that have never been seen before. We take these new insights and add them to all [Technical Difficulty] already know about, and we use them to block 8.6 billion attacks across our customer base daily. This forms the foundation of how we do better security across our network security platforms and this is how we continue to get better and better at detecting zero-day attacks and being in a position to actually to prevent those attacks as well. Moving on to Prisma Cloud, our early data in Prisma Cloud continues to strengthen. Most of our competitors continue to provide only point products, while customer demand continues to shift towards the platform approach. Within this connecting the left side to the right side, otherwise known as core to cloud is becoming paramount. As an example of our platform success, we continue to see strong usage of our cloud security posture management, and cloud workload protection offerings. Customers are increasingly standardizing on these foundational modules with 49% of Prisma Cloud customers using both CSP, MNC, and WP. This quarter Gartner noted that in 2022 only 25% of enterprises buy these capabilities from a common vendor. They expect this will increase to 60% of enterprises by 2025. At the same time, we continue to stay ahead of the industry's need for new capabilities, but just core to our commitment to the platform. We are on track to launch our 11th module as we innovate cybersecurity. We're also focused on driving industry certification in Prisma Cloud and just last quarter we were accepted by the Joint Advisory Board and reached ready status for FedRAMP high, a first for our cloud security platform. This comes in addition to other certifications we have achieved including recently announced Prisma Access achieving Impact Level 5 or IL5 Provision Authorization. IL5 is the highest unclassified authorization level for DoD agencies under the FedRAMP process. We continue to see steady growth in consumption of Prisma Cloud credits, which were up 44% year-over-year in Q3. Our platform is key to the steady growth. We continue to see customers increase their consumption as they deploy workloads and strategically leverage the public cloud at the core of their IT and business strategy. This includes migrating workloads to the hyperscale clouds, building new applications in the clouds, and leveraging new cloud services. They're also deploying new Prisma Cloud modules of which we currently have ten. The number of customers using two or more Prisma Cloud modules grew 37% year-over-year, while the number is in four or more modules almost doubled. We now have one in five of our Prisma Cloud customers using our cloud code module across our capabilities, infrastructure is good, SCA or Software Composition Analysis, and sequence management as they leverage the more efficient approach to detect and remediate security issues as core decision for cloud applications before it reaches production. Now moving on to Cortex. This has been a net-new business for Palo Alto Networks, a business which was born in the belief that we need to bring next-generation innovation to the SOC and all the related activities. Just like we have brought firewall business three years ago. We're delighted to announce that Cortex achieves a $1 billion booking milestone in the last 12 months. Cortex was born in 2019 and since then we have focused intensively on ensuring we have industry-leading capabilities across endpoints, SOC automation, and tax surface management. In the last four years, we have risen to a leading player in automation, application of AI, attack surface management continue to climb the charts of the XDR industry as one of the most technically capable solutions. We are particularly proud of the fact that XDR has consistently led in security efficacy, XDR delivered 100% prevention, and 100% detection across 19 evaluation steps conducted by MITRE and has had the highest quality deductions of any product in the latest round of evaluations. On the back of our hardware driving these capabilities we have built Cortex Business to over $1 billion in bookings over last 12 months. As I mentioned, it's up from $150 million in annual bookings when we launched Cortex as the business in 2019. As we look forward, these three core capabilities in Cortex, our precursors to leading the next-generation autonomous security operations center, which pulls this all together, it was launched publicly a few months ago called XSIAM. Our next-generation SOC platform XSIAM built totally on AI is on track to be our fastest-growing new offering. XSIAM represents another significant opportunity within Cortex, as we fulfill our vision around autonomous security operations like network security over a decade ago, security operations have evolved slowly. XSIAM is now paving the way for us to drive AI-driven security transformation outcomes. After our GA launch in late Q1, our design partner has made significant commercial commitments to XSIAM. We followed that up in Q2 by broadening our go-to-market and achieving early success with $30 million in bookings. This quarter, the established momentum for XSIAM, with quarterly bookings more than doubling sequentially as we signed our first eight-figure deal and transactions across all three of our major geographic theaters with this product. We remain optimistic about the prospects of XSIAM for the product at the center of customers' security operation center of transformation. We're seeing XSIAM give us access to a broader swath of our customers' budgets based on what we have achieved this quarter and what we see in the pipeline, we are confident we can achieve our goal of $100 million in bookings faster than we originally anticipated. This will make it one of the fastest-growing security platforms from Palo Alto Networks. Not only does XSIAM bring together the core capabilities of Cortex it also brings AI-driven outcomes to customers. This heads a new approach to security, an outcome-based approach. The inspiration came to us from our own SOC where we were woefully slow in our own meantime remediate five years ago. IMTTR wasn't days, which in today's adversarial environment is unacceptable. With that insight in mind, we were able to collect billions of events, and then using AI, it is down to just over 100 alerts from a handful of incidents from here, continuing to use AI and automation we are able to investigate and respond while detecting incidents in a matter of seconds and responded to high priority ones in under a minute. This is one of the most compelling outcome stories in security. So far in the early customers that are farthest along on the journey with us, we are seeing the benefits accrue in a similar way. We processed over 3.5 petabytes of data a day, across the customer state of XDR and XSIAM. From here, we apply approximately 1,000 AI models to detect the attacks. We then leveraged smart scoring in this automation to accelerate the investigation response. We are seeing early indications that customers are able to see the reductions meantime to respond from days or weeks down to hours or minutes just like we did. Stepping back, we are fortunate to be focused on the part of technology market that is more resilient. Our customers depend on their partnership with us to address challenges that are only becoming more sophisticated. The market is tough and definitely more challenging than when we started the year. I am proud that our team has executed through this environment. Our strategy focused on having industry-leading capabilities helping customers simplify their architectures, and consolidating vendors is working. Given our diverse portfolio of products, some of our products are growing faster in any given quarter and others are moderating. Combined you see this portfolio benefit in the topline results we reported today. We also see significant opportunity as we begin to embed generative AI into our products and workflows. There are three ways that are concerted investment in generative AI will benefit us. First, generative AI will help us improve our core under-the-hood detection and prevention efficacy by further advancing the state-of-the-art AI and ML in our products that I spoke of today. Second, to manifest itself and how our customers engage with our products. We will leverage our large cyber-secured dataset and telemetry to provide a more intuitive and natural language-driven experience within our products, which will improve NPS and drive efficiency benefits for our customers. And finally, as our employees leverage generative AI, it will drive significant efficiency in our own processes and operations across the enterprise. We intend to deploy proprietary Palo Alto Networks security LLM in the coming year and are actively pursuing multiple efforts to realize these three outcomes. Our portfolio approach company's oral scale and focus on efficiency have enabled us to drive significant leverage. We are well ahead of schedule here and we're not done. As we continue to execute our plans, we see additional opportunities for efficiency. With our visibility into incremental leverage, we continue to see the operating profitability levels in our fiscal year 2023 guidance as a baseline to build upon. With that, I will turn the call over to Dipak to discuss the details of Q3 and our guidance.

A - Walter Pritchard:

Thank you, Dipak. To allow for broad participation, I would ask that each person ask only one question. Our first question will come from Saket Kalia of Barclays with Hamza Fodderwala from Morgan Stanley on deck. Saket, you're muted. All right. Why don't we go to Hamza?

Walter Pritchard:

Go ahead.

Nikesh Arora:

Yeah. Look, I’ll preface that as Dipak highlighted, the supply chain crisis is all but over and there were some adverse impacts to gross margins driven by hardware. I think the product mix is in our favor. As we go from hardware to software our gross margins are way better than software than they generally are on hardware given the software firewalls are much, much more profitable for us. Coupled with that, I think what Dipak really has been driving for the last year as we flipped into the new macroeconomic environment has been a real focus on resource utilization, ROI as well as making sure we are focused our hiring only on stuff where it's important. He also talked about streamlining the sales force. If you remember, Saket, we have the conversation around making sure our SASE team has integrated with our core, which saved us hundreds of heads in terms of efficiency as well as driving more outcome and output from a SASE perspective. So generally, those have been some of the key drivers but, Dipak, did you want to add something?

Nikesh Arora:

And I think to your question in terms of where this goes, as Dipak said, this is a new baseline. We think there is continued opportunity from here and we haven't even factored in the potential impact of generative AI. As you've been hearing all the conversation in the industry, we're still working on it, we're understanding it, we're really looking at processes, but we believe there is a there, there. We think there will be an opportunity in the future to get more efficiency from generative AI as we go ahead and implement some of the capabilities through our organization. So I think there is upside both in the continued efforts of what Dipak has been driving for the last nine months and there is the sort of the icing on the top is the potential application of generative AI as we continue to grow business over the next few years.

Dipak Golechha:

Thanks, Saket.

Hamza Fodderwala:

Hey, guys. Good evening. I hope you can hear me okay? Maybe a question for Nikesh and Lee Klarich if he is around. Nikesh, on AI you've clearly been thinking about this a lot based on what I can tell from your twitter. But we were at RSA last month, and while there's lot of opportunity around AI there seem to be a lot of risks around data security, around sort of the data that these models are trained on. So I'm curious as you have the AI-based conversations with your customers, how are you getting them comfortable around that to really leverage the full capabilities of AI to automate their SOCs?

Lee Klarich:

Yes, of course. It's very early in the large language model adoptions that we're seeing. And as you point out, there are a number of risks associated with them, particularly in enterprise use cases. We've already seen some examples where data has fed into large language models without the understanding of how the data will be used and the data has been publicly -- made public available even though it was confidential. So it's very clear that there is sensitivity there. There's also sensitivity from a security perspective of things like prompt injection attacks, data poisoning and things like that, that have to be taken into account. The -- and so I think what we'll see is the enterprise use cases of LLMs will evolve a little bit more -- actually, I should say, need to evolve a little bit more methodically and carefully to take the security challenges into account. At the same time though, it's also important to recognize that they offer tremendous promise, as Nikesh mentioned earlier in terms of being able to help guide product adoption, product usage to help enhance security capabilities and to drive greater efficiencies across the business.

Hamza Fodderwala:

Thank you.

Brian Essex:

Yeah. Hey, good afternoon, and thank you for taking the question. And to follow up on Saket’s comments, nice progression in operating margin here, and it's good to see cash flow margin guidance go up as well. If I could tick down -- if you could maybe peel back a couple of layers on that, core drivers of that cash flow margin improvement, how sustainable it is, we noticed that CapEx looks like it's a little bit lower than you previously guided to. So just wondering, as we kind of look at that as a foundational metric to lean on for valuation, how sustainable is that? As we kind of forecast operating margins going forward, should that I guess, gap between operating margins and cash flow margins remain relatively consistent going forward?

Brian Essex:

Great. Thank you.

Brad Zelnick:

Great. Thanks so much for the question and nice job, both to Nikesh, Dipak and the entire team. Nikesh, my question is about M&A, which I feel like typically comes later in the call, but like it feel like it's such a great opportunity right now. What's the hurdle to doing a large deal and can you remind us how you think about transformative M&A? And just related to that, your competitors naturally knock you on having grown through required innovation. Just to set the record straight, can you talk about how much of a priority and a focus it is to have a deeply integrated product?

Brad Zelnick:

You're doing a great job, keep it up. Thank you, Nikesh.

Andrew Nowinski:

Okay. Thank you. And congrats on a great quarter. So nearly every single vendor and nearly every single reseller we talked to says they're seeing an elongation of sales cycles, yet you seem to defy those headwinds with massive growth in large deals and customer spending $5 million and $10 million with you. I guess would you view this as an important inflection point as it relates to sort of consolidation in that if you can drive large deals in this macro constrained environment, you could potentially see an acceleration of those consolidation trends when the macro improves?

Andrew Nowinski:

I certainly hope so.

Andrew Nowinski:

Thanks, Nikesh. Keep up the good work.

Matt Hedberg:

Thanks, Walter. Mike, congrats again team, outstanding results. I guess, Nikesh or Lee, on the success you've seen this far with XSIAM, you noted you essentially have full access to SIM budgets right now. I'm curious with some of the large deals you're seeing, are these generally replacing legacy SIM vendors? Or are you actually generating new TAM that didn't exist previously?

Lee Klarich:

Yeah. Look, nearly -- so XSIAM replacing the SIM is also replacing other tools in the SOC as well. The -- there's three core elements to how this is happening. The first is around data. As you saw, 3.5 petabytes a day is being ingested and analyzed. Data is the key to driving good AI and XSIAM is specifically designed to be able to ingest large amounts of data across different data sources into an AI data lake. Second is how we drive AI-based analytics on that data, be able to detect attacks in real-time. This is something that the traditional SIM industry was just not well designed to be able to do. That is driving the meantime the detection that you're seeing. And then three is the integration of automation natively into XSIAM that allows us to drive the meantime remediation down from what in the past used to be, in many cases, days, down to hours and even minutes. And so in all of the XSIAM deployments we're seeing, it's amazing how quickly we are seeing the outcomes that we saw in our own SOC when we deployed an operationalized XSIAM.

Matt Hedberg:

Certainly seems that way. Thanks.

Gabriela Borges:

Good afternoon. Thank you. Either for Lee or Nikesh. I wanted to ask about your cloud security strategy in Prisma, specifically with respect to how you think about the right balance of incentives that you give customers upfront to catalyze adoption? And then also how you think about the balance of top-down growth versus product-led growth given that DevSecOps, DevOps some of those tools seem to be driven by product line growth as well? Thank you.

Lee Klarich:

So one of the challenges that we've set out to address with Prisma Cloud was this fundamental challenge in enterprise cybersecurity sort of the proliferation of point products. Every time there's a new security need, there's a new product and then customers become the system integrator of all deterrent point solutions. And they spend more time trying to be the system integrator than they are actually getting the value from the products. And so with Prisma Cloud, we've taken the unique approach of building a platform where we can deliver many different capabilities pre-integrated from the same location. Now at the same time, we did that on the technical side, we also approached it from a sort of the adoption side and, I'll call it, the procurement side of having a single Prisma Cloud credit system that makes it really easy for customers to buy a level of capacity and then simply use it to adopt as much of the platform as they need and when they need. And so we've -- it's allowed us to focus more of our attention in terms of how we engage with customers and how the product works on in product adoption, guided adoption of additional capabilities and enabling them to easily use more and more the services as they need them as opposed to having to go back and turn every module into a new transaction with a customer. And as you saw from what Nikesh showed, the new credit usage year-over-year going up about 44% year-over-year, but then also the number of customers there are two or more or three or more or four or more modules in the case of four more almost doubling year-over-year shows how well that is working.

Adam Tindle:

Okay. Thanks. Good afternoon. I want to start by just acknowledging the progression in operating margin is really impressive and commitment to that being a baseline is a really important point. If I'm thinking about tomorrow, some of the distracting questions that might come up would be around product revenue. I think you grew 10% year-over-year in Q3, and you had previously guided the fiscal year to 10%. But if I saw in the slides correctly, I think you're now raising that to 15% to 16%. So what's driving that increase in product revenue and the acceleration in Q4 despite the cautionary comments? And anything we can think about in terms of puts and takes to product revenue as we think about fiscal '24, so we don't get ahead of ourselves? Thanks.

Dipak Golechha:

No, for raining area. The only other thing that I would maybe just add to that is simply the supply chain dynamics that Nikesh talked about in his remarks, I mean that does have some factors, but we really have been able to -- with a world-class team get ahead of the supply chain reality. And so that may explain some of the variability you're seeing.

Gregg Moskowitz:

Thank you. Can you hear me?

Gregg Moskowitz:

All right. I have a follow-up for Lee or Nikesh on generate AI. So your comments on LLM were helpful, but do you think gen AI will tilt the scales in favor of Palo Alto and perhaps some other security vendors over time? Or is it ultimately more likely to cause an even faster game of cat and mouse between the vendors and the attackers, how do you see this playing out?

Gregg Moskowitz:

It does. Thanks, Nikesh.

Shaul Eyal:

Good afternoon. Congrats, team. Nikesh, I want to go back, actually, I know Brad was asking about M&A. I want to ask about the competitive landscape, but specifically with a focus maybe on the CNAPP front. So my question is, how do you think about it? Any change? Do you think that the product right now, as it stands, is comprehensive or anything you might be thinking of maybe augmenting specifically on the CNAPP front? Thank you for that.

Shaul Eyal:

Thank you.

Nikesh Arora:

Well, thank you very much again, everybody, for joining us. We look forward to seeing many of you at the upcoming investor events. I also want to once again take an opportunity to thank all of our employees who worked very hard in a very dedicated fashion, as you all know, to help us achieve the results. Not only that, a big thank you to all of our partners and our customers around the world. Have a wonderful day. Thank you.

Nikesh Arora:

Thank you, Clay. Good afternoon, and thank you, everyone, for joining us today for our earnings call. I'm pleased to report that we had another strong quarter with the balance of top line growth, significant expansion and non-GAAP operating margin and strong free cash flow. Billings and revenue each grew 26% year-over-year. Our RPO grew 39% as we continue to sign large multiyear deals with our customers. We also delivered an acceleration in our operating leverage in Q2 as we focused on driving profitable growth. Our non-GAAP operating income grew 55% year-over-year, supported by a non-GAAP operating margin, which exceeded 22% for the quarter, up over 440 basis points year-over-year. This translated to another quarter of profitability on a GAAP basis. We have now been GAAP profitable on a cumulative basis over the last four quarters. In addition, our strong free cash flow generation this quarter also puts us on track to outperform prior guidance. I know many of you are wondering about the macro environment, so I want to start with an update there. There's clearly a tougher macro emerging out there as the Fed continues on its crusade to tame inflation. The changing macro is clearly making business leaders more cautious. Some of our customers are seeing signs of a slight slowdown while others are less impacted. I, however, feel that we're not done yet. And while not expecting shocks, I do think we will see more cautious activity over the next few quarters. Clearly, caution is abundant, driving more scrutiny, making customers demand more value from their partners. We've seen some projects get delayed or descoped, non-canceled while most continue on track. We've always maintained that we expect cybersecurity to be resilient, and we continue to see evidence of that. On the large deal front, this behavior is definitely widespread. For us, this has meant we need to get ahead of this and work closely with our CIO and CSO partners. Not just that, it's creating more conversations around payment terms, discounts and scope of deal with purchasing teams, something we've been working with our customers on as well. I'm delighted that based on our field teams getting ahead of this problem, earlier this quarter, we did not see any major deals slip from the quarter. Our deal cadence quality was consistent with the same quarter last year. On an equally positive note, this environment drives the need for consolidation, not just to generate clear security outcomes, but also to reduce the security vendor sprawl that has been prevalent in our customers' infrastructure and the need for a long-term security strategy based on total cost of ownership and value. We feel fortunate that with our portfolio, we are best positioned to deliver this to our customers. Within our own business, two things have happened. One, we have become more focused on efficiency from early this year. For example, our headcount growth this year is likely to be lower than any of the last three years. At the same time, we do not anticipate slowing down the pace of our development or business outcomes. Dipak and his team have been rigorously inspecting our cost structures across our portfolio to ensure we are set up to deliver consistent gross margins in all areas. This has been one of the major drivers of our improved operating margin and we hope to continue to improve as we scale. Secondly, as anticipated, supply chain challenges and product have abated significantly versus six months ago. While this is evident in our product gross margins and our overall profitability, there are some lingering impacts, which we expect to further abate through the end of this year. Let's also take a moment to discuss hardware growth. Over the last 12 months, a lot of factors have impacted hardware growth, including supply constraints, uneven demand, given supply chain impacts and backlog. Additionally, we have noticed our customers continue to be more focused on their cloud, network and security operations and transformations and are willing to sweat their hardware assets longer. Underlying all this, we still believe that the industry hardware growth rate is in the low to mid-single digits. As all these extraneous factors mitigated over the next few months, we will see the long-term growth gravitate back to those levels. So what does this mean for the second half of this year and beyond? Somewhat counter to the market, we're raising guidance both on top-line metrics, metrics and profitability. Of course, this requires the current demand to sustain, and for us to maintain a continued focus on execution. We have a unique opportunity in this environment to strengthen our position in the market. Hence, we are investing with an eye towards disciplined growth and positioning ourselves to the partner of choice for customers looking to consolidate. You'll hear more about this from Dipak, but we are raising billings and next-generation security our guidance on the back strength in our software-based and cloud-delivered capabilities. In our hardware pipeline, we're seeing specific transactions that are on track for Q4, which has caused us to shift some forecasted revenue from Q3 to Q4 while maintaining our annual guidance. With all I have said about efficiency in better operations and the impact, we're now guiding to 21.5% to 22% operating margin for fiscal year 2023. Additionally, we're also increasing our cash flow guidance. Consolidation continues to be a key theme with our customers. Of course, customers are not willing to compromise on quality and cybersecurity. Given our market leadership in 13 categories, we are fortunate to be engaged in many such conversations. Those conversations are driving business, and many customers are on a long-term transformation path with us. The number of deals we closed over $1 million grew nearly 20% year-over-year, and the value of these transactions grew nearly 60%. Similarly, the number of greater-than-$5-million deals grew 84% and a number of greater-than-$10-million deals grew over 140%. We saw deal values in these cohorts grow significantly. This continued momentum is critical to us being able to drive platform consolidation. Time and again, we see early millionaire customers become an onboarding ramp to help us drive more cybersecurity value to our customers. Almost all of our $10 million deals involve multiple platforms on an underlying transformation that is driving vendor consolidation. Let's take a look at some of the ways we are driving consolidation. First, with Zero Trust transformations, we're helping customers standardize their appliance and software firewalls with a broad line of security subscriptions. A life sciences customer signed an eight-figure deal to standardize their operations using our next-generation firewalls, VMs and security subscriptions. In other cases, we're helping customers adopt SASE and software firewalls, and consolidate their security stack across our consistent set of offerings, driven by hybrid work and securing SaaS apps. A financial service firm recently signed an eight figure deal with us, because they wanted to transform their network and reduce both operational challenges and cost of ownership. They chose us over pure play SASE competitors, because of the breadth of our offering in our comprehensive Zero Trust network. Secondly, trial cloud transformations. We're using our Prisma Cloud and Prisma Access capabilities to help customers adopt hyperscale cloud and Software as a Service. Another financial services firm with a mandate to run over 90% of the apps in the cloud signed a high eight-figure deal to standardize in both Prisma Access and Prisma Cloud. Lastly, in SOC transformations, we're using our Cortex platform with XSIAM to help customers transform their security operations center and retool around high-fidelity data sources, AI and automation. A retail company started a relationship with us around Unit 42 incident response with an Expanse trial and small XDR deployment. They expanded the relationship with a high seven-figure deal to standardize on XDR and XSOAR. These strategic customer relationships and transformations would not have been possible without us building a new security industry paradigm, a paradigm around constant innovation. Our success is driven by investments in innovation and is increasingly clear to us that, there is a flywheel at play here. This starts with R&D investment, where we have the largest budget of all dedicated cybersecurity companies approximately $1 billion in non-GAAP spending on a trailing four-quarter basis. This is two to five times as much as our pure-play peers. Our scale also allows us to spread this budget across a larger revenue base and the shared needs of our three platforms. R&D investments then translate into a record number of product releases. Our first half major release is number 35, up 59% from the first half of last year. Some of the key releases in the first half included our flagship PAN-OS 11.0 Nova, our third advanced subscription, Advanced Wildfire, our new AI-based SOC platform XSIAM and new modules and updates in Prisma Cloud. This constant innovation is causing industry analysts to take notice. We recently received recognition for leadership in the cloud-native application protection platform category, or CNAPP, bringing our total number of active leadership recognitions to 13, which compares to nine a year ago. All these leadership positions have helped us grow our NGS ARR at 63%. We still believe there is a large untapped TAM for many of these services given the robust adoption of advanced software services that we have launched, which are all cloud delivered and us being in the early part of the SASE cloud life cycle, we feel confident in our future ability to drive NGS ARR. Let's take a deeper look at some of the highlights. I'll start with my personal favorite, our network security business. We launched our first SASE capability, Prisma Access, at the end of fiscal year 2019. In the first year, we booked less than $100 million in business. Over the last six quarters, we booked about $1 billion, with our largest deal last quarter being a TCV deal for $40 million for SASE. We now have over 4,000 customers and are growing ARR approximately 50%. In Q2, we saw a healthy number of large competitive wins in SASE, and SASE has one of our strongest pipelines looking 12 months out. Beyond the top line traction, we're also seeing improving economics in the business. Two years ago, we showed you how the five-year revenue from a SASE customer compares to an appliance customer. At that time, SASE was about two times higher. Since then, we've added additional value to SASE. We launched autonomous digital experience management in FY 2022, followed by AIOps and SaaS security posture management this year. AI has the power to transform SASE. Our integrated security services are now all powered by AI to detect and prevent even zero-day attacks. And we'll soon be introducing additional AI-driven capability to transform the user experience and using the platform. We now expect our five-year revenue from a SASE customer to be more than 2.5 times that of an appliance customer. We've also seen some improvements in our SASE gross margins over this period, as we have scaled to become more efficient. If you go to the other side of our network security portfolio, our software firewall business is going strong. This includes the broadest deployment options for customers, including VM-Series and CM series, which can run in their data centers or be purchased in the cloud marketplaces and the first-to-market integrated cloud next-generation firewall offerings for hyperscale clouds. We have the highest market share of any company in this market. We believe it's more than three times of our any closest competitor. The current macro environment is causing more customers to watch their CapEx budget. This shift, along with the fact that customers are transforming the data centers moving to the cloud, is leading more of them to adopt software firewalls. In Q2, the number of deals over $1 million for our software firewall was nearly doubled, and six of our top eight deals in Q2 included software firewalls in our offering. Moving onto our cloud security business. We continue to make steady progress with Prisma Cloud. Platform enhancements are important to our growth. We released the new API risk profiling capability to enhance our web application security module. This capability helps security teams assess their API stack surface, attack surface quickly based on more than 200 risk factors, including misconfigurations, exposure to sensitive data and access privileges. This helps teams prioritize the most significant risk and take preventive measures to address them. We also continue to shift left and focus on securing workloads as they are developed, solving our customers' application security channels. To that end, we closed the acquisition of Cider, and have brought their team under common leadership with our cloud code security team to help bring Cider's CICD security capability to our platform. After releasing Cloud Core Security a year-ago, over 15% of our customer base has adopted these capabilities. Our cloud core security customers in Q2 grew 30% over Q1. Our new secret management module launched in December scans code repos used by developers for hard-coded secrets like passwords and API keys to make sure this information is not exposed and used as a vector of attack. We continue to see these new capabilities and enhancements drive an increase in customer module adoption. For example, our customers with two or more modules grew over 40%, and customers with four or more modules more than doubled. Credit consumption of Prisma Cloud increased 48% year-over-year. This growth is being driven by new customer additions, customers increasing their cloud footprints and customers consuming additional modules. While there has been discussion on moderation and cloud consumption in the market, we believe the relatively early stage of cloud security adoption has and will continue to shelter us from this headwind. Before I move on to Cortex and talk about continuing signs of optimism I see in that category, I feel compelled to take a detour towards AI. Clearly, AI has been on everyone's mind given the continued conversation in the tech industry. Most of you know the story of arrival with the Palo Alto Networks. I talked about fragmentation and the need for a solution there, which we have talked a lot about. I also talked about automation and AI. We counted, I used the word AI more time than my first six months in Palo Alto Networks than platform or consolidation. The challenges you all know is that AI has been a data problem and continues to be so. Unlike consumer AI, where we can talk about Sonnets and ChatGPT's creative capabilities and the revolution that is going to drive in search or advertising, its ability to summarize data and continue to amuse and inform us, the demands from AI and enterprise are far more exacting and so are the returns. An enterprise AI needs to be clean. It has to have comprehensive data. And in security, especially it needs to be real time. So not only do you need to have the best data to create great security outcomes, you also need to be positioned in line to block threats. Let me make a case why with petabytes of data from trillions of events, billions of sessions, hundreds of millions of URLs and tens of millions of flies flowing -- files, not flies -- flowing through our product across cloud, network and endpoints daily, we are best positioned to deliver security outcomes using AI machine learning. Palo Alto Network's next-generation firewalls broke through the firewall industry in the early days because of our ability to then deliver next-generation security. These services were driven by expansive data collection capabilities, EAL, or enhanced application logs. We have since applied that capability across our entire network security stack. We estimate that this network secure data is just under half the valuable security data that is needed for any AI-driven outcome. We have over 60,000 customers where we can help them use this data. As we conceived with Cortex, we built XDR to ensure we collected the best endpoint data across the industry. We acquired and deployed the largest security automation footprint at XSOAR, but we're not stopping there. We then acquired and integrated Expanse, which looked at vulnerability data from a different and unique perspective. These formed the fundamental building blocks for XSIAM. With our leadership position in automation, analytics and attack surface management, again, we're driving an AI-based SoC transformation. With our 4,500 Cortex customers, we're able to bring what we believe is the next largest set of security data that is useful for AI. We applied the same thought and rigor as we built Prisma Cloud, integrating data from all hyperscalers, integrating shift-left data from developers. Slowly and steadily, the Prisma Cloud integration is being built on a stronger foundation of security data. Cloud is becoming an increasingly important contributor to AI, and our 2,000 customers will benefit from it. We have delivered unique AI-based outcomes, including blocking unknown yet malicious websites, command and control domain and files at scale. Also, we have shown in our own security operations center that we can reduce the mean time to detection to seconds and the meantime to respond to minutes. These are all outcomes that cannot be achieved without the data we have and the AI/machine learning expertise we apply. Let's take a look into how we believe this has made us more excited and encouraged us around XSIAM. In Q2, as part of the Cortex and XSIAM platform, we released important new capabilities, including SaaS-enabled XSOAR, delivering a cloud-based interface and Expanse active attack surface management allowing our customers to remediate issues discovered using XSIAM. We launched XSIAM and GA at the end of Q1. So far, we've closed approximately $30 million in business and have a growing pipeline of customers that are looking to transform security operations of the new platform. I think XSIAM is going to pave the way for us to drive AI-driven security transformation outcomes. We will continue to work hard with our early customers to drive evolution and success in XSIAM. I'm extremely positive, perhaps, and cautiously optimistic about XSIAM. Its early relevance, product market fit, and with the concurrent discussion on AI, it makes me hopeful that this could be the fastest ramp of any security product. We see our first milestone to getting to $100 million in bookings faster than Cortex SASE or Prisma Cloud in our portfolio. Before I turn the floor to Dipak, I want to put all this together and talk about where we're focused as we enter the second half of our fiscal year and beyond. We see a clear road map ahead of us. We intend to put our head down and execute. Right now, we're in the process of transforming our business to software-based and cloud delivery offerings. Our revenue, which is increasingly driven by our next-generation security capabilities, is becoming more recurring in nature, and we have an opportunity to own a greater share of our customers' cybersecurity budget. This should allow us to sustain high revenue growth for longer. Over the last couple of years, we set in motion a plan to expand our operating margin, including driving scale in our faster-growing businesses. Over the last six months, we've listened to investors who have encouraged us to focus on profitable growth and accelerate incremental leverage in our business, and we made good progress in Q2. We're now well positioned for the second half of the year. We are appreciably raising our margin target for FY 2023 up 200 basis points from our prior guidance and 250 basis points from our initial FY 2023 guidance. We believe we can continue to build on this into fiscal year 2024 and beyond, putting us three years ahead of our profitability targets we offered at our last Analyst Day in September 2021. As Dipak will describe, we believe the combination of sustaining higher top line growth and focus on efficiency sets up well to build on this base of higher profitability and grow EPS ahead of revenue. I want to emphasize that achieving GAAP profitability is an important milestone for our company. In support of this, we're actively focused on managing our stock-based compensation to continue bringing this down as a percent of our revenue. With that, I'll turn the floor over to Dipak to take you through our details of our results and guidance, and then we'll take questions.

A - Clay Bilby:

Great. Thank you, Dipak. [Operator Instructions] The first question will be from Brian Essex of JPMorgan with Hamza Fodderwala to follow. Brian, you may ask your question.

Nikesh Arora:

Hey, thanks for the question. Look, the SASE market, I think traditionally was a market which was focused on Internet access. Customers use that as a proxy-based way to onboard Internet access and was fine. I think the pandemic really flipped the switch, coupled with the whole cloud transformations that are going on, our customers, especially larger customers, want to create a first -- first-class citizen of any user who's not sitting in the office or in the campus, and they want to get to Zero Trust. So, I think the confluence of Zero Trust, the confluence of the cloud transformation, the confluence to apply a full security stack opened the door for full SASE deployment to network transformations, couple that with the fact that people are trying to get away from large wide- network-type network architectures, SD-WAN type network. So, I think, our confidence on all of these things created a real spurt in the SASE market. We have 60-plus thousand customers who use our firewalls. Now, we're showing them a path to migrate from a firewall-based, campus-based, data center-based architecture to a Zero Trust architecture, which spans hardware, software, and any kind of remote access and campus solutions. So, I think that's what's driving that for us. And whilst your guys -- you're impatient, your brains move faster than our ability to execute sometimes, it's only been three years. And I think I could challenge anybody out in the market. Anybody -- everybody read the same Gartner Magic Quadrant on SASE. I want to see how many vendors can claim that the last six quarters, they sold $1 billion SASE, and who just did a $40 million deal in SASE last quarter. So, I think that's our execution, our ability to work with existing customers, our constantly listening to customers evolving our product is allowing us to get here. It's a competitive market, but I think we're down to two, two and a half vendors in this market who we see at every customer now.

Hamza Fodderwala:

Hey good afternoon. Thank you for taking my question. Maybe for Nikesh and Lee Klarich. Just curious around the early customer conversations around AI as customers look to automate their security operations. And to what extent is that aiding the conversation towards consolidation for Palo Alto Networks?

Clay Bilby :

All right. Our next question from Fatima Boolani of Citigroup with Brad Zelnick like to follow. Go ahead.

Nikesh Arora :

Good.

Nikesh Arora :

It means we are doing a good job of managing our cash flow margins and making sure our customers are happy. And this very rarely do I get to make both shareholders and customers happy at the same time. So it's one of those moments. Look, on a more serious note, yes, you're right. We are having those conversations. And I'd say, Dipak and his team doing a phenomenal job in making sure that our sales teams are supportive when the customer is talking about payment terms, annual billing plans or specifically using PANFS. So I'm going to pass over to Dipak and explain how he's walking the tightrope and making sure that we're doing this effectively with our customers. I will say, we're blessed because, as Dipak highlighted, we have $6.2 billion of cash on our balance sheet. So we have the capacity to be able to do this for our customers. But Dipak?

Clay Bilby:

All right. Great. Our next question is from Brad Zelnick of Deutsche Bank, followed by Tal Liani. Go ahead, Brad.

Nikesh Arora:

Oh, my God, Brad. You're reminding me of the meeting we had 4.5 years ago in my office. Go on.

Nikesh Arora:

So, Brad, I think it's important to understand, that we have a very large installed base. We have 62,000 customers who deploy Palo Alto firewalls. And let's just say, in my 4.5 years at Palo Alto, I don't know any customer has decommissioned us yet. So, I think that the solution of the hardware is not being deployed or not being used is not true. So there is hardware and [indiscernible] customers. Even though somebody may not be buying hardware, a lot of our subscription growth, our ELA growth, is driven by the fact that people have hardware, which they are extending the software capabilities on and buying more software capabilities from us. So it's not just that a salesperson shows up only to sell hardware, they actually show up to deploy more security capabilities on the software front. And couple that in the case of SASE, if you look at our large pipeline, it's clearly driven by a customer of Palo Alto, who is a firewall customer, or a potential SASE customer who's saying, listen, I know your security services, I know your Zero Trust policies, I want to be able to expand into it and deploy a full end-to-end SASE solution or a Zero Trust solution for you. So, I guess I'm trying to say is that, our success in software is not hardware-dependent. All I'm highlighting is that I believe that the market was very confused last year with supply chain. You couldn't get chips. There were orders being made. Customers are getting jittery, saying, I have capacities, I might need more hardware. So a whole bunch of conflation of effects that happened hardware. I have constantly maintained that hardware grows. The industry grows at low to mid-single digits. You noticed that perhaps a slight downtick in my expectations, and that's probably fair. You're perceptive. But I don't think it changes the overall outcome for us as a company. I do worry about people who are purely hardware-focused, who don't have the ability to position a solution which includes software. I'll give you an example. A large retailer comes to us and say, I'd like to deploy a SASE solution across my entire retail base. I'd like to upgrade. I want to do AR, VR for my store. I want to go get more bandwidth in there. Technically, there are multiple ways to solve the problem. What you do is sell firewalls and say, hey, put a bigger firewall in your store. And I can deliver SASE because I have security capability. I can say, put an SD-WAN box in there, go deploy a lot of bandwidth in there, and do a software-based SASE implementation. A, it's going to be much easier to replace software in there, upgrade software. I take care of that for you. B, it's more secure because you have the most latest upgraded software available right away. Three, it's scalable, you can improve your bandwidth requirement and security requirements over time. And; D, for me, it's great because it's 2.5 times more valuable for me to have you deploy SASE than put a box, which I'd have to keep sending a truck every year to try and upgrade this offer.

Nikesh Arora:

Thanks Brad.

Tal Liani:

…I wanted to show you my arc, I made it.

Tal Liani:

I wanted to ask you about the difference between revenue growth, billing and deferred revenue. You increased the guidance for deferred and billings that are very, very strong. We see less of an increase in revenue. What are the dynamics going forward?

Dipak Golechha:

Yeah. Look, Tal, I think at the end of the day, like we are an enterprise company. And as you see in our guidance, like we have a large Q4 guidance with a lot of customers sweating assets, as Nikesh mentioned in our -- in his script. I think, we're just trying to reflect that in our latest forecast, which is what drives the guidance. And so if you have people sweating assets, we don't know exactly what will fall in which quarter, and that's what drives the revenue.

Dipak Golechha:

Certainly on SASE, that is the most…

Clay Bilby:

All right. Great . Thanks. Our next question from Keith Bachman of BMO, followed by Patrick Colville. Go ahead, Keith.

Nikesh Arora:

So Keith, that's a great question. And I'm hesitating on my own analogy, which I was going to give you, but I don't think we should print that. It's clear, it's just -- I don't want to put a word against our Cortex business. First and foremost, look, I've always maintained that the opportunity in the security market arises when there's an inflection point. And I think the endpoint industry went through an inflection point a few years ago when we saw the emergence of EDR and XDR players. And you saw that, I'd say, perhaps the normalization of pure endpoint antivirus-type players in the market. And what's happened is if you look at the evolution, we've gone from a few endpoint players to many, and you're beginning to see convergence again down to two or three people. And I'd say that we are one of the three growing XDR vendors where customers are choosing us. We have one of the best POC outcomes across the entire market vis-à-vis other players. So I'd say today, if you're looking for an XDR outcome, there's possibly two or three vendors always in the fray are beginning to see ourselves to. That was not the case three years ago. That was not the case two years ago. So we're happy with our position, I think, one. Two, XDR is a pipeline business because it's pretty consistent to your point about pricing, the deal sizes are pretty consistent, and they're sort of in a range and you got to have a lot of deals to your pipeline and get some conversion going from them. Cloud and SASE can be big. I still have $40 million cloud deal, $40 million SASE deal. I don't have $40 million XDR deals. They're all in the same swim lane, and you can substitute one for the other. And we see consistent growth. Now where I think our secret sauce is kicking in and should kick in is XSIAM only works with XDR. And what's interesting is we've seen very early, we've had 15 customers of XSIAM in the last 12 weeks, and they're all north of $1 million. Very early, we're seeing customers saying, I'd like XSIAM. And we're saying, listen, you can only get XSIAM if you're going to buy XDR. So we're beginning to see there's a pull because of an outcome-based oriented XSIAM. Again, as I said to Hamza, don't get ahead of your skids, this is a shift we're trying to engender in the industry, but we think that the way to drive XDR for us in the long-term is going to be by creating the best security outcome in the SoC for the customer. But they realize I need good data. The only way I get good data is to Palo Alto, XDR which allows us to go create the security outcomes in XSIAM. So that's our approach. Until then, we're just going to keep our head down, grind at the pipeline, make sure we can win the deals. But for us, we're headed for the bigger price because I can do a lot of XSIAM business where I can XDR seed it into my customers. So XDR pricing is less contentious for me. It's more interesting for me to get the right customer in XDR. So you noticed there's a certain part of the market we play in. We don't play in the low to mid-end of the market in XDR. We don't have 500 customer -- 500 user customers. We like to get the 10,000, 15,000, the higher end of the XDR customers because we think that is a high transfer into XSIAM in the future. We've been doing that consistently for the last few years trying to build that base so as when the XSIAM is ready, we can start encouraging our customers to evolve from XDR to XSIAM.

Patrick Colville:

Hi, guys. Thank you for taking my question. And it's good to be back. So I want to ask about margin. So I mean, really impressive to see what you guys printed in the margin. I mean, looking at the numbers for fiscal second quarter. To me, the two most important levers were the product gross margin and the sales and marketing kind of costs that were moderated. I guess as we think about the remainder of the year, how should we model out those two levers? So should we continue to expect less incremental pressure from supply chain costs on the product GMs? And how far can this S&M efficiency go?

Patrick Colville:

All right. Thank you, so much.

Matt Hedberg:

Cool. Thanks, guys. Congrats from me as well. Nikesh, I have to go back to SASE. I mean the 50% growth in ARR off of a large base is impressive. And you guys took a different approach this year in terms of integrating your core firewall and your SASE sales force. Can you talk about the strides in those conversations into the other sort of 50,000 firewall customers that aren't SASE customers? How does that discussion go? And if -- just because it feels like such a marriage that makes so much sense from a cross-sell perspective?

Clay Bilby:

All right. And our next question from Jonathan Ho of William Blair followed by Saket Kalia. Go ahead, Jonathan.

Nikesh Arora:

So William, the reason we showcased the millionaire customers, the $5 million deals and the $10 million deal slide, is there's a journey. By the way, I'm going to send you a Palo Alto shirt, so you can at least wear that in this meeting. You can wear that other one other times. But anyway, so yeah, we showed you a slide of $1 million and $5 million and $10 million because customers go through a journey. And it's very rarely you walk into a fresh customer, and we convinced them to go spend tens of millions of dollars to this and consolidate. So it's usually an evolutionary process where we've become the firewall vendor of choice. They go with us on SASE. They're working on cloud. They see the concurrence of cloud and SASE. They have XDR. They want to get to XSIAM. So slowly and steadily, we are showing them the benefits of consolidation. I'll tell you, us being leaders in 13 categories helps because the first time you used the word consolidation, the first reaction of the CIO or CISO is, wait a minute, I want the best stuff. I just don't want it because you have it. Then we say, wait a minute, our stuff is the best up as well as it works together. So it's a journey. It is not something that is a panacea that every customer comes in and walks in, but our teams are now focused towards trying to evolve our customers down that path or across that journey, right? And that's why we can go out and do a deal. I think our largest deal this quarter is north of $75 million.

Saket Kalia:

Okay. Great. Hey, guys. Thanks for fitting me in. Numbers speak for themselves, Nikesh. Maybe a question for you. A lot of excitement around XSIAM. Some interesting wins you called out as well in your AI section. But maybe a strategic question for you. As you think ahead, maybe the next couple of years for XSIAM, how do you think that, that will have started to disrupt the SIM market, either from a tech or a pricing perspective? And maybe just to flip that on its head a little bit, is it possible that tools like XSIAM maybe help expand the SIM market?

Clay Bilby:

All right. Great. Next question from Joe Gallo of Jefferies, followed by Ben Bollin of Cleveland. Go ahead, Joe.

Nikesh Arora:

Thanks, Joe. So two quick answers. One, we're still the largest player with north of 2,000 customers in cloud security. I don't know, if you explicitly called it out, but our largest cloud security was $40 million this past quarter. I don't know any other vendor in the cloud security space who's doing half of that in a quarter in one deal. So yes, there are many small players out there, but we've seen a bit of churn in the market where some small players have kind of been acquired and gone. Does that mean we'll be the only player? No, there'll be other players in the medium term, but we feel comfortable that there are people who are consolidating. It feels like the Wild West because customers are still not fully in the full cloud security platform mold. So they've not fully embraced the need to have all these things connected, but I think it's a matter of time and a matter of demonstration that it's going to happen. In terms of your question around where we are, and we talked about that in the prepared remarks around hyperscalers. Remember, the cloud security market is a few billion dollars. The hyperscalable market hundreds of billions of dollars. Now the difference is when you commit to a hyperscaler, you commit that you're going to move, you're going to transition, you spend a lot of money. And a lot of that stuff sits in deferred revenue because they are not fully deployed, or customers haven't fully consumed. Cloud security applies to stuff that you consume, right? Like, if you haven't consumed it, or you aren't ready to consume it, they're not going to be buying cloud security. So I think we have a little bit of a gap in terms of when people commit to when they deploy it, to when they take cloud security. I just think the – that stuff can slow down for a while, but it's still got – there's a lot of headroom for us to get from where we are. Even, if we got to all the customers who are in deployment or are deployed, I think we should see a steady continued growth for Prisma Cloud. So the market demand, to me, is not where the challenge is. The challenge for us or the opportunity is to go convince as many customers as we can that this is a platform play. You have to consolidate across multiple modules. You have to have stuff talk to each other on a constant basis, otherwise, you end up in the same situation as you were in enterprise security many --.

Ben Bollin:

Good afternoon, everyone. Thank you for taking the question. Nikesh, you've talked about some GSI opportunities in the past. I'm interested in how you see that channel developing? What type of tail you see there? And how meaningful your platform is becoming for those partners? Thanks.

Clay Bilby:

With that, we conclude the Q&A portion of our call today. I'll turn it back over to Nikesh for his final remarks.

Nikesh Arora:

Thank you, Clay. Good afternoon, and thank you, everyone, for joining us for our earnings call. As you can see, we had a solid first quarter where we showed balanced top line growth and a demonstrable focus on profitability. Early in the quarter, we saw some customer behavior changes and have adapted our operations to align with the changing market conditions. On the top line, billings grew 27% year-over-year, while RPO grew 38%. We have consistently maintained that cybersecurity is the most innovative sector of the technology industry. Demonstrate progress on our transformation, we have shared how our new cloud delivered and cloud-enabled offerings are contributing to our business via our NGS ARR. In that context, this quarter, our NGS ARR hit a key milestone. It crossed the $2 billion mark and grew 67% year-over-year. As the macroeconomic environment changes, we are accelerating our efforts to drive incremental operating leverage in our business. Given that we're the largest independent cybersecurity business, we can meaningfully improve our margins over the next phase of our company's next cycle. Our focus on profitability in the quarter drove operating income growth of 44% year-over-year with operating margins up 260 basis points during the same period. We also generated over $1 billion in free cash flow in the quarter. For the second quarter in a row, we generated net income on a GAAP basis as we focus on GAAP profitability for the fiscal year. At the center of our strategy is the need to drive more consolidation to get customers to a better security posture. Towards that end, we continue to see large cross-platform buys and grow our millionaire customers at a steady clip. Our customers have been in a journey with us, initial deals that give them comfort with our products and help distinguish our abilities from our competition, over time, lead to customers seeing an opportunity to consolidate into one of our platforms. As they get comfortable with either Strata, Prisma or Cortex, we see them looking at further consolidation across multiple platforms from us. This strategy has allowed us to continue to transition our deal sizes with satisfied customers, and we expect this to continue. Consistent with that approach, we have had some marquee deals this quarter. The U.S. federal government agency chose our Cortex technology. This transaction allows the total spend to grow into 9 figures with additional years in customer option. This selection highlights unique capabilities and market leadership of our Expanse technology, which was at the center of this transaction. We received a purchase order for the first 3 years of the deal for over $60 million in Q1. A large U.S. utility signed a 7-figure deal for software firewalls, security subscription and the Prisma Cloud. The customer has hundreds of appliance-based firewalls, and chose our software firewalls because of our consistent architecture, and choose Prisma Cloud as a standardized security across 4 public clouds. A major European media company signed an 8-figure multiproduct deal, replacing several incumbent network security vendors and consolidating on Palo Alto Networks, including our full line of cloud delivered security subscriptions. We closed a 7-figure deal with a U.S. technology company, spanning all 3 platforms. The customer did not have our physical firewalls in the environment, but valued our consistency of software firewall deployment across on-premise and cloud. Our unique Expanse offering and the total cost of ownership benefits of consolidating on our platforms. You can see evidence of our broader success with large customer commitments in our active millionaire customer count, where we added over 230 year-over-year in the first quarter. We continue to innovate across our platforms and get recognized by the market for our abilities. This quarter saw us launch software composition analysis in Prisma Cloud, SaaS security posture management and SASE, and just this week, across our next-generation firewalls. Lastly, we announced the general availability of XSIAM in Cortex. External recognition of our innovation is important to us as many customers rely on this third-party validation as a part of their evaluation process. This quarter, we received leadership recognition in 2 new categories, adding cloud security posture management, or CSPM, and cloud-native application protection platform, or CNAPP, to our list. Let's take a deeper look at our 3 platforms. We have continued to see solid growth in our network security business. Our innovations in the appliance firewall form factor, including our Gen 4 refresh and our investments in the virtual form factor, have continued to drive our share gains. On a year-over-year basis, we have gained approximately 3 percentage points of market share in the appliance market and 7 percentage points in the VM market. Our customers see an opportunity to drive standardization and make decisions to move away from competitors that have not kept up with our pace of innovation. We also see many customers extending the standardization to SASE. Many are in the relatively early stages of executing SASE, given it involves changes to their security network architectures. Our Prisma SASE offering has gained industry recognition, and we've seen an increasing number of wins within our installed base, as well as with new customers. To put this into perspective, our firewall customer base is over 15x larger than our SASE customer base. With our core sellers now enabled and executing and driving SASE into the installed base, SASE continues to represent our largest pipeline. Consolidation of network security capabilities by our customers is driving a [tad] (ph) subscription into our installed base across all firewall form factors. Our constant innovation and capability expansion in network security has been a hallmark of our platform since we entered the market over 15 years ago. While we have highlighted the number of new subscriptions we offer, we have also reimagined our existing capabilities. Our advanced URL filtering and threat prevention versions leverage deep learning to block evasive, zero-day unknown attacks in real time. Yesterday, we introduced the advanced version WildFire to stop more zero-day cloud attacks as part of our PAN-OS 11.0 Nova release. The new subscriptions provide significant additional value to our installed base and have already seen promising adoption. Moving on to Prisma Cloud. Prisma Cloud continues to be the industry's leading CNAPP platform built from best-in-class acquisition and organic innovation. We acquired Bridgecrew 18 months ago to shift left and introduced the cloud core security module with infrastructure as code scanning. Building on this, we released our SCA, or software composition analysis solution in Q1. The integration of SCA with the Prisma Cloud platform, enables developers and security teams to prioritize known vulnerabilities that impact the application life cycle proactively. We have seen hundreds of Prisma Cloud customers use our IAC and SCA capabilities as part of our cloud core security module. We continue to see Prisma Cloud customers increase their credit consumption as they expand their hyperscaler footprint and adopt more of our 9 modules such as cloud code. Half of our Prisma Cloud customers are using 2 or more modules, and nearly 20% are using 4 or more modules. In Q1, our credit consumption grew 55% year-over-year. Building further upon our success, shifting left with IAC Security and ASC adoption, we're doubling down on investing in software supply chain security. Today, we announced our intent to acquire Cider Security, which is key to the strategy. Cider brings the ability to visualize customers' application development and deployment environment, analyze the tools, identify risks and how to remediate them. This ability to secure the software supply chain is backed up by Cider's leading CICD security research team. With the integration of Cider's capabilities into Prisma Cloud after the closing of the acquisition, we will further our leadership in cloud security, helping enterprises secure applications from code to cloud. Across Cortex, we are focused on driving momentum in a number of areas. The first key is ensuring we are winning customers with our best-of-breed product capability. In Q1, we saw strong Cortex large deal performance. We had success not only with XDR, XSOAR and Expanse on a stand-alone basis, but a number of notable examples of multiproduct deals. This included a multimillion dollar transaction at a European construction company, which replaced their existing SIEM and SOAR with XDR Pro and XSOAR. One of the government customer adopted XDR Pro and XSOAR in a 7-figure deal as it formalized a new SoC for multiple agencies. These are in addition to the federal customer we already talked about. We continue to innovate across Cortex during Q1, delivering a new managed detection and response service built on our XDR capability and enriched by our Unit 42 world-class threat intelligence. I'm most excited about the general availability of XSIAM, our breakthrough autonomous security operations platform. Our launch event for XSIAM were oversubscribed, and we see a lot of resonance with our product and its future roadmap as customers reimagine the world of SOC management. Just a few months ago, we had launched a design partner program. Most recently, we've had 2 multimillion-dollar commitments from XSIAM design partners as they expanded into production deployments. At this point, the majority of our design customers have transitioned to paying customers. In fact, we are carefully managing how we onboard future XSIAM customers because we want to ensure fast customer time to value. Our interest list is north of 50 customers, who would like us to deploy XSIAM. We're qualifying them and carefully onboarding them so that we can scale the business appropriately and give them value. In summary, I feel our teams did a good job in a seasonally tough quarter, where also the macroeconomic climate is fast changing. I'm sure all of you are trying to figure out what all of this means for us over the next 3 quarters. As we all know, the Fed is working to tame inflation impacting growth. While cybersecurity is somewhat resilient, we do see some marginal signs of impact. Cybersecurity deals are getting more scrutiny, suggesting deeper and longer reviews of transformational projects. New conversations that include payment terms and discounts are causing deal cycles to elongate. On a positive front, while some deals have been sized down and broken to phases, we are experiencing few deal cancellations. We do this -- expect this behavior to become the norm over the next year. The impact is not uniform across all sectors, but those feeling the impact of interest rate increases are more likely to scrutinize their budgets than those prospering in the high interest rate environment. Technology, CPG and some parts of retail are feeling an impact, while utilities, oil and gas, defense and public sector verticals continue to be on course of their plans. Coming off Q4, Q1 tends to be a seasonally more challenging quarter, but we were able to tame some of these early trends by doubling down on execution. FY '23 will require continued excellent execution to overcome some of these macro impacts. Towards that end, we have already taken concrete action. We have front-loaded hiring of our field teams to increase coverage across our customer base. We have also expanded our level of activity around both new accounts and existing customers to ensure faster time to value with our products. As we discussed last quarter, we have seen some customers delay hardware refresh plans. While they will ultimately need to refresh, some are choosing to defer and reassess at a later date. I continue to believe that hardware will have a long-term industry growth rate in the 5% to 8% range, and we might trend to the lower end of the range. However, coupled with an easing supply chain, I expect that near term, we'll continue to report a low double-digit growth rate for product revenue. Too many vendors leads to complexity and increased risk. Given the increased scrutiny and return requirements, the silver lining for Palo Alto Networks is that we are having more conversations around consolidating platforms than we've ever had before. We think customers are less likely to purchase newer security products. Instead, they will continue to consolidate towards like-for-like capabilities from fewer vendors. Cybersecurity is critical to IT transformation and hyperscaler adoption. We believe that whilst there may be short-term bumps to the pace of investment by some of the customers, these projects will continue for the medium and long term. We see cybersecurity spending as resilient, but not immune to customers adjusting for the current environment. Having said that, I continue to believe that we can overcome these macroeconomic impacts with strong and focused execution, which is what we plan to do. It was just 6 to 9 months ago that we were talking about the challenges we face in the competition for talent. We're now finding it easier to recruit and hire top talent, but also seeing lower attrition rates, which necessitates fewer overall new hires. We will closely monitor our hiring as well as our overall spending to further sharpen our focus on efficiency. As we proceed through the year and focus internally how we respond to the external landscape, sharp execution from our teams will be paramount. Before I turn the call over to Dipak, I want to provide some perspectives on how we're thinking about the forecast. We are adjusting the high end of our guidance ranges for revenue and billings for the year for the upside we saw in Q1. Within our revenue, we do expect slightly higher product revenue growth in the range of 10-plus percent as we are able to ship some orders that had previously been held back by the more challenging supply chain situation I mentioned earlier. We're also reflecting the strength we saw in NGS ARR during Q1, with higher NGS ARR guidance range for the year. This reflects not only the performance of our Cortex Prisma Cloud SASE and software firewalls, but also the success we have seen in advanced cloud-delivered subscriptions that I noted. On a positive note, we're focusing more and more on execution and how our teams focus on driving incremental operating leverage. Towards that end, we were able to take steps to accelerate the profitability we previously outlined at our Analyst Day, which was reflected in our Q1 operating margin and EPS performance. We will remain focused here. And as a result, we're raising our operating margin guidance for the year by 50 basis points. This, as well as higher interest income, is driving the increase to our EPS and cash flow guidance as Dipak will cover. Over the last 3 years on a compounded basis, our EPS and adjusted free cash flow have grown below our revenue growth rate as we made significant investments. We are not targeting EPS and adjusted free cash flow to both grow north of 30% at our guidance midpoint, which is ahead of our revenue growth. We are confident in our strategy and wouldn't trade our position with any other cybersecurity company. We believe our broad portfolio focus as an advantage as we focus on emerging areas where customers are allocating new budget dollars, while also capturing an increased portion of the customers broader cybersecurity budget as they look to consolidate spending. We will continue to invest for the long term with our commitment to fund innovation, while we also pursue near-term opportunities to drive efficiencies in our business. With that, I will turn the call over to Dipak.

A - Clay Bilby:

[Operator Instructions]. Our first question of the evening comes from Saket Kalia of Barclays.

Nikesh Arora:

Look, Saket, as I mentioned, we are seeing customers spend more time trying to understand what they're spending money on. There's more questions, the CFOs are getting involved. So larger deals are getting more scrutiny. We noticed that early in the quarter, so we accelerated our efforts in trying to get those deals in front of those CFOs much faster than earlier in the quarter as opposed to waiting towards the end. In certain cases, customers came back and said, I'd like this now. I'd like to hold off on this and buy it next quarter. That just means we have to go far more pipeline much faster and much harder to make sure we can make up for those deals with other deals in our pipeline. At any point in time, our pipeline, as you would expect, is larger than what we expect to deliver in that quarter. So we have deals in the pipeline. We just have to work with our customers to solidify them. And what we have done is, because of that behavior, we have increased scrutiny internally, we've increased efforts with our sales teams to get ahead of this and we're just increasing the activity of execution. We front-loaded our hires. We hired 550 direct sales rep as quickly as we could in the quarter because this environment is going to continue. And the only way to fight this to get more coverage out of the field. Get work coverage, get more focus on getting deals done, get them across the line. There's not a demand problem, right? All that is happening is that people are pushing out some of their products, means you just need to get more active with our customer base to make sure we get more business into our pipeline. This is what we're doing.

Hamza Fodderwala:

And a lot of great clarity in the prepared remarks. Nikesh, I wanted to talk a little bit about supply chain security and Cider. I think a few months ago, there was an executive order from the Biden administration around securing software supply chains. I know it's early days in the acquisition, the acquisition is not even dry yet, but -- what do you feel about sort of the pipeline, the opportunity the Palo Alto Networks being now the largest cybersecurity vendor for the U.S. federal government? What are you seeing there? And is there interest already from that front?

Lee Klarich:

Thank you, Nikesh. Good question, Hamza. So let me make 1 thing very clear. It's not just a U.S. federal government challenge. Anyone who is developing and deploying applications into public cloud, which today is basically everybody has a supply chain risk that they're dealing with. That supply chain risk can come in the form of software, in the form of open source software that they're building into their applications, which brings a certain type of supply chain risk. And the second type is through all of the tools and applications that they need to use in order to actually build an application. And we've seen that this can easily be hundreds of different third-party tools that they incorporate into the development process that have access to their source code. That is the second form of supply chain risk and sometimes referred to as CICD pipeline risk, and that is a key component of what cider will add to the broader capabilities we have with Prisma Cloud.

Brad Zelnick:

Congrats on the strong execution. Nikesh, I wanted to circle back on your comments about the using supply chain and expectations for hardware growth to be above long-term trend this year. I believe you said low double digit. Just making sure the uptick is solely your view on supply. And just relatedly, when we look at product gross margin, it still seems to be under pressure. Can you help us just reconcile how much of this is mix versus COGS and any other factors to appreciate and what to expect the hardware gross margin?

Clay Bilby:

Next is Andy Nowinski of Wells Fargo.

Nikesh Arora:

So go ahead, Dipak.

Nikesh Arora:

Yes, to your direct question, yes, the expanse deal is in the net new ARR that you've seen.

Philip Winslow:

Congrats on another phenomenal quarter. I wanted to focus in on Prisma SASE and Prisma Access. You gave some interesting stats there in terms of penetration into your existing firewall base. But also wins in the cloud for -- with customers that are not current on-premise firewall customers of yours. When you look at the momentum you're seeing, are you getting better at penetrating that existing base? And are customers starting to understand the value of on-premise off-premise 1 policy? Or are you seeing more momentum even in, call it, displacing competing vendors in the cloud now?

Clay Bilby:

Next is Fatima Boolani from Citigroup, with Mike Turits next.

Nikesh Arora:

So Fatima, let me give you context. I want to make sure I'm clear. So far, these are on the margin, okay? This is not mainstream. We do expect the activity to get more in that direction because you can see the Fed continuing to be on this mission to go steam growth, and we expect that's going to cause more customers to pay attention. But let's not -- now as I said in my remarks, there are some industries which are making money hand over fist, talk to oil and gas. They've never made so much money. So the public sector continues to spend with all the geopolitical issues that are out there. And financials, they're making more money, believe it or not. They're fine. So there are certain segments of the market where these conversations are happening. It's not across the board. We don't expect. I think 50% market is not feeling any pain with the interest rate increases. So take that aside, we take the rest of it -- some of our budgets in place. They have transformation plans in place. So on the margin, yes, those conversations will increase. As you know, in anticipation of this, we built PANFS, we have a very good motion around providing financing. We're sitting at $5.9 billion of cash. So we are able to finance our customers if they so need to be able to facilitate their transformation project. So the conversation happens between us or our third-party vendors, they're able to go make this happen. I don't know, Dipak, if you want to comment on the deferred billing and deferred revenue comment.

Nikesh Arora:

Couple of the flip side, as we've said, we have $5.9 billion in cash. Our entire interest income last year was $19 million. I think our Q1 interest income was twice that. So there's the flip side of that.

Michael Turits:

Congrats on solid quarter in a tough environment. Last quarter, Nikesh, I believe that when you talked about your billings guide, you also commented that you could achieve that billings guide with no reduction in product backlog. Is that -- maybe you could talk a little bit, if you could, about backlog in any way to the extent you can in terms of what happened with it this quarter, up, down, flat? And whether you still assume backlog, product backlog, I think, is what you said, flat into the end of the year in order to make the numbers that you've got.

Michael Turits:

Okay. So no change to that comment from last quarter about holding backlog to make the billings number?

Clay Bilby:

Next to Jonathan Ho, William Blair, with Roger Boyd to follow.

Nikesh Arora:

Jonathan, that's a great question, because I'll tell you what, I was positively surprised by the reaction of customers wanting to engage in an XSIAM conversation, both directly, as well as many of the system integration partners who are there. So clearly, there seems to be a pent-up desire to reimagine their so. People are relying on old data ingestion platforms. People are lying on old alert-based optimization and prioritization things. And they all understand that it's physically and humanly impossible to intercept cyber threats by doing it manually. And that seems to be a common realization. Yet, none of them actually had a solution base presented to them for a long period of time. So what we thought we were doing design partners, we signed up 8,9 design partners. Guess what? In 3 months, all of them say, we don't want to be a design partner, we'd like to start using the product on a commercial basis. So we accelerated our general availability of the product because we had to make sure it's available for those 9 customers, and all of them turn to customers. Now our sales teams are trying -- are aggressively trying to go out there and pitch it, and we actually have to maintain a wait list to make sure we won't need implementation resources to be able to implement. This is a lift. You're ripping out a data ingestion lake, you're ripping out their existing SIM, yet they have to keep running their SoC in a way that we can transform that. So we're working with GSIs. We're working with third-party partners for them to build the capabilities so you can get this done with a variety of customers. I've said this before and I still maintain this. Four years ago, when we embarked on this journey, we decided we're going to build a cloud security business, we're going to build a Cortex business, we're going to build a SASE business. As I said, all 3 businesses are on track to be $1 billion businesses. I think XSIAM has a similar potential in a similar time frame to be our fourth business that's going to be in the same category.

Roger Boyd:

Congrats on the nice results. Nikesh, you had talked last quarter about extending Prisma Access, Prisma SASE to the entire sales force and really becoming a SASE-first sales organization. I'm just wondering, relative to your expectations, any comments you can provide on what you're seeing from a sales productivity efficiency standpoint?

Clay Bilby:

Next, John DiFucci from Guggenheim with Josh Tilton to follow.

Nikesh Arora:

I am trying to interpret your question.

Nikesh Arora:

I'm going to let Lee answer it. I promise we got more than 1 question.

John DiFucci:

Well, it actually affected the results the last time you did it in 2017 for about 2 years. And it looks like you're about a year into it. And I was just wondering if perhaps it could last longer than 2 years this time. That's really the question.

Clay Bilby:

Next is Joshua Tilton of Wolfe Research, with Adam Borg to follow.

Dipak Golechha:

I think probably the way that I would -- I wouldn't interpret too much in it. But at the end of the day, we have pipeline. We have lots of large deals. It really depends on when deals come in. They can have a significant impact on your billings. And so we're just trying to be as transparent as we can in terms of the information that we have on hand. There's no magical math behind the guide.

Adam Borg:

I really appreciate it. Maybe just on a topic we haven't heard today on OT cybersecurity, that's an area that we're just picking up more in our checks is seeing some more focus. And I love to think about -- hear a little bit, Nikesh, how you're thinking about the opportunity and what [indiscernible] plays?

Lee Klarich:

Look, OT environments have long been secured by keeping them disconnected from everything else. And there's OT environments that are still running Windows 95, Windows NT, for those who have been around for a while. That obviously has significant risk. And so the way to control that is simply segmented and walled off from the rest of the world. But what's been happening over the last couple of years is OT networks are increasingly being digitized, specific parts of them are having to be connected to the cloud, which also means the OT and the IoT are starting to merge together a little bit more. And so as that happens, there's a greater interest in thinking about what the next generation of security for an OT environment looks like. And so this is where our ability to come in with a next-gen firewall infrastructure that can provide the segmentation where it's needed. But layer on top of that, the IoT OT security capabilities designed to secure that transformation is starting to pay dividends. I still think this is early days in transformation, but there definitely is a strong interest in these types of organizations. And as Nikesh mentioned earlier, many of these are oil and gas utilities and others that actually are seeing some of the benefits of some of the recent macro environments. And so that's also part of an opportunity to leverage and make investments now.

Robbie Owens:

Could you drill down a little bit in terms of Fed and what you saw in period, obviously calling out a couple of large deals. But if I rewind, the thought process was that Fed was going to get more linear and less budget flushed typical to the September quarter. So are you seeing those trends play out? Or was this more a budget flush type of quarter? And was it in line with your expectations?

Clay Bilby:

Next is Matt Hedberg from RBC, with Paula.

Dipak Golechha:

Yes. So I think, look, there's always going to be the isolated instances where it comes up in discussion. But for the most part, our sales reps will try to manage that through different tools that they have available to them and then that's pretty much it.

Clay Bilby:

Our last question for the evening will be from Gray Powell of BTIG.

Nikesh Arora:

I think it's kind of interesting, all of our SASE deals, I think like-for-like are much larger than our firewalls deals even with the same customer. And they can range from 2x to 3x, and sometimes even up to 5x, depending on the comprehensiveness of the requirement and the customers' desire to deploy. So we have lots and lots of 8-figure deals out there that are being competed for in the SASE space. And I think there's 2 vendors fighting for those deals. We were not a player, as you know, 2.5 years ago in that space. Now we're almost in every one of the large deals out there head-to-head. So either the deal gets won or lost, but we're in every one of them, and they're typically large sizes. And the economics are better than the security posture is better for the customer, because imagine, if I sell 500 firewalls, it takes customers a serious amount of time to go deploy them, and every time I give a software upgrade to customers to go drive a truck and upgrade all those firewalls because they want to sandbox the upgrade, which leaves them exposed from a security perspective. And SASE, I can -- I actually -- we actually do the upgrades, and we can get the entire customer base upgrade in this matter two weeks. In some cases, we just announced [indiscernible] 11.0, and we still have a lot of customers who have not upgraded to 10.2, right? So this does improve the security posture, improves the total cost of ownership. And that shows up in a larger deal size because we're shifting costs from the customer to having to be software managed by us and our partners. So look, the economics of SASE are phenomenal from a deal size perspective as well as from -- they're pretty consistent from a margin perspective. So I think there's still, as I've said in the past, is an $8 billion to $10 billion SASE market out there, and that space is growing in double digits as an opportunity.

Nikesh Arora:

Thank you, Clay. Thank you, everyone, again, for joining us. We look forward to seeing many of you at upcoming investor events. I also want to thank our customers, partners and employees around the world for helping us deliver these great results in such a tough environment. With that, have a great day.

Nikesh Arora:

Thank you, Clay. Good afternoon, and thank you for joining us today for our earnings call. As you can see from the video, we were excited to celebrate the 10th anniversary of our IPO in early July. Our employees are engaged and excited as we continue confidently on our mission to be the cybersecurity partner of choice. Moving to Q4, I'm pleased to report that we again saw very strong results, starting with top line results that were well ahead of the guidance we initially outlined for the fiscal year '22. We delivered this growth while balancing our profitability commitments, we also made significant investments to continue to transform our company and take advantage of the large and rapidly growing market opportunity we see in cybersecurity. On the top line, billings growth of 44% was the highest we've reported in four years. We also grew RPO ahead of our revenue growth rate. The key focus of our team has been rapidly positioning us as a constant cybersecurity innovator. And one way we measure our progress is how our NGS ARR develops. We're delighted to report this metric grew 60%, reaching $1.9 billion exiting the year. We are expecting it to reach $2.6 billion in FY '23. If this was an independent start-up, it would be amongst the fastest-growing cybersecurity businesses to achieve scale. Within our core network security business, Firewall as a Platform billings grew 26%. When we started reporting this metric, the intent was always to show that we continue to take share in the network security market; at the same time, transform the business to a software business. Today, close to 50% of that comes from software form factors. Operating income grew 52% in Q4 and our operating margin for the year finished to the high end of the guidance range, with adjusted free cash flow margin coming in above the high end of the range we provided. We achieved a major internal goal we've had on the profitability front, delivering GAAP profitability this quarter. Looking forward, we're guiding to full year GAAP profitability in fiscal 2023. We've had many of you ask us about the macro environment and how is it impacting our business and the markets we serve. In the last year, we arguably saw the most challenging supply chain conditions the technology industry has ever seen. We executed through this well during the year with modest impacts to our gross margins. We expect conditions will eventually ease. For our planning, we're assuming a material improvement won't be seen prior to the end of fiscal year '23. However, as the supply challenges fade, we expect this will start to have a favorable impact on our product gross margins. There's a continuing debate on inflation, it's nature and duration. We saw some labor and other inflationary pressures in the second half of the fiscal year. We do not anticipate these pressures going away in the next fiscal year and we have planned for it to persist through fiscal year '23. And hence, it is included in our plan and is reflected in our guidance. With respect to the macro impact on demand, we've just come out of Q4 with exceptional 44% billings growth. In enterprise sales, as most of you know, there is Q4 magic. We did, however, see some marginal changes in the macro environment in Q4. Whilst early, it is important to see how the overall macroeconomic conditions develop over the next year. First, we saw more longer duration deals as customers increasingly have the confidence to make large long-term commitments with us. This is important to the transformation objectives we set out for Palo Alto Networks. It confirms and validates our view that customers will consolidate if we give them constant best-of-breed products and ensure that they are integrated to deliver better security outcomes. Second, we saw some isolated instances of customers extending the life of hardware potentially driven by macro forces. We expect that on the margin. This could continue into FY '23. It is counterbalanced by some customers refreshing their state and our continued share gains in the hardware form factor. Third, in transformational projects, the vast majority of our customers continue on their investments here despite the expected short-term macro impacts. Security spending is tied into our customers' desires to move to the cloud, drive more direct relationship with their customers, modernize their IT infrastructure as well as drive efficiencies while adapting to a new way of working. Those efforts continue. Coupled with heightened awareness and need to do something around cybersecurity, we expect secular tailwinds to persist in cybersecurity, and we are best positioned to deliver against our customer needs. Another trend I would like to highlight is the return to Palo Alto Networks by employees who had left for seemingly greener pastures. Over a six-month period, as part of our Welcome Home Program, we have engaged with many former employees. To date, dozens of top performers have been rehired with many more in the funnel. Over 70% of people reached out to have expressed a desire to come back to us and a significant number already have. 50% are returning from start-ups, the next largest percentage coming from peer companies. We're happy to welcome these employees back to Palo Alto Networks. As we embark on new fiscal year, my fifth as Palo Alto Networks CEO, it’s worth reflecting where we came from. Our transformation strategy has not been easy, but we are unwavering in our resolve to build the most comprehensive and relevant offerings for our customers, taking away their complexity and delivering a better security outcome for them. We see a path to being the largest cybersecurity company backed by constant innovation and excellent execution becoming our customers' cybersecurity partner of choice while delivering increasing value to our shareholders. Just four years ago, we were a different company. We have reinvented the firewall market and captured the market share leadership position. There are glimmers of our next-generation security strategy, but it made up just 8% of our billings. Our software story in network and security was early, with some traction in our virtual firewalls and a fledgling precursor to SASE called GlobalProtect Cloud Services. We made our first acquisition in cloud native security and had early point products that will become part of Cortex. When we step back and took stock in the industry, we had a key hypothesis, which we then tested, proved to ourselves and have reproduced across the business today. There has not previously been a cybersecurity company with a leadership position in multiple categories, nor did the customers believe that a cybersecurity platform could anchor their architecture. We set out on this ambitious journey as you see at Prisma Cloud and Cortex as well as innovated significantly in our network security capabilities. Fast forward to today, our transformation has taken us far. We are a recognized leader in 11 cybersecurity categories across our three platforms. Next-generation security contributed more than 38% of our billings, helping to accelerate our growth. In network security, we now have the most comprehensive solution across three form factors that share a common architecture and also offer a suite of market-leading security subscriptions. We have built, assembled and integrated capabilities in nine modules that make up Prisma Cloud, which is now the leader in cloud native security. Lastly, we have three anchor products in Cortex, which with our new XSIAM product showing promise in the revolutionized security operations is going to hold us in good stead. The proof that this transformation is working is in the momentum we are seeing in our customers. The number of customers that spend over $1 million annually with us continues to grow, with the millionaire count now in excess of 1,200 and the number of Global 2000 customers that have purchased products in all three of our platforms is now 50%. While we've had many large customer wins recently, I want to highlight a team in three transactions. The first is a technology company that purchased products in all three of our platforms and a transaction over $75 million in value. The second is a financial services company that standardized its network security in our platform, including adding VMs and deploying Prisma Cloud spending north of $40 million. And third is a professional services company that spent over $75 million across Strata, Prisma and Cortex. One of the outcomes from our transformation over the past four years is a steady increase in our subscription and support mix primarily driven by the growth of our next-generation security business. Subscription and support now exceed 80% of our billings. This has resulted in greater predictability in our revenues. We have seen growing commitments from our customers represent a greater portion of our next year's revenue. As we enter fiscal year '23, that number is 59% at the midpoint of our guidance. Increasing revenue visibility gives us further confidence in our ability to invest and drive future growth. This number is over 70% for the revenue we expect in Q1. All of this has occurred while our revenue growth has accelerated from FY '20 to FY '22, in part due to the accelerated growth in our next-generation security offerings, while we have also taken share in traditional network security appliance form factors as reported by third parties. Despite the success so far in our transformation, we still see significant potential ahead of us. We estimate our large addressable market to be growing at a rate of 14%. At 29%, our fiscal year '22 revenue growth more than doubled this market growth rate. As we have transformed the business, we have seen our revenue growth reaccelerate. Even with this significant growth over the last four years, we still only represent approximately 6% of our TAM we last presented at our Analyst Day in September 2021. 6% share of the market is low for the market leader as compared to other categories and technology. So we see there is ample room to grow. There are numerous trends that excite us around our ability to drive this growth and continue our share gains. You may soon see a day where there will be $1 trillion in public cloud consumed. Our observation thus far in this early market is that companies allocate 2% to 5% of the cloud budgeted security, creating a significant Prisma cloud opportunity. There are 3.5 million worldwide cybersecurity jobs that are unfulfilled. Our view is that more training and hiring alone will not effectively and efficiently counter the growing use of automation employed in attacks and the volume of alerts that is overwhelming the security operations center. We believe a new paradigm and security ops is needed that heavily leverages AI and automation. We are targeting this opportunity with our Cortex products and XSIAM products specifically. Lastly, hybrid work is here to stay. There are more than 1 billion knowledge workers globally. We believe we have a strong position in SASE with our coverage of users and branch offices today, just catching the surface of loss opportunity. We have a clear mission in front of us in each of our security platforms to harness the opportunity that we have outlined. As this is Q4, I figured, rather than having me outline all the accomplishments from our product team, I would invite Lee Klarich, who patiently listens and sits in our calls, to give you a more detailed update to help you understand how we will continue to build on our success we had in FY '22.

Nikesh Arora:

[Technical Difficulty] about our financial targets in FY '23. I highlighted the strong drivers at play, including technology sector forces as well as drivers within cybersecurity. We just talked to you about all the innovation we have underway. We continue to have confidence in our team's execution and the traction we're seeing across our platforms. We expect to continue to deliver strong results, in line with the profile we have talked about for the last year since our Analyst Day. For fiscal year 2023, this includes billings growth of 20% to 21% and revenue growth with increasing predictability that is in the mid-20s. After achieving operating margins at the high end of our guidance in fiscal year '22, we intend to deliver operating margin expansion of 50 basis points to the high end of our guidance, with adjusted free cash flow margins of over 100 basis points at the high end of our guidance while absorbing increased supply chain costs and inflationary impacts. We achieved GAAP profitability in Q4 fiscal year '22 and we project this will continue for fiscal year '23. Lastly, today, we also announced a 3-for-1 stock split. This was done to help ensure our shares are accessible to all employees and investors. The stock split also demonstrates our belief in the future of the company and the momentum and confidence we have in our strategy. With that, I will pass on to Dipak to discuss our Q4 results in more detail as well as our Q1 and fiscal year '23 guidance.

A - Clay Bilby :

Great. Thank you, Dipak. To allow for a broad participation, I would ask that each person ask only one question. The first question comes from Hamza Fodderwala of Morgan Stanley, with Rob Owens to follow.

Nikesh Arora :

Yes. I just keep the efficiency of time. Yes, Dipak did say that if some of the -- it's important to understand, not just pull forwards, we had some large long-duration deals, having normalized for them. We just want to make sure we set expectations for next year, that 44 was exceptional and some of that was because of some large longer duration deals. I mean normalize for that, then you'd end up in the mid to high 30s. So this is more precautionary in our part as opposed to telling you that we're not doing well. On the front of like -- deal life cycles have been elongating at the top end of the market for us as the deal size have grown. This is not net new to us. This has been happening over the last two or three years. When I came, the largest deal we did was $28 million, now we've done deals closer to $100 million. So obviously, it takes a longer time to get a $100 million deal in place and requires a lot more validation from our customers' POCs and getting engaged. So that trend is consistent. We have not seen any change in that driven by economic factors. So that is your question. As I said, the three effects we saw, we shared a little bit of sweating of hardware assets to push them out a little longer and we've seen some people look at transformation projects. You can see them not go away from transformation. We've seen consolidation. Those are the three things we've seen.

Rob Owens :

Would love to drill down into the success you guys are seeing in Prisma Cloud. And what are the biggest factors and/or technical differentiation that's driving your success right now?

Lee Klarich :

You've been well trained, Nikesh.

Lee Klarich :

I'll add one piece, and actually, Nikesh said it in his prepared remarks. Not only do we have a platform approach, but everything that we deliver from the platform is best in class. And that combination is critically important for our customers to have the trust and confidence in using Prisma Cloud.

Philip Winslow :

Congratulations on a great end to the fiscal year. Now when we speak to your partners, a growing message back has been an increasing amount of demand for Prisma access, which obviously had a great quarter. It's coming from enterprises that have been customers of other competing on-premise firewall vendors. However, they do not offer as robust a set of cloud service as Palo Alto Networks does. And lead to your point, during your slides, the number that jumped out to us today was that more than 30% of new SASE logos in Q4 were new to Palo Alto Networks. So Nikesh, maybe Lee, if you could comment too. If you think forward here, what is the opportunity to not only monetize SASE and Prisma Access but also to potentially transition that largely on-premise installed base of those competing firewall vendors to Palo Alto Networks platform, what are you hearing from customers and why?

Clay Bilby :

Great. Next is Adam Tindle of Raymond James with Brian Essex to follow.

Nikesh Arora :

So I'm sorry, I'm confused. Are you saying 50%, 60% growth is time to harvest or trying to grow faster? Sometimes I can never make you guys happy. It's like three years ago, we said $1 billion you guys always said, that's a big number. You won't get there. We get you to $1.9 billion in four years, and they sit and say, that's par for the course now, just like start making more money. Like, as Lee highlighted, we are trying to balance our R&D spend with our growth aspirations. I personally believe there is so much room in the cybersecurity market as we've demonstrated. Since I came, we've -- revenue growth is up 50% in terms of percentage growth. So we used to grow in the 19%, 20% range, growing at 20% to 29%. And I think that's a good place. It's such large numbers. We're growing at a good number. We're going to keep balancing our investment yet showing you fiscal prudence. Could I go spend more money and let the operating margin language lower? Yes. But I don't want to. We promised that we keep extracting operating margin to make sure we're fiscally prudent, and we're going to do that. But at the same time, we use the opportunity of every dollar to make it more efficient and keep spending for growth. We think our growth profile, obviously, as you would expect, has improved for most of our products that we were taking bets on about three or four years ago. I think it's also important to understand ARR is a leading indicator of revenue. So revenue comes in after ARR and then you have costs come in on day one. So yes, our operating margins for these new areas are getting better, in some cases getting to positive from negative. But I think we're still further away until you see the impact of the $700 million, $800 million we added this year. As that flows into revenue, the next 700 flows in revenue, we hopefully will keep expanding operating margins, which is fueling our ability to give you that 50 basis point expansion over the years. But we're going to keep striking the balance.

Brian Essex :

My congratulations on the results as well. It's great to see. Maybe, Nikesh, if you could help us reconcile what you're seeing on the product revenue side, particularly within the context of your guidance next year, particularly given what you said about consolidating, sharing your platform, early stages of refresh cycle, but it sounds like you've got some great VM series traction and the percentage of revenue of total Firewall as a Platform business is accelerating. What are the underlying assumptions behind that mid to high single-digit product revenue growth? Where could you see upside? And how are things different underlying those expectations compared to what you're seeing today?

Clay Bilby :

Great. Next from Fatima Boolani of Citigroup with Saket Kalia next.

Nikesh Arora :

Let me lay back. First of all, we were careful, we said mid-to-high 30s. So it's not exactly 10%. It's somewhere between 5% and 8%, if you will, if you were bringing back of the math envelope. But yes, 5% to 8%. But look, part of it is we also told we have 1,200 millionaire customers. I think in cybersecurity, that makes us the largest number of millionaire customers you're going to expect. There's a large amount of customers between that and the $1 million customers, 100 million and 1 million, there's a lot of people -- there are lots of numbers between 1 and 100. So you can expect we have people pretty much at every number. Part of it is a balancing act in terms of what deals we prioritize and what deals we focus on. Remember, $100 million deals don't go away. They just take longer. So we could get it done in Q1. We'll get it done in Q2. So our customer has a wake up one morning and saying, you know what that deal we have been discussing over the last nine months for $100, it's not going to happen. If typically it becomes a $60 million deal, you say it's going to happen in the following quarter. So our job is to have a lot more pipeline in our portfolio to make sure that we're able to bring enough of them in, to be able to keep you hungry analysts away from destroying our credibility or whatever the right phrase is. Have we got you convinced yet, Fatima or not? I'm still waiting.

Nikesh Arora :

All right, good. Fantastic. Thank you.

Saket Kalia :

Okay. Great. Echo my congrats on a very strong quarter. Dipak, maybe for you. You mentioned in your prepared remarks that you took the same approach with FY '23 guide as you did with FY '22, which was obviously very strong. So maybe the question for you is, as we all contemplate the impact of macro uncertainty for next year, how did you sort of think about that when you were kind of thinking about that billings guide for next year, which, again, was very strong at a higher base for '22?

Clay Bilby :

Great. Next is Brent Thill of Jefferies with Andy Nowinski next.

Dipak Golechha :

So I think again, ultimately, we talked about how you've got to normalize it for some large deals. We did also take a price increase on August 1. I think, again, we're just trying to be prudent at the beginning of the fiscal year and make sure that we're not getting ahead of our skis. I mean the 20% to 21% is the fiscal year guide. I think we've guided a little bit higher in Q1, specifically, but I think -- yes, and still ahead of consensus. So I think we feel pretty good about the pipeline, all the metrics that we look at.

Clay Bilby :

Okay, great. Next, we've got Andy Nowinski of Wells Fargo with Joel Fishbein next.

Nikesh Arora :

Andy, I think part of -- if you look at it historically, until about three years ago, we didn't have a SASE, we could actually go head-to-head with the industry leader, let's just say, right? What has happened in the last 1.5 years or two? We've become a force to reckon with. I'd say in the most -- the largest enterprise deal is head-to-head with two vendors. Very rarely do we see a third. This doesn't take a lot to guess who the second vendor is. And two years ago, we were not showing up to the party. Two years ago, getting one or two deals out of 10. Now we think we're in five to six out of 10 deals and our aspiration is next year to be 10 out of 10 deals. You know what, hopefully, if we can win half the deals that we're in, we'll be growing at big numbers like we did this year. So we think we are coming of age in our SASE business. We have a lot of respect for the other player in the market. We think we have a better solution technically. We're seeing that when enterprise architectures come to play where customers want to integrate a Zero Trust strategy across hardware, software and remote access driven solutions. We believe that we have a technical edge. At the same time, we made the early decision to deploy that on the public cloud. We actually are the only company that can deliver your SASE solution on the public cloud with redundancy. So GCP goes down, we hot switch to AWS. As AWS goes down with hot switch to GCP, so we give you the highest level SLA in the SASE business in the market today.

Joel Fishbein :

Nikesh, just wanted to follow up on Fed spending and SLED spending, particularly since Palo Alto is probably in the pull position to deal with the Zero Trust environment that the federal government's disposing a strategy around it, and I would love to just get an update. It seems like there's a lot of rhetoric, but not a lot of spending.

Clay Bilby :

All right. Next is Keith Bachman, the BMO with Gregg Moskowitz to follow.

Lee Klarich :

Yes. Thanks for the question, Keith. The -- we saw another year of good traction with Cortex across XGR, XSOAR and Xpanse. And I anticipate that we'll continue to see that traction in FY '23 given the product innovation that we've driven and will continue to drive across those three products and the value they provide. When I think about XSIAM, I think of it as being the start of fairly exciting journey, but it's going to be a multiyear journey. I don't see it as being just a quick hit. It's a more architectural transformation. It is truly what I believe customers need but it will take a little bit longer for that to fully play out. And I'm very encouraged by the design partner program we ran, but there's -- we're going to see that play out over the course of the next year, and hopefully, that sets the foundation for the years to come.

Dipak Golechha :

And then just to answer your question on duration and pricing, no significant changes on duration and no additional pricing beyond the ones that we've already announced. Recall August 1, we did have a price increase that was about 5% on our hardware.

Gregg Moskowitz :

So Nikesh, at the beginning of your fiscal '22 year, you spoke about a more incremental period, a more moderate period, if you will, as it relates to acquisitions. But earlier, Lee also mentioned several opportunities for new modules and valuation multiples having generally come in, I'm curious how you're thinking about M&A in fiscal '23?

Clay Bilby :

Great. Matt Hedberg, RBC followed by Gray Powell.

Nikesh Arora :

So thank you for the question. It's a great question. It's something our management team has spent a lot of time thinking about. And what we are doing going into this fiscal year is we used to have SASE sales specialists. And what we've done is we have merged them into our core sales team, and we've been running boot camps for the last 6 to 8 weeks training everybody out in the field for SASE. So we're converting our entire core field team, our network security team into a SASE first team which is the way -- only way we can get amplification across 2,000 sellers and actually go make sure there's a SASE opportunity to be uncovered to every customer. So we think SASE's come of age. We think SASE is the linchpin towards our network security strategy. We think this is going to be a very, very large market in the next five to 10 years. And we say we're one of two vendors in the market who will be invited to every opportunity, and we hope to win our disproportionate share.

Gray Powell :

All right. And congratulations on the strong results. So yes, I guess I'll stick with the SASE theme. And I'd be really curious, I mean a lot of other companies that have reported earnings in the security space, they're talking about longer sales cycles, particularly for larger, more complex deals. How does that play into the Prisma SASE portfolio? Are you seeing any macro impact there, particularly in terms of pipeline? And then was that like a consideration in the NGS ARR guidance.

Clay Bilby :

Great. Thanks. That will conclude our Q&A. I'll turn it back over to Nikesh for his closing remarks.

Nikesh Arora:

Thank you, Clay. Good afternoon, everyone, and thank you for joining us today for our earnings call. In this time of increased macroeconomic volatility and geopolitical uncertainty, we saw a combination of strong cybersecurity market demand and our team's execution in line with our strategy to drive our Q3 financial results. We reported strong top line metrics with both billings and RPO growing 40% year-over-year. This is the highest billings growth we have reported looking back over the past 4 years and was driven both by strong demand for our next-generation security offerings and strong customer commitments to our network security business. In network security, we saw product again grow over 20% as we continue the transition to software. Customers continue to consolidate their network security to Palo Alto Networks as a result of the significant expansion in our subscription capabilities over the last several years. Our net security ARR ended Q3 at $1.61 billion, up 65% year-over-year. Our top line performance translated into non-GAAP operating income that grew ahead of revenue and enabled strong cash flow conversion. We were pleased that we were able to achieve these bottom line results despite challenges in the supply chain. Speaking of the global backdrop, whether it's supply chain, geopolitical conflict or rising interest rates and inflation, this environment is creating challenges for our customers and testing our execution. I'm pleased our teams have risen to the occasion and have shown strong execution across sales, operations and all areas that support the business. The trend that started with the pandemic and the widespread cyberattacks, the trend of network transformation, cloud transformation and fortifying one's infrastructure continue to be strong. Coupled with consolidation in cybersecurity, we expect this to continue to drive strength and growth both for the industry and us in particular given our unique 3-platform approach. Of course, the events of Ukraine are on everyone's mind. We stand with the people of Ukraine against Russian aggression and have been working to provide direct cybersecurity support to Ukrainian organizations. This geography has not been significant for us in terms of revenue or our overall growth expectations. For this quarter and our most recent quarters, our combined Russia and Ukraine revenue was well below 1%. We have halted new sales in Russia and we're also complying with all government sanctions. Since December, we've deployed protection for over 3,400 new indicators of attack that defend organizations from disruptive and destructive Russian cyberattacks. As you might expect, we're seeing heightened interest from commercial and government customers in Europe around mitigating this nation-state activity. This ever-challenging threat landscape is driving broader and more strategic customer conversations. We continue to see our customers look for an elevated level of partnership and this is expanding our market opportunity. We continue to see success in consolidating share within the enterprise market, and this has become a core tenet of our growth strategy. We see evidence of this in our multi-platform sales with 48% of our Global 2000 customers having transacted now with us on all 3 of our major platforms of Strata, Prisma and Cortex. The number of million-dollar-deal transactions we signed was up 65% in Q3 and the average size of our million-dollar deals increased in the quarter. We also saw the number of $5 million deals increase by 73% year-over-year. Large deals are an important selling motion for us as we further penetrate Global 2000 customers with our second and third platforms. Innovation is the engine that underpins our growth in the market, which Gartner estimates will total over $250 billion in end-user spending by 2026. With the trend towards vendor consolidation in the market, customers appreciate our best-of-breed capabilities within each of our 3 platforms. This quarter, we added 4 additional categories to the recognition we received for our best-of-breed capabilities. Remember, they're all integrated into our 3 platforms. So the customer gets the benefit of our platforms as well as the individual best-of-breed capabilities which compete effectively against independent vendors in our industry. Forrester recognized our position in cloud workload security with a leader designation in their inaugural wave in this market, the only company to have that recognition. Early recognition of the importance of attack surface management, which we entered through the acquisition of Xpanse in 2020 was validated as we were recognized as an outperforming leader by GigaOm. We received strong performer designations from Forrester in 2 categories, incident response and EDR. I'll next provide you an update on our platforms and what progress we've made in the last quarter, starting with Prisma Cloud. We continue to see strong momentum driven by both new customers and notable for this quarter, large upsell and expansion commitments, which drove 25 deals north of $1 million. This growth in customers and existing customer expansion is evidenced in our credit consumption, which grew 50% year-over-year in Q3. We continue to drive cloud security leadership across the industry. And as I've said before, all Prisma Cloud customers are inherently customers of hyperscalers, yet they choose us. Customers are looking for a scaled, integrated cloud security platform that Prisma Cloud provides, enabling us to deliver high double-digit growth. Our customers are increasingly recognizing that operating securely in the cloud means ensuring that software that is written for the cloud is secure. This starts with the developer. Our early observation of this trend led us to acquire Bridgecrew in early 2021. We have been focused on building out a portfolio of offerings targeted at developers. This is our fifth pillar of Prisma Cloud. Cloud Code leverages all the existing capabilities of Prisma Cloud, including its approach to credit consumption, deployment and reporting. One quarter from release, we've seen success in 6-figure commitments to Prisma Cloud driven by Cloud Code and also this is amongst the fastest modules adopted in Prisma Cloud in terms of credit consumption. Critical to our developer strategy, we continue to see strong downloads of our Checkov open source offering, which reached over 7 million in Q3. Moving on to Cortex. We are helping customers reimagine how they operate their security operation centers with automation and AI/ML at the core. Cortex customers grew over 60% in Q3, supported by multiproduct Cortex transactions in EMEA and the Americas. We achieved an important milestone in Q3 with approximately $500 million in Cortex ARR. In Q3, we saw strength in each of our established Cortex product areas with a record number of transactions for XDR and Xpanse and nearly that level of business with XSOAR. XDR continues to shine with industry awards and benchmarks. This quarter, XDR was recognized for 100% threat prevention and detection in the recent MITRE evaluation. Forrester also recognized the significant progress we have made with XDR in our series of releases over the last 9 months, recognizing XDR as a strong performer in its EDR Wave. Our Xpanse performance, with transactions up well over 100% in the last 12 months, shows that attack surface management is now seeing an inflection in mainstream demand. After our recent limited releases of XSIAM, we are making progress in our goal to initiate co-design work with 10 partners and expect to be on track at the end of this quarter with our plans. XSIAM will ultimately enable us to achieve our Cortex vision around SOC automation, delivering what we expect to be a very unique value to our customers and disrupting the multibillion-dollar SIEM category by offering a modern alternative that leverages AI and ML. Moving on to SASE. Last week, we made a call to the industry to adopt ZTNA 2.0, which ushers in a new era of hybrid workforce security based on key zero trust principles like least privilege access, continuous trust verification and continuous security inspection across all apps. Our mantra for Prisma Access is to provide zero trust with zero exceptions. The pandemic has accelerated the adoption of SASE. In addition to significant traction from our installed base, we continue to see strong momentum from net new customers for whom Prisma SASE is their first significant purchase for us. These customers then become opportunities for incremental engagements across our other platforms. SASE saw particular success with large transaction in Europe as we signed 11 large transactions in EMEA, further reinforcing the global nature of SASE demand. SASE is in the early innings, and we're making significant investments to ensure we continue our momentum in this category. Moving on to Strata, our hardware and subscription services platform. For the third consecutive quarter, we delivered north of 20% product revenue growth. We saw strength across our portfolio, both hardware appliances and software form factors. As you're all aware, the industry is dealing with unprecedented supply chain issues, which are likely to persist for yet another year. Our team is deftly managing these with our partners, allowing us to maintain better lead times than some in the industry. We have seen instances where we are advantaged in having supply where competitors cannot timely deliver and we believe this has helped contribute to market share gains. We saw our momentum validated by third-party recognition of market share gains in both hardware and VM form factors. In hardware, Omdia recognized Palo Alto Networks as being #1 in market share for the appliance market with over 27% share, up more than 5 points year-over-year. In the VM market, according to Dell'Oro, we added 6 points of market share year-over-year and command nearly 34% of the market. We continue to execute on our Generation 3 to Generation 4 transition. We have now released nearly all Gen 4 appliance models. Although customers are very early in their evaluation and adoption of Gen 4, we expect this Gen 4 adoption will help drive our appliance growth rates ahead of the market growth rate. We're seeing strong uptake of advanced URL subscriptions and strong early demand for our new advanced threat prevention subscription. We released next-generation CASB last quarter and saw solid Q3 performance here. Lastly, we announced our second partnership with a hyperscaler to embed our network security into the fabric of their cloud. This is differentiated innovation that leverages our engineering scale, our market leadership position and relationships with hyperscalers. Cloud Next-Generation Firewall on AWS brings the combination of Palo Alto Networks' industry-leading network security in a cloud-native form factor and marries it with the ease of use of Amazon Web Services. This relationship with AWS follows the launch of Cloud IDS on the Google Cloud Platform last July. We expect Cloud Next-Generation Firewall will drive further growth of our Firewall as a Platform and specifically, our software form factors. It also gives customers another reason to standardize on our network security platform. Innovations like Cloud Next-Generation Firewall on AWS, Cloud IDS on Google Cloud and our licensing of security subscriptions to SaaS providers to protect their cloud applications are differentiators for us versus competitors that are primarily focused on the appliance form factor. Bringing it all together, we are very pleased with our Q3 results, where we saw exceptional top line growth. At the same time, even while growing faster, we are prioritizing investments and delivering on the profitability targets we committed during our September 2021 Analyst Day. We believe this is an important discipline, and we intend to maintain this focus on profitability targets while maximizing growth. We continue to see broadening demand for cybersecurity, which is enabling us to grow and invest from a position of strength. As we focus on our mission to be our customers' cybersecurity partner of choice for today and tomorrow, we also aspire to deliver to our shareholders outstanding returns as a proxy for growth of the cybersecurity opportunity as well as world-class execution. We are very pleased with the first 3 quarters we have delivered so far in fiscal year 2022. We look forward to updating you in 3 months on our plans to continue accelerated growth, balanced profitability and look at how we intend to target GAAP profitability in the near future. With that, I will pass the call over to Dipak to talk about our results in more detail.

A - Clay Bilby:

Great. Thank you, Dipak. [Operator Instructions] The first question will be from Phil Winslow of Credit Suisse, with Hamza Fodderwala to follow.

Nikesh Arora:

Phil, I'm accused of speaking fast. Dude, you're beating me at it.

Nikesh Arora:

Thank you for the question, Phil. It's kind of everything you said. And we've been saying this for a while that cybersecurity is consolidating and the evidence we've been shown by people like yourself is, look, it's never happened before. And I still submit that the reason it never happened before because you didn't have a cybersecurity company which would show you 20 best-of-breed products in its portfolio. Because customers are not suggesting they will buy something you have because it's in your platform, they are still demanding best-of-breed. And we're able to demonstrate to them the best-of-breed. But not only that, I think in the last 3.5 years, we've been able to demonstrate our track record saying, if something is important, we will make sure we deliver to you with best-in-class capability. So we're seeing that. This allows us to go back into customers. As you can imagine, if all you got is EDR or XDR to sell, if the customer just bought it, you got to move on. If all you got is SASE, you got to move on if the customer has bought SASE. In our case, our sales teams have a very large bag of tricks. If you don't want SASE, you've got cloud security going on, let me talk to you about cloud security. If you don't have cloud security going on yet, do you want to talk about buying more firewalls or replacing somebody. If you don't have that, do you want me to help you automate your SOC. So just the ability for us to demonstrate that we can help them with the multitude of their cybersecurity challenges and also show them that we're not trying to get them to make a very large commitment across all 3 of our platforms, they can walk and then they can run. They actually start by taking one of our platforms, allowing us to demonstrate our credibility and our security capabilities, thereby giving us the opportunity to then bid for the next business that they have. And I think the $1 million deals and $5 million deals are just a way to look at it because $1 million deals are typically single platform deals. And as you get into the 5s and the 10s, you certainly see that there is more of a portfolio approach. So look, it's what we said.

Hamza Fodderwala:

I'll try to speak a little more slowly. Maybe just on the consolidation theme, sticking to that. One, just from a macro standpoint, I'm wondering if you're hearing anything different from customers around how they're thinking about the spending environment? And in relation to that, given the macro pressures on IT budgets more broadly, are you seeing more of a willingness to want to consolidate to fewer vendors as opposed to multiple different point products?

Clay Bilby:

Next is Fatima Boolani from Citigroup.

Dipak Golechha:

A couple of different questions there, Fatima. Thanks for the question. So overall, I would say, let me just start off with the billings growth was really quite widespread. Our contract durations have remained roughly at around 3 years. They've been around that time. At any one given quarter, they can change a little bit like a month or 2, not significant. So it's possible that we get a little bit of, which was the last year's fluctuation versus this year. But overall, it was very broad-based and we're not seeing really many issues related to that. With respect to the PANFS, I think we've had that in place for a while. We're roughly at the same level of exposure that we've had before. It's not massively growing. Nothing is really changing significantly on that. So I don't think that's an unpacked like reconciling item. It really is like strength of the overall business. And sorry, just remind me the third part of your question.

Dipak Golechha:

Yes. No. So we track our discounts obviously very, very closely. We haven't really seen anything particularly significant in our discount changes either. So I would say that as you unpack the model, it really becomes pretty clear that it's broad-based growth.

Brian Essex:

Great. Congrats on some nice results for me as well. I have a bit of a bean-counting question as well. Maybe for Dipak. Could you help us understand a little bit what's going on, on the cost side of the equation? Really great job in this environment delivering on the operating margin side. So I guess from a gross margin perspective, impact of pricing increases and then from an OpEx perspective, where is it that you're getting better cost control measures? And how sustainable are they?

Brian Essex:

Got it. And a lot of that is sustainable? I mean, in T&E, I would imagine it would be relatively flexible. But how much are you going back for sustainable cost measures?

Clay Bilby:

The next is Gray Powell from BTIG followed by Saket Kalia.

Nikesh Arora:

Gray, first of all, we said this last quarter. We have been positively surprised by the growth in product, obviously. And Lee has a very interesting explanation on why people need more firewalls as their Internet traffic grows. And I'll let him speak to it because otherwise, he won't come to these calls. He told me that. But before he does that, look, we are seeing the Gen 3, Gen 4 evals causing people to go through a refresh cycle, which typically lasts 12 to 18 months when it's in full flow and it's not yet in full flow. As we highlighted, the market share changes, but there are people in our industry who are not able to keep up to 12 to 18 weeks of supply chain and sort of deliver firewalls. We have seen certain isolated incidents where customers have drawn up POs for some of our competitors and chosen Palo Alto Networks because we have product and others are not able to do that, which the best way to measure that is through market share gains. And these market share gains are here to stay. They're not going to go away because you're buying something which has a 6 to 7-year life and you're basically making a technology decision to switch to Palo Alto Networks. So I think the combination of market share gains, the refresh cycle, the increased volume. And Lee, do you want to give your explanation?

Nikesh Arora:

I'll give you an example. We're primarily in the cloud with our capabilities, but...

Nikesh Arora:

So despite us moving to the cloud, we've had to upgrade our firewalls in our headquarters.

Clay Bilby:

Next question from Saket Kalia of Barclays followed by Michael Turits.

Nikesh Arora:

Well, Saket, thanks for your question. You've seen we share our NGS billing ARR with you. So it's quite transparent. And you see that, that number at that scale continues to grow in the 50%, 60% range, which is clearly a big contributor to our billings. Our product being at 20% also contributes to billings. We've highlighted that Cortex hit $500 million ARR in that number. So clearly, it's reached a milestone for us in that entire mix. And as you rightfully identified, we have now 10 subscriptions that we run. When I came 3 years ago, we used to have 4. So clearly, you should expect that there is a significant attach that is going on, which will persist as we continue to sell hardware in the current growth rates that we are. So higher growth rate of hardware drives more subscription and services which with a higher attach ends up giving a nice lift on our billings.

Michael Turits:

Great. So I think, Dipak, I'll ask you on the labor and wage front. Given the shortages out there on that side, we've seen some large corporations, some have hiring freezes, some are raising wages for their existing customers. So A, how are you doing in terms of hiring as many people that you need? And then B, what exactly are you doing in order to maintain costs in that increasing wage environment around skilled labor?

Michael Turits:

Thanks for answering, Nikesh. Lee, hit you on product, but Gray got you first, so I thought I'd hit Dipak, but thanks for answering.

Dipak Golechha:

I'll just add one comment maybe to the overall is like wages is one factor that people look at when they choose a company. We've recently had a Welcome Home program. I think a couple of quarters ago, we actually showed you guys a video of it. And that's been remarkably successful. We find a lot of people that will leave realize that the culture of the company is equally as important as what was potentially short-term gains when they leave. Yes. Well, a lot more important ultimately than the gains and then the grass is not always greener. We've had remarkable success bringing them back, and we'll continue to do that.

Roger Boyd:

Congrats on the quarter. Just going back to the macro conversation. I think you noted a couple of larger deals in EMEA. Just curious of any commentary on what you're seeing around sales cycles and any sense of whether maybe you're pulling forward some demand given the threat environment?

Clay Bilby:

All right. And next, we've got Andy Nowinski from Wells Fargo followed by Rob Owens.

Nikesh Arora:

Andy, I look at it from the other side of the lens. The other side of the lens says, we had a great quarter. We're upping guidance across the board for Q4. We're upping guidance across the board for the full fiscal year way ahead of what we had promised to the markets in our Analyst Day not too long ago, and that seems to be a wonderful story and a happy place to be.

Rob Owens:

Great. I was wondering if you could drill down a little bit into some of the supply chain advantages that you've alluded to both in the prepared script as well as Q&A here. Where do you see an advantage? How sustainable is it as well?

Dipak Golechha:

So if I can just add like, the only thing that I would add is like, a lot of it just comes down to the people and the quality of the execution and discipline of the people. And that's really been like, I think, across the board, the execution across pretty much every part of our portfolio is what we feel most proud of and what gives us the most confidence in our guidance going forward.

Jonathan Ho :

One question for Lee to make sure he keeps coming on to these calls. How should we think about the pace of adoption for Prisma Cloud? And are you seeing any specific drivers emerge there to drive some of this accelerated demand?

Nikesh Arora:

Thanks, Jonathan, for keeping him busy.

Clay Bilby:

All right. Thanks, folks, for sticking with one question. Our next, a question from Matt Hedberg of RBC followed by Ben Bollin.

Lee Klarich:

Yes. Great question, Matt. I'll actually reverse what you said. The first key value that customers are realizing in that shortage is being able to adopt security on top of platforms has a significant benefit toward the ease with which it can be operationalized. And so that actually is the starting point. Automation then becomes a layer on top of that where the remaining manual workflows then start to go through cycles of, what are the most repetitive tasks, how do we put those through an automation workflow engine like XSOAR and build that muscle of recognizing manual workflows, automating and then finding the next manual workflows and automating those. I'll give you an example within our own IT organization. We track this. We actually quantify every quarter the number of hours that we've been able to automate. A typical quarter for us, we will automate an incremental 30,000 hours of manual repetitive tasks. And it's not so much about the savings, it's about being able to then reallocate that focus toward new, high-value tasks that people need to accomplish.

Ben Bollin:

Dipak or Nikesh, I was hoping you could quantify the impact of supply chain you think was left on the table in the quarter and how you think about that in guidance? And any longer-term thoughts you have on how your strategy around supply chain has evolved or has changed because of what we've seen over the last several quarters?

Ben Bollin:

It does.

Adam Tindle:

Okay. Nikesh, you alluded to a GAAP profit in the near future in your prepared comments. And just wanted to challenge this but admit it's double talk since it's part of my thesis. But as I question myself, why is now the time to show GAAP profit and leverage? The flip side is, you're seeing momentum across almost all metrics. You could step on the gas even further and go to market given the portfolio is winning. You're having success in hiring yet human capital is scarce. And your R&D engine has developed products that are clearly showing differentiation. And Dipak, if you wanted to add any comments to that because there's some level of substituting this for increased cash margin in the future. So what to do with the incremental cash that has a better ROI than a more aggressive internal investment strategy?

Dipak Golechha:

Look, I think it's a world-class problem to have, but I think I'm just going to echo what Nikesh said. I think everything in balance and then we really let total shareholder return and the ROI determine what we do within the boundaries of what we've committed to.

Brent Thill:

Nikesh, on the G4 refresh cycle, you mentioned it's early days. Is there a percentage through this you'd put on at 20%, 30%? Is there an easy ballpark you can give us on where you're at through that right now?

Lee Klarich :

Yes. It's a great question. It's a low number. Remember, the biggest chunk of the Gen 4 hardware was just introduced about 3 months ago toward the end of February. So the first round was June of last year, but the broader set of platforms actually was just a few months ago. So we're very much early innings on this. We've seen very good early adoption and interest from customers. And as Nikesh said, these refreshes are 12, 18, 24 months in nature.

Nikesh Arora:

Look, I just want to say thank you to our employees, our partners, our customers for allowing us to be both their cybersecurity partners, of our employees for doing a phenomenal job all around the world. And I also want to thank you for taking the time. See you guys next quarter.

Nikesh Arora:

Thank you, Clay. Good afternoon and thank you everyone for joining us today for our earnings call. As you've seen by our results, we released, we had an exceptional Q2. We continue to accelerate the growth of our business in line with our stated direction of fiscal year 2022, being the year of focused execution. First, let's talk about the market and the trends we're seeing. Firstly, we continue to see a strong demand for cyber security. We have not seen any changes in the IT spending patterns of our customers or a slowdown in companies investing in IT systems to drive competitive advantage. On the contrary, we see acceleration around trends associated with the shift to the cloud, as well as continued efforts to redefine network architectures, to enable employees to work effectively from anywhere, a trend which has been bolstered by the pandemic and we continue to believe we are still in the early innings here. Both these factors underpin continued demand for cybersecurity services. Secondly, we continue to see an evolving and complicated threat landscape. We have highlighted in the past that cybersecurity is at the front and center of all conversations around risks and threats at companies as well as nation and state levels. We believe cybersecurity will continue to become more and more relevant and important. With increased alliance on technology in the prevalence of cyber-attacks, there is an ability to disrupt businesses and critical systems making cybersecurity an area that will need continued focused investment. In addition to industry specific trends, we're seeing a trend that is unique to Palo Alto Networks. Given our investments in the areas and continued relevance across multiple platforms and needs of our customers, we're having more and more significant partnership conversations, which encompass the entire Palo Alto Networks offering. Whilst early, we believe this is the true differentiation that Palo Alto Networks provides both best of breed and integrated security that works. Thirdly, our continued focus and execution. This focus is bearing fruit as we execute multiple dimensions across our business. Execution from our product teams means continuing our rapid pace of integrated platform delivery. We will talk about the innovation across our platforms, but to highlight just today, we unveiled our XSIAM product, which is poised to reimagine security operation centers and truly deploy technology to resolve cyberattacks in real time. Execution from our go-to-market teams means focusing on the broader customer-driven priority of helping them significantly improve their cybersecurity posture. This is demonstrated by the multi-platform large deal commitments we're beginning to see. Execution from our supply chain team means we are able to work with our suppliers in this tough environment to deliver critical security appliances to our customers. We had to balance some of the increased costs of price increases as an offset, but we have been able to keep these increases modest in comparison to our peers. Execution from our people leaders means despite this being a hot market for great talent, we're able to attract and retain the best minds in cybersecurity. As you saw in the opening of the call, we launched a Welcome Home Program to welcome back employees that had left our company. We have seen good initial success here. Let's take a quick look at some of the outcomes caused by the focus and execution. In Q2, revenue was up 30% while the leading billing and RPO metrics up 32% and 36% respectively. We're building a more predictable business model. Our CRPO balance of $3.4 billion gives us significant visibility into our next 12 months revenue. Next-generation security or NGS ARR finished Q2 at $1.43 billion. As we hit our midyear point, we have greater confidence that our strategy is working, which is driving us to make further investments in these businesses. At the same time, we continue to transform our core network security business with a software mix within our Firewall as a Platform billings came in at 40% up five points versus last year. We drove these strong top-line results while balancing non-GAAP profitability even as we absorbed some incremental expenses from supply chain challenges. Operating income grew 20% and adjust to free cash grew 33%. We outperformed our non-GAAP EPS guidance midpoint by $0.09. For a number of quarters we've talked about our large deal momentum. To accelerate these results as we exited fiscal 2021, we layered on a sales strategy to elevate our focus and drive efficiency in our largest opportunities. With a growing portfolio of products across the platforms, making large deal selling repeatable process is core to our sustaining and accelerated growth trajectory. With BJ Jenkins, signaling the leadership role for our broader sales organization, you had an ability to increase management attention on the largest deals in the form of Amit Singh, our CBO. We're pleased with the results we have seen in the first half of the year. These deeper multi-platform relationships are win-win for Palo Alto networks and our customers. As a Testament to this, at the end of Q2, 47% of our Global 2000 customers use products from all three of our platforms up from 38% a year ago. In Q2, we closed 221 seven-figure transactions, including three transactions over $20 million. Our millionaire customers were 1077 in Q2, up 26% year-over-year. Our combined rate of growth in millionaire customers, as well as an increase in size of our large deals has helped us sustain the accelerated level of growth we've seen over the last several quarters. In all, for the strong quarter I want to thank our global teams for their strong execution across the board. Driving these results are the transformation of our firewall business and our focus on capturing the growth in next-generation security. In particular this quarter, our strengths were well balanced in both of these. Let's do a quick review of our progress across our three platforms. As you know, we have them design modularly, so the customers can initiate their partnership journey with Palo Alto Networks, whatever their current need is. But over time, we work with them to both expand across any one of our platforms, and also work with them to adopt our other platforms in line with their plants. At the heart of our three-platform strategy is innovation. This is a fuel for our growth, especially in next-generation security, where we play in markets that are early in their life cycle. In the first half of fiscal year, 2022, we had 22 major product releases, which is equal to all the releases we had in the full year of fiscal 2020. Even more impressive is that this quarter, marks the end of all, integrations of our acquired businesses over the last few years, i.e. all of our products are now seamlessly integrated and can have organic development continue on them. We were also pleased to receive two new industry awards, adding one in developer security tools and other in secure web gateway. We now have a leadership position in ten categories. Focusing first in our firewall business, we’re continuing to refresh our platform. And just last week, we announced two more new families with the PA-3400 and PA-5400. These new generation four platforms have industry-leading performance on real world encrypted traffic using our single pass architecture and performance that is 3 times faster than similar Gen 3 appliances. We also rolled out PAN-OS 10.2 Nebula release, which adds significant new capability in using machine learning to stop the current generation of highly malicious attacks in line. This capability powers our recently released advanced URL and new advanced threat prevention subscriptions, as well as brings significant enhancements to the capability of our DNS security subscription. We added the industries first integrated AIOps to our next generation firewalls. Our 10 subscription added to the firewall family. This capability assists customers to prevent firewall misconfigurations and proactively addresses performance issues before the impact customer networks. We were pleased with our ability to grow our product revenues at 21%. This contributed to our Q2 revenue upside and was the head of our guided mid-teens growth for the full year, which we will be raising. Our teams work tirelessly during Q2 to ensure we could fulfill product demands to customers as quickly as possible while also navigating through Gen 3 to Gen 4 refresh. We didn’t see demand for our next generation firewall appliances outstrip our ability to ship in the quarter and this is reflected in the growing RPO I spoke about earlier. Strong security demand, innovations we are bringing to customers such as our Nebula release as well as customer appetite for our Gen 4 gives us strong conviction and sustained product demand into fiscal year 2023. Next, I want to spend some time in our NGS business. This is one where our teams have done work, which I personally believe has not been done in the cybersecurity industry before. And this is what makes Palo Alto Networks special. We have built a formidable set of services, which are cloud first, and these services are resonating with our customers. This success is truly driven by us working with our customers to anticipate their challenges, delivering best-of-breed solutions in an integrated fashion whilst continuing to focus on security outcomes. This has resulted in us building an NGS, ARR stream of $1.43 billion driven by billings growth to 79% in NGS. Diving deeper into SASE, which has been a strong contributor to NGS. We continue to see strong uptake from our existing customers. We’re also seeing marque new customer wins, which are reflected in our current customer count of 19,083, which is up 62%. A recent report from the IT industry analyst enterprise strategy group noted that 78% of organizations have begun or are planning SASE implementations. We see this mirrored in our customer conversations where hybrid work is now the way many of these companies are planning and supporting the future work. We are pleased to against stand on Okta’s Business at Work report, where we were identified as a leading provider of remote access solutions. We’re seeing SASE emerge as a key platform for our customers. With these customers, looking to Prisma SASE to deploy DG capabilities. We rolled out integrated CASB within Prisma Access 2.0, including a new capability around inline DLP for SaaS, and in particular collaboration and applications. We continue to see success attaching autonomous digital experience management or ADEM as an upsell in Prisma Access as customers rely more on SASE as a foundation of the network architecture. On the cloud front, we’re seeing mainstream adoption of hyperscale public cloud in our customer base, as well as an acceleration and production workflows. This is driving sustained strength we’re seeing from Prisma Cloud. Four years ago, we made it a conscious strategy to be a first mover with multiple big bets to proactively invest or believe the future of security was going. Our pivot began with several acquisitions targeting companies with the best technologies. We developed a unique go-to market approach, allowing us to promote future modules as part of an integrated offering. We’re seeing tremendous success with this approach. While our active customers grew 21% to 1,810 in Q2, we saw north of 56% growth and credit consumptions driven both by increased adoption on the cloud by our customers and their continued adoption of more security modules in Prisma Cloud. While our two core modules, cloud security posture management and cloud workload protection are mainstream within most of our customer base. We’re seeing an increased adoption of three and more modules. There are two areas I would like to highlight in Prisma Cloud to support. First, the launch of cloud code security, and second, the launch of agentless scanning. Approximately one year ago, we acquired Bridgecrew, which has strong early attraction in DevSecOps enabling security to be shifted left into the software development life cycle. This addresses security problems before they are created in production deployments and is far more efficient. A single deployment template can be propagated hundreds of times. There are multiple vulnerabilities in the code; each deployment could create hundreds of security events even once in production. Bridgecrew had significant traction with its checkout open-source tool, momentum that has significantly accelerated since its acquisition closed, and downloads are up to 5 times year-over-year. Building on the Bridgecrew technology, in Q2, we released our fifth Prisma Cloud pillar, cloud code security, which is part of our 3.0 release. Our stand-alone Bridgecrew product has about 70 customers. We’re pleased to see DevSecOps customer momentum building as Prisma Cloud customers adopt cloud code security to several weeks after its integrated releases into our platform. Let’s talk about agentless scanning. You’ve seen a number of smaller provider focused on small initiatives in cloud-native security, providing only agentless scanning is one of them. What we hear clearly from a customer is that they want a platform approach to cloud security, which offers the flexibility of both agent and agentless scanning, depending on their architecture and security needs. Towards this end, our teams rallied and delivered agentless scanning in record time. This makes sure that our customers can deploy either approach via the integrated platform that is Prisma Cloud. Now turning to Cortex, our endpoint security, security analytics and automation solutions. We continue to see significant customer demand for automation and security as threat data and volume security events grow at exponential rates. The human-only approach to interpreting data and responding to events is not keeping pace. We’re seeing strong customer adoption of our market-leading technologies across XDR, XSOAR and Xpanse. Total customers across XDR Pro and XSOAR reached 3,232 and increased over 69%. Q2 was a strong quarter for new customers, both those that are brand-new to Palo Alto Networks and also cross-sells to Cortex. We also saw acute strength across all of our geographies for Cortex. At our Ignite event last November, we launched our managed partnership program, XMDR, and we continue to see partners join the program to further align the opportunity across our Cortex portfolio. We now have 27 partners there and have a strong pipeline of interest of partners working through the certification process. Core to our growing success with Cortex is the innovation investments we have made over the last years in XDR, XSOAR and Xpanse with market-leading capabilities in each. Shortly after leasing XDR 3.0 in Q1 to enable cloud detection response, we release XDR 3.0 – 3.1 in Q2 to further enhance our cloud asset visibility and insights. Q2 also marked the release of our intelligence modules for XSOAR providing end-to-end railroad certain intelligence to identify and discover new malware familiar – families or campaigns or attack techniques that are related to security incidents. This morning, we announced our Cortex extended security intelligence and automation management, or XSIAM, platform and shared our vision to provide an autonomous cybersecurity solution as a modern alternative to SIEM solutions. We believe security operations teams have an urgent threat detection remediation problem, and only by leaning into a natively AI-driven platform, we will be able to bring down response times from hours and days to seconds and minutes. We’re on a mission to revolutionize how data analytics and automation is leveraged in cybersecurity, and XSIAM is a product of years of research and development we’ve been doing in this area. XSIAM is currently available to a limited number of customers that will be broadly available later this year. In summary, I am very pleased with our Q2 results. We both continue to benefit from strength in our core next-generation firewall business and is a strong sign of our future growth prospects, significant strength across our next-generation security portfolio. This balanced performance is a hallmark of our long-term strategy to drive durable growth. On the back of this trend and based on what we’re seeing in our pipeline heading into the second half of fiscal year 2022, we are raising our total revenue, product revenue and total billings guidance for the year. Within this top line, given our confidence in both our pipeline and our sales execution NGS, we’re also raising NGS ARR for the year. Lastly, we’re delivering this top line while we continue to make significant investments in our business for future growth. We not only continue to see strong near-term demand but also strong medium-term trends in cybersecurity, fueled by underlying spend in IT spending and secular trends like hybrid work and cloud-native adoption. We have aligned investments both to building sales capacity for fiscal year 2023 as well as medium-term investments and product capability. These investments have been made while also absorbing unexpected supply chain-related costs this year. Despite this, we have been able to deliver upside to our non-GAAP EPS forecast so far this year. We're lifting our non-GAAP EPS guidance here, reflecting much of the upside resulting in Q2. With that, I will turn the call over Dipak to go into more detail in the Q2 performance of our guidance.

A - Clay Bilby:

Great. Thank you, Dipak. [Operator Instructions] The first question is coming from Saket Kalia of Barclays with Tal Liani of BofA to follow.

Nikesh Arora:

Well, thank you, Saket. Thanks for the question. Look, when I came to Palo Alto Networks, our mean time to respond at Palo Alto Networks was measured into days. And for someone who did not work in the security industry, I found that a little flabbergasting because if it takes tens of days to figure out that you've been breached and all you're doing is closing the door after somebody is gone. So we challenged our team internally, said can you take that and turn that into seconds or minutes because that's the only way we're going to have a chance to be able to protect not just ourselves, but our customers in the future. That required us internally revamp from having north of, I'd say 15 to 20 other security vendors even in our infrastructure down to less than 10 because there are some areas, as we don't play in cybersecurity. But that coupled with automation, with data analytics; we're down at Palo Alto Networks just under one-minute as a mean time to resolution, which is how we can resolve Log4j within our company or SolarWinds within our company. And I think that's the capability that customers need. And we did a phenomenal job just in his video where he says, look, you take a car and you had adaptive control, you add park lane assist. You add all those features to an old car or is an a new car, but doors between around 20 years that doesn't make it an autonomous vehicle. You have to start from scratch. You have to build the software to build analyzing data and that's kind of the right analogy to think about it. The future of protecting our customers will have to depend on being able to analyze data on the fly, immediate on the fly, not wait for humans to analyze it and come back 10 days later and say now I know what happened. So towards that end we have launched XSIAM, it is an early release working with a handful of design partners to work with them to go replace to security infrastructure and align with what we've done at Palo Alto that allow us to learn and to build with them, but we expect this product will be GA-ed later in the year, really excited. The way it leverages our portfolio is we can do it quickly if you're using Palo Alto appliances, Palo Alto firewalls, Palo Alto endpoints. We can do a Palo Alto Prisma Cloud is an easy thing to do for us. We also integrate with other security vendors but obviously the quality of data becomes suspect as you keep going on to more and more legacy security technologies

Clay Bilby:

And our next question comes from Tal Liani of Bank of America, with Brian Essex next. Please proceed.

Nikesh Arora:

Let me start with the second. I'll hand over to Dipak to answer your question on the balance sheet and add to my answer. Look, when I came, we bought a bunch of companies. And the way we bought them was we unvested the founders from their equity and their companies and revested them with Palo Alto stock over a period of four years. That was the only way we could secure the talent of all these founders of the companies we bought. So a significant part of our SBC is the embedded M&A cost of retaining founders. As you've noticed, we have not done any significant M&A in the last two or three quarters. As that begins to roll off, you will see a step change down in our SBC when all those acquisitions begin to roll off. Obviously, the earliest ones will start rolling off in about another six months. And then over the next year or so, 1.5 years, you'll see significant rollout. So that should show you that. In addition to that, as Dipak highlighted we are working hard to make sure that the normal SBC continues to be managed down. And of course, as you know, as a percent of revenue, if revenue keeps going up, it also acts as a benefit towards that direction. So we will talk more about what our forecast to achieve GAAP profitability as we lap Q4 this year because we'll have more visibility on the M&A stuff, but I will let Dipak add to that and as well talk about the balance sheet item.

Clay Bilby:

All right. Great. Thank you. And the next question comes from Brian Essex of Goldman Sachs with Hamza Fodderwala up next. Brian, please proceed.

Nikesh Arora:

Great question, Brian. So two parts; one, as you probably heard from everyone in the industry who's in the hardware business, demand is outstripping supply. I suspect it partly has to do with supply, partly has to go volumes going up at a pandemic, inflation expectations. So we don't have to do a lot on sales incentives to die with more hardware. We have customers who would like their hardware delivered sooner than later. So we are seeing demand. And as I said, our ability to supply despite the 21% growth, still demand outstrip that 21% number, which is why you see our RPO continuing to rise. So I think that's your answer to the first part. In terms of the ability for us to leverage hardware, and I'll highlight a metric we shared last time, that 25% of our customers in SASE are – were net new to Palo Alto last quarter. We haven't declared that number this quarter, but that gives you a sense. And typically, those conversations, Brian, are hey, while I love your security platform, I love your security policy, I'd like to deploy it, but my firewalls are still around, and they have two, three years more to go. In that case, we end up with a SASE deal with the expectation that over time, when that customer consolidates their firewall, it gets to be a Palo Alto, end-to-end Zero Trust execution because the only way to do Zero Trust right is to make sure your hardware, your cloud and your remote users are all consistent in terms of security policies used. From that perspective, we see an opportunity to take hardware and further consolidate. In some cases its customers going from two hardware vendors to one. In some cases, its customers doing a replacement of some other hardware vendor with Palo Alto networks because now they already deployed SASE in their environment. So we see all of that happening. And one of the beautiful features some of the subscriptions I laid out, whether it's autonomous monitoring or AIOps or DNS Security or filtering, et cetera, we can make that happen consistently for our customers across both platforms. So, in that perspective, they already see the benefits of deploying that on a consistent basis.