Palo Alto Networks, Inc. (NASDAQ:PANW) Morgan Stanley Technology, Media & Telecom Conference Call March 5, 2024 2:45 PM ET
Company Participants
Nikesh Arora – Chief Executive Officer and Chairman
Conference Call Participants
Hamza Fodderwala – Morgan Stanley
Hamza Fodderwala
Good morning, or almost good afternoon, everybody. I hope you’re doing well. My name is Hamza Fodderwala. I’m the cybersecurity analyst here at Morgan Stanley. And with me this afternoon, we have Mr. Nikesh Arora, Chairman and CEO of Palo Alto Networks.
Nikesh, thank you so much for joining.
Nikesh Arora
Thank you for having me.
Hamza Fodderwala
All right. Great. So before I begin, just a brief programming note. For important disclosures, please see the Morgan Stanley research disclosure website at www.morganstanley.com/researchdisclosures.
With that, Nikesh, let’s dive right into it. So I think you set up here five or six years ago, and you wanted to go on this journey of building the first evergreen cybersecurity platform. If you look at what’s happened over the last five years, the revenue base has gone up multiple times. Market cap has, I think, almost 5x. The $100 billion or as of the yesterday’s close at least. And you’re a leader in over 20 categories, whereas five years ago, you were largely in firewalls. It seems like now there’s a little bit more skepticism now.
Nikesh Arora
There should have been skepticism then.
Hamza Fodderwala
So I’m curious, just one takes off on the last five years, and what do you think you have to do for the next five years to maintain this sort of evergreen platform strategy?
Nikesh Arora
Well, first of all, thank you for having me. And yes, five years ago, we set out on a — the journey to see if we could actually adjust the paradigm in cybersecurity to see if companies can survive for longer. And we have 2% market share industry that spends close to 200% dollars a year, possibly have 5% or 6% now in that market.
The question now really is it’s not a product innovation question for us anymore, which is what the big challenge then was. We went out and acquired about 19 companies in the last five years because we have technical debt. There are companies out there who had better products in certain categories than us. We bridge that gap, as you highlighted, about 20-plus categories where we lead. And the real question now is how do you take that? And how do you get every customer to buy the entire platform in three of the categories we play in? Which is cloud security, network security, and SOC. So over the last five years, we have been able to insert ourselves and get them to buy one or two out of the four or five things in each platform.
Now the question is how do I go in and get the person who has one to go to five, who has two go to five or go ahead and sell the entire five together, because we believe at this point in time, we’re uniquely positioned to be able to do that. In network security, for example, nobody has SASE, SD-WAN, hardware firewalls, software firewalls, cloud firewalls in one integrated capability. There are people who are doing really well in certain categories, but nobody has the entire cabin. Take the case in SOC, we can do that. So we think we have a competitive advantage at this point in time across the three platforms and now is the time to strike.
Hamza Fodderwala
Maybe just to go back to the last earnings call two weeks ago now. So you had to cut the guidance, the billings guidance by about $600 million, over half of that was because of some weakness in the Fed. And then I think the remaining 40%, 50% of that was this new platformization strategy. One is, is my characterization correct?
Nikesh Arora
I’d like to be more optimistic on that, but you start off — any sentence that just cut something in the financial it doesn’t sound good. But other than that, cut cost sound good, but guidance doesn’t sound good. We accelerated our platformization strategy. If you want to grow to be a bigger company in a certain period of time. And given you guys are strong long-term investors who want to start to double or triple in the long term, I’m sure you all appreciate that.
Hamza Fodderwala
Fair enough. But this is going around the Fed side of things. What was the reasoning there? Because, I mean from what we hear just more broadly from the federal vertical is there’s a lot of focus on cybersecurity. So why the weakness in Palo, I guess?
Nikesh Arora
Well, there are — let me parse that out for you. First, there is no problem with demand. Cybersecurity demand continues. If you read the newspaper or whatever you read, you see every day, there’s a new sort of breach out there. There is more activity. There are nation states who are constantly on the offensive. So the demand function is not going to abate. The question is, for us, the two things that we said. One, to drive this notion of going from one or two products in a category to having a platform approach or a platform sale, which eventually gets to a better security outcome for our customers, we have to get aggressive in the market.
And part of that is accelerating the customers, being able to transition from some legacy vendors and you can decide who the legacy vendors are. But every customer has some vendor that they would like to transition off of. And we go ahead and say, “Look, we can help you transition as long as you’re adopting or adapting to our platform approach. So that’s kind of one part of it. We sacrifice short-term billings or short-term revenue in the interest of longer-term growth and more growth in the future. The other part was very specific to Palo Alto, where we had certain aspirations of staffing on a certain key contract that we were working on with the federal government which did materialize. So we had to decide to de-risk our numbers from that contract, so we took it out.
Hamza Fodderwala
Got it. So what was the thought behind saying the words spending fatigue, because obviously, demand is strong. So I think someone might just want to clarify?
Nikesh Arora
I think that’s [indiscernible]. There’s cybersecurity spending fatigue. Now you have to get it in context. Demand continues to grow bad, things continue to happen at a faster and faster pace. But customers buy more and more cybersecurity, cybersecurity spend goes up about 5% to 8% a year, and will continue to do so. But they’re getting frustrated. They’re getting frustrated because they’re getting breached more. They’re less secure, [indiscernible] are being held accounted by the SEC. There’s possibly one of them might go with jail. So there is frustration. I spend more money. I try and get the right thing done from our organization, yet I don’t get the outcome, but the spend is there. So fatigue in the context of spending more money and not getting the outcome. Not in the context of I’m done spending. That’s not a choice.
Hamza Fodderwala
Fair enough. On the platformization strategy, so obviously, you’re trying to accelerate your ability to consolidate with your customers. I know you’ve gotten this question a lot, but why double down this now? Why called this out on your last earnings call?
Nikesh Arora
Well, look, as you know, about six months ago, I signed up another five years with Palo Alto. And as I did five years ago, I sat down and looked at the business, looked at the fundamental and say, where do you go from here? And I’m with the firm belief what got you here is not going to get you there. And we seem to be doing really well right now. Now is the time if you want to make big moves now is the time to do it with a three to five year horizon in mind.
So I spent the last six months reviewing so far I’ve gotten to 300. I intend to get to 2,000. I sit in my conference room and every rep has to dial in and explain to me exactly what they’re going to do with each account. Quite eliminating, by the way. I would still people in enterprise don’t do that. But since I don’t usually do enterprise in life, that’s fine. So I went through the first 300 customers so far, and I discover a lot of interesting things. A lot of customers have some part of our platform from Palo Alto. A lot of customers are either in one category or two or three from a platform perspective. There’s lots of room.
So we started sort of expanding that sort of scope and now, we do them possibly another 15, 20 this Friday. We do them once or twice a week, 500 reps dial in to watch how this thing goes and then they go prepared, and they do this. So I learned in that process that we’re not pitching to our potential in every account. We should be stepping up. And then I figured out the key detractors are customers are stuck in legacy vendors, customers are scared of executing a transition because cybersecurity sort of is not simple as complicated. So we have to do different things. And that different things involves going in, giving them transition support, going in, helping take off the economic risk on the table. That’s what we decided to do.
And now because — why not now? The longer I wait, look, when there’s a profitable strategy that is being executed by one vendor, you get about two, three years of a competitive advantage. Eventually, we all flock to whatever strategy is working. If you look in the history of cybersecurity, any company that has run really well for three to five years on a growth trajectory. All of us go try and converge on them, trying to take their business. You can have — other people splitting up here you’ll see they’re all chasing each other and trying to get into their sort of profit pools.
So for now, we believe we have a competitive advantage. We should go out and go execute against it.
Hamza Fodderwala
So there’s three different areas where you’re trying to platformize, so I read your LinkedIn post last week and some of the comments.
Nikesh Arora
One out of three. I have two more, but [indiscernible].
Hamza Fodderwala
I’m looking for a [indiscernible].
Nikesh Arora
Based on that little bit. Yes.
Hamza Fodderwala
Okay. How is this different from traditional bundling and discounting? Just walk us through how it works, how you’re trying to ease switching costs for customers, et cetera?
Nikesh Arora
I apologize. People having lunch. You’re asking a question. It’s just going to bore them to hear, but I’ll try and answer it. You want me do it. All right. Okay.
Hamza Fodderwala
Please. Yes. Or you can read this LinkedIn post.
Nikesh Arora
This is a setup for me. I apologize.
Hamza Fodderwala
Yes.
Nikesh Arora
Okay. Got it. This is totally different than bundling that’s what we say it. Okay. So bundling is the economic bundle. You say if you buy one thing from me, you buy the second thing, you can buy the third thing is for free or as part of the deal, you have to go spend it freely. Cybersecurity sort of works differently because Chief Security Officers and CIOs they don’t get in trouble of buying the best in a category. You go, you buy something in the top right of the Magic Court and Gartner, you don’t get into trouble.
But for us, it’s different because we actually have to prove the value of these things working together because the customer already has the other use case. They have perhaps three or four vendors or five vendors doing network security. If I can show that I am better, cheaper, faster and more effective in my Stitch platform approach, then there is something to talk about. So for us, this is about actually going and demonstrating value from the integration as opposed to creating an economic construct. It’s actually — the economic construct hasn’t changed for us. The economic construct is still the same. You consume, you pay. We don’t give away a whole bunch of stuff all you can eat for free. This is not a buffet. So you have to pay for what you consume in our platform. But the key is kind of demonstrate the value of my platform that’s why it’s kind of differs from the traditional enterprise bundling approach where you’ve got everything as part of the big license. I don’t really care what you eat, what you don’t. I get paid. We don’t do that. Is that helpful?
Hamza Fodderwala
Maybe this is — just go into some specific examples. So the average enterprise is using 50 to 100 different security tools. So you’ve got three platforms that you’re selling. There’s the network security, SASE side there’s a stock automation that security operations center and then there’s the cloud security side. This is — again, the platformization strategy is not necessarily new. It just seems like you’re doubling down on it. Can you give us any examples where you’ve launched this effort in the last six to 12 months and where it’s been successful?
Nikesh Arora
Yes. So look, we have — we didn’t — we even it might seem like we ramped overnight. We didn’t. We have been trialing various things over the last six months, right? We’ve trialed — we bought an enterprise browser company called Talend, went to our customers. We were thinking about getting them to tested and charged for it. We decided to give it as part of the SASE product to try and get customers to consume it when it comes time to go for renewal, they’ll pay for it. But for now, we decided to feed the market with that. That became a very interesting approach. Large consulting company. They actually became a SASE customer first. They love what they saw. They expanded that to a global remit, now we power every one of their consultants off their laptops with Prisma Access they just replaced all their firewalls at Palo Alto because they wanted to see the benefit of what they get in remote access, in the data center.
So we ended up consolidating nine vendors into one platform for the consulting company, and that’s just one of our platforms. We haven’t done the second and third one. We’re in discussions with a large company. where we’re actually trialing out and saying, listen, we’ll give you soup-to-nut cloud security across the board, we’ll just indexes off of your cloud spend. So you don’t have to worry about what you use what you don’t use. You can use all of our cloud security products. It’s indexed off of your cloud spend. So you’ll always be able to manage it, but you get to consume or of cloud secure. So we are trialing out and executing on a whole bunch of these. What’s been fascinating in the last two weeks as much conversation that happened in your community about our platformization strategy?
More interestingly, our salespeople out there, 3,000 of them are coming back and say, all the customers want to talk about it. So clearly, there is some product market fit and resonance out of the market, the customers want to talk about platformization that they’ve all heard about it, they all read about it. And thank you very much for amplifying the message positively or negatively because they all — some of us seem to know that Palo Alto has embarked in this platformization approach. And our conversations are how do we get to platformize in our enterprise because we’re tired of the vendor sprawl.
Hamza Fodderwala
Yes. I mean the value of consolidation, I think, is clear in terms of cost, integration, et cetera. But I think the debate has been coming up around what is the right balance, right? There’s always been the spectrum of platform versus best-of-breed in cybersecurity. There’s been other companies that have tried to go this security super suite approach, Symantec, Cisco, et cetera, come to mind. Why is Palo Alto going to be successful, perhaps where others have not been?
Nikesh Arora
Look, we live in Silicon Valley. Every company that has been extremely successful has destroyed some legacy thinking, whether it’s Uber or [indiscernible] the other one. Whether it’s Uber or YouTube, you pick your favorite tech innovation, disruptive company. They all came up and challenged in existing thesis. So we’re not going to wake up every morning saying it happened everywhere, it will happen to us. We think the time is now because Nobody ever tried this with having great products in 21 categories.
In every other case, it was an economic bundling concept as trialed by enterprise security. We’re saying we’re going to have 20 great things. We’re going to make them work together. And we’ve demonstrated that all those 20 things sell on their own merit. It’s not like it sells only because it’s part of the bundle, it sells on its own merit. Now we’re saying, what if you could get it all to work together. If you go back and think about some of us who are older, 20 or 30 years ago, there was no concept of a CRM. Company had their own seven different applications that did some version of CRM. There’s no concept of an integrated HR system, an integrated financial system.
I remember I started my first job as the fidelity investments on the finance side, they have seven tools. Now you have an integrated financial system and you say, wow, that makes perfect sense, Oracle CRM or Salesforce or Workday for HR or ServiceNow. So why should that not happen to cybersecurity? What evidence do you have against it? That there’s not indeed where every company shouldn’t have to go build this themselves, hire hundreds of engineers and try and stitch this platform on an individual basis. It shouldn’t. The only problems have never been there before. So you presume it’s not going to be there in the future. We think it’s going to be there. It’s going to be us.
Hamza Fodderwala
Maybe the pushback to that would be the risk level is high. If you don’t buy the best solution out there in the market, you can get breached whereas that doesn’t exist in the ERP market, the CR market or what have you?
Nikesh Arora
There is no risk if you have a crap ERP system.
Hamza Fodderwala
I mean the risk level is not that you might get breached and ended up costing you tens of million dollars. I’m sure there’s some risk.
Nikesh Arora
You can’t ship product in time. You have a bad ERP system. Your top line go on, you guys murder them on the stock market. So there’s that risk. So there is a risk. I mean, yes, that’s why we got to prove our — we have to earn our place in that platform on individual merit for each category. We think the time is now. We’ve demonstrated we can go get 3,000 SASE customers in a span of two years against all the existing players that have been around for a long time. We’ve demonstrated we can get north of 6,000 XDR customers against all the existing XDR plays in the market. We’ve demonstrated we can have 40% market share, hardware firewalls, 50% market share and cloud firewalls in software firewalls. So we’ve demonstrated each of those categories we win in respect to whether they’re in part of a platform. Now what we’re trying to say, how do I create ubiquity across my customer base and try and focus them on an innovated platform approach or not.
Hamza Fodderwala
Last couple of questions on the platformization topic, I might open it up to the audience. So in each of these platform domains, network, SASE, cloud, there’s like 10 to 20 different products. Is the platformization strategy more to consolidate within those individual domains? Or would it be able to drive cross-pollination between those separate platforms?
Nikesh Arora
Look, it does drive cross-pollination, but this is where if you load everything into one thing then it becomes an either/or, that’s a riskier strategy. Since you’re talking about risk. So everybody understands the value, you have a cohesive network security platform. Everybody understands the value of a cohesive cloud platform and possibly a solid platform. And typically, in every organization, there are three distinct individuals or personals who buy those three things. Like there’s a Chief Security Officer running this log, there’s a CIO who’s responsible for the development.
There’s the CIO’s response or Chief Infrastructure Officer responsible network than network and network security. So we’ve gone from 21 capabilities to trying to focus people on three platforms. Maybe in a few years from now, when we’re sitting here, we might do that again, the second quarter of the fiscal year, five years, we’ll say, we’re going three-to-one, maybe that would be a good use case, but then we’ll be sitting in an [indiscernible] to see this, we are trying to consolidate them on these three platforms. And the idea is to make sure the customer doesn’t have to do the stitching.
Hamza Fodderwala
Okay. Correct. Just looking at sort of the impact to the guidance. So you talked about next quarter billings being in the low single-digit range, then back towards 10% by fiscal Q4, the July quarter. And then you’ve said in the back half of fiscal ’25 or the first half of calendar ’25, you’ll be back to a mid-to-high teen billing growth. So this is really going to be a 12-month headwind?
Nikesh Arora
Yes. But remember, if you think about it, if I’m trying to go to a customer and say, you’ve got legacy vendors, let me go take them out and deploy Palo Alto. And typically, our sweet spot will be people who got 12, 18 months left on their visiting contracts for us to go take them down, put a transition plan together. And hopefully, in 12 months we’re doing this, we’ll start lapping these two months that we’ve actually given away. So we should see typically, our deals right now are going to be first year free, pay me for a two, three, four, five. But at some point in time, the first three is going to go away, I was going to start getting paid for the deals I do now. So we expect there is a 12-month lap. That’s why we’ve said we come back after 12 months to the better trajectory than we have had in the past. But there’s going to be a 12-months period in which we’re going to be executing on this strategy. We’ll keep executing that after two, but we have a onetime 12-month adjustment around [indiscernible].
Hamza Fodderwala
Yes. And the key point really here is this is an account penetration strategy. So these are largely your existing customers who have shown a willingness to already consolidate Palo Alto. Not just any procurement?
Nikesh Arora
I think one of the things that — in financial terms, what happens this is fascinating is as we keep driving the strategy, we become a 90%, 85% to 90% recurring revenue company without calling it an ARR company, we become a software company because we traditionally came from the hardware background. When I came, I think 30% of our revenue is recurring in the 67% range now, they get to 80% to 90% recurring, without making a big [indiscernible] about turning into an ARR company. I don’t know if ARR are still popular around.
Hamza Fodderwala
I mean, last year, you said TCP is back in fashion.
Nikesh Arora
TCP is always back in fashion.
Hamza Fodderwala
Do you like cash upfront?
Nikesh Arora
I like cash up front, like TCP, I like RPO, all the other stuff is adjustable.
Question-and-Answer Session
Q – Hamza Fodderwala
Fair enough. Anybody in the audience have a question? We got one back here. Let’s wait for mic. Is anyone here with the mic? Okay. I guess we’ll wait for it. But we have a question here in the middle.
I’ll just move on to my next question. The other aspect, I think that’s been of some concern in relation to the billings revision, we’ll call it or call it a cut fine has been free cash flow, right? So a lot of the free cash flow is driven by three year upfront billing. So what gives you confidence that you can maintain this high 30% free cash flow margins that you put up?
Nikesh Arora
Look, the last five years, our annual billings as a proportion of our total billings has slowly been creeping up because people have been taking annual contracts. We have been financing a lot of deals with manifest just north of $1 billion. So eventually, that stuff has to get collected. So we have been possibly 25% to 30% of our billings now are annualized. And then that starts lapping, gives us, again, kind of like recurring revenue. We know that a lot of that is already being collected on a basis. So those things begin to lab. The other thing you’ve seen, we’ve driven a 1,000 basis point improvement in operating margin, which eventually falls to the cash flow line. So those things help. So that gives us comfort that on a cash flow basis, we’ll stay true to the mid-30s plus guidance we’ve given in the past.
Hamza Fodderwala
Got it. Maybe one quick follow-up on that. I think you also renegotiated your cloud contract with TCP. So any way to contextualize how that’s driving more savings?
Nikesh Arora
Well the more you spend, the cheaper you gets. Sort of like going shopping with your spouse. So we spent a lot of money in public cloud. And as a result, we’ve been able to negotiate a better deal which makes us more confident that we can sustain higher gross margins because eventually it’s the gross margin line, which means better operating margin, which gives us comfort on our operating margin guidance, which gives us comfort on our free cash flow guidance.
Hamza Fodderwala
Thank you for the math there. I appreciate it.
Nikesh Arora
[indiscernible] selling financially literate barely.
Hamza Fodderwala
We have a question there.
Unidentified Analyst
The question is for Nikesh around the $15 billion long-term target. Has your thinking in order to achieve that change with respect to M&A? Is that a very organic number or in the last six months, especially with this newer platformization approach. Do you have to be more aggressive and maybe front load the early years? Or how do you think about that? Thanks.
Nikesh Arora
That’s assuming normal activity and normal activity, if you look at our history in the last five years, has ranged anywhere between $500 million to $1 billion, $1.5 billion of M&A, which is mostly product innovation oriented as opposed to revenue oriented because for the most part, for us, we feel comfortable buying companies where we can take them, put them on our go-to-market machine integrate them technically and go out and sell them more of that. I struggle with buying things at 8x to 10x revenue multiples, giving them a premium that I basically spending next the year executing on the behalf of people who’ve got rich on those shares as opposed to my shareholders.
So unless I find something that is compelling strategically that we can actually take the two together and generate more value, I am generally cautious possibly the right word of looking at large deals. So yes, the $15 billion is assuming normal M&A activity, which we have been demonstrating for the last five years.
Hamza Fodderwala
We got question here.
Unidentified Analyst
Hi, so you spent about $600 million on Talend. And you’re now going to essentially bundle it with the SASE product. What should we read into the enterprise browser market based on that assumption? What strategic vision do you have for Talend given that strategy?
Nikesh Arora
Look, what’s fascinating is post the pandemic, it became abundantly clear that people want to access every app that their company offers from wherever they are, right? Whether you’re sitting here, you want to access to everything or it’s home or traveling. That market in the past is to be a VPN market. You dial in through some VPN and you get there. That technology has been very old. We’ve seen a bunch of breaches and vulnerabilities around it recently. That market is eventually migrated to SASE.
And the interesting thing in SASE is most of the SaaS requires an agent to be deployed on a laptop. There are three scenarios which becomes very hard. One scenario is mobile devices. Most of us carry mobile devices, 50% of our companies don’t protect our mobile device access or don’t give you full access to your mobile device. Two, it becomes harder if you’re trying to use your home computer, I don’t want Palo software download in my home computer because I don’t want Palo Alto to see everything I do in my own computer. I love Palo Alto, but there are certain limits to what, I mean, to let them into. So you don’t — you’re on a BYOD case, you don’t want that agent sitting on there.
And third case is there are people who have multiple companies that work for contractors. They will work for multiple companies. They don’t want to have one company’s agent and laptop. All those three use cases were we were attempting to serve an industry with a poor use case called remote browser isolation, which is somewhat a not so great user experience, if you will. It’s possible, it works. That whole market gets revolutionized by having an enterprise browser. The way enterprise browser works. So basically, that’s your lack of better word, portal or access to any application enterprise and you can deploy all kinds of controls on it. You can apply DLP controls on it. Nothing can cut [indiscernible]. You can’t forward anything. You can download anything. We can control the browser or the company.
The customer can control the browser for every one of their employees for your home computers, for your phones, they are contractors. So I just think it’s a game changer as it relates to remote access is a game changer as it relates to being able to apply controls and that one part will begin when people start trying to access AI. The browser because it’s unencrypted, you can see everything you’re doing, and that gives us much better control characteristics vis-à-vis something that you intercept after encryption, which is many people don’t allow you to view encrypted traffic. So it’s a game changer from an access perspective, six months ago, nobody was talking about it.
Now I can tell you, I was in New York last week. There’s lots of employees and contractors say we’d like to deploy a browser instead of an agent. I think it changes the way the market thinks about the remote access in the future.
Hamza Fodderwala
Maybe we’ll come back to audience Q&A later on. I just wanted to spend a little time on generative AI because I know it’s been a big topic over last year. One, how are you seeing generative AI change the threat landscape? And then secondly, can you remind us how you are using Generative AI in your product portfolio to help consolidate the market further?
Nikesh Arora
Sure. So generative AI for us will fall into possibly three categories. Category one, bad actors using generative AI that happens on the consumer front on the enterprise front. On the consumer front, I’m sure you read about a deep fake video, where somebody got inserting themselves to Zoom call and got a bank to transfer $25 million. That is doing the rounds. It’s kind of interesting. So there are Generative AI foleys that are going to happen on the consumer side, which you can think about as an enterprise use case as well. Bad actors will use generative AI. They’ll — In the most basic way, get the LMM to write a fishing e-mail, which has come to you with a malware link and you got to click on it and then tell they’ll steel your credentials. So it’s just faster bad actor activity, which we have to be prepared for. So it’s going to feeds the overall cybersecurity demand, there is no fatigue, a lot of money we spend in cybersecurity, right?
The second category of generative AI is how do we protect our customers against problems created by Generative AI which fallen three categories. One, our employees accessing AI LLMs or AI apps. We have to stop employees from loading proprietary information, all kinds of stuff. So we have about 100 million customers we protect on access, all of those customers are going to need all those users are going to need protection against Generative AI. It will just become another subscription that sits on top of our access products that should be low friction to deploy low friction to sell from a subscription to our customers perspective.
The second category will be the AI firewall. If you deploy an LLM in your company, we’re going to have to make sure we surround the LLM with security protection, so nobody can inject problems nobody can manipulate your LMM to give the wrong answer no bad stuff comes out of LMM, no fishing leaks come out of LMM or bad malware code is transferred to your customers. So we’ll have an AI firewall.
And third is it’s more of an architectural thing if you go deploy AI in your company and move everything from cloud to AI in the future, you’re going to need a cloud security equivalent of AI security poster management. So those are the three product categories we highlighted that in our earnings. We’re possibly three months away from being able to put them into production for our customers. Across the board, we will start previewing them in the next eight to 10 weeks with our customers. So that’s kind of what this happens. And within that, we will also have co-pilots like everybody who will in the future, which make the complex parts of deploying security easier for the practitioners because there are 7 million jobs that have not been filled in cybersecurity because complicated.
And third area, generative AI helps is reducing costs vis-à-vis automation and summarization and natural line interface. We — they’re going to launch a project next month, which approximately should give us 2% head count savings. We’re going to ramp that up with other projects, I think, in the next 18 to 24 months. most companies are going to be looking at about 10% head count savings on a conservative basis by deploying Generative AI.
Hamza Fodderwala
Well. Okay. A lot there. Because I think a lot of what you’ve been talking about is using generative AI with XSIAM to automate security operation?
Nikesh Arora
Yes. Precision AI.
Hamza Fodderwala
Yes.
Nikesh Arora
We make a very — in our business, we make a distinction between generative AI and precision AI, I don’t know if you guys read recently, I think a Canadian airline, chatbot just gave away free medical support for a ticket because it decided somebody else was doing it and told the customer the airline that they’ll cover the medical expenses. And then the airline had to pay up. I think Chevy had some L&M sell a car for $1, because the person negotiated really well, ended up in a bidding and contesting.
Imagine you’re a bidder, bid against me and ended up getting the price down to dollars. So there’s a bunch of hallucination. You really don’t want your security software hallucinating just saying. Like you imagine the physical security guard turns the gun around, this is not a good idea. So we try not to use Generative AI to tell us what to do in security. We tell — we use it to try and look at trends and what happens. We use precision AI when we know the answer, which are in old parlance called machine learning models to run 3,000 machine learning models in our AI SOC product, which has been extremely popular [indiscernible].
Hamza Fodderwala
Yes. I think what I haven’t heard you talk as much about is how you’re securing Generative AI because that’s a big problem. So it seems like that’s something that’s already driving some pipeline.
Nikesh Arora
Well, it’s driving conversation. A non-delivered product to the market can generate pipeline until we deliver. So we expect we’ll have the product next few months.
Hamza Fodderwala
Yes. And that would be your data security posture management?
Nikesh Arora
The AI security posture management, AI firewall and AI access. And the reason I don’t feel uncomfortable sharing that because on AI access perspective, it just become another capability for our customers where they already use our Prisma Access product or our GlobalProtect product for firewalls. They’ll just sit on top of it besides it saying anytime AI is accessed, we intercept and deploy controls.
Hamza Fodderwala
Got it. I think we had a question down in the middle, but I’ll just sneak in one more while we get the mic there. But do you also foresee a scenario where AI obviously drives more data, more traffic. Could that also incentivize perhaps an accelerated refresh on the hardware side? Is that something that you’re seeing?
Nikesh Arora
Look, I’ll take a slightly different point of view that there’s two parts to set that. One is, I think it’s important to say, at the most basic level, a firewall inspects network traffic. Network traffic is generally between users and their companies. It’s created between applications by our consumers. So in general, network traffic is rising between 2x to 5x a year. Think about it. Everybody — now you deploy AI, more people will be accessing, yes, you’ll be sending stuff back and forth. All that traffic needs to be inspected. The way it gets inspected is through hardware, software, cloud firewalls or SASE.
Those are four ways to inspect network traffic, right? Between all [indiscernible] so in general, that category is going to continue to see strong demand as long as we expect traffic to go up. In general, more AI and more data gets deployed, you will see more demand for cloud security because it’s very hard to do AI LLMs on-prem. You can. It’s just harder. People who haven’t moved to cloud, we’ll move to cloud now. So all these models are going to sit in the public cloud and all the [indiscernible] that happens. So that’s going to keep driving the cloud transformation game. All the bad actors in Generative AI, you’ll want much more real-time responses, which will drive precision AI in your SOC.
Unidentified Analyst
Thank you. Perhaps just elaborating on the replatformization strategy and incentives you’re offering to customers. How are you prioritizing those efforts across areas like SASE or endpoint or SIM? I mean, I know the answer is all of the above, but can you maybe give us some detail around how you’re targeting each one? Thanks.
Nikesh Arora
Sure. So look, on the network security side, what typically happens is it’s hard to transition a firewall as somebody bought it last year. Firewalls have six to seven years end of life or useful life. I can’t really buy out your firewall, if you bought it last year. You have six years more of depreciation setting your balance sheet. I can’t go take it out and say, I’ll replace it because it’s all very interesting to us economically.
What’s interesting in SASE because there at best it’s a three-year contract, you’re probably six to eight months, 12 months into it, that allows you to take the risk off the table saying, Palo I’ll going to come and deploy it. I want to have to worry about paying for it until it’s deployed and I can switch off one and switch on the other and start paying Palo Alto. So there, it’s a lot easier for us to go disrupt possibly the network security space sands hardware because all those things are on typically one to three year deals. And there, we can offer seven to eight vendors can get consolidated into one, you get a better security posture, better security outcome, possibly lower cost.
On the SIM side, in a 15 years, it’s been 15 years since there has been any revolutionary change in the semi space. All the products in there have were created 15, 17 years ago. And over time, you’ve discovered, they’re not set up for AI-based data analysis. They’re not set up for machine learning models in the right way. So there, it’s more about taking the execution risk off the table, saying if I replace this, what’s going to happen, I have to pay you for six months while I get you up and running, I still have to pay for this thing there. I’m much more willing to go take the bed because once people have bought those in, they haven’t changed them for 15 years.
Hamza Fodderwala
Maybe to follow up on this question. To what extent do you think the platformization strategy is really focused on the stock more specifically on the endpoint because you need a lot of endpoint telemetry to make things like Cortex like XSIAM for example, work. So what is the thought process there?
Nikesh Arora
So the endpoint remember, we were not a player five years ago when I joined. There are 14 endpoint companies at that point in time, we were not a player. There was Symantec, McAfee, Carbon Black, Cybereason, Cylance, CrowdStrike a whole bunch of others, right? So I think it was down to four, down to CrowdStrike, Paolo, Microsoft and Central One. The other 10 are over time going to get replaced by somebody or the other, which is amazing, you’ve gone from 14 to four and to the extent somebody already has just recently deployed the other three, we will ingest data and make it work on XSIAM. We will take that friction out of the system. We will offer to replace any of the other 10 in the market.
Hamza Fodderwala
I think we have time for one last question if anyone has one. We’ve got one right here.
Unidentified Analyst
Hey, I wanted to ask maybe when I think about the platformization with enterprise, I read somewhere that there’s about 50 to 60 tools and enterprise has for security. And you guys are leading in ’20. So it means that you will still live aside other tools. I was wondering does this affect your idea of being more of a closed system versus an open system, integrating more with different tools, especially when I think about data security like that you guys are thinking about making it a bit more closed rather than integrating with more tools. So would love to hear your thoughts?
Nikesh Arora
So let me parse that out. One, we cover about 60% to 70% of a customers’ cybersecurity vendor state today. So for example, if you have 60 tools, you could possibly replace between 36 to 40 of them, right? We don’t cover the other 30%. A major chunk of that is identity. We don’t do identity. There’s about eight to 10 or 15 tools in identity and there’s a few in vulnerability management. We have plans to go address some of those markets.
Two, most cybersecurity vendors in the market will give access to alerts and data into SOC or SIMs, so that customers can stitch them. We do the same. Our data is available to any SIM ready SOC that chooses to integrate Palo Alto data. We will accept data from any other vendor into our SIM, even the 10 that we said we wanted to replace. So to that extent, it’s open. We cannot have a true open in cybersecurity because true open means the bad actors can see what you’re doing. So it’s always a bilateral agreement that we have or a deal where we understand what we want to deploy or not.
So no, we’re not building a close data lake. At some level, you do — we — it works better if you use our product because we understand the data that was collected. It’s kind of like the difference between first-party data and third-party data. I collect first-party data. I understand it better. I feel much more comfortable guaranteeing the quality and outcome of our first party data. If I have to indicate somebody else’s third-party data, then that’s the risk because I don’t know how they collected it. I don’t know how good it is, if it’s got false-positive, you have to deal with the outcome. So that’s the only benefit to take away. All right.
Hamza Fodderwala
Nikesh, thanks for coming. I’ll talk to you later. Thanks everyone for joining.
Nikesh Arora
Yes, thank you very much.
Read the full article here