Palo Alto Networks, Inc. (NASDAQ:PANW) Q2 2023 Earnings Call Transcript

Palo Alto Networks, Inc. (NASDAQ:PANW) Q2 2023 Earnings Call Transcript February 21, 2023

Clay Bilby: Good day, everyone, and welcome to Palo Alto Networks Fiscal Second Quarter 2023 Earnings Conference Call. I am Clay Bilby, Head of Palo Alto Networks Investor Relations. Please note that this call is being recorded today, Tuesday, February 21, 2023, at 1:30 PM Pacific Time. With me on today's call are Nikesh Arora, our Chairman and Chief Executive Officer; and Dipak Golechha, our Chief Financial Officer. Our Chief Product Officer, Lee Klarich, will join us in the Q&A session following the prepared remarks. You can find the press release and information to supplement today's discussion on our website at investors.paloaltonetworks.com. While there, please click on the link for Events and Presentations where you will find the investor presentation and supplemental information.

During the course of today's call, we will make forward-looking statements and projections regarding company's business operations and financial performance. These statements made today are subject to risks and uncertainties. We assume no obligation to update them. Please review the press release and our recent SEC filings to see these risks and uncertainties. We will also refer to non-GAAP financial measures. These measures should not be considered as a substitute for financial measures prepared in accordance with GAAP. The most directly comparable GAAP financial metrics and reconciliations are in the press release and the appendix of the investor presentation. All results and comparisons are on fiscal year-over-year basis, unless specifically noted otherwise.

We would also like to note that management is scheduled to participate in the Morgan Stanley TMT Conference and JMP Securities Technology Conference in March. I will now turn the call over to Nikesh.

Nikesh Arora: Thank you, Clay. Good afternoon, and thank you, everyone, for joining us today for our earnings call. I'm pleased to report that we had another strong quarter with the balance of top line growth, significant expansion and non-GAAP operating margin and strong free cash flow. Billings and revenue each grew 26% year-over-year. Our RPO grew 39% as we continue to sign large multiyear deals with our customers. We also delivered an acceleration in our operating leverage in Q2 as we focused on driving profitable growth. Our non-GAAP operating income grew 55% year-over-year, supported by a non-GAAP operating margin, which exceeded 22% for the quarter, up over 440 basis points year-over-year. This translated to another quarter of profitability on a GAAP basis.

We have now been GAAP profitable on a cumulative basis over the last four quarters. In addition, our strong free cash flow generation this quarter also puts us on track to outperform prior guidance. I know many of you are wondering about the macro environment, so I want to start with an update there. There's clearly a tougher macro emerging out there as the Fed continues on its crusade to tame inflation. The changing macro is clearly making business leaders more cautious. Some of our customers are seeing signs of a slight slowdown while others are less impacted. I, however, feel that we're not done yet. And while not expecting shocks, I do think we will see more cautious activity over the next few quarters. Clearly, caution is abundant, driving more scrutiny, making customers demand more value from their partners.

We've seen some projects get delayed or descoped, non-canceled while most continue on track. We've always maintained that we expect cybersecurity to be resilient, and we continue to see evidence of that. On the large deal front, this behavior is definitely widespread. For us, this has meant we need to get ahead of this and work closely with our CIO and CSO partners. Not just that, it's creating more conversations around payment terms, discounts and scope of deal with purchasing teams, something we've been working with our customers on as well. I'm delighted that based on our field teams getting ahead of this problem, earlier this quarter, we did not see any major deals slip from the quarter. Our deal cadence quality was consistent with the same quarter last year.

On an equally positive note, this environment drives the need for consolidation, not just to generate clear security outcomes, but also to reduce the security vendor sprawl that has been prevalent in our customers' infrastructure and the need for a long-term security strategy based on total cost of ownership and value. We feel fortunate that with our portfolio, we are best positioned to deliver this to our customers. Within our own business, two things have happened. One, we have become more focused on efficiency from early this year. For example, our headcount growth this year is likely to be lower than any of the last three years. At the same time, we do not anticipate slowing down the pace of our development or business outcomes. Dipak and his team have been rigorously inspecting our cost structures across our portfolio to ensure we are set up to deliver consistent gross margins in all areas.

This has been one of the major drivers of our improved operating margin and we hope to continue to improve as we scale. Secondly, as anticipated, supply chain challenges and product have abated significantly versus six months ago. While this is evident in our product gross margins and our overall profitability, there are some lingering impacts, which we expect to further abate through the end of this year. Let's also take a moment to discuss hardware growth. Over the last 12 months, a lot of factors have impacted hardware growth, including supply constraints, uneven demand, given supply chain impacts and backlog. Additionally, we have noticed our customers continue to be more focused on their cloud, network and security operations and transformations and are willing to sweat their hardware assets longer.

Underlying all this, we still believe that the industry hardware growth rate is in the low to mid-single digits. As all these extraneous factors mitigated over the next few months, we will see the long-term growth gravitate back to those levels. So what does this mean for the second half of this year and beyond? Somewhat counter to the market, we're raising guidance both on top-line metrics, metrics and profitability. Of course, this requires the current demand to sustain, and for us to maintain a continued focus on execution. We have a unique opportunity in this environment to strengthen our position in the market. Hence, we are investing with an eye towards disciplined growth and positioning ourselves to the partner of choice for customers looking to consolidate.

You'll hear more about this from Dipak, but we are raising billings and next-generation security our guidance on the back strength in our software-based and cloud-delivered capabilities. In our hardware pipeline, we're seeing specific transactions that are on track for Q4, which has caused us to shift some forecasted revenue from Q3 to Q4 while maintaining our annual guidance. With all I have said about efficiency in better operations and the impact, we're now guiding to 21.5% to 22% operating margin for fiscal year 2023. Additionally, we're also increasing our cash flow guidance. Consolidation continues to be a key theme with our customers. Of course, customers are not willing to compromise on quality and cybersecurity. Given our market leadership in 13 categories, we are fortunate to be engaged in many such conversations.

Those conversations are driving business, and many customers are on a long-term transformation path with us. The number of deals we closed over $1 million grew nearly 20% year-over-year, and the value of these transactions grew nearly 60%. Similarly, the number of greater-than-$5-million deals grew 84% and a number of greater-than-$10-million deals grew over 140%. We saw deal values in these cohorts grow significantly. This continued momentum is critical to us being able to drive platform consolidation. Time and again, we see early millionaire customers become an onboarding ramp to help us drive more cybersecurity value to our customers. Almost all of our $10 million deals involve multiple platforms on an underlying transformation that is driving vendor consolidation.

Let's take a look at some of the ways we are driving consolidation. First, with Zero Trust transformations, we're helping customers standardize their appliance and software firewalls with a broad line of security subscriptions. A life sciences customer signed an eight-figure deal to standardize their operations using our next-generation firewalls, VMs and security subscriptions. In other cases, we're helping customers adopt SASE and software firewalls, and consolidate their security stack across our consistent set of offerings, driven by hybrid work and securing SaaS apps. A financial service firm recently signed an eight figure deal with us, because they wanted to transform their network and reduce both operational challenges and cost of ownership.

They chose us over pure play SASE competitors, because of the breadth of our offering in our comprehensive Zero Trust network. Secondly, trial cloud transformations. We're using our Prisma Cloud and Prisma Access capabilities to help customers adopt hyperscale cloud and Software as a Service. Another financial services firm with a mandate to run over 90% of the apps in the cloud signed a high eight-figure deal to standardize in both Prisma Access and Prisma Cloud. Lastly, in SOC transformations, we're using our Cortex platform with XSIAM to help customers transform their security operations center and retool around high-fidelity data sources, AI and automation. A retail company started a relationship with us around Unit 42 incident response with an Expanse trial and small XDR deployment.

They expanded the relationship with a high seven-figure deal to standardize on XDR and XSOAR. These strategic customer relationships and transformations would not have been possible without us building a new security industry paradigm, a paradigm around constant innovation. Our success is driven by investments in innovation and is increasingly clear to us that, there is a flywheel at play here. This starts with R&D investment, where we have the largest budget of all dedicated cybersecurity companies approximately $1 billion in non-GAAP spending on a trailing four-quarter basis. This is two to five times as much as our pure-play peers. Our scale also allows us to spread this budget across a larger revenue base and the shared needs of our three platforms.

R&D investments then translate into a record number of product releases. Our first half major release is number 35, up 59% from the first half of last year. Some of the key releases in the first half included our flagship PAN-OS 11.0 Nova, our third advanced subscription, Advanced Wildfire, our new AI-based SOC platform XSIAM and new modules and updates in Prisma Cloud. This constant innovation is causing industry analysts to take notice. We recently received recognition for leadership in the cloud-native application protection platform category, or CNAPP, bringing our total number of active leadership recognitions to 13, which compares to nine a year ago. All these leadership positions have helped us grow our NGS ARR at 63%. We still believe there is a large untapped TAM for many of these services given the robust adoption of advanced software services that we have launched, which are all cloud delivered and us being in the early part of the SASE cloud life cycle, we feel confident in our future ability to drive NGS ARR.

Let's take a deeper look at some of the highlights. I'll start with my personal favorite, our network security business. We launched our first SASE capability, Prisma Access, at the end of fiscal year 2019. In the first year, we booked less than $100 million in business. Over the last six quarters, we booked about $1 billion, with our largest deal last quarter being a TCV deal for $40 million for SASE. We now have over 4,000 customers and are growing ARR approximately 50%. In Q2, we saw a healthy number of large competitive wins in SASE, and SASE has one of our strongest pipelines looking 12 months out. Beyond the top line traction, we're also seeing improving economics in the business. Two years ago, we showed you how the five-year revenue from a SASE customer compares to an appliance customer.

At that time, SASE was about two times higher. Since then, we've added additional value to SASE. We launched autonomous digital experience management in FY 2022, followed by AIOps and SaaS security posture management this year. AI has the power to transform SASE. Our integrated security services are now all powered by AI to detect and prevent even zero-day attacks. And we'll soon be introducing additional AI-driven capability to transform the user experience and using the platform. We now expect our five-year revenue from a SASE customer to be more than 2.5 times that of an appliance customer. We've also seen some improvements in our SASE gross margins over this period, as we have scaled to become more efficient. If you go to the other side of our network security portfolio, our software firewall business is going strong.

16 Most Technologically Advanced Countries in the World in 2017

Den Rise/Shutterstock.com

This includes the broadest deployment options for customers, including VM-Series and CM series, which can run in their data centers or be purchased in the cloud marketplaces and the first-to-market integrated cloud next-generation firewall offerings for hyperscale clouds. We have the highest market share of any company in this market. We believe it's more than three times of our any closest competitor. The current macro environment is causing more customers to watch their CapEx budget. This shift, along with the fact that customers are transforming the data centers moving to the cloud, is leading more of them to adopt software firewalls. In Q2, the number of deals over $1 million for our software firewall was nearly doubled, and six of our top eight deals in Q2 included software firewalls in our offering.

Moving onto our cloud security business. We continue to make steady progress with Prisma Cloud. Platform enhancements are important to our growth. We released the new API risk profiling capability to enhance our web application security module. This capability helps security teams assess their API stack surface, attack surface quickly based on more than 200 risk factors, including misconfigurations, exposure to sensitive data and access privileges. This helps teams prioritize the most significant risk and take preventive measures to address them. We also continue to shift left and focus on securing workloads as they are developed, solving our customers' application security channels. To that end, we closed the acquisition of Cider, and have brought their team under common leadership with our cloud code security team to help bring Cider's CICD security capability to our platform.

After releasing Cloud Core Security a year-ago, over 15% of our customer base has adopted these capabilities. Our cloud core security customers in Q2 grew 30% over Q1. Our new secret management module launched in December scans code repos used by developers for hard-coded secrets like passwords and API keys to make sure this information is not exposed and used as a vector of attack. We continue to see these new capabilities and enhancements drive an increase in customer module adoption. For example, our customers with two or more modules grew over 40%, and customers with four or more modules more than doubled. Credit consumption of Prisma Cloud increased 48% year-over-year. This growth is being driven by new customer additions, customers increasing their cloud footprints and customers consuming additional modules.

While there has been discussion on moderation and cloud consumption in the market, we believe the relatively early stage of cloud security adoption has and will continue to shelter us from this headwind. Before I move on to Cortex and talk about continuing signs of optimism I see in that category, I feel compelled to take a detour towards AI. Clearly, AI has been on everyone's mind given the continued conversation in the tech industry. Most of you know the story of arrival with the Palo Alto Networks. I talked about fragmentation and the need for a solution there, which we have talked a lot about. I also talked about automation and AI. We counted, I used the word AI more time than my first six months in Palo Alto Networks than platform or consolidation.

The challenges you all know is that AI has been a data problem and continues to be so. Unlike consumer AI, where we can talk about Sonnets and ChatGPT's creative capabilities and the revolution that is going to drive in search or advertising, its ability to summarize data and continue to amuse and inform us, the demands from AI and enterprise are far more exacting and so are the returns. An enterprise AI needs to be clean. It has to have comprehensive data. And in security, especially it needs to be real time. So not only do you need to have the best data to create great security outcomes, you also need to be positioned in line to block threats. Let me make a case why with petabytes of data from trillions of events, billions of sessions, hundreds of millions of URLs and tens of millions of flies flowing -- files, not flies -- flowing through our product across cloud, network and endpoints daily, we are best positioned to deliver security outcomes using AI machine learning.

Palo Alto Network's next-generation firewalls broke through the firewall industry in the early days because of our ability to then deliver next-generation security. These services were driven by expansive data collection capabilities, EAL, or enhanced application logs. We have since applied that capability across our entire network security stack. We estimate that this network secure data is just under half the valuable security data that is needed for any AI-driven outcome. We have over 60,000 customers where we can help them use this data. As we conceived with Cortex, we built XDR to ensure we collected the best endpoint data across the industry. We acquired and deployed the largest security automation footprint at XSOAR, but we're not stopping there.

We then acquired and integrated Expanse, which looked at vulnerability data from a different and unique perspective. These formed the fundamental building blocks for XSIAM. With our leadership position in automation, analytics and attack surface management, again, we're driving an AI-based SoC transformation. With our 4,500 Cortex customers, we're able to bring what we believe is the next largest set of security data that is useful for AI. We applied the same thought and rigor as we built Prisma Cloud, integrating data from all hyperscalers, integrating shift-left data from developers. Slowly and steadily, the Prisma Cloud integration is being built on a stronger foundation of security data. Cloud is becoming an increasingly important contributor to AI, and our 2,000 customers will benefit from it.

We have delivered unique AI-based outcomes, including blocking unknown yet malicious websites, command and control domain and files at scale. Also, we have shown in our own security operations center that we can reduce the mean time to detection to seconds and the meantime to respond to minutes. These are all outcomes that cannot be achieved without the data we have and the AI/machine learning expertise we apply. Let's take a look into how we believe this has made us more excited and encouraged us around XSIAM. In Q2, as part of the Cortex and XSIAM platform, we released important new capabilities, including SaaS-enabled XSOAR, delivering a cloud-based interface and Expanse active attack surface management allowing our customers to remediate issues discovered using XSIAM.

We launched XSIAM and GA at the end of Q1. So far, we've closed approximately $30 million in business and have a growing pipeline of customers that are looking to transform security operations of the new platform. I think XSIAM is going to pave the way for us to drive AI-driven security transformation outcomes. We will continue to work hard with our early customers to drive evolution and success in XSIAM. I'm extremely positive, perhaps, and cautiously optimistic about XSIAM. Its early relevance, product market fit, and with the concurrent discussion on AI, it makes me hopeful that this could be the fastest ramp of any security product. We see our first milestone to getting to $100 million in bookings faster than Cortex SASE or Prisma Cloud in our portfolio.

Before I turn the floor to Dipak, I want to put all this together and talk about where we're focused as we enter the second half of our fiscal year and beyond. We see a clear road map ahead of us. We intend to put our head down and execute. Right now, we're in the process of transforming our business to software-based and cloud delivery offerings. Our revenue, which is increasingly driven by our next-generation security capabilities, is becoming more recurring in nature, and we have an opportunity to own a greater share of our customers' cybersecurity budget. This should allow us to sustain high revenue growth for longer. Over the last couple of years, we set in motion a plan to expand our operating margin, including driving scale in our faster-growing businesses.

Over the last six months, we've listened to investors who have encouraged us to focus on profitable growth and accelerate incremental leverage in our business, and we made good progress in Q2. We're now well positioned for the second half of the year. We are appreciably raising our margin target for FY 2023 up 200 basis points from our prior guidance and 250 basis points from our initial FY 2023 guidance. We believe we can continue to build on this into fiscal year 2024 and beyond, putting us three years ahead of our profitability targets we offered at our last Analyst Day in September 2021. As Dipak will describe, we believe the combination of sustaining higher top line growth and focus on efficiency sets up well to build on this base of higher profitability and grow EPS ahead of revenue.

I want to emphasize that achieving GAAP profitability is an important milestone for our company. In support of this, we're actively focused on managing our stock-based compensation to continue bringing this down as a percent of our revenue. With that, I'll turn the floor over to Dipak to take you through our details of our results and guidance, and then we'll take questions.

Dipak Golechha: Thank you, Nikesh, and good afternoon, everyone. For Q2, revenue of $1.66 billion grew 26%. Product revenue grew 15%, whilst total service revenue grew 29%, with subscription revenue growing 32% and support revenue growing 25%. Moving on to geographies. We saw revenue growth across all theaters, with the Americas growing 22%, EMEA up 35% and JPAC growing 32%. The strength of our next-generation security capabilities continues to drive our results, with NGS ARR of $2.3 billion, growing 63%. Strength was broad-based across all three of our platforms: Network security, cloud security and security operations. We delivered total billings of $2.03 billion, up 26% and above the high end of our guidance range. Total deferred revenue in Q2 was $7.6 billion, an increase of 39%.

Remaining performance obligation, or RPO, was $8.8 billion, increasing 39%, with current RPO representing about half of our RPO similar to recent quarters. Our non-GAAP earnings per share was significantly ahead of our guidance, and this metric, as well as our trailing 12 months adjusted free cash flow, accelerated. Non-GAAP EPS of $1.05 grew 81% year-over-year, while trailing 12-month adjusted free cash flow of $2.7 billion grew 76% year-over-year. Moving on to the rest of the financial highlights. Non-GAAP gross margin of 75.5% was up 150 basis points year-over-year, driven mainly by an increase in our software mix. On a quarter-over-quarter basis, we saw less pressure from incremental costs related to the supply chain. We've made significant progress in driving leverage.

This is something that we articulated at our Analyst Day in September 2021 and kicked off in fiscal year 2022. And we have accelerated this in fiscal year 2023 with a focus on profitable growth as evidenced by our Q2 performance. Our operating margin of 22.8% increased 440 basis points year-over-year. This result was driven by improving gross margins and a slower level of headcount additions. We expect to see ongoing improvements in our operational efficiency. And as a result, we are raising our fiscal year 2023 operating margin guidance. Non-GAAP net income for the second quarter grew 79% to $332 million, or $1.05 per diluted share. Our non-GAAP effective tax rate was 22%. Delivering fiscal year GAAP profitability is another milestone in our balance of driving growth and profitability.

For the quarter, GAAP net income was $84 million or $0.28 per basic share and $0.25 per diluted share. This was our third consecutive quarter of GAAP profitability. And as Nikesh noted, we have now been profitable on a cumulative basis for the last four quarters. We believe we now meet the criteria for inclusion in the S&P 500. Turning now to the balance sheet and cash flow statement. We ended Q2 with cash equivalents and investments of $6.2 billion. Our average duration -- our new contracts increased slightly year-over-year, driven by deals with strategic customers. It remains at approximately three years, where it has been historically. Q2 cash flow from operations was $695 million, with total adjusted free cash flow of $685 million this quarter.

Our strong free cash flow in Q2 was driven by increased operating profitability, higher interest income and improvement in billings linearity due to improving supply chain conditions. During Q2, we repurchased approximately 1.8 million shares at the open market at an average price of approximately $139 per share for a total consideration of $250 million. As a reminder, our share repurchase program is opportunistic, and we are committed to this method of returning cash to shareholders over the medium-term. Stock-based compensation ticked up 20 basis points as a percent of revenue sequentially, related to the issuance of our annual grants and the impact from the Cider acquisition. On a year-over-year basis, stock-based compensation was down 350 basis points as a percent of revenue.

Before I get to guidance, I wanted to cover my thoughts on operating margin. We have continued to drive improvements in the profitability for our fastest-growing businesses as they have gained scale. Also, over the last six months, we have developed and executed on detailed plans to accelerate our operating leverage. This includes raising the bar around the return on investment we expect as well as remaining prudent in our hiring. We've also spent a lot of time looking at our peer group and studying benchmark data. As we look towards the second half of the year and into fiscal year 2024, we believe we can continue to execute against our plans and drive higher operating margins. We expect that this will translate into us growing our EPS faster than our revenue growth rates.

Now moving on to guidance. We're offering guidance for Q3 and also Q4 to make this explicit and then offering updated annual guidance. You'll see we're maintaining our annual revenue guidance and giving explicit guidance for Q3 to Q4 based on what we see in our pipeline for product revenue. For the third quarter of 2023, we expect billings to be in the range of $2.20 billion to $2.25 billion, an increase of 22% to 25%. We expect revenue to be in the range of $1.695 billion to $1.725 billion, an increase of 22% to 24%. We expect non-GAAP EPS to be in the range of $0.90 to $0.94, an increase of 50% to 57%. For the fourth quarter of the year, we expect billings to be in the range of $3.12 billion to $3.17 billion, an increase of 16% to 18%. We expect revenue to be in the range of $1.937 billion to $1.967 billion, an increase of 25% to 27%.

We expect non-GAAP EPS to be in the range of $1.18 to $1.22 per share, an increase of 48% to 53%. For the fiscal year, we expect billings to be in the range of $9.1 billion to $9.2 billion, an increase of 22% to 23%. We expect NGS ARR to be in the range of $2.75 billion to $2.8 billion, an increase of 45% to 48%. We expect revenue to be in the range of $6.85 billion to $6.91 billion, an increase of 25% to 26%. We continue to expect product revenue growth in the range of 10% for the full fiscal year. For fiscal year 2023, we're expecting our operating margins to be in the range of 21.5% to 22%. And we expect our non-GAAP EPS to be in the range of $3.97 to $4.03, an increase of 57% to 60%. We expect our adjusted free cash flow margin to be between 36.5% to 37.5% and we expect to be GAAP profitable each quarter and for the fiscal year 2023.

Additionally, please consider the following modeling points. We expect our non-GAAP tax rate to remain at 22% for Q3 and fiscal year 2023, subject to the outcome of future tax legislation. For Q3 and Q4, we expect net interest income -- net interest and other income of $45 million to $49 million. We expect Q3 diluted shares outstanding of 321 million to 327 million shares. We expect Q4 diluted shares outstanding of 326 million to 332 million. We expect fiscal year 2023 diluted shares outstanding of 320 million to 326 million. We expect Q3 capital expenditures of $35 million to $40 million, with full year capital expenditures of $165 million to $170 million. With that, I will turn the call back over to Clay for the Q&A part of the call.

A - Clay Bilby: Great. Thank you, Dipak. The first question will be from Brian Essex of JPMorgan with Hamza Fodderwala to follow. Brian, you may ask your question.

Brian Essex: Great. Thank you, Clay and congrats to everyone on some fantastic results. Really, really strong here. Thanks for taking the question. Maybe Nikesh for you, I just have a question on SASE. Maybe if you could dig in a little bit to the competitive dynamics there. Does it really help to -- I guess, how much does it help the platform to have full end-to-end SASE? I see a lot of private vendors building out full end-to-end SASE platforms, or is this more of a transformational push or maybe there's a little bit of both? Thank you.

See also 12 High Growth Real Estate Stocks that are Profitable and 11 Most Undervalued Blockchain Stocks to Buy.

To continue reading the Q&A session, please click here.