Palo Alto Networks, Inc. (PANW) Goldman Sachs Communacopia & Technology Conference (Transcript)
Palo Alto Networks, Inc. (NASDAQ:PANW) Goldman Sachs Communacopia & Technology Conference September 9, 2024 1:10 PM ET
Company Participants
Nikesh Arora – CEO
Conference Call Participants
Gabriela Borges – Goldman Sachs
Gabriela Borges
All right. We will go ahead and kick it off. Thanks everyone for joining us. Day one, Goldman Sachs Communacopia & Technology Conference. I’m Gabriela Borges, I lead our cybersecurity research chair. And I’m excited to have on stage with me Nikesh Arora, CEO of Palo Alto Networks. Thank you for joining us.
Nikesh Arora
Thank you for having me.
Gabriela Borges
Nikesh, one of the things you’ve said a couple of times now over the last six months is, you wish you had started the platformization strategy sooner. One could argue looking at Palo Alto for the last three years, you’ve been selling three different platforms pretty consistently. So talk to us about what’s different on the ground in 2024 with the platform conversations that you’re having at some of your largest customers.
Nikesh Arora
Yes. First of all, thank you for having me, Gabriela. And I’ve said that and I was listening to a podcast by Reid Hoffman interviewing Eric Schmidt and he asked him, hey, Eric, if you were younger, you could go back and do something differently, what will you do? And he said, I’d execute on my good ideas faster. So those same reasons I say we should have done platformization faster. What’s different? Look, we have been integrating selling a platform for a while but we hadn’t been consistently leading with the platform. We’ve been trying to meet the customer where they were and say, okay, you want this, I got this. But now our entire sales team has pivoted toward leading with a platform saying, listen, I know you want this, but if you got it at this flavor, it’ll all work better together. And that’s a mindset change in our field. And eventually these are the people who talk to customers and convince them about what they need. So getting them reoriented towards a platform approach allows our sales teams to go in that way. Also it changes the competitive dynamics for us because then the other competitors have to respond to our platform strategy as opposed to say, oh, I can beat you on SD-WAN or I can beat you on SSD or I can beat you on enterprise browser. Can you beat me when they all work together?
Question-and-Answer Session
Q – Gabriela Borges
If you think about one of the topics in security around the fragmentation of the long tail, we’ve talked about how the largest companies in security have a much smaller amount of market share than in some of the other segments of software. So what have been some of the best practices that you’ve taken from outside the security industry on how to cross sell and how to sell platform at the highest level of the organizations at your customers?
Nikesh Arora
Yes, I think if you go back and I’ve said this before, I apologize if it’s got repetitive. But if you go back 20 or 30 years ago, a lot of the current SaaS platform companies didn’t exist. So all of those things were done with 15 or 20 different applications in your enterprise, whether it was all the CRM stuff, all the customer support stuff or HR stuff or financial stuff. I went to Fidelity 30 years ago and we had applications that did all of these things and you had to put them together. You fast forward, look at 30 years hence, you would never dream of having 30 different applications that manage customers for you to buy a platform. I think cybersecurity is the same space where we all believe that we need 40 different vendors to solve this problem because each of these is a point problem. Actually it’s a broader problem, we want to secure the enterprise. So question is why has it not happened before because there was no such company or vendor or platform available, so it’s very hard to say I’ll take it if it doesn’t exist. So we’re trying to get us there where we can have that platform at play. In terms of what sells it better is you need commitment from the CIOs and the senior leadership. And typically companies when they do these transformation projects end up hiring systems integrators. They’ll hire the Accenture, the Pricewaterhouse, the IBMs, the Wipro, the Infosys. So we have a very large concerted effort over the last two years of working with those companies. I’ve spent more time with them in the last year or so and CIOs than I ever did in the first five years and that’s bearing fruit. Now today, like people hire Accenture or Pricewater or IBM to say transform my network or transform my SoC. Now that they understand our solutions better, they don’t want to deal with 14 vendors, they’d rather deal with one because they’re making money elsewhere.
Gabriela Borges
I want to stay on this topic of transformation catalyzing your land and expand with customers and particularly on how it intersects with AI.
Nikesh Arora
Yes.
Gabriela Borges
So talk to us about what you’re hearing from some of your largest customers on their AI investment plans and how does that then impact how they want to spend on security?
Nikesh Arora
I think almost every customer is horribly confused about AI. They’re all trying to figure out how this thing becomes real. I think we’ve been working on it for the last nine months. It’s clear that a lot of the early use cases, if you’re not on the consumer side, which are more creative, should make me a video, show me an image or write me a story. Those are great on the consumer side. But on the enterprise side, you’re seeing all of them as enhanced productivity application. Can I get my customer services to be better, can I get some process to be better, can I do better pattern recognition on data, can I analyze my MRIs better? So you’re seeing a lot of those use cases. So it’s a large data management, higher quality of data, analyze that using an LLM and create a conversational interface against it. So that’s kind of what we’re seeing. In that context, I’d say, almost every one of our enterprise customers is experimenting with deploying some sort of version of a model in their sort of infrastructure or in their public cloud infrastructure, one. And two, I’d say, about 20% to 30% of the employees of every company, especially the younger ones are playing with the AI app to see if they can get their jobs done easier, right? Write me a blog post or write an answer with e-mail.
Now in both those cases, there are security opportunities. In the case of your employees using AI, the security opportunity is that they shouldn’t be putting any proprietary data into a public facing app or an LLM. So we can intercept it with our cross product, in our access products, our VPN products, we can look at what people are entering. We can intercept it, stop them from putting stuff into public LLMs or public apps. We rate about 500 apps on their threat levels today, which are AI apps. So we can say, this is a risky app, don’t put your data in there. Nobody else in our space has deployed that capability yet. We went live about three weeks ago. The second use case is everybody deploying these LLMs requires effectively what we call an AI firewall. So when you deploy ChatGPT or Gemini Enterprise and you have your AI bot talking to your customers, you got to be careful nobody intercepts that bot and start giving away free cars or free airline tickets or free clothing, because you can do that just for fun. Hackers would love to do that just to show that they can penetrate your AI chatbot. You put a firewall against it to make sure that it cannot be prompt injected or model poisoned, et cetera, et cetera, for which an AI is for all. So both of those are going to be interesting opportunities from AI perspective.
Gabriela Borges
Is an AI firewall different technically from a classic virtual firewall that’s monitoring nonstop traffic?
Nikesh Arora
It’s enhanced because you have to put in all the checks and balances for prompt injection, model poisoning and whole bunch of stuff, which didn’t exist as concepts before. And for the first time you have to monitor traffic both ways, because LLM can give silly answers, and you don’t want a customer to get a silly answer. I can give you malware in response to a normal question, right? You know like those beautiful chatboats say, did you like the answer, did you not like the answer? If I do a lot of like the answer, the LLM learns to give that answer. So I could bombard your LLM and like all the wrong answers for a long time and LLM suddenly learns all the wrong answers are good answers. You don’t want that either.
Gabriela Borges
A similar question on data center firewalls. As we spend time at the industry level thinking about the rollout of data centers to support all of these model training and inference use cases. Is there then a second derivative impact on the demand profile for your data center firewall business?
Nikesh Arora
So there’s been a fallacy that when we go to the cloud, the firewalls will go away. I have a trick question. Where does all the cloud run on? It actually runs the data centers. You still need firewalls to run the cloud provider data centers, which used to run-in enterprise. So it’s a zero sum game. It moves from one side and goes to the other side. That’s why we run an obstinate in industry where we don’t go away. There is going to be more need for data center firewall as people build these large AI data clusters. But unfortunately, we don’t enjoy the pricing of GPU. We still sell them at the same price.
Gabriela Borges
I want to also spend a little bit of time on the AI use cases that you’re exploring in house. So maybe actually we can start on the R&D side. Are there a couple of AI use cases that you’re most excited about that your engineering team is working on over the next couple of years?
Nikesh Arora
Yes. So there are some. We went early in this AI journey internally. And if you look at it, you tackle them based on your cost basis. Our largest cost basis are customer support people, developers and sales people. How can I use AI to make my life more efficient, more productive? On the customer support side, that seems to be the happy use case every AI company is chasing down. The big determinant there is not who your AI companies or LLM you’re using is how good is the quality of your data? Do you understand how you solve each problem, do you understand what data is needed to solve a problem? So there’s a lot of effort we put into place where we are collecting more data than we ever did on every case that we solve for our customers. I told my team every 11th time the same thing shows up, it better not be human being solving the problem, which requires a fundamental rethink about how you collect that data. It’s interesting. Our best and for that we’ve designed, as always, an internal customer support Copilot, our people use it. Our best customer support people who know how to use the Copilot are 40% more efficient than non-Copilot users, which is an interesting sign. What is also interesting is somebody who learns how to use the Copilot is equally productive after three months like a person who’s been there for four years. These are both interesting signs that tell us that we can actually tackle that problem at scale, you just need to get better from a data perspective.
So I think there’s an opportunity there in the next two to three years of making ourselves more efficient from a customer support perspective. Our second big constituents are developers. Our best developers are 30% to 40% more productive than our non-Copilot using developers, which is also interesting. Only a third of their time is spent developing, the other two thirds are spending other things, which we’re also working on figuring out how to make that more optimal. But there’s also hope there that not only can you get better code from a quality perspective but you can have a much more productive employee on the coding side, which allows us to maintain our cost basis and grow faster. And third, on the sales side, we’re taking a slightly different perspective. We believe the biggest errors happen when the salespeople aren’t well informed. So we have a lot of efforts going towards where every one of our sales people can pull out their phones and ask a question about our own product capabilities and portfolio and capabilities without having to call another person. So we’re trying to get them information at their fingertips using AI and LLMs, hoping that that’ll make them more productive and reduce or increase our win rate.
Gabriela Borges
Are there any examples of AI applications today in house at Palo Alto where you had thought that they would show more promise earlier and instead it’s actually taking a little bit longer than what perhaps the industry would have expected?
Nikesh Arora
I think there’s a general understanding now. All of us rush to build Copilots and we’ve all discovered Copilots are more complicated and less accurate than we want them to be. And in our business, it’s not the 90% that matters, it’s the 10% which is not accurate that matters. You don’t want to give a 10% wrong answer. So don’t worry about it, I’m right nine out of 10 times because that one out of 10 times you’re wrong is when the breach will happen. So the focus on accuracy is more relevant for cybersecurity. And I’d say we’re all reaching the current limitations of hallucinations and accuracy in the 80% to 90% range, which allows us — which does not allow us to have autopilot, so they’re Copilots and you have to be very careful when you give a Copilot that you say this answer could be — could require some more validation. So I think we’re all — again the problem is you can’t get to 100 if you don’t get to 90. So it’s not like you can’t — we can’t wait and not start because it’s not 100% accurate. You just have to go through the motions to understand it. So I think that progress will happen. It does require better inferencing. And I think you can see lots of technologies are out there that are trying hard to work towards inferencing and prompt extraction. So we’ll see.
Gabriela Borges
So one of the areas where a lot of these themes intersect, I’m thinking, AI, pattern recognition, Copilots, platformization is with Cortex and some of the work that you’re doing in the SoC. Talk to us about how — we’re about a year on now from training and enabling all of Palo Alto sales people to go sell Cortex. What are some of the limiting factors today in your ability to take share in what has historically been an incredibly sticky market? And do you still get push back on, well, Cortex looks great if you’re fully embedded in the Palo Alto ecosystem, but it doesn’t work great if I have to embed other vendors as well?
Nikesh Arora
Not at all. So first of all for those of you who are not aware, if you step back, cybersecurity industry goes through inflection points. And inflection points are moments when vendors get replaced. So when Palo Alto started the next generation firewall, we replaced a whole bunch of firewall vendors, because we came up with the technology. If you look at what happened in the endpoint market with McAfee and Symantec and the emergence of CrowdStrike and Cylance at that time, Carbon Black, Cybereason, Palo Alto, that was another inflection point where the technology was so good and so different that customer said, I got to get rid of the old stuff, I got to go to the new stuff. And I think SIEMs are in that space right now. People will replace SIEMs because they’re horribly expensive, not fit-for-purpose anymore, not using machine learning historically and they’re designed for human querying of the data, which needs to be queried using some sort of machine learning. So XSIAM is that inflection point for us. In the last 18 months we’ve sold 130 of them, which is way more than you would expect. And the average deal size for our top 30 is north of $1 million. There has not been a cybersecurity product whose average deal size was $1 million out of the gate. Our largest deal is $50 million, which is also rare. There’s no cybersecurity product that in 18 months comes out and does a $50 million deal, which underpins the large enterprise. So I actually think it’s fast enough. It doesn’t need more acceleration. However, because I’m impatient we went and did a deal with IBM, which one of the three leaders in the market in SIEM and we bought their SIEM business, which creates an incentive and motivation for those customers to migrate to us. You might lose some while we hopefully intend to get a significant share. We think there are three vendors in the SIEM inflection point space where us being one of them, and don’t ask me the name of the other two. And I can get a third of that market, it’s great, it’s a $20 billion market.
Gabriela Borges
Let me ask you a little bit about the thought process with the IBM deal, because one could argue, in a lot of these subsectors of security where you’re seeing an inflection, you’ll be gaining share regardless. And so, there is a trade off between buying the share versus gaining it organically and paying [S&M] for it. So how does you think about that when it came to IBM and are there other cases in Palo Alto’s future where you think a similar unit economics dynamic might apply?
Nikesh Arora
You can argue and I think that’s a lazy argument…
Gabriela Borges
Sure.
Nikesh Arora
Because don’t forget if IBM — it’s IBM’s customer, there’s a gravitational pull where their sales people are saying don’t leave us, we’ve got some cool stuff for you. So there’s no incentive for the customer to migrate and they’re getting the service. Now with this, every customer knows, they have to either migrate to us or somebody else, because IBM is not in the business in the long term. And the IBM sales people are actually incenting them to move to Palo Alto. So it’s a very different forces at work than waiting organically. When you’re doing it organically then you’re looking at everything in the market and spending time. I’m walking up to you and saying, listen you are now my customer, let me help you walk you through how I take you seamlessly with low execution risk, low economic risk straight to Palo Alto. It’s a different conversation. So no, it’s not organic share take versus come to Palo Alto.
Gabriela Borges
I think part of the wins in SoC are tied to your endpoint product and how the interfaces between Cortex endpoint and XIM all kind of tie in together. Talk to us a little bit about how your conversations have changed post July 19th? And internally, when you and your team look at the resiliency of the Palo Alto platform, how do you protect yourself against that kind of black swan outage impact?
Nikesh Arora
So two different things. First, that’s what I thought two years ago that our fate on SIEM would be very dependent on our endpoint ownership. We discovered that the economics are that for dollar endpoint the same is $4. So why get sort of parochial and say, I want the dollar to give you my $4 product. I’m like, great. We can use any endpoint as long as it’s of high quality and of the recent kind as opposed to the old kind. So we pivoted about six months ago. So we’ll take the data from anybody else and use that in our SoC product to give you the same outcome we do with our own product. So it’s a big shift. So we don’t force our customers to acquire endpoint anymore in our SoC product. We ingest 400 vendors of data, what’s another three, right? So that’s 403 instead of 400, it’s not a big deal. So that’s one part of it. In terms of your question of how do we protect for the outage that happens is the question…
Gabriela Borges
How do you think about instilling resiliency into your own products and services, given how much mission critical positioning you have here?
Nikesh Arora
I think if you’re referring to the — there’s two different scenarios where resilience becomes relevant from us. Obviously, our products for the most part to provide security sit in line with our customers. So our firewalls have been around for 17 years that sit in customer infrastructure and a bad firewall could bring your infrastructure down. So we understand that we are very critical to the resilience that our customers need. It gets sort of further exacerbated or customers become more reliant in the case of endpoints, which you saw the recent outage was an example or we also have a similar product and so do other people in the market. Now that was a black swan event to be honest. There’s very rare situations where we interface with a customer’s endpoint device where it can get to the kernel and we know that’s a specific issue and hopefully that gets remediated over time. But also we have different policies in place than some of the other vendors in the market, which we believe are more resilient. We do not deploy to 8.5 million customers at the same time in 47 minutes. We actually do it in a very phased manner, 1%, 5%, 10%. We take two weeks to do what some people might be doing faster than us. So — and of course, all of us have gone back and relooked at our processes to make sure we are doing that. We have a bunch of fail over provisions but let’s just say that it could happen to most people and put that aside.
The other area which becomes interesting or relevant is SASE. Our SASE product is a service, which means if our SASE infrastructure is down, you’re down. We cannot use your laptops if you were to be probably the SASE provider of the company. So we on purpose took a very different architectural approach than most other people in the market. We don’t run our own data centers anywhere in the world to deliver SASE. We run on Google Cloud and AWS, which means if Google Cloud is down then you’re down. But we also have a hot switch when some of our customers, as they choose, we can move them from Google to AWS in the back. So if both Google and AWS are down, I don’t think you’d be worried about SASE, something else is going on in the world.
Gabriela Borges
Fair. I want to ask you a little bit, you mentioned spending more time with the system integrators over the past year. And I believe you’re just coming off of sales kickoff in the beginning of the fiscal year ‘25. So what were some of the highlights coming out of sales kick off? How are you balancing what is an incredibly motivated talented group of enterprise salespeople at Palo Alto with some of the partnerships that you have on the system integrator side so that everyone wins?
Nikesh Arora
Well, our sales people are still a critical part of that equation, because they are the ones who interface with the relevant systems integrator partners who are talking to the customer. So there’s a customer says, I want to do a big network transformation, my name is Accenture, my name is Pricewaterhouse, my name is Deloitte, my name is Infosys. They still need a Palo Alto sales person sit with them and come up with a solution and design the solution and get the coach to them, because they’re interested in larger piece of the pie or a sub-part of that pie. But it still leads to go through a tremendous amount of process to get the win and try and get sort of eventually get the transformation done, but it goes full circle to where we started. More and more of our platform deals require us to be part of a transformation narrative as opposed to a point solution narrative. And the transformation narrative is often driven by either the customer or most often with them in partnership with an SI or a telecom company, which in Europe mostly provides same capability.
Gabriela Borges
Other highlights from sales kick off?
Nikesh Arora
We did a virtual sales kick off. We actually decided that bringing people to Vegas, giving them lots of opportunity to go gamble or drink is not a good way to teach people. Wouldn’t do that to your kids. Okay, guys, we’re going to Disney World, we’re going to have lessons. No. So we did it virtually, you had to go pass a whole bunch of technical tests to have a watch party in the office. So our highlights were that people didn’t have to travel for a week and be unproductive for that week and not learn a whole lot.
Gabriela Borges
Very good. I want to come back to next gen…
Nikesh Arora
It’s true. You’re laughing. I find it very amusing when I go to Vegas, there’s 80,000 people walking around with badges and saying I’m here to learn. This is a bizarre enterprise phenomena I do not understand. This is what you get for not working in enterprise for 25 years.
Gabriela Borges
It’s an excellent point. I want to ask you a little bit about renewals.
Nikesh Arora
Yes?
Gabriela Borges
So one of the most interesting charts in the 4Q earnings earnings presentation was the number of customers that are moving to advanced attached subscriptions. So I’m thinking of URL going to advanced URL. And the list price for advanced URL is, on paper, 50% more than classic URL. So how do you think about that conversation in renewals? It’s obviously a balance between extracting the value that you’re providing and pricing the premium products appropriately. How do you balance that with the customer saying, hey, on PayPal, you have to now pay 50% more for something similar? How do you navigate that conversation?
Nikesh Arora
Well, look, list prices are an interesting phenomenon in enterprise, right? And I think most customers don’t end up in the list price, there’s a yield that you get out of it. But again, the price is a wrong way to start the conversation. The conversation starts as to what incremental capability do I bring? So fundamentally, how it works is you have a firewall, your employees are trying to go to an Internet address, you type, it goes to the Internet address. If it’s a legit one, if it’s a bad one, we’ve already told the firewall don’t let them go to bad Internet addresses. That’s kind of how traditionally it works. The advanced services work like, I at Palo Alto try to go to a bad one, I found out, it’s a bad one, we take that, we update our cloud databases to 52,000 customers in the world in an instant and everyone has now got the advanced protection because something I found in one has been deployed to 62,000. You’re telling me you don’t want that capability? Sure. You can have the old capability, which updates every two hours, except you’re exposed to the next two hours. No, I want the new capability and I’m happy to pay the extra $0.10.
Gabriela Borges
How is that conversation then transitioned into the SASE conversation? So if I think about something like advanced URL functionality and then the holistic way that you approach distributed network security with SASE. How do those two things come together when you sell SASE at…
Nikesh Arora
It actually comes at it from a slightly different perspective, right? I think what happened was the world of SASE was more lighting. So the world of SASE was everybody had VPNs that you use to access your applications in your company. And this whole thing came about called the Internet. So we had this thing called Internet access. So the new company formed, which is if you want to go to the Internet, come to me. If you’re going to go to VPN, go to Palo Alto or any firewall vendor. What happened in the pandemic, we all discovered that we want to be able to work seamlessly from anywhere. I don’t care where I’m going, whether I’m going to a private instance or I’m going to the Internet instance, which is where we sort of came into play because we lived in the private access world. We built the Internet access world for ourselves. Other vendors on the Internet side tried to build a private access world, right? Now what’s happening is I’d say about 10% of the companies in the world are SASE-fied, 90% are still going through a network transformation. And the way it works is that eventually you have a device, all of you have a device in front of you, some of you are accessing the Internet SaaS application, some of you may still be going to some data center back install. Customers don’t want the differentiation. You can’t have four different products to do the same thing. You can’t have an agent for Internet access, an agent for private access, and enterprise browser for a third situation, you want all come together. So our conversations usually are, I can provide you an integrated stitch situation where all the capabilities are part of one platform, all the services are deployed against that one platform. So that’s how the conversation happens. And it was, I think, our mistake that we didn’t have an Internet access product when it came about and we let it go for so long. But now in the last three, three and half years, we’re about 40% of the business of largest player in the market, which is a good start. We think we are on track to be the largest SASE player in the next three to five years.
Gabriela Borges
So on that note, every year we have a conversation about how fiscal year planning is unpredictable and every year there are puts and takes to how you come up with…
Nikesh Arora
Lot of — well, interest rates, elections, wars. Yes. If you give me an answer to all those, I’ll give you the answer to my plan…
Gabriela Borges
With all of that context, you’re guiding to 19% to 20% RPO growth for fiscal year 2025. You just printed 20%. You’re guiding to essentially zero deceleration in the business. Talk to us a little bit about how you’re able to, at the large numbers that you have, guide to business continuing to grow at the same pace this year over the next 12 months as you just did in the July quarter?
Nikesh Arora
A lot of analysis, a little bit of praying.
Gabriela Borges
Maybe share a little bit about the analysis.
Nikesh Arora
Look dude, like we all try and forecast. Every company out there tries to forecast how best to to understand the business. Now you have an existing book of business. If you look at the spectrum, some of us have a large existing book of business and marginal incremental growth. Some of us have all net new growth, because we’re fast growers and we’re new in the market. We sit somewhere in the middle, right. We have a large book of business in hardware and our software services business and then we have incremental business in XIM and SASE. So on the book of business, we have reasonably good visibility. Our churn rates are low, customers don’t leave us. So we know what we’re going to have to upsell or renew into the existing book of business. So 70%, 80% of business is more predictable than the other 20%. On the other 20%, you rely on the pipeline, the opportunity in the market, the conviction that security is not going away, the conviction that they haven’t met a CIO or CISO says, I’m not going to spend on security because I’m spending on AI. That doesn’t happen in our industry. So there’s reasonably robust predictability on the demand function, give or take. Yes, they might want a better price but they’re not going to go away. Then the question is, how much am I going to win in that space or is there something that’s going to happen that’s going to be from left field, I’m not going to my win rate goes away? So you put all that together in a big jar, you shake it really, really hard, you see what number comes out and say, Gabriel, you’re going to be happy with that number? Oh she’s not going to be happy, let’s go work really hard again and shake it again and make sure we execute better.
Gabriela Borges
What do you think is different about the next 12 months that allow you to start out with that starting point? If I think about the…
Nikesh Arora
So should I have added lower, is all you’re saying?
Gabriela Borges
No, I’m trying to understand…
Nikesh Arora
I’m just trying to understand what you want, I’ll give you what you want, just tell me, it’s easier.
Gabriela Borges
What do you think is unique about this year that’s allowing you to guide to a better demand function based on all of the blocking and tackling…
Nikesh Arora
I think it’s a good demand function. It’s consistent with our experience. And you have to make sure that all the investments we made in SASE or Cortex XIM that we have to have some — with the IBM, all that has to factor into our expectations for next year. So I told you the friction on selling XIM should go down given that we just went and acquired a large customer base we can upsell into it. So put all of that together and as I said and you have to still go out and execute.
Gabriela Borges
I want to spend a couple of minutes on how you think about unit economics of the business. And we’ve talked before about how, as you cross sell into our largest customers, there’s an incredibly rich LTV to CAC, so to speak, that comes off of that business. And then we’ve talked about the renewals business as well. What are some of the metrics that you look at internally to measure unit economics? It’s not as clean as a pure SaaS model where you just look at LTV to CAC. So a little bit of insight on how you think about that…
Nikesh Arora
You think SaaS model has clear unit economics?
Gabriela Borges
Well, it’s all subscription whereas you’ll have a little more private model…
Nikesh Arora
Yes. There’s a ramp and early deployment cost for net new business, which makes it very hard to understand SASE unit economics, right? All the customer support deployment is early loaded out into the SaaS deal, it’s a per user deal. So you got to make sure the users show up on the customer side. So all I’m saying is SaaS economics are also — unit economics are no easier than our economics. Look, at the end of the day, we understand our businesses, we understand what it takes to land the product, we understand what the upsell opportunities, we got to make sure you don’t give away the farm in your first deal. We understand the consumption curve. I think the biggest shift we’ve had to make on the unit economic side is that the consumption is consistent with our sale, because you don’t get the consumption that we sold and the risk is you won’t get the right renewal and the economics work really well for the land but then you may not get renewal and your business becomes bad. We have had to pivot some of our business practices as we’ve sold more and more SASE, more and more cloud, more and more XDR to make sure we’re watching consumption and making sure we have people go there and talk to customers and say, listen, you bought a lot of product, we want to make sure you’re using it because come three years from now you’re going to have to go renew that deal. So that allows us to understand the unit economics today. But what’s most important is not just today’s unit economics, because unit economics get way better on renewal, because all the early costs are out. So you look at it from a longer term perspective. I don’t know what LTV to CAC means.
Gabriela Borges
Fair. So you made a interesting comment on consolidation last week. And specifically, some of your peers, other industry companies in security, that are at a smaller scale and are looking at the scale that you’ve accomplished and saying how do we get there. Share with us a little bit about how you think of the future of the industry in terms of consolidation?
Nikesh Arora
Look, there was a wave in the last six years that we walked in this industry, we said this industry people need to think about it more coherently and more cohesively than individual SIEM lanes. Cybersecurity was a SIEM lane industry six years ago. I do endpoint, I do firewalls, I do SoC, I do identity and the customer stitches them together. We try to break the paradigm signal. We do cybersecurity, we do three, we do four out of the five now, right? And we don’t do the fifth one yet but we take the data integrated. So we changed the paradigm. We said we need to make this work together for the customers. We discovered we had technical debt. We didn’t have products in those categories. So we had to go out and fill that technical debt with great companies. So we went out and said we’re going to buy some companies, only go to buy number one or number two in the market, number three is number three for a reason, we’ll take one or two. We ended up buying about 19 companies in the timeframe. I would say we have a 75% hit ratio. I think if a quarter didn’t work as well as we thought, I think three quarters worked. We deployed very specific principles as to how to integrate, deploy and merge and work with them. We’re at a point today where we’re done with the easy purchases. So we can’t buy companies and slap them and go to market motion. So we’ve now gone back to building from scratch ourselves, because it’s easier to build on our platforms than to go integrate third party companies.
With that said, we discovered after the first year when people say, what’s this crazy guy doing buying cybersecurity companies, it doesn’t work like this. Now we have a tracker that every time you buy a company, four other companies in the same sector get bought by competitors. So it’s good, which means that we’re causing more M&A for VCs, they should be happy, right? I think that trend is also going to be done for now, because there’s possibly 500 cybersecurity companies funded in the last one year, which are going to focus on AI. I don’t think most of them are going to make it because AI requires inline security and a lot of the existing vendors will deploy that capability themselves. I do think that we’re coming to a place where 300 million to 700 million ARR cybersecurity businesses are going to be in the graveyard. It’ll be like we’ll be struggling to figure out how to get past and break the sound barrier to get ahead, because I’ve said this before, customers want more — better security at a good price. And it’s very hard, customers have discovered that the number of breaches is going up irrespective of number of point solutions to deploy. So you will see that shift towards platformization. I think since we started talking about it, every other player in the industry has now said they also have a platform, which is good, which means you’re in the right direction. So I think you’ll see some consolidation. If you look around, there’s a lot of $3 billion to $7 billion market cap cybersecurity companies for sale, because they figured out it’s very hard to break through the sound barrier. So we’ll see.
Gabriela Borges
Very good. Please join me in thanking Nikesh for his time. Nikesh, thank you.
Nikesh Arora
Thank you, Gabriela.