Palo Alto Networks, Inc. (PANW) Q3 2026 Earnings Call Transcript
Access earnings results, analyst expectations, report, slides, earnings call, and transcript.
Overview
The earnings call highlights strong financial performance, including a 57% increase in adjusted free cash flow and significant growth in Observability ARR. The Q&A section indicates robust demand for AI-driven security solutions, with management providing optimistic guidance on future growth. Despite some lack of clarity on specific metrics, the overall sentiment is positive, driven by strategic initiatives and growth in key areas like AI and cybersecurity.
Key Financial Performance
Next-Generation Security ARR $8.13 billion in Q3, representing 60% year-over-year growth. Reasons for growth include acceleration in organic bookings momentum, platformization strategy, and surging cybersecurity needs driven by AI adoption.
Remaining Performance Obligation (RPO) $18.4 billion, up 36% year-over-year. Adjusted for acquisitions, organic RPO rose 22%. Growth attributed to platformization strategy and deeper customer commitments.
Total Revenue $3 billion in Q3, growing 31% year-over-year. Growth driven by broad-based demand across platforms and geographies.
Product Revenue $594 million, growing 31% year-over-year. Growth driven by software firewalls, Prisma AIRS, SD-WAN, and identity security subscriptions.
Services Revenue $2.4 billion, growing 31% year-over-year. Growth attributed to recurring software revenue and SaaS offerings.
Hardware Revenue Approximately 10% of total revenue, with the strongest quarter in a decade. Next-generation firewall bookings rose nearly 40% year-over-year, driven by AI data center wins and demand for high-throughput hardware.
SASE ARR $1.6 billion, growing 40% year-over-year. Growth driven by unified protection for hybrid workforces and AI applications.
Software Firewall ARR Up 25% year-over-year, driven by Prisma AIRS and Firewall Flex deals.
Prisma AIRS Customers Over 300 customers in Q3, up from 100 in Q2. Growth driven by AI adoption in enterprises.
XSIAM ARR More than $600 million, representing 100% year-over-year growth. Growth driven by AI-powered threat response capabilities.
Chronosphere Observability ARR Surpassed $300 million, nearly doubling since acquisition. Growth driven by AI initiatives generating a surge in telemetry.
Adjusted Free Cash Flow $910 million in Q3, a 57% increase year-over-year. Growth attributed to strong cash flow generation and operational efficiency.
You have reached the limit. Sign up to access full content
Get started
Operating Highlights
Prisma AIRS: Continues to be the fastest-scaling product in the company's history, reaching over 300 customers in Q3, tripling from Q2. Clear visibility towards $100 million in ARR over the next couple of quarters.
XSIAM: Achieved $600 million in ARR, representing 100% year-over-year growth. Processes over 17 petabytes of daily telemetry, enabling threat response in under 10 minutes for most customers.
PortKey: Acquisition of PortKey enhances AI gateway capabilities, processing trillions of tokens monthly and enabling real-time policy enforcement for agent-to-agent interactions.
AI-driven cybersecurity demand: AI adoption is driving demand for real-time network traffic inspection and high-throughput hardware. The company secured 110 net new platformizations in Q3, including 20 from recent acquisitions.
SASE Market: SASE ARR reached $1.6 billion, growing 40% year-over-year, with nearly 50 displacement wins totaling $200 million in contract value year-to-date.
AI Data Centers: Strong demand for next-generation firewalls, with bookings rising nearly 40% year-over-year. Early adoption from sovereign infrastructure providers and AI labs.
Platformization Strategy: Secured 2,280 total platformized customers, with a goal to surpass 4,000 by fiscal 2030. Platformization reduces breach response times from days to minutes.
Integration of Acquisitions: CyberArk and Chronosphere acquisitions are exceeding expectations, contributing significantly to ARR and RPO growth. Integration efforts are ahead of schedule.
Free Cash Flow Margin: Achieved 38.5% adjusted free cash flow margin on a trailing 12-month basis, with a target of 40% by fiscal 2028.
AI Security Platformization: Expanded capabilities in AI security, including identity security, observability, and endpoint security. Prisma AIRS is positioned as foundational for secure AI deployment.
Identity Security with CyberArk: Launched Idira, a next-generation identity platform addressing AI-driven enterprise needs. Early go-to-market efforts initiated 1,000 cross-organization engagements.
AI-driven Threat Landscape: Focused on countering machine-speed adversaries with real-time automated defense and leveraging AI to reduce threat response times.
You have reached the limit. Sign up to access full content
Get started
Risk or Challenges
Emergence of AI-driven cyber threats: The development of frontier AI models like Mythos poses significant risks as these systems can autonomously execute comprehensive attack campaigns at machine speed, identifying and exploiting vulnerabilities in minutes. This creates a critical challenge for enterprises to defend against such rapid and sophisticated threats.
Latency gaps in breach detection: Existing enterprise systems often require days to identify breaches, which is unsustainable given the speed of AI-driven attacks. This latency gap increases the risk of significant damage before a breach is detected and mitigated.
False positives in AI defense systems: AI defense systems face challenges with high error rates, often reaching 25%, which necessitates manual intervention and undermines the speed advantage of automation. This can lead to operational inefficiencies and potential disruptions.
Supply chain vulnerabilities: Rising component costs, particularly in memory and storage, pose a risk to hardware production and profitability. Although mitigated by recurring revenue and vendor relationships, these dynamics could impact operational efficiency.
Integration challenges from acquisitions: The integration of recent acquisitions like CyberArk and Chronosphere requires significant effort to streamline operations, align cultures, and optimize vendor relationships. Delays or inefficiencies in this process could impact financial and operational performance.
Increased traffic and connection points due to AI adoption: The proliferation of AI agents and applications generates a surge in traffic and connection points, necessitating real-time inspection and security measures. Failure to adequately secure these interactions could lead to vulnerabilities.
Identity security risks with AI proliferation: The rise of autonomous AI agents introduces new identity security challenges, as every agent represents a potential attack vector. Managing these identities effectively is critical to preventing unauthorized access and breaches.
Economic uncertainties impacting demand: Broader economic conditions could influence customer spending on cybersecurity solutions, potentially affecting revenue growth and market expansion.
You have reached the limit. Sign up to access full content
Get started
Guidance & Outlook
NGS ARR (Next-Generation Security Annual Recurring Revenue): Expected to reach $8.9 billion to $8.95 billion in Q4 2026, representing 59% to 60% growth. For fiscal year 2026, the same range is projected, maintaining the same growth rate.
RPO (Remaining Performance Obligation): Projected to be $20.9 billion to $21 billion in Q4 2026, reflecting 32% to 33% growth. Fiscal year 2026 guidance aligns with these figures.
Revenue: Anticipated to be $3.345 billion to $3.355 billion in Q4 2026, a 32% growth. Fiscal year 2026 revenue is expected to be $11.415 billion to $11.425 billion, a 24% growth.
Operating Margins: For fiscal year 2026, operating margins are expected to range between 28.9% and 29.2%.
Diluted Non-GAAP EPS: Guidance for Q4 2026 is $0.96 to $0.98. Fiscal year 2026 EPS is projected to be $3.77 to $3.79.
Adjusted Free Cash Flow Margin: Expected to be 37.5% for fiscal year 2026.
Platformization Strategy: The company aims to surpass 4,000 platformized customers by fiscal 2030, driving momentum towards a $20 billion NGS ARR target.
AI and Cybersecurity: AI-driven cybersecurity is expected to create significant demand for real-time inspection, automated defense, and identity security. The company anticipates AI to serve as a structural catalyst for deeper traffic inspection requirements and increased demand for high-throughput hardware and cloud-based software capacity.
Product Growth: Prisma AIRS is projected to reach $100 million in ARR within the next couple of quarters. XSIAM ARR is growing at 100% year-over-year, with a target of reducing threat response times to under 10 minutes.
M&A Integration: CyberArk synergy targets are expected to be achieved 3 to 6 months earlier than planned, with profitability convergence anticipated within 12 to 18 months.
You have reached the limit. Sign up to access full content
Get started
Shareholder Return Plan
Share Repurchase Program: During Q3, the company utilized $1 billion to buy back 6.8 million shares at an average cost of $147.69. The company currently maintains $1 billion of remaining capacity under its existing repurchase authorization.
You have reached the limit. Sign up to access full content
Get started
Key Q&A
Q:Can you talk about how much AI data center demand is contributing to your network security business and how other customers are thinking about their network security needs as AI traffic grows?
A:Nikesh Arora explained that as more traffic traverses networks, more inspection is needed, and hardware is the fastest mechanism for data inspection. He noted a 50% increase in demand for the industry, driven by the explosion of data centers built by hyperscalers, frontier labs, and neoclouds. He expects this trend to continue for the next few quarters or years.
Q:How are customers evaluating Prisma AIRS in terms of speed and mean time to detection and response in the current elevated threat environment?
A:Nikesh Arora and Lee Klarich highlighted that Prisma AIRS has native firewalls in hyperscalers, allowing inspection of AI traffic. Lee detailed the end-to-end security capabilities, including model scanning, runtime threat detection, and integration with XSIAM for real-time analysis and automation. Customers are impressed by the ability to achieve mean time to remediation in minutes.
Q:Can you talk about how observability in security is converging and how that positions you to take share versus competitors?
A:Lee Klarich emphasized that observability and security are specialized environments. He explained that data collected for observability can be valuable for security and vice versa. He also mentioned AgentiX as a foundation for AI-driven automated response, which will enhance integration across platforms like Cortex and Chronosphere.
Q:How does the $200 million opportunity with frontier labs change your thinking about the opportunity with AI native platforms?
A:Nikesh Arora stated that Chronosphere is particularly effective for AI native platforms and modern SaaS companies. He noted that Chronosphere delivers capabilities at half the cost of the industry standard, making it a viable alternative to DIY or open-source solutions. He acknowledged the need to bolster the platform's capabilities to make it more competitive.
Q:What is driving the progress and interest in the Agentic endpoint and Koi?
A:Nikesh Arora explained that the rise of Agentic endpoints, driven by AI development and applications like vibe coding tools, has created a new endpoint ecosystem requiring specialized functionality. He highlighted Koi's unique ability to secure these endpoints, which led to its acquisition and integration into Palo Alto Networks.
Q:How much incremental investment do you expect to put behind Unit 42, and how are you leveraging it for AI-driven security?
A:Nikesh Arora mentioned that Unit 42 is focused on frontier AI defense, helping customers test code, configurations, and manage patching. He noted that XSIAM is proving effective in reducing mean time to detect and remediate. He emphasized the importance of collecting all data for context in AI attack scenarios.
Q:Can you expand on AI-driven demand and how customer conversations have evolved since Mythos?
A:Nikesh Arora noted that AI-driven demand has reinforced the long-term growth potential of cybersecurity. He highlighted the importance of platforms like XSIAM in addressing AI vulnerabilities and emphasized that while demand is robust, it will follow a measured growth trajectory rather than an immediate windfall.
Q:Can you provide more details on the traction you're seeing with SASE and its components like SSC, SD-WAN, and Prisma Browser?
A:Nikesh Arora explained that the second wave of SASE focuses on comprehensive network stacks and Zero Trust. He noted that Palo Alto's strategy of integrating SD-WAN into its SASE platform and offering a consolidated security framework is helping it take market share from SASE-only competitors.
Q:Why has CyberArk performed so strongly, and what is your strategy for its integration?
A:Nikesh Arora stated that the focus has been on maintaining CyberArk's top-line performance while improving profitability through streamlined operations. He emphasized the importance of not disrupting existing customer relationships and highlighted ongoing efforts to modernize and innovate the product. He views CyberArk's success as critical to proving Palo Alto's ability to handle large acquisitions.
Q:Review of Unclear Management Responses
A:Management avoided directly addressing specific metrics or timelines for AI-driven demand growth and the exact financial impact of Unit 42's focus on frontier AI defense. Responses were often broad, emphasizing long-term potential and strategic positioning without providing detailed data or immediate actionable insights.
You have reached the limit. Sign up to access full content
Get started
Earnings Word Cloud
The most frequently occurring keywords in this quarter's earning call
AI development
AI enterprise
AI lab
AI security
AI surge
AI tool
Agentic AI
Chronosphere
CyberArk
Mythos
PortKey
XSIAM
adversary
attack line
battle
breach
campaign
catalyst
core mission
cybersecurity industry
defense
endpoint
enforcement
engagement
entity
fidelity telemetry
frontier AI
frontier lab
frontier model
inspection
machine speed
milestone
month frontier
observability
platform AI
platformization AI
sensor
threat landscape
vision
vulnerability
PANW Transcript
Palo Alto Networks, Inc. (PANW) Q3 2026 Earnings Call Transcript
Positive6-3
The earnings call highlights strong financial performance, including a 57% increase in adjusted free cash flow and significant growth in Observability ARR. The Q&A section indicates robust demand for AI-driven security solutions, with management providing optimistic guidance on future growth. Despite some lack of clarity on specific metrics, the overall sentiment is positive, driven by strategic initiatives and growth in key areas like AI and cybersecurity.
Palo Alto Networks, Inc. (PANW) Q2 2026 Earnings Call Transcript
Positive2-17
The earnings call summary indicates strong financial performance with significant growth in SASE and NGS ARR, and positive market trends in AI and quantum security. The Q&A highlights management's strategic approach to AI and acquisitions, with positive analyst sentiment. Although some ambiguity exists in ARR contributions, the overall outlook is optimistic with growth in key areas and strategic acquisitions. The absence of major negative factors and the focus on innovation and integration suggest a likely positive stock price movement.
Palo Alto Networks, Inc. (PANW) Presents at UBS Global Technology and AI Conference 2025 Transcript
Neutral12-2
Palo Alto Networks, Inc. (PANW) Q1 2026 Earnings Call Transcript
Positive11-19
The earnings call indicates strong financial performance and strategic growth plans, including AI and quantum preparedness, SASE growth, and impactful acquisitions like Chronosphere and CyberArk. Despite some lack of detailed guidance, the optimistic outlook on revenue growth, next-gen security ARR, and strategic acquisitions suggest a positive sentiment. The Q&A section supports this with management addressing key growth drivers and strategic initiatives, aligning with the positive sentiment from the earnings summary.
PANW Slides
Palo Alto Networks Q2 2026 slides: NGS ARR jumps 33%, stock falls 5%2026-02-17
Palo Alto Networks Q1 2026 slides: Revenue beats expectations, strategic acquisitions expand TAM2025-11-19
Palo Alto Networks Q4 FY25 slides: revenue growth accelerates, margins expand2025-08-18
Palo Alto Networks Q3 2025 slides: Revenue up 15%, NGS ARR surpasses $5B milestone2025-05-20
PANW Report
Frequently Asked Questions
Where does this earnings call transcript come from?
All transcripts are sourced directly from the official live webcast or the company’s official investor relations website. We use the exact words spoken during the call with no paraphrasing of the core discussion.
How soon is the transcript available after the earnings call ends?
Full verbatim transcripts are typically published within 4–12 hours after the call ends. Same-day availability is guaranteed for all S&P 500 and most mid-cap companies.
Is the transcript edited or altered in any way?
No material content is ever changed or summarized in the “Full Transcript” section. We only correct obvious spoken typos (e.g., “um”, “ah”, repeated 10 times”, or clear misspoken ticker symbols) and add speaker names/titles for readability. Every substantive sentence remains 100% as spoken.
Why do some answers appear as “Unclear” or “Inaudible”?
When audio quality is poor or multiple speakers talk over each other, we mark the section instead of guessing. This ensures complete accuracy rather than introducing potential errors.
Who creates the AI Summary and Key Q&A highlights shown above the transcript?
They are generated by a specialized financial-language model trained exclusively on 15+ years of earnings transcripts. The model extracts financial figures, guidance, and tone with 97%+ accuracy and is regularly validated against human analysts. The full raw transcript always remains available for verification.
