FinanceLooker

Excrept from filing document 2025-07-31

The aggregate market value of voting stock held by non affiliates of the registrant was approximately 119 7 billion as of January 31 2025 the last business day of the registrant s most recently completed second fiscal quarter based on the closing sales price for the common stock on the Nasdaq Global Select Market on such date Shares of common stock held by each executive officer and director have been excluded in that such persons may be deemed to be affiliates This determination of affiliate status is not necessarily a conclusive determination for other purposes
Portions of the information called for by Part III of this Annual Report on Form 10 K is hereby incorporated by reference from the definitive proxy statement for the registrant s 2025 annual meeting of stockholders which will be filed with the Securities and Exchange Commission not later than 120 days after the registrant s fiscal year ended July 31 2025
This Annual Report on Form 10 K including without limitation the sections entitled Business Risk Factors and Management s Discussion and Analysis of Financial Condition and Results of Operations contains forward looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934 Forward looking statements generally can be identified by words such as anticipate believe continue could estimate expect intend may plan potentially projects will will be will continue will likely result would and similar expressions that convey uncertainty of future events or outcomes
statements regarding expected profitability trends in annual recurring revenue trends in remaining performance obligations our mix of product and subscription and support revenue cost of revenue gross margin cash flows operating expenses including future share based compensation expense income taxes investment plans and liquidity
expectations regarding future investments in research and development and product development customer support in our employees and in our sales force including expectations regarding growth in our sales headcount
our ability to successfully acquire and integrate companies and assets and expectations and intentions with respect to the assets products and technologies that we acquire including with respect to our proposed acquisition of CyberArk Software Ltd and our expectations regarding the benefits and synergies of the proposed acquisition
the effects of worldwide economic and geopolitical conditions including but not limited to hostilities in Israel and the surrounding regions inflation tariff rates interest rate levels public or administration policies trade regulations trade policy growth rates and other conditions on our operating and financial results and performance
These forward looking statements are based on current expectations and assumptions that are subject to risks and uncertainties including those described in Risk Factors included in Part I Item 1A and elsewhere in this Annual Report on Form 10 K Moreover we operate in a very competitive and rapidly changing environment and new risks emerge from time to time It is not possible for our management to predict all risks nor can we assess the impact of all factors on our business or the extent to which any factor or combination of factors may cause actual results to differ materially from those contained in any forward looking statements we may make In light of these risks uncertainties and assumptions the forward looking events and circumstances discussed in this Annual Report on Form 10 K may not occur and actual results could differ materially and adversely from those anticipated or implied in the forward looking statements We undertake no obligation to revise or publicly release the results of any revision to these forward looking statements except as required by law Given these risks and uncertainties readers are cautioned not to place undue reliance on such forward looking statements
Palo Alto Networks Inc is a global cybersecurity provider and our vision is a world where each day is safer and more secure than the one before We were incorporated in 2005 and are headquartered in Santa Clara California
Our mission is to be the cybersecurity partner of choice for enterprises organizations service providers and government entities to protect our digital way of life Our cybersecurity platforms and services help secure enterprise users networks clouds and endpoints by delivering comprehensive cybersecurity backed by artificial intelligence AI and automation A key element of our strategy is to help our customers simplify their security architectures through consolidating disparate point products We execute on this strategy by developing our capabilities and packaging our offerings into platforms which are able to cover many of our customers needs in the markets in which we operate Our platformization strategy combines various products and services into a tightly integrated architecture for more secure faster and cost effective outcomes
Access when combined with Prisma SD WAN provides a comprehensive single vendor SASE offering that is used to secure remote workforces and cloud delivered branch offices Prisma Access Browser further extends SASE security and data protection to the end user device providing workers with freedom to access business applications securely using our secure browser from any device
Prisma Access Agent Enterprise Data Loss Prevention Enterprise DLP AI for IT Operations AIOps Software as a Service SaaS Security and AI Access Security Through these add on services our customers are able to secure their content applications users and devices across their entire organization
Prisma AIRS is a comprehensive AI security platform that has been designed to protect customers entire AI ecosystem by providing AI model scanning posture management red teaming run time security and AI agent security
SCM our network security management solution centrally manages network security across all remote workers branches headquarters campuses and cloud SCM leverages AI to simplify and strengthen network security by enabling customers to proactively pinpoint vulnerabilities gain real time remediation recommendations and enhance overall digital experiences thereby reducing operational burden This comprehensive solution includes Strata Copilot which offers a natural language interface for enhanced insights and guided remediation and integrates Autonomous Digital Experience Monitoring ADEM to proactively maintain infrastructure health facilitate AI driven one click troubleshooting and ensure seamless end user performance across the enterprise
Our AI powered Cortex platform transforms end to end security operations with unified data AI and automation for more secure faster and cost effective outcomes We have consolidated our industry leading Security Operations and Cloud Security capabilities on a single comprehensive platform to provide centralized visibility proactive protection real time prevention AI driven insights and automated remediation across enterprise and cloud
We deliver the next generation of security operations capabilities that unifies standalone Security Information and Event Management SIEM tools endpoint security security automation cloud detection and response CDR as well as attack surface management ASM capabilities on our Cortex
We deliver comprehensive security across the cloud application development lifecycle through Cortex Cloud delivered as a scalable SaaS offering As a comprehensive Cloud Native Application Protection Platform CNAPP combined with CDR Cortex Cloud secures multi and hybrid cloud environments for applications data generative AI GenAI ecosystem and the cloud native technology stack across the full development lifecycle from code to cloud to security operations As part of the Cortex Cloud platform customers can expand from Cortex Cloud to our security operations offerings available on a single user experience and unified agent We also offer our VM Series and CN Series virtual firewalls for inline network security on multi and hybrid cloud environments
brings together world renowned expertise across threat research incident response and security consulting to deliver intelligence driven response ready outcomes that help customers reduce cyber risk Our elite consultants serve as trusted advisors to our customers by assessing and testing their security controls against sophisticated threats transforming their security strategy with a threat informed approach and responding to security incidents on behalf of our clients Additionally Unit 42 offers managed detection and response MDR and managed threat hunting services
Prisma Access is a cloud delivered security offering that helps organizations deliver consistent AI driven security to remote networks and mobile users With more than 100 locations around the world Prisma Access offers global coverage consistently inspecting all traffic across all ports and providing bidirectional networking to enable branch to branch and branch to headquarter traffic Prisma Access consolidates point products into a single cloud delivered solution transforming network security and allowing organizations to enable secure hybrid work Prisma Access protects all application traffic with complete best in class security while also delivering a seamless user experience with industry leading service level agreements SLA s With native SASE integration Prisma Access Browser extends Zero Trust to any device managed or unmanaged in minutes Prisma Access delivers seamless user experience with a combination of application acceleration up to 5x faster than direct to internet and Autonomous Digital Experience Management
Our Prisma SD WAN solution is a next generation SD WAN solution that makes the secure cloud delivered branch possible Prisma SD WAN enables organizations to replace traditional wide area network WAN architectures with affordable broadband and internet transport types that promote improved bandwidth availability redundancy and performance at a reduced cost Prisma SD WAN leverages real time application performance SLAs and visibility to control and intelligently steer application traffic to deliver a powerful user experience Prisma SD WAN also provides the flexibility of deploying with an on premises controller to help businesses meet their industry specific security compliance requirements and manage deployments with application defined policies Our Prisma SD WAN simplifies network and security operations using AI and automation
Our hardware and software ML Powered Next Generation Firewalls use AI including machine learning and deep learning to stop zero day threats in real time and detect and secure the entire enterprise including Internet of Things IoT All of our hardware and software firewalls incorporate the PAN OS
operating system and include the same rich set of features ensuring consistent operation across our entire product line This includes SD WAN capabilities to intelligently steer traffic to data centers branches and the cloud natively integrated into our Next Generation Firewalls Enterprise data applications users and devices become integral components of an organization s security policy Our hardware and software are designed for different performance requirements throughout an organization with the ability to secure everything from small businesses and branch offices to large scale data centers and service providers Our firewalls come in hardware form factors containerized form factors called CN Series as well as virtual form factors called VM Series available on all major cloud hosting service providers We also offer Cloud NGFW a managed NGFW offering to secure customers applications on Amazon Web Services AWS and Microsoft Azure Azure
This cloud delivered security service provides intrusion detection and prevention capabilities and blocks vulnerability exploits viruses spyware buffer overflows denial of service attacks and port scans from compromising and damaging enterprise information resources In addition we offer inline deep learning to deliver real time detection and prevention of unknown evasive and targeted command and control C2 communications over HTTP unknown TCP unknown UDP and encrypted over SSL Advanced Threat Prevention is the industry s only offering to protect the enterprise from unknown command and control in real time with the power of Precision AI
This cloud delivered security service provides protection against targeted malware and advanced persistent threats and provides a near real time analysis engine for detecting previously unseen malware while resisting attacker evasion techniques Advanced WildFire combines dynamic and static analysis recursive analysis and a custom built analysis environment with network traffic profiling and fileless attack detection to discover even the most sophisticated and evasive threats Preventions are delivered in seconds to our network security platform
This cloud delivered security service offers the industry s first Inline Deep Learning powered web protection engine We deliver real time detection and prevention of unknown evasive and targeted web based threats such as phishing In addition the service includes a cloud based URL filtering database which consists of millions of URLs across many categories and is designed to analyze web traffic and prevent web based threats such as phishing malware and C2
This cloud delivered security service uses machine learning to proactively block malicious domains and stop attacks in progress The service allows our network security platform access to Domain Name System DNS signatures that are generated using advanced predictive analysis machine learning and malicious domain data from a growing threat intelligence sharing community of which we are a part of We offer comprehensive DNS attack coverage and include industry first protections against multiple emerging DNS based network attacks including real time analysis of DNS response to prevent DNS hijacking
This cloud delivered security service uses machine learning to accurately identify and classify various IoT and operational technology OT devices including never been seen before devices mission critical OT devices and unmanaged legacy systems The service uses machine learning to baseline normal behavior identify anomalous activity assess risk and provide policy recommendations
SaaS Security API is a multi mode cloud access security broker CASB that helps govern sanctioned SaaS application usage across all users and helps prevent breaches and non compliance Specifically the service enables the discovery and classification of data stored in supported SaaS applications protects sensitive data from accidental exposure identifies and protects against known and unknown malware and performs user activity monitoring to identify potential misuse or data exfiltration The solution can be combined with SaaS Security Inline for a complete integrated CASB
SaaS Security Inline adds an inline service to automatically gain visibility and control over thousands of known and newly sanctioned unsanctioned and tolerated SaaS applications in use within organizations today The service provides enterprise data protection and compliance across all SaaS applications and prevents cloud threats in real time The solution can be combined with SaaS Security API as a complete integrated CASB
This subscription provides protection for users of both traditional laptop and mobile devices It expands the boundaries of the end users physical network effectively establishing a logical perimeter that encompasses remote laptop and mobile device users irrespective of their location Regardless of the operating system laptops tablets and phones will stay connected to the corporate network when they are on a network of any kind and as a result are protected as if they never left the corporate campus
Prisma Access Agent provides secure remote access to corporate resources for employees working from any location or device The agent establishes an encrypted tunnel to Prisma Access or our NGFW ensuring consistent security data protection and threat prevention for a distributed workforce accessing any application
This cloud delivered security service provides consistent and reliable protection of sensitive data such as personally identifiable information and intellectual property for all traffic types applications and users Native integration with our products makes the service simple to deploy while advanced machine learning minimizes management complexity Enterprise DLP allows organizations to consistently discover classify monitor and protect sensitive data wherever it may reside
AI Access Security classifies and prioritizes GenAI applications to assess risk detect anomalies and visualize insights across multiple GenAI specific attributes The service prevents sensitive data loss and defends against malicious responses ensuring safe and effective AI adoption
AIOps enables security teams to proactively strengthen security posture and resolve network disruptions AIOps provides continuous best practice recommendations powered by machine learning based on industry standards security policy context and advanced telemetry data collected from our network security customers to improve security posture The service also intelligently predicts health performance and capacity problems up to seven days in advance and provides actionable insights to resolve the predicted disruptions
Prisma AIRS is a comprehensive AI security platform engineered to protect customers entire AI ecosystem across its lifecycle It addresses unique AI security challenges such as prompt injection data poisoning and sensitive data leakage by providing deep visibility and control across AI models data and applications The platform offers AI Model Scanning for vulnerabilities Posture Management for secure configurations and AI Red Teaming for proactive testing Critically Runtime Security prevents threats during live AI model execution while AI Agent Security extends protection to autonomous AI agents
SCM enables our customers to easily manage their Palo Alto Networks Network Security infrastructure including NGFWs and SASE deployments from the cloud via one unified management interface As an AI powered unified cloud management solution SCM enables organizations to enhance their network security posture and streamline operations It utilizes AI to swiftly identify potential vulnerabilities provide real time recommendations for remediation proactively address support needs and improve overall digital experiences leading to reduced operational overhead and improved speed accuracy and scale of support By analyzing telemetry historical data and its diverse knowledge base SCM can instantly answer questions pinpoint solutions to known problems and automate data collection to speed up assisted support for new challenges Built into this robust solution are Strata Copilot offering a natural language interface for intuitive insights and guided actions and ADEM designed for proactive infrastructure health simplified troubleshooting and consistent end user performance across the network
Panorama is used for centralized policy management device management software licensing and updates centralized logging and reporting and log storage Many of our existing deployments continue to use Panorama as the security management solution New deployments benefit from using SCM for managing network security estate including our Next Generation Firewalls and SASE with a cloud based unified management interface
Our cloud based AI powered security operations platform harnesses the power of AI to significantly improve security outcomes and transform security operations Cortex XSIAM customers are able to consolidate multiple products into a single unified platform that delivers security information and event management extended detection and response XDR SOAR network traffic analysis ASM threat intelligence management TIM identity threat detection and response and CDR CDR is the latest addition to Cortex XSIAM and XDR that addresses the growing need for security teams to respond to cloud threats with purpose built SOC tools that seamlessly integrate with their security programs Cortex XSIAM integrates these capabilities into a single platform built for security operations enabling organizations to simplify operations stop threats at scale and accelerate incident remediation Cortex XSIAM automates data integration analysis and triage to respond to most alerts enabling analysts to focus on only the incidents that require human intervention
This cloud based service enables organizations to collect telemetry from endpoint network identity and cloud data sources and apply advanced analytics and machine learning to quickly find and stop targeted attacks insider abuse and compromised endpoints Cortex XDR has two product tiers XDR Prevent and XDR Pro XDR Prevent delivers enterprise class endpoint security focused on preventing attacks XDR Pro extends endpoint detection and response EDR to include cross data analytics for network cloud and identity data Going beyond EDR Cortex XDR detects the most complex threats using analytics across key data sources and reveals the root cause which can significantly reduce investigation time as compared to siloed tools and manual processes
Available as a stand alone cloud based service an on premises virtual appliance or delivered natively through Cortex XSIAM Cortex XSOAR is a comprehensive SOAR offering that unifies playbook automation case management real time collaboration and threat intelligence management to serve security teams across the incident lifecycle With Cortex XSOAR security teams can standardize processes automate repeatable tasks and manage incidents across their security product stack to improve response time and analyst productivity Cortex XSOAR learns from the real life analyst interactions and past investigations to help SOC teams with analyst assignment suggestions playbook enhancements and best next steps for investigations Many of our customers see significantly faster SOC response times and a significant reduction in the number of SOC alerts which require human intervention
Available as a stand alone cloud based service and a cloud based subscription module within Cortex XSIAM Cortex Xpanse provides ASM which is the ability for an organization to identify what an attacker would see among all of its sanctioned and unsanctioned Internet facing assets In addition Cortex Xpanse detects risky or out of policy communications between Internet connected assets that can be exploited for data breaches or ransomware attacks Cortex Xpanse continuously identifies Internet assets risky services or misconfigurations in third parties to help secure a supply chain or identify risks for mergers and acquisitions due diligence Finally compliance teams use Cortex Xpanse to improve their audit processes and stay in compliance by assessing their access controls against regulatory frameworks
Available as a stand alone cloud based service or an add on to Cortex XDR or to Cortex XSIAM Cortex Cloud the next generation of Prisma Cloud merges CNAPP with CDR for real time cloud security The solution allows you to harness the power of AI and automation to prioritize cloud risks with runtime context enable remediation at scale and stop attacks as they happen Cortex Cloud consolidates multiple code and cloud security technologies such as Cloud Detection and Response Software Composition Analysis Infrastructure as Code security CI CD security secrets scanning Cloud Security Posture Management Cloud Identity and Entitlements Management API security Vulnerability Management Cloud Workload Protection Web Application and API Security Cloud Network Security and Cloud Attack Surface Management into a single unified offering As part of the Cortex platform customers can transform end to end security operations from code to cloud to SOC by adopting Cortex Cloud together with Cortex XSIAM Existing customers can continue leveraging Prisma Cloud as they upgrade to Cortex Cloud for significantly better faster and more effective multi cloud protection
Global customer support helps our customers achieve their security outcomes with services and support capabilities covering the customer s entire journey with Palo Alto Networks This post sales global organization advances our customers security maturity supporting them when where and how they need it We offer Standard Support Premium Support and Platinum Support to our end customers and channel partners Our channel partners that operate a Palo Alto Networks Authorized Support Center typically deliver level one and level two support We provide level three support 24 hours a day seven days a week through regional support centers that are located worldwide We also offer a service offering called Focused Services that includes Customer Success Managers to provide support for end customers with unique or complex support requirements We offer our end customers ongoing support for hardware software and certain cloud offerings which includes ongoing security updates PAN OS upgrades bug fixes and repairs End customers typically purchase these services for a one year or longer term at the time of the initial product sale and typically renew for successive one year or longer periods Additionally we provide expedited replacement for any defective hardware We use a third party logistics provider to manage our worldwide deployment of service related spares
Unit 42 brings together world renowned threat researchers incident responders and security consultants to create an intelligence driven response ready organization that is passionate about helping clients proactively manage cyber risk We help security leaders assess and test their security controls transform their security strategy with a threat informed approach and respond to incidents rapidly The Unit 42 Threat Intelligence team provides threat research that enables security teams to understand adversary intent and attribution while enhancing protections offered by our products and services to stop advanced attacks Our security consultants serve as trusted partners with state of the art cyber risk expertise and incident response capabilities helping customers build effective security programs uncover critical exposures to prevent incidents and should incidents occur respond to them with speed and confidence
Professional services are primarily delivered directly by Palo Alto Networks and through a global network of authorized channel partners to our end customers and include on location and remote hands on experts who plan design and deploy effective security solutions tailored to our end customers specific requirements These services include architecture design and planning implementation configuration and firewall migrations for all our products including Prisma and Cortex deployments Customers can also purchase on going technical experts to be part of customer s security teams to aid in the implementation and operation of their Palo Alto Networks capabilities Our education services include certifications as well as free online technical courses and in classroom training which are primarily delivered through our authorized training partners
Our research and development efforts are strategically centered on expanding our leadership within the enterprise security industry through AI powered innovation We focus on enhancing our integrated platforms and developing new software and hardware capabilities Our engineering teams apply deep expertise in AI and machine learning across networking security cloud security endpoint security and security operations to address the rapidly evolving threat landscape This approach enables us to leverage core competencies across hardware and software for agile responsiveness and to ensure interoperability with third party technologies We supplement our own research with technologies and products licensed from third parties
We believe that innovation and timely development of new features and products is essential to meeting the needs of our end customers and improving our competitive position During fiscal 2025 we introduced several new offerings including Prisma Access Browser new capabilities in our OT Security solution Cortex Cloud Prisma AIRS and Cortex XSIAM 3 0
We believe that the enterprise security industry in which we operate necessitates a variety of technologies products capabilities and features We evaluate opportunities to acquire complementary businesses technologies services and intellectual property to complement our organic innovation and research and development efforts advance the development of our platforms and enable further investment in our key priority areas Our evaluation of acquisition opportunities seeks to confirm that any potential transaction would accelerate our strategy represent an attractive customer opportunity address a customer need align with our customer base and go to market strategy and present a clear timeline and path for value accretion Our acquisitions enable us to gain access to talent technology products and features and can range in size and complexity from those that enhance or complement existing products and accelerate development of features to those that result in new offerings
For example in August 2024 we completed the acquisition of certain QRadar assets from International Business Machines Corporation IBM which we expect will help accelerate the growth of our Cortex business Additionally in July 2025 we completed the acquisition of Protect AI Inc a privately held cyber security company Protect AI which we expect will enhance the capabilities of our AI security platform In July 2025 we also entered into a definitive agreement to acquire CyberArk Software Ltd CyberArk an identity security company which acquisition is expected to close during the second half of our fiscal 2026
We believe that our intellectual property rights are valuable and important to our business and that our success depends in part on our ability to protect and use our core technology and intellectual property rights We rely on a combination of trademarks patents copyrights trade secrets license agreements intellectual property assignment agreements confidentiality procedures non disclosure agreements and employee non disclosure and invention assignment agreements to establish protect and control the use of our proprietary technology and intellectual property rights We continue to grow our global portfolio of intellectual property rights in connection with our products services research and development We file patent applications to protect our intellectual property and believe that the duration of our issued patents is sufficient when considering the expected lives of our products We have registered various trademarks for our company and our products in the United States U S and other jurisdictions internationally We intend to continue pursuing additional protections for our proprietary technology and intellectual property to the extent we believe it would be beneficial and cost effective
Despite our efforts to protect our proprietary technology and intellectual property rights our rights may not be respected in the future or may be invalidated circumvented or challenged Our industry is characterized by the existence of a large number of patents and frequent claims and related litigation based on allegations of patent infringement or other violations of intellectual property rights We believe that competitors will try to develop products that are similar to ours and that may infringe our intellectual property rights Our competitors third parties and non practicing entities may also claim that our cybersecurity platforms and services infringe their intellectual property rights From time to time third parties have in the past and may in the future assert claims of infringement misappropriation and other violations of intellectual property rights against us or our customers with whom our license or other agreements may obligate us to indemnify against these claims Successful claims of infringement by a third party could affect our ability to offer or prevent us from offering certain products or features This could result in time during which we may be unable to continue to offer our affected products or solutions because of a potential need for us to develop alternate non infringing technology which could require significant time and resources or require us to obtain a license which may not be available on reasonable terms or at all or could require us to pay substantial damages royalties or other fees For additional information see the section titled Risks Related to Intellectual Property and Technology Licensing in Part I Item 1A Risk Factors in this Form 10 K
We are subject to numerous U S federal state and foreign laws and regulations covering a wide variety of subject matters Like other companies in the technology industry we face scrutiny from both U S and foreign governments with respect to our compliance with laws and regulations Our compliance with these laws and regulations may be onerous and could individually or in the aggregate increase our cost of doing business impact our competitive position relative to our peers and or otherwise have an adverse impact on our business reputation financial condition and operating results For additional information about government regulation applicable to our business see Part I Item 1A Risk Factors in this Form 10 K
We operate in the intensely competitive enterprise security industry that is characterized by constant change and innovation Changes in the application threat and technology landscape result in evolving customer requirements for the protection from threats and the safe enablement of applications Our main competitors fall into four categories
large companies that incorporate security features in their products such as Cisco Systems Inc Cisco Microsoft Alphabet or those that have acquired or may acquire security vendors and have the technical and financial resources to bring competitive solutions to the market
independent security vendors such as Check Point Software Technologies Ltd Check Point Fortinet Inc Fortinet CrowdStrike Holdings Inc CrowdStrike Zscaler Inc Zscaler and Wiz Inc Wiz that offer a mix of security products
the ease of integration of our security solutions with technological infrastructures and the relatively low total cost of ownership of our products However some of our competitors may have substantially greater financial technical and other resources greater name recognition larger sales and marketing budgets broader distribution more diversified product lines and larger and more mature intellectual property portfolios
Our end customers consist of enterprises service providers and government entities Our end customers operate in a variety of industries including education energy financial services government entities healthcare Internet and media manufacturing public sector and telecommunications Our end customers deploy our portfolio of solutions for a variety of security use cases across several settings Typical deployment settings include the enterprise network the enterprise data center cloud locations branch or remote locations and on device agents No single end customer accounted for more than 10 of our total revenue in fiscal 2025 2024 or 2023
We primarily sell our products and subscription and support offerings to end customers through our channel partners utilizing a two tier indirect fulfillment model whereby we sell our products and subscription and support offerings to our distributors which in turn sell to our resellers which then sell to our end customers Sales are generally subject to our standard non exclusive distributor agreement which provides for an initial term of one year one year renewal terms termination by us with 30 to 90 days written notice prior to the renewal date and payment to us from the channel partner within 30 to 45 calendar days of the date we issue an invoice for such sales For fiscal 2025 44 2 of our total revenue was derived from sales to three distributors
We also sell our VM Series virtual firewalls and Cloud NGFW via various cloud marketplaces For example our VM Series virtual firewalls are sold on Amazon s AWS Marketplace Microsoft s Azure Marketplace Alphabet s Google Cloud Marketplace and Oracle Corporation s Oracle Cloud Marketplace either directly to end customers or as part of the respective cloud hosting service provider s offerings under a usage based licensing model
Our sales organization is responsible for large account acquisition and overall market development which includes the management of the relationships with our channel partners working with our channel partners in winning and supporting end customers through a direct touch approach and acting as the liaison between our end customers and our marketing and product development organizations We pursue sales opportunities both through our direct sales force and as assisted by our channel partners which include resellers global and regional systems integrators service providers managed security service providers and cloud hosting service providers We expect to continue to grow our sales headcount to expand our reach in all key growth sectors
Our NextWave Channel Partner program is focused on building in depth relationships with solutions oriented distributors channel delivery and services partners that have strong security expertise The program rewards these partners based on a number of attainment goals as well as provides them access to marketing resources technical and sales training and support To promote optimal productivity we operate a formal accreditation program for our channel partners sales and technical professionals As of July 31 2025 we had more than 8 500 channel partners
Our Global Customer Success organization is responsible for delivering professional educational and support services directly to our end customers and partners We leverage a global network of certified partners to extend the reach and consistency of these services We believe that a comprehensive suite of customer success offerings is critical to the successful deployment adoption and ongoing use of our products To support this we have invested in hiring and developing technical experts with deep domain knowledge and proven experience across our portfolio
Our marketing is focused on building our brand reputation and the market awareness of our portfolio and driving pipeline and end customer demand Our marketing team consists primarily of product marketing brand demand generation field marketing digital marketing communications analyst relations and marketing analytics functions Marketing activities include pipeline development through demand generation social media and advertising programs managing the corporate website and partner portal trade shows and conferences analyst relationships customer advocacy and customer awareness Every year we organize multiple signature events such as our end customer conference Ignite and focused conferences such as Cortex Symphony and SASE Converge We also publish threat intelligence research such as the Unit 42 Cloud Threat Report and the Unit 42 Network Threat Trends Research Report which are based on data from our global threat intelligence team Unit 42 These activities and tools benefit both our direct and indirect channels and are available at no cost to our channel partners
Our products and services have been recognized as leading in 25 categories by third party industry analysts firms that perform independent assessments of these categories This recognition by third parties is an important measure of validation for our customers
Contract amounts that are not recorded in deferred revenue or revenue are considered backlog Orders billed prior to revenue recognition are included in deferred revenue We expect backlog will change from period to period for various reasons including the timing of billing and fulfillment such as inventory shortages As such we do not believe that backlog at any particular time is necessarily indicative of our future operating results
Our business is affected by seasonal fluctuations in customer spending patterns We have begun to see seasonal patterns in our business which we expect to become more pronounced as we continue to grow with our strongest sequential revenue growth generally occurring in our fiscal second and fourth quarters
We outsource the manufacturing of our products to various manufacturing partners which include our electronics manufacturing services provider EMS provider and original design manufacturers This approach allows us to reduce our costs as it reduces our manufacturing overhead and inventory and also allows us to adjust more quickly to changing end customer demand Our EMS provider is Flextronics International Ltd Flex who assembles our products using design specifications quality assurance programs and standards that we establish and procures components and assembles our products based on our demand forecasts These forecasts are based upon historical trends and analysis adjusted for overall market conditions All of our hardware products are assembled in the U S
The component parts within our products are either sourced by our manufacturing partners or by us from various component suppliers Our manufacturing and supply contracts generally do not guarantee a certain level of supply or fixed pricing which increases our exposure to supply shortages or price increases
We believe our ongoing success depends on our employees With a global workforce of 16 068 as of July 31 2025 our People Strategy is a critical element of our overall company strategy and is overseen by our Chief People Officer who regularly updates our board of directors and the board s Compensation and People Committee on human capital matters Our People Strategy is designed to enable a workforce that is nimble high performing and innovative We take a comprehensive approach to attracting enabling and engaging world class talent and fostering a culture where every employee can thrive Our approach includes respecting each employee as a unique individual demonstrating fairness in all we do and advancing a culture where employees are inspired to do the best work of their careers We also focus on integrating AI into people programs and processes to build a more agile skilled and forward thinking workforce prepared for the future of cybersecurity Our values of disruption execution collaboration inclusion and integrity were co created with employees and serve as the foundation of our culture These values are embedded in our talent acquisition learning and enablement engagement and performance elevation rewards and recognition programs
At Palo Alto Networks we source talent with the necessary skills and capabilities to contribute to our culture and mission We utilize structured interviewing practices thorough job analyses and success profiles to identify high quality candidates and staff critical roles In fiscal 2025 we began to transform our hiring operations by strategically embedding AI across the talent acquisition lifecycle to sharpen our competitive edge for talent We are deploying intelligent tools to automate and enhance core processes including AI generated job descriptions structured interview guides and preparation materials intelligent interview scheduling launching an automated talent sourcing and screening pilot and using AI to augment feedback summaries Each step is optimized for speed consistency and bias mitigation Recognizing that technical skills evolve rapidly in an AI driven world our recruitment strategy prioritizes durable AI readiness capabilities We assess candidates for core competencies such as critical thinking adaptability and a capacity for continuous learning to help ensure every hire can not only excel today but also innovate and lead in the future
Our Global Hiring Committee continues to play a key role in maintaining our hiring standards which help drive objectivity This group of cross functional senior leaders reviews finalist candidates information with a focus on experience and capability To build robust talent pipelines we partner with academic institutions and other organizations to support new careers in cybersecurity promote open roles proactively reach out to candidates across multiple hiring channels and source candidates with a range of experiences We also encourage employee referrals
Each member of our workforce has a unique career journey and individual needs interests and goals To that end we strive to create an environment where everyone feels valued respected and supported to solve the world s toughest cybersecurity challenges
In fiscal 2025 we started to evolve from a traditional training program to a system of AI powered talent enablement where we integrate learning and growth throughout the flow of an employee s daily work From day 1 new hires embark on a journey that blends in person connection with personalized digital guidance including generative AI onboarding roadmaps and AI curated mentor networks For ongoing growth through The Learning Center our intelligent learning platform we deliver adaptive learning tracks for employees including specialized paths for interns new graduates and individuals joining through acquisitions We also piloted real time AI enabled feedback simulations to coach and equip managers with the skills to guide their teams more effectively
Development information about core business elements required company wide compliance training and information about activities on topics ranging from well being to collaboration are also offered To further support our employees to advance up the AI adoption curve we have offered self paced online certifications live training and an experimentation challenge that encouraged peer driven use cases and employees voting to select the finalists We will continue our enablement journey using employee questions and feedback to offer both practical and role specific use cases to help increase productivity and new skill acquisition On average employees completed 36 hours of development during fiscal 2025
We aim to foster engagement and help employees feel connected to our mission and values Through our comprehensive approach we use in person and virtual channels to provide a regular flow of information to and between employees and leadership These channels include company meetings digital displays across our sites our intranet regular email communications an active Slack platform pulse surveys a peer to peer recognition platform and regular two way dialogue such as small in person listening sessions hosted by our chief executive officer
Employee sentiment is also collected and measured from external sources such as Glassdoor and Comparably In addition based on employee participation in an anonymous survey the Best Practice Institute has certified Palo Alto Networks as one of the Top 100 Global Most Loved Workplaces since 2021 Palo Alto Networks has been recognized by Comparably for Best Leadership Teams and Best Company Outlook in addition to other employer of choice awards Our chief executive officer has also earned a 91 employee approval rating on Glassdoor a top percentile score
In addition to our formal company wide semiannual performance review process which helps employees set learning and development plans we believe in always on performance feedback Further providing engagement are eleven Employee Network Groups open to all employees that leverage different perspectives to build understand and support our culture
We offer employees competitive compensation and our flexible benefits plans include a variety of health time off wellness and voluntary benefits Our pay strategy which includes base salary cash bonus programs and equity awards focuses on compensation based on individual performance Palo Alto Networks is a fair pay company and we annually engage a third party consultancy to analyze our pay practices Through our flexible benefits programs employees are able to request reimbursement for a range of lifestyle items including fitness caregiving and education Additionally through our Giving program employees can request monetary matching of their charitable donations and volunteer time
Our commitment to the health safety and wellbeing of our employees includes providing tools resources and benefits focused on physical mental and emotional wellbeing This includes courses designed to equip employees with the knowledge to work safely safety awareness campaigns and a mental health hub on our employee intranet
Our Corporate Responsibility CR strategy supports our company s purpose of a safe and secure world and is informed through many inputs including our business strategy and objectives ongoing stakeholder engagement investor and customer interests benchmarking of industry best practices regulatory developments and more We execute meaningful CR initiatives that include advancing environmental sustainability investing in people and operating with integrity
Palo Alto Networks is doing our part to limit global warming to less than 1 5 C Our decarbonization pathway includes implementing operational efficiencies procuring 100 renewable electricity targeting greenhouse gas emissions reductions across our value chain and making progress on our science based targets We continue to be recognized by CDP formerly Carbon Disclosure Project as a Supplier Engagement Assessment A list We report progress towards our goals in our annual Corporate Responsibility report
In addition to our People Strategy described in the section titled Human Capital above we continue to communicate our expectations regarding labor standards business practices and workplace health and safety conditions to our supply chain through our Global Supplier Code of Conduct During fiscal 2025 we maintained our affiliate membership in the Responsible Business Alliance As a company built on trust continuing to be a leader in responsible business practices and social impact supports our corporate strategy We made charitable grants through our donor advised fund to support nonprofit organizations providing services in areas such as cybersecurity education and expanding pathways to cyber careers We maintained our work to provide cybersecurity curriculum to schools universities and nonprofit organizations to help prepare people for careers in cybersecurity
Integrity is one of our core values Employees contractors and suppliers are informed about our governance expectations including through our Codes of Conduct compliance training programs and ongoing communications The Governance and Sustainability Committee of the board of directors provides primary oversight of corporate responsibility and the board of directors and applicable committees receive regular updates on corporate responsibility topics
Our website is located at www paloaltonetworks com and our investor relations website is located at investors paloaltonetworks com Our Annual Reports on Form 10 K Quarterly Reports on Form 10 Q Current Reports on Form 8 K and amendments to reports filed or furnished pursuant to Sections 13 a and 15 d of the Securities Exchange Act of 1934 as amended the Exchange Act are available free of charge on the Investors portion of our website as soon as reasonably practicable after we electronically file such material with or furnish it to the Securities and Exchange Commission SEC We also provide a link to the section of the SEC s website at www sec gov that has all of our public filings including Annual Reports on Form 10 K Quarterly Reports on Form 10 Q Current Reports on Form 8 K all amendments to those reports our Proxy Statements and other ownership related filings
We also use our investor relations website as a channel of distribution for important company information For example webcasts of our earnings calls and certain events we participate in or host with members of the investment community are on our investor relations website Additionally we announce investor information including news and commentary about our business and financial performance SEC filings notices of investor events and our press and earnings releases on our investor relations website Investors and others can receive notifications of new information posted on our investor relations website in real time by signing up for email alerts and RSS feeds Further corporate governance information including our corporate governance guidelines board committee charters and code of conduct is also available on our investor relations website under the heading Governance The contents of our websites are not incorporated by reference into this Annual Report on Form 10 K or in any other report or document we file with the SEC and any references to our websites are intended to be inactive textual references only All trademarks trade names or service marks used or mentioned herein belong to their respective owners
Our operations and financial results are subject to various risks and uncertainties including those described below The risks and uncertainties described below are not the only ones we face Additional risks and uncertainties that we are unaware of or that we currently believe are not material also may become important factors that affect us If any of the following risks or others not specified below materialize our business financial condition and operating results could be materially adversely affected and the market price of our common stock could decline In addition the impacts of any worsening of the economic environment may exacerbate the risks described below any of which could have a material impact on us
Our business and operations have experienced growth in recent periods and if we do not effectively manage any future growth or are unable to improve our systems processes and controls our operating results could be adversely affected
Our revenue growth rate in recent periods may not be indicative of our future performance and we may not be able to maintain profitability which could cause our business financial condition and operating results to suffer
Our operating results may vary significantly from period to period which makes our results difficult to predict and could cause our results to fall short of expectations and such results may not be indicative of future performance
If we are unable to sell new and additional product subscription and support offerings to our end customers especially to large enterprise customers our future revenue and operating results will be harmed
We rely on revenue from subscription and support offerings and because we recognize revenue from subscription and support over the term of the relevant service period downturns or upturns in sales or renewals of these subscription and support offerings are not immediately reflected in full in our operating results
We rely on our channel partners to sell substantially all of our products including subscriptions and support and if these channel partners fail to perform our ability to sell and distribute our products and subscriptions will be limited and our operating results will be harmed
We have and may in the future acquire other businesses including CyberArk which could subject us to adverse claims or liabilities require significant management attention disrupt our business adversely affect our operating results may not result in the expected benefits of such acquisitions and may dilute stockholder value
If we do not accurately predict prepare for and respond promptly to rapidly evolving technological and market developments and successfully manage product and subscription introductions and transitions to meet changing end customer needs in the enterprise security industry our competitive position and prospects will be harmed
Defects errors or vulnerabilities in our products subscriptions or support offerings the failure of our products or subscriptions to block a virus or prevent a security breach or incident misuse of our products or risks of product liability claims could harm our reputation and adversely impact our operating results
Our ability to sell our products and subscriptions is dependent on the quality of our technical support services and those of our channel partners and the failure to offer high quality technical support services could have a material adverse effect on our end customers satisfaction with our products and subscriptions our sales and our operating results
Because we depend on manufacturing partners to build and ship our hardware products we are susceptible to manufacturing and logistics delays and pricing fluctuations that could prevent us from shipping customer orders on time if at all or on a cost effective basis which may result in the loss of sales and end customers
Managing the supply of our hardware products and product components is complex Insufficient supply and inventory would result in lost sales opportunities or delayed revenue while excess inventory would harm our gross margins
Our hardware products contain key components from limited sources of supply including outside the United States and we are susceptible to supply shortages supply changes and international regulations which in certain cases have disrupted or delayed our scheduled product deliveries to our end customers increased our costs and may result in the loss of sales and end customers
We generate a significant amount of revenue from sales to distributors resellers and end customers outside of the United States and we are therefore subject to a number of risks associated with international sales and operations
If our estimates or judgments including those relating to our critical accounting policies are based on assumptions that change or prove to be incorrect our operating results differ from our publicly announced guidance or the expectations of securities analysts and investors resulting in a decline in the market price of our common stock
We are obligated to maintain proper and effective internal control over financial reporting We may not complete our analysis of our internal control over financial reporting in a timely manner or our internal control may not be determined to be effective which may adversely affect investor confidence in our company and as a result the value of our common stock
The issuance of additional stock in connection with financings acquisitions investments our stock incentive plans exercise of the 2025 Warrants or otherwise will dilute stock held by all other stockholders
Our failure to raise additional capital or generate the significant capital necessary to expand our operations and invest in new products and subscriptions could reduce our ability to compete and could harm our business
We operate globally and as a result our business and revenues are impacted by global economic and geopolitical conditions The instability in the global credit markets inflation changes in public policies such as domestic and international legislation or regulations changes in enforcement and administration policies taxes any increases in interest rates fluctuations in foreign currency exchange rates or international trade agreements international trade disputes trade regulations tariffs and changes in tariffs geopolitical turmoil and other disruptions to global and regional economies and markets continue to add uncertainty to global economic conditions Military actions or armed conflict including the hostilities in Israel and the surrounding region the Russia Ukraine war and any related political or economic responses and counter responses and uncertainty about or changes in government and trade relationships policies and treaties could also lead to worsening economic and market conditions and geopolitical environment In response to Russia s invasion of Ukraine the United States along with the European Union the E U has imposed restrictive sanctions on Russia Russian entities and Russian citizens Sanctions on Russia We are subject to these governmental sanctions and export controls which may subject us to liability if we are not in full compliance with applicable laws Any continued or further uncertainty weakness or deterioration in economic and market conditions or the geopolitical environment could have a material and adverse impact on our business financial condition and results of operations including reductions in sales of our products and subscriptions longer sales cycles reductions in subscription or contract duration and value slower adoption of new technologies alterations in the spending patterns or priorities of current and prospective customers including delaying purchasing decisions increased costs for the chips and components to manufacture our products and increased price competition
Our business and operations have experienced growth in recent periods and if we do not effectively manage any future growth or are unable to improve our systems processes and controls our operating results could be adversely affected
We have experienced growth and increased demand for our products and subscriptions over the last few years As a result our employee headcount has increased and we expect it to continue to grow over the next year For example from the end of fiscal 2024 to the end of fiscal 2025 our headcount increased from 15 289 to 16 068 employees In addition as we have grown the number of end customers has also increased and we have managed more complex deployments of our products and subscriptions with larger end customers The growth and expansion of our business and product subscription and support offerings places a significant strain on our management operational and financial resources To manage any future growth effectively we must continue to improve and expand our information technology and financial infrastructure our operating and administrative systems and controls and our ability to manage headcount capital and processes in an efficient manner
We may not be able to successfully implement scale or manage improvements to our systems processes and controls in an efficient or timely manner which could result in material disruptions of our operations and business In addition our existing systems processes and controls may not prevent or detect all errors omissions or fraud We may also experience difficulties in managing improvements to our systems processes and controls or in connection with third party software licensed to help us with such improvements Any future growth would add complexity to our organization and require effective coordination throughout our organization Failure to manage any future growth effectively could result in increased costs disrupt our existing end customer relationships reduce demand for or limit us to smaller deployments of our products or materially harm our business performance and operating results
Our revenue growth rate in recent periods may not be indicative of our future performance and we may not be able to maintain profitability which could cause our business financial condition and operating results to suffer
We have experienced revenue growth rates of 14 9 and 16 5 in fiscal 2025 and fiscal 2024 respectively Our revenue for any quarterly or annual period should not be relied upon as an indication of our future revenue or revenue growth for any future period If we are unable to maintain consistent or increasing revenue or revenue growth the market price of our common stock could be volatile and it may be difficult for us to maintain profitability or maintain or increase cash flow on a consistent basis
In addition we have incurred losses in fiscal years prior to fiscal 2023 We anticipate that our operating expenses will continue to increase in the foreseeable future as we continue to grow our business Our growth efforts may prove more expensive than we currently anticipate and we may not succeed in increasing our revenues sufficiently or at all to offset increasing expenses Revenue growth may slow or revenue may decline for a number of possible reasons including slowing demand for our products or subscriptions increasing competition a decrease in the growth of or a demand shift in our overall market or a failure to capitalize on growth opportunities We have also entered into a substantial amount of capital commitments for operating lease obligations and other purchase commitments Any failure to increase our revenue as we grow our business could prevent us from maintaining profitability or maintaining or increasing cash flow on a consistent basis or satisfying our capital commitments If we are unable to navigate these challenges as we encounter them our business financial condition and operating results may suffer
Our operating results may vary significantly from period to period which makes our results difficult to predict and could cause our results to fall short of expectations and such results may not be indicative of future performance
Our operating results have fluctuated in the past and will likely continue to fluctuate in the future as a result of a number of factors many of which are outside of our control and may be difficult to predict including those factors described in this Risk Factor section For example we have historically received a substantial portion of sales orders and generated a substantial portion of revenue during the last few weeks of each fiscal quarter If expected revenue at the end of any fiscal quarter is delayed for any reason including the failure of anticipated purchase orders to materialize particularly for large enterprise end customers with lengthy sales cycles our logistics partners inability to ship products prior to fiscal quarter end to fulfill purchase orders received near the end of a fiscal quarter our failure to manage inventory to meet demand any failure of our systems related to order review and processing or any delays in shipments based on trade compliance requirements including new compliance requirements imposed by new or renegotiated trade agreements our revenue could fall below our expectations and the estimates of analysts for that quarter Due to these fluctuations comparing our revenue margins or other operating results on a period to period basis may not be meaningful and our past results should not be relied on as an indication of our future performance
This variability and unpredictability could also result in our failure to meet our revenue margin or other operating result expectations contained in any forward looking statements including financial or business expectations we have provided or those of securities analysts or investors for a particular period If we fail to meet or exceed such expectations for these or any other reasons the market price of our common stock could fall substantially and we could face costly lawsuits including securities class action suits
We believe there are significant seasonal factors that may cause our second and fourth fiscal quarters to record greater revenue sequentially than our first and third fiscal quarters We believe that this seasonality results from a number of factors including
end customers with a December 31 fiscal year end choosing to spend remaining unused portions of their discretionary budgets before their fiscal year end which potentially results in a positive impact on our revenue in our second fiscal quarter
our sales compensation plans which are typically structured around annual quotas and commission rate accelerators which potentially results in a positive impact on our revenue in our fourth fiscal quarter and
the timing of end customer budget planning at the beginning of the calendar year which can result in a delay in spending at the beginning of the calendar year potentially resulting in a negative impact on our revenue in our third fiscal quarter
If we are unable to sell new and additional product subscription and support offerings to our end customers especially to large enterprise customers our future revenue and operating results will be harmed
Our future success depends in part on our ability to expand the deployment of our portfolio with existing end customers especially large enterprise customers including through our platformization strategy and create demand for our new offerings The rate at which our end customers purchase additional products subscriptions and support depends on a number of factors including the perceived need for additional security products including subscription and support offerings as well as general economic conditions If our efforts to sell additional products and subscriptions to our end customers are not successful our revenues may grow more slowly than expected or decline
Sales to large enterprise end customers which is part of our growth strategy involve risks that may not be present or that are present to a lesser extent with sales to smaller entities such as a longer sales cycles and the associated risk that substantial time and resources may be spent on a potential end customer that elects not to purchase our products subscriptions and support and b increased purchasing power and leverage held by large end customers in negotiating contractual arrangements Deployments for large enterprise end customers are also more complex require greater product functionality scalability and a broader range of services and are more time consuming and resource consuming All of these factors add further risk to business conducted with these end customers Failure to realize sales from large enterprise end customers could materially and adversely affect our business operating results and financial condition
To increase our revenue and maintain profitability we must add new customers To do so we must successfully convince prospective customers of the value of adopting our solutions We are engaging in costly marketing and sales efforts to accelerate our strategies including platformization and attract new customers which may fail or may not be as successful as intended or at all Additionally prospective customers decisions to purchase our solutions depend on a variety of factors many of which are out of our control These factors significantly impact our ability to add new customers and increase the time resources and sophistication required to do so For example prospective customers may face real or perceived switching costs when switching to our solutions from legacy security vendors and products Deployment of our solutions may require a significant commitment of resources from our customers Any deterioration in general economic conditions including as a result of the geopolitical environment or inflation as well as government policies such as raising interest rates in response to inflation have in the past caused and may in the future cause our current and prospective customers to delay or cut their overall security and IT operations spending If our efforts to attract new customers are not successful our sales may not grow as quickly as anticipated or at all and our business operating results and financial condition will be harmed
We rely on revenue from subscription and support offerings and because we recognize revenue from subscription and support over the term of the relevant service period downturns or upturns in sales or renewals of these subscription and support offerings are not immediately reflected in full in our operating results
Subscription and support revenue accounts for a significant portion of our revenue comprising 80 5 of total revenue in fiscal 2025 80 0 of total revenue in fiscal 2024 and 77 1 of total revenue in fiscal 2023 Sales and renewals of subscription and support contracts may decline and fluctuate as a result of a number of factors including end customers level of satisfaction with our products and subscriptions the frequency and severity of subscription outages our product uptime or latency the prices of our products and subscriptions and reductions in our end customers spending levels Existing end customers have no contractual obligation to and may not renew their subscription and support contracts after the completion of their initial contract period Additionally our end customers may renew their subscription and support agreements for shorter contract lengths or on other terms that are less economically beneficial to us If our sales of new or renewal subscription and support contracts decline our total revenue and revenue growth rate may decline and our business will suffer In addition because we recognize subscription and support revenue over the term of the relevant service period which is typically one to five years a decline in subscription or support contracts in any one fiscal quarter will not be fully or immediately reflected in revenue in that fiscal quarter but will negatively affect our revenue in future fiscal quarters
The sales prices for our products subscriptions and support offerings may decline for a variety of reasons including competitive pricing pressures discounts a change in our mix of products subscriptions and support offerings anticipation of the introduction of new products subscriptions or support offerings or promotional programs or pricing pressures Furthermore we anticipate that the sales prices and gross profits for our products could decrease over product life cycles Declining sales prices could adversely affect our revenue gross profits and profitability
We rely on our channel partners to sell substantially all of our products including subscriptions and support and if these channel partners fail to perform our ability to sell and distribute our products and subscriptions will be limited and our operating results will be harmed
Substantially all of our revenue is generated by sales through our channel partners including distributors and resellers For fiscal 2025 three distributors individually represented 10 or more of our total revenue and in the aggregate represented 44 2 of our total revenue As of July 31 2025 three distributors individually represented 10 or more of our gross accounts receivable and in the aggregate represented 44 8 of our gross accounts receivable
We provide our channel partners with specific training and programs to assist them in selling our products including subscriptions and support offerings but there can be no assurance that these steps will be utilized or effective In addition our channel partners may be unsuccessful in marketing selling and supporting our products and subscriptions We may not be able to incentivize these channel partners to sell our products and subscriptions to end customers and in particular to large enterprises These channel partners may also have incentives to promote our competitors products and may devote more resources to the marketing sales and support of competitive products Our agreements with our channel partners may generally be terminated for any reason by either party with advance notice prior to each annual renewal date We cannot be certain that we will retain these channel partners or that we will be able to secure additional or replacement channel partners In addition any new channel partner requires extensive training and may take several months or more to achieve productivity Our channel partner sales structure could subject us to lawsuits potential liability and reputational harm if for example any of our channel partners misrepresent the functionality of our products or subscriptions to end customers or violate laws or our corporate policies If we fail to effectively manage our sales channels or channel partners our ability to sell our products and subscriptions and operating results will be harmed
Most of our sales are made on an open credit basis Beyond our open credit arrangements we have also experienced demands for customer financing and deferred payments due to among other things macro economic conditions Increases in deferred payments result in payments being made over time negatively impacting our short term cash flows and subject us to risk of non payment by our customers including as a result of insolvency We monitor customer payment capability in granting such financing arrangements seek to limit the amounts to what we believe customers can pay and maintain reserves we believe are adequate to cover exposure for doubtful accounts to mitigate credit risks of these customers However there can be no assurance that these programs will be effective in reducing our credit risks To the degree that turmoil in the credit markets makes it more difficult for some customers to obtain financing those customers ability to pay could be adversely impacted which in turn could have a material adverse impact on our business operating results and financial condition
Our exposure to the credit risks relating to the financing activities described above may increase if our customers are adversely affected by a global economic downturn or periods of economic uncertainty If we are unable to adequately control these risks our business operating results and financial condition could be harmed In addition in the past we have experienced non material losses due to bankruptcies among customers If these losses increase due to global economic conditions they could harm our business and financial condition
Sales to government entities are subject to a number of risks Selling to government entities can be highly competitive expensive and time consuming often requiring significant upfront time and expense without any assurance that these efforts will generate a sale The substantial majority of our sales to date to government entities have been made indirectly through our channel partners Government certification or technical requirements for products and subscriptions like ours may change thereby restricting our ability to sell into the federal government sector until we have attained the revised certification or technical requirements If our products and subscriptions are late in achieving or fail to achieve compliance with these certifications and standards or technical requirements or our competitors achieve compliance with these certifications and standards or technical requirements we may be disqualified from selling our products subscriptions and support offerings to such governmental entity or be at a competitive disadvantage which would harm our business operating results and financial condition Government entity demand and payment for our products subscriptions and support offerings may be impacted by government shutdowns changes in governmental administrations public sector budgetary cycles fiscal policies contracting policies or requirements funding authorizations and efforts by a government to evaluate and reduce overall government spending and analyze and enhance its operational efficiency with funding reductions or delays adversely affecting public sector demand for our products subscriptions and support offerings Government entities may have statutory contractual or other legal rights to terminate contracts with our distributors and resellers for convenience or due to a default and any such termination may adversely impact our future operating results Governments routinely investigate and audit government contractors administrative processes and any unfavorable audit could result in the government refusing to continue buying our products subscriptions and support offerings a reduction of revenue or fines or civil or criminal liability if the audit uncovers improper or illegal activities which could adversely impact our operating results in a material way Additionally the U S government may require certain of the products that it purchases to be manufactured in the United States or other relatively high cost manufacturing locations and we may not manufacture all products in locations that meet such requirements affecting our ability to sell these products subscriptions and support offerings to the U S government
The industry for enterprise security products is intensely competitive and we expect competition to increase in the future from established competitors and new market entrants Our main competitors fall into four categories
large companies that incorporate security features in their products such as Cisco Microsoft Alphabet or those that have acquired or may acquire security vendors and have the technical and financial resources to bring competitive solutions to the market
Some of our competitors have or may attain greater financial technical marketing sales and other resources greater name recognition longer operating histories and a larger base of customers than we do They may be able to devote greater resources to the promotion and sale of products and services than we can and they may offer lower pricing than we do Further they may have greater resources for research and development of new technologies the provision of customer support and the pursuit of acquisitions or other strategic investments They may also have larger and more mature intellectual property portfolios and broader and more diverse product and service offerings which allow them to leverage their relationships based on other products or incorporate functionality into existing products to gain business in a manner that discourages users from purchasing our products and subscriptions including incorporating cybersecurity features into their existing products or services and product bundling selling at zero or negative margins and offering concessions or a closed technology offering Some competitors may have broader distribution and established relationships with distribution partners and end customers Other competitors specialize in providing protection from a single type of security threat which may allow them to deliver these specialized security products to the market more quickly than we can
We also face competition from companies that have entrenched legacy offerings at end user customers End user customers have also often invested substantial personnel and financial resources to design and operate their networks and have established deep relationships with other providers of networking and security products As a result these organizations may prefer to purchase from their existing suppliers rather than add or switch to a new supplier such as us In addition as our customers refresh the security products bought in prior years they may seek to consolidate vendors which may result in current customers choosing to purchase products from our competitors Due to budget constraints or economic downturns organizations may add solutions to their existing network security infrastructure rather than replacing it with our products and subscriptions
Conditions in our market could change rapidly and significantly as a result of technological advancements partnering acquisitions or strategic investments by our competitors or continuing market consolidation Our competitors and potential competitors may be able to develop new or disruptive technologies products or services and leverage new business models that are equal or superior to ours achieve greater market acceptance of their products and services disrupt our markets and increase sales by utilizing different distribution channels than we do In addition new and enhanced technologies including AI and machine learning continue to increase our competition To compete successfully we must accurately anticipate technology developments and deliver innovative relevant and useful products services and technologies in a timely manner Some of our competitors have made or could make acquisitions of businesses that may allow them to offer more directly competitive and comprehensive solutions than they had previously offered and adapt more quickly to new technologies and end customer needs Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources or product or service offerings
These competitive pressures in our market or our failure to compete effectively may result in price reductions fewer orders reduced revenue and gross margins and loss of market share If we are unable to compete successfully or if competing successfully requires us to take aggressive pricing or other actions our business financial condition and results of operations would be adversely affected
We have and may in the future acquire other businesses including CyberArk which could subject us to adverse claims or liabilities require significant management attention disrupt our business adversely affect our operating results may not result in the expected benefits of such acquisitions and may dilute stockholder value
As part of our business strategy we acquire and make investments in complementary companies products or technologies We continue to evaluate such opportunities and expect to continue to make such acquisitions and investments in the future such as our pending acquisition of CyberArk Software Ltd CyberArk The identification of suitable acquisition candidates is difficult and we may not be able to complete such acquisitions on favorable terms if at all In addition we may be subject to claims or liabilities assumed from an acquired company product or technology acquisitions we complete could be viewed negatively by our end customers investors and securities analysts and we may incur costs and expenses necessary to address an acquired company s failure to comply with laws and governmental rules and regulations Additionally we may be subject to litigation or other claims in connection with the acquired company product or technology including claims from terminated employees customers former stockholders or other third parties which may differ from or be more significant than the risks our business faces
If we are unsuccessful at integrating past or future acquisitions including the pending acquisition of CyberArk in a timely manner or the technologies products or operations associated with such acquisitions into our company our revenue and operating results could be adversely affected Any integration process may require significant time and resources which may disrupt our ongoing business and divert management s attention and we may not be able to manage the integration process successfully or in a timely manner We may have difficulty retaining key personnel or customers of the acquired business We may not successfully evaluate or utilize any acquired technology products or personnel realize anticipated synergies from an acquisition or accurately forecast the financial impact of an acquisition transaction and integration of such acquisition including accounting charges and any potential impairment of goodwill and intangible assets recognized in connection with such acquisitions In particular we believe that there are significant benefits and synergies that may be realized from our proposed acquisition of CyberArk including through leveraging our and CyberArk s products scale and combined enterprise customer bases However the efforts to realize the anticipated benefits and synergies will be a complex process and may disrupt both our and CyberArk s existing operations if not implemented in a timely and efficient manner The full benefits of the proposed acquisition of CyberArk including the anticipated sales or growth opportunities may not be realized as expected or may not be achieved within the anticipated time frame or at all
We have recorded and may in the future record liability for contingent consideration obligations from acquisitions that are to be settled in cash the fair value of which is assessed on a quarterly basis If changes are made in our assumptions used to determine the liability s fair value or our assumptions are incorrect adjustments could be made that may have a material impact favorable or unfavorable on our operating results We may also be required to make cash payments of contingent consideration in excess of its initial fair value or in excess of our expectations for a particular period which could adversely impact cash flows
We may have to pay cash incur debt or issue equity or equity linked securities to pay for any future acquisitions including the pending acquisition of CyberArk each of which could adversely affect our financial condition or the market price of our common stock and result in dilution to our stockholders Furthermore the sale or issuance of equity or equity linked debt to finance any future acquisitions could result in dilution to our stockholders
In addition any acquisitions may be viewed negatively by our customers financial markets or investors and may not ultimately strengthen our competitive position or achieve our goals and business strategy The occurrence of any of these risks could harm our business operating results and financial condition
the effectiveness of a registration statement on Form S 4 to be filed by us registering the shares of our common stock to be issued to CyberArk shareholders as consideration in the acquisition and the absence of any stop order or proceedings seeking a stop order
the expiration or termination of any waiting period or extensions thereof applicable to the acquisition under the Hart Scott Rodino Antitrust Improvements Act of 1976 as amended the HSR Act and the making approval expiration termination or receipt of as applicable all applicable filings registrations waiting periods or extensions of waiting periods and approvals under specified antitrust and foreign investment laws and
No assurance can be given that the required CyberArk shareholder approval and governmental and regulatory consents and approvals will be obtained or that any of the required conditions to closing will be satisfied in a timely manner or at all As a result although it is currently anticipated that we will complete the acquisition of CyberArk during the second half of our fiscal 2026 the possible timing and likelihood of completion are uncertain There can be no assurance that the acquisition of CyberArk will be completed in the anticipated timeframe or at all Any delay in completing the proposed acquisition could cause the combined company not to realize or to be delayed in realizing some or all of the benefits and synergies that we anticipate to achieve if the proposed acquisition were to be successfully completed within its expected time frame
In addition the relevant governmental authorities from which approvals under specified antitrust and foreign investment laws must be obtained may impose or seek to impose conditions on the completion of the acquisition or require changes to the terms of the proposed acquisition or agreements to be entered into in connection with the CyberArk acquisition Such conditions or changes and the process of obtaining these approvals could have the effect of delaying or impeding completion of the CyberArk acquisition or imposing additional costs or limitations on us following the acquisition which may have an adverse effect on our business results of operations and financial condition
The failure or inability to satisfy all of the required conditions could delay the completion of the acquisition for a significant period of time or prevent it from occurring at all In addition under limited circumstances we or CyberArk may elect to terminate the definitive agreement or we and CyberArk may mutually decide to terminate the definitive agreement before or after obtaining the requisite CyberArk shareholder approval A termination of the definitive agreement could materially and adversely affect our business results of operations and reputation
If the acquisition of CyberArk is delayed or not completed we could be subject to a number of risks that may adversely affect our business operating results and financial condition including among other things
negative perception from industry contacts business partners and other third parties which could impact our operations or our ability to compete for new business or obtain renewals in the marketplace more broadly and
We believe that the CyberArk acquisition will expand the scope and size of our business by adding substantial assets and operations to our existing business The anticipated future growth of our business may impose significant added responsibilities on our senior management and our senior management s attention may be diverted from the management of our business and its day to day operations to the completion and integration of the CyberArk acquisition The CyberArk acquisition could also create uncertainty for our and CyberArk s employees partners and customers particularly during the anticipated post acquisition integration process and result in disruption to existing business relationships and the development of new business relationships
Following completion of the proposed acquisition of CyberArk our success including with respect to realizing the anticipated benefits and synergies from the proposed acquisition will depend in part on our ability to manage our expansion which poses numerous risks and uncertainties including the need to integrate the operations and business of CyberArk into our existing business in a timely and efficient manner to combine systems and management controls and to integrate relationships with industry contacts and business partners In addition we will be required to devote significant attention and resources prior to closing to prepare for the post closing integration and operation of the combined company and we will be required post closing to devote significant attention and resources to successfully align our and CyberArk s business practices and operations This process may disrupt our business and if ineffective would limit the anticipated benefits and synergies of the acquisition
In addition we expect that the completion of the CyberArk acquisition will result in increased competition including as a result of our entry into a new product category CyberArk faces intense competition in the information security and identity security industry in which it operates characterized by constant innovation evolving customer requirements and rapid adoption of different technologies and services These added competitive pressures could result in decreased sales price reductions increased operating costs and lower revenues margins and net income for the combined company These impacts could also result in a delay in realizing or our failure to realize expected synergies or cost savings from the CyberArk acquisition
If we do not accurately predict prepare for and respond promptly to rapidly evolving technological and market developments and successfully manage product and subscription introductions and transitions to meet changing end customer needs in the enterprise security industry our competitive position and prospects will be harmed
The enterprise security industry has grown quickly and continues to evolve rapidly Moreover many of our end customers operate in markets characterized by rapidly changing technologies and business plans which require them to add numerous network access points and adapt increasingly complex enterprise networks incorporating a variety of hardware software applications operating systems and networking protocols If we fail to effectively anticipate identify and respond to rapidly evolving technological and market developments in a timely manner our business will be harmed
In order to anticipate and respond effectively to rapid technological changes and market developments as well as evolving security threats we must invest effectively in research and development to increase the reliability availability and scalability of our existing products and subscriptions and introduce new products and subscriptions Our investments in research and development including investments in AI may not result in design or performance improvements marketable products subscriptions or features or may not achieve the cost savings or additional revenue that we expect In addition new and evolving products and services including those that use AI require significant investment and raise ethical technological legal regulatory and other challenges which may negatively affect our brands and demand for our products and services Because all of these investment areas are inherently risky no assurance can be given that such strategies and offerings will be successful or will not harm our reputation financial condition and operating results
In addition we must continually change our products and expand our business strategy in response to changes in network infrastructure requirements including the expanding use of cloud computing For example organizations are moving portions of their data to be managed by third parties primarily infrastructure platform and application service providers and may rely on such providers internal security measures While we have historically been successful in developing acquiring and marketing new products and product enhancements that respond to technological change and evolving industry standards we may not be able to continue to do so and there can be no assurance that our new or future offerings will be successful or will achieve widespread market acceptance If we fail to accurately predict and address end customers changing needs and emerging technological trends in the enterprise security industry including in the areas of AI mobility virtualization cloud computing and software defined networks our business could be harmed
The technology in our portfolio is especially complex because it needs to effectively identify and respond to new and increasingly sophisticated methods of attack while minimizing the impact on network performance Additionally some of our new features and related enhancements may require us to develop new hardware architectures that involve complex expensive and time consuming research and development processes The development of our portfolio is difficult and the timetable for commercial release and availability is uncertain as there can be long time periods between releases and availability of new features If we experience unanticipated delays in the availability of new products features and subscriptions and fail to meet customer expectations for such availability our competitive position and business prospects will be harmed
The success of new features depends on several factors including appropriate new product definition differentiation of new products subscriptions and features from those of our competitors and market acceptance of these products services and features Moreover successful new product introduction and transition depends on a number of factors including our ability to manage the risks associated with new product production ramp up issues the availability of application software for new products the effective management of purchase commitments and inventory the availability of products in appropriate quantities and costs to meet anticipated demand and the risk that new products may have quality or other defects or deficiencies especially in the early stages of introduction There can be no assurance that we will successfully identify opportunities for new products and subscriptions develop and bring new products and subscriptions to market in a timely manner achieve market acceptance of our products and subscriptions or that products subscriptions and technologies developed by others will not render our products subscriptions and technologies obsolete or noncompetitive
We have incorporated and are continuing to develop and deploy AI into many of our products and solutions including services that support our products and solutions We are also incorporating AI into the operations of our business AI presents challenges and risks that could affect our products and solutions and the operations of our business For example AI algorithms may have flaws and datasets used to train models may be insufficient or contain biased information The AI that is being incorporated into our products solutions and business operation tools may not be successful or beneficial and instead may cause technical legal or ethical problems or result in increased costs The investments that we are making across our business in AI reflect our ongoing efforts to innovate and provide products and services that are useful to our customers as well as provide efficiencies in our business Such investments ultimately may not be commercially viable or may not result in an adequate return of capital and we may incur unanticipated liabilities These efforts could subject us to regulatory risk legal liability including under legislation regulating AI in jurisdictions such as the E U and laws and regulations being considered in other jurisdictions or brand or reputational harm
The rapid evolution of AI including potential government regulation of AI requires us to invest significant resources to develop test and maintain AI in our products and services in a manner that meets evolving requirements and expectations The rules and regulations adopted by policymakers over time may require us to make changes to our business practices Developing testing and deploying AI systems may also increase the cost profile of our offerings due to the nature of the computing costs involved in such systems
The intellectual property ownership and license rights surrounding AI technologies as well as data protection laws related to the use and development of AI are currently not fully addressed by courts or regulators The use or adoption of AI technologies in our products may result in exposure to claims by third parties of copyright infringement or other intellectual property misappropriation which may require us to pay compensation or license fees to third parties The evolving legal regulatory and compliance framework for AI technologies may also impact our ability to protect our own data and intellectual property against infringing use
Increasingly companies are subject to a wide variety of attacks on an ongoing basis In addition to traditional computer hackers malicious code such as viruses and worms phishing attempts employee theft or misuse and denial of service attacks sophisticated nation state and nation state supported actors engage in intrusions and attacks including advanced persistent threat intrusions and supply chain attacks and add to the risks to our internal networks cloud deployed enterprise and customer facing environments and the information they store and process Incidences of cyberattacks and other cybersecurity breaches and incidents have increased and are likely to continue to increase We and our third party service providers face security threats and attacks from a variety of sources Despite our efforts and processes to prevent breaches of our internal networks systems and websites our data corporate systems and security measures as well as those of our third party service providers are still vulnerable to computer viruses break ins phishing attacks ransomware attacks or other types of attacks from outside parties or breaches due to employee error malfeasance or some combination of these We cannot guarantee that the measures we have taken to protect our networks systems and websites will provide adequate security Furthermore as a well known provider of security solutions we may be a more attractive target for such attacks The Russia Ukraine war and associated activities in Ukraine and Russia may increase the risk of cyberattacks on various types of infrastructure and operations and the United States government has warned companies to be prepared for additional Russian cyberattacks in response to the Sanctions on Russia
A security breach or incident or an attack against our service availability suffered by us or our third party service providers could impact our networks or networks secured by our products and subscriptions creating system disruptions or slowdowns and exploiting security vulnerabilities of our products In addition the information stored or otherwise processed on our networks or those of our third party service providers could be accessed publicly disclosed altered lost stolen rendered unavailable or otherwise used or processed without authorization which could subject us to liability and cause us financial harm Any actual or perceived breach of security in our systems or networks or any other actual or perceived data security incident we or our third party service providers suffer could result in significant damage to our reputation negative publicity loss of channel partners end customers and sales loss of competitive advantages over our competitors increased costs to remedy any problems and otherwise respond to any incident regulatory investigations and enforcement actions demands costly litigation and other liability In addition we may incur significant costs and operational consequences of investigating remediating eliminating and putting in place additional tools devices and other measures designed to prevent actual or perceived security breaches and other security incidents as well as the costs to comply with any notification obligations resulting from any security incidents Any of these negative outcomes could adversely impact the market perception of our products and subscriptions and end customer and investor confidence in our company and could seriously harm our business or operating results
Defects errors or vulnerabilities in our products subscriptions or support offerings the failure of our products or subscriptions to block a virus or prevent a security breach or incident misuse of our products or risks of product liability claims could harm our reputation and adversely impact our operating results
Because our products and subscriptions are complex they have contained and may contain design or manufacturing defects or errors that are not detected until after their commercial release and deployment by our end customers For example from time to time certain of our end customers have reported defects in our products related to performance scalability and compatibility Additionally defects or vulnerabilities may cause our products or subscriptions to become partially or fully unavailable temporarily or permanently to be vulnerable to security attacks cause them to fail to help secure networks or interrupt end customers networking traffic or the availability of other information technology infrastructure or systems For example in November 2024 we became aware of an authentication bypass vulnerability through the management web interface of certain versions of our PAN OS software To remediate the matter we published a security advisory to advise customers provided software updates for affected PAN OS versions and engaged in customer outreach support and remediation efforts for potentially impacted customers Because the techniques used by computer hackers to access or sabotage networks change frequently and generally are not recognized until launched against a target we may be unable to anticipate these techniques and provide a solution in time to protect our end customers networks In addition due to the Russia Ukraine war there could be a significant increase in Russian cyberattacks against our customers resulting in an increased risk of a security breach of our end customers systems
Furthermore defects or errors in products or software or migrations or updates to those products or software could result in a failure to effectively update end customers hardware and cloud based products or otherwise cause problems in our customers hardware networks or information technology infrastructure or systems The data centers networks and cloud infrastructure that we use to deliver our products and services may experience technical failures and downtime or may fail to meet the increased requirements of a growing installed end customer base any of which could temporarily or permanently expose our end customers networks leaving their networks unprotected against the latest security threats Moreover our products must interoperate with our end customers existing infrastructure which often have varied specifications utilize multiple protocol standards deploy products from multiple vendors and contain multiple generations of products that have been added over time As a result when problems occur in a network it may be difficult to identify the sources of these problems Any such technical failure downtime or failures in general may temporarily or permanently disable our end customers networks information technology infrastructure or other systems or expose our end customers networks to attacks from security threats
Further our products and subscriptions may be misused by end customers or third parties that obtain access to our products and subscriptions For example our products and subscriptions could be used to censor private access to certain information on the Internet Such use of our products and subscriptions for censorship could result in negative press coverage and negatively affect our reputation
The limitation of liability provisions in our standard terms and conditions of sale may not fully or effectively protect us from claims as a result of federal state or local laws or ordinances or unfavorable judicial decisions in the United States or other countries The sale and support of our products and subscriptions also entails the risk of product liability claims Although we may be indemnified by our third party manufacturers for product liability claims arising out of manufacturing defects because we control the design of our products and subscriptions we may not be indemnified for product liability claims arising out of design defects While we maintain insurance coverage for certain types of losses our insurance coverage may not adequately cover any claim asserted against us if at all In addition even claims that ultimately are unsuccessful could result in our expenditure of funds in litigation divert management s time and other resources and harm our reputation
In addition our classifications of application type virus spyware vulnerability exploits data or URL categories may falsely detect report and act on applications content or threats that do not actually exist This risk is heightened by the inclusion of a heuristics feature in our products and subscriptions which attempts to identify applications and other threats not based on any known signatures but based on characteristics or anomalies which indicate that a particular item may be a threat These false positives may impair the perceived reliability of our products and subscriptions and may therefore adversely impact market acceptance of our products and subscriptions and could result in damage to our reputation negative publicity loss of channel partners end customers and sales increased costs to remedy any problem and costly litigation
Our ability to sell our products and subscriptions is dependent on the quality of our technical support services and those of our channel partners and the failure to offer high quality technical support services could have a material adverse effect on our end customers satisfaction with our products and subscriptions our sales and our operating results
After our products and subscriptions are deployed within our end customers networks our end customers depend on our technical support services as well as the support of our channel partners to resolve any issues relating to our products Many larger enterprise service provider and government entity end customers have more complex networks and require higher levels of support than smaller end customers If our channel partners do not effectively provide support to the satisfaction of our end customers we may be required to provide direct support to such end customers which would require us to hire additional personnel and to invest in additional resources If we are not able to hire such resources fast enough to keep up with unexpected demand support to our end customers will be negatively impacted and our end customers satisfaction with our products and subscriptions will be adversely affected Additionally to the extent that we may need to rely on our sales engineers to provide post sales support while we are ramping up our support resources our sales productivity will be negatively impacted which would harm our revenues Accordingly our failure or our channel partners failure to provide and maintain high quality support services could have a material adverse effect on our business financial condition and operating results
Companies in the enterprise security industry own large numbers of patents copyrights trademarks domain names and trade secrets and frequently enter into litigation based on allegations of infringement misappropriation or other violations of intellectual property rights In addition non practicing entities also frequently bring claims of infringement of intellectual property rights Third parties are asserting have asserted and may in the future assert claims of infringement of intellectual property rights against us For example on January 31 2024 in the Centripetal Networks Inc lawsuit against us a jury returned a verdict of non willful infringement and after post trial motions a judgment was issued in the lawsuit on October 3 2024 assessing a lump sum damages amount of 113 6 million plus statutory interest which is currently on appeal Additional examples of patent infringement cases have been disclosed in Note 13 Commitments and Contingencies in Part II Item 8 of this Annual Report on Form 10 K
Third parties may also assert such claims against our end customers or channel partners whom our standard license and other agreements obligate us to indemnify against claims that our products and subscriptions infringe the intellectual property rights of third parties In addition to the extent we hire personnel from competitors we may be subject to allegations that they have been improperly solicited that they have divulged proprietary or other confidential information or that their former employers own their inventions or other work product Furthermore we may be unaware of the intellectual property rights of others that may cover some or all of our technology products subscriptions and services As we expand our footprint both in our platforms products subscriptions and services and geographically more overlaps occur and we may face more infringement claims both in the United States and abroad
While we have been increasing the size of our patent portfolio our competitors and others may now and in the future have significantly larger and more mature patent portfolios than we have In addition litigation has involved and will likely continue to involve patent holding companies or other adverse patent owners who have no relevant product revenue and against whom our own patents may therefore provide little or no deterrence or protection In addition we have not registered our trademarks in all of our geographic markets and failure to secure those registrations could adversely affect our ability to enforce and defend our trademark rights Any claim of infringement by a third party even those without merit could cause us to incur substantial costs defending against the claim could distract our management from our business and could require us to cease use of such intellectual property Furthermore because of the substantial amount of discovery required in connection with intellectual property litigation there is a risk that some of our confidential information could be compromised by disclosure during this type of litigation A successful claimant could secure a judgment or we may agree to a settlement that prevents us from distributing certain products or performing certain services or that requires us to pay substantial damages royalties or other fees Any of these events could seriously harm our business financial condition and operating results
We rely and expect to continue to rely on a combination of confidentiality and license agreements with our employees consultants and third parties with whom we have relationships as well as trademark copyright patent and trade secret protection laws to protect our proprietary rights We have filed various applications for certain aspects of our intellectual property Valid patents may not issue from our pending applications and the claims eventually allowed on any patents may not be sufficiently broad to comprehensively protect our technology or products and subscriptions We cannot be certain that we were the first to make the inventions claimed in our pending patent applications or that we were the first to file for patent protection which could prevent our patent applications from issuing as patents or invalidate our patents following issuance Additionally the process of obtaining patent protection is expensive and time consuming and we may not be able to prosecute all necessary or desirable patent applications at a reasonable cost or in a timely manner Any issued patents may be challenged invalidated or circumvented and any rights granted under these patents may not actually provide adequate defensive protection or competitive advantages to us Additional uncertainty may result from changes to patent related laws and court rulings in the United States and other jurisdictions As a result we may not be able to obtain adequate patent protection or effectively enforce any issued patents
Despite our efforts to protect our proprietary rights unauthorized parties may attempt to copy aspects of our products or subscriptions or obtain and use information that we regard as proprietary We generally enter into confidentiality or license agreements with our employees consultants vendors and end customers and generally limit access to and distribution of our proprietary information However we cannot be certain that we have entered into such agreements with all parties who may have or have had access to our confidential information or that the agreements we have entered into will not be breached We cannot guarantee that any of the measures we have taken will prevent misappropriation of our technology Because we may be an attractive target for computer hackers we may have a greater risk of unauthorized access to and misappropriation of our proprietary information In addition the laws of some foreign countries do not protect our proprietary rights to as great an extent as the laws of the United States and many foreign countries do not enforce these laws as diligently as government agencies and private parties in the United States From time to time we may need to take legal action to enforce our patents and other intellectual property rights to protect our trade secrets to determine the validity and scope of the proprietary rights of others or to defend against claims of infringement or invalidity Such litigation could result in substantial costs and diversion of resources and could negatively affect our business operating results and financial condition Attempts to enforce our rights against third parties could also provoke these third parties to assert their own intellectual property or other rights against us or result in a holding that invalidates or narrows the scope of our rights in whole or in part If we are unable to protect our proprietary rights including aspects of our software and products protected other than by patent rights we may find ourselves at a competitive disadvantage to others who need not incur the additional expense time and effort required to create the innovative products that have enabled us to be successful to date Any of these events would have a material adverse effect on our business financial condition and operating results
Our products and subscriptions contain software modules licensed to us by third party authors under open source licenses Some open source licenses contain requirements that we make available applicable source code for modifications or derivative works we create based upon the type of open source software we use If we combine our proprietary software with or otherwise distribute or use open source software in a certain manner we could under certain open source licenses be required to release the source code of our proprietary software to the public This would allow our competitors to create similar products or subscriptions with lower development effort and time and ultimately could result in a loss of product sales for us
Although we take reasonable steps to monitor our use of open source software to avoid subjecting our products and subscriptions to conditions we do not intend the terms of many open source licenses have not been interpreted by United States courts and there is a risk that these licenses could be construed in a way that could impose unanticipated conditions or restrictions on our ability to commercialize our products and subscriptions From time to time there have been claims against companies that distribute or use open source software in their products and subscriptions asserting that open source software infringes the claimants intellectual property rights We could be subject to suits by parties claiming infringement of intellectual property rights in what we believe to be licensed open source software If we are held to have breached the terms of an open source software license we could be required to seek licenses from third parties to continue offering our products and subscriptions on terms that are not economically feasible to reengineer our products and subscriptions to discontinue the sale of our products and subscriptions if reengineering could not be accomplished on a timely basis or to make generally available in source code form our proprietary code any of which could adversely affect our business operating results and financial condition
In addition to risks related to license requirements usage of open source software can lead to greater risks than use of third party commercial software as open source licensors generally do not provide warranties or assurance of title or controls on origin of the software In addition many of the risks associated with usage of open source software such as the lack of warranties or assurances of title cannot be eliminated and could if not properly addressed negatively affect our business We have established processes to help alleviate these risks including a review process for screening requests from our development organizations for the use of open source software but we cannot be sure that our processes for controlling our use of open source software in our products and subscriptions will be effective
We incorporate technology that we license from third parties including software into our products and subscriptions We cannot be certain that our licensors are not infringing the intellectual property rights of third parties or that our licensors have sufficient rights to the licensed intellectual property in all jurisdictions in which we may sell our products and subscriptions In addition some licenses may be non exclusive and therefore our competitors may have access to the same technology licensed to us Some of our agreements with our licensors may be terminated for convenience by them We may also be subject to additional fees or be required to obtain new licenses if any of our licensors allege that we have not properly paid for such licenses or that we have improperly used the technologies under such licenses and such licenses may not be available on terms acceptable to us or at all If we are unable to continue to license any of this technology because of intellectual property infringement claims brought by third parties against our licensors or against us or claims against us by our licensors or if we are unable to continue our license agreements or enter into new licenses on commercially reasonable terms our ability to develop and sell products and subscriptions containing such technology would be severely limited and our business could be harmed Additionally if we are unable to license necessary technology from third parties we may be forced to acquire or develop alternative technology which we may be unable to do in a commercially feasible manner or at all and we may be required to use alternative technology of lower quality or performance standards This would limit and delay our ability to offer new or competitive products and subscriptions and increase our costs of production As a result our margins market share and operating results could be significantly harmed
Because we depend on manufacturing partners to build and ship our hardware products we are susceptible to manufacturing and logistics delays and pricing fluctuations that could prevent us from shipping customer orders on time if at all or on a cost effective basis which may result in the loss of sales and end customers
We depend on manufacturing partners primarily our EMS provider Flex to manufacture our hardware product lines Our substantial reliance on Flex as well as other manufacturing partners subjects us to potential concentration risks such as reduced control over the manufacturing process quality assurance product costs product supply and timing Our hardware products are manufactured by our manufacturing partners at facilities located primarily in the United States Some of the components in our products are sourced either through Flex or directly by us from component suppliers outside the United States The portion of our hardware products that are sourced outside the United States may subject us to geopolitical risks additional logistical risks risks associated with international trade agreements international trade disputes trade regulations tariffs or risks associated with complying with local rules and regulations in foreign countries
Significant changes to existing international trade agreements tariffs or trade regulations could lead to sourcing or logistics disruption resulting from import delays or the imposition of increased tariffs on our sourcing partners For example the United States and Chinese governments have each enacted and discussed additional import tariffs Some components that we import for final manufacturing in the United States have been impacted by these tariffs As a result our costs have increased and we have raised and may be required to further raise prices on our hardware products in response to these and potential new trade regulations
Our manufacturing partners typically fulfill our supply requirements on the basis of individual purchase orders We do not have long term contracts with these manufacturers that guarantee capacity the continuation of particular pricing terms or the extension of credit limits Accordingly they are not obligated to continue to fulfill our supply requirements and the prices we pay for manufacturing services could be increased on short notice Our contract with Flex permits them to terminate the agreement for their convenience subject to prior notice requirements If we are required to change manufacturing partners our ability to meet our scheduled product deliveries to our end customers could be adversely affected which could cause the loss of sales to existing or potential end customers delayed revenue or an increase in our costs which could adversely affect our gross margins Any production interruptions for any reason such as a natural disaster epidemic or pandemic capacity shortages or quality problems at one of our manufacturing partners would negatively affect sales of our product lines manufactured by that manufacturing partner and adversely affect our business and operating results
Managing the supply of our hardware products and product components is complex Insufficient supply and inventory would result in lost sales opportunities or delayed revenue while excess inventory would harm our gross margins
Our manufacturing partners procure components and build our hardware products based on our forecasts and we generally do not hold inventory for a prolonged period of time These forecasts are based on historical trends and analysis adjusted for overall market conditions In order to reduce manufacturing lead times and plan for adequate component supply from time to time we may issue forecasts for components and products that are non cancelable and non returnable
Our inventory management systems and related supply chain visibility tools may be inadequate to enable us to forecast accurately and effectively manage supply of our hardware products and product components If we ultimately determine that we have excess supply we may have to reduce our prices and write down inventory which in turn could result in lower gross margins If our actual component usage and product demand are lower than the forecast we provide to our manufacturing partners we accrue for losses on manufacturing commitments in excess of forecasted demand Alternatively insufficient supply levels may lead to shortages that result in delayed hardware product revenue or loss of sales opportunities altogether as potential end customers turn to competitors products that are readily available If we are unable to effectively manage our supply and inventory our operating results could be adversely affected
Our hardware products contain key components from limited sources of supply including outside the United States and we are susceptible to supply shortages supply changes and international regulations which in certain cases have disrupted or delayed our scheduled product deliveries to our end customers increased our costs and may result in the loss of sales and end customers
Our hardware products rely on key components including integrated circuit components which our manufacturing partners purchase on our behalf from a limited number of component suppliers including sole source providers The manufacturing operations of some of our component suppliers are geographically concentrated in Asia and elsewhere which makes our supply chain vulnerable to regional disruptions such as natural disasters fire political instability civil unrest power outages or health risks and international regulations such as tariffs sanctions and import and export controls In the past we experienced supply chain disruption and have incurred increased costs resulting from inflationary pressures and changes in U S trade policy We are also monitoring the tensions between China and Taiwan and between the U S and China which could have an adverse impact on our business or results of operations in future periods
Further we do not have volume purchase contracts with any of our component suppliers and they could cease selling to us at any time If we are unable to obtain a sufficient quantity of these components in a timely manner for any reason sales of our hardware products could be delayed or halted or we could be forced to expedite shipment of such components or our hardware products at dramatically increased costs Our component suppliers also change their selling prices frequently in response to market trends including industry wide increases in demand Because we do not have for the most part volume purchase contracts with our component suppliers we are susceptible to price fluctuations related to raw materials and components and may not be able to adjust our prices accordingly Additionally poor quality in any of the sole sourced components in our products could result in lost sales or sales opportunities
If we are unable to obtain a sufficient volume of the necessary components for our hardware products on commercially reasonable terms or the quality of the components do not meet our requirements we could also be forced to redesign our products and qualify new components from alternate component suppliers The resulting stoppage or delay in selling our hardware products and the expense of redesigning our hardware products would result in lost sales opportunities and damage to customer relationships which would adversely affect our business and operating results
Our future success depends in part on our ability to continue to attract retain and motivate the members of our management team and other key employees For example we are substantially dependent on the continued service of our engineering personnel because of the complexity of our offerings Competition for highly skilled personnel particularly in engineering including in the areas of AI and machine learning is intense especially in the San Francisco Bay Area where we have a substantial presence and need for such personnel In addition the industry in which we operate generally experiences high employee attrition Our future performance depends on the continuing services and contributions of our senior management to execute on our business plan and to identify and pursue new opportunities and product innovations If we are unable to hire integrate train or retain the qualified and highly skilled personnel required to fulfill our current or future needs our business financial condition and operating results could be harmed
Further we believe that a critical contributor to our success and our ability to retain highly skilled personnel has been our corporate culture which we believe fosters innovation inclusion teamwork passion for end customers focus on execution and the facilitation of critical knowledge transfer and knowledge sharing As we grow and change we may find it difficult to maintain these important aspects of our corporate culture While we are taking steps to develop a more inclusive workforce there is no guarantee that we will be able to do so Any failure to preserve our culture as we grow could limit our ability to innovate and could negatively affect our ability to retain and recruit personnel continue to perform at current levels or execute on our business strategy
We generate a significant amount of revenue from sales to distributors resellers and end customers outside of the United States and we are therefore subject to a number of risks associated with international sales and operations
Our ability to grow our business and our future success will depend to a significant extent on our ability to expand our operations and customer base worldwide Many of our customers resellers partners suppliers and manufacturers operate around the world Operating in a global marketplace we are subject to risks associated with having an international reach and compliance and regulatory requirements We may experience difficulties in attracting managing and retaining an international staff and we may not be able to recruit and maintain successful strategic distributor relationships internationally Business practices in the international markets that we serve may differ from those in the United States and may require us in the future to include terms other than our standard terms related to payment warranties or performance obligations in end customer contracts
political economic and social uncertainty around the world health risks such as epidemics and pandemics like COVID 19 macroeconomic challenges terrorist activities the Russia Ukraine war tensions between China and Taiwan the hostilities in Israel and the surrounding region and continued hostilities in the Middle East
unexpected changes in or the application of foreign and domestic laws and regulations including intellectual property rights protections regulatory practices or enforcement policies trade restrictions international trade agreements and foreign legal requirements including those applicable to the importation certification and localization of our products tariffs and tax laws and treaties including regulatory and trade policy changes adopted by the current administration such as the Sanctions on Russia or foreign countries in response to regulatory changes adopted by the current administration and
non compliance with U S and foreign laws including antitrust regulations anti corruption laws such as the U S Foreign Corrupt Practices Act and the United Kingdom U K Bribery Act U S or foreign sanctions regimes and export or import control laws and any trade regulations ensuring fair trade practices
These and other factors could harm our future international revenues and consequently materially impact our business operating results and financial condition The expansion of our existing international operations and entry into additional international markets will require significant management attention and financial resources Our failure to successfully manage our international operations and the associated risks effectively could limit the future growth of our business
Our sales contracts are primarily denominated in U S dollars and therefore a predominant amount of our revenue is not subject to foreign currency risk However in the event of a strengthening of the U S dollar against foreign currencies in which we conduct business the cost of our products to our end customers outside of the United States would increase which could adversely affect our financial condition and operating results In addition increased international sales in the future including through our channel partners and other partnerships or as a result of our acquisitions may result in increased foreign currency denominated sales increasing our foreign currency risk
Our operating expenses incurred outside the United States and denominated in foreign currencies are generally increasing and are subject to fluctuations due to changes in foreign currency exchange rates If we are not able to successfully hedge against the risks associated with foreign currency fluctuations our financial condition and operating results could be adversely affected We have entered into forward contracts in an effort to reduce our foreign currency exchange exposure related to our foreign currency denominated revenue and operating expenditures As of July 31 2025 the total notional amount of our outstanding foreign currency forward contracts was 1 5 billion For more information on our hedging transactions refer to Note 6 Derivative Instruments in Part II Item 8 of this Annual Report on Form 10 K The effectiveness of our existing hedging transactions and the availability and effectiveness of any hedging transactions we may decide to enter into in the future may be limited and we may not be able to successfully hedge our exposure which could adversely affect our financial condition and operating results
We have business operations in Israel and intend to continue growing our presence in Israel including in connection with our proposed acquisition of CyberArk Our operations in Israel could be disrupted by political instability civil unrest terrorist attacks acts of violence acts of war or other military actions including the hostilities in Israel and the surrounding region The future of peace efforts between Israel and its Arab neighbors remains uncertain The effects of hostilities and violence on the Israeli economy and our operations in Israel are unclear and we cannot predict the effect on us of further increases in these hostilities or future armed conflict political instability or violence in the region Current or future tensions and conflicts in the Middle East could adversely affect our business operating results financial condition and cash flows
In addition many of our employees in Israel are obligated to perform annual reserve duty in the Israeli military and are subject to being called for active duty under emergency circumstances which has occurred as a result of hostilities in Israel and the surrounding region We cannot predict the full impact of these conditions on us in the future particularly if emergency circumstances or an escalation in the political situation or hostilities occurs If many of our employees in Israel are called for active duty for a significant period of time our operations and our business could be disrupted and may not be able to function at full capacity Any disruption in our operations in Israel could adversely affect our business
Because we incorporate encryption technology into our products certain of our products are subject to U S export controls and may be exported outside the United States only with the required export license or through an export license exception If we were to fail to comply with U S export licensing requirements U S customs regulations U S economic sanctions or other laws or regulations we could be subject to substantial civil and criminal penalties including fines incarceration for responsible employees and managers and the possible loss of export or import privileges Obtaining the necessary export license for a particular sale may be time consuming and may result in the delay or loss of sales opportunities Furthermore U S export control laws and economic sanctions prohibit the shipment of certain products to U S embargoed or sanctioned countries governments and persons Even though we take precautions to ensure that our channel partners comply with all relevant regulations any failure by our channel partners to comply with such regulations could have negative consequences for us including reputational harm government investigations and penalties
In addition various countries regulate the import of certain encryption technology including through import permit and license requirements and have enacted laws that could limit our ability to distribute our products or could limit our end customers ability to implement our products in those countries Changes in our products or changes in export and import regulations may create delays in the introduction of our products into international markets prevent our end customers with international operations from deploying our products globally or in some cases prevent or delay the export or import of our products to certain countries governments or persons altogether Any change in export or import regulations economic sanctions such as the Sanctions on Russia or related legislation shift in the enforcement or scope of existing regulations or change in the countries governments persons or technologies targeted by such regulations could result in decreased use of our products by or in our decreased ability to export or sell our products to existing or potential end customers with international operations Any decreased use of our products or limitation on our ability to export to or sell our products in international markets would likely adversely affect our business financial condition and operating results
International trade laws and regulations continuously evolve to address technological developments and changes in geopolitical conditions New regulations or other governmental restrictions that may result from these circumstances could inhibit our ability to transact with foreign suppliers customers or other business partners Monitoring and responding to these developments may require significant resources and failure to comply with resulting regulations and restrictions may have an adverse impact on our business or results of operation
A wide variety of laws and regulations apply to the collection use retention protection disclosure transfer and other processing of personal data in jurisdictions where we and our customers operate Compliance with these laws and regulations is difficult and costly These laws and regulations are also subject to frequent inconsistent and unexpected changes new modified or additional laws or regulations may be adopted and rulings that invalidate prior laws regulations or interpretations of such laws or regulations may be issued For example we are subject to the E U General Data Protection Regulation E U GDPR and the U K General Data Protection Regulation U K GDPR and collectively the GDPR each of which imposes stringent data protection requirements provide for costly penalties for noncompliance up to the greater of a 20 million under the E U GDPR or 17 5 million under the U K GDPR and b 4 of annual worldwide turnover and confer the right upon data subjects and consumer associations to lodge complaints with supervisory authorities seek judicial remedies and obtain compensation for damages resulting from violations
The GDPR imposes restrictions among other things on the transfer of personal data outside of the European Economic Area EEA or in the case of the U K GDPR the U K to non EEA countries such as the United States unless adequate safeguards are implemented or a derogation applies In practice we rely on standard contractual clauses approved under the GDPR to carry out such transfers and to receive personal data subject to the GDPR directly or indirectly in the United States In addition with respect to the personal data that we process on behalf of our customers we self certified to the E U U S Data Privacy Framework E U U S DPF the UK Extension to the E U U S DPF and the Swiss U S Data Privacy Framework collectively the DPF as set forth by the U S Department of Commerce regarding transfers of certain personal data from the E U the U K and Switzerland to the United States The DPF has been recognized as adequate under applicable law to allow transfers of personal data from the E U U K and Switzerland as the case may be to companies in the U S that have self certified to the framework However the DPF may be subject to legal challenges which could invalidate its use disrupt our ability to rely on such data transfer mechanisms and otherwise cause the legal requirements for such data transfers to be uncertain
In addition the U K government enacted the U K Data Use and Access Act 2025 on June 19 2025 which includes targeted amendments to the U K s data protection regime that cause it to expressly deviate from the GDPR This development creates new compliance challenges and has created uncertainty with respect to the European Commission s adequacy determination regarding the U K s data protection regime which has been extended until December 2025 and must be renewed to permit ongoing relatively unrestricted data flows from the EEA to the UK
Among other effects of these developments we may experience additional costs associated with increased compliance burdens reduced demand for our offerings from current or prospective customers in the EEA Switzerland and the U K collectively Europe to use our products on account of the risks identified in the Schrems II decision or other developments relating to cross border data transfers and we may find it necessary or desirable to make further changes to our processing of personal data of European residents The regulatory environment applicable to the handling of European residents personal data and cross border data transfers and our actions taken in response may cause us to assume additional liabilities or incur additional costs Moreover much like with Schrems II we anticipate future legal challenges to the approved data transfer mechanisms between Europe and the United States including a challenge to the E U U S DPF Such legal challenges could result in additional legal and regulatory risk compliance costs and in our business operating results and financial condition being harmed
We are also subject to the California Consumer Privacy Act as amended by the California Privacy Rights Act collectively the CCPA The CCPA requires among other things covered businesses to provide enhanced disclosures to California consumers and to afford such consumers certain rights regarding their personal data including the right to opt out of data sales for targeted advertising and creates a private right of action to individuals affected by a data breach if the breach was caused by a lack of reasonable security The effects of the CCPA have been significant requiring us to modify our data processing practices and policies and to incur substantial costs and expenses for compliance Moreover other U S states have enacted laws relating to privacy and security that are potentially relevant to us These include laws enacted in at least 20 U S states a portion of which are expected to come into effect over the course of our fiscal 2026 The U S Department of Justice also has issued rules regarding access to or transfer of certain bulk sensitive personal data by countries of concern Increasingly complex federal or state laws and regulations relating to privacy and security and interpretations and enforcement of existing laws and regulations relating to these matters may require us to modify our data practices and policies incur substantial compliance costs and expenses and add further complexity to our compliance efforts that could adversely affect our business or increase our potential liability if we fail to comply or are alleged to have done so
We may also from time to time be subject to obligations relating to personal data by contract or face assertions that we are subject to self regulatory obligations or industry standards Additionally the Federal Trade Commission and many state attorneys general are more regularly bringing enforcement actions in connection with federal and state consumer protection laws for false or deceptive acts or practices in relation to the online collection use dissemination and security of personal data Internationally data localization laws may mandate that personal data collected in a foreign country be processed and stored within that country
We and our customers may face risk of enforcement actions by regulators or data protection authorities private litigation and adverse publicity including reputational damage and loss of customer confidence for alleged violations of any of the foregoing obligations Any such claims could result in substantial costs ongoing remedial audit and reporting obligations and diversion of resources and distract management and technical personnel These potential liabilities and enforcement actions could also have an overall negative effect on our business operating results and financial condition The amount and scope of insurance we maintain may not cover all types of claims that may arise
New legislation affecting the scope of personal data and personal information where we or our customers and partners have operations especially relating to classification of Internet Protocol IP addresses machine identification AI and machine learning location data and other information may limit or inhibit our ability to operate or expand our business including limiting strategic partnerships that may involve the sharing or uses of data and may require significant expenditures and efforts in order to comply Notably public perception of potential privacy data protection or information security concerns whether or not valid may harm our reputation and inhibit adoption of our products and subscriptions by current and future end customers Each of these laws and regulations and any changes to these laws and regulations or new laws and regulations could impose significant limitations or require changes to our business model or practices or growth strategy which may increase our compliance expenses and make our business more costly or less efficient to conduct
Our income tax obligations are based in part on our corporate structure and intercompany arrangements including the manner in which we develop value and use our intellectual property and the valuations of our intercompany transactions The tax laws applicable to our business including the laws of the United States and various other jurisdictions are subject to interpretation and certain jurisdictions may aggressively interpret their laws regulations and policies including in an effort to raise additional tax revenue The tax authorities of the jurisdictions in which we operate may challenge our methodologies for valuing developed or acquired technology or determining the proper charges for intercompany arrangements which could increase our worldwide effective tax rate harm our financial position and operating results and have a negative effect on our cash flow Some tax authorities of jurisdictions other than the United States may seek to assert extraterritorial taxing rights on our transactions or operations It is possible that domestic or international tax authorities may subject us to tax examinations or audits and such tax authorities may disagree with certain positions we have taken and any adverse outcome of such an examination review or audit could result in additional tax liabilities and penalties and otherwise have a negative effect on our financial position operating results and cash flow Further the determination of our worldwide provision for income taxes and other tax liabilities requires significant judgment by management and there are transactions where the ultimate tax determination is uncertain Although we believe that our estimates are reasonable the ultimate tax outcome may differ from the amounts recorded on our consolidated financial statements and may materially affect our financial results in the period or periods for which such determination is made
In addition our future income tax obligations and effective tax rates could be adversely affected by changes in or interpretations of tax laws regulations policies or decisions in the United States or in the other jurisdictions in which we operate including as a result of the U S federal tax legislation commonly referred to as the One Big Beautiful Bill Act which was signed into law on July 4 2025
If our estimates or judgments including those relating to our critical accounting policies are based on assumptions that change or prove to be incorrect our operating results differ from our publicly announced guidance or the expectations of securities analysts and investors resulting in a decline in the market price of our common stock
The preparation of consolidated financial statements in conformity with U S generally accepted accounting principles U S GAAP requires management to make estimates and assumptions that affect the amounts reported on our consolidated financial statements and accompanying notes We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances the results of which form the basis for making judgments about the carrying amounts of assets liabilities equity revenue and expenses that are not readily apparent from other sources For more information relating to critical accounting policies refer to the section entitled Critical Accounting Estimates in Management s Discussion and Analysis of Financial Condition and Results of Operations in Part II Item 7 of this Annual Report on Form 10 K In general if our estimates judgments or assumptions relating to our critical accounting policies change or if actual circumstances differ from our estimates judgments or assumptions our operating results may be adversely affected and could fall below our publicly announced guidance or the expectations of securities analysts and investors resulting in a decline in the market price of our common stock
We are obligated to maintain proper and effective internal control over financial reporting We may not complete our analysis of our internal control over financial reporting in a timely manner or our internal control may not be determined to be effective which may adversely affect investor confidence in our company and as a result the value of our common stock
If we are unable to assert that our internal controls are effective our independent registered public accounting firm may not be able to formally attest to the effectiveness of our internal control over financial reporting If in the future our chief executive officer chief financial officer or independent registered public accounting firm determines that our internal control over financial reporting is not effective as defined under Section 404 we could be subject to one or more investigations or enforcement actions by state or federal regulatory agencies stockholder lawsuits or other adverse actions requiring us to incur defense costs pay fines settlements or judgments causing investor perceptions to be adversely affected and potentially resulting in a decline in the market price of our stock
There is an increasing focus from regulators certain investors and other stakeholders concerning corporate responsibility matters both in the United States and internationally We communicate certain corporate responsibility related initiatives goals and or commitments regarding sustainability matters inclusion responsible sourcing and social investments and other matters in our annual Corporate Responsibility Report on our website in our filings with the SEC and elsewhere These initiatives goals or commitments could be difficult to achieve and costly to implement We could fail to achieve or be perceived to fail to achieve our corporate responsibility related initiatives goals or commitments In addition we could be criticized for the timing scope or nature of these initiatives goals or commitments or for any revisions to them To the extent that our required and voluntary disclosures about corporate responsibility matters increase we could be criticized for the accuracy adequacy or completeness of such disclosures Our actual or perceived failure to achieve our corporate responsibility related initiatives goals or commitments could negatively impact our reputation result in corporate responsibility focused investors not purchasing and holding our stock or otherwise materially harm our business
In addition we are or may become subject to various new and proposed sustainability related laws and regulations including for example the E U s Corporate Sustainability Reporting Directive Additional regulation may require us to incur significant additional costs associated with increased compliance burdens including the implementation of additional internal controls processes and procedures and impose increased oversight obligations on our management and board of directors as well as require us to retain third party experts Noncompliance with applicable regulations or requirements could subject us to investigations sanctions enforcement actions fines or litigation which could negatively impact our business operating results or financial condition
Our business is subject to regulation by various federal state local and foreign governmental agencies including agencies responsible for monitoring and enforcing employment and labor laws workplace safety product safety environmental laws consumer protection laws privacy data security and data protection laws anti bribery laws including the U S Foreign Corrupt Practices Act and the U K Anti Bribery Act import export controls federal securities laws and tax laws and regulations These laws and regulations may also impact our innovation and business drivers in developing new and emerging technologies e g AI and machine learning In certain jurisdictions these regulatory requirements may be more stringent than those in the United States Noncompliance with applicable regulations or requirements could subject us to investigations sanctions mandatory product recalls enforcement actions disgorgement of profits fines damages civil and criminal penalties or injunctions If any governmental sanctions are imposed or if we do not prevail in any possible civil or criminal litigation resulting from any alleged noncompliance our business operating results and financial condition could be materially adversely affected In addition responding to any action will likely result in a significant diversion of management s attention and resources and an increase in professional fees Enforcement actions litigation and sanctions could harm our business operating results and financial condition
The market price of our common stock has historically been and is likely to continue to be volatile and could be subject to wide fluctuations in response to various factors some of which are beyond our control and unrelated to our business operating results or financial condition These fluctuations could cause a loss of all or part of an investment in our common stock Factors that could cause fluctuations in the market price of our common stock include but are not limited to
In the past following periods of volatility in the market price of a company s securities securities class action litigation has often been brought against that company Securities litigation could result in substantial costs divert our management s attention and resources from our business and have a material adverse effect on our business operating results and financial condition
In June 2020 we issued our 0 375 Convertible Senior Notes due 2025 the 2025 Notes which matured on June 1 2025 In connection with the sale of our 2025 Notes we entered into convertible note hedge transactions the 2025 Note Hedges with certain counterparties In connection with the sale of the 2025 Notes and purchase of the 2025 Note Hedges we also entered into warrant transactions with the counterparties pursuant to which we sold warrants the 2025 Warrants for the purchase of our common stock The 2025 Warrants could have a dilutive effect to the extent that the market price per share of our common stock exceeds the applicable strike price of the 2025 Warrants unless subject to certain conditions we elect to cash settle such 2025 Warrants
The applicable counterparties to the 2025 Warrants or their respective affiliates may modify their related hedge positions by entering into or unwinding various derivatives with respect to our common stock and or purchasing or selling our common stock or other securities of ours in secondary market transactions prior to the expiration of the 2025 Warrants This activity could cause or prevent an increase or a decrease in the market price of our common stock
We do not make any representation or prediction as to the direction or magnitude of any potential effect that the transactions described above may have on the price of our common stock In addition we do not make any representation that the counterparties or their respective affiliates will engage in these transactions or that these transactions once commenced will not be discontinued without notice
The issuance of additional stock in connection with financings acquisitions investments our stock incentive plans exercise of the 2025 Warrants or otherwise will dilute stock held by all other stockholders
Our restated certificate of incorporation authorizes us to issue up to 2 0 billion shares of common stock and up to 100 0 million shares of preferred stock with such rights and preferences as may be determined by our board of directors Subject to compliance with applicable rules and regulations we may issue shares of common stock or securities convertible into or exchangeable for shares of our common stock from time to time in connection with a financing or other capital raising acquisition investment our stock incentive plans the settlement of our 2025 Warrants or otherwise Any such issuance including in connection with the proposed CyberArk acquisition could result in substantial dilution to our existing stockholders and cause the market price of our common stock to decline
As of July 31 2025 we had 1 0 billion available under our share repurchase program which will expire on December 31 2025 and may be suspended or discontinued at any time without prior notice Although our board of directors has authorized a share repurchase program we are not obligated to repurchase any specific dollar amount or to acquire any specific number of shares under the program The share repurchase program could affect the price of our common stock increase volatility and diminish our cash reserves In addition the program may be suspended or terminated at any time which may result in a decrease in the price of our common stock
We have never declared or paid any dividends on our common stock We intend to retain any earnings to finance the operation and expansion of our business and we do not anticipate paying any cash dividends in the future As a result stockholders may only receive a return on their investments in our common stock if the market price of our common stock increases
Provisions in our restated certificate of incorporation and amended and restated bylaws may have the effect of delaying or preventing a change in control of our company or changes in our management Our amended and restated certificate of incorporation and amended and restated bylaws include provisions that among other things
require the affirmative vote of holders of at least 66 2 3 of the voting power of all of the then outstanding shares of the voting stock voting together as a single class to amend the provisions of our restated certificate of incorporation relating to the issuance of preferred stock and management of our business or our amended and restated bylaws
These provisions may frustrate or prevent any attempts by our stockholders to replace or remove our current management by making it more difficult for our stockholders to replace members of our board of directors which is responsible for appointing the members of management In addition as a Delaware corporation we are subject to Section 203 of the Delaware General Corporation Law These provisions may prohibit large stockholders in particular those owning 15 or more of our outstanding voting stock from merging or combining with us for a certain period of time Any of these provisions could under certain circumstances depress the market price of our common stock
Both our corporate headquarters and the location where our products are manufactured are located in the San Francisco Bay Area a region known for seismic activity In addition other natural disasters such as fire or floods a significant power outage telecommunications failure terrorism an armed conflict cyberattacks epidemics and pandemics such as COVID 19 or other geopolitical unrest could affect our supply chain manufacturers logistics providers channel partners end customers or the economy as a whole and such disruption could impact our shipments and sales These risks may be further increased if the disaster recovery plans for us and our suppliers prove to be inadequate To the extent that any of the above should result in delays or cancellations of customer orders the loss of customers or the delay in the manufacture deployment or shipment of our products our business financial condition and operating results would be adversely affected
Our failure to raise additional capital or generate the significant capital necessary to expand our operations and invest in new products and subscriptions could reduce our ability to compete and could harm our business
We intend to continue to make investments to support our business growth and may require additional funds to respond to business challenges including the need to develop new features to enhance our portfolio improve our operating infrastructure or acquire complementary businesses and technologies Accordingly we may need to engage in equity or debt financings to secure additional funds If we engage in future debt financings the holders of such additional debt would have priority over the holders of our common stock Current and future indebtedness may also contain terms that among other things restrict our ability to incur additional indebtedness In addition we may be required to take other actions that would otherwise be in the interests of the debt holders and would require us to maintain specified liquidity or other ratios any of which could harm our business operating results and financial condition If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it our ability to continue to support our business growth and to respond to business challenges could be significantly impaired and our business may be adversely affected
As a global cybersecurity provider cybersecurity risk management is an integral part of our overall enterprise risk management program We recognize the critical importance that a strong cybersecurity risk management program plays in maintaining the trust and confidence of our customers end users business partners stockholders and employees We have established processes and procedures for identifying evaluating and responding to risks from cybersecurity threats including any potential unauthorized access to our information systems that may result in adverse effects on the confidentiality integrity or availability of our information systems data or information assets
Our cybersecurity risk management program includes written policies standards and procedures for maintaining data privacy product security and information security to mitigate cybersecurity risks and to identify evaluate and respond to cybersecurity threats vulnerabilities and incidents Our cybersecurity risk management program and strategy is implemented across several areas which include but are not limited to the following
We maintain a written information security program which provides for policies standards guidelines and administrative technical and physical safeguards that we believe are reasonably designed in light of the nature size and complexity of our operations to protect the resiliency of our operations and the confidentiality integrity and availability of our information systems data and information assets The organizational administrative and technical measures we implement are based on recognized security frameworks established by the National Institute of Standards and Technology security measures aligned with the ISO IEC 27000 series of standards and other generally recognized industry standards The program is assessed regularly and in light of new and emerging cybersecurity risks
We deploy and maintain a variety of technologies to prevent and detect cybersecurity threats across the network endpoint and cloud We also apply security by design principles in our software development lifecycle track vulnerabilities of open source software and run internal and external network scans at least weekly and after any meaningful change in our network configuration We conduct regular application security assessments including our assessments for internet facing applications that collect transmit or display end user data We also employ tooling in certain areas to help prevent deviations from policy
We maintain incident response and recovery protocols to enable prompt effective and orderly identification evaluation management and disposition of actual and potential security threats and incidents including for purposes of escalation and internal and external notification steps We maintain a cross functional incident response team including senior representatives from information security information technology product legal privacy communications and finance that is involved in assessing cybersecurity threats and incidents assigning severity levels and evaluating the potential impact including the potential impact on our business strategy results of operations and financial condition This allows for prompt direction of appropriate personnel and resources for incident management and response and internal notification to appropriate members of management which may include our chief executive officer chief product and technology officer vice president acting as chief information security officer general counsel chief financial officer and or chief accounting officer and the security committee of our board of directors the Security Committee The protocols also establish steps designed to publicly report and or alert external stakeholders as and when required by applicable law or otherwise determined appropriate
We maintain a risk based approach to identifying and overseeing cybersecurity risks presented by certain third parties including vendors service providers suppliers operations parties and other external users of our systems as well as the systems of third parties that could adversely impact our business in the event of a cybersecurity incident affecting those third party systems This includes a security process to conduct due diligence prior to engaging contractors and vendors and assess the security capabilities of subcontractors and vendors on a periodic basis
We engage in at least quarterly assessments and testing of the effectiveness of our cybersecurity risk management program and incident response protocols that are designed to identify and evaluate vulnerabilities and weaknesses address cybersecurity threats and test our readiness to respond to cybersecurity incidents These efforts include but are not limited to threat modeling vulnerability scans penetration testing audits and tabletop exercises We regularly engage third parties to perform assessments on our cybersecurity measures such as audits and independent reviews of our compliance with various security compliance standards including those established by the American Institute of Certified Public Accountants operating effectiveness and penetration tests The results of such assessments are reported to management and we adjust our cybersecurity policies standards processes and practices as necessary based on the information provided by these assessments audits and reviews
We provide regular training for educating employees about corporate policies and procedures and information security designed to provide our employees with knowledge of best practices and effective tools for safeguarding our data and assets and reducing security risks based on the human threat vector Our information security compliance training data protection training and code of conduct training is mandatory for all employees
As discussed in more detail below under the heading Cybersecurity Governance our board of directors has delegated oversight of enterprise security risk management including but not limited to cybersecurity risk management to the Security Committee As part of our cybersecurity risk management procedures senior members of management and the Security Committee are informed regarding security events based on established reporting thresholds and are provided ongoing updates regarding any such meaningful threat or incident
We have not identified any risks from cybersecurity threats including as a result of any previous cybersecurity incidents that have materially impacted or are reasonably likely to materially impact us including our business strategy results of operations or financial condition to date However we face ongoing and increasing cybersecurity risks including from threat actors that are becoming more sophisticated and effective over time and we can provide no assurance that there will not be incidents in the future or that past or future threats or incidents will not materially affect us including our business strategy results of operations or financial conditions For additional information regarding these risks please refer to Part I Item 1A Risk Factors in this Form 10 K including but not limited to the risk factor entitled
The Security Committee which is composed of our independent directors and chaired by our chief product and technology officer facilitates our board of directors responsibility for oversight of security matters including product security data security cybersecurity security risk management risk exposure and related controls and enterprise risk management related to these risks The Security Committee reports regularly to the Board following meetings of the Security Committee with respect to its review and assessment of security matters and other matters that are relevant to the Security Committee s discharge of its responsibilities The Security Committee meets quarterly to review with our vice president acting as chief information security officer and other members of management which may include our chief executive officer chief product and technology officer chief financial officer and general counsel our cybersecurity programs cybersecurity risks mitigation or remediation strategies and other matters impacting the committee s responsibilities
Management is responsible for day to day risk management activities including identifying assessing and managing our exposure to cybersecurity risks establishing processes and procedures to ensure that potential cybersecurity risk exposures are monitored implementing appropriate mitigation or remediation measures as needed and maintaining cybersecurity risk management programs Our vice president acting as chief information security officer is responsible for defining overseeing managing implementing and reviewing compliance with the information security programs described above under the heading Cybersecurity Risk Management and Strategy This vice president receives regular reports from our information security team and monitors the prevention detection and mitigation or remediation of cybersecurity risks In addition as described in further detail above under the heading Cybersecurity Risk Management and Strategy a cross functional team is involved in assessing and managing the risks from cybersecurity threats and incidents and reporting information about risks to the Security Committee
Our information security team consists of dedicated personnel who are experienced information systems security professionals and information security managers with many years of experience across a variety of technology sub specialties In particular our vice president acting as chief information security officer has extensive experience in the management of cybersecurity risk management programs having served in various roles in information technology and security for over 25 years In addition six of the eleven members of our board of directors have expertise in overseeing cybersecurity and information security management
Our corporate headquarters is located in Santa Clara California where we lease approximately 941 000 square feet of space under three lease agreements that expire in July 2028 with options to extend the lease terms through July 2046 We also lease space for personnel around the world including Israel and India In addition we provide our cloud based subscription offerings through data centers operated under co location arrangements in the United States Europe and Asia Refer to Note 12 Leases in Part II Item 8 of this Annual Report on Form 10 K for more information on our operating leases Additionally we own 10 4 acres of land adjacent to our headquarters in Santa Clara California which we intend to develop to accommodate future expansion the speed of which development has been slowed due to the current environment
We believe that our current facilities are adequate to meet our current needs We intend to expand our facilities or add new facilities as we add employees and enter new geographic markets and we believe that suitable additional or alternative space will be available as needed to accommodate ongoing operations and any such growth However we expect to incur additional expenses in connection with such new or expanded facilities
As of August 18 2025 there were 565 holders of record of our common stock Because many of our shares of common stock are held by brokers and other institutions on behalf of stockholders we are unable to estimate the total number of stockholders represented by these record holders
We have never declared or paid and do not anticipate declaring or paying in the foreseeable future any cash dividends on our capital stock Any future determination as to the declaration and payment of dividends if any will be at the discretion of our board of directors subject to applicable laws and will depend on then existing conditions including our financial condition operating results contractual restrictions capital requirements business prospects and other factors our board of directors may deem relevant
See Part III Item 12 Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters of this Annual Report on Form 10 K for more information regarding securities authorized for issuance
During the three months ended July 31 2025 holders of the 2025 Notes converted 382 9 million in aggregate principal amount of the 2025 Notes which we repaid in cash We also issued 5 6 million shares of our unregistered common stock to the holders of the 2025 Notes for the conversion value in excess of the principal amount These shares of our common stock were issued in reliance on the exemption from registration provided by Section 3 a 9 of the Securities Act of 1933 as amended the Securities Act
In February 2019 we announced that our board of directors authorized a 1 0 billion share repurchase program which is funded from available working capital We subsequently announced additional increases to this share repurchase program bringing the total authorization to 4 1 billion with 1 0 billion remaining as of July 31 2025 The expiration date of this repurchase authorization was extended to December 31 2025 and our repurchase program may be suspended or discontinued at any time Repurchases under our program are to be made at management s discretion on the open market through privately negotiated transactions transactions structured through investment banking institutions block purchase techniques 10b5 1 trading plans or a combination of the foregoing During the three months ended July 31 2025 we did not repurchase any shares pursuant to our share repurchase program
This performance graph shall not be deemed filed for purposes of Section 18 of the Securities Exchange Act of 1934 as amended the Exchange Act or incorporated by reference into any filing of Palo Alto Networks Inc under the Securities Act of 1933 as amended or the Exchange Act except as shall be expressly set forth by specific reference in such filing
This performance graph compares the cumulative total return on our common stock with that of the Nasdaq 100 Index the Standard Poor s 500 Index and the Standard Poor s 500 Information Technology Index for the five years ended July 31 2025 This performance graph assumes 100 was invested on July 31 2020 in each of the common stock of Palo Alto Networks Inc the Nasdaq 100 Index the Standard Poor s 500 Index and the Standard Poor s 500 Information Technology Index and assumes the reinvestment of any dividends The stock price performance on this performance graph is not necessarily indicative of future stock price performance
The following discussion and analysis of our financial condition and results of operations should be read in conjunction with our consolidated financial statements and related notes appearing elsewhere in this Annual Report on Form 10 K The following discussion and analysis contains forward looking statements based on current expectations and assumptions that are subject to risks and uncertainties which could cause our actual results to differ materially from those anticipated or implied by any forward looking statements Factors that could cause or contribute to such differences include but are not limited to those discussed in this Annual Report on Form 10 K and in particular the risks discussed under the caption Risk Factors in Part I Item 1A of this report
A discussion of the nature and trends in our financial results and an analysis of our financial results comparing fiscal 2025 to fiscal 2024 For discussion and analysis related to our financial results comparing fiscal 2024 to 2023 refer to Part II Item 7 Management s Discussion and Analysis of Financial Condition and Results of Operations in our Annual Report on Form 10 K for fiscal 2024 which was filed with the Securities and Exchange Commission on September 6 2024
Our mission is to be the cybersecurity partner of choice for enterprises organizations service providers and government entities to protect our digital way of life Our cybersecurity platforms and services help secure enterprise users networks clouds and endpoints by delivering comprehensive cybersecurity backed by artificial intelligence AI and automation A key element of our strategy is to help our customers simplify their security architectures through consolidating disparate point products We execute on this strategy by developing our capabilities and packaging our offerings into platforms which are able to cover many of our customers needs in the markets in which we operate Our platformization strategy combines various products and services into a tightly integrated architecture for more secure faster and cost effective outcomes
Access when combined with Prisma SD WAN provides a comprehensive single vendor SASE offering that is used to secure remote workforces and cloud delivered branch offices Prisma Access Browser further extends SASE security and data protection to the end user device providing workers with freedom to access business applications securely using our secure browser from any device
Prisma Access Agent Enterprise Data Loss Prevention Enterprise DLP AI for IT Operations AIOps Software as a Service SaaS Security and AI Access Security Through these add on services our customers are able to secure their content applications users and devices across their entire organization
Prisma AIRS is a comprehensive AI security platform that has been designed to protect customers entire AI ecosystem by providing AI model scanning posture management red teaming run time security and AI agent security
SCM our network security management solution centrally manages network security across all remote workers branches headquarters campuses and cloud SCM leverages AI to simplify and strengthen network security by enabling customers to proactively pinpoint vulnerabilities gain real time remediation recommendations and enhance overall digital experiences thereby reducing operational burden This comprehensive solution includes Strata Copilot which offers a natural language interface for enhanced insights and guided remediation and integrates Autonomous Digital Experience Monitoring ADEM to proactively maintain infrastructure health facilitate AI driven one click troubleshooting and ensure seamless end user performance across the enterprise
Our AI powered Cortex platform transforms end to end security operations with unified data AI and automation for more secure faster and cost effective outcomes We have consolidated our industry leading Security Operations and Cloud Security capabilities on a single comprehensive platform to provide centralized visibility proactive protection real time prevention AI driven insights and automated remediation across enterprise and cloud
We deliver the next generation of security operations capabilities that unifies standalone Security Information and Event Management SIEM tools endpoint security security automation cloud detection and response CDR as well as attack surface management ASM capabilities on our Cortex
We deliver comprehensive security across the cloud application development lifecycle through Cortex Cloud delivered as a scalable SaaS offering As a comprehensive Cloud Native Application Protection Platform CNAPP combined with CDR Cortex Cloud secures multi and hybrid cloud environments for applications data generative AI GenAI ecosystem and the cloud native technology stack across the full development lifecycle from code to cloud to security operations As part of the Cortex Cloud platform customers can expand from Cortex Cloud to our security operations offerings available on a single user experience and unified agent We also offer our VM Series and CN Series virtual firewalls for inline network security on multi and hybrid cloud environments
Unit 42 brings together world renowned expertise across threat research incident response and security consulting to deliver intelligence driven response ready outcomes that help customers reduce cyber risk Our elite consultants serve as trusted advisors to our customers by assessing and testing their security controls against sophisticated threats transforming their security strategy with a threat informed approach and responding to security incidents on behalf of our clients Additionally Unit 42 offers managed detection and response MDR and managed threat hunting services
For fiscal 2025 and 2024 total revenue was 9 2 billion and 8 0 billion respectively representing year over year growth of 14 9 Our growth reflects the increased adoption of our portfolio which consists of product subscriptions and support We believe our portfolio will enable us to benefit from recurring revenues and new revenues as we continue to grow our end customer base As of July 31 2025 we had end customers in over 180 countries Our end customers represent a broad range of industries including education energy financial services government entities healthcare Internet and media manufacturing public sector and telecommunications and include almost all of the Fortune 100 companies and a majority of the Global 2000 companies We maintain a field sales force that works closely with our channel partners in developing sales opportunities We primarily use a two tiered indirect fulfillment model whereby we sell our products subscriptions and support to our distributors which in turn sell to our resellers which then sell to our end customers
Our product revenue grew to 1 8 billion or 19 5 of total revenue for fiscal 2025 representing year over year growth of 12 4 Product revenue is derived from sales of hardware products primarily our ML Powered Next Generation Firewall and software licenses including SD WAN the VM Series and Panorama
Our ML Powered Next Generation Firewall incorporates our PAN OS operating system which provides a consistent set of capabilities across our entire network security product line Our hardware products and software licenses include a broad set of built in networking and security features and functionalities Our products are designed for different performance requirements throughout an organization ranging from our PA 400 which is designed for small organizations and remote or branch offices to our top of the line PA 7500 which is designed for large scale data centers and service provider use The same firewall functionality that is delivered in our hardware products is also available in our VM Series virtual firewalls which secure virtualized and cloud based computing environments and in our CN Series container firewalls which secure container environments and traffic
Our subscription and support revenue grew to 7 4 billion or 80 5 of total revenue for fiscal 2025 representing year over year growth of 15 5 Our subscriptions provide our end customers with near real time access to the latest intrusion prevention web security modern malware prevention data loss prevention CASB and AI security capabilities across the network endpoints and the cloud Our subscriptions also include security operations which enable customers to leverage the AI powered Cortex platform for advanced capabilities such as security information and event management next generation antivirus endpoint detection and response extended detection and response identity threat detection and response cloud detection and response SOAR ASM and CNAPP for comprehensive cloud security Additionally we offer MDR for Cortex subscriptions powered by Unit 42 s elite expertise When customers purchase our physical virtual or container firewalls or certain cloud offerings they typically purchase support in order to receive ongoing security updates upgrades bug fixes and repairs In addition to the subscriptions purchased with these firewalls customers may also purchase other subscriptions on a per user per endpoint or capacity based basis We also offer professional services including incident response risk management and digital forensic services
We continue to invest in innovation as we evolve and further extend the capabilities of our portfolio as we believe that innovation and timely development of new features and products are essential to meeting the needs of our end customers and improving our competitive position During fiscal 2025 we introduced several new offerings including Prisma Access Browser new capabilities in our OT Security solution Cortex Cloud Prisma AIRS and Cortex XSIAM 3 0 Additionally in August 2024 we completed the acquisition of certain IBM QRadar assets which we expect will help accelerate the growth of our Cortex business Additionally in July 2025 we completed the acquisition of Protect AI which we expect will enhance the capabilities of our AI security platform In July 2025 we also entered into a definitive agreement to acquire Software Ltd CyberArk an identity security company which acquisition is expected to close during the second half of our fiscal 2026
We believe that the growth of our business and our short term and long term success are dependent upon many factors including our ability to extend our technology leadership grow our base of end customers expand deployment of our portfolio and support offerings within existing end customers focus on end customer satisfaction and address any product vulnerabilities To manage any future growth effectively we must continue to improve and expand our information technology and financial infrastructure our operating and administrative systems and controls and our ability to manage headcount capital and processes in an efficient manner While these areas present significant opportunities for us they also pose challenges and risks that we must successfully address in order to sustain the growth of our business and improve our operating results For additional information regarding the challenges and risks we face see the Risk Factors section in Part I Item 1A of this Annual Report on Form 10 K
Our overall performance depends in part on worldwide economic and geopolitical conditions and their impact on customer behavior Changes in legislation or regulations and actions by regulators including changes in enforcement and administration policies may have an impact on our results of operations and financial condition Significant changes in U S or global trade policy including further expansion of U S export imports controls and tariffs as well as retaliatory actions by other countries may materially and adversely affect our business Further economic conditions including inflation high interest rates slow growth fluctuations in foreign exchange rates supply chain disruptions impacts of trade regulations or international trade disputes and other conditions may adversely affect our results of operations and financial performance
The hostilities in Israel and the surrounding region have continued to result in economic and political uncertainty While we have business operations in Israel and intend to continue growing our presence in Israel we currently do not expect significant business disruption We are actively monitoring evaluating and responding to the situation
We are also monitoring the impact of inflationary pressures and the tensions between China and Taiwan and between the U S and China which could have an adverse impact on our business or results of operations in future periods
We monitor the key financial metrics set forth in the tables below to help us evaluate growth trends establish budgets measure the effectiveness of our sales and marketing efforts and assess operational efficiencies We discuss revenue gross margin and the components of operating income and margin below under Results of Operations
Our NGS ARR represents the annualized allocated revenue of all active contracts as of the final day of the reporting period related to all product subscription and support offerings excluding revenue from hardware products and legacy attached subscriptions support offerings and professional services NGS ARR is an operating metric that we use to assess the strength and trajectory of our business NGS ARR should be viewed independently of revenue deferred revenue and remaining performance obligations and does not represent our revenue under U S GAAP on an annualized basis as it is an operating metric that can be impacted by contract start and end dates and renewal rates NGS ARR is not intended to be a replacement for forecasts of revenue The scope of products subscriptions and support offerings that contribute to NGS ARR will generally increase over time as we introduce or acquire new next generation products subscriptions and support offerings
We monitor cash flow provided by operating activities as a measure of our overall business performance Our cash flow provided by operating activities is driven in large part by sales of our products and from up front payments for subscription and support offerings Monitoring cash flow provided by operating activities enables us to analyze our financial performance without the non cash effects of certain items such as share based compensation costs depreciation and amortization thereby allowing us to better understand and manage the cash needs of our business
We define free cash flow a non GAAP financial measure as cash provided by operating activities less purchases of property equipment and other assets We consider free cash flow to be a profitability and liquidity measure that provides useful information to management and investors about the amount of cash generated by the business after necessary capital expenditures A limitation of the utility of free cash flow as a measure of our financial performance and liquidity is that it does not represent the total increase or decrease in our cash balance for the period In addition it is important to note that other companies including companies in our industry may not use free cash flow may calculate free cash flow in a different manner than we do or may use other financial measures to evaluate their performance all of which could reduce the usefulness of free cash flow as a comparative measure A reconciliation of free cash flow to cash flow provided by operating activities the most directly comparable financial measure calculated and presented in accordance with U S GAAP is provided below
The following table summarizes our results of operations for the periods presented and as a percentage of our total revenue for those periods based on our consolidated statements of operations data The period to period comparison of results is not necessarily indicative of results for future periods
Our revenue consists of product revenue and subscription and support revenue Revenue is recognized upon transfer of control of the corresponding promised products and subscriptions and support to our customers in an amount that reflects the consideration we expect to be entitled to in exchange for those products and subscriptions and support We expect our revenue to vary from quarter to quarter based on seasonal and cyclical factors
Product revenue is derived from sales of hardware products primarily our ML Powered Next Generation Firewall and software licenses including SD WAN the VM Series and Panorama Our hardware products and software licenses include a broad set of built in networking and security features and functionalities We recognize product revenue at the time of hardware shipment or delivery of software license As a percentage of product revenue we expect our revenue from software licenses to vary from quarter to quarter and increase over the long term as we improve features and capabilities of our on premise software renew our software license contracts and expand our installed end customer base
Product revenue increased for fiscal 2025 compared to fiscal 2024 driven by an increase in price of and allocation to on premise software licenses due to enhanced features and capabilities beginning in the second quarter of fiscal 2025 and an increased demand for our new generation of hardware products and accessories partially offset by decreased demand for our prior generation of hardware products
Subscription and support revenue is derived primarily from sales of our subscription and support offerings Our subscription and support contracts are typically one to five years We recognize revenue from subscriptions and support over time as the services are performed As a percentage of total revenue we expect our subscription and support revenue to vary from quarter to quarter and increase over the long term as we introduce new subscriptions renew existing subscription and support contracts and expand our installed end customer base
Subscription and support revenue increased for fiscal 2025 compared to fiscal 2024 due to increased demand for our subscription and support offerings from our end customers The mix between subscription revenue and support revenue will fluctuate over time depending on the introduction of new subscription offerings renewals of support services and our ability to increase sales to new and existing end customers
Revenue from the Americas EMEA and APAC increased year over year for fiscal 2025 as we continued to increase investment in our global sales force in order to support our growth and innovation with the Americas contributing the highest increase in revenue due to its larger scale
Cost of product revenue primarily includes costs paid to our manufacturing partners for procuring components and manufacturing our products Our cost of product revenue also includes personnel costs which consist of salaries benefits bonuses share based compensation and travel associated with our operations organization inventory excess and obsolete charges shipping and tariff costs amortization of intellectual property licenses product testing costs and shared costs Shared costs consist of certain facilities depreciation benefits recruiting and information technology costs that we allocate based on headcount We expect our cost of product revenue to fluctuate with our revenue from hardware products
Cost of product revenue increased for fiscal 2025 compared to fiscal 2024 primarily due to an increase in inventory excess and obsolete charges and an increased demand for our new generation hardware products and accessories partially offset by a decreased demand for our prior generation of hardware products
Cost of subscription and support revenue includes personnel costs for our global customer support and technical operations organizations data center and cloud hosting service costs third party professional services costs amortization of acquired intangible assets and capitalized software development costs customer support and repair costs and shared costs We expect our cost of subscription and support revenue to increase as our installed end customer base grows and adoption of our cloud based subscription offerings increases
Cost of subscription and support revenue increased for fiscal 2025 compared to fiscal 2024 primarily due to increased costs to support the growth of our subscription and support offerings Cloud hosting service costs which support our cloud based subscription offerings increased 189 5 million for fiscal 2025 compared to fiscal 2024 Personnel costs grew 52 9 million for fiscal 2025 compared to fiscal 2024 primarily due to headcount growth The increase in cost of subscription and support revenue was further driven by increased professional services expense
Gross margin has been and will continue to be affected by a variety of factors including the introduction of new products manufacturing costs the average sales price of our products cloud hosting service costs personnel costs the mix of products sold and the mix of revenue between product and subscription and support offerings Our higher end firewall products generally have higher gross margins than our lower end firewall products within each product series We expect our gross margins to vary over time depending on the factors described above
Product gross margin decreased for fiscal 2025 compared to fiscal 2024 primarily due to unfavorable hardware product mix and an increase in inventory excess and obsolete charges partially offset by increased software revenue
Subscription and support gross margin decreased for fiscal 2025 compared to fiscal 2024 primarily due to an increase in costs related to our cloud based offerings partially offset by increased leverage of our global customer service organization
Our operating expenses consist of research and development sales and marketing and general and administrative expenses Personnel costs are the most significant component of operating expenses and consist of salaries benefits bonuses share based compensation travel and entertainment and with regard to sales and marketing expense sales commissions Our operating expenses also include shared costs which consist of certain facilities depreciation benefits recruiting and information technology costs that we allocate based on headcount to each department We expect operating expenses generally to increase in absolute dollars and to decrease over the long term as a percentage of revenue as we continue to scale our business As of July 31 2025 we expect to recognize approximately 2 2 billion of share based compensation expense over a weighted average period of approximately 2 5 years excluding additional share based compensation expense related to any future grants of share based awards Share based compensation expense is generally recognized on a straight line basis over the requisite service periods of the awards
Research and development expense consists primarily of personnel costs Research and development expense also includes prototype related expenses and shared costs We expect research and development expense to increase in absolute dollars as we continue to invest in our future products and services although our research and development expense may fluctuate as a percentage of total revenue
Research and development expense increased for fiscal 2025 compared to fiscal 2024 primarily due to increased personnel costs which grew 123 4 million for fiscal 2025 compared to fiscal 2024 largely due to headcount growth The increase in research and development expense was further driven by increased shared costs
Sales and marketing expense consists primarily of personnel costs including commission expense Sales and marketing expense also includes costs for market development programs promotional and other marketing costs professional services and shared costs We continue to strategically invest in headcount and have grown our sales presence We expect sales and marketing expense to continue to increase in absolute dollars as we increase the size of our sales and marketing organizations to grow our customer base increase touch points with end customers and expand our global presence although our sales and marketing expense may fluctuate as a percentage of total revenue
Sales and marketing expense increased for fiscal 2025 compared to fiscal 2024 primarily due to increased personnel costs which grew 263 6 million for fiscal 2025 compared to fiscal 2024 largely due to headcount growth
General and administrative expense consists primarily of personnel costs and shared costs for our executive finance human resources information technology and legal organizations and professional services costs which consist primarily of legal auditing accounting and other consulting costs General and administrative expense also includes change in fair value of contingent consideration liability We expect general and administrative expense to increase in absolute dollars over time as we increase the size of our general and administrative organizations and incur additional costs to support our business growth although our general and administrative expense may fluctuate as a percentage of total revenue
General and administrative expenses decreased for fiscal 2025 compared to fiscal 2024 primarily due to litigation related charges of 204 4 million in fiscal 2024 and a partial release of litigation related accrual of 38 8 million in fiscal 2025 We also recorded a gain of 135 3 million in fiscal 2025 for the change in fair value of the contingent consideration liability from our acquisition of certain IBM QRadar assets The decrease in general and administrative expense was partially offset by increased personnel costs which grew 153 2 million largely due to increased share based compensation
Interest expense primarily consists of interest expense related to our 0 75 Convertible Senior Notes due 2023 the 2023 Notes and our 0 375 Convertible Senior Notes due 2025 the 2025 Notes and together with 2023 Notes the Notes
Interest expense decreased for fiscal 2025 compared to fiscal 2024 primarily due to conversions of the 2025 Notes prior to or upon maturity in June 2025 Refer to Note 11 Debt in Part II Item 8 of this Annual Report on Form 10 K for more information on the Notes
Other income net increased for fiscal 2025 compared to fiscal 2024 primarily due to higher interest income as a result of higher average cash cash equivalents and investments balance for fiscal 2025 compared to fiscal 2024 The increase was further driven by increased gains from our non designated derivative instruments and investments partially offset by increased foreign currency exchange losses for fiscal 2025 compared to fiscal 2024
Provision for income taxes consists primarily of U S and foreign income taxes We had a benefit from income taxes during fiscal 2024 primarily due to the release of our valuation allowance on U S federal U S states other than California and U K deferred tax assets We continue to maintain a valuation allowance for California and certain deferred tax assets
Our provision for income taxes in fiscal 2025 was 461 8 million a net change of 2 1 billion compared to a benefit from income taxes of 1 6 billion in fiscal 2024 primarily due to the release of our valuation allowance in fiscal 2024 This is also the primary driver of the change in our effective tax rate for fiscal 2025 compared to fiscal 2024
During the year ended July 31 2025 we recorded a deferred tax provision of 218 5 million arising from the remeasurement of our basis differences associated with the U S tax effects of foreign deferred tax assets Our remeasurement is a result of the One Big Beautiful Bill Act OBBB enacted on July 4 2025 which provides for significant tax law changes and modifications including changes to the U S effective tax rates on certain foreign earnings Refer to Note 16 Income Taxes in Part II Item 8 of this Annual Report on Form 10 K for more information on OBBB
Current liabilities included net carrying amounts of convertible senior notes of 1 0 billion as of July 31 2024 Refer to Note 11 Debt in Part II Item 8 of this Annual Report on Form 10 K for information on the Notes
As of July 31 2025 our total cash cash equivalents and investments of 8 5 billion were held for general corporate purposes As of July 31 2025 we had no unremitted earnings when evaluating our outside basis difference relating to our U S investment in foreign subsidiaries However there could be local withholding taxes due to various foreign countries if certain lower tier earnings are distributed Withholding taxes that would be payable upon remittance of these lower tier earnings are not material
In June 2020 we issued the 2025 Notes with an aggregate principal amount of 2 0 billion The 2025 Notes were converted prior to or settled on the maturity date of June 1 2025 During fiscal 2025 we repaid in cash 965 6 million in aggregate principal amount of the 2025 Notes and issued 14 0 million shares of common stock to the holders for the conversion value in excess of the principal amount of the 2025 Notes converted which were fully offset by shares we received from our exercise of the associated note hedges
In April 2023 we entered into a credit agreement the Credit Agreement that provides for a 400 0 million unsecured revolving credit facility the Credit Facility with an option to increase the amount of the Credit Facility by up to an additional 350 0 million subject to certain conditions The interest rates and commitment fees are also subject to upward and downward adjustments based on our progress towards the achievement of certain sustainability goals As of July 31 2025 there were no amounts outstanding and we were in compliance with all covenants under the Credit Agreement Refer to Note 11 Debt in Part II Item 8 of this Annual Report on Form 10 K for more information on the Credit Agreement
In February 2019 our board of directors authorized a 1 0 billion share repurchase program Our board of directors subsequently authorized additional increases to this share repurchase program bringing the total authorization to 4 1 billion Repurchases will be funded from available working capital and may be made at management s discretion from time to time As of July 31 2025 1 0 billion remained available for future share repurchases under this repurchase program The repurchase authorization will expire on December 31 2025 and may be suspended or discontinued at any time without prior notice Refer to Note 14 Stockholders Equity in Part II Item 8 of this Annual Report on Form 10 K for more information on this repurchase program
We have entered into various non cancelable operating leases primarily for our offices and data centers with lease terms expiring through fiscal 2036 As of July 31 2025 we have total operating lease obligations of 417 4 million recorded on our consolidated balance sheet
As of July 31 2025 our commitments to purchase products components cloud hosting and other services totaled 7 1 billion Refer to Note 13 Commitments and Contingencies in Part II Item 8 of this Annual Report on Form 10 K for more information on these commitments
Our acquisition of certain IBM QRadar assets on August 31 2024 included contingent consideration that requires potential future payments through the fiscal quarter ending October 2028 As of July 31 2025 we have total contingent consideration obligation of 513 6 million recorded on our consolidated balance sheet Refer to Note 3 Fair Value Measurements and Note 8 Acquisitions in Part II Item 8 of this Annual Report on Form 10 K for more information on our contingent consideration obligation
On July 30 2025 we entered into a definitive agreement to acquire CyberArk The acquisition is expected to close during the second half of our fiscal 2026 subject to the satisfaction of customary closing conditions Under the terms of the definitive agreement CyberArk shareholders will receive 45 00 in cash and 2 2005 shares of our common stock for each CyberArk share This represents an equity value for CyberArk of approximately 25 billion based on the unaffected 10 day average daily volume weighted average trading prices of our common stock as of July 25 2025 We expect to fund the cash portion of the consideration with our cash on hand Refer to Part I Item 1A Risk Factors in this Form 10 K and Note 8 Acquisitions in Part II Item 8 of this Annual Report on Form 10 K for more information on the acquisition
Cash from operations could be affected by various risks and uncertainties detailed in Part I Item 1A Risk Factors in this Form 10 K We believe that our cash flow from operations with existing cash and cash equivalents will be sufficient to meet our anticipated cash needs for at least the next 12 months and thereafter for the foreseeable future Our future capital requirements will depend on many factors including our growth rate the timing and extent of spending to support development efforts the expansion of sales and marketing activities the introduction of new and enhanced products and subscription and support offerings the costs to acquire or invest in complementary businesses and technologies the costs to ensure access to adequate manufacturing capacity the investments in our infrastructure to support the adoption of our cloud based subscription offerings the continuing market acceptance of our products and subscription and support offerings and macroeconomic events In addition from time to time we may incur additional tax liability in connection with certain corporate structuring decisions
We may also choose to seek additional equity or debt financing In the event that additional financing is required from outside sources we may not be able to raise it on terms acceptable to us or at all If we are unable to raise additional capital when desired our business operating results and financial condition may be adversely affected
Our operating activities have consisted of net income adjusted for certain non cash items and changes in assets and liabilities Our largest source of cash provided by our operations is receipts from our customers Net cash provided by operating activities can be impacted by factors such as timing of payments and collections vendor payment terms and timing and amount of tax payments
Cash provided by operating activities during fiscal 2025 was 3 7 billion an increase of 458 4 million compared to fiscal 2024 The increase was primarily due to growth of our business as reflected by increases in collections during fiscal 2025 partially offset by higher cash expenditure to support our business growth
Cash used in investing activities during fiscal 2025 was 2 2 billion an increase of 694 8 million compared to fiscal 2024 The increase was primarily due to an increase in net cash payments for business acquisitions and higher purchases of investments during fiscal 2025
Our financing activities have consisted of repayments of our convertible senior notes cash used to repurchase shares of our common stock proceeds from sales of shares through employee equity incentive plans and payments for tax withholding obligations of certain employees related to the net share settlement of equity awards
Cash used in financing activities during fiscal 2025 was 778 9 million a decrease of 564 2 million compared to fiscal 2024 The decrease was primarily due to a decrease in cash used to repurchase our common stock which did not recur during fiscal 2025
Our consolidated financial statements have been prepared in accordance with U S GAAP The preparation of these consolidated financial statements requires us to make estimates and assumptions that affect the reported amounts of assets liabilities revenue expenses and related disclosures We base our estimates on historical experience and on various other assumptions that we believe are reasonable under the circumstances We evaluate our estimates and assumptions on an ongoing basis Actual results could differ materially from those estimates due to risks and uncertainties including uncertainty in the current economic environment To the extent that there are material differences between these estimates and our actual results our future consolidated financial statements will be affected
We believe that of our significant accounting policies described in Note 1 Description of Business and Summary of Significant Accounting Policies in Part II Item 8 of this Annual Report on Form 10 K the critical accounting estimates assumptions and judgments that have the most significant impact on our consolidated financial statements are described below
The majority of our contracts with our customers include various combinations of our products and subscriptions and support Our hardware products and software licenses are distinct from our subscriptions and support services as the customer can benefit from the product without these services and such services are separately identifiable within the contract We account for multiple agreements with a single customer as a single contract if the contractual terms and or substance of those agreements indicate that they may be so closely related that they are in effect parts of a single contract The amount of consideration we expect to receive in exchange for delivering on the contract is allocated to each performance obligation based on its relative standalone selling price
When estimating standalone selling price we first consider the prices charged for a deliverable when sold separately If the standalone selling price is not observable through past transactions we estimate it based on our pricing model and our go to market strategy which include factors such as type of sales channel channel partner or end customer the geographies in which our offerings were sold domestic or international and offering type products subscriptions or support As our business offerings evolve over time we may be required to modify our estimated standalone selling prices and as a result the timing and classification of our revenue could be affected
We account for income taxes using the asset and liability method which requires the recognition of deferred tax assets and liabilities for the expected future tax consequences of events that have been recognized in our consolidated financial statements or tax returns In addition deferred tax assets are recorded for all future benefits including but not limited to net operating losses research and development credit carryforwards and basis differences relating to our global intangible low taxed income Valuation allowances are provided when necessary to reduce deferred tax assets to the amount more likely than not to be realized
Significant judgment is required in determining any valuation allowance recorded against deferred tax assets In assessing the need for a valuation allowance we consider all available evidence including past operating results estimates of future taxable income and the feasibility of tax planning strategies In the event that we change our determination as to the amount of deferred tax assets that can be realized we will adjust our valuation allowance with a corresponding impact to the provision for income taxes in the period in which such determination is made
We recognize liabilities for uncertain tax positions based on a two step process which includes evaluating if a tax position is more likely than not to be sustained on audit and then measuring the tax benefit as the largest amount that is more likely than not to be realized upon ultimate settlement Assumptions judgment and the use of estimates are required in determining if the more likely than not standard has been met and in determining the expected benefit when developing the provision for income taxes Our evaluations are based upon a number of factors including changes in facts or circumstances changes in tax law or guidance correspondence with tax authorities during the course of audits and effective settlement of audit issues Changes in these or other factors could result in material increases or decreases in our provision for benefit from income taxes in the period in which we make the change
We are subject to the possibility of various loss contingencies arising in the ordinary course of business We accrue for loss contingencies when it is probable that an asset has been impaired or a liability has been incurred and the amount of loss can be reasonably estimated If we determine that a loss is reasonably possible then we disclose the possible loss or range of the possible loss or state that such an estimate cannot be made We regularly evaluate current information available to us to determine whether an accrual is required an accrual should be adjusted or a range of possible loss should be disclosed
From time to time we are involved in disputes litigation and other legal actions However there are many uncertainties associated with any litigation and these actions or other third party claims against us may cause us to incur substantial settlement charges which are inherently difficult to estimate and could adversely affect our results of operations The actual liability in any such matters may be materially different from our estimates which could result in the need to adjust our liability and record additional expenses Refer to the Litigation subheading in Note 13 Commitments and Contingencies in Part II Item 8 of this Annual Report on Form 10 K for more information regarding our litigation
We make significant estimates assumptions and judgments when valuing assets acquired and liabilities assumed especially with respect to purchased intangible assets in connection with the initial purchase price allocation of an acquired business Critical estimates in valuing certain purchased intangible assets include but are not limited to cash flows that an asset is expected to generate in the future discount rates the time and expense that would be necessary to recreate the assets and the profit margin a market participant would receive on such recreated assets The amounts and useful lives assigned to identified intangible assets impact the amount and timing of future amortization expense
One of our business combinations has included post closing payments contingent upon the occurrence of future events and or certain conditions being met Critical estimates used in valuing our contingent consideration obligation include but are not limited to estimated future cash payments related to customers entering into qualified new transactions and risk adjusted discount rates used to present value the expected cash flows These estimates and assumptions are updated to revalue our contingent consideration liability at the end of each reporting period Accordingly subsequent changes in underlying facts and circumstances could result in changes in these estimates and assumptions which could have a material impact on the estimated future fair values of these obligations
Refer to Recently Adopted Accounting Pronouncement and Recently Issued Accounting Pronouncements in Note 1 Description of Business and Summary of Significant Accounting Policies in Part II Item 8 of this Annual Report on Form 10 K for a description of recent accounting pronouncements and our expectation of their impact if any on our results of operations and financial condition
Our sales contracts are primarily denominated in U S dollars A portion of our operating expenditures are denominated in foreign currencies making them subject to fluctuations in foreign currency exchange rates Additionally fluctuations in foreign currency exchange rates may cause us to recognize transaction gains and losses in our statement of operations Foreign currency remeasurement gains and losses and foreign currency transaction gains and losses have not had a significant impact to our consolidated financial statements
We enter into foreign currency derivative contracts with maturities of 24 months or less which we designate as cash flow hedges to manage the foreign currency exchange risk associated with our revenue and operating expenditures We also enter into foreign currency derivative contracts that are not designated as hedging instruments to hedge a portion of our outstanding monetary assets and liabilities denominated in foreign currencies These foreign currency derivative contracts reduce but do not entirely eliminate the effect of foreign exchange rate fluctuations
A hypothetical 10 change in foreign exchange rates on monetary assets and liabilities would not be material to our financial condition or results of operations after taking into consideration the effect of foreign currency forward contracts in place as of July 31 2025 The effectiveness of our existing hedging transactions and the availability and effectiveness of any hedging transactions we may decide to enter into in the future may be limited and we may not be able to successfully hedge our exposure which could adversely affect our financial condition and results of operations Refer to Note 6 Derivative Instruments in Part II Item 8 of this Annual Report on Form 10 K for more information
As our international operations grow our risks associated with fluctuations in foreign currency exchange rates will become greater and we will continue to reassess our approach to managing this risk In addition a weakening U S dollar can increase the costs of our international expansion and a strengthening U S dollar can increase the real cost of our products and services to our end customers outside of the United States leading to delays in the purchase of our products and services For additional information see the risk factor entitled
The primary objectives of our investment activities are to preserve principal provide liquidity and maximize income without significantly increasing risk Most of the securities we invest in are subject to interest rate risk To minimize this risk we maintain a diversified portfolio of cash cash equivalents and investments consisting only of investment grade securities To assess the interest rate risk we performed a sensitivity analysis to determine the impact a change in interest rates would have on the value of the investment portfolio Based on investment positions as of July 31 2025 a hypothetical 100 basis point increase in interest rates across all maturities would result in a 132 3 million decline in the fair market value of the portfolio Such losses would only be realized if we sold the investments prior to maturity Conversely a hypothetical 100 basis point decrease in interest rates would lead to a 134 7 million increase in the fair market value of the portfolio
We have audited the accompanying consolidated balance sheets of Palo Alto Networks Inc the Company as of July 31 2025 and 2024 the related consolidated statements of operations comprehensive income stockholders equity and cash flows for each of the three years in the period ended July 31 2025 and the related notes collectively referred to as the consolidated financial statements In our opinion the consolidated financial statements present fairly in all material respects the financial position of the Company at July 31 2025 and 2024 and the results of its operations and its cash flows for each of the three years in the period ended July 31 2025 in conformity with U S generally accepted accounting principles
We also have audited in accordance with the standards of the Public Company Accounting Oversight Board United States PCAOB the Company s internal control over financial reporting as of July 31 2025 based on criteria established in Internal Control Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission 2013 framework and our report dated August 29 2025 expressed an unqualified opinion thereon
These financial statements are the responsibility of the Company s management Our responsibility is to express an opinion on the Company s financial statements based on our audits We are a public accounting firm registered with the PCAOB and are required to be independent with respect to the Company in accordance with the U S federal securities laws and the applicable rules and regulations of the Securities and Exchange Commission and the PCAOB
We conducted our audits in accordance with the standards of the PCAOB Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement whether due to error or fraud Our audits included performing procedures to assess the risks of material misstatement of the financial statements whether due to error or fraud and performing procedures that respond to those risks Such procedures included examining on a test basis evidence regarding the amounts and disclosures in the financial statements Our audits also included evaluating the accounting principles used and significant estimates made by management as well as evaluating the overall presentation of the financial statements We believe that our audits provide a reasonable basis for our opinion
The critical audit matters communicated below are matters arising from the current period audit of the financial statements that were communicated or required to be communicated to the audit committee and that 1 relate to accounts or disclosures that are material to the financial statements and 2 involved our especially challenging subjective or complex judgments The communication of critical audit matters does not alter in any way our opinion on the consolidated financial statements taken as a whole and we are not by communicating the critical audit matters below providing separate opinions on the critical audit matters or on the accounts or disclosures to which they relate
As described in Note 1 to the consolidated financial statements the Company s contracts with customers sometimes contain multiple performance obligations which are accounted for separately if they are distinct In such cases the transaction price is then allocated to the distinct performance obligations on a relative standalone selling price basis and revenue is recognized when control of the distinct performance obligation is transferred For example product revenue is recognized at the time of hardware shipment or delivery of software license and subscription and support revenue is recognized over time as the services are performed
Auditing the Company s revenue recognition was complex including the identification and determination of distinct performance obligations and the timing of revenue recognition For example there were certain customer arrangements with nonstandard terms and conditions that required judgment to determine the distinct performance obligations and the impact on the timing of revenue recognition
We obtained an understanding evaluated the design and tested the operating effectiveness of the Company s process and controls to identify and determine the distinct performance obligations and the timing of revenue recognition
To test the identification and determination of the distinct performance obligations and the timing of revenue recognition our audit procedures included among others reading the executed contract and other contractual documents to understand the contract identifying the performance obligation s determining the distinct performance obligations and evaluating the timing of revenue recognition for a sample of individual sales transactions We evaluated the accuracy of the Company s contract summary documentation specifically related to the identification and determination of distinct performance obligations and the timing of revenue recognition
As described in Note 8 to the consolidated financial statements the Company completed the acquisition of certain IBM QRadar assets on August 31 2024 for which the purchase consideration included contingent consideration The Company has determined the fair value of contingent consideration liability to be 513 6 million as of July 31 2025 using a discounted cash flow valuation technique including an estimate of future cash payments related to customers entering into qualified new transactions with the Company as well as a risk adjusted discount rate used to present value the expected cash flows
Auditing the Company s accounting for contingent consideration liability was complex due to estimation uncertainty in the Company s determination of the fair value due to the significant assumption about customer transactions that will qualify for cash payments under the arrangement The significant assumption is forward looking dependent upon customer behavior and could be affected by various factors including future economic and market conditions
We obtained an understanding evaluated the design and tested the operating effectiveness of the Company s process and controls to estimate fair value of the contingent consideration liability We also tested controls regarding management s review of assumptions used in the valuation model
To test the estimated fair value of this contingent consideration liability our audit procedures included among others assessing the valuation methodology with the assistance of a valuation specialist and testing the significant assumption about customer transactions that will qualify for cash payments under the arrangement and the completeness and accuracy of the underlying data used by the Company We also performed a sensitivity analysis to evaluate the changes in the fair value of this contingent consideration liability that would result from changes in the significant assumption We also considered whether the assumption was consistent with evidence obtained in other areas of the audit
We have audited Palo Alto Networks Inc s internal control over financial reporting as of July 31 2025 based on criteria established in Internal Control Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission 2013 framework the COSO criteria In our opinion Palo Alto Networks Inc the Company maintained in all material respects effective internal control over financial reporting as of July 31 2025 based on the COSO criteria
We also have audited in accordance with the standards of the Public Company Accounting Oversight Board United States PCAOB the consolidated balance sheets of the Company as of July 31 2025 and 2024 the related consolidated statements of operations comprehensive income stockholders equity and cash flows for each of the three years in the period ended July 31 2025 and the related notes and our report dated August 29 2025 expressed an unqualified opinion thereon
The Company s management is responsible for maintaining effective internal control over financial reporting and for its assessment of the effectiveness of internal control over financial reporting included in the accompanying Management s Annual Report on Internal Control over Financial Reporting Our responsibility is to express an opinion on the Company s internal control over financial reporting based on our audit We are a public accounting firm registered with the PCAOB and are required to be independent with respect to the Company in accordance with the U S federal securities laws and the applicable rules and regulations of the Securities and Exchange Commission and the PCAOB
We conducted our audit in accordance with the standards of the PCAOB Those standards require that we plan and perform the audit to obtain reasonable assurance about whether effective internal control over financial reporting was maintained in all material respects
Our audit included obtaining an understanding of internal control over financial reporting assessing the risk that a material weakness exists testing and evaluating the design and operating effectiveness of internal control based on the assessed risk and performing such other procedures as we considered necessary in the circumstances We believe that our audit provides a reasonable basis for our opinion
A company s internal control over financial reporting is a process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles A company s internal control over financial reporting includes those policies and procedures that 1 pertain to the maintenance of records that in reasonable detail accurately and fairly reflect the transactions and dispositions of the assets of the company 2 provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles and that receipts and expenditures of the company are being made only in accordance with authorizations of management and directors of the company and 3 provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition use or disposition of the company s assets that could have a material effect on the financial statements
Because of its inherent limitations internal control over financial reporting may not prevent or detect misstatements Also projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions or that the degree of compliance with the policies or procedures may deteriorate
Palo Alto Networks Inc the Company we us or our headquartered in Santa Clara California was incorporated in March 2005 under the laws of the State of Delaware and commenced operations in April 2005 Our cybersecurity platforms and services help enterprises organizations service providers and government entities to secure their users networks clouds and endpoints by delivering comprehensive cybersecurity backed by artificial intelligence and automation
The accompanying consolidated financial statements have been prepared in conformity with U S generally accepted accounting principles U S GAAP The consolidated financial statements include all adjustments necessary for a fair presentation of our annual results All adjustments are of a normal recurring nature
The preparation of consolidated financial statements in conformity with U S GAAP requires management to make estimates and assumptions that affect the amounts reported and disclosed in the consolidated financial statements and the accompanying notes We evaluate our estimates on an ongoing basis Management estimates include but are not limited to the standalone selling price for our products and services share based compensation fair value of assets acquired and liabilities assumed in business combinations fair value of our contingent consideration liability the assessment of recoverability of our intangibles and goodwill valuation allowance against deferred tax assets valuation of inventory and manufacturing partner and supplier liabilities deferred contract costs benefit period and loss contingencies We base our estimates on assumptions both historical and forward looking that we believe are reasonable Actual results could differ materially from those estimates due to risks and uncertainties
On December 12 2024 we effected a two for one stock split of our outstanding shares of common stock through an amendment to our restated certificate of incorporation Stock Split which also effected a proportionate increase in the number of authorized shares of our common stock from 1 0 billion to 2 0 billion The par value per share of our common stock remains unchanged at 0 0001 per share after the Stock Split All references made to share or per share amounts related to our common stock have been retroactively adjusted on the accompanying consolidated financial statements and applicable disclosures to reflect the effects of the Stock Split
We invest only in high quality credit instruments and our cash and cash equivalents and available for sale investments consist primarily of fixed income securities held at large diverse financial institutions to reduce the credit risk exposure to any single financial institution Deposits held with banks may exceed the amount of insurance provided on such deposits
Our derivative contracts expose us to credit risk to the extent that the counterparties are unable to meet the terms of the arrangement We mitigate credit risk by transacting with multiple major financial institutions with high credit ratings and also enter into master netting arrangements which permit net settlement of transactions with the same counterparty We are not required to pledge and are not entitled to receive cash collateral related to these derivative instruments We do not enter into derivative contracts for trading or speculative purposes
Our accounts receivable are primarily derived from our distributors in various geographical locations Our financing receivables are with qualified end customers and channel partners We perform ongoing credit evaluations and generally do not require collateral on accounts receivable or financing receivables
As of July 31 2025 three distributors individually represented 10 or more of our gross accounts receivable and in the aggregate represented 44 8 of our gross accounts receivable As of July 31 2025 no end customers or channel partners represented 10 or more of our gross financing receivables
For fiscal 2025 three distributors represented 10 or more of our total revenue representing 18 8 14 4 and 11 0 respectively No single end customer accounted for more than 10 of our total revenue in fiscal 2025 2024 or 2023
Comprehensive income is comprised of net income and other comprehensive income Our other comprehensive income includes unrealized gains and losses on available for sale investments and unrealized gains and losses on cash flow hedges net of tax effects
The functional currency of our foreign subsidiaries is the U S dollar Monetary assets and liabilities denominated in foreign currencies have been remeasured into U S dollars using the exchange rates in effect at the balance sheet dates Foreign currency remeasurement gains and losses and foreign currency transaction gains and losses are not significant to the consolidated financial statements
We define fair value as the price that would be received from selling an asset or paid to transfer a liability in an orderly transaction between market participants at the measurement date When determining the fair value measurements for assets and liabilities which are required to be recorded at fair value we consider the principal or most advantageous market in which to transact and the market based risk
We categorize assets and liabilities recorded or disclosed at fair value on our consolidated balance sheets based upon the level of judgment associated with inputs used to measure their fair value The categories are as follows
Level 2 Inputs are quoted prices for similar assets and liabilities in active markets or inputs that are observable for the assets or liabilities either directly or indirectly through market corroboration for substantially the full term of the financial instruments
Our financial assets and liabilities that are measured at fair value on a recurring basis include marketable securities derivative financial instruments and contingent consideration liability Goodwill intangible assets and other long lived assets are measured at fair value on a nonrecurring basis only if impairment is indicated Certain certificates of deposit time deposits and overnight sweep accounts recorded in cash and cash equivalents and short term investments are stated at their carrying amounts which approximate fair value due to their short maturities The carrying amounts of accounts receivable accounts payable and accrued liabilities approximate fair value due to their short term nature
We consider all highly liquid investments with original maturities of three months or less at the date of purchase to be cash equivalents Investments not considered cash equivalents and with maturities of one year or less from the consolidated balance sheet date are classified as short term investments Investments with maturities greater than one year from the consolidated balance sheet date are classified as long term investments
We determine the classification of our investments in marketable debt securities at the time of purchase and reevaluate such determination at each balance sheet date Our marketable debt securities are classified as available for sale Debt securities in an unrealized loss position are written down to its fair value with the corresponding charge recorded in other income net on our consolidated statements of operations if it is more likely than not that we will be required to sell the impaired security before recovery of its amortized cost basis or we have the intention to sell the security If neither of these conditions are met we determine whether a credit loss exists by comparing the present value of the expected cash flows of the security with its amortized cost basis An allowance for credit losses is recorded in other income net on our consolidated statements of operations for an amount not to exceed the unrealized loss Unrealized losses that are not credit related are included in accumulated other comprehensive income loss AOCI in stockholders equity
Trade accounts receivable are recorded at the invoiced amount net of allowances for credit losses The allowance for credit losses is based on our assessment of collectability Management regularly reviews the adequacy of the allowance for credit losses on a collective basis by considering the age of each outstanding invoice each customer s expected ability to pay and collection history current market conditions and where appropriate reasonable and supportable forecasts of future economic conditions Accounts receivable deemed uncollectible are charged against the allowance for credit losses For the years ended July 31 2025 2024 and 2023 the allowance for credit losses activity was not significant
We provide financing arrangements for certain qualified end customers and channel partners to purchase our products and services Payment terms on these financing arrangements are generally two to five years Financing receivables are recorded at amortized cost which approximates fair value As part of our financing credit risk management policy we may sell financing receivables with an internal risk rating of 5 or greater on a non recourse basis to third party financial institutions when the outstanding balance of our financing receivables exceeds preestablished thresholds The financing receivables are derecognized upon sale as these transactions qualify as true sales We classify the proceeds from these sales as cash flows from operating activities on our consolidated statements of cash flows
We evaluate the allowance for credit losses by assessing the risks and losses inherent in our financing receivables on either an individual or a collective basis Our assessment considers various factors including lifetime expected losses determined using customer risk profile current economic conditions that may affect a customer s ability to pay and forward looking economic considerations Financing receivables deemed uncollectible are charged against the allowance for credit losses
We are exposed to foreign currency exchange risk which we manage through the use of derivative financial instruments Our derivative financial instruments are recorded at fair value on a gross basis as either assets or liabilities on our consolidated balance sheets
Our sales contracts are primarily denominated in U S dollars A portion of our operating expenditures are denominated in foreign currencies making them subject to fluctuations in foreign currency exchange rates We enter into foreign currency derivative contracts with maturities of 24 months or less which we designate as cash flow hedges to manage the foreign currency exchange risk associated with our revenue and operating expenditures Gains and losses related to the effective portion of our cash flow hedges are recorded as a component of AOCI on our consolidated balance sheets and are reclassified into the financial statement line item associated with the underlying hedged transaction on our consolidated statements of operations when the underlying hedged transaction is recognized in earnings In the event the underlying hedged transaction does not occur or it becomes probable that it will not occur within the defined hedge period the gains or losses on the related cash flow hedges are recognized in other income net on our consolidated statements of operations Cash flows from foreign currency derivative contracts designated as cash flow hedges are classified on our consolidated statements of cash flows in the same manner as the underlying hedged transaction primarily within cash flows from operating activities
We also enter into foreign currency derivative contracts to hedge a portion of our outstanding monetary assets and liabilities denominated in foreign currencies These derivatives are not designated as hedging instruments for accounting purposes and the related gains and losses are recorded in other income net on our consolidated statements of operations
Inventory consists primarily of raw materials and service related spares and is stated at the lower of average cost and net realizable value Inventory is included in prepaid expenses and other current assets on our consolidated balance sheets Inventory that is obsolete or in excess of forecasted demand is written down to its estimated realizable value Once inventory has been written down a new lower cost basis for that inventory is established
We outsource most of our manufacturing repair and supply chain management operations to our EMS provider and payments to it are a significant portion of our cost of product revenue Although we are contractually obligated to purchase manufactured products and components we generally do not own the components and manufactured products Product title transfers from our EMS provider to us and immediately to our customers upon shipment We record a liability for manufacturing purchase commitments in excess of our forecasted demand
We use consistent demand forecasts for our valuation of excess and obsolete inventory and manufacturing partner and supplier liabilities These forecasts are based upon historical trends and analysis adjusted for overall market conditions Inventory write downs and excess manufacturing purchase commitment charges are included in cost of product revenue on our consolidated statements of operations
Property and equipment are stated at cost less accumulated depreciation Depreciation is computed using the straight line method over the estimated useful lives of the assets Land is not depreciated The estimated useful lives of our depreciable assets are as follows
We include the results of operations of the businesses that we acquire as of the respective dates of acquisition We allocate the fair value of the purchase price of our acquisitions to the assets acquired and liabilities assumed including contingent consideration generally based on their estimated fair values The excess of the purchase price over the fair values of these identifiable assets and liabilities is recorded as goodwill Additional information existing as of the acquisition date but unknown to us may become known during the remainder of the measurement period not to exceed 12 months from the acquisition date which may result in changes to the amounts and allocations recorded
Contingent consideration obligation incurred in connection with a business combination is recorded at fair value on the acquisition date and remeasured at each subsequent reporting period until the related contingencies have been resolved with the change in fair value recognized in general and administrative expense on our consolidated statements of operations Payments not made soon after the acquisition date to settle a contingent consideration liability are classified as cash flows from financing activities up to the amount of the contingent consideration liability recognized at the acquisition date
Goodwill is evaluated for impairment on an annual basis in the fourth quarter of our fiscal year and whenever events or changes in circumstances indicate the carrying amount of goodwill may not be recoverable We have elected to first assess qualitative factors to determine whether it is more likely than not that the fair value of our single reporting unit is less than its carrying amount including goodwill If we determine that it is more likely than not that the fair value is less than its carrying amount then the quantitative impairment test will be performed Under the quantitative impairment test if the carrying amount exceeds its fair value we will recognize an impairment loss in an amount equal to that excess but limited to the total amount of goodwill
We evaluate events and changes in circumstances that could indicate carrying amounts of purchased intangible assets and other long lived assets may not be recoverable When such events or changes in circumstances occur we assess the recoverability of an asset or asset group by determining whether or not the carrying amount will be recovered through undiscounted expected future cash flows If the total of the future undiscounted cash flows is less than the carrying amount of an asset or asset group we record an impairment loss for the amount by which the carrying amount exceeds the fair value of the asset or asset group
Our convertible senior notes were fully settled upon maturity as of July 31 2025 Prior to settlement our convertible senior notes were accounted for as a liability and measured at their amortized cost Transaction costs related to the issuance of the notes were netted with the liability and were amortized on a straight line basis which approximates the effective interest rate method to interest expense over the term of the notes
Our revenue consists of product revenue and subscription and support revenue Revenue is recognized when control of promised products subscriptions and support services are transferred to customers in an amount that reflects the expected consideration in exchange for those products and services
Product revenue is derived from sales of our hardware products and software licenses Our hardware products and software licenses include a broad set of built in networking and security features and functionalities We recognize product revenue at the time of hardware shipment or delivery of software license
Subscription and support revenue is derived primarily from sales of our subscription and support offerings We recognize subscription and support revenue over time as the services are performed Our contractual subscription and support contracts are typically one to five years
The majority of our contracts with our customers include various combinations of our products and subscriptions and support Our hardware products and software licenses are distinct from our subscriptions and support services as the customer can benefit from the product without these services and such services are separately identifiable within the contract We account for multiple agreements with a single customer as a single contract if the contractual terms and or substance of those agreements indicate that they may be so closely related that they are in effect parts of a single contract The amount of consideration we expect to receive in exchange for delivering on the contract is allocated to each performance obligation based on its relative standalone selling price
When estimating standalone selling price we first consider the prices charged for a deliverable when sold separately If the standalone selling price is not observable through past transactions we estimate it based on our pricing model and our go to market strategy which include factors such as type of sales channel channel partner or end customer the geographies in which our offerings were sold domestic or international and offering type products subscriptions or support
We record deferred revenue when customers are invoiced or cash payments are received in advance of our performance Our payment terms typically require payment within 30 to 45 days of the date we issue an invoice The current portion of deferred revenue represents the amounts that are expected to be recognized as revenue within one year of the consolidated balance sheet date
We defer contract costs that are recoverable and incremental to obtaining customer sales contracts Contract costs which primarily consist of sales commissions are amortized on a systematic basis that is consistent with the transfer to the customer of the goods or services to which the asset relates Certain sales commissions for initial contracts are not commensurate with the commissions for renewal contracts given the substantive difference in commission rates in proportion to their respective contract values Sales commissions for initial contracts that are not commensurate are amortized over a benefit period of five years The benefit period is determined by taking into consideration contract length expected renewals technology life and other quantitative and qualitative factors Sales commissions for initial contracts that are commensurate and sales commissions for renewal contracts are amortized over the related contractual period
We classify deferred contract costs as short term or long term based on when we expect to recognize the expense The amortization of deferred contract costs is included in sales and marketing expense on our consolidated statements of operations Deferred contract costs are periodically reviewed for impairment We did not recognize any impairment losses on our deferred contract costs during the years ended July 31 2025 2024 or 2023
Internally developed software includes security software developed to deliver our cloud based subscription offerings to our end customers We capitalize internal compensation related costs and external direct costs incurred during the application development stage and amortize these costs over a useful life of three years As of July 31 2025 and 2024 we capitalized as other assets on our consolidated balance sheets 167 3 million and 129 2 million in costs respectively net of accumulated amortization for security software developed to deliver our cloud based subscription offerings We recognized amortization expense of 82 7 million 77 2 million and 79 5 million related to these capitalized costs as cost of subscription and support revenue on our consolidated statements of operations during the years ended July 31 2025 2024 and 2023 respectively
The costs to develop software that is marketed externally have not been capitalized as we believe our current software development process is essentially completed concurrent with the establishment of technological feasibility As such all related software development costs are expensed as incurred and included in research and development expense on our consolidated statements of operations
Compensation expense related to share based transactions is measured at fair value on the grant date We recognize share based compensation expense for awards with only service conditions on a straight line basis over the requisite service period We recognize share based compensation expense for awards with market conditions and awards with performance conditions on a straight line basis over the requisite service period for each separately vesting tranche of the award We recognize share based compensation expense for awards with performance conditions when it is probable that the performance condition will be achieved We account for forfeitures of all share based payment awards when they occur
We determine if an arrangement is a lease at inception We evaluate the classification of leases at commencement and as necessary at modification Operating lease related balances are included in operating lease right of use assets accrued and other liabilities and long term operating lease liabilities on our consolidated balance sheets We did not have any material finance leases in any of the periods presented
Operating lease right of use assets represent our right to use an underlying asset for the lease term Operating lease liabilities represent our obligation to make payments arising from the lease Operating lease right of use assets and liabilities are recognized at the present value of the future lease payments at the lease commencement date The interest rate used to determine the present value of the future lease payments is our incremental borrowing rate because the interest rates implicit in our leases are not readily determinable Our incremental borrowing rate is estimated to approximate the interest rate on a collateralized basis with similar terms and payments and in similar economic environments Operating lease right of use assets also include adjustments related to lease incentives prepaid or accrued rent and initial direct lease costs Operating lease right of use assets are subject to evaluation for impairment or disposal on a basis consistent with other long lived assets
Our lease terms may include periods under options to extend or terminate the lease when it is reasonably certain that we will exercise that option We generally use the base non cancelable lease term when determining our operating lease right of use assets and lease liabilities Operating lease costs are recognized on a straight line basis over the lease term
We account for lease and non lease components as a single lease component and do not recognize right of use assets and lease liabilities for leases with a term of 12 months or less Payments under our lease arrangements are primarily fixed however certain lease agreements contain variable payments which are expensed as incurred and not included in operating lease right of use assets and liabilities Our variable lease payments primarily consist of real estate taxes common area maintenance charges and insurance costs
We account for income taxes using the asset and liability method which requires the recognition of deferred tax assets and liabilities for the expected future tax consequences of events that have been recognized in our consolidated financial statements or tax returns In addition deferred tax assets are recorded for all future benefits including but not limited to net operating losses research and development credit carryforwards and basis differences relating to our global intangible low taxed income Valuation allowances are provided when necessary to reduce deferred tax assets to the amount more likely than not to be realized
Significant judgment is required in determining any valuation allowance recorded against deferred tax assets In assessing the need for a valuation allowance we consider all available evidence including past operating results estimates of future taxable income and the feasibility of tax planning strategies In the event that we change our determination as to the amount of deferred tax assets that can be realized we will adjust our valuation allowance with a corresponding impact to the provision for income taxes in the period in which such determination is made
We recognize liabilities for uncertain tax positions based on a two step process which includes evaluating if a tax position is more likely than not to be sustained on audit and then measuring the tax benefit as the largest amount that is more likely than not to be realized upon ultimate settlement
We are subject to the possibility of various loss contingencies arising in the ordinary course of business In determining loss contingencies we consider the likelihood of loss or impairment of an asset or the incurrence of a liability as well as our ability to reasonably estimate the amount of loss An estimated loss contingency is accrued when it is probable that an asset has been impaired or a liability has been incurred and the amount of loss can be reasonably estimated If we determine that a loss is reasonably possible then we disclose the possible loss or range of the possible loss or state that such an estimate cannot be made We regularly evaluate current information available to us to determine whether an accrual is required an accrual should be adjusted or a range of possible loss should be disclosed
In November 2023 the Financial Accounting Standards Board FASB issued authoritative guidance that expands annual and interim disclosure requirements for reportable segments primarily through enhanced disclosures about significant segment expenses We adopted the standard in our fourth quarter of fiscal 2025 Refer to Note 19 Segment Information for more details
In December 2023 the FASB issued authoritative guidance that requires consistent categories and greater disaggregation of information in the effective tax rate reconciliation and additional disclosures of income taxes paid by jurisdiction The standard is effective for our fiscal 2026 and could be applied either prospectively or retrospectively We are currently evaluating the impact of this standard on our disclosures in the consolidated financial statements
In November 2024 the FASB issued authoritative guidance that expands annual and interim disclosure of specified information about certain costs and expenses in the notes to financial statements The standard is effective for our annual period in fiscal 2028 and interim period in our first quarter of fiscal 2029 and could be applied either prospectively or retrospectively Early adoption is permitted We are currently evaluating the impact of this standard on our disclosures in the consolidated financial statements
In July 2025 the FASB issued authoritative guidance that provides a practical expedient for estimating expected credit losses on accounts receivable and contract assets The standard is effective for us in our first quarter of fiscal 2027 and will be applied on a prospective basis Early adoption is permitted We are currently evaluating the impact of this standard on our consolidated financial statements
The fair value of our contingent consideration liability is estimated using a discounted cash flow valuation technique We consider the fair value of our contingent consideration liability to be a Level 3 measurement as we use unobservable inputs in determining discounted cash flows to estimate the fair value The significant unobservable inputs include an estimate of future cash payments related to customers entering into qualified new transactions as well as a risk adjusted discount rate used to present value the expected cash flows A significant change in any of these assumptions could have a material impact to the fair value of our contingent consideration liability
In June 2025 we amended the terms of our contingent consideration arrangement with International Business Machines Corporation IBM During the three months ended July 31 2025 we reduced our estimate of future cash payments based on the amended terms and our quarterly assessment of assumptions including the magnitude and likelihood of customers entering into qualified new transactions the competitive industry environment and current market conditions
The total estimated fair value of our financing receivables approximates their carrying amounts as of July 31 2025 and 2024 We consider the fair value of our financing receivables to be a Level 3 measurement as we use unobservable inputs in determining discounted cash flows to estimate the fair value
Unrealized losses related to our available for sale debt securities are primarily due to interest rate fluctuations as opposed to credit quality We do not intend to sell any of the securities in an unrealized loss position and it is not likely that we would be required to sell these securities before recovery of their amortized cost basis which may be at maturity We did not recognize any credit losses related to our available for sale debt securities during the years ended July 31 2025 and 2024
Marketable equity securities consist of money market funds and are included in cash and cash equivalents on our consolidated balance sheets As of July 31 2025 and 2024 the carrying values of our marketable equity securities were 1 2 billion and 494 0 million respectively There were no unrealized gains or losses recognized for these securities during the years ended July 31 2025 2024 and 2023
As of July 31 2025 and 2024 the notional amount of our outstanding foreign currency forward contracts designated as cash flow hedges was 964 3 million and 804 8 million respectively Refer to Note 3 Fair Value Measurements for the fair value of our derivative instruments as reported on our consolidated balance sheets as of July 31 2025 and 2024
As of July 31 2025 unrealized gains and losses in AOCI related to our cash flow hedges were a 39 8 million net gain of which 38 4 million in gains are expected to be recognized into earnings within the next 12 months As of July 31 2024 unrealized gains and losses in AOCI related to our cash flow hedges were a 10 6 million net loss
For the years ended July 31 2025 and 2024 inventory write downs and excess manufacturing purchase commitment charges were 71 2 million and 24 9 million respectively For the year ended July 31 2023 inventory write downs and excess manufacturing purchase commitment charges was not significant
On August 31 2024 we completed the acquisition of certain IBM QRadar assets including certain intellectual property rights customer relationships and software as a service customer contracts The total purchase consideration for the acquisition was 1 1 billion which consisted of the following in millions
As part of the acquisition we agreed to make post closing payments to IBM contingent upon customers entering into qualified new transactions through June 30 2028 We also expect to receive a return of purchase consideration of 6 3 million due to timing of transition of certain underlying customer contracts of which 2 9 million was received during the year ended July 31 2025 In addition we have entered into a transition services arrangement with IBM under which IBM will perform certain services supporting the acquired assets and customers for a period of time that ends in the fiscal quarter ending October 2026
Payments related to the contingent consideration liability are expected to begin in the fiscal quarter ending October 2025 and continue through the fiscal quarter ending October 2028 The estimated range of undiscounted contingent consideration is between 0 4 billion and 0 6 billion Refer to Note 3 Fair Value Measurements for more information on the fair value of our contingent consideration liability
We have accounted for this transaction as a business combination and allocated the purchase consideration to assets acquired and liabilities assumed based on estimated fair values as presented in the following table in millions
Goodwill generated from this business combination is primarily attributable to the expected post acquisition synergies from increased market penetration to support the growth of our Cortex Security Operations business The goodwill is deductible for U S income tax purposes
On July 22 2025 we completed our acquisition of Protect AI Inc Protect AI a privately held cyber security company focused on AI security The total purchase consideration for the acquisition of Protect AI was 634 5 million which consisted of the following in millions
As part of the acquisition we issued 106 5 million of replacement awards of which the portion attributable to services performed prior to the acquisition date was allocated to purchase consideration The remaining fair value was allocated to future services and will be expensed over the remaining service periods as share based compensation
We have accounted for this transaction as a business combination and allocated the purchase consideration to assets acquired and liabilities assumed based on preliminary estimated fair values as presented in the following table in millions
Goodwill generated from this business combination is primarily attributable to the assembled workforce and expected post acquisition synergies from integrating Protect AI technology into our platforms The goodwill is not deductible for U S income tax purposes
On July 30 2025 we entered into a definitive agreement to acquire CyberArk Software Ltd an identity security company CyberArk The acquisition is expected to close during the second half of our fiscal 2026 subject to the satisfaction of customary closing conditions including the receipt of CyberArk shareholder approval the expiration of the waiting period under the Hart Scott Rodino Antitrust Improvements Act of 1976 as amended and receipt of other approvals under specified antitrust and foreign investment laws Under the terms of the agreement CyberArk shareholders will receive 45 00 in cash and 2 2005 shares of our common stock for each CyberArk share This represents an equity value of approximately 25 billion for CyberArk based on the unaffected 10 day average daily volume weighted average trading prices of our common stock as of July 25 2025 We expect to fund the cash portion of the consideration with our cash on hand The agreement also provides that we will assume certain unvested outstanding equity awards held by CyberArk employees
We and CyberArk each have certain termination rights under the definitive acquisition agreement A termination fee of 1 0 billion may be payable by us to CyberArk or a fee of 750 0 million may be payable by CyberArk to us upon termination of the definitive acquisition agreement under specified circumstances
On December 5 2023 we completed our acquisition of Dig Security Solutions Ltd Dig a privately held cyber security company providing a data security posture management solution for multi cloud environments The total purchase consideration for the acquisition of Dig was 255 4 million which consisted of the following in millions
As part of the acquisition we issued replacement equity awards which included 0 4 million shares of our restricted common stock The total fair value of the replacement equity awards was 72 0 million of which the portion attributable to services performed prior to the acquisition date was allocated to purchase consideration The remaining fair value was allocated to future services and will be expensed over the remaining service periods as share based compensation
We have accounted for this transaction as a business combination and allocated the purchase consideration to assets acquired and liabilities assumed based on estimated fair values as presented in the following table in millions
Goodwill generated from this business combination is primarily attributable to the assembled workforce and expected post acquisition synergies from integrating Dig technology into our platforms The goodwill is deductible for U S income tax purposes
On December 28 2023 we completed our acquisition of Talon Cyber Security Ltd Talon a privately held cyber security company providing a secure enterprise browser solution The total purchase consideration for the acquisition of Talon was 458 6 million which consisted of the following in millions
As part of the acquisition we issued replacement equity awards which included 0 6 million shares of our restricted common stock The total fair value of the replacement equity awards was 109 6 million of which the portion attributable to services performed prior to the acquisition date was allocated to purchase consideration The remaining fair value was allocated to future services and will be expensed over the remaining service periods as share based compensation
We have accounted for this transaction as a business combination and allocated the purchase consideration to assets acquired and liabilities assumed based on estimated fair values as presented in the following table in millions
Goodwill generated from this business combination is primarily attributable to the assembled workforce and expected post acquisition synergies from integrating Talon technology into our platforms The goodwill is deductible for U S income tax purposes
On December 20 2022 we completed our acquisition of Cider Security Ltd Cider a privately held cloud security company The total purchase consideration for the acquisition of Cider was 198 3 million which consisted of the following in millions
As part of the acquisition we issued replacement equity awards which included 0 4 million shares of our restricted common stock The total fair value of the replacement equity awards was 48 6 million of which the portion attributable to services performed prior to the acquisition date was allocated to purchase consideration The remaining fair value was allocated to future services and will be expensed over the remaining service periods as share based compensation
We have accounted for this transaction as a business combination and allocated the purchase consideration to assets acquired and liabilities assumed based on estimated fair values as presented in the following table in millions
Goodwill generated from this business combination is primarily attributable to the assembled workforce and expected post acquisition synergies from integrating Cider technology into our platforms The goodwill is deductible for U S income tax purposes
In April 2023 we completed an acquisition for total purchase consideration of 18 9 million in cash We have accounted for this transaction as a business combination and recorded goodwill of 14 5 million The goodwill is not deductible for income tax purposes
Additional information related to our Protect AI acquisition such as that related to income tax and other contingencies existing as of the acquisition date may become known during the remainder of the measurement period not to exceed 12 months from the acquisition date which may result in changes to the amounts and allocations recorded
In July 2018 we issued 1 7 billion aggregate principal amount of 0 75 Convertible Senior Notes due 2023 the 2023 Notes and in June 2020 we issued 2 0 billion aggregate principal amount of 0 375 Convertible Senior Notes due 2025 the 2025 Notes and together with the 2023 Notes the Notes The 2023 Notes bear interest at a fixed rate of 0 75 per year payable semi annually in arrears on January 1 and July 1 of each year beginning on January 1 2019 The 2023 Notes were converted prior to or settled on the maturity date of July 1 2023 in accordance with their terms The 2025 Notes bear interest at a fixed rate of 0 375 per year payable semi annually in arrears on June 1 and December 1 of each year beginning on December 1 2020 The 2025 Notes were converted prior to or settled on the maturity date of June 1 2025 in accordance with their terms
Holders of the 2023 Notes were able to early convert their 2023 Notes in fiscal 2023 up to April 1 2023 and conversion requests received on or after April 1 2023 were settled upon maturity of the 2023 Notes Holders of the 2025 Notes were able to early convert their 2025 Notes in fiscal 2023 fiscal 2024 and fiscal 2025 up to March 1 2025 and conversion requests received on or after March 1 2025 were settled upon maturity of the 2025 Notes During the years ended July 31 2025 2024 and 2023 we repaid in cash 965 6 million 1 0 billion and 1 7 billion respectively in aggregate principal amount of the Notes We also issued 14 0 million 14 0 million and 22 9 million shares of our common stock to the holders of the Notes during the years ended July 31 2025 2024 and 2023 respectively for the conversion value in excess of the principal amount These shares were fully offset by shares we received from the corresponding exercise of the associated note hedges
The total estimated fair value of the 2025 Notes was 3 2 billion as of July 31 2024 The fair value was determined based on the closing trading price per 100 of the 2025 Notes as of the last day of trading for the period We consider the fair value of the 2025 Notes at July 31 2024 to be a Level 2 measurement The fair value of the 2025 Notes is primarily affected by the trading price of our common stock and market interest rates
To minimize the impact of potential economic dilution upon conversion of our convertible senior notes we entered into separate convertible note hedge transactions the 2023 Note Hedges with respect to the 2023 Notes the 2025 Note Hedges with respect to the 2025 Notes and the 2023 Note Hedges together with 2025 Note Hedges the Note Hedges with respect to our common stock concurrent with the issuance of each series of the Notes
The Note Hedges covered shares of our common stock at a strike price per share that corresponded to the initial applicable conversion price of the applicable series of the Notes and were exercisable upon conversion of the applicable series of the Notes The Note Hedges expired upon maturity of the applicable series of the Notes The Note Hedges are separate transactions and are not part of the terms of the applicable series of the Notes Holders of the Notes of either series do not have any rights with respect to the Note Hedges Any shares of our common stock receivable by us under the Note Hedges are excluded from the calculation of diluted earnings per share as they are antidilutive
As a result of the conversions of the Notes during the years ended July 31 2025 2024 and 2023 we exercised the corresponding portion of our Note Hedges and received 14 0 million 14 0 million and 22 9 million shares of our common stock during the respective periods
Separately but concurrently with the issuance of each series of our convertible senior notes we entered into transactions whereby we sold warrants the 2023 Warrants with respect to the 2023 Notes the 2025 Warrants with respect to the 2025 Notes and the 2023 Warrants together with the 2025 Warrants the Warrants to acquire shares of our common stock subject to anti dilution adjustments The 2023 Warrants were and the 2025 Warrants are exercisable over 60 scheduled trading days beginning October 2023 and September 2025 respectively
The shares issuable under the Warrants are included in the calculation of diluted earnings per share when the average market value per share of our common stock for the reporting period exceeds the applicable strike price for such series of Warrants The Warrants are separate transactions and are not part of either series of Notes or Note Hedges and are not remeasured through earnings each reporting period Holders of the Notes of either series do not have any rights with respect to the Warrants
During the year ended July 31 2024 we net settled all of the 2023 Warrants with 18 0 million shares of our common stock with a fair value of 2 4 billion The number of net shares issued was determined based on the number of 2023 Warrants exercised multiplied by the difference between the strike price of the 2023 Warrants and their daily volume weighted average stock price
On April 13 2023 we entered into a credit agreement the Credit Agreement with certain institutional lenders that provides for a 400 0 million unsecured revolving credit facility the Credit Facility with an option to increase the amount of the Credit Facility by up to an additional 350 0 million subject to certain conditions The Credit Facility matures on April 13 2028
The borrowings under the Credit Facility bear interest at our option at a base rate plus a spread of 0 000 to 0 375 or an adjusted term Secured Overnight Financing Rate plus a spread of 1 000 to 1 375 in each case with such spread being determined based on our leverage ratio We are obligated to pay an ongoing commitment fee on undrawn amounts at a rate of 0 090 to 0 150 depending on our leverage ratio The interest rates and commitment fees are also subject to upward and downward adjustments based on our progress towards the achievement of certain sustainability goals
We have entered into various non cancelable operating leases primarily for our offices and data centers with lease terms expiring through the year ending July 31 2036 Some of our leases contain rent holiday periods scheduled rent increases lease incentives early termination rights and or renewal options
During the years ended July 31 2025 2024 and 2023 our net cost for operating leases was 121 7 million 104 7 million and 91 3 million respectively primarily consisting of operating lease costs of 88 1 million 75 6 million and 64 2 million respectively Our net cost for operating leases also included variable lease costs short term lease costs and sublease income in the periods presented
As of July 31 2025 we had additional non cancelable operating leases for office space that had been signed but had not yet commenced with total future minimum lease payments of 36 4 million These leases are expected to commence on or after fiscal 2026 with lease terms ranging from four to seven years
We have entered into various non cancelable agreements with cloud hosting service providers under which we are committed to minimum or fixed purchases of certain cloud hosting services In addition in order to reduce manufacturing lead times and plan for adequate supply we have entered into agreements with manufacturing partners and component suppliers to procure inventory based on our demand forecasts Other purchase obligations include non cancellable subscription agreements and other commitments in the normal course of business The following table presents details of the aggregate future non cancelable purchase commitments under these agreements as of July 31 2025 in millions
In January 2020 we executed a Mutual Covenant Not to Sue and Release Agreement for 50 0 million to extend an existing covenant not to sue for seven years As the primary benefit of the arrangement was attributable to future use the amount was recorded in other assets on our consolidated balance sheets and is amortized to cost of product revenue on our consolidated statements of operations over the estimated period of benefit of seven years
In October 2023 we established a multi currency notional cash pool for a certain number of our entities with a third party bank As part of the notional cash pool agreement the bank extends overdraft credit to our participating entities as needed provided that the overall notionally pooled balance of all accounts in the pool at the end of each day is positive In the unlikely event of a default any overdraft balances incurred would be guaranteed by our collective entities participating in the pool
We are subject to legal proceedings claims tax matters and litigation arising in the ordinary course of business including for instance intellectual property and patent litigation We accrue for contingencies when we believe that a loss is probable and that we can reasonably estimate the amount of any such loss
Legal matters could include speculative substantial or indeterminate monetary amounts Significant judgment is required to determine both the likelihood of there being a loss and the estimated amount of a loss related to such matters and we may be unable to estimate the reasonably possible loss or range of loss The outcomes of outstanding legal matters are inherently unpredictable and could either individually or in aggregate have a material adverse effect on us and our results of operations To the extent there is a reasonable possibility that a loss exceeding any amounts already recognized may be incurred we will either disclose the estimated additional loss or state that such an estimate cannot be made
On March 12 2021 Centripetal Networks Inc filed a lawsuit against us in the United States District Court for the Eastern District of Virginia The lawsuit alleges that our products infringe multiple Centripetal patents We successfully challenged certain of these patents which were found unpatentable by the U S Patent and Trademark Office PTO The case went to jury trial on January 22 2024 on four patents On January 31 2024 the jury returned a verdict of non willful infringement with a lump sum amount of 151 5 million plus statutory interest After post trial motions a judgment was issued on October 3 2024 affirming infringement on three patents reversing infringement on the fourth patent and subsequently reducing the damages amount to 113 6 million We posted a surety bond that was agreed upon by the parties and approved by the court This bond prevents execution of the judgment while appeals are pending In addition Centripetal filed infringement contentions on certain of their patents in the European Patent Office and Unified Patent Court in Germany to which we filed appropriate legal challenges Those matters are still pending
As of July 31 2024 we accrued 184 4 million for the verdict amount and estimated interest As of July 31 2025 we accrued 145 6 million based on the judgment and estimated interest which is recorded in other long term liabilities on our consolidated balance sheets The corresponding amount was a charge of 184 4 million for the year ended July 31 2024 and a release of 38 8 million for the year ended July 31 2025 which is included in general and administrative expense on our consolidated statements of operations
On November 4 2014 Finjan Inc filed a lawsuit against us in the United States District Court for the Northern District of California The lawsuit alleges that our products infringe multiple Finjan patents The complaint requests injunctive relief monetary damages and attorneys fees On March 21 2025 the judge issued an order granting summary judgment of non infringement on all remaining patents at issue Plaintiff filed a Notice of Appeal on April 21 2025 We are unable at this time to reasonably estimate a possible loss or potential range of loss if any
On April 3 2024 Eire OG Innovations filed a lawsuit against us in the United States District Court for the Eastern District of Texas asserting infringement of multiple patents certain of which were subsequently dismissed The complaint requests monetary damages and attorneys fees Trial is set for February 17 2026 We are unable at this time to reasonably estimate a possible loss or potential range of loss if any
Under the indemnification provisions of our standard sales related contracts we agree to defend our end customers against third party claims asserting infringement of certain intellectual property rights which may include patents copyrights trademarks or trade secrets and to pay judgments or approved settlements attributable to such claims Our exposure under these indemnification provisions is generally limited to payments made to us for the alleged infringing products over the preceding twelve months under the agreement However certain agreements include indemnification provisions that could potentially expose us to losses in excess of these payments In addition we indemnify our officers directors and certain key employees while they are serving in good faith in their company capacities To date we have not recorded any accruals for loss contingencies associated with indemnification claims or determined that an unfavorable outcome is probable or reasonably possible
In February 2019 our board of directors authorized a 1 0 billion share repurchase program which is funded from available working capital Our board of directors subsequently authorized additional increases to this share repurchase program including 915 0 million in August 2022 316 7 million in November 2023 and 500 0 million in August 2024 bringing the total authorization under this share repurchase program to 4 1 billion our current authorization The expiration date of our current authorization was extended to December 31 2025 and our repurchase program may be suspended or discontinued at any time Repurchases may be made at management s discretion from time to time on the open market through privately negotiated transactions transactions structured through investment banking institutions block purchase techniques 10b5 1 trading plans or a combination of the foregoing
We did not repurchase shares of our common stock during the year ended July 31 2025 During the year ended July 31 2023 we paid 22 7 million related to share repurchases of our common stock that were not settled as of July 31 2022
As of July 31 2025 1 0 billion remained available for future share repurchases under our current repurchase authorization The total price of the shares repurchased and related transaction costs are reflected as a reduction to common stock and additional paid in capital on our consolidated balance sheets
Our 2021 Equity Incentive Plan our 2021 Plan became effective in December 2021 and replaced our 2012 Equity Incentive Plan our 2012 Plan Our 2021 Plan provides for the granting of stock options stock appreciation rights restricted stock awards RSAs restricted stock units RSUs performance shares PSAs performance based stock units PSUs and performance stock options PSOs to our employees directors and consultants Upon effectiveness of the 2021 Plan the 2012 Plan was terminated and no further awards will be granted under the 2012 Plan Awards that were outstanding upon such termination remained outstanding pursuant to their original terms and any subsequent expiration cancellation or forfeiture of awards under our 2012 Plan are returned to our 2021 Plan
The majority of our equity awards are RSUs which generally vest over a period of four years from the date of grant Until vested RSUs do not have the voting and dividend participation rights of common stock and the shares underlying the awards are not considered issued and outstanding
Our PSUs generally vest over a period of one to four years from the date of grant The number of PSUs eligible to vest is determined based on the level of achievement against certain performance conditions market conditions and a combination thereof
During the year ended July 31 2023 we granted 1 8 million shares of PSUs with both service and market conditions The market conditions are satisfied when the price of our common stock is equal to or exceeds stock price targets of 116 67 133 34 150 00 and 166 67 based on the average closing price for 30 consecutive trading days during the three or four year period following the date of grant Once a market condition is met its corresponding one fourth of the awards vest on each anniversary date of the grant date subject to continued service As of July 31 2025 all stock price targets for these PSU awards have been met and the related shares will vest when the underlying service conditions are satisfied
During the year ended July 31 2023 we granted 1 5 million shares of PSUs which contain service and market conditions The service conditions are satisfied after a period of five years The market condition is measured based on our total shareholder return TSR relative to the TSR of the companies listed in the Standard Poor s 500 index
During the years ended July 31 2025 2024 and 2023 we granted 3 4 million 4 2 million and 3 2 million shares of PSUs respectively which contain service performance and market conditions The service conditions are satisfied over a period of one to three years For PSUs granted during the year ended July 31 2025 the performance conditions are based on an average of next generation security annualized recurring revenue and non GAAP net income per diluted share For PSUs granted during the years ended July 31 2024 and 2023 the performance conditions are based on revenue growth or billing growth The market condition is measured based on our TSR relative to the TSR of the companies listed in the Standard Poor s 500 index As of July 31 2025 we have approved an additional 2 7 million shares of PSUs which will be granted upon the performance condition being established during the next two years
We have also granted PSOs with both service and market conditions The market condition for PSOs granted in the fiscal years 2018 and 2019 requires the price of our common stock to equal or exceed 49 63 66 17 82 71 and 99 25 based on the average closing price for 30 consecutive trading days during the four five six and seven and a half year periods following the date of grant in fiscal year 2018 and 2019 respectively Once a market condition is met its corresponding one fourth of the PSOs vest on each anniversary date of the grant date subject to continued service The maximum contractual term of our outstanding PSOs is seven and a half years from the date of grant depending on vesting period As of July 31 2025 all of our outstanding PSOs have been fully vested
We net share settle equity awards held by certain employees by withholding shares upon vesting to satisfy tax withholding obligations The shares withheld to satisfy employee tax withholding obligations are returned to our 2021 Plan and will be available for future issuance Payments for employees tax obligations to the tax authorities are recognized as a reduction to additional paid in capital and reflected as financing activities on our consolidated statements of cash flows
Our 2012 Employee Stock Purchase Plan was adopted by our board of directors and approved by the stockholders on June 5 2012 and was effective upon completion of our initial public offering On August 29 2017 we amended and restated our 2012 Employee Stock Purchase Plan our 2012 ESPP to extend the length of our offering periods from 6 to 24 months
Our 2012 ESPP permits eligible employees to acquire shares of our common stock at 85 of the lower of the fair market value of our common stock on the first trading day of each offering period or on the purchase date If the fair market value of our common stock on the purchase date is lower than the first trading day of the offering period the current offering period will be cancelled after purchase and a new 24 month offering period will begin Under our 2012 ESPP each 24 month offering period consists of four consecutive 6 month purchase periods with purchase dates on the first trading day on or after February 28 and August 31 of each year Participants may purchase shares of common stock through payroll deductions of up to 15 of their eligible compensation subject to purchase limits of 3 750 shares per six month purchase period and 25 000 worth of stock for each calendar year Shares purchased under our 2012 ESPP during the fiscal years ended July 31 2025 2024 and 2023 were 1 9 million 2 2 million and 2 3 million at an average exercise price of 106 99 per share 80 32 per share and 69 15 per share respectively
A total of 41 5 million shares of our common stock are available for sale under our 2012 ESPP as of July 31 2025 On the first day of each fiscal year the number of shares in the reserve may be increased by the lesser of i 12 0 million shares ii 1 of the outstanding shares of our common stock on the first day of the fiscal year or iii such other amount as determined by our board of directors
In connection with our acquisitions we have assumed equity incentive plans of certain acquired companies collectively the Assumed Plans The equity awards assumed in connection with each acquisition were granted from their respective assumed plans The assumed equity awards will be settled in shares of our common stock and will retain the terms and conditions under which they were originally granted No additional equity awards will be granted under and forfeited awards will not be returned to the Assumed Plans Refer to Note 8 Acquisitions for more information on our acquisitions and the related equity awards assumed
The aggregate fair value as of the respective vesting dates of RSUs vested during the years ended July 31 2025 2024 and 2023 was 1 6 billion 1 6 billion and 1 3 billion respectively The aggregate fair value as of the respective vesting dates of PSUs vested during the years ended July 31 2025 2024 and 2023 was 220 7 million 377 7 million and 218 9 million respectively
We record share based compensation awards based on estimated fair value as of the grant date The fair value of RSUs and PSUs not subject to market conditions is based on the closing market price of our common stock on the date of grant
The fair value of the PSUs subject to market conditions is estimated on the grant date using a Monte Carlo simulation model The following table summarizes the assumptions used and the resulting grant date fair value of our PSUs subject to market conditions granted during the years ended July 31 2025 2024 and 2023
The expected volatility is based on the historical volatility of our common stock The expected term is based on the length of each tranche s performance period from the grant date The dividend yield assumption is based on our current expectations about our anticipated dividend policy The risk free interest rate is based on the implied yield available on U S Treasury zero coupon issues with maturities that approximate the expected term
The fair value of PSOs was estimated on the grant date using a Monte Carlo simulation model which predicts settlement of the PSOs midway between the vesting term and the contractual term No PSOs were granted during the years ended July 31 2025 2024 and 2023
The fair value of shares issued under our 2012 ESPP are estimated on the grant date using the Black Scholes option pricing model The following table summarizes the assumptions used and the resulting grant date fair values of our ESPP
The expected volatility is based on a combination of implied volatility from traded options on our common stock and the historical volatility of our common stock The expected term represents the term from the first day of the offering period to the purchase dates within each offering period The dividend yield assumption is based on our current expectations about our anticipated dividend policy The risk free interest rate is based on the implied yield available on U S Treasury zero coupon issues with maturities that approximate the expected term
As of July 31 2025 total compensation cost related to unvested share based awards not yet recognized was 2 2 billion This cost is expected to be amortized over a weighted average period of approximately 2 5 years Future grants will increase the amount of compensation expense to be recorded in these periods
For the year ended July 31 2025 our provision for income taxes was 461 8 million which included a deferred tax provision of 218 5 million arising from the remeasurement of our basis difference associated with the U S tax effects of foreign deferred tax assets Our remeasurement is a result of the One Big Beautiful Bill Act OBBB enacted on July 4 2025 which provides for significant tax law changes and modifications including changes to the U S effective tax rates on certain foreign earnings Although these specific provisions are not effective until our fiscal 2027 our policy to account for basis differences relating to our global intangible low taxed income requires us to account for these changes in the period of enactment
For the year ended July 31 2024 our benefit from income taxes was 1 6 billion primarily due to the release of our valuation allowance on U S federal U S states other than California and United Kingdom U K deferred tax assets partially offset by the deferred tax provision in our U S federal tax provision to recognize the indirect effect on basis differences relating to our global intangible low taxed income in connection with the release of our valuation allowance in the U K
We regularly assess the need for a valuation allowance on our deferred tax assets In making this assessment we consider both positive and negative evidence related to the likelihood of realization of the deferred tax assets to determine based on the weight of available evidence whether it is more likely than not that some or all the deferred tax assets will not be realized The assessment requires significant judgment and is performed for each of the applicable jurisdictions Based on our analysis of all positive and negative evidence during the year ended July 31 2025 we continue to maintain a valuation allowance for our California deferred tax assets due to the uncertainty regarding realizability of these deferred tax assets as they have not met the more likely than not realization criterion We expect future research and development tax credit generation in California to exceed our ability to use the existing tax credits
Our U S federal and state deferred tax assets largely consist of capitalized research expenditures and accelerated recognition of deferred revenue for tax purposes U S tax carryforwards including net operating losses and tax credits are expected to be fully utilized to the extent allowable by law Our U K deferred tax assets largely consist of basis differences in intangible assets and related net operating losses expected to be utilized in the future
As of July 31 2025 we had federal state and foreign net operating loss carryforwards of approximately 129 1 million 112 8 million and 2 3 billion respectively as reported on our tax returns available to reduce future taxable income if any If not utilized our federal and state net operating loss carryforwards will expire in various amounts at various dates beginning in the years ending July 31 2034 and July 31 2030 respectively Our foreign net operating loss will carry forward indefinitely
As of July 31 2025 we had federal and state research and development tax credit carryforwards of approximately 2 0 million and 340 2 million respectively as reported on our tax returns If not utilized the federal credit carryforwards will expire in various amounts at various dates beginning in the year ending July 31 2040 The state credit carryforwards have no expiration
As of July 31 2025 we had foreign tax credit carryforwards of 1 7 million as reported on our tax returns If not utilized the foreign tax credit carryforwards will expire in various amounts at various dates beginning in the year ending July 31 2029
Utilization of the net operating loss carryforwards and credits may be subject to a substantial annual limitation due to the ownership change limitations provided by the Internal Revenue Code of 1986 as amended and similar state provisions The annual limitation may result in the expiration of net operating losses and credits before utilization
As of July 31 2025 we had 572 2 million of unrecognized tax benefits 274 8 million of which would affect income tax expense if recognized after consideration of our valuation allowance in California and other assets As of July 31 2024 we had 454 4 million of unrecognized tax benefits 200 1 million of which would affect income tax expense if recognized after consideration of our valuation allowance in the United States and other assets We do not expect the amount of unrecognized tax benefits as of July 31 2025 to materially change over the next 12 months
We file federal state and foreign income tax returns in jurisdictions with varying statutes of limitations Generally all years remain subject to adjustment due to our net operating loss and credit carryforwards We currently have ongoing tax audits in various jurisdictions and at various times The primary focus of these audits is generally profit allocation The ultimate amount and timing of any future settlements cannot be predicted with reasonable certainty
We recognize both interest and penalties associated with uncertain tax positions as a component of income tax expense During the years ended July 31 2025 2024 and 2023 we recognized an income tax expense of 42 4 million an income tax expense of 5 8 million and a net income tax benefit of 4 8 million related to interest and penalties respectively We had accrued interest and penalties on our consolidated balance sheets related to unrecognized tax benefits of 53 3 million and 10 9 million as of July 31 2025 and 2024 respectively
As of July 31 2025 we had no unremitted earnings when evaluating our outside basis difference relating to our U S investment in foreign subsidiaries However there could be local withholding taxes due to various foreign countries if certain lower tier earnings are distributed Withholding taxes that would be payable upon remittance of these lower tier earnings are not material
Basic net income per share is computed by dividing net income by basic weighted average shares outstanding during the period Diluted net income per share is computed by dividing net income by diluted weighted average shares outstanding during the period giving effect to all potentially dilutive securities to the extent they are dilutive We compute the dilutive effect of shares issuable upon conversion of our convertible senior notes using the if converted method and the dilutive effect of warrants related to the issuance of convertible senior notes and equity awards under our employee equity incentive plans using the treasury stock method
The following securities were excluded from the computation of diluted net income per share of common stock as their effect would have been antidilutive or issuance of such shares is contingent upon the satisfaction of certain conditions which were not satisfied by the end of the applicable period in millions
We have one operating and reportable segment We conduct business globally and sales are primarily managed on a geographic theater basis Our chief operating decision maker CODM is our Chairman and Chief Executive Officer who reviews financial information presented on a consolidated basis accompanied by revenue information for purposes of allocating resources and evaluating financial performance Our CODM uses consolidated net income as our measure of segment profit or loss The consolidated financial information by function as reflected on our consolidated statements of operations is used in our annual budget and forecasting process to establish goals and monitor budget versus actual results The measure of segment assets is reported on the consolidated balance sheets as total consolidated assets
Our management with the participation of our chief executive officer and chief financial officer evaluated the effectiveness of our disclosure controls and procedures pursuant to Rule 13a 15 f under the Securities Exchange Act of 1934 as amended the Exchange Act In designing and evaluating the disclosure controls and procedures management recognizes that any controls and procedures no matter how well designed and operated can provide only reasonable assurance of achieving the desired control objectives In addition the design of disclosure controls and procedures must reflect the fact that there are resource constraints and that management is required to apply its judgment in evaluating the benefits of possible controls and procedures relative to their costs
Based on our evaluation our chief executive officer and chief financial officer concluded that as of July 31 2025 our disclosure controls and procedures are designed at a reasonable assurance level and are effective to provide reasonable assurance that information we are required to disclose in reports that we file or submit under the Exchange Act is recorded processed summarized and reported within the time periods specified in Securities and Exchange Commission SEC rules and forms and that such information is accumulated and communicated to our management including our chief executive officer and chief financial officer as appropriate to allow timely decisions regarding required disclosure
Our management is responsible for establishing and maintaining adequate internal control over financial reporting as defined in Rules 13a 15 f under the Exchange Act Our management assessed the effectiveness of our internal control over financial reporting as of July 31 2025 based on the framework set forth by the Committee of Sponsoring Organizations of the Treadway Commission COSO in Internal Control Integrated Framework 2013 framework Based on that assessment management concluded that as of July 31 2025 our internal control over financial reporting was effective
The effectiveness of our internal control over financial reporting as of July 31 2025 has been audited by Ernst Young LLP the independent registered public accounting firm that audits our consolidated financial statements as stated in their report which is included in Part II Item 8 of this Annual Report on Form 10 K
There were no changes in our internal control over financial reporting identified in connection with the evaluation required by Rule 13a 15 d and 15d 15 d of the Exchange Act that occurred during the fiscal quarter ended July 31 2025 that have materially affected or are reasonably likely to materially affect our internal control over financial reporting
Set forth below is certain information regarding Rule 10b5 1 trading plans adopted or terminated by our directors and officers as defined in Rule 16a 1 f during the fourth quarter of fiscal 2025 The Rule 10b5 1 trading plans listed below are each intended to satisfy the affirmative defense of Rule 10b5 1 c
No other officers or directors as defined in Rule 16a 1 f adopted modified and or terminated a Rule 10b5 1 trading arrangement or a non Rule 10b5 1 trading arrangement as defined in Regulation S K Item 408 during the fourth quarter of fiscal 2025
The information required by this item will be contained in our definitive proxy statement to be filed with the SEC in connection with our 2025 annual meeting of stockholders the Proxy Statement which is expected to be filed not later than 120 days after the end of our fiscal year ended July 31 2025 and is incorporated herein by reference
Financial statement schedules have been omitted because they are not required not applicable not present in amounts sufficient to require submission of the schedule or the required information is shown in the Consolidated Financial Statements or the notes thereto
Amendment No 1 dated as of November 22 2024 to Credit Agreement dated as of April 13 2023 among Palo Alto Networks Inc the lenders party thereto and Wells Fargo Bank National Association as administrative agent
Certain portions of this exhibit have been omitted as the Registrant has determined i the omitted information is not material and ii the omitted information would likely cause harm to the Registrant if publicly disclosed
Schedules omitted pursuant to Item 601 b 2 of Regulation S K The Registrant agrees to furnish supplementally a copy of any omitted schedule to the SEC upon request provided however that the Registrant may request confidential treatment pursuant to Rule 24b 2 of the Securities Exchange Act of 1934 as amended for any schedules or exhibits so furnished
The certifications attached as Exhibit 32 1 and Exhibit 32 2 that accompany this Annual Report on Form 10 K are not deemed filed with the Securities and Exchange Commission and are not to be incorporated by reference into any filing of the Registrant under the Securities Act of 1933 as amended or the Securities Exchange Act of 1934 as amended whether made before or after the date of this Annual Report on Form 10 K irrespective of any general incorporation language contained in such filing
Pursuant to the requirements of Section 13 or 15 d of the Securities Exchange Act of 1934 the Registrant has duly caused this report to be signed on its behalf by the undersigned thereunto duly authorized on August 29 2025
KNOW ALL THESE PERSONS BY THESE PRESENTS that each person whose signature appears below constitutes and appoints Nikesh Arora Dipak Golechha and Josh Paul and each of them as his or her true and lawful attorney in fact and agent with full power of substitution and resubstitution for him or her and in his or her name place and stead in any and all capacities to sign any and all amendments to this Annual Report on Form 10 K and to file the same with all exhibits thereto and other documents in connection therewith with the Securities and Exchange Commission granting unto said attorneys in fact and agents and each of them full power and authority to do and perform each and every act and thing requisite and necessary to be done in connection therewith as fully to all intents and purposes as he or she might or could do in person hereby ratifying and confirming all that said attorneys in fact and agents or any of them or their his or her substitutes may lawfully do or cause to be done by virtue thereof
Pursuant to the requirements of the Securities Exchange Act of 1934 this report has been signed below by the following persons on behalf of the Registrant and in the capacities and on the dates indicated

Company Name	Palo Alto Networks Inc Vist SEC web-site
Category	COMPUTER PERIPHERAL EQUIPMENT, NEC
Trading Symbol	PANW