tapebrief

PANW · Q3 2025 Earnings

Bullish

Palo Alto Networks

Reported May 20, 2025

30-second summary

Palo Alto delivered 15% revenue growth to $2.29B in fiscal Q3, with Next-Generation Security ARR reaching $5.1B at 34% YoY — the metric management has bet the long-term thesis on. Full-year guidance was reaffirmed at $9.17–9.19B revenue and 28.2–28.5% non-GAAP operating margin, with NGS ARR exiting FY25 at $5.52–5.57B (31–32% growth). The Q&A revealed the strategic core: XSIAM is now a $1B TTM bookings business with 270 customers averaging >$1M ARR, and management is positioning the platform as the agentic-AI security data lake of the next 3–5 years.

Headline numbers

EPS

Q3 FY2025

$0.80

Revenue

Q3 FY2025

$2.29B

+15.0% YoY

Gross margin

Q3 FY2025

72.9%

Operating margin

Q3 FY2025

9.6%

Key financials

Q3 FY2025
MetricQ3 FY2025YoY
Revenue$2.29B+15.0%
EPS$0.80
Gross margin72.9%
Operating margin9.6%

Guidance

Prior quarter data unavailable — comparison not possible.

Platform metrics

Q3 FY2025
SegmentQ3 FY2025
Next-Generation Security ARR$5.1 billion
Next-Generation Security ARR YoY growth34%
Remaining performance obligation$13.5 billion
Remaining performance obligation YoY growth19%

Profitability

Q3 FY2025
SegmentQ3 FY2025
Non-GAAP operating margin27.4%

Management tone

The most telling signal this quarter is structural, not verbal: Chief Product Officer Lee Claridge joined the earnings call for Q&A alongside CEO Nikesh Arora and CFO Dipak Golechha. Enterprise software companies do not put the CPO on the earnings line unless product narrative has become material to the investor thesis. Arora's framing — "Nikesh Arora, our Chairman and Chief Executive Officer, and Dipak Golechha, our Chief Financial Officer... Lee Claridge, our Chief Product Officer, will join us" — telegraphs that the next few quarters will be evaluated on AI platform execution, not just billings cadence.

The substantive shift in Arora's posture is from defending platformization to selling agentic AI as the next platform inflection. He sketched a vision where security data lake plus agentic AI replaces edge policy enforcement, with XSIAM as the data backbone. This is materially more ambitious than the consolidation-and-cross-sell pitch of prior cycles, and it implicitly extends the runway for the $15B long-term ARR target by tying it to an AI adoption curve rather than competitive displacement alone.

Management also took a victory lap on cloud security learnings without naming it as such. With Gabriella Borges, Arora referenced the prior strategic error of "over-indexing on posture, under-indexing on runtime" in cloud security, and explicitly framed the Protect.AI acquisition ($700M, closing Q1 FY26) as the corrective. This is a confident framing: management is now openly post-mortem-ing a prior misstep because they believe they have the playbook right this time.

Notable absence: no hedging language, no acknowledged risks, no mention of macro headwinds, federal exposure, or competitive pressure from CrowdStrike or Microsoft. The confidence level is high enough that it warrants attention by itself — bullish positioning in earnings calls is often a leading indicator of the bar moving up.

Recurring themes management leaned on this quarter:

AI-native security platform evolutionExecutive structure emphasizing product innovationInvestor relations focus on strategic finance messagingMulti-functional leadership visibility (CEO, CFO, CPO alignment)

Q&A highlights

Keith Weiss · Morgan Stanley

When securing AI infrastructure, is the opportunity just about ARR or wider portfolio pull-through? What gives confidence in next-generation ARR growth forecasts for coming years given investor concerns about aggressive targets?

Nikesh explained AI infrastructure security drives multi-layered pull-through: software firewall adoption accelerates cloud migration, AI firewall capability extends firewall TAM, and runtime security complements posture management. This transformation is being accelerated by AI imperative, shifting traditionally slow hardware-to-software transition. Company learned from cloud security mistakes by emphasizing runtime (not just posture) from day one in AI security.

35 AI models under evaluation/deployment internally at Palo AltoSoftware firewall ARR grew ~20% YoY in Q3SASE ARR grew 36% YoY, 2x market growthAI imperative accelerating hardware-to-software transformation

Brian Essex · JPMorgan

Can you break down product revenue growth attribution between share shift, pricing increases, and refresh cycles?

Nikesh attributed core hardware growth to steady 5-8% market growth. Software firewall growth is inflecting due to AI adoption forcing cloud migration even for reluctant customers. AI models (Gemini, OpenAI, Lambda) are cloud-only, making on-prem deployments obsolete. This drives software firewall adoption acceleration and hardware-to-software portfolio transformation.

Core hardware business growing 5-8%Software approaching 40% of product revenue mixCloud-delivered AI models with no on-prem equivalents forcing cloud migrationNo open-source on-prem equivalents for cutting-edge AI (Gemini, Lambda, OpenAI)

Gabriella Borges · Goldman Sachs

How do you think about AI product portfolio evolution over next few years? What's the organic vs. inorganic mix? How do you avoid being leapfrogged in AI technology given rapid evolution?

Nikesh drew parallel to cloud security mistakes (over-indexing on posture, under-indexing on runtime). For AI, company is intentionally leading with runtime security and production capabilities via Protect.AI acquisition. Two-pronged approach: build AI firewall natively in cloud, and acquire specialized runtime/model scanning capability rather than building 6+ months later.

Protect.AI acquisition for $700 million closing Q1 FY26AI runtime security prioritized over posture from launch (vs. cloud security learnings)Native firewalls deployed across all public cloud providers90% of AI implementations run through cloud service providers, not on-prem

Shaul Eyal · Cowen

Ranking Cortex and Talon among recent acquisitions—which has bigger long-term opportunity?

Nikesh articulated vision that future security (3-5 years) will be delivered via agentic AI operating on unified security data lakes, not edge policies. This positions XIAM (data ingestion/intelligence) as foundational while Talon/Prisma Access Browser (edge visibility) provides input streams. Both necessary but XIAM's data-centric platform approach is the larger strategic lever for multi-year transformation.

Security data lake + agentic AI replacing traditional policy-based edge controls in 3-5 yearsAgentic systems require permissioning infrastructure and enterprise interconnection visibilityXIAM integrations across endpoints, identity, cloud, email feeds the data lake1,000+ integrations in XSOAR platform enable agentic automation

What to watch into next quarter

NGS ARR Q4 net add — guide implies $420–470M of net new NGS ARR in a single quarter. Watch whether the actual lands inside the $5.52–5.57B exit range, and which sub-products (XSIAM, SASE, software firewall) drive it. A miss here would be the first crack in the platformization thesis.

XSIAM customer count and average ARR — disclosed at 270 customers and >$1M average this quarter. If management discloses these again, watch for customer count above 350 and average ARR holding above $1M. A drop in average ARR would suggest the easy large-customer wins are behind.

Non-GAAP operating margin in Q4 — running 27.4% YTD; FY guide of 28.2–28.5% implies a Q4 step-up. Watch whether margin expansion comes from leverage on existing platforms or pulled-forward cost actions.

Software firewall ARR growth rate — currently ~20% YoY. Arora's AI-forces-cloud-migration thesis predicts this should accelerate. If it doesn't, the AI tailwind narrative weakens.

Protect.AI deal close and initial integration commentary — $700M acquisition closing Q1 FY26. Watch for first commentary on runtime AI security ARR contribution and whether it's framed as accretive or investment-period.

Sources

  1. Palo Alto Networks Q3 FY2025 earnings press release, filed via SEC EDGAR, May 20, 2025 — https://www.sec.gov/Archives/edgar/data/1327567/000132756725000015/ex991q325earningsrelease.htm
  2. Palo Alto Networks Q3 FY2025 earnings call Q&A (transcript excerpts as supplied)

Get the next brief, free.

We publish analyst-grade earnings briefs the same day or morning after every call — headline numbers, segment KPIs, Q&A highlights, and tone analysis. Free during beta.

This is not investment advice.