panw-202507310001327567false2025FYP2YP1Yhttp://fasb.org/us-gaap/2025#OtherAssetsNoncurrenthttp://fasb.org/us-gaap/2025#OtherAssetsNoncurrenthttp://fasb.org/us-gaap/2025#AccruedLiabilitiesCurrenthttp://fasb.org/us-gaap/2025#AccruedLiabilitiesCurrenthttp://fasb.org/us-gaap/2025#OtherLiabilitiesNoncurrenthttp://fasb.org/us-gaap/2025#OtherLiabilitiesNoncurrenthttp://fasb.org/us-gaap/2025#AccruedLiabilitiesCurrentP4YP1YP3YP4YP1YP4YP5YP6Y252525257.525252525252525257.5183iso4217:USDxbrli:sharesiso4217:USDxbrli:sharesxbrli:purepanw:instrumentpanw:daypanw:patentpanw:offeringPeriodpanw:segment00013275672024-08-012025-07-3100013275672025-01-3100013275672025-08-1800013275672025-07-3100013275672024-07-310001327567us-gaap:ProductMember2024-08-012025-07-310001327567us-gaap:ProductMember2023-08-012024-07-310001327567us-gaap:ProductMember2022-08-012023-07-310001327567us-gaap:ServiceMember2024-08-012025-07-310001327567us-gaap:ServiceMember2023-08-012024-07-310001327567us-gaap:ServiceMember2022-08-012023-07-3100013275672023-08-012024-07-3100013275672022-08-012023-07-310001327567us-gaap:CommonStockMember2022-07-310001327567us-gaap:CommonStockIncludingAdditionalPaidInCapitalMember2022-07-310001327567us-gaap:AccumulatedOtherComprehensiveIncomeMember2022-07-310001327567us-gaap:RetainedEarningsMember2022-07-3100013275672022-07-310001327567us-gaap:RetainedEarningsMember2022-08-012023-07-310001327567us-gaap:AccumulatedOtherComprehensiveIncomeMember2022-08-012023-07-310001327567us-gaap:CommonStockMember2022-08-012023-07-310001327567us-gaap:CommonStockIncludingAdditionalPaidInCapitalMember2022-08-012023-07-310001327567us-gaap:CommonStockMember2023-07-310001327567us-gaap:CommonStockIncludingAdditionalPaidInCapitalMember2023-07-310001327567us-gaap:AccumulatedOtherComprehensiveIncomeMember2023-07-310001327567us-gaap:RetainedEarningsMember2023-07-3100013275672023-07-310001327567us-gaap:RetainedEarningsMember2023-08-012024-07-310001327567us-gaap:AccumulatedOtherComprehensiveIncomeMember2023-08-012024-07-310001327567us-gaap:CommonStockMember2023-08-012024-07-310001327567us-gaap:CommonStockIncludingAdditionalPaidInCapitalMember2023-08-012024-07-310001327567us-gaap:WarrantMemberus-gaap:CommonStockMember2023-08-012024-07-310001327567us-gaap:CommonStockMember2024-07-310001327567us-gaap:CommonStockIncludingAdditionalPaidInCapitalMember2024-07-310001327567us-gaap:AccumulatedOtherComprehensiveIncomeMember2024-07-310001327567us-gaap:RetainedEarningsMember2024-07-310001327567us-gaap:RetainedEarningsMember2024-08-012025-07-310001327567us-gaap:AccumulatedOtherComprehensiveIncomeMember2024-08-012025-07-310001327567us-gaap:CommonStockMember2024-08-012025-07-310001327567us-gaap:CommonStockIncludingAdditionalPaidInCapitalMember2024-08-012025-07-310001327567us-gaap:CommonStockMember2025-07-310001327567us-gaap:CommonStockIncludingAdditionalPaidInCapitalMember2025-07-310001327567us-gaap:AccumulatedOtherComprehensiveIncomeMember2025-07-310001327567us-gaap:RetainedEarningsMember2025-07-3100013275672024-12-122024-12-120001327567srt:MinimumMember2024-12-120001327567srt:MaximumMember2024-12-1200013275672024-12-120001327567panw:FourDistributorsMemberus-gaap:CustomerConcentrationRiskMemberus-gaap:AccountsReceivableMember2024-08-012025-07-310001327567panw:CustomerAMemberus-gaap:CustomerConcentrationRiskMemberus-gaap:SalesRevenueNetMember2024-08-012025-07-310001327567panw:CustomerBMemberus-gaap:CustomerConcentrationRiskMemberus-gaap:SalesRevenueNetMember2024-08-012025-07-310001327567panw:CustomerCMemberus-gaap:CustomerConcentrationRiskMemberus-gaap:SalesRevenueNetMember2024-08-012025-07-310001327567srt:MinimumMember2024-08-012025-07-310001327567srt:MaximumMember2024-08-012025-07-310001327567srt:MinimumMemberpanw:ComputerEquipmentEquipmentandSoftwareandSoftwareDevelopmentCostsMember2025-07-310001327567srt:MaximumMemberpanw:ComputerEquipmentEquipmentandSoftwareandSoftwareDevelopmentCostsMember2025-07-310001327567srt:MaximumMemberpanw:DemonstrationunitsMember2025-07-310001327567us-gaap:FurnitureAndFixturesMember2025-07-310001327567us-gaap:LeaseholdImprovementsMember2025-07-310001327567us-gaap:SoftwareDevelopmentMember2025-07-310001327567us-gaap:SoftwareDevelopmentMember2024-08-012025-07-310001327567us-gaap:SoftwareDevelopmentMember2023-08-012024-07-310001327567us-gaap:SoftwareDevelopmentMember2022-08-012023-07-310001327567country:US2024-08-012025-07-310001327567country:US2023-08-012024-07-310001327567country:US2022-08-012023-07-310001327567panw:OtherAmericasMember2024-08-012025-07-310001327567panw:OtherAmericasMember2023-08-012024-07-310001327567panw:OtherAmericasMember2022-08-012023-07-310001327567srt:AmericasMember2024-08-012025-07-310001327567srt:AmericasMember2023-08-012024-07-310001327567srt:AmericasMember2022-08-012023-07-310001327567us-gaap:EMEAMember2024-08-012025-07-310001327567us-gaap:EMEAMember2023-08-012024-07-310001327567us-gaap:EMEAMember2022-08-012023-07-310001327567srt:AsiaPacificMember2024-08-012025-07-310001327567srt:AsiaPacificMember2023-08-012024-07-310001327567srt:AsiaPacificMember2022-08-012023-07-310001327567panw:SubscriptionMember2024-08-012025-07-310001327567panw:SubscriptionMember2023-08-012024-07-310001327567panw:SubscriptionMember2022-08-012023-07-310001327567panw:SupportMember2024-08-012025-07-310001327567panw:SupportMember2023-08-012024-07-310001327567panw:SupportMember2022-08-012023-07-3100013275672025-08-012025-07-310001327567us-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMember2025-07-310001327567us-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMember2024-07-310001327567us-gaap:CommercialPaperMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:CommercialPaperMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:CommercialPaperMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:CommercialPaperMemberus-gaap:FairValueMeasurementsRecurringMember2025-07-310001327567us-gaap:CommercialPaperMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:CommercialPaperMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:CommercialPaperMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:CommercialPaperMemberus-gaap:FairValueMeasurementsRecurringMember2024-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMember2025-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMember2024-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMember2025-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMember2024-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:FairValueMeasurementsRecurringMember2025-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:FairValueMeasurementsRecurringMember2024-07-310001327567us-gaap:CertificatesOfDepositMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:CertificatesOfDepositMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:CertificatesOfDepositMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:CertificatesOfDepositMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMember2025-07-310001327567us-gaap:CertificatesOfDepositMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:CertificatesOfDepositMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:CertificatesOfDepositMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:CertificatesOfDepositMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMember2024-07-310001327567us-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMember2025-07-310001327567us-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMember2024-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMember2025-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMember2024-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMember2025-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMember2024-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMember2025-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMember2024-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMember2025-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMember2024-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMember2025-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:ShortTermInvestmentsMember2024-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMember2025-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMember2024-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMember2025-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMember2024-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMember2025-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMember2024-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMember2025-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMember2024-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMember2025-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:FairValueMeasurementsRecurringMemberus-gaap:OtherLongTermInvestmentsMember2024-07-310001327567us-gaap:ForeignExchangeForwardMemberus-gaap:FairValueMeasurementsRecurringMember2025-07-310001327567us-gaap:ForeignExchangeForwardMemberus-gaap:FairValueMeasurementsRecurringMember2024-07-310001327567us-gaap:ForeignExchangeForwardMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel1Member2025-07-310001327567us-gaap:ForeignExchangeForwardMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel2Member2025-07-310001327567us-gaap:ForeignExchangeForwardMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel3Member2025-07-310001327567us-gaap:ForeignExchangeForwardMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel1Member2024-07-310001327567us-gaap:ForeignExchangeForwardMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567us-gaap:ForeignExchangeForwardMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:FairValueInputsLevel3Member2024-07-310001327567us-gaap:CommercialPaperMemberus-gaap:CashEquivalentsMember2025-07-310001327567us-gaap:CashEquivalentsMember2025-07-310001327567us-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:InvestmentsMember2025-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:InvestmentsMember2025-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:InvestmentsMember2025-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:InvestmentsMember2025-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:InvestmentsMember2025-07-310001327567us-gaap:InvestmentsMember2025-07-310001327567us-gaap:CommercialPaperMemberus-gaap:CashEquivalentsMember2024-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:CashEquivalentsMember2024-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:CashEquivalentsMember2024-07-310001327567us-gaap:CashEquivalentsMember2024-07-310001327567us-gaap:CertificatesOfDepositMemberus-gaap:InvestmentsMember2024-07-310001327567us-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:InvestmentsMember2024-07-310001327567us-gaap:CorporateDebtSecuritiesMemberus-gaap:InvestmentsMember2024-07-310001327567us-gaap:USTreasuryAndGovernmentMemberus-gaap:InvestmentsMember2024-07-310001327567us-gaap:ForeignGovernmentDebtSecuritiesMemberus-gaap:InvestmentsMember2024-07-310001327567us-gaap:AssetBackedSecuritiesMemberus-gaap:InvestmentsMember2024-07-310001327567us-gaap:InvestmentsMember2024-07-310001327567us-gaap:MoneyMarketFundsMember2025-07-310001327567us-gaap:MoneyMarketFundsMember2024-07-310001327567panw:InternalCreditRiskRating1To4Member2025-07-310001327567panw:InternalCreditRiskRating1To4Member2024-07-310001327567panw:InternalCreditRiskRating5To6Member2025-07-310001327567panw:InternalCreditRiskRating5To6Member2024-07-310001327567panw:InternalCreditRiskRating7To10Member2025-07-310001327567panw:InternalCreditRiskRating7To10Member2024-07-310001327567us-gaap:CashFlowHedgingMember2025-07-310001327567us-gaap:CashFlowHedgingMember2024-07-310001327567us-gaap:NondesignatedMember2025-07-310001327567us-gaap:NondesignatedMember2024-07-310001327567panw:IBMsQRadarAssetsMember2024-08-312024-08-310001327567panw:IBMsQRadarAssetsMember2024-08-310001327567panw:IBMsQRadarAssetsMemberus-gaap:CustomerRelationshipsMember2024-08-312024-08-310001327567panw:IBMsQRadarAssetsMemberus-gaap:DevelopedTechnologyRightsMember2024-08-312024-08-3100013275672024-08-312024-08-310001327567panw:ProtectAIMember2025-07-222025-07-220001327567panw:ProtectAIMember2025-07-220001327567panw:ProtectAIMemberus-gaap:DevelopedTechnologyRightsMember2025-07-222025-07-220001327567panw:CyberArkSoftwareLtd.Member2025-07-300001327567panw:CyberArkSoftwareLtd.Member2025-07-302025-07-300001327567panw:CyberArkSoftwareLtd.Memberpanw:PaloAltoNetworksMember2025-07-300001327567panw:CyberArkSoftwareLtd.Memberpanw:CyberArkSoftwareLtd.Member2025-07-300001327567panw:DigSecuritySolutionsLtdMember2023-12-052023-12-050001327567panw:DigSecuritySolutionsLtdMemberpanw:ReplacementEquityAwardsMember2023-12-052023-12-050001327567panw:DigSecuritySolutionsLtdMemberus-gaap:RestrictedStockMember2023-12-052023-12-050001327567panw:DigSecuritySolutionsLtdMember2023-12-050001327567panw:DigSecuritySolutionsLtdMemberus-gaap:DevelopedTechnologyRightsMember2023-12-052023-12-050001327567panw:TalonCyberSecurityLtdMember2023-12-282023-12-280001327567panw:TalonCyberSecurityLtdMemberpanw:ReplacementEquityAwardsMember2023-12-282023-12-280001327567panw:TalonCyberSecurityLtdMemberus-gaap:RestrictedStockMember2023-12-282023-12-280001327567panw:TalonCyberSecurityLtdMember2023-12-280001327567panw:TalonCyberSecurityLtdMemberus-gaap:DevelopedTechnologyRightsMember2023-12-282023-12-280001327567panw:CiderSecurityLtdMember2022-12-202022-12-200001327567panw:CiderSecurityLtdMemberpanw:ReplacementEquityAwardsMember2022-12-202022-12-200001327567panw:CiderSecurityLtdMemberus-gaap:RestrictedStockMember2022-12-202022-12-200001327567panw:CiderSecurityLtdMember2022-12-200001327567panw:CiderSecurityLtdMemberus-gaap:DevelopedTechnologyRightsMember2022-12-202022-12-200001327567panw:UndisclosedAcquireeMember2023-04-012023-04-300001327567us-gaap:DevelopedTechnologyRightsMember2025-07-310001327567us-gaap:DevelopedTechnologyRightsMember2024-07-310001327567us-gaap:CustomerRelationshipsMember2025-07-310001327567us-gaap:CustomerRelationshipsMember2024-07-310001327567us-gaap:PatentsMember2025-07-310001327567us-gaap:PatentsMember2024-07-310001327567us-gaap:TrademarksAndTradeNamesMember2025-07-310001327567us-gaap:TrademarksAndTradeNamesMember2024-07-310001327567us-gaap:OtherIntangibleAssetsMember2025-07-310001327567us-gaap:OtherIntangibleAssetsMember2024-07-310001327567panw:ComputerEquipmentEquipmentandSoftwareandSoftwareDevelopmentCostsMember2025-07-310001327567panw:ComputerEquipmentEquipmentandSoftwareandSoftwareDevelopmentCostsMember2024-07-310001327567us-gaap:LeaseholdImprovementsMember2024-07-310001327567us-gaap:LandMember2025-07-310001327567us-gaap:LandMember2024-07-310001327567panw:DemonstrationunitsMember2025-07-310001327567panw:DemonstrationunitsMember2024-07-310001327567us-gaap:FurnitureAndFixturesMember2024-07-310001327567panw:A2023NotesMember2018-07-310001327567panw:A2025NotesMember2020-06-300001327567panw:A2023NotesMember2018-07-012018-07-310001327567panw:A2025NotesMember2020-06-012020-06-300001327567panw:A2025NotesMember2024-08-012025-07-310001327567panw:A2025NotesMember2023-08-012024-07-310001327567panw:A2025NotesMember2022-08-012023-07-310001327567panw:A2025NotesMember2025-07-310001327567panw:A2025NotesMember2024-07-310001327567panw:A2025NotesMemberus-gaap:FairValueInputsLevel2Member2024-07-310001327567panw:A2023NotesMember2024-08-012025-07-310001327567panw:A2023NotesMember2023-08-012024-07-310001327567panw:A2023NotesMember2022-08-012023-07-310001327567panw:A2023NotesMember2025-07-310001327567panw:A2023NotesMember2024-07-310001327567panw:A2023NotesMember2023-07-310001327567panw:A2025NotesMember2023-07-310001327567panw:A2023NoteHedgesMember2018-07-012018-07-310001327567panw:A2025NoteHedgesMember2020-06-012020-06-300001327567panw:A2023NoteHedgesMemberus-gaap:CommonStockMember2024-08-012025-07-310001327567panw:A2023NoteHedgesMemberus-gaap:CommonStockMember2023-08-012024-07-310001327567panw:A2023NoteHedgesMemberus-gaap:CommonStockMember2022-08-012023-07-310001327567panw:A2023WarrantsMember2018-07-310001327567panw:A2023WarrantsMember2018-07-012018-07-310001327567panw:A2025WarrantsMember2020-06-300001327567panw:A2025WarrantsMember2020-06-012020-06-300001327567panw:A2023WarrantsMember2023-08-012024-07-310001327567us-gaap:RevolvingCreditFacilityMember2023-04-130001327567us-gaap:RevolvingCreditFacilityMemberus-gaap:BaseRateMembersrt:MinimumMember2023-04-132023-04-130001327567us-gaap:RevolvingCreditFacilityMemberus-gaap:BaseRateMembersrt:MaximumMember2023-04-132023-04-130001327567us-gaap:RevolvingCreditFacilityMemberus-gaap:SecuredOvernightFinancingRateSofrMembersrt:MinimumMember2023-04-132023-04-130001327567us-gaap:RevolvingCreditFacilityMemberus-gaap:SecuredOvernightFinancingRateSofrMembersrt:MaximumMember2023-04-132023-04-130001327567us-gaap:RevolvingCreditFacilityMembersrt:MinimumMember2023-04-132023-04-130001327567us-gaap:RevolvingCreditFacilityMembersrt:MaximumMember2023-04-132023-04-130001327567us-gaap:RevolvingCreditFacilityMember2025-07-310001327567us-gaap:OperatingLeaseLeaseNotYetCommencedMember2025-07-310001327567srt:MinimumMember2025-07-310001327567srt:MaximumMember2025-07-310001327567panw:CloudMember2025-07-310001327567us-gaap:InventoriesMember2025-07-310001327567panw:OtherPurchaseObligationMember2025-07-310001327567panw:ServiceProviderPurchaseCommitmentMember2024-08-012025-07-3100013275672020-01-3100013275672020-01-012020-01-3100013275672024-01-222024-01-2200013275672024-01-3100013275672024-10-032024-10-0300013275672024-10-0300013275672019-02-2800013275672022-08-3000013275672023-11-3000013275672024-08-310001327567us-gaap:RestrictedStockUnitsRSUMembersrt:MaximumMemberpanw:A2021EquityIncentivePlanMember2024-08-012025-07-310001327567panw:PerformanceStockUnitsPSUsMembersrt:MinimumMemberpanw:A2021EquityIncentivePlanMember2024-08-012025-07-310001327567panw:PerformanceStockUnitsPSUsMembersrt:MaximumMemberpanw:A2021EquityIncentivePlanMember2024-08-012025-07-310001327567panw:MarketConditionStockPriceTargetsMemberpanw:PerformanceStockUnitsPSUsSubjectToServiceAndMarketConditionsMemberus-gaap:ShareBasedCompensationAwardTrancheOneMemberpanw:A2021EquityIncentivePlanMember2022-08-012023-07-310001327567panw:MarketConditionStockPriceTargetsMemberpanw:PerformanceStockUnitsPSUsSubjectToServiceAndMarketConditionsMemberus-gaap:ShareBasedCompensationAwardTrancheTwoMemberpanw:A2021EquityIncentivePlanMember2022-08-012023-07-310001327567panw:MarketConditionStockPriceTargetsMemberpanw:PerformanceStockUnitsPSUsSubjectToServiceAndMarketConditionsMemberus-gaap:ShareBasedCompensationAwardTrancheThreeMemberpanw:A2021EquityIncentivePlanMember2022-08-012023-07-310001327567panw:MarketConditionStockPriceTargetsMemberpanw:PerformanceStockUnitsPSUsSubjectToServiceAndMarketConditionsMemberpanw:ShareBasedPaymentArrangementTrancheFourMemberpanw:A2021EquityIncentivePlanMember2022-08-012023-07-310001327567panw:MarketConditionStockPriceTargetsMemberpanw:PerformanceStockUnitsPSUsSubjectToServiceAndMarketConditionsMemberpanw:A2021EquityIncentivePlanMember2022-08-012023-07-310001327567panw:MarketConditionStockPriceTargetsMemberpanw:PerformanceStockUnitsPSUsSubjectToServiceAndMarketConditionsMembersrt:MinimumMemberpanw:A2021EquityIncentivePlanMember2022-08-012023-07-310001327567panw:MarketConditionStockPriceTargetsMemberpanw:PerformanceStockUnitsPSUsSubjectToServiceAndMarketConditionsMembersrt:MaximumMemberpanw:A2021EquityIncentivePlanMember2022-08-012023-07-310001327567panw:MarketConditionTotalShareholderReturnVsStandardPoors500IndexMemberpanw:PerformanceStockUnitsPSUsSubjectToServiceAndMarketConditionsMemberpanw:A2021EquityIncentivePlanMember2022-08-012023-07-310001327567panw:A2021EquityIncentivePlanMemberpanw:PerformanceStockUnitsPSUsSubjectToServicePerformanceAndMarketConditionsMember2024-08-012025-07-310001327567panw:A2021EquityIncentivePlanMemberpanw:PerformanceStockUnitsPSUsSubjectToServicePerformanceAndMarketConditionsMember2023-08-012024-07-310001327567panw:A2021EquityIncentivePlanMemberpanw:PerformanceStockUnitsPSUsSubjectToServicePerformanceAndMarketConditionsMember2022-08-012023-07-310001327567panw:PerformanceStockUnitsPSUsSubjectToServicePerformanceAndMarketConditionsMembersrt:MinimumMemberpanw:A2021EquityIncentivePlanMember2024-08-012025-07-310001327567panw:PerformanceStockUnitsPSUsSubjectToServicePerformanceAndMarketConditionsMembersrt:MaximumMemberpanw:A2021EquityIncentivePlanMember2024-08-012025-07-310001327567panw:A2021EquityIncentivePlanMemberpanw:PerformanceStockUnitsPSUsSubjectToServicePerformanceAndMarketConditionsMember2025-07-310001327567panw:PerformanceStockOptionsMemberus-gaap:ShareBasedCompensationAwardTrancheOneMemberpanw:A2021EquityIncentivePlanMember2017-08-012019-07-310001327567panw:PerformanceStockOptionsMemberus-gaap:ShareBasedCompensationAwardTrancheTwoMemberpanw:A2021EquityIncentivePlanMember2017-08-012019-07-310001327567panw:PerformanceStockOptionsMemberus-gaap:ShareBasedCompensationAwardTrancheThreeMemberpanw:A2021EquityIncentivePlanMember2017-08-012019-07-310001327567panw:PerformanceStockOptionsMemberpanw:ShareBasedPaymentArrangementTrancheFourMemberpanw:A2021EquityIncentivePlanMember2017-08-012019-07-310001327567panw:A2021EquityIncentivePlanMemberpanw:PerformanceStockOptionsMember2017-08-012019-07-310001327567panw:A2021EquityIncentivePlanMember2025-07-310001327567panw:A2012EmployeeStockPurchasePlanMemberus-gaap:EmployeeStockMember2017-08-282017-08-280001327567panw:A2012EmployeeStockPurchasePlanMemberus-gaap:EmployeeStockMember2017-08-292017-08-290001327567panw:A2012EmployeeStockPurchasePlanMemberus-gaap:EmployeeStockMember2024-08-012025-07-310001327567panw:A2012EmployeeStockPurchasePlanMemberus-gaap:EmployeeStockMember2025-07-310001327567panw:A2012EmployeeStockPurchasePlanMemberus-gaap:EmployeeStockMember2023-08-012024-07-310001327567panw:A2012EmployeeStockPurchasePlanMemberus-gaap:EmployeeStockMember2022-08-012023-07-310001327567panw:A2012EmployeeStockPurchasePlanMemberus-gaap:EmployeeStockMember2024-07-310001327567panw:A2012EmployeeStockPurchasePlanMemberus-gaap:EmployeeStockMember2023-07-310001327567us-gaap:EmployeeStockMembersrt:MaximumMemberpanw:A2012EmployeeStockPurchasePlanMember2025-07-310001327567us-gaap:EmployeeStockOptionMember2022-07-310001327567us-gaap:EmployeeStockOptionMember2021-08-012022-07-310001327567panw:PerformanceStockOptionsMember2022-07-310001327567panw:PerformanceStockOptionsMember2021-08-012022-07-310001327567us-gaap:EmployeeStockOptionMember2022-08-012023-07-310001327567panw:PerformanceStockOptionsMember2022-08-012023-07-310001327567us-gaap:EmployeeStockOptionMember2023-07-310001327567panw:PerformanceStockOptionsMember2023-07-310001327567us-gaap:EmployeeStockOptionMember2023-08-012024-07-310001327567panw:PerformanceStockOptionsMember2023-08-012024-07-310001327567us-gaap:EmployeeStockOptionMember2024-07-310001327567panw:PerformanceStockOptionsMember2024-07-310001327567us-gaap:EmployeeStockOptionMember2024-08-012025-07-310001327567panw:PerformanceStockOptionsMember2024-08-012025-07-310001327567us-gaap:EmployeeStockOptionMember2025-07-310001327567panw:PerformanceStockOptionsMember2025-07-310001327567us-gaap:RestrictedStockUnitsRSUMember2022-07-310001327567panw:PerformanceStockUnitsPSUsMember2022-07-310001327567us-gaap:RestrictedStockUnitsRSUMember2022-08-012023-07-310001327567panw:PerformanceStockUnitsPSUsMember2022-08-012023-07-310001327567us-gaap:RestrictedStockUnitsRSUMember2023-07-310001327567panw:PerformanceStockUnitsPSUsMember2023-07-310001327567us-gaap:RestrictedStockUnitsRSUMember2023-08-012024-07-310001327567panw:PerformanceStockUnitsPSUsMember2023-08-012024-07-310001327567us-gaap:RestrictedStockUnitsRSUMember2024-07-310001327567panw:PerformanceStockUnitsPSUsMember2024-07-310001327567us-gaap:RestrictedStockUnitsRSUMember2024-08-012025-07-310001327567panw:PerformanceStockUnitsPSUsMember2024-08-012025-07-310001327567us-gaap:RestrictedStockUnitsRSUMember2025-07-310001327567panw:PerformanceStockUnitsPSUsMember2025-07-310001327567srt:MinimumMemberpanw:PerformanceStockUnitsPSUsSubjectToServicePerformanceAndMarketConditionsMember2024-08-012025-07-310001327567srt:MaximumMemberpanw:PerformanceStockUnitsPSUsSubjectToServicePerformanceAndMarketConditionsMember2024-08-012025-07-310001327567srt:MinimumMemberpanw:PerformanceStockUnitsPSUsSubjectToServicePerformanceAndMarketConditionsMember2023-08-012024-07-310001327567srt:MaximumMemberpanw:PerformanceStockUnitsPSUsSubjectToServicePerformanceAndMarketConditionsMember2023-08-012024-07-310001327567srt:MinimumMemberpanw:PerformanceStockUnitsPSUsSubjectToServicePerformanceAndMarketConditionsMember2022-08-012023-07-310001327567srt:MaximumMemberpanw:PerformanceStockUnitsPSUsSubjectToServicePerformanceAndMarketConditionsMember2022-08-012023-07-310001327567panw:PerformanceStockUnitsPSUsSubjectToServicePerformanceAndMarketConditionsMember2024-08-012025-07-310001327567panw:PerformanceStockUnitsPSUsSubjectToServicePerformanceAndMarketConditionsMember2023-08-012024-07-310001327567panw:PerformanceStockUnitsPSUsSubjectToServicePerformanceAndMarketConditionsMember2022-08-012023-07-310001327567us-gaap:EmployeeStockMember2024-08-012025-07-310001327567us-gaap:EmployeeStockMember2023-08-012024-07-310001327567us-gaap:EmployeeStockMember2022-08-012023-07-310001327567srt:MinimumMemberus-gaap:EmployeeStockMember2024-08-012025-07-310001327567srt:MaximumMemberus-gaap:EmployeeStockMember2024-08-012025-07-310001327567srt:MinimumMemberus-gaap:EmployeeStockMember2023-08-012024-07-310001327567srt:MaximumMemberus-gaap:EmployeeStockMember2023-08-012024-07-310001327567srt:MinimumMemberus-gaap:EmployeeStockMember2022-08-012023-07-310001327567srt:MaximumMemberus-gaap:EmployeeStockMember2022-08-012023-07-310001327567us-gaap:ProductMemberus-gaap:CostOfSalesMember2024-08-012025-07-310001327567us-gaap:ProductMemberus-gaap:CostOfSalesMember2023-08-012024-07-310001327567us-gaap:ProductMemberus-gaap:CostOfSalesMember2022-08-012023-07-310001327567us-gaap:ServiceMemberus-gaap:CostOfSalesMember2024-08-012025-07-310001327567us-gaap:ServiceMemberus-gaap:CostOfSalesMember2023-08-012024-07-310001327567us-gaap:ServiceMemberus-gaap:CostOfSalesMember2022-08-012023-07-310001327567us-gaap:ResearchAndDevelopmentExpenseMember2024-08-012025-07-310001327567us-gaap:ResearchAndDevelopmentExpenseMember2023-08-012024-07-310001327567us-gaap:ResearchAndDevelopmentExpenseMember2022-08-012023-07-310001327567us-gaap:SellingAndMarketingExpenseMember2024-08-012025-07-310001327567us-gaap:SellingAndMarketingExpenseMember2023-08-012024-07-310001327567us-gaap:SellingAndMarketingExpenseMember2022-08-012023-07-310001327567us-gaap:GeneralAndAdministrativeExpenseMember2024-08-012025-07-310001327567us-gaap:GeneralAndAdministrativeExpenseMember2023-08-012024-07-310001327567us-gaap:GeneralAndAdministrativeExpenseMember2022-08-012023-07-310001327567panw:PerformanceStockOptionsMemberus-gaap:ShareBasedCompensationAwardTrancheTwoMemberpanw:A2021EquityIncentivePlanMember2019-08-012020-07-310001327567panw:PerformanceStockOptionsMemberpanw:ShareBasedPaymentArrangementTrancheFourMemberpanw:A2021EquityIncentivePlanMember2019-08-012020-07-310001327567panw:PerformanceStockOptionsMemberus-gaap:ShareBasedCompensationAwardTrancheOneMemberpanw:A2021EquityIncentivePlanMember2019-08-012020-07-310001327567panw:PerformanceStockOptionsMemberus-gaap:ShareBasedCompensationAwardTrancheThreeMemberpanw:A2021EquityIncentivePlanMember2019-08-012020-07-310001327567panw:A2021EquityIncentivePlanMemberpanw:PerformanceStockOptionsMember2018-08-012019-07-310001327567us-gaap:InternalRevenueServiceIRSMember2025-07-310001327567us-gaap:StateAndLocalJurisdictionMember2025-07-310001327567us-gaap:ForeignCountryMember2025-07-310001327567us-gaap:InternalRevenueServiceIRSMemberus-gaap:ResearchMember2025-07-310001327567us-gaap:StateAndLocalJurisdictionMemberus-gaap:ResearchMember2025-07-310001327567panw:RestrictedStockUnitsRSUsandPerformanceStockUnitsPSUsMember2024-08-012025-07-310001327567panw:RestrictedStockUnitsRSUsandPerformanceStockUnitsPSUsMember2023-08-012024-07-310001327567panw:RestrictedStockUnitsRSUsandPerformanceStockUnitsPSUsMember2022-08-012023-07-310001327567country:US2025-07-310001327567country:US2024-07-310001327567country:IL2025-07-310001327567country:IL2024-07-310001327567panw:CountriesExcludingUnitedStatesAndIsraelMember2025-07-310001327567panw:CountriesExcludingUnitedStatesAndIsraelMember2024-07-310001327567panw:NikeshAroraMember2025-05-012025-07-310001327567panw:NikeshAroraMember2025-07-3100013275672025-05-012025-07-31
UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
_____________________
FORM 10-K
_____________________
(Mark One)
☒ ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
For the fiscal year ended July 31, 2025
or
☐ TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
For the transition period from to
Commission File Number 001-35594
Palo Alto Networks, Inc.
(Exact name of registrant as specified in its charter)
| | | | | |
| Delaware | 20-2530195 |
(State or other jurisdiction of incorporation or organization) | (I.R.S. Employer Identification No.) |
|
3000 Tannery Way
Santa Clara, California 95054
(Address of principal executive offices, including zip code)
(408) 753-4000
(Registrant’s telephone number, including area code)
Securities registered pursuant to Section 12(b) of the Act:
| | | | | | | | | | | | | | |
| Title of each class | | Trading Symbol(s) | | Name of each exchange on which registered |
| Common stock, $0.0001 par value per share | | PANW | | The Nasdaq Stock Market LLC (Nasdaq Global Select Market) |
Securities registered pursuant to Section 12(g) of the Act:
None
Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Yes ☒ No ☐
Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act. Yes ☐ No ☒
Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes ☒ No ☐
Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files). Yes ☒ No ☐
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Exchange Act.
| | | | | | | | | | | |
| Large accelerated filer | ☒ | Accelerated filer | ☐ |
| Non-accelerated filer | ☐ | Smaller reporting company | ☐ |
| | Emerging growth company | ☐ |
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ☐
Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report. ☒
If securities are registered pursuant to Section 12(b) of the Act, indicate by check mark whether the financial statements of the registrant included in the filing reflect the correction of an error to previously issued financial statements. ☐
Indicate by check mark whether any of those error corrections are restatements that required a recovery analysis of incentive-based compensation received by any of the registrant’s executive officers during the relevant recovery period pursuant to §240.10D-1(b). ☐
Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Act). Yes ☐ No ☒
The aggregate market value of voting stock held by non-affiliates of the registrant was approximately $119.7 billion as of January 31, 2025, the last business day of the registrant’s most recently completed second fiscal quarter (based on the closing sales price for the common stock on the Nasdaq Global Select Market on such date). Shares of common stock held by each executive officer and director have been excluded in that such persons may be deemed to be affiliates. This determination of affiliate status is not necessarily a conclusive determination for other purposes.
On August 18, 2025, 668.9 million shares of the registrant’s common stock, $0.0001 par value, were outstanding.
DOCUMENTS INCORPORATED BY REFERENCE
Portions of the information called for by Part III of this Annual Report on Form 10-K is hereby incorporated by reference from the definitive proxy statement for the registrant’s 2025 annual meeting of stockholders, which will be filed with the Securities and Exchange Commission not later than 120 days after the registrant’s fiscal year ended July 31, 2025.
Table Of Contents
| | | | | | | | |
| | Page |
| PART I | |
Item 1. | | |
Item 1A. | | |
Item 1B. | | |
Item 1C. | | |
Item 2. | | |
Item 3. | | |
Item 4. | | |
| | |
| PART II | |
Item 5. | | |
Item 6. | | |
Item 7. | | |
Item 7A. | | |
Item 8. | | |
Item 9. | | |
Item 9A. | | |
Item 9B. | | |
Item 9C. | | |
| | |
| PART III | |
Item 10. | | |
Item 11. | | |
Item 12. | | |
Item 13. | | |
Item 14. | | |
| | |
| PART IV | |
Item 15. | | |
Item 16. | | |
| | |
Part I
SPECIAL NOTE REGARDING FORWARD-LOOKING STATEMENTS
This Annual Report on Form 10-K, including, without limitation, the sections entitled “Business,” “Risk Factors,” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. Forward-looking statements generally can be identified by words such as “anticipate,” “believe,” “continue,” “could,” “estimate,” “expect,” “intend,” “may,” “plan,” “potentially,” “projects,” “will,” “will be,” “will continue,” “will likely result,” “would,” and similar expressions that convey uncertainty of future events or outcomes.
These forward-looking statements include, but are not limited to, statements concerning the following:
•expectations regarding the cybersecurity landscape;
•expectations regarding our platformization strategy and related progress and opportunities;
•expectations regarding annual recurring revenue, remaining performance obligations, and product development strategy;
•expectations regarding artificial intelligence;
•expectations regarding our strategic partnerships;
•expectations regarding drivers of and factors affecting growth in our business;
•statements regarding expected profitability, trends in annual recurring revenue, trends in remaining performance obligations, our mix of product and subscription and support revenue, cost of revenue, gross margin, cash flows, operating expenses, including future share-based compensation expense, income taxes, investment plans, and liquidity;
•expected recurring revenues resulting from growth in our end-customers and increased adoption of our products and cloud-delivered security solutions;
•the performance advantages of our products and subscription and support offerings and the potential benefits to our customers;
•expectations regarding future investments in research and development and product development, customer support, in our employees and in our sales force, including expectations regarding growth in our sales headcount;
•expectations that we will continue to expand our global presence;
•expectations regarding our revenues, including the seasonality and cyclicality from quarter to quarter;
•expectations relating to our customer financing activities;
•the sufficiency of our cash flow from operations with existing cash, cash equivalents, and investments to meet our cash needs for the foreseeable future;
•our ability to successfully acquire and integrate companies and assets and expectations and intentions with respect to the assets, products and technologies that we acquire, including with respect to our proposed acquisition of CyberArk Software Ltd. and our expectations regarding the benefits and synergies of the proposed acquisition;
•our ability to complete, on a timely basis, or at all, announced transactions, including our proposed acquisition of CyberArk Software Ltd.;
•expectations regarding contingent consideration obligations;
•the timing and amount of capital expenditures and share repurchases;
•the effects of worldwide economic and geopolitical conditions, including but not limited to hostilities in Israel and the surrounding regions, inflation, tariff rates, interest rate levels, public or administration policies, trade regulations, trade policy, growth rates and other conditions, on our operating and financial results and performance;
•the manufacture, delivery and cost of certain of our products;
•the effects of litigation or regulatory developments involving us or affecting our industry; and
•other statements regarding our future operations, financial condition and prospects, and business strategies.
These forward-looking statements are based on current expectations and assumptions that are subject to risks and uncertainties, including those described in “Risk Factors” included in Part I, Item 1A and elsewhere in this Annual Report on Form 10-K. Moreover, we operate in a very competitive and rapidly changing environment, and new risks emerge from time to time. It is not possible for our management to predict all risks, nor can we assess the impact of all factors on our business or the extent to which any factor, or combination of factors, may cause actual results to differ materially from those contained in any forward-looking statements we may make. In light of these risks, uncertainties, and assumptions, the forward-looking events and circumstances discussed in this Annual Report on Form 10-K may not occur, and actual results could differ materially and adversely from those anticipated or implied in the forward-looking statements. We undertake no obligation to revise or publicly release the results of any revision to these forward-looking statements, except as required by law. Given these risks and uncertainties, readers are cautioned not to place undue reliance on such forward-looking statements.
Item 1. Business
General
Palo Alto Networks, Inc. is a global cybersecurity provider and our vision is a world where each day is safer and more secure than the one before. We were incorporated in 2005 and are headquartered in Santa Clara, California.
Our mission is to be the cybersecurity partner of choice for enterprises, organizations, service providers, and government entities to protect our digital way of life. Our cybersecurity platforms and services help secure enterprise users, networks, clouds, and endpoints by delivering comprehensive cybersecurity backed by artificial intelligence (“AI”) and automation. A key element of our strategy is to help our customers simplify their security architectures through consolidating disparate point products. We execute on this strategy by developing our capabilities and packaging our offerings into platforms which are able to cover many of our customers’ needs in the markets in which we operate. Our platformization strategy combines various products and services into a tightly integrated architecture for more secure, faster, and cost-effective outcomes.
Network Security
Our network security platform is designed to deliver complete zero trust solutions to our customers. The platform includes:
•Secure Access Service Edge (“SASE”). Prisma® Access, when combined with Prisma SD-WAN, provides a comprehensive single-vendor SASE offering that is used to secure remote workforces and cloud-delivered branch offices. Prisma Access Browser further extends SASE security and data protection to the end user device, providing workers with freedom to access business applications securely using our secure browser from any device.
•Next-Generation Firewalls. Our hardware ML-Powered Next-Generation Firewalls (“NGFWs”) secure on-premises environments including campus locations and data centers. Our software NGFWs secure cloud networks.
•Cloud-Delivered Security Services (“CDSS”). Our network security platform integrates a suite of CDSS that complements our SASE and Firewall solutions. These include Advanced Threat Prevention, Advanced WildFire®, Advanced URL Filtering, Advanced DNS Security, IoT/OT Security, GlobalProtect®, Prisma Access Agent, Enterprise Data Loss Prevention (“Enterprise DLP”), AI for IT Operations (“AIOps”), Software as a Service (“SaaS”) Security, and AI Access Security. Through these add-on services, our customers are able to secure their content, applications, users, and devices across their entire organization.
•Prisma AIRS. Prisma AIRS is a comprehensive AI security platform that has been designed to protect customers’ entire AI ecosystem by providing AI model scanning, posture management, red teaming, run-time security, and AI agent security.
•Strata Cloud Manager (“SCM”). SCM, our network security management solution, centrally manages network security across all remote workers, branches, headquarters, campuses, and cloud. SCM leverages AI to simplify and strengthen network security by enabling customers to proactively pinpoint vulnerabilities, gain real-time remediation recommendations, and enhance overall digital experiences, thereby reducing operational burden. This comprehensive solution includes Strata Copilot, which offers a natural language interface for enhanced insights and guided remediation, and integrates Autonomous Digital Experience Monitoring (“ADEM”) to proactively maintain infrastructure health, facilitate AI-driven one-click troubleshooting, and ensure seamless end-user performance across the enterprise.
Security Operations
Our AI-powered Cortex platform transforms end-to-end security operations with unified data, AI, and automation for more secure, faster, and cost effective outcomes. We have consolidated our industry-leading Security Operations and Cloud Security capabilities on a single comprehensive platform to provide centralized visibility, proactive protection, real-time prevention, AI-driven insights, and automated remediation across enterprise and cloud.
•Security Operations. We deliver the next generation of security operations capabilities that unifies standalone Security Information and Event Management (“SIEM”) tools, endpoint security, security automation, cloud detection and response (“CDR”), as well as attack surface management (“ASM”) capabilities on our Cortex® platform. These include Cortex XSIAM®, for AI-powered security operations replacing traditional SIEM tools, Cortex XDR®, for the prevention, detection, and response to complex cybersecurity attacks, Cortex XSOAR®, for security orchestration, automation, and response (“SOAR”), and Cortex Xpanse®, for ASM.
•Cloud Security. We deliver comprehensive security across the cloud application development lifecycle through Cortex Cloud, delivered as a scalable SaaS offering. As a comprehensive Cloud Native Application Protection Platform (“CNAPP”) combined with CDR, Cortex Cloud secures multi- and hybrid-cloud environments for applications, data, generative AI (“GenAI”) ecosystem, and the cloud native technology stack across the full development lifecycle, from code to cloud to security operations. As part of the Cortex Cloud platform, customers can expand from Cortex Cloud to our security operations offerings available on a single user experience and unified agent. We also offer our VM-Series and CN-Series virtual firewalls for inline network security on multi- and hybrid-cloud environments.
Threat Intelligence and Advisory Services
•Unit 42® brings together world-renowned expertise across threat research, incident response, and security consulting to deliver intelligence-driven, response-ready outcomes that help customers reduce cyber risk. Our elite consultants serve as trusted advisors to our customers by assessing and testing their security controls against sophisticated threats, transforming their security strategy with a threat-informed approach, and responding to security incidents on behalf of our clients. Additionally, Unit 42 offers managed detection and response (“MDR”) and managed threat hunting services.
Products and Services
NETWORK SECURITY
Secure Access Service Edge
•Prisma Access. Prisma Access is a cloud-delivered security offering that helps organizations deliver consistent AI-driven security to remote networks and mobile users. With more than 100 locations around the world, Prisma Access offers global coverage, consistently inspecting all traffic across all ports and providing bidirectional networking to enable branch-to-branch and branch-to-headquarter traffic. Prisma Access consolidates point products into a single cloud-delivered solution, transforming network security and allowing organizations to enable secure hybrid work. Prisma Access protects all application traffic with complete, best-in-class security while also delivering a seamless user experience with industry-leading service-level agreements (“SLA”s). With native SASE integration, Prisma Access Browser extends Zero Trust to any device—managed or unmanaged—in minutes. Prisma Access delivers seamless user experience with a combination of application acceleration—up to 5x faster than direct-to-internet—and Autonomous Digital Experience Management.
•Prisma SD-WAN. Our Prisma SD-WAN solution is a next-generation SD-WAN solution that makes the secure cloud-delivered branch possible. Prisma SD-WAN enables organizations to replace traditional wide area network (“WAN”) architectures with affordable broadband and internet transport types that promote improved bandwidth availability, redundancy and performance at a reduced cost. Prisma SD-WAN leverages real-time application performance SLAs and visibility to control and intelligently steer application traffic to deliver a powerful user experience. Prisma SD-WAN also provides the flexibility of deploying with an on-premises controller to help businesses meet their industry-specific security compliance requirements and manage deployments with application-defined policies. Our Prisma SD-WAN simplifies network and security operations using AI and automation.
Next-Generation Firewalls. Our hardware and software ML-Powered Next Generation Firewalls use AI—including machine learning and deep learning—to stop zero-day threats in real time, and detect and secure the entire enterprise including Internet of Things (“IoT”). All of our hardware and software firewalls incorporate the PAN-OS® operating system and include the same rich set of features, ensuring consistent operation across our entire product line. This includes SD-WAN capabilities to intelligently steer traffic to data centers, branches, and the cloud, natively integrated into our Next-Generation Firewalls. Enterprise data, applications, users, and devices become integral components of an organization’s security policy. Our hardware and software are designed for different performance requirements throughout an organization—with the ability to secure everything from small businesses and branch offices, to large-scale data centers and service providers. Our firewalls come in hardware form factors, containerized form factors, called CN-Series, as well as virtual form factors, called VM-Series, available on all major cloud hosting service providers. We also offer Cloud NGFW, a managed NGFW offering, to secure customers’ applications on Amazon Web Services (“AWS”) and Microsoft Azure (“Azure”).
Cloud-Delivered Security Services
•Advanced Threat Prevention. This cloud-delivered security service provides intrusion detection and prevention capabilities and blocks vulnerability exploits, viruses, spyware, buffer overflows, denial-of-service attacks, and port scans from compromising and damaging enterprise information resources. In addition, we offer inline deep learning to deliver real-time detection and prevention of unknown, evasive, and targeted command-and-control (“C2”) communications over HTTP, unknown-TCP, unknown-UDP, and encrypted over SSL. Advanced Threat Prevention is the industry’s only offering to protect the enterprise from unknown command and control in real-time with the power of Precision AITM.
•Advanced WildFire. This cloud-delivered security service provides protection against targeted malware and advanced persistent threats and provides a near real-time analysis engine for detecting previously unseen malware while resisting attacker evasion techniques. Advanced WildFire combines dynamic and static analysis, recursive analysis, and a custom-built analysis environment with network traffic profiling and fileless attack detection to discover even the most sophisticated and evasive threats. Preventions are delivered in seconds to our network security platform.
•Advanced URL Filtering. This cloud-delivered security service offers the industry’s first Inline Deep Learning powered web protection engine. We deliver real-time detection and prevention of unknown, evasive, and targeted web-based threats, such as phishing. In addition, the service includes a cloud-based URL filtering database which consists of millions of URLs across many categories and is designed to analyze web traffic and prevent web-based threats, such as phishing, malware, and C2.
•Advanced DNS Security. This cloud-delivered security service uses machine learning to proactively block malicious domains and stop attacks in progress. The service allows our network security platform access to Domain Name System (“DNS”) signatures that are generated using advanced predictive analysis, machine learning, and malicious domain data from a growing threat intelligence sharing community of which we are a part of. We offer comprehensive DNS attack coverage and include industry-first protections against multiple emerging DNS-based network attacks, including real-time analysis of DNS response to prevent DNS hijacking.
•IoT/OT Security. This cloud-delivered security service uses machine learning to accurately identify and classify various IoT and operational technology (“OT”) devices, including never-been-seen-before devices, mission-critical OT devices, and unmanaged legacy systems. The service uses machine learning to baseline normal behavior, identify anomalous activity, assess risk, and provide policy recommendations.
•SaaS Security API. SaaS Security API is a multi-mode, cloud access security broker (“CASB”) that helps govern sanctioned SaaS application usage across all users and helps prevent breaches and non-compliance. Specifically, the service enables the discovery and classification of data stored in supported SaaS applications, protects sensitive data from accidental exposure, identifies and protects against known and unknown malware, and performs user activity monitoring to identify potential misuse or data exfiltration. The solution can be combined with SaaS Security Inline for a complete integrated CASB.
•SaaS Security Inline. SaaS Security Inline adds an inline service to automatically gain visibility and control over thousands of known and newly sanctioned, unsanctioned and tolerated SaaS applications in use within organizations today. The service provides enterprise data protection and compliance across all SaaS applications and prevents cloud threats in real time. The solution can be combined with SaaS Security API as a complete integrated CASB.
•GlobalProtect. This subscription provides protection for users of both traditional laptop and mobile devices. It expands the boundaries of the end-users’ physical network, effectively establishing a logical perimeter that encompasses remote laptop and mobile device users irrespective of their location. Regardless of the operating system, laptops, tablets, and phones will stay connected to the corporate network when they are on a network of any kind and as a result, are protected as if they never left the corporate campus.
•Prisma Access Agent. Prisma Access Agent provides secure, remote access to corporate resources for employees working from any location or device. The agent establishes an encrypted tunnel to Prisma Access or our NGFW, ensuring consistent security, data protection, and threat prevention for a distributed workforce accessing any application.
•Enterprise DLP. This cloud-delivered security service provides consistent and reliable protection of sensitive data, such as personally identifiable information and intellectual property, for all traffic types, applications, and users. Native integration with our products makes the service simple to deploy, while advanced machine learning minimizes management complexity. Enterprise DLP allows organizations to consistently discover, classify, monitor, and protect sensitive data, wherever it may reside.
•AI Access Security. AI Access Security classifies and prioritizes GenAI applications to assess risk, detect anomalies and visualize insights across multiple GenAI-specific attributes. The service prevents sensitive data loss and defends against malicious responses, ensuring safe and effective AI adoption.
•AIOps. AIOps enables security teams to proactively strengthen security posture and resolve network disruptions. AIOps provides continuous best practice recommendations powered by machine learning based on industry standards, security policy context, and advanced telemetry data collected from our network security customers to improve security posture. The service also intelligently predicts health, performance, and capacity problems up to seven days in advance and provides actionable insights to resolve the predicted disruptions.
Prisma AIRS. Prisma AIRS is a comprehensive AI security platform engineered to protect customers' entire AI ecosystem across its lifecycle. It addresses unique AI security challenges such as prompt injection, data poisoning, and sensitive data leakage, by providing deep visibility and control across AI models, data, and applications. The platform offers AI Model Scanning for vulnerabilities, Posture Management for secure configurations, and AI Red Teaming for proactive testing. Critically, Runtime Security prevents threats during live AI model execution, while AI Agent Security extends protection to autonomous AI agents.
Strata Cloud Manager. SCM enables our customers to easily manage their Palo Alto Networks’ Network Security infrastructure—including NGFWs and SASE deployments—from the cloud, via one unified management interface. As an AI-powered, unified cloud management solution, SCM enables organizations to enhance their network security posture and streamline operations. It utilizes AI to swiftly identify potential vulnerabilities, provide real-time recommendations for remediation, proactively address support needs, and improve overall digital experiences, leading to reduced operational overhead and improved speed, accuracy, and scale of support. By analyzing telemetry, historical data, and its diverse knowledge base, SCM can instantly answer questions, pinpoint solutions to known problems, and automate data collection to speed up assisted support for new challenges. Built into this robust solution are Strata Copilot, offering a natural language interface for intuitive insights and guided actions, and ADEM, designed for proactive infrastructure health, simplified troubleshooting, and consistent end-user performance across the network.
Panorama. Panorama is used for centralized policy management, device management, software licensing and updates, centralized logging and reporting, and log storage. Many of our existing deployments continue to use Panorama as the security management solution. New deployments benefit from using SCM for managing network security estate—including our Next-Generation Firewalls and SASE—with a cloud-based, unified management interface.
SECURITY OPERATIONS
•Cortex XSIAM. Our cloud-based AI-powered security operations platform harnesses the power of AI to significantly improve security outcomes and transform security operations. Cortex XSIAM customers are able to consolidate multiple products into a single unified platform that delivers security information and event management, extended detection and response (“XDR”), SOAR, network traffic analysis, ASM, threat intelligence management (“TIM”), identity threat detection and response, and CDR. CDR is the latest addition to Cortex XSIAM and XDR that addresses the growing need for security teams to respond to cloud threats with purpose-built SOC tools that seamlessly integrate with their security programs. Cortex XSIAM integrates these capabilities into a single platform built for security operations, enabling organizations to simplify operations, stop threats at scale, and accelerate incident remediation. Cortex XSIAM automates data integration, analysis, and triage to respond to most alerts, enabling analysts to focus on only the incidents that require human intervention.
•Cortex XDR. This cloud-based service enables organizations to collect telemetry from endpoint, network, identity and cloud data sources and apply advanced analytics and machine learning, to quickly find and stop targeted attacks, insider abuse, and compromised endpoints. Cortex XDR has two product tiers: XDR Prevent and XDR Pro. XDR Prevent delivers enterprise-class endpoint security focused on preventing attacks. XDR Pro extends endpoint detection and response (“EDR”) to include cross-data analytics for network, cloud, and identity data. Going beyond EDR, Cortex XDR detects the most complex threats using analytics across key data sources and reveals the root cause, which can significantly reduce investigation time as compared to siloed tools and manual processes.
•Cortex XSOAR. Available as a stand-alone cloud-based service, an on-premises virtual appliance, or delivered natively through Cortex XSIAM, Cortex XSOAR is a comprehensive SOAR offering that unifies playbook automation, case management, real-time collaboration, and threat intelligence management to serve security teams across the incident lifecycle. With Cortex XSOAR, security teams can standardize processes, automate repeatable tasks, and manage incidents across their security product stack to improve response time and analyst productivity. Cortex XSOAR learns from the real-life analyst interactions and past investigations to help SOC teams with analyst assignment suggestions, playbook enhancements, and best next steps for investigations. Many of our customers see significantly faster SOC response times and a significant reduction in the number of SOC alerts which require human intervention.
•Cortex Xpanse. Available as a stand-alone cloud-based service and a cloud-based subscription module within Cortex XSIAM, Cortex Xpanse provides ASM, which is the ability for an organization to identify what an attacker would see among all of its sanctioned and unsanctioned Internet-facing assets. In addition, Cortex Xpanse detects risky or out-of-policy communications between Internet-connected assets that can be exploited for data breaches or ransomware attacks. Cortex Xpanse continuously identifies Internet assets, risky services, or misconfigurations in third parties to help secure a supply chain or identify risks for mergers and acquisitions due diligence. Finally, compliance teams use Cortex Xpanse to improve their audit processes and stay in compliance by assessing their access controls against regulatory frameworks.
•Cortex Cloud. Available as a stand-alone cloud-based service or an add-on to Cortex XDR or to Cortex XSIAM. Cortex Cloud, the next generation of Prisma Cloud, merges CNAPP with CDR for real-time cloud security. The solution allows you to harness the power of AI and automation to prioritize cloud risks with runtime context, enable remediation at scale, and stop attacks as they happen. Cortex Cloud consolidates multiple code and cloud security technologies such as Cloud Detection and Response, Software Composition Analysis, Infrastructure as Code security, CI/CD security, secrets scanning, Cloud Security Posture Management, Cloud Identity and Entitlements Management, API security, Vulnerability Management, Cloud Workload Protection, Web Application and API Security, Cloud Network Security, and Cloud Attack Surface Management into a single unified offering. As part of the Cortex platform, customers can transform end-to-end security operations, from code to cloud to SOC, by adopting Cortex Cloud together with Cortex XSIAM. Existing customers can continue leveraging Prisma Cloud as they upgrade to Cortex Cloud for significantly better, faster and more effective multi-cloud protection.
THREAT INTELLIGENCE AND ADVISORY SERVICES
•Customer Support. Global customer support helps our customers achieve their security outcomes with services and support capabilities covering the customer's entire journey with Palo Alto Networks. This post-sales, global organization advances our customers’ security maturity, supporting them when, where, and how they need it. We offer Standard Support, Premium Support, and Platinum Support to our end-customers and channel partners. Our channel partners that operate a Palo Alto Networks Authorized Support Center typically deliver level-one and level-two support. We provide level-three support 24 hours a day, seven days a week through regional support centers that are located worldwide. We also offer a service offering called Focused Services that includes Customer Success Managers to provide support for end-customers with unique or complex support requirements. We offer our end-customers ongoing support for hardware, software, and certain cloud offerings, which includes ongoing security updates, PAN-OS upgrades, bug fixes, and repairs. End-customers typically purchase these services for a one-year or longer term at the time of the initial product sale and typically renew for successive one-year or longer periods. Additionally, we provide expedited replacement for any defective hardware. We use a third-party logistics provider to manage our worldwide deployment of service-related spares.
•Threat Intelligence, Incident Response and Security Consulting. Unit 42 brings together world-renowned threat researchers, incident responders, and security consultants to create an intelligence-driven, response-ready organization that is passionate about helping clients proactively manage cyber risk. We help security leaders assess and test their security controls, transform their security strategy with a threat-informed approach, and respond to incidents rapidly. The Unit 42 Threat Intelligence team provides threat research that enables security teams to understand adversary intent and attribution, while enhancing protections offered by our products and services to stop advanced attacks. Our security consultants serve as trusted partners with state-of-the-art cyber risk expertise and incident response capabilities, helping customers build effective security programs, uncover critical exposures to prevent incidents, and, should incidents occur, respond to them with speed and confidence.
•Professional Services. Professional services are primarily delivered directly by Palo Alto Networks and through a global network of authorized channel partners to our end-customers and include on-location and remote, hands-on experts who plan, design, and deploy effective security solutions tailored to our end-customers’ specific requirements. These services include architecture design and planning, implementation, configuration, and firewall migrations for all our products, including Prisma and Cortex deployments. Customers can also purchase on-going technical experts to be part of customer’s security teams to aid in the implementation and operation of their Palo Alto Networks capabilities. Our education services include certifications, as well as free online technical courses and in-classroom training, which are primarily delivered through our authorized training partners.
RESEARCH AND DEVELOPMENT
Our research and development efforts are strategically centered on expanding our leadership within the enterprise security industry through AI-powered innovation. We focus on enhancing our integrated platforms and developing new software and hardware capabilities. Our engineering teams apply deep expertise in AI and machine learning across networking security, cloud security, endpoint security, and security operations to address the rapidly evolving threat landscape. This approach enables us to leverage core competencies across hardware and software for agile responsiveness and to ensure interoperability with third-party technologies. We supplement our own research with technologies and products licensed from third parties.
We believe that innovation and timely development of new features and products is essential to meeting the needs of our end-customers and improving our competitive position. During fiscal 2025, we introduced several new offerings, including: Prisma Access Browser, new capabilities in our OT Security solution, Cortex Cloud, Prisma AIRS, and Cortex XSIAM 3.0.
We plan to continue to significantly invest in our research and development efforts as we evolve and extend the capabilities of our portfolio.
ACQUISITIONS
We believe that the enterprise security industry in which we operate necessitates a variety of technologies, products, capabilities, and features. We evaluate opportunities to acquire complementary businesses, technologies, services, and intellectual property to complement our organic innovation and research and development efforts, advance the development of our platforms, and enable further investment in our key priority areas. Our evaluation of acquisition opportunities seeks to confirm that any potential transaction would accelerate our strategy, represent an attractive customer opportunity, address a customer need, align with our customer base and go-to-market strategy, and present a clear timeline and path for value accretion. Our acquisitions enable us to gain access to talent, technology, products and features, and can range in size and complexity, from those that enhance or complement existing products and accelerate development of features to those that result in new offerings.
For example, in August 2024, we completed the acquisition of certain QRadar assets from International Business Machines Corporation (“IBM”), which we expect will help accelerate the growth of our Cortex business. Additionally, in July 2025, we completed the acquisition of Protect AI, Inc., a privately-held cyber security company (“Protect AI”), which we expect will enhance the capabilities of our AI security platform. In July 2025, we also entered into a definitive agreement to acquire CyberArk Software Ltd. (“CyberArk”), an identity security company, which acquisition is expected to close during the second half of our fiscal 2026.
For additional information related to the impact of acquisitions to our business, see Part I, Item 1A “Risk Factors” in this Form 10-K.
INTELLECTUAL PROPERTY
We believe that our intellectual property rights are valuable and important to our business, and that our success depends, in part, on our ability to protect and use our core technology and intellectual property rights. We rely on a combination of trademarks, patents, copyrights, trade secrets, license agreements, intellectual property assignment agreements, confidentiality procedures, non-disclosure agreements, and employee non-disclosure and invention assignment agreements to establish, protect and control the use of our proprietary technology and intellectual property rights. We continue to grow our global portfolio of intellectual property rights in connection with our products, services, research and development. We file patent applications to protect our intellectual property and believe that the duration of our issued patents is sufficient when considering the expected lives of our products. We have registered various trademarks for our company and our products in the United States (“U.S.”) and other jurisdictions internationally. We intend to continue pursuing additional protections for our proprietary technology and intellectual property to the extent we believe it would be beneficial and cost-effective.
Despite our efforts to protect our proprietary technology and intellectual property rights, our rights may not be respected in the future or may be invalidated, circumvented, or challenged. Our industry is characterized by the existence of a large number of patents and frequent claims and related litigation based on allegations of patent infringement or other violations of intellectual property rights. We believe that competitors will try to develop products that are similar to ours and that may infringe our intellectual property rights. Our competitors, third-parties and non-practicing entities, may also claim that our cybersecurity platforms and services infringe their intellectual property rights. From time to time, third parties have in the past and may in the future assert claims of infringement, misappropriation and other violations of intellectual property rights against us or our customers, with whom our license or other agreements may obligate us to indemnify against these claims. Successful claims of infringement by a third party could affect our ability to offer, or prevent us from offering, certain products or features. This could result in time during which we may be unable to continue to offer our affected products or solutions because of a potential need for us to develop alternate, non-infringing technology, which could require significant time and resources, or require us to obtain a license, which may not be available on reasonable terms or at all, or could require us to pay substantial damages, royalties, or other fees. For additional information, see the section titled “Risks Related to Intellectual Property and Technology Licensing” in Part I, Item 1A “Risk Factors” in this Form 10-K.
GOVERNMENT REGULATION
We are subject to numerous U.S. federal, state, and foreign laws and regulations covering a wide variety of subject matters. Like other companies in the technology industry, we face scrutiny from both U.S. and foreign governments with respect to our compliance with laws and regulations. Our compliance with these laws and regulations may be onerous and could, individually or in the aggregate, increase our cost of doing business, impact our competitive position relative to our peers, and/or otherwise have an adverse impact on our business, reputation, financial condition, and operating results. For additional information about government regulation applicable to our business, see Part I, Item 1A “Risk Factors” in this Form 10-K.
COMPETITION
We operate in the intensely competitive enterprise security industry that is characterized by constant change and innovation. Changes in the application, threat, and technology landscape result in evolving customer requirements for the protection from threats and the safe enablement of applications. Our main competitors fall into four categories:
•large companies that incorporate security features in their products, such as Cisco Systems, Inc. (“Cisco”), Microsoft, Alphabet, or those that have acquired, or may acquire, security vendors and have the technical and financial resources to bring competitive solutions to the market;
•independent security vendors, such as Check Point Software Technologies Ltd. (“Check Point”), Fortinet, Inc. (“Fortinet”), CrowdStrike Holdings, Inc. (“CrowdStrike”), Zscaler, Inc. (“Zscaler”), and Wiz, Inc. (“Wiz”), that offer a mix of security products;
•startups and point-product vendors that offer independent or emerging solutions across various areas of security; and
•public cloud vendors and startups that offer solutions for cloud security (private, public, and hybrid cloud).
As our market grows, it will attract more highly specialized vendors, as well as larger vendors that may continue to acquire or bundle their products more effectively.
The principal competitive factors in our market include:
•product features, reliability, performance, and effectiveness;
•product line breadth, diversity, and applicability;
•product extensibility and ability to integrate with other technology infrastructures;
•price and total cost of ownership;
•adherence to industry standards and certifications;
•strength of sales and marketing efforts; and
•brand awareness and reputation.
We believe we generally compete favorably with our competitors on the basis of these factors as a result of the features and performance of our portfolio, the ease of integration of our security solutions with technological infrastructures, and the relatively low total cost of ownership of our products. However, some of our competitors may have substantially greater financial, technical, and other resources, greater name recognition, larger sales and marketing budgets, broader distribution, more diversified product lines, and larger and more mature intellectual property portfolios.
SALES, MARKETING, SERVICES, AND SUPPORT
Customers. Our end-customers consist of enterprises, service providers, and government entities. Our end-customers operate in a variety of industries, including education, energy, financial services, government entities, healthcare, Internet and media, manufacturing, public sector, and telecommunications. Our end-customers deploy our portfolio of solutions for a variety of security use cases across several settings. Typical deployment settings include the enterprise network, the enterprise data center, cloud locations, branch or remote locations, and on-device agents. No single end-customer accounted for more than 10% of our total revenue in fiscal 2025, 2024, or 2023.
Distribution. We primarily sell our products and subscription and support offerings to end-customers through our channel partners utilizing a two-tier, indirect fulfillment model whereby we sell our products and subscription and support offerings to our distributors, which, in turn, sell to our resellers, which then sell to our end-customers. Sales are generally subject to our standard, non-exclusive distributor agreement, which provides for an initial term of one year, one-year renewal terms, termination by us with 30 to 90 days written notice prior to the renewal date, and payment to us from the channel partner within 30 to 45 calendar days of the date we issue an invoice for such sales. For fiscal 2025, 44.2% of our total revenue was derived from sales to three distributors.
We also sell our VM-Series virtual firewalls and Cloud NGFW via various cloud marketplaces. For example, our VM-Series virtual firewalls are sold on Amazon’s AWS Marketplace, Microsoft’s Azure Marketplace, Alphabet’s Google Cloud Marketplace, and Oracle Corporation’s Oracle Cloud Marketplace either directly to end customers or as part of the respective cloud hosting service provider’s offerings under a usage-based licensing model.
Sales. Our sales organization is responsible for large-account acquisition and overall market development, which includes the management of the relationships with our channel partners, working with our channel partners in winning and supporting end-customers through a direct-touch approach, and acting as the liaison between our end-customers and our marketing and product development organizations. We pursue sales opportunities both through our direct sales force and as assisted by our channel partners, which include resellers, global and regional systems integrators, service providers, managed security service providers, and cloud hosting service providers. We expect to continue to grow our sales headcount to expand our reach in all key growth sectors.
Our sales organization is supported by sales engineers with responsibility for pre-sales technical support, solutions engineering for our end-customers, and technical training for our channel partners.
Channel Program. Our NextWave Channel Partner program is focused on building in-depth relationships with solutions-oriented distributors, channel, delivery and services partners that have strong security expertise. The program rewards these partners based on a number of attainment goals, as well as provides them access to marketing resources, technical and sales training, and support. To promote optimal productivity, we operate a formal accreditation program for our channel partners’ sales and technical professionals. As of July 31, 2025, we had more than 8,500 channel partners.
Global Customer Success. Our Global Customer Success organization is responsible for delivering professional, educational, and support services directly to our end-customers and partners. We leverage a global network of certified partners to extend the reach and consistency of these services. We believe that a comprehensive suite of customer success offerings is critical to the successful deployment, adoption, and ongoing use of our products. To support this, we have invested in hiring and developing technical experts with deep domain knowledge and proven experience across our portfolio.
Marketing. Our marketing is focused on building our brand reputation and the market awareness of our portfolio and driving pipeline and end-customer demand. Our marketing team consists primarily of product marketing, brand, demand generation, field marketing, digital marketing, communications, analyst relations, and marketing analytics functions. Marketing activities include pipeline development through demand generation, social media and advertising programs, managing the corporate website and partner portal, trade shows and conferences, analyst relationships, customer advocacy, and customer awareness. Every year we organize multiple signature events, such as our end-customer conference “Ignite” and focused conferences such as “Cortex Symphony” and “SASE Converge.” We also publish threat intelligence research, such as the Unit 42 Cloud Threat Report and the Unit 42 Network Threat Trends Research Report, which are based on data from our global threat intelligence team, Unit 42. These activities and tools benefit both our direct and indirect channels and are available at no cost to our channel partners.
Our products and services have been recognized as leading in 25 categories by third-party industry analysts firms that perform independent assessments of these categories. This recognition by third parties is an important measure of validation for our customers.
Backlog. Contract amounts that are not recorded in deferred revenue or revenue are considered backlog. Orders billed prior to revenue recognition are included in deferred revenue. We expect backlog will change from period to period for various reasons, including the timing of billing and fulfillment, such as inventory shortages. As such, we do not believe that backlog at any particular time is necessarily indicative of our future operating results.
Seasonality. Our business is affected by seasonal fluctuations in customer spending patterns. We have begun to see seasonal patterns in our business, which we expect to become more pronounced as we continue to grow, with our strongest sequential revenue growth generally occurring in our fiscal second and fourth quarters.
MANUFACTURING
We outsource the manufacturing of our products to various manufacturing partners, which include our electronics manufacturing services provider (“EMS provider”) and original design manufacturers. This approach allows us to reduce our costs as it reduces our manufacturing overhead and inventory and also allows us to adjust more quickly to changing end-customer demand. Our EMS provider is Flextronics International, Ltd. (“Flex”), who assembles our products using design specifications, quality assurance programs, and standards that we establish, and procures components and assembles our products based on our demand forecasts. These forecasts are based upon historical trends and analysis, adjusted for overall market conditions. All of our hardware products are assembled in the U.S.
The component parts within our products are either sourced by our manufacturing partners or by us from various component suppliers. Our manufacturing and supply contracts, generally, do not guarantee a certain level of supply or fixed pricing, which increases our exposure to supply shortages or price increases.
HUMAN CAPITAL
We believe our ongoing success depends on our employees. With a global workforce of 16,068 as of July 31, 2025, our People Strategy is a critical element of our overall company strategy and is overseen by our Chief People Officer who regularly updates our board of directors and the board’s Compensation and People Committee on human capital matters. Our People Strategy is designed to enable a workforce that is nimble, high-performing and innovative. We take a comprehensive approach to attracting, enabling and engaging world-class talent and fostering a culture where every employee can thrive. Our approach includes respecting each employee as a unique individual, demonstrating fairness in all we do and advancing a culture where employees are inspired to do the best work of their careers. We also focus on integrating AI into people programs and processes to build a more agile, skilled and forward-thinking workforce prepared for the future of cybersecurity. Our values of disruption, execution, collaboration, inclusion and integrity were co-created with employees and serve as the foundation of our culture. These values are embedded in our talent acquisition, learning and enablement, engagement and performance elevation, rewards and recognition programs.
Attract & Hire. At Palo Alto Networks, we source talent with the necessary skills and capabilities to contribute to our culture and mission. We utilize structured interviewing practices, thorough job analyses and success profiles to identify high-quality candidates and staff critical roles. In fiscal 2025, we began to transform our hiring operations by strategically embedding AI across the talent acquisition lifecycle to sharpen our competitive edge for talent. We are deploying intelligent tools to automate and enhance core processes, including AI-generated job descriptions, structured interview guides and preparation materials; intelligent interview scheduling; launching an automated talent sourcing and screening pilot; and using AI to augment feedback summaries. Each step is optimized for speed, consistency and bias mitigation. Recognizing that technical skills evolve rapidly in an AI-driven world, our recruitment strategy prioritizes durable, "AI-readiness" capabilities. We assess candidates for core competencies such as critical thinking, adaptability and a capacity for continuous learning to help ensure every hire can not only excel today but also innovate and lead in the future.
Our Global Hiring Committee continues to play a key role in maintaining our hiring standards, which help drive objectivity. This group of cross-functional senior leaders reviews finalist candidates’ information with a focus on experience and capability. To build robust talent pipelines, we partner with academic institutions and other organizations to support new careers in cybersecurity, promote open roles, proactively reach out to candidates across multiple hiring channels and source candidates with a range of experiences. We also encourage employee referrals.
Onboard & Enable. Each member of our workforce has a unique career journey and individual needs, interests and goals. To that end, we strive to create an environment where everyone feels valued, respected and supported to solve the world’s toughest cybersecurity challenges.
In fiscal 2025, we started to evolve from a traditional training program to a system of AI-powered talent enablement, where we integrate learning and growth throughout the flow of an employee’s daily work. From day 1, new hires embark on a journey that blends in-person connection with personalized digital guidance, including generative AI onboarding roadmaps and AI-curated mentor networks. For ongoing growth, through The Learning Center, our intelligent learning platform, we deliver adaptive learning tracks for employees, including specialized paths for interns, new graduates and individuals joining through acquisitions. We also piloted real-time AI-enabled feedback simulations to coach and equip managers with the skills to guide their teams more effectively.
Development information about core business elements, required company-wide compliance training and information about activities on topics ranging from well-being to collaboration are also offered. To further support our employees to advance up the AI adoption curve, we have offered self-paced online certifications, live training and an experimentation challenge that encouraged peer-driven use cases and employees voting to select the finalists. We will continue our enablement journey, using employee questions and feedback to offer both practical and role-specific use cases to help increase productivity and new skill acquisition. On average, employees completed 36 hours of development during fiscal 2025.
Listen & Engage. We aim to foster engagement and help employees feel connected to our mission and values. Through our comprehensive approach, we use in-person and virtual channels to provide a regular flow of information to and between employees and leadership. These channels include company meetings, digital displays across our sites, our intranet, regular email communications, an active Slack platform, pulse surveys, a peer-to-peer recognition platform and regular two-way dialogue—such as small, in-person listening sessions hosted by our chief executive officer.
Employee sentiment is also collected and measured from external sources, such as Glassdoor and Comparably. In addition, based on employee participation in an anonymous survey, the Best Practice Institute has certified Palo Alto Networks as one of the “Top 100 Global Most Loved Workplaces” since 2021. Palo Alto Networks has been recognized by Comparably for “Best Leadership Teams” and “Best Company Outlook”, in addition to other employer of choice awards. Our chief executive officer has also earned a 91% employee approval rating on Glassdoor, a top percentile score.
In addition to our formal, company-wide, semiannual performance review process, which helps employees set learning and development plans, we believe in always-on performance feedback. Further providing engagement are eleven Employee Network Groups, open to all employees, that leverage different perspectives to build, understand and support our culture.
Compensation & Benefits. We offer employees competitive compensation and our flexible benefits plans include a variety of health, time off, wellness and voluntary benefits. Our pay strategy, which includes base salary, cash bonus programs, and equity awards, focuses on compensation based on individual performance. Palo Alto Networks is a fair pay company and we annually engage a third-party consultancy to analyze our pay practices. Through our flexible benefits programs, employees are able to request reimbursement for a range of lifestyle items including fitness, caregiving and education. Additionally, through our Giving+ program, employees can request monetary matching of their charitable donations and volunteer time.
Health, Safety & Wellbeing. Our commitment to the health, safety and wellbeing of our employees includes providing tools, resources and benefits focused on physical, mental and emotional wellbeing. This includes courses designed to equip employees with the knowledge to work safely, safety awareness campaigns and a mental health hub on our employee intranet.
CORPORATE RESPONSIBILITY
Our Corporate Responsibility (CR) strategy supports our company's purpose of a safe and secure world, and is informed through many inputs, including our business strategy and objectives, ongoing stakeholder engagement, investor and customer interests, benchmarking of industry best practices, regulatory developments and more. We execute meaningful CR initiatives that include advancing environmental sustainability, investing in people and operating with integrity.
Advance Environmental Sustainability. Palo Alto Networks is doing our part to limit global warming to less than 1.5°C. Our decarbonization pathway includes implementing operational efficiencies, procuring 100% renewable electricity, targeting greenhouse gas emissions reductions across our value chain and making progress on our science-based targets. We continue to be recognized by CDP (formerly Carbon Disclosure Project) as a “Supplier Engagement Assessment A-list.” We report progress towards our goals in our annual Corporate Responsibility report.
Invest in People. In addition to our People Strategy described in the section titled “Human Capital” above, we continue to communicate our expectations regarding labor standards, business practices and workplace health and safety conditions to our supply chain through our Global Supplier Code of Conduct. During fiscal 2025, we maintained our affiliate membership in the Responsible Business Alliance. As a company built on trust, continuing to be a leader in responsible business practices and social impact supports our corporate strategy. We made charitable grants through our donor-advised fund to support nonprofit organizations providing services in areas such as cybersecurity education and expanding pathways to cyber careers. We maintained our work to provide cybersecurity curriculum to schools, universities and nonprofit organizations to help prepare people for careers in cybersecurity.
Operate with Integrity. Integrity is one of our core values. Employees, contractors and suppliers are informed about our governance expectations, including through our Codes of Conduct, compliance training programs and ongoing communications. The Governance and Sustainability Committee of the board of directors provides primary oversight of corporate responsibility and the board of directors and applicable committees receive regular updates on corporate responsibility topics.
AVAILABLE INFORMATION
Our website is located at www.paloaltonetworks.com, and our investor relations website is located at investors.paloaltonetworks.com. Our Annual Reports on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, and amendments to reports filed or furnished pursuant to Sections 13(a) and 15(d) of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), are available free of charge on the Investors portion of our website as soon as reasonably practicable after we electronically file such material with, or furnish it to, the Securities and Exchange Commission (“SEC”). We also provide a link to the section of the SEC’s website at www.sec.gov that has all of our public filings, including Annual Reports on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, all amendments to those reports, our Proxy Statements, and other ownership-related filings.
We also use our investor relations website as a channel of distribution for important company information. For example, webcasts of our earnings calls and certain events we participate in or host with members of the investment community are on our investor relations website. Additionally, we announce investor information, including news and commentary about our business and financial performance, SEC filings, notices of investor events, and our press and earnings releases, on our investor relations website. Investors and others can receive notifications of new information posted on our investor relations website in real time by signing up for email alerts and RSS feeds. Further corporate governance information, including our corporate governance guidelines, board committee charters, and code of conduct, is also available on our investor relations website under the heading “Governance.” The contents of our websites are not incorporated by reference into this Annual Report on Form 10-K or in any other report or document we file with the SEC, and any references to our websites are intended to be inactive textual references only. All trademarks, trade names, or service marks used or mentioned herein belong to their respective owners.
Item 1A. Risk Factors
Our operations and financial results are subject to various risks and uncertainties including those described below. The risks and uncertainties described below are not the only ones we face. Additional risks and uncertainties that we are unaware of, or that we currently believe are not material, also may become important factors that affect us. If any of the following risks or others not specified below materialize, our business, financial condition, and operating results could be materially adversely affected, and the market price of our common stock could decline. In addition, the impacts of any worsening of the economic environment may exacerbate the risks described below, any of which could have a material impact on us.
Risk Factor Summary
Our business is subject to numerous risks and uncertainties. These risks include, but are not limited to, the following:
•Our operating results may be adversely affected by unfavorable economic and market conditions and the uncertain geopolitical environment.
•Our business and operations have experienced growth in recent periods, and if we do not effectively manage any future growth or are unable to improve our systems, processes, and controls, our operating results could be adversely affected.
•Our revenue growth rate in recent periods may not be indicative of our future performance, and we may not be able to maintain profitability, which could cause our business, financial condition, and operating results to suffer.
•Our operating results may vary significantly from period to period, which makes our results difficult to predict and could cause our results to fall short of expectations, and such results may not be indicative of future performance.
•Seasonality may cause fluctuations in our revenue.
•If we are unable to sell new and additional product, subscription, and support offerings to our end-customers, especially to large enterprise customers, our future revenue and operating results will be harmed.
•If we are unable to attract new customers, our future results of operations could be harmed.
•We rely on revenue from subscription and support offerings, and because we recognize revenue from subscription and support over the term of the relevant service period, downturns or upturns in sales or renewals of these subscription and support offerings are not immediately reflected in full in our operating results.
•The sales prices of our products, subscriptions, and support offerings may decrease, which may reduce our revenue and gross profits and adversely impact our financial results.
•We rely on our channel partners to sell substantially all of our products, including subscriptions and support, and if these channel partners fail to perform, our ability to sell and distribute our products and subscriptions will be limited and our operating results will be harmed.
•We are exposed to the credit and liquidity risk of our customers, and to credit exposure in weakened markets, which could result in material losses.
•A portion of our revenue is generated by sales to government entities, which are subject to a number of challenges and risks.
•We face intense competition in our market and we may lack sufficient financial or other resources to maintain or improve our competitive position.
•We have and may in the future acquire other businesses (including CyberArk), which could subject us to adverse claims or liabilities, require significant management attention, disrupt our business, adversely affect our operating results, may not result in the expected benefits of such acquisitions, and may dilute stockholder value.
•We may not complete the acquisition of CyberArk within the timeframe we anticipate or at all, which could negatively impact our future business and financial results.
•As a result of the CyberArk acquisition, we anticipate that the scope and size of our business will substantially change and result in certain incremental risks, including increased competition.
•If we do not accurately predict, prepare for, and respond promptly to rapidly evolving technological and market developments and successfully manage product and subscription introductions and transitions to meet changing end-customer needs in the enterprise security industry, our competitive position and prospects will be harmed.
•Issues in the development and deployment of AI may result in reputational harm and legal liability and could adversely affect our results of operations.
•A network or data security incident may allow unauthorized access to our network or data, harm our reputation, create additional liability, and adversely impact our financial results.
•Defects, errors, or vulnerabilities in our products, subscriptions, or support offerings, the failure of our products or subscriptions to block a virus or prevent a security breach or incident, misuse of our products, or risks of product liability claims could harm our reputation and adversely impact our operating results.
•Our ability to sell our products and subscriptions is dependent on the quality of our technical support services and those of our channel partners, and the failure to offer high-quality technical support services could have a material adverse effect on our end-customers’ satisfaction with our products and subscriptions, our sales, and our operating results.
•Claims by others that we infringe their intellectual property rights could harm our business.
•Our proprietary rights may be difficult to enforce or protect, which could enable others to copy or use aspects of our products or subscriptions without compensating us.
•Our use of open source software in our products and subscriptions could negatively affect our ability to sell our products and subscriptions and subject us to possible litigation.
•We license technology from third parties, and our inability to maintain those licenses could harm our business.
•Because we depend on manufacturing partners to build and ship our hardware products, we are susceptible to manufacturing and logistics delays and pricing fluctuations that could prevent us from shipping customer orders on time, if at all, or on a cost-effective basis, which may result in the loss of sales and end-customers.
•Managing the supply of our hardware products and product components is complex. Insufficient supply and inventory would result in lost sales opportunities or delayed revenue, while excess inventory would harm our gross margins.
•Our hardware products contain key components from limited sources of supply, including outside the United States, and we are susceptible to supply shortages, supply changes, and international regulations, which, in certain cases, have disrupted or delayed our scheduled product deliveries to our end-customers, increased our costs and may result in the loss of sales and end-customers.
•If we are unable to attract, retain, and motivate our key technical, sales, and management personnel, our business could suffer.
•We generate a significant amount of revenue from sales to distributors, resellers, and end-customers outside of the United States, and we are therefore subject to a number of risks associated with international sales and operations.
•We are exposed to fluctuations in foreign currency exchange rates, which could negatively affect our financial condition and operating results.
•We face risks associated with having operations and employees located in Israel.
•We are subject to international trade regulations and governmental export and import controls that could subject us to liability or impair our ability to compete in international markets.
•We may incur increased costs to comply with privacy and data protection laws and, if we fail to comply, we could be subject to government enforcement actions, private litigation and adverse publicity.
•We may have exposure to tax liabilities that are greater than anticipated.
•If our estimates or judgments, including those relating to our critical accounting policies, are based on assumptions that change or prove to be incorrect, our operating results differ from our publicly announced guidance or the expectations of securities analysts and investors, resulting in a decline in the market price of our common stock.
•We are obligated to maintain proper and effective internal control over financial reporting. We may not complete our analysis of our internal control over financial reporting in a timely manner, or our internal control may not be determined to be effective, which may adversely affect investor confidence in our company and, as a result, the value of our common stock.
•Our reputation and/or business could be negatively impacted by corporate responsibility matters and/or our reporting of such matters.
•Failure to comply with governmental laws and regulations could harm our business.
•The market price of our common stock historically has been volatile, and the value of an investment in our common stock could decline.
•The warrant transactions may affect the value of our common stock.
•The issuance of additional stock in connection with financings, acquisitions, investments, our stock incentive plans, exercise of the 2025 Warrants, or otherwise will dilute stock held by all other stockholders.
•We cannot guarantee that our share repurchase program will be fully consummated or that it will enhance shareholder value, and share repurchases could affect the price of our common stock.
•We do not intend to pay dividends for the foreseeable future.
•Our charter documents and Delaware law could discourage takeover attempts and lead to management entrenchment, which could also reduce the market price of our common stock.
•Our business is subject to the risks of earthquakes, fire, power outages, floods, health risks, and other catastrophic events, and to interruption by man-made problems, such as terrorism.
•Our failure to raise additional capital or generate the significant capital necessary to expand our operations and invest in new products and subscriptions could reduce our ability to compete and could harm our business.
Risks Related to Global Economic and Geopolitical Conditions
Our operating results may be adversely affected by unfavorable economic and market conditions and the uncertain geopolitical environment.
We operate globally, and as a result, our business and revenues are impacted by global economic and geopolitical conditions. The instability in the global credit markets, inflation, changes in public policies such as domestic and international legislation or regulations, changes in enforcement and administration policies, taxes, any increases in interest rates, fluctuations in foreign currency exchange rates, or international trade agreements, international trade disputes, trade regulations, tariffs and changes in tariffs, geopolitical turmoil, and other disruptions to global and regional economies and markets continue to add uncertainty to global economic conditions. Military actions or armed conflict, including the hostilities in Israel and the surrounding region, the Russia-Ukraine war and any related political or economic responses and counter-responses, and uncertainty about, or changes in, government and trade relationships, policies, and treaties could also lead to worsening economic and market conditions and geopolitical environment. In response to Russia’s invasion of Ukraine, the United States, along with the European Union (the “E.U.”) has imposed restrictive sanctions on Russia, Russian entities, and Russian citizens (“Sanctions on Russia”). We are subject to these governmental sanctions and export controls, which may subject us to liability if we are not in full compliance with applicable laws. Any continued or further uncertainty, weakness or deterioration in economic and market conditions or the geopolitical environment could have a material and adverse impact on our business, financial condition, and results of operations, including reductions in sales of our products and subscriptions, longer sales cycles, reductions in subscription or contract duration and value, slower adoption of new technologies, alterations in the spending patterns or priorities of current and prospective customers (including delaying purchasing decisions), increased costs for the chips and components to manufacture our products, and increased price competition.
Risks Related to Our Business
RISKS RELATED TO OUR GROWTH
Our business and operations have experienced growth in recent periods, and if we do not effectively manage any future growth or are unable to improve our systems, processes, and controls, our operating results could be adversely affected.
We have experienced growth and increased demand for our products and subscriptions over the last few years. As a result, our employee headcount has increased, and we expect it to continue to grow over the next year. For example, from the end of fiscal 2024 to the end of fiscal 2025, our headcount increased from 15,289 to 16,068 employees. In addition, as we have grown, the number of end-customers has also increased, and we have managed more complex deployments of our products and subscriptions with larger end-customers. The growth and expansion of our business and product, subscription, and support offerings places a significant strain on our management, operational, and financial resources. To manage any future growth effectively, we must continue to improve and expand our information technology and financial infrastructure, our operating and administrative systems and controls, and our ability to manage headcount, capital, and processes in an efficient manner.
We may not be able to successfully implement, scale, or manage improvements to our systems, processes, and controls in an efficient or timely manner, which could result in material disruptions of our operations and business. In addition, our existing systems, processes, and controls may not prevent or detect all errors, omissions, or fraud. We may also experience difficulties in managing improvements to our systems, processes, and controls, or in connection with third-party software licensed to help us with such improvements. Any future growth would add complexity to our organization and require effective coordination throughout our organization. Failure to manage any future growth effectively could result in increased costs, disrupt our existing end-customer relationships, reduce demand for or limit us to smaller deployments of our products, or materially harm our business performance and operating results.
Our revenue growth rate in recent periods may not be indicative of our future performance, and we may not be able to maintain profitability, which could cause our business, financial condition, and operating results to suffer.
We have experienced revenue growth rates of 14.9% and 16.5% in fiscal 2025 and fiscal 2024, respectively. Our revenue for any quarterly or annual period should not be relied upon as an indication of our future revenue or revenue growth for any future period. If we are unable to maintain consistent or increasing revenue or revenue growth, the market price of our common stock could be volatile, and it may be difficult for us to maintain profitability or maintain or increase cash flow on a consistent basis.
In addition, we have incurred losses in fiscal years prior to fiscal 2023. We anticipate that our operating expenses will continue to increase in the foreseeable future as we continue to grow our business. Our growth efforts may prove more expensive than we currently anticipate, and we may not succeed in increasing our revenues sufficiently, or at all, to offset increasing expenses. Revenue growth may slow or revenue may decline for a number of possible reasons, including slowing demand for our products or subscriptions, increasing competition, a decrease in the growth of, or a demand shift in, our overall market, or a failure to capitalize on growth opportunities. We have also entered into a substantial amount of capital commitments for operating lease obligations and other purchase commitments. Any failure to increase our revenue as we grow our business could prevent us from maintaining profitability or maintaining or increasing cash flow on a consistent basis, or satisfying our capital commitments. If we are unable to navigate these challenges as we encounter them, our business, financial condition, and operating results may suffer.
Our operating results may vary significantly from period to period, which makes our results difficult to predict and could cause our results to fall short of expectations, and such results may not be indicative of future performance.
Our operating results have fluctuated in the past, and will likely continue to fluctuate in the future, as a result of a number of factors, many of which are outside of our control and may be difficult to predict, including those factors described in this Risk Factor section. For example, we have historically received a substantial portion of sales orders and generated a substantial portion of revenue during the last few weeks of each fiscal quarter. If expected revenue at the end of any fiscal quarter is delayed for any reason, including the failure of anticipated purchase orders to materialize (particularly for large enterprise end-customers with lengthy sales cycles), our logistics partners’ inability to ship products prior to fiscal quarter-end to fulfill purchase orders received near the end of a fiscal quarter, our failure to manage inventory to meet demand, any failure of our systems related to order review and processing, or any delays in shipments based on trade compliance requirements (including new compliance requirements imposed by new or renegotiated trade agreements), our revenue could fall below our expectations and the estimates of analysts for that quarter. Due to these fluctuations, comparing our revenue, margins, or other operating results on a period-to-period basis may not be meaningful, and our past results should not be relied on as an indication of our future performance.
This variability and unpredictability could also result in our failure to meet our revenue, margin, or other operating result expectations contained in any forward-looking statements (including financial or business expectations we have provided) or those of securities analysts or investors for a particular period. If we fail to meet or exceed such expectations for these, or any other, reasons, the market price of our common stock could fall substantially, and we could face costly lawsuits, including securities class action suits.
Seasonality may cause fluctuations in our revenue.
We believe there are significant seasonal factors that may cause our second and fourth fiscal quarters to record greater revenue sequentially than our first and third fiscal quarters. We believe that this seasonality results from a number of factors, including:
•end-customers with a December 31 fiscal year-end choosing to spend remaining unused portions of their discretionary budgets before their fiscal year-end, which potentially results in a positive impact on our revenue in our second fiscal quarter;
•our sales compensation plans, which are typically structured around annual quotas and commission rate accelerators, which potentially results in a positive impact on our revenue in our fourth fiscal quarter; and
•the timing of end-customer budget planning at the beginning of the calendar year, which can result in a delay in spending at the beginning of the calendar year, potentially resulting in a negative impact on our revenue in our third fiscal quarter.
As we continue to grow, seasonal or cyclical variations in our operations may become more pronounced, and our business, operating results, and financial position may be adversely affected.
RISKS RELATED TO OUR PRODUCTS AND TECHNOLOGY
If we are unable to sell new and additional product, subscription, and support offerings to our end-customers, especially to large enterprise customers, our future revenue and operating results will be harmed.
Our future success depends, in part, on our ability to expand the deployment of our portfolio with existing end-customers, especially large enterprise customers, including through our platformization strategy, and create demand for our new offerings. The rate at which our end-customers purchase additional products, subscriptions, and support depends on a number of factors, including the perceived need for additional security products, including subscription and support offerings, as well as general economic conditions. If our efforts to sell additional products and subscriptions to our end-customers are not successful, our revenues may grow more slowly than expected or decline.
Sales to large enterprise end-customers, which is part of our growth strategy, involve risks that may not be present, or that are present to a lesser extent, with sales to smaller entities, such as (a) longer sales cycles and the associated risk that substantial time and resources may be spent on a potential end-customer that elects not to purchase our products, subscriptions, and support, and (b) increased purchasing power and leverage held by large end-customers in negotiating contractual arrangements. Deployments for large enterprise end-customers are also more complex, require greater product functionality, scalability, and a broader range of services, and are more time-consuming and resource-consuming. All of these factors add further risk to business conducted with these end-customers. Failure to realize sales from large enterprise end-customers could materially and adversely affect our business, operating results, and financial condition.
If we are unable to attract new customers, our future results of operations could be harmed.
To increase our revenue and maintain profitability, we must add new customers. To do so, we must successfully convince prospective customers of the value of adopting our solutions. We are engaging in costly marketing and sales efforts to accelerate our strategies, including platformization, and attract new customers, which may fail or may not be as successful as intended or at all. Additionally, prospective customers’ decisions to purchase our solutions depend on a variety of factors, many of which are out of our control. These factors significantly impact our ability to add new customers and increase the time, resources and sophistication required to do so. For example, prospective customers may face real or perceived switching costs when switching to our solutions from legacy security vendors and products. Deployment of our solutions may require a significant commitment of resources from our customers. Any deterioration in general economic conditions, including as a result of the geopolitical environment or inflation (as well as government policies such as raising interest rates in response to inflation), have in the past caused, and may in the future cause, our current and prospective customers to delay or cut their overall security and IT operations spending. If our efforts to attract new customers are not successful, our sales may not grow as quickly as anticipated, or at all, and our business, operating results, and financial condition will be harmed.
We rely on revenue from subscription and support offerings, and because we recognize revenue from subscription and support over the term of the relevant service period, downturns or upturns in sales or renewals of these subscription and support offerings are not immediately reflected in full in our operating results.
Subscription and support revenue accounts for a significant portion of our revenue, comprising 80.5% of total revenue in fiscal 2025, 80.0% of total revenue in fiscal 2024, and 77.1% of total revenue in fiscal 2023. Sales and renewals of subscription and support contracts may decline and fluctuate as a result of a number of factors, including end-customers’ level of satisfaction with our products and subscriptions, the frequency and severity of subscription outages, our product uptime or latency, the prices of our products and subscriptions, and reductions in our end-customers’ spending levels. Existing end-customers have no contractual obligation to, and may not, renew their subscription and support contracts after the completion of their initial contract period. Additionally, our end-customers may renew their subscription and support agreements for shorter contract lengths or on other terms that are less economically beneficial to us. If our sales of new or renewal subscription and support contracts decline, our total revenue and revenue growth rate may decline, and our business will suffer. In addition, because we recognize subscription and support revenue over the term of the relevant service period, which is typically one to five years, a decline in subscription or support contracts in any one fiscal quarter will not be fully or immediately reflected in revenue in that fiscal quarter but will negatively affect our revenue in future fiscal quarters.
The sales prices of our products, subscriptions, and support offerings may decrease, which may reduce our revenue and gross profits and adversely impact our financial results.
The sales prices for our products, subscriptions, and support offerings may decline for a variety of reasons, including competitive pricing pressures, discounts, a change in our mix of products, subscriptions, and support offerings, anticipation of the introduction of new products, subscriptions, or support offerings, or promotional programs or pricing pressures. Furthermore, we anticipate that the sales prices and gross profits for our products could decrease over product life cycles. Declining sales prices could adversely affect our revenue, gross profits, and profitability.
We rely on our channel partners to sell substantially all of our products, including subscriptions and support, and if these channel partners fail to perform, our ability to sell and distribute our products and subscriptions will be limited and our operating results will be harmed.
Substantially all of our revenue is generated by sales through our channel partners, including distributors and resellers. For fiscal 2025, three distributors individually represented 10% or more of our total revenue and in the aggregate represented 44.2% of our total revenue. As of July 31, 2025, three distributors individually represented 10% or more of our gross accounts receivable and in the aggregate represented 44.8% of our gross accounts receivable.
We provide our channel partners with specific training and programs to assist them in selling our products, including subscriptions and support offerings, but there can be no assurance that these steps will be utilized or effective. In addition, our channel partners may be unsuccessful in marketing, selling, and supporting our products and subscriptions. We may not be able to incentivize these channel partners to sell our products and subscriptions to end-customers and, in particular, to large enterprises. These channel partners may also have incentives to promote our competitors’ products and may devote more resources to the marketing, sales, and support of competitive products. Our agreements with our channel partners may generally be terminated for any reason by either party with advance notice prior to each annual renewal date. We cannot be certain that we will retain these channel partners or that we will be able to secure additional or replacement channel partners. In addition, any new channel partner requires extensive training and may take several months or more to achieve productivity. Our channel partner sales structure could subject us to lawsuits, potential liability, and reputational harm if, for example, any of our channel partners misrepresent the functionality of our products or subscriptions to end-customers or violate laws or our corporate policies. If we fail to effectively manage our sales channels or channel partners, our ability to sell our products and subscriptions and operating results will be harmed.
We are exposed to the credit and liquidity risk of our customers, and to credit exposure in weakened markets, which could result in material losses.
Most of our sales are made on an open credit basis. Beyond our open credit arrangements, we have also experienced demands for customer financing and deferred payments due to, among other things, macro-economic conditions. Increases in deferred payments result in payments being made over time, negatively impacting our short-term cash flows, and subject us to risk of non-payment by our customers, including as a result of insolvency. We monitor customer payment capability in granting such financing arrangements, seek to limit the amounts to what we believe customers can pay and maintain reserves we believe are adequate to cover exposure for doubtful accounts to mitigate credit risks of these customers. However, there can be no assurance that these programs will be effective in reducing our credit risks. To the degree that turmoil in the credit markets makes it more difficult for some customers to obtain financing, those customers’ ability to pay could be adversely impacted, which in turn could have a material adverse impact on our business, operating results, and financial condition.
Our exposure to the credit risks relating to the financing activities described above may increase if our customers are adversely affected by a global economic downturn or periods of economic uncertainty. If we are unable to adequately control these risks, our business, operating results, and financial condition could be harmed. In addition, in the past, we have experienced non-material losses due to bankruptcies among customers. If these losses increase due to global economic conditions, they could harm our business and financial condition.
A portion of our revenue is generated by sales to government entities, which are subject to a number of challenges and risks.
Sales to government entities are subject to a number of risks. Selling to government entities can be highly competitive, expensive, and time-consuming, often requiring significant upfront time and expense without any assurance that these efforts will generate a sale. The substantial majority of our sales to date to government entities have been made indirectly through our channel partners. Government certification or technical requirements for products and subscriptions like ours may change, thereby restricting our ability to sell into the federal government sector until we have attained the revised certification or technical requirements. If our products and subscriptions are late in achieving or fail to achieve compliance with these certifications and standards or technical requirements, or our competitors achieve compliance with these certifications and standards or technical requirements, we may be disqualified from selling our products, subscriptions, and support offerings to such governmental entity, or be at a competitive disadvantage, which would harm our business, operating results, and financial condition. Government entity demand and payment for our products, subscriptions, and support offerings may be impacted by government shutdowns, changes in governmental administrations, public sector budgetary cycles, fiscal policies, contracting policies or requirements, funding authorizations, and efforts by a government to evaluate and reduce overall government spending and analyze and enhance its operational efficiency, with funding reductions or delays adversely affecting public sector demand for our products, subscriptions, and support offerings. Government entities may have statutory, contractual, or other legal rights to terminate contracts with our distributors and resellers for convenience or due to a default, and any such termination may adversely impact our future operating results. Governments routinely investigate and audit government contractors’ administrative processes, and any unfavorable audit could result in the government refusing to continue buying our products, subscriptions, and support offerings, a reduction of revenue, or fines or civil or criminal liability if the audit uncovers improper or illegal activities, which could adversely impact our operating results in a material way. Additionally, the U.S. government may require certain of the products that it purchases to be manufactured in the United States or other relatively high-cost manufacturing locations, and we may not manufacture all products in locations that meet such requirements, affecting our ability to sell these products, subscriptions, and support offerings to the U.S. government.
We face intense competition in our market and we may lack sufficient financial or other resources to maintain or improve our competitive position.
The industry for enterprise security products is intensely competitive, and we expect competition to increase in the future from established competitors and new market entrants. Our main competitors fall into four categories:
•large companies that incorporate security features in their products, such as Cisco, Microsoft, Alphabet or those that have acquired, or may acquire, security vendors and have the technical and financial resources to bring competitive solutions to the market;
•independent security vendors, such as Check Point, Fortinet, CrowdStrike, Zscaler, and Wiz, that offer a mix of security products;
•startups and point-product vendors that offer independent or emerging solutions across various areas of security; and
•public cloud vendors and startups that offer solutions for cloud security (private, public, and hybrid cloud).
Some of our competitors have or may attain greater financial, technical, marketing, sales, and other resources, greater name recognition, longer operating histories, and a larger base of customers than we do. They may be able to devote greater resources to the promotion and sale of products and services than we can, and they may offer lower pricing than we do. Further, they may have greater resources for research and development of new technologies, the provision of customer support, and the pursuit of acquisitions or other strategic investments. They may also have larger and more mature intellectual property portfolios, and broader and more diverse product and service offerings, which allow them to leverage their relationships based on other products or incorporate functionality into existing products to gain business in a manner that discourages users from purchasing our products and subscriptions, including incorporating cybersecurity features into their existing products or services and product bundling, selling at zero or negative margins, and offering concessions or a closed technology offering. Some competitors may have broader distribution and established relationships with distribution partners and end-customers. Other competitors specialize in providing protection from a single type of security threat, which may allow them to deliver these specialized security products to the market more quickly than we can.
We also face competition from companies that have entrenched legacy offerings at end-user customers. End-user customers have also often invested substantial personnel and financial resources to design and operate their networks and have established deep relationships with other providers of networking and security products. As a result, these organizations may prefer to purchase from their existing suppliers rather than add or switch to a new supplier such as us. In addition, as our customers refresh the security products bought in prior years, they may seek to consolidate vendors, which may result in current customers choosing to purchase products from our competitors. Due to budget constraints or economic downturns, organizations may add solutions to their existing network security infrastructure rather than replacing it with our products and subscriptions.
Conditions in our market could change rapidly and significantly as a result of technological advancements, partnering, acquisitions or strategic investments by our competitors, or continuing market consolidation. Our competitors and potential competitors may be able to develop new or disruptive technologies, products, or services, and leverage new business models that are equal or superior to ours, achieve greater market acceptance of their products and services, disrupt our markets, and increase sales by utilizing different distribution channels than we do. In addition, new and enhanced technologies, including AI and machine learning, continue to increase our competition. To compete successfully, we must accurately anticipate technology developments and deliver innovative, relevant, and useful products, services, and technologies in a timely manner. Some of our competitors have made or could make acquisitions of businesses that may allow them to offer more directly competitive and comprehensive solutions than they had previously offered and adapt more quickly to new technologies and end-customer needs. Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources or product or service offerings.
These competitive pressures in our market or our failure to compete effectively may result in price reductions, fewer orders, reduced revenue and gross margins, and loss of market share. If we are unable to compete successfully, or if competing successfully requires us to take aggressive pricing or other actions, our business, financial condition, and results of operations would be adversely affected.
We have and may in the future acquire other businesses (including CyberArk), which could subject us to adverse claims or liabilities, require significant management attention, disrupt our business, adversely affect our operating results, may not result in the expected benefits of such acquisitions, and may dilute stockholder value.
As part of our business strategy, we acquire and make investments in complementary companies, products, or technologies. We continue to evaluate such opportunities and expect to continue to make such acquisitions and investments in the future, such as our pending acquisition of CyberArk Software Ltd. (“CyberArk”). The identification of suitable acquisition candidates is difficult, and we may not be able to complete such acquisitions on favorable terms, if at all. In addition, we may be subject to claims or liabilities assumed from an acquired company, product, or technology; acquisitions we complete could be viewed negatively by our end-customers, investors, and securities analysts; and we may incur costs and expenses necessary to address an acquired company’s failure to comply with laws and governmental rules and regulations. Additionally, we may be subject to litigation or other claims in connection with the acquired company, product, or technology, including claims from terminated employees, customers, former stockholders, or other third parties, which may differ from or be more significant than the risks our business faces.
If we are unsuccessful at integrating past or future acquisitions, including the pending acquisition of CyberArk, in a timely manner, or the technologies, products, or operations associated with such acquisitions, into our company, our revenue and operating results could be adversely affected. Any integration process may require significant time and resources, which may disrupt our ongoing business and divert management’s attention, and we may not be able to manage the integration process successfully or in a timely manner. We may have difficulty retaining key personnel or customers of the acquired business. We may not successfully evaluate or utilize any acquired technology, products, or personnel, realize anticipated synergies from an acquisition, or accurately forecast the financial impact of an acquisition transaction and integration of such acquisition, including accounting charges and any potential impairment of goodwill and intangible assets recognized in connection with such acquisitions. In particular, we believe that there are significant benefits and synergies that may be realized from our proposed acquisition of CyberArk, including through leveraging our and CyberArk’s products, scale, and combined enterprise customer bases. However, the efforts to realize the anticipated benefits and synergies will be a complex process and may disrupt both our and CyberArk’s existing operations if not implemented in a timely and efficient manner. The full benefits of the proposed acquisition of CyberArk, including the anticipated sales or growth opportunities, may not be realized as expected or may not be achieved within the anticipated time frame, or at all.
We have recorded, and may in the future record, liability for contingent consideration obligations from acquisitions that are to be settled in cash, the fair value of which is assessed on a quarterly basis. If changes are made in our assumptions used to determine the liability’s fair value or our assumptions are incorrect, adjustments could be made that may have a material impact, favorable or unfavorable, on our operating results. We may also be required to make cash payments of contingent consideration in excess of its initial fair value, or in excess of our expectations for a particular period, which could adversely impact cash flows.
We may have to pay cash, incur debt, or issue equity or equity-linked securities to pay for any future acquisitions, including the pending acquisition of CyberArk, each of which could adversely affect our financial condition or the market price of our common stock, and result in dilution to our stockholders. Furthermore, the sale or issuance of equity or equity-linked debt to finance any future acquisitions could result in dilution to our stockholders.
In addition, any acquisitions may be viewed negatively by our customers, financial markets, or investors and may not ultimately strengthen our competitive position or achieve our goals and business strategy. The occurrence of any of these risks could harm our business, operating results, and financial condition.
We may not complete the acquisition of CyberArk within the timeframe we anticipate or at all, which could negatively impact our future business and financial results.
The completion of the acquisition of CyberArk is subject to a number of conditions, including, among others:
•the effectiveness of a registration statement on Form S-4 to be filed by us registering the shares of our common stock to be issued to CyberArk shareholders as consideration in the acquisition and the absence of any stop order or proceedings seeking a stop order;
•the approval for listing on Nasdaq of our shares of common stock to be issued in connection with the proposed acquisition;
•obtaining the requisite CyberArk shareholder approval in connection with the proposed acquisition;
•the expiration or termination of any waiting period (or extensions thereof) applicable to the acquisition under the Hart-Scott-Rodino Antitrust Improvements Act of 1976, as amended (the “HSR Act”) and the making, approval, expiration, termination or receipt of, as applicable, all applicable filings, registrations, waiting periods (or extensions of waiting periods) and approvals under specified antitrust and foreign investment laws; and
•the absence of governmental restraints or prohibitions preventing the consummation of the proposed acquisition.
No assurance can be given that the required CyberArk shareholder approval and governmental and regulatory consents and approvals will be obtained or that any of the required conditions to closing will be satisfied in a timely manner or at all. As a result, although it is currently anticipated that we will complete the acquisition of CyberArk during the second half of our fiscal 2026, the possible timing and likelihood of completion are uncertain. There can be no assurance that the acquisition of CyberArk will be completed in the anticipated timeframe or at all. Any delay in completing the proposed acquisition could cause the combined company not to realize, or to be delayed in realizing, some or all of the benefits and synergies that we anticipate to achieve if the proposed acquisition were to be successfully completed within its expected time frame.
In addition, the relevant governmental authorities from which approvals under specified antitrust and foreign investment laws must be obtained may impose or seek to impose conditions on the completion of the acquisition or require changes to the terms of the proposed acquisition or agreements to be entered into in connection with the CyberArk acquisition. Such conditions or changes and the process of obtaining these approvals, could have the effect of delaying or impeding completion of the CyberArk acquisition or imposing additional costs or limitations on us following the acquisition, which may have an adverse effect on our business, results of operations, and financial condition.
The failure or inability to satisfy all of the required conditions could delay the completion of the acquisition for a significant period of time or prevent it from occurring at all. In addition, under limited circumstances, we or CyberArk may elect to terminate the definitive agreement or we and CyberArk may mutually decide to terminate the definitive agreement, before or after obtaining the requisite CyberArk shareholder approval. A termination of the definitive agreement could materially and adversely affect our business, results of operations and reputation.
If the acquisition of CyberArk is delayed or not completed, we could be subject to a number of risks that may adversely affect our business, operating results and financial condition, including, among other things:
•we may experience negative reactions from the financial markets, including negative impacts on the market price of our common stock;
•we could incur significant acquisition costs that we would be unable to recoup;
•under specified circumstances in connection with the termination of the definitive agreement, we would be required to pay CyberArk a termination fee of $1.0 billion;
•negative perception from industry contacts, business partners, and other third parties, which could impact our operations or our ability to compete for new business or obtain renewals in the marketplace more broadly; and
•reputational harm, negative publicity, negative reactions from employees, and other negative impacts resulting from delay or failure to complete the acquisition of CyberArk.
As a result of the CyberArk acquisition, we anticipate that the scope and size of our business will substantially change and result in certain incremental risks, including increased competition.
We believe that the CyberArk acquisition will expand the scope and size of our business by adding substantial assets and operations to our existing business. The anticipated future growth of our business may impose significant added responsibilities on our senior management, and our senior management’s attention may be diverted from the management of our business and its day-to-day operations to the completion and integration of the CyberArk acquisition. The CyberArk acquisition could also create uncertainty for our and CyberArk’s employees, partners, and customers, particularly during the anticipated post-acquisition integration process, and result in disruption to existing business relationships and the development of new business relationships.
Following completion of the proposed acquisition of CyberArk, our success, including with respect to realizing the anticipated benefits and synergies from the proposed acquisition, will depend, in part, on our ability to manage our expansion, which poses numerous risks and uncertainties, including the need to integrate the operations and business of CyberArk into our existing business in a timely and efficient manner, to combine systems and management controls and to integrate relationships with industry contacts and business partners. In addition, we will be required to devote significant attention and resources prior to closing to prepare for the post-closing integration and operation of the combined company, and we will be required post-closing to devote significant attention and resources to successfully align our and CyberArk’s business practices and operations. This process may disrupt our business and, if ineffective, would limit the anticipated benefits and synergies of the acquisition.
In addition, we expect that the completion of the CyberArk acquisition will result in increased competition, including, as a result of our entry into a new product category. CyberArk faces intense competition in the information security and identity security industry in which it operates, characterized by constant innovation, evolving customer requirements, and rapid adoption of different technologies and services. These added competitive pressures could result in decreased sales, price reductions, increased operating costs, and lower revenues, margins and net income for the combined company. These impacts could also result in a delay in realizing, or our failure to realize, expected synergies or cost savings from the CyberArk acquisition.
The occurrence of any of these risks could harm our business, operating results, and financial condition.
If we do not accurately predict, prepare for, and respond promptly to rapidly evolving technological and market developments and successfully manage product and subscription introductions and transitions to meet changing end-customer needs in the enterprise security industry, our competitive position and prospects will be harmed.
The enterprise security industry has grown quickly and continues to evolve rapidly. Moreover, many of our end-customers operate in markets characterized by rapidly changing technologies and business plans, which require them to add numerous network access points and adapt increasingly complex enterprise networks, incorporating a variety of hardware, software applications, operating systems, and networking protocols. If we fail to effectively anticipate, identify, and respond to rapidly evolving technological and market developments in a timely manner, our business will be harmed.
In order to anticipate and respond effectively to rapid technological changes and market developments, as well as evolving security threats, we must invest effectively in research and development to increase the reliability, availability, and scalability of our existing products and subscriptions and introduce new products and subscriptions. Our investments in research and development, including investments in AI, may not result in design or performance improvements, marketable products, subscriptions, or features, or may not achieve the cost savings or additional revenue that we expect. In addition, new and evolving products and services, including those that use AI, require significant investment and raise ethical, technological, legal, regulatory, and other challenges, which may negatively affect our brands and demand for our products and services. Because all of these investment areas are inherently risky, no assurance can be given that such strategies and offerings will be successful or will not harm our reputation, financial condition, and operating results.
In addition, we must continually change our products and expand our business strategy in response to changes in network infrastructure requirements, including the expanding use of cloud computing. For example, organizations are moving portions of their data to be managed by third parties, primarily infrastructure, platform, and application service providers, and may rely on such providers’ internal security measures. While we have historically been successful in developing, acquiring, and marketing new products and product enhancements that respond to technological change and evolving industry standards, we may not be able to continue to do so, and there can be no assurance that our new or future offerings will be successful or will achieve widespread market acceptance. If we fail to accurately predict and address end-customers’ changing needs and emerging technological trends in the enterprise security industry, including in the areas of AI, mobility, virtualization, cloud computing, and software-defined networks, our business could be harmed.
The technology in our portfolio is especially complex because it needs to effectively identify and respond to new and increasingly sophisticated methods of attack, while minimizing the impact on network performance. Additionally, some of our new features and related enhancements may require us to develop new hardware architectures that involve complex, expensive, and time-consuming research and development processes. The development of our portfolio is difficult and the timetable for commercial release and availability is uncertain as there can be long time periods between releases and availability of new features. If we experience unanticipated delays in the availability of new products, features, and subscriptions, and fail to meet customer expectations for such availability, our competitive position and business prospects will be harmed.
The success of new features depends on several factors, including appropriate new product definition, differentiation of new products, subscriptions, and features from those of our competitors, and market acceptance of these products, services, and features. Moreover, successful new product introduction and transition depends on a number of factors, including our ability to manage the risks associated with new product production ramp-up issues, the availability of application software for new products, the effective management of purchase commitments and inventory, the availability of products in appropriate quantities and costs to meet anticipated demand, and the risk that new products may have quality or other defects or deficiencies, especially in the early stages of introduction. There can be no assurance that we will successfully identify opportunities for new products and subscriptions, develop and bring new products and subscriptions to market in a timely manner, achieve market acceptance of our products and subscriptions, or that products, subscriptions, and technologies developed by others will not render our products, subscriptions, and technologies obsolete or noncompetitive.
Issues in the development and deployment of AI may result in reputational harm and legal liability and could adversely affect our results of operations.
We have incorporated, and are continuing to develop and deploy, AI into many of our products and solutions, including services that support our products and solutions. We are also incorporating AI into the operations of our business. AI presents challenges and risks that could affect our products and solutions, and the operations of our business. For example, AI algorithms may have flaws, and datasets used to train models may be insufficient or contain biased information. The AI that is being incorporated into our products, solutions, and business operation tools may not be successful or beneficial, and instead may cause technical, legal or ethical problems or result in increased costs. The investments that we are making across our business in AI reflect our ongoing efforts to innovate and provide products and services that are useful to our customers, as well as provide efficiencies in our business. Such investments ultimately may not be commercially viable or may not result in an adequate return of capital and we may incur unanticipated liabilities. These efforts could subject us to regulatory risk, legal liability, including under legislation regulating AI in jurisdictions such as the E.U. and laws and regulations being considered in other jurisdictions, or brand or reputational harm.
The rapid evolution of AI, including potential government regulation of AI, requires us to invest significant resources to develop, test, and maintain AI in our products and services in a manner that meets evolving requirements and expectations. The rules and regulations adopted by policymakers over time may require us to make changes to our business practices. Developing, testing, and deploying AI systems may also increase the cost profile of our offerings due to the nature of the computing costs involved in such systems.
The intellectual property ownership and license rights surrounding AI technologies, as well as data protection laws related to the use and development of AI, are currently not fully addressed by courts or regulators. The use or adoption of AI technologies in our products may result in exposure to claims by third parties of copyright infringement or other intellectual property misappropriation, which may require us to pay compensation or license fees to third parties. The evolving legal, regulatory, and compliance framework for AI technologies may also impact our ability to protect our own data and intellectual property against infringing use.
A network or data security incident may allow unauthorized access to our network or data, harm our reputation, create additional liability, and adversely impact our financial results.
Increasingly, companies are subject to a wide variety of attacks on an ongoing basis. In addition to traditional computer “hackers,” malicious code (such as viruses and worms), phishing attempts, employee theft or misuse, and denial of service attacks, sophisticated nation-state and nation-state supported actors engage in intrusions and attacks (including advanced persistent threat intrusions and supply chain attacks), and add to the risks to our internal networks, cloud-deployed enterprise and customer-facing environments and the information they store and process. Incidences of cyberattacks and other cybersecurity breaches and incidents have increased and are likely to continue to increase. We and our third-party service providers face security threats and attacks from a variety of sources. Despite our efforts and processes to prevent breaches of our internal networks, systems, and websites, our data, corporate systems, and security measures, as well as those of our third-party service providers, are still vulnerable to computer viruses, break-ins, phishing attacks, ransomware attacks, or other types of attacks from outside parties, or breaches due to employee error, malfeasance, or some combination of these. We cannot guarantee that the measures we have taken to protect our networks, systems, and websites will provide adequate security. Furthermore, as a well-known provider of security solutions, we may be a more attractive target for such attacks. The Russia-Ukraine war and associated activities in Ukraine and Russia may increase the risk of cyberattacks on various types of infrastructure and operations, and the United States government has warned companies to be prepared for additional Russian cyberattacks in response to the Sanctions on Russia.
A security breach or incident, or an attack against our service availability suffered by us, or our third-party service providers, could impact our networks or networks secured by our products and subscriptions, creating system disruptions or slowdowns and exploiting security vulnerabilities of our products. In addition, the information stored or otherwise processed on our networks, or those of our third-party service providers, could be accessed, publicly disclosed, altered, lost, stolen, rendered unavailable, or otherwise used or processed without authorization, which could subject us to liability and cause us financial harm. Any actual or perceived breach of security in our systems or networks, or any other actual or perceived data security incident we or our third-party service providers suffer, could result in significant damage to our reputation, negative publicity, loss of channel partners, end-customers, and sales, loss of competitive advantages over our competitors, increased costs to remedy any problems and otherwise respond to any incident, regulatory investigations and enforcement actions, demands, costly litigation, and other liability. In addition, we may incur significant costs and operational consequences of investigating, remediating, eliminating, and putting in place additional tools, devices, and other measures designed to prevent actual or perceived security breaches and other security incidents, as well as the costs to comply with any notification obligations resulting from any security incidents. Any of these negative outcomes could adversely impact the market perception of our products and subscriptions and end-customer and investor confidence in our company and could seriously harm our business or operating results.
Defects, errors, or vulnerabilities in our products, subscriptions, or support offerings, the failure of our products or subscriptions to block a virus or prevent a security breach or incident, misuse of our products, or risks of product liability claims could harm our reputation and adversely impact our operating results.
Because our products and subscriptions are complex, they have contained and may contain design or manufacturing defects or errors that are not detected until after their commercial release and deployment by our end-customers. For example, from time to time, certain of our end-customers have reported defects in our products related to performance, scalability, and compatibility. Additionally, defects or vulnerabilities may cause our products or subscriptions to become partially or fully unavailable temporarily or permanently, to be vulnerable to security attacks, cause them to fail to help secure networks, or interrupt end-customers’ networking traffic, or the availability of other information technology infrastructure or systems. For example, in November 2024, we became aware of an authentication bypass vulnerability through the management web interface of certain versions of our PAN-OS software. To remediate the matter, we published a security advisory to advise customers, provided software updates for affected PAN-OS versions, and engaged in customer outreach, support and remediation efforts for potentially impacted customers. Because the techniques used by computer hackers to access or sabotage networks change frequently and generally are not recognized until launched against a target, we may be unable to anticipate these techniques and provide a solution in time to protect our end-customers’ networks. In addition, due to the Russia-Ukraine war, there could be a significant increase in Russian cyberattacks against our customers, resulting in an increased risk of a security breach of our end-customers’ systems.
Furthermore, defects or errors in products or software, or migrations or updates to those products or software, could result in a failure to effectively update end-customers’ hardware and cloud-based products or otherwise cause problems in our customers’ hardware, networks or information technology infrastructure or systems. The data centers, networks, and cloud infrastructure that we use to deliver our products and services may experience technical failures and downtime or may fail to meet the increased requirements of a growing installed end-customer base, any of which could temporarily or permanently expose our end-customers’ networks, leaving their networks unprotected against the latest security threats. Moreover, our products must interoperate with our end-customers’ existing infrastructure, which often have varied specifications, utilize multiple protocol standards, deploy products from multiple vendors, and contain multiple generations of products that have been added over time. As a result, when problems occur in a network, it may be difficult to identify the sources of these problems. Any such technical failure, downtime or failures in general may temporarily or permanently disable our end-customers’ networks, information technology infrastructure or other systems, or expose our end-customers’ networks to attacks from security threats.
The occurrence of any such problem in our products and subscriptions, or migrations or updates to those products or software, whether real or perceived, could result in:
•expenditure of significant financial and product development resources in efforts to analyze, correct, eliminate, or work-around errors or defects or to address and eliminate vulnerabilities;
•loss of existing or potential end-customers or channel partners;
•delayed or lost revenue;
•delay or failure to attain market acceptance;
•an increase in warranty claims compared with our historical experience, or an increased cost of servicing warranty claims, either of which would adversely affect our gross margins; and
•litigation, regulatory inquiries, investigations, or other proceedings, each of which may be costly and harm our reputation.
Further, our products and subscriptions may be misused by end-customers or third parties that obtain access to our products and subscriptions. For example, our products and subscriptions could be used to censor private access to certain information on the Internet. Such use of our products and subscriptions for censorship could result in negative press coverage and negatively affect our reputation.
The limitation of liability provisions in our standard terms and conditions of sale may not fully or effectively protect us from claims as a result of federal, state, or local laws or ordinances, or unfavorable judicial decisions in the United States or other countries. The sale and support of our products and subscriptions also entails the risk of product liability claims. Although we may be indemnified by our third-party manufacturers for product liability claims arising out of manufacturing defects, because we control the design of our products and subscriptions, we may not be indemnified for product liability claims arising out of design defects. While we maintain insurance coverage for certain types of losses, our insurance coverage may not adequately cover any claim asserted against us, if at all. In addition, even claims that ultimately are unsuccessful could result in our expenditure of funds in litigation, divert management’s time and other resources, and harm our reputation.
In addition, our classifications of application type, virus, spyware, vulnerability exploits, data, or URL categories may falsely detect, report, and act on applications, content, or threats that do not actually exist. This risk is heightened by the inclusion of a “heuristics” feature in our products and subscriptions, which attempts to identify applications and other threats not based on any known signatures but based on characteristics or anomalies which indicate that a particular item may be a threat. These false positives may impair the perceived reliability of our products and subscriptions and may therefore adversely impact market acceptance of our products and subscriptions and could result in damage to our reputation, negative publicity, loss of channel partners, end-customers and sales, increased costs to remedy any problem, and costly litigation.
Our ability to sell our products and subscriptions is dependent on the quality of our technical support services and those of our channel partners, and the failure to offer high-quality technical support services could have a material adverse effect on our end-customers’ satisfaction with our products and subscriptions, our sales, and our operating results.
After our products and subscriptions are deployed within our end-customers’ networks, our end-customers depend on our technical support services, as well as the support of our channel partners, to resolve any issues relating to our products. Many larger enterprise, service provider, and government entity end-customers have more complex networks and require higher levels of support than smaller end-customers. If our channel partners do not effectively provide support to the satisfaction of our end-customers, we may be required to provide direct support to such end-customers, which would require us to hire additional personnel and to invest in additional resources. If we are not able to hire such resources fast enough to keep up with unexpected demand, support to our end-customers will be negatively impacted, and our end-customers’ satisfaction with our products and subscriptions will be adversely affected. Additionally, to the extent that we may need to rely on our sales engineers to provide post-sales support while we are ramping up our support resources, our sales productivity will be negatively impacted, which would harm our revenues. Accordingly, our failure, or our channel partners’ failure, to provide and maintain high-quality support services could have a material adverse effect on our business, financial condition, and operating results.
RISKS RELATED TO INTELLECTUAL PROPERTY AND TECHNOLOGY LICENSING
Claims by others that we infringe their intellectual property rights could harm our business.
Companies in the enterprise security industry own large numbers of patents, copyrights, trademarks, domain names, and trade secrets and frequently enter into litigation based on allegations of infringement, misappropriation, or other violations of intellectual property rights. In addition, non-practicing entities also frequently bring claims of infringement of intellectual property rights. Third parties are asserting, have asserted, and may in the future assert claims of infringement of intellectual property rights against us. For example, on January 31, 2024, in the Centripetal Networks, Inc. lawsuit against us, a jury returned a verdict of non-willful infringement, and, after post-trial motions, a judgment was issued in the lawsuit on October 3, 2024 assessing a lump sum damages amount of $113.6 million, plus statutory interest, which is currently on appeal. Additional examples of patent infringement cases have been disclosed in Note 13. Commitments and Contingencies in Part II, Item 8 of this Annual Report on Form 10-K.
Third parties may also assert such claims against our end-customers or channel partners, whom our standard license and other agreements obligate us to indemnify against claims that our products and subscriptions infringe the intellectual property rights of third parties. In addition, to the extent we hire personnel from competitors, we may be subject to allegations that they have been improperly solicited, that they have divulged proprietary or other confidential information, or that their former employers own their inventions or other work product. Furthermore, we may be unaware of the intellectual property rights of others that may cover some or all of our technology, products, subscriptions, and services. As we expand our footprint, both in our platforms, products, subscriptions, and services and geographically, more overlaps occur and we may face more infringement claims both in the United States and abroad.
While we have been increasing the size of our patent portfolio, our competitors and others may now and in the future have significantly larger and more mature patent portfolios than we have. In addition, litigation has involved and will likely continue to involve patent-holding companies or other adverse patent owners who have no relevant product revenue and against whom our own patents may therefore provide little or no deterrence or protection. In addition, we have not registered our trademarks in all of our geographic markets and failure to secure those registrations could adversely affect our ability to enforce and defend our trademark rights. Any claim of infringement by a third party, even those without merit, could cause us to incur substantial costs defending against the claim, could distract our management from our business, and could require us to cease use of such intellectual property. Furthermore, because of the substantial amount of discovery required in connection with intellectual property litigation, there is a risk that some of our confidential information could be compromised by disclosure during this type of litigation. A successful claimant could secure a judgment, or we may agree to a settlement that prevents us from distributing certain products or performing certain services or that requires us to pay substantial damages, royalties, or other fees. Any of these events could seriously harm our business, financial condition, and operating results.
Our proprietary rights may be difficult to enforce or protect, which could enable others to copy or use aspects of our products or subscriptions without compensating us.
We rely and expect to continue to rely on a combination of confidentiality and license agreements with our employees, consultants, and third parties with whom we have relationships, as well as trademark, copyright, patent, and trade secret protection laws, to protect our proprietary rights. We have filed various applications for certain aspects of our intellectual property. Valid patents may not issue from our pending applications, and the claims eventually allowed on any patents may not be sufficiently broad to comprehensively protect our technology or products and subscriptions. We cannot be certain that we were the first to make the inventions claimed in our pending patent applications or that we were the first to file for patent protection, which could prevent our patent applications from issuing as patents or invalidate our patents following issuance. Additionally, the process of obtaining patent protection is expensive and time-consuming, and we may not be able to prosecute all necessary or desirable patent applications at a reasonable cost or in a timely manner. Any issued patents may be challenged, invalidated or circumvented, and any rights granted under these patents may not actually provide adequate defensive protection or competitive advantages to us. Additional uncertainty may result from changes to patent-related laws and court rulings in the United States and other jurisdictions. As a result, we may not be able to obtain adequate patent protection or effectively enforce any issued patents.
Despite our efforts to protect our proprietary rights, unauthorized parties may attempt to copy aspects of our products or subscriptions or obtain and use information that we regard as proprietary. We generally enter into confidentiality or license agreements with our employees, consultants, vendors, and end-customers, and generally limit access to and distribution of our proprietary information. However, we cannot be certain that we have entered into such agreements with all parties who may have or have had access to our confidential information or that the agreements we have entered into will not be breached. We cannot guarantee that any of the measures we have taken will prevent misappropriation of our technology. Because we may be an attractive target for computer hackers, we may have a greater risk of unauthorized access to, and misappropriation of, our proprietary information. In addition, the laws of some foreign countries do not protect our proprietary rights to as great an extent as the laws of the United States, and many foreign countries do not enforce these laws as diligently as government agencies and private parties in the United States. From time to time, we may need to take legal action to enforce our patents and other intellectual property rights, to protect our trade secrets, to determine the validity and scope of the proprietary rights of others, or to defend against claims of infringement or invalidity. Such litigation could result in substantial costs and diversion of resources and could negatively affect our business, operating results, and financial condition. Attempts to enforce our rights against third parties could also provoke these third parties to assert their own intellectual property or other rights against us or result in a holding that invalidates or narrows the scope of our rights, in whole or in part. If we are unable to protect our proprietary rights (including aspects of our software and products protected other than by patent rights), we may find ourselves at a competitive disadvantage to others who need not incur the additional expense, time, and effort required to create the innovative products that have enabled us to be successful to date. Any of these events would have a material adverse effect on our business, financial condition, and operating results.
Our use of open source software in our products and subscriptions could negatively affect our ability to sell our products and subscriptions and subject us to possible litigation.
Our products and subscriptions contain software modules licensed to us by third-party authors under “open source” licenses. Some open source licenses contain requirements that we make available applicable source code for modifications or derivative works we create based upon the type of open source software we use. If we combine our proprietary software with, or otherwise distribute or use open source software in a certain manner, we could, under certain open source licenses, be required to release the source code of our proprietary software to the public. This would allow our competitors to create similar products or subscriptions with lower development effort and time and ultimately could result in a loss of product sales for us.
Although we take reasonable steps to monitor our use of open source software to avoid subjecting our products and subscriptions to conditions we do not intend, the terms of many open source licenses have not been interpreted by United States courts, and there is a risk that these licenses could be construed in a way that could impose unanticipated conditions or restrictions on our ability to commercialize our products and subscriptions. From time to time, there have been claims against companies that distribute or use open source software in their products and subscriptions, asserting that open source software infringes the claimants’ intellectual property rights. We could be subject to suits by parties claiming infringement of intellectual property rights in what we believe to be licensed open source software. If we are held to have breached the terms of an open source software license, we could be required to seek licenses from third parties to continue offering our products and subscriptions on terms that are not economically feasible, to reengineer our products and subscriptions, to discontinue the sale of our products and subscriptions if reengineering could not be accomplished on a timely basis, or to make generally available, in source code form, our proprietary code, any of which could adversely affect our business, operating results, and financial condition.
In addition to risks related to license requirements, usage of open source software can lead to greater risks than use of third-party commercial software, as open source licensors generally do not provide warranties or assurance of title or controls on origin of the software. In addition, many of the risks associated with usage of open source software, such as the lack of warranties or assurances of title, cannot be eliminated, and could, if not properly addressed, negatively affect our business. We have established processes to help alleviate these risks, including a review process for screening requests from our development organizations for the use of open source software, but we cannot be sure that our processes for controlling our use of open source software in our products and subscriptions will be effective.
We license technology from third parties, and our inability to maintain those licenses could harm our business.
We incorporate technology that we license from third parties, including software, into our products and subscriptions. We cannot be certain that our licensors are not infringing the intellectual property rights of third parties or that our licensors have sufficient rights to the licensed intellectual property in all jurisdictions in which we may sell our products and subscriptions. In addition, some licenses may be non-exclusive, and therefore our competitors may have access to the same technology licensed to us. Some of our agreements with our licensors may be terminated for convenience by them. We may also be subject to additional fees or be required to obtain new licenses if any of our licensors allege that we have not properly paid for such licenses or that we have improperly used the technologies under such licenses, and such licenses may not be available on terms acceptable to us or at all. If we are unable to continue to license any of this technology because of intellectual property infringement claims brought by third parties against our licensors or against us, or claims against us by our licensors, or if we are unable to continue our license agreements or enter into new licenses on commercially reasonable terms, our ability to develop and sell products and subscriptions containing such technology would be severely limited and our business could be harmed. Additionally, if we are unable to license necessary technology from third parties, we may be forced to acquire or develop alternative technology, which we may be unable to do in a commercially feasible manner or at all, and we may be required to use alternative technology of lower quality or performance standards. This would limit and delay our ability to offer new or competitive products and subscriptions and increase our costs of production. As a result, our margins, market share, and operating results could be significantly harmed.
RISKS RELATED TO OPERATIONS
Because we depend on manufacturing partners to build and ship our hardware products, we are susceptible to manufacturing and logistics delays and pricing fluctuations that could prevent us from shipping customer orders on time, if at all, or on a cost-effective basis, which may result in the loss of sales and end-customers.
We depend on manufacturing partners, primarily our EMS provider, Flex, to manufacture our hardware product lines. Our substantial reliance on Flex, as well as other manufacturing partners subjects us to potential concentration risks, such as reduced control over the manufacturing process, quality assurance, product costs, product supply, and timing. Our hardware products are manufactured by our manufacturing partners at facilities located primarily in the United States. Some of the components in our products are sourced either through Flex or directly by us from component suppliers outside the United States. The portion of our hardware products that are sourced outside the United States may subject us to geopolitical risks, additional logistical risks, risks associated with international trade agreements, international trade disputes, trade regulations, tariffs, or risks associated with complying with local rules and regulations in foreign countries.
Significant changes to existing international trade agreements, tariffs, or trade regulations could lead to sourcing or logistics disruption resulting from import delays or the imposition of increased tariffs on our sourcing partners. For example, the United States and Chinese governments have each enacted, and discussed additional, import tariffs. Some components that we import for final manufacturing in the United States have been impacted by these tariffs. As a result, our costs have increased and we have raised, and may be required to further raise, prices on our hardware products in response to these and potential new trade regulations.
Our manufacturing partners typically fulfill our supply requirements on the basis of individual purchase orders. We do not have long-term contracts with these manufacturers that guarantee capacity, the continuation of particular pricing terms, or the extension of credit limits. Accordingly, they are not obligated to continue to fulfill our supply requirements and the prices we pay for manufacturing services could be increased on short notice. Our contract with Flex permits them to terminate the agreement for their convenience, subject to prior notice requirements. If we are required to change manufacturing partners, our ability to meet our scheduled product deliveries to our end-customers could be adversely affected, which could cause the loss of sales to existing or potential end-customers, delayed revenue or an increase in our costs which could adversely affect our gross margins. Any production interruptions for any reason, such as a natural disaster, epidemic or pandemic, capacity shortages, or quality problems at one of our manufacturing partners would negatively affect sales of our product lines manufactured by that manufacturing partner and adversely affect our business and operating results.
Managing the supply of our hardware products and product components is complex. Insufficient supply and inventory would result in lost sales opportunities or delayed revenue, while excess inventory would harm our gross margins.
Our manufacturing partners procure components and build our hardware products based on our forecasts, and we generally do not hold inventory for a prolonged period of time. These forecasts are based on historical trends and analysis, adjusted for overall market conditions. In order to reduce manufacturing lead times and plan for adequate component supply, from time to time we may issue forecasts for components and products that are non-cancelable and non-returnable.
Our inventory management systems and related supply chain visibility tools may be inadequate to enable us to forecast accurately and effectively manage supply of our hardware products and product components. If we ultimately determine that we have excess supply, we may have to reduce our prices and write down inventory, which in turn could result in lower gross margins. If our actual component usage and product demand are lower than the forecast we provide to our manufacturing partners, we accrue for losses on manufacturing commitments in excess of forecasted demand. Alternatively, insufficient supply levels may lead to shortages that result in delayed hardware product revenue or loss of sales opportunities altogether as potential end-customers turn to competitors’ products that are readily available. If we are unable to effectively manage our supply and inventory, our operating results could be adversely affected.
Our hardware products contain key components from limited sources of supply, including outside the United States, and we are susceptible to supply shortages, supply changes, and international regulations, which, in certain cases, have disrupted or delayed our scheduled product deliveries to our end-customers, increased our costs and may result in the loss of sales and end-customers.
Our hardware products rely on key components, including integrated circuit components, which our manufacturing partners purchase on our behalf from a limited number of component suppliers, including sole source providers. The manufacturing operations of some of our component suppliers are geographically concentrated in Asia and elsewhere, which makes our supply chain vulnerable to regional disruptions, such as natural disasters, fire, political instability, civil unrest, power outages, or health risks, and international regulations, such as tariffs, sanctions and import and export controls. In the past, we experienced supply chain disruption and have incurred increased costs resulting from inflationary pressures and changes in U.S. trade policy. We are also monitoring the tensions between China and Taiwan, and between the U.S. and China, which could have an adverse impact on our business or results of operations in future periods.
Further, we do not have volume purchase contracts with any of our component suppliers, and they could cease selling to us at any time. If we are unable to obtain a sufficient quantity of these components in a timely manner for any reason, sales of our hardware products could be delayed or halted, or we could be forced to expedite shipment of such components or our hardware products at dramatically increased costs. Our component suppliers also change their selling prices frequently in response to market trends, including industry-wide increases in demand. Because we do not have, for the most part, volume purchase contracts with our component suppliers, we are susceptible to price fluctuations related to raw materials and components and may not be able to adjust our prices accordingly. Additionally, poor quality in any of the sole-sourced components in our products could result in lost sales or sales opportunities.
If we are unable to obtain a sufficient volume of the necessary components for our hardware products on commercially reasonable terms or the quality of the components do not meet our requirements, we could also be forced to redesign our products and qualify new components from alternate component suppliers. The resulting stoppage or delay in selling our hardware products and the expense of redesigning our hardware products would result in lost sales opportunities and damage to customer relationships, which would adversely affect our business and operating results.
If we are unable to attract, retain, and motivate our key technical, sales, and management personnel, our business could suffer.
Our future success depends, in part, on our ability to continue to attract, retain, and motivate the members of our management team and other key employees. For example, we are substantially dependent on the continued service of our engineering personnel because of the complexity of our offerings. Competition for highly skilled personnel, particularly in engineering, including in the areas of AI and machine learning, is intense, especially in the San Francisco Bay Area, where we have a substantial presence and need for such personnel. In addition, the industry in which we operate generally experiences high employee attrition. Our future performance depends on the continuing services and contributions of our senior management to execute on our business plan and to identify and pursue new opportunities and product innovations. If we are unable to hire, integrate, train, or retain the qualified and highly skilled personnel required to fulfill our current or future needs, our business, financial condition, and operating results could be harmed.
Further, we believe that a critical contributor to our success and our ability to retain highly skilled personnel has been our corporate culture, which we believe fosters innovation, inclusion, teamwork, passion for end-customers, focus on execution, and the facilitation of critical knowledge transfer and knowledge sharing. As we grow and change, we may find it difficult to maintain these important aspects of our corporate culture. While we are taking steps to develop a more inclusive workforce, there is no guarantee that we will be able to do so. Any failure to preserve our culture as we grow could limit our ability to innovate and could negatively affect our ability to retain and recruit personnel, continue to perform at current levels or execute on our business strategy.
We generate a significant amount of revenue from sales to distributors, resellers, and end-customers outside of the United States, and we are therefore subject to a number of risks associated with international sales and operations.
Our ability to grow our business and our future success will depend to a significant extent on our ability to expand our operations and customer base worldwide. Many of our customers, resellers, partners, suppliers, and manufacturers operate around the world. Operating in a global marketplace, we are subject to risks associated with having an international reach and compliance and regulatory requirements. We may experience difficulties in attracting, managing, and retaining an international staff, and we may not be able to recruit and maintain successful strategic distributor relationships internationally. Business practices in the international markets that we serve may differ from those in the United States and may require us in the future to include terms other than our standard terms related to payment, warranties, or performance obligations in end-customer contracts.
Additionally, our international sales and operations are subject to a number of risks, including the following:
•political, economic, and social uncertainty around the world, health risks such as epidemics and pandemics like COVID-19, macroeconomic challenges, terrorist activities, the Russia-Ukraine war, tensions between China and Taiwan, the hostilities in Israel and the surrounding region, and continued hostilities in the Middle East;
•unexpected changes in, or the application of, foreign and domestic laws and regulations (including intellectual property rights protections), regulatory practices or enforcement policies, trade restrictions, international trade agreements, and foreign legal requirements, including those applicable to the importation, certification, and localization of our products, tariffs, and tax laws and treaties, including regulatory and trade policy changes adopted by the current administration, such as the Sanctions on Russia, or foreign countries in response to regulatory changes adopted by the current administration; and
•non-compliance with U.S. and foreign laws, including antitrust regulations, anti-corruption laws, such as the U.S. Foreign Corrupt Practices Act and the United Kingdom (“U.K.”) Bribery Act, U.S. or foreign sanctions regimes and export or import control laws, and any trade regulations ensuring fair trade practices.
These and other factors could harm our future international revenues and, consequently, materially impact our business, operating results, and financial condition. The expansion of our existing international operations and entry into additional international markets will require significant management attention and financial resources. Our failure to successfully manage our international operations and the associated risks effectively could limit the future growth of our business.
We are exposed to fluctuations in foreign currency exchange rates, which could negatively affect our financial condition and operating results.
Our sales contracts are primarily denominated in U.S. dollars, and therefore, a predominant amount of our revenue is not subject to foreign currency risk. However, in the event of a strengthening of the U.S. dollar against foreign currencies in which we conduct business, the cost of our products to our end-customers outside of the United States would increase, which could adversely affect our financial condition and operating results. In addition, increased international sales in the future, including through our channel partners and other partnerships or as a result of our acquisitions, may result in increased foreign currency denominated sales, increasing our foreign currency risk.
Our operating expenses incurred outside the United States and denominated in foreign currencies are generally increasing and are subject to fluctuations due to changes in foreign currency exchange rates. If we are not able to successfully hedge against the risks associated with foreign currency fluctuations, our financial condition and operating results could be adversely affected. We have entered into forward contracts in an effort to reduce our foreign currency exchange exposure related to our foreign currency denominated revenue and operating expenditures. As of July 31, 2025, the total notional amount of our outstanding foreign currency forward contracts was $1.5 billion. For more information on our hedging transactions, refer to Note 6. Derivative Instruments in Part II, Item 8 of this Annual Report on Form 10-K. The effectiveness of our existing hedging transactions and the availability and effectiveness of any hedging transactions we may decide to enter into in the future may be limited and we may not be able to successfully hedge our exposure, which could adversely affect our financial condition and operating results.
We face risks associated with having operations and employees located in Israel.
We have business operations in Israel and intend to continue growing our presence in Israel, including in connection with our proposed acquisition of CyberArk. Our operations in Israel could be disrupted by political instability, civil unrest, terrorist attacks, acts of violence, acts of war, or other military actions, including the hostilities in Israel and the surrounding region. The future of peace efforts between Israel and its Arab neighbors remains uncertain. The effects of hostilities and violence on the Israeli economy and our operations in Israel are unclear, and we cannot predict the effect on us of further increases in these hostilities or future armed conflict, political instability, or violence in the region. Current or future tensions and conflicts in the Middle East could adversely affect our business, operating results, financial condition, and cash flows.
In addition, many of our employees in Israel are obligated to perform annual reserve duty in the Israeli military and are subject to being called for active duty under emergency circumstances, which has occurred as a result of hostilities in Israel and the surrounding region. We cannot predict the full impact of these conditions on us in the future, particularly if emergency circumstances or an escalation in the political situation or hostilities occurs. If many of our employees in Israel are called for active duty for a significant period of time, our operations and our business could be disrupted and may not be able to function at full capacity. Any disruption in our operations in Israel could adversely affect our business.
We are subject to international trade regulations and governmental export and import controls that could subject us to liability or impair our ability to compete in international markets.
Because we incorporate encryption technology into our products, certain of our products are subject to U.S. export controls and may be exported outside the United States only with the required export license or through an export license exception. If we were to fail to comply with U.S. export licensing requirements, U.S. customs regulations, U.S. economic sanctions, or other laws or regulations, we could be subject to substantial civil and criminal penalties, including fines, incarceration for responsible employees and managers, and the possible loss of export or import privileges. Obtaining the necessary export license for a particular sale may be time-consuming and may result in the delay or loss of sales opportunities. Furthermore, U.S. export control laws and economic sanctions prohibit the shipment of certain products to U.S. embargoed or sanctioned countries, governments, and persons. Even though we take precautions to ensure that our channel partners comply with all relevant regulations, any failure by our channel partners to comply with such regulations could have negative consequences for us, including reputational harm, government investigations, and penalties.
In addition, various countries regulate the import of certain encryption technology, including through import permit and license requirements, and have enacted laws that could limit our ability to distribute our products or could limit our end-customers’ ability to implement our products in those countries. Changes in our products or changes in export and import regulations may create delays in the introduction of our products into international markets, prevent our end-customers with international operations from deploying our products globally or, in some cases, prevent or delay the export or import of our products to certain countries, governments, or persons altogether. Any change in export or import regulations, economic sanctions, such as the Sanctions on Russia, or related legislation, shift in the enforcement or scope of existing regulations, or change in the countries, governments, persons, or technologies targeted by such regulations could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential end-customers with international operations. Any decreased use of our products or limitation on our ability to export to or sell our products in international markets would likely adversely affect our business, financial condition, and operating results.
International trade laws and regulations continuously evolve to address technological developments and changes in geopolitical conditions. New regulations or other governmental restrictions that may result from these circumstances could inhibit our ability to transact with foreign suppliers, customers, or other business partners. Monitoring and responding to these developments may require significant resources, and failure to comply with resulting regulations and restrictions may have an adverse impact on our business or results of operation.
RISKS RELATED TO PRIVACY AND DATA PROTECTION
We may incur increased costs to comply with privacy and data protection laws and, if we fail to comply, we could be subject to government enforcement actions, private litigation and adverse publicity.
A wide variety of laws and regulations apply to the collection, use, retention, protection, disclosure, transfer, and other processing of personal data in jurisdictions where we and our customers operate. Compliance with these laws and regulations is difficult and costly. These laws and regulations are also subject to frequent, inconsistent and unexpected changes; new, modified or additional laws or regulations may be adopted; and rulings that invalidate prior laws, regulations, or interpretations of such laws or regulations may be issued. For example, we are subject to the E.U. General Data Protection Regulation (“E.U. GDPR”) and the U.K. General Data Protection Regulation (“U.K. GDPR,” and collectively the “GDPR”), each of which imposes stringent data protection requirements, provide for costly penalties for noncompliance (up to the greater of (a) €20 million under the E.U. GDPR or £17.5 million under the U.K. GDPR, and (b) 4% of annual worldwide turnover), and confer the right upon data subjects and consumer associations to lodge complaints with supervisory authorities, seek judicial remedies, and obtain compensation for damages resulting from violations.
The GDPR imposes restrictions, among other things, on the transfer of personal data outside of the European Economic Area (“EEA”) (or, in the case of the U.K. GDPR, the U.K.) to non-EEA countries, such as the United States, unless adequate safeguards are implemented or a derogation applies. In practice, we rely on standard contractual clauses approved under the GDPR to carry out such transfers and to receive personal data subject to the GDPR (directly or indirectly) in the United States. In addition, with respect to the personal data that we process on behalf of our customers, we self-certified to the E.U.-U.S. Data Privacy Framework (“E.U.-U.S. DPF”), the UK Extension to the E.U.-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (collectively, the “DPF”), as set forth by the U.S. Department of Commerce, regarding transfers of certain personal data from the E.U., the U.K., and Switzerland to the United States. The DPF has been recognized as adequate under applicable law to allow transfers of personal data from the E.U., U.K., and Switzerland, as the case may be, to companies in the U.S. that have self-certified to the framework. However, the DPF may be subject to legal challenges, which could invalidate its use, disrupt our ability to rely on such data transfer mechanisms, and otherwise cause the legal requirements for such data transfers to be uncertain.
In addition, the U.K. government enacted the U.K. Data (Use and Access) Act 2025 on June 19, 2025, which includes targeted amendments to the U.K.’s data protection regime that cause it to expressly deviate from the GDPR. This development creates new compliance challenges and has created uncertainty with respect to the European Commission’s adequacy determination regarding the U.K.’s data protection regime, which has been extended until December 2025 and must be renewed to permit ongoing relatively unrestricted data flows from the EEA to the UK.
Among other effects of these developments, we may experience additional costs associated with increased compliance burdens, reduced demand for our offerings from current or prospective customers in the EEA, Switzerland, and the U.K. (collectively, “Europe”) to use our products, on account of the risks identified in the Schrems II decision or other developments relating to cross-border data transfers, and we may find it necessary or desirable to make further changes to our processing of personal data of European residents. The regulatory environment applicable to the handling of European residents’ personal data and cross-border data transfers, and our actions taken in response, may cause us to assume additional liabilities or incur additional costs. Moreover, much like with Schrems II, we anticipate future legal challenges to the approved data transfer mechanisms between Europe and the United States, including a challenge to the E.U.-U.S. DPF. Such legal challenges could result in additional legal and regulatory risk, compliance costs, and in our business, operating results, and financial condition being harmed.
We are also subject to the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the “CCPA”). The CCPA requires, among other things, covered businesses to provide enhanced disclosures to California consumers and to afford such consumers certain rights regarding their personal data, including the right to opt out of data sales for targeted advertising, and creates a private right of action to individuals affected by a data breach, if the breach was caused by a lack of reasonable security. The effects of the CCPA have been significant, requiring us to modify our data processing practices and policies and to incur substantial costs and expenses for compliance. Moreover, other U.S. states have enacted laws relating to privacy and security that are potentially relevant to us. These include laws enacted in at least 20 U.S. states, a portion of which are expected to come into effect over the course of our fiscal 2026. The U.S. Department of Justice also has issued rules regarding access to, or transfer of, certain bulk sensitive personal data by countries of concern. Increasingly complex federal or state laws and regulations relating to privacy and security, and interpretations and enforcement of existing laws and regulations relating to these matters, may require us to modify our data practices and policies, incur substantial compliance costs and expenses, and add further complexity to our compliance efforts that could adversely affect our business or increase our potential liability if we fail to comply or are alleged to have done so.
We may also from time to time be subject to obligations relating to personal data by contract, or face assertions that we are subject to self-regulatory obligations or industry standards. Additionally, the Federal Trade Commission and many state attorneys general are more regularly bringing enforcement actions in connection with federal and state consumer protection laws for false or deceptive acts or practices in relation to the online collection, use, dissemination, and security of personal data. Internationally, data localization laws may mandate that personal data collected in a foreign country be processed and stored within that country.
We and our customers may face risk of enforcement actions by regulators or data protection authorities, private litigation and adverse publicity including reputational damage and loss of customer confidence for alleged violations of any of the foregoing obligations. Any such claims could result in substantial costs, ongoing remedial, audit and reporting obligations, and diversion of resources, and distract management and technical personnel. These potential liabilities and enforcement actions could also have an overall negative effect on our business, operating results, and financial condition. The amount and scope of insurance we maintain may not cover all types of claims that may arise.
New legislation affecting the scope of personal data and personal information where we or our customers and partners have operations, especially relating to classification of Internet Protocol (“IP”) addresses, machine identification, AI and machine learning, location data, and other information, may limit or inhibit our ability to operate or expand our business, including limiting strategic partnerships that may involve the sharing or uses of data, and may require significant expenditures and efforts in order to comply. Notably, public perception of potential privacy, data protection, or information security concerns—whether or not valid—may harm our reputation and inhibit adoption of our products and subscriptions by current and future end-customers. Each of these laws and regulations, and any changes to these laws and regulations, or new laws and regulations, could impose significant limitations, or require changes to our business model or practices or growth strategy, which may increase our compliance expenses and make our business more costly or less efficient to conduct.
Tax, Accounting, Compliance, and Regulatory Risks
We may have exposure to tax liabilities that are greater than anticipated.
Our income tax obligations are based in part on our corporate structure and intercompany arrangements, including the manner in which we develop, value, and use our intellectual property and the valuations of our intercompany transactions. The tax laws applicable to our business, including the laws of the United States and various other jurisdictions, are subject to interpretation and certain jurisdictions may aggressively interpret their laws, regulations, and policies, including in an effort to raise additional tax revenue. The tax authorities of the jurisdictions in which we operate may challenge our methodologies for valuing developed or acquired technology or determining the proper charges for intercompany arrangements, which could increase our worldwide effective tax rate, harm our financial position and operating results, and have a negative effect on our cash flow. Some tax authorities of jurisdictions other than the United States may seek to assert extraterritorial taxing rights on our transactions or operations. It is possible that domestic or international tax authorities may subject us to tax examinations, or audits, and such tax authorities may disagree with certain positions we have taken, and any adverse outcome of such an examination, review or audit could result in additional tax liabilities and penalties and otherwise have a negative effect on our financial position, operating results, and cash flow. Further, the determination of our worldwide provision for income taxes and other tax liabilities requires significant judgment by management, and there are transactions where the ultimate tax determination is uncertain. Although we believe that our estimates are reasonable, the ultimate tax outcome may differ from the amounts recorded on our consolidated financial statements and may materially affect our financial results in the period or periods for which such determination is made.
In addition, our future income tax obligations and effective tax rates could be adversely affected by changes in, or interpretations of, tax laws, regulations, policies, or decisions in the United States or in the other jurisdictions in which we operate including as a result of the U.S. federal tax legislation commonly referred to as the One Big Beautiful Bill Act, which was signed into law on July 4, 2025.
If our estimates or judgments, including those relating to our critical accounting policies, are based on assumptions that change or prove to be incorrect, our operating results differ from our publicly announced guidance or the expectations of securities analysts and investors, resulting in a decline in the market price of our common stock.
The preparation of consolidated financial statements in conformity with U.S. generally accepted accounting principles (“U.S. GAAP”) requires management to make estimates and assumptions that affect the amounts reported on our consolidated financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, the results of which form the basis for making judgments about the carrying amounts of assets, liabilities, equity, revenue, and expenses that are not readily apparent from other sources. For more information relating to critical accounting policies, refer to the section entitled “Critical Accounting Estimates” in “Management’s Discussion and Analysis of Financial Condition and Results of Operations” in Part II, Item 7 of this Annual Report on Form 10-K. In general, if our estimates, judgments or assumptions relating to our critical accounting policies change or if actual circumstances differ from our estimates, judgments or assumptions, our operating results may be adversely affected and could fall below our publicly announced guidance or the expectations of securities analysts and investors, resulting in a decline in the market price of our common stock.
We are obligated to maintain proper and effective internal control over financial reporting. We may not complete our analysis of our internal control over financial reporting in a timely manner, or our internal control may not be determined to be effective, which may adversely affect investor confidence in our company and, as a result, the value of our common stock.
If we are unable to assert that our internal controls are effective, our independent registered public accounting firm may not be able to formally attest to the effectiveness of our internal control over financial reporting. If, in the future, our chief executive officer, chief financial officer, or independent registered public accounting firm determines that our internal control over financial reporting is not effective as defined under Section 404, we could be subject to one or more investigations or enforcement actions by state or federal regulatory agencies, stockholder lawsuits, or other adverse actions requiring us to incur defense costs, pay fines, settlements, or judgments, causing investor perceptions to be adversely affected and potentially resulting in a decline in the market price of our stock.
Our reputation and/or business could be negatively impacted by corporate responsibility matters and/or our reporting of such matters.
There is an increasing focus from regulators, certain investors, and other stakeholders concerning corporate responsibility matters, both in the United States and internationally. We communicate certain corporate responsibility-related initiatives, goals, and/or commitments regarding sustainability matters, inclusion, responsible sourcing and social investments, and other matters in our annual Corporate Responsibility Report, on our website, in our filings with the SEC, and elsewhere. These initiatives, goals, or commitments could be difficult to achieve and costly to implement. We could fail to achieve, or be perceived to fail to achieve, our corporate responsibility-related initiatives, goals, or commitments. In addition, we could be criticized for the timing, scope or nature of these initiatives, goals, or commitments, or for any revisions to them. To the extent that our required and voluntary disclosures about corporate responsibility matters increase, we could be criticized for the accuracy, adequacy, or completeness of such disclosures. Our actual or perceived failure to achieve our corporate responsibility-related initiatives, goals, or commitments could negatively impact our reputation, result in corporate responsibility-focused investors not purchasing and holding our stock, or otherwise materially harm our business.
In addition, we are or may become subject to various new and proposed sustainability-related laws and regulations, including, for example, the E.U.’s Corporate Sustainability Reporting Directive. Additional regulation may require us to incur significant additional costs associated with increased compliance burdens, including the implementation of additional internal controls processes and procedures, and impose increased oversight obligations on our management and board of directors, as well as require us to retain third-party experts. Noncompliance with applicable regulations or requirements could subject us to investigations, sanctions, enforcement actions, fines or litigation, which could negatively impact our business, operating results or financial condition.
Failure to comply with governmental laws and regulations could harm our business.
Our business is subject to regulation by various federal, state, local, and foreign governmental agencies, including agencies responsible for monitoring and enforcing employment and labor laws, workplace safety, product safety, environmental laws, consumer protection laws, privacy, data security, and data-protection laws, anti-bribery laws (including the U.S. Foreign Corrupt Practices Act and the U.K. Anti-Bribery Act), import/export controls, federal securities laws, and tax laws and regulations. These laws and regulations may also impact our innovation and business drivers in developing new and emerging technologies (e.g., AI and machine learning). In certain jurisdictions, these regulatory requirements may be more stringent than those in the United States. Noncompliance with applicable regulations or requirements could subject us to investigations, sanctions, mandatory product recalls, enforcement actions, disgorgement of profits, fines, damages, civil and criminal penalties, or injunctions. If any governmental sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation resulting from any alleged noncompliance, our business, operating results, and financial condition could be materially adversely affected. In addition, responding to any action will likely result in a significant diversion of management’s attention and resources and an increase in professional fees. Enforcement actions, litigation, and sanctions could harm our business, operating results, and financial condition.
Risks Related to Our Common Stock
The market price of our common stock historically has been volatile, and the value of an investment in our common stock could decline.
The market price of our common stock has historically been, and is likely to continue to be, volatile and could be subject to wide fluctuations in response to various factors, some of which are beyond our control and unrelated to our business, operating results, or financial condition. These fluctuations could cause a loss of all or part of an investment in our common stock. Factors that could cause fluctuations in the market price of our common stock include, but are not limited to:
•announcements of new products, subscriptions or technologies, commercial relationships, strategic partnerships, acquisitions, or other events by us or our competitors;
•price and volume fluctuations in the overall stock market from time to time;
•news announcements that affect investor perception of our industry, including reports related to the discovery of significant cyberattacks;
•significant volatility in the market price and trading volume of technology companies in general and of companies in our industry;
•fluctuations in the trading volume of our shares or the size of our public float;
•actual or anticipated changes in our operating results or fluctuations in our operating results;
•whether our operating results meet the expectations of securities analysts or investors;
•actual or anticipated changes in the expectations of securities analysts or investors, whether as a result of our forward-looking statements, our failure to meet such expectations or otherwise;
•inaccurate or unfavorable research reports about our business and industry published by securities analysts or reduced coverage of our company by securities analysts;
•litigation involving us, our industry, or both;
•actions instituted by activist shareholders or others;
•regulatory developments in the United States, foreign countries, or both;
•major catastrophic events;
•sales or repurchases of large blocks of our common stock or substantial future sales by our directors, executive officers, employees, and significant stockholders;
•issuances or sales of shares of our common stock, including as part of a capital-raising transaction or as consideration in or in connection with acquisitions;
•issuances or sales of debt or securities convertible into or exchangeable for shares of our common stock, including in connection with acquisitions;
•departures of key personnel; or
•geopolitical or economic uncertainty around the world.
In the past, following periods of volatility in the market price of a company’s securities, securities class action litigation has often been brought against that company. Securities litigation could result in substantial costs, divert our management’s attention and resources from our business, and have a material adverse effect on our business, operating results, and financial condition.
The warrant transactions may affect the value of our common stock.
In June 2020, we issued our 0.375% Convertible Senior Notes due 2025 (the “2025 Notes”), which matured on June 1, 2025. In connection with the sale of our 2025 Notes, we entered into convertible note hedge transactions (the “2025 Note Hedges”) with certain counterparties. In connection with the sale of the 2025 Notes and purchase of the 2025 Note Hedges, we also entered into warrant transactions with the counterparties pursuant to which we sold warrants (the “2025 Warrants”) for the purchase of our common stock. The 2025 Warrants could have a dilutive effect to the extent that the market price per share of our common stock exceeds the applicable strike price of the 2025 Warrants unless, subject to certain conditions, we elect to cash settle such 2025 Warrants.
The applicable counterparties to the 2025 Warrants or their respective affiliates may modify their related hedge positions by entering into or unwinding various derivatives with respect to our common stock and/or purchasing or selling our common stock or other securities of ours in secondary market transactions prior to the expiration of the 2025 Warrants. This activity could cause or prevent an increase or a decrease in the market price of our common stock.
We do not make any representation or prediction as to the direction or magnitude of any potential effect that the transactions described above may have on the price of our common stock. In addition, we do not make any representation that the counterparties or their respective affiliates will engage in these transactions or that these transactions, once commenced, will not be discontinued without notice.
The issuance of additional stock in connection with financings, acquisitions, investments, our stock incentive plans, exercise of the 2025 Warrants, or otherwise will dilute stock held by all other stockholders.
Our restated certificate of incorporation authorizes us to issue up to 2.0 billion shares of common stock and up to 100.0 million shares of preferred stock with such rights and preferences as may be determined by our board of directors. Subject to compliance with applicable rules and regulations, we may issue shares of common stock or securities convertible into or exchangeable for shares of our common stock from time to time in connection with a financing or other capital raising, acquisition, investment, our stock incentive plans, the settlement of our 2025 Warrants, or otherwise. Any such issuance, including in connection with the proposed CyberArk acquisition, could result in substantial dilution to our existing stockholders and cause the market price of our common stock to decline.
We cannot guarantee that our share repurchase program will be fully consummated or that it will enhance shareholder value, and share repurchases could affect the price of our common stock.
As of July 31, 2025, we had $1.0 billion available under our share repurchase program which will expire on December 31, 2025 and may be suspended or discontinued at any time without prior notice. Although our board of directors has authorized a share repurchase program, we are not obligated to repurchase any specific dollar amount or to acquire any specific number of shares under the program. The share repurchase program could affect the price of our common stock, increase volatility, and diminish our cash reserves. In addition, the program may be suspended or terminated at any time, which may result in a decrease in the price of our common stock.
We do not intend to pay dividends for the foreseeable future.
We have never declared or paid any dividends on our common stock. We intend to retain any earnings to finance the operation and expansion of our business, and we do not anticipate paying any cash dividends in the future. As a result, stockholders may only receive a return on their investments in our common stock if the market price of our common stock increases.
Our charter documents and Delaware law could discourage takeover attempts and lead to management entrenchment, which could also reduce the market price of our common stock.
Provisions in our restated certificate of incorporation and amended and restated bylaws may have the effect of delaying or preventing a change in control of our company or changes in our management. Our amended and restated certificate of incorporation and amended and restated bylaws include provisions that, among other things:
•establish that our board of directors is divided into three classes, Class I, Class II, and Class III, with three-year staggered terms;
•authorize our board of directors to issue shares of preferred stock and to determine the price and other terms of those shares, including preferences and voting rights, without stockholder approval;
•provide our board of directors with the exclusive right to elect a director to fill a vacancy created by the expansion of our board of directors or the resignation, death, or removal of a director;
•prohibit our stockholders from taking action by written consent;
•specify that special meetings of our stockholders may be called only by the chairman of our board of directors, our president, our secretary, or a majority vote of our board of directors;
•require the affirmative vote of holders of at least 66 2/3% of the voting power of all of the then outstanding shares of the voting stock, voting together as a single class, to amend the provisions of our restated certificate of incorporation relating to the issuance of preferred stock and management of our business or our amended and restated bylaws;
•authorize our board of directors to amend our bylaws by majority vote; and
•establish advance notice procedures with which our stockholders must comply to nominate candidates to our board of directors or to propose matters to be acted upon at a stockholders’ meeting.
These provisions may frustrate or prevent any attempts by our stockholders to replace or remove our current management by making it more difficult for our stockholders to replace members of our board of directors, which is responsible for appointing the members of management. In addition, as a Delaware corporation, we are subject to Section 203 of the Delaware General Corporation Law. These provisions may prohibit large stockholders, in particular those owning 15% or more of our outstanding voting stock, from merging or combining with us for a certain period of time. Any of these provisions could, under certain circumstances, depress the market price of our common stock.
General Risk Factors
Our business is subject to the risks of earthquakes, fire, power outages, floods, health risks, and other catastrophic events, and to interruption by man-made problems, such as terrorism.
Both our corporate headquarters and the location where our products are manufactured are located in the San Francisco Bay Area, a region known for seismic activity. In addition, other natural disasters, such as fire or floods, a significant power outage, telecommunications failure, terrorism, an armed conflict, cyberattacks, epidemics and pandemics such as COVID-19, or other geopolitical unrest could affect our supply chain, manufacturers, logistics providers, channel partners, end-customers, or the economy as a whole, and such disruption could impact our shipments and sales. These risks may be further increased if the disaster recovery plans for us and our suppliers prove to be inadequate. To the extent that any of the above should result in delays or cancellations of customer orders, the loss of customers, or the delay in the manufacture, deployment, or shipment of our products, our business, financial condition, and operating results would be adversely affected.
Our failure to raise additional capital or generate the significant capital necessary to expand our operations and invest in new products and subscriptions could reduce our ability to compete and could harm our business.
We intend to continue to make investments to support our business growth and may require additional funds to respond to business challenges, including the need to develop new features to enhance our portfolio, improve our operating infrastructure, or acquire complementary businesses and technologies. Accordingly, we may need to engage in equity or debt financings to secure additional funds. If we engage in future debt financings, the holders of such additional debt would have priority over the holders of our common stock. Current and future indebtedness may also contain terms that, among other things, restrict our ability to incur additional indebtedness. In addition, we may be required to take other actions that would otherwise be in the interests of the debt holders and would require us to maintain specified liquidity or other ratios, any of which could harm our business, operating results, and financial condition. If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly impaired, and our business may be adversely affected.
Item 1B. Unresolved Staff Comments
Not applicable.
Item 1C. Cybersecurity
As a global cybersecurity provider, cybersecurity risk management is an integral part of our overall enterprise risk management program. We recognize the critical importance that a strong cybersecurity risk management program plays in maintaining the trust and confidence of our customers, end users, business partners, stockholders and employees. We have established processes and procedures for identifying, evaluating, and responding to risks from cybersecurity threats, including any potential unauthorized access to our information systems that may result in adverse effects on the confidentiality, integrity, or availability of our information systems, data, or information assets.
Cybersecurity Risk Management and Strategy
Our cybersecurity risk management program includes written policies, standards, and procedures for maintaining data privacy, product security and information security to mitigate cybersecurity risks, and to identify, evaluate and respond to cybersecurity threats, vulnerabilities and incidents. Our cybersecurity risk management program and strategy is implemented across several areas, which include, but are not limited to, the following:
•Information Security. We maintain a written information security program, which provides for policies, standards, guidelines, and administrative, technical and physical safeguards that we believe are reasonably designed, in light of the nature, size and complexity of our operations, to protect the resiliency of our operations and the confidentiality, integrity, and availability of our information systems, data, and information assets. The organizational, administrative and technical measures we implement are based on recognized security frameworks established by the National Institute of Standards and Technology, security measures aligned with the ISO/IEC 27000 series of standards, and other generally recognized industry standards. The program is assessed regularly and in light of new and emerging cybersecurity risks.
•Technical Safeguards and Product Security. We deploy and maintain a variety of technologies to prevent and detect cybersecurity threats across the network, endpoint and cloud. We also apply security-by-design principles in our software development lifecycle, track vulnerabilities of open-source software, and run internal and external network scans at least weekly and after any meaningful change in our network configuration. We conduct regular application security assessments, including our assessments for internet-facing applications that collect, transmit, or display end user data. We also employ tooling in certain areas to help prevent deviations from policy.
•Incident Response and Reporting. We maintain incident response and recovery protocols to enable prompt, effective and orderly identification, evaluation, management, and disposition of actual and potential security threats and incidents, including for purposes of escalation and internal and external-notification steps. We maintain a cross-functional incident response team, including senior representatives from information security, information technology, product, legal, privacy, communications, and finance, that is involved in assessing cybersecurity threats and incidents, assigning severity levels, and evaluating the potential impact, including the potential impact on our business strategy, results of operations and financial condition. This allows for prompt direction of appropriate personnel and resources for incident management and response, and internal notification to appropriate members of management, which may include our chief executive officer, chief product and technology officer, vice president acting as chief information security officer, general counsel, chief financial officer, and/or chief accounting officer, and the security committee of our board of directors (the “Security Committee”). The protocols also establish steps designed to publicly report and/or alert external stakeholders as and when required by applicable law or otherwise determined appropriate.
•Third-Party Risk Management. We maintain a risk-based approach to identifying and overseeing cybersecurity risks presented by certain third parties, including vendors, service providers, suppliers, operations parties, and other external users of our systems, as well as the systems of third parties that could adversely impact our business in the event of a cybersecurity incident affecting those third-party systems. This includes a security process to conduct due diligence prior to engaging contractors and vendors and assess the security capabilities of subcontractors and vendors on a periodic basis.
•Risk and Readiness Assessments. We engage in at least quarterly assessments and testing of the effectiveness of our cybersecurity risk management program and incident response protocols that are designed to identify and evaluate vulnerabilities and weaknesses, address cybersecurity threats and test our readiness to respond to cybersecurity incidents. These efforts include, but are not limited to, threat modeling, vulnerability scans, penetration testing, audits, and tabletop exercises. We regularly engage third parties to perform assessments on our cybersecurity measures, such as audits and independent reviews of our compliance with various security compliance standards, including those established by the American Institute of Certified Public Accountants, operating effectiveness and penetration tests. The results of such assessments are reported to management and we adjust our cybersecurity policies, standards, processes and practices as necessary based on the information provided by these assessments, audits and reviews.
•Awareness and Training. We provide regular training for educating employees about corporate policies and procedures and information security designed to provide our employees with knowledge of best practices and effective tools for safeguarding our data and assets and reducing security risks based on the human threat vector. Our information security compliance training, data protection training, and code of conduct training is mandatory for all employees.
•Governance. As discussed in more detail below under the heading, “Cybersecurity Governance,” our board of directors’ has delegated oversight of enterprise security risk management, including, but not limited to, cybersecurity risk management to the Security Committee. As part of our cybersecurity risk management procedures, senior members of management and the Security Committee are informed regarding security events based on established reporting thresholds, and are provided ongoing updates regarding any such meaningful threat or incident.
We have not identified any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, that have materially impacted or are reasonably likely to materially impact us, including our business strategy, results of operations, or financial condition, to date. However, we face ongoing and increasing cybersecurity risks, including from threat actors that are becoming more sophisticated and effective over time, and we can provide no assurance that there will not be incidents in the future or that past or future threats or incidents will not materially affect us, including our business strategy, results of operations, or financial conditions. For additional information regarding these risks, please refer to Part I, Item 1A, “Risk Factors,” in this Form 10-K, including, but not limited to, the risk factor entitled “A network or data security incident may allow unauthorized access to our network or data, harm our reputation, create additional liability, and adversely impact our financial results.”
Cybersecurity Governance
The Security Committee, which is composed of our independent directors and chaired by our chief product and technology officer, facilitates our board of directors’ responsibility for oversight of security matters, including product security, data security, cybersecurity, security risk management, risk exposure and related controls and enterprise risk management related to these risks. The Security Committee reports regularly to the Board following meetings of the Security Committee with respect to its review and assessment of security matters and other matters that are relevant to the Security Committee’s discharge of its responsibilities. The Security Committee meets quarterly to review with our vice president acting as chief information security officer and other members of management, which may include our chief executive officer, chief product and technology officer, chief financial officer, and general counsel, our cybersecurity programs, cybersecurity risks, mitigation or remediation strategies, and other matters impacting the committee’s responsibilities.
Management is responsible for day-to-day risk management activities, including identifying, assessing and managing our exposure to cybersecurity risks, establishing processes and procedures to ensure that potential cybersecurity risk exposures are monitored, implementing appropriate mitigation or remediation measures as needed, and maintaining cybersecurity risk management programs. Our vice president acting as chief information security officer is responsible for defining, overseeing, managing, implementing, and reviewing compliance with the information security programs described above under the heading “Cybersecurity Risk Management and Strategy.” This vice president receives regular reports from our information security team and monitors the prevention, detection, and mitigation or remediation of cybersecurity risks. In addition, as described in further detail above under the heading “Cybersecurity Risk Management and Strategy,” a cross functional team is involved in assessing and managing the risks from cybersecurity threats and incidents, and reporting information about risks to the Security Committee.
Our information security team consists of dedicated personnel who are experienced information systems security professionals and information security managers with many years of experience across a variety of technology sub-specialties. In particular, our vice president acting as chief information security officer has extensive experience in the management of cybersecurity risk management programs, having served in various roles in information technology and security for over 25 years. In addition, six of the eleven members of our board of directors have expertise in overseeing cybersecurity and information security management.
Item 2. Properties
Our corporate headquarters is located in Santa Clara, California, where we lease approximately 941,000 square feet of space under three lease agreements that expire in July 2028, with options to extend the lease terms through July 2046. We also lease space for personnel around the world, including Israel and India. In addition, we provide our cloud-based subscription offerings through data centers operated under co-location arrangements in the United States, Europe, and Asia. Refer to Note 12. Leases in Part II, Item 8 of this Annual Report on Form 10-K for more information on our operating leases. Additionally, we own 10.4 acres of land adjacent to our headquarters in Santa Clara, California, which we intend to develop to accommodate future expansion, the speed of which development has been slowed due to the current environment.
We believe that our current facilities are adequate to meet our current needs. We intend to expand our facilities or add new facilities as we add employees and enter new geographic markets, and we believe that suitable additional or alternative space will be available as needed to accommodate ongoing operations and any such growth. However, we expect to incur additional expenses in connection with such new or expanded facilities.
Item 3. Legal Proceedings
The information set forth under the “Litigation” subheading in Note 13. Commitments and Contingencies in Part II, Item 8 of this Annual Report on Form 10-K is incorporated herein by reference.
Item 4. Mine Safety Disclosures
Not applicable.
Part II
Item 5. Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities
Market Information
Our common stock, $0.0001 par value per share, is traded on the Nasdaq Global Select Market under the symbol “PANW.”
Holders of Record
As of August 18, 2025, there were 565 holders of record of our common stock. Because many of our shares of common stock are held by brokers and other institutions on behalf of stockholders, we are unable to estimate the total number of stockholders represented by these record holders.
Dividend Policy
We have never declared or paid, and do not anticipate declaring or paying in the foreseeable future, any cash dividends on our capital stock. Any future determination as to the declaration and payment of dividends, if any, will be at the discretion of our board of directors, subject to applicable laws, and will depend on then existing conditions, including our financial condition, operating results, contractual restrictions, capital requirements, business prospects, and other factors our board of directors may deem relevant.
Securities Authorized for Issuance under Equity Compensation Plans
See Part III, Item 12 “Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters” of this Annual Report on Form 10-K for more information regarding securities authorized for issuance.
Recent Sales of Unregistered Equity Securities
During the three months ended July 31, 2025, holders of the 2025 Notes converted $382.9 million in aggregate principal amount of the 2025 Notes, which we repaid in cash. We also issued 5.6 million shares of our unregistered common stock to the holders of the 2025 Notes for the conversion value in excess of the principal amount. These shares of our common stock were issued in reliance on the exemption from registration provided by Section 3(a)(9) of the Securities Act of 1933, as amended (the “Securities Act”).
Purchases of Equity Securities by the Issuer and Affiliated Purchasers
In February 2019, we announced that our board of directors authorized a $1.0 billion share repurchase program, which is funded from available working capital. We subsequently announced additional increases to this share repurchase program, bringing the total authorization to $4.1 billion, with $1.0 billion remaining as of July 31, 2025. The expiration date of this repurchase authorization was extended to December 31, 2025, and our repurchase program may be suspended or discontinued at any time. Repurchases under our program are to be made at management’s discretion on the open market, through privately negotiated transactions, transactions structured through investment banking institutions, block purchase techniques, 10b5-1 trading plans, or a combination of the foregoing. During the three months ended July 31, 2025, we did not repurchase any shares pursuant to our share repurchase program.
Stock Price Performance Graph
This performance graph shall not be deemed “filed” for purposes of Section 18 of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), or incorporated by reference into any filing of Palo Alto Networks, Inc. under the Securities Act of 1933, as amended, or the Exchange Act, except as shall be expressly set forth by specific reference in such filing.
This performance graph compares the cumulative total return on our common stock with that of the Nasdaq 100 Index, the Standard & Poor’s 500 Index, and the Standard & Poor’s 500 Information Technology Index for the five years ended July 31, 2025. This performance graph assumes $100 was invested on July 31, 2020, in each of the common stock of Palo Alto Networks, Inc., the Nasdaq 100 Index, the Standard & Poor’s 500 Index, and the Standard & Poor’s 500 Information Technology Index, and assumes the reinvestment of any dividends. The stock price performance on this performance graph is not necessarily indicative of future stock price performance.
Palo Alto Networks, Inc. Comparison of Total Return Performance
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| Company/Index | | 7/31/2020 | | 7/31/2021 | | 7/31/2022 | | 7/31/2023 | | 7/31/2024 | | 7/31/2025 |
| Palo Alto Networks, Inc. | | $ | 100.00 | | | $ | 155.93 | | | $ | 195.02 | | | $ | 293.01 | | | $ | 380.66 | | | $ | 407.00 | |
| Nasdaq 100 Index | | $ | 100.00 | | | $ | 138.19 | | | $ | 120.50 | | | $ | 147.94 | | | $ | 183.34 | | | $ | 221.52 | |
| S&P 500 Index | | $ | 100.00 | | | $ | 136.45 | | | $ | 130.11 | | | $ | 147.05 | | | $ | 179.62 | | | $ | 208.95 | |
| S&P 500 Information Technology Index | | $ | 100.00 | | | $ | 140.03 | | | $ | 132.31 | | | $ | 167.84 | | | $ | 226.91 | | | $ | 280.58 | |
Item 6. [Reserved]
Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations
The following discussion and analysis of our financial condition and results of operations should be read in conjunction with our consolidated financial statements and related notes appearing elsewhere in this Annual Report on Form 10-K. The following discussion and analysis contains forward-looking statements based on current expectations and assumptions that are subject to risks and uncertainties, which could cause our actual results to differ materially from those anticipated or implied by any forward-looking statements. Factors that could cause or contribute to such differences include, but are not limited to, those discussed in this Annual Report on Form 10-K, and in particular, the risks discussed under the caption “Risk Factors” in Part I, Item 1A of this report.
Our Management’s Discussion and Analysis of Financial Condition and Results of Operations (“MD&A”) is organized as follows:
•Overview. A discussion of our business and overall analysis of financial and other highlights in order to provide context for the remainder of MD&A.
•Key Financial Metrics. A summary of our U.S. GAAP and non-GAAP key financial metrics, which management monitors to evaluate our performance.
•Results of Operations. A discussion of the nature and trends in our financial results and an analysis of our financial results comparing fiscal 2025 to fiscal 2024. For discussion and analysis related to our financial results comparing fiscal 2024 to 2023, refer to Part II, Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations in our Annual Report on Form 10-K for fiscal 2024, which was filed with the Securities and Exchange Commission on September 6, 2024.
•Liquidity and Capital Resources. An analysis of changes on our balance sheets and cash flows, and a discussion of our financial condition and our ability to meet cash needs.
•Critical Accounting Estimates. A discussion of our accounting policies that require critical estimates, assumptions, and judgments.
•Recent Accounting Pronouncements. A discussion of expected impacts of impending accounting changes on financial information to be reported in the future.
Overview
Our mission is to be the cybersecurity partner of choice for enterprises, organizations, service providers, and government entities to protect our digital way of life. Our cybersecurity platforms and services help secure enterprise users, networks, clouds, and endpoints by delivering comprehensive cybersecurity backed by artificial intelligence (“AI”) and automation. A key element of our strategy is to help our customers simplify their security architectures through consolidating disparate point products. We execute on this strategy by developing our capabilities and packaging our offerings into platforms which are able to cover many of our customers’ needs in the markets in which we operate. Our platformization strategy combines various products and services into a tightly integrated architecture for more secure, faster, and cost-effective outcomes.
Network Security
Our network security platform is designed to deliver complete zero trust solutions to our customers. The platform includes:
•Secure Access Service Edge (“SASE”). Prisma® Access, when combined with Prisma SD-WAN, provides a comprehensive single-vendor SASE offering that is used to secure remote workforces and cloud-delivered branch offices. Prisma Access Browser further extends SASE security and data protection to the end user device, providing workers with freedom to access business applications securely using our secure browser from any device.
•Next-Generation Firewalls. Our hardware ML-Powered Next-Generation Firewalls (“NGFWs”) secure on-premises environments including campus locations and data centers. Our software NGFWs secure cloud networks.
•Cloud-Delivered Security Services (“CDSS”). Our network security platform integrates a suite of CDSS that complements our SASE and Firewall solutions. These include Advanced Threat Prevention, Advanced WildFire®, Advanced URL Filtering, Advanced DNS Security, IoT/OT Security, GlobalProtect®, Prisma Access Agent, Enterprise Data Loss Prevention (“Enterprise DLP”), AI for IT Operations (“AIOps”), Software as a Service (“SaaS”) Security, and AI Access Security. Through these add-on services, our customers are able to secure their content, applications, users, and devices across their entire organization.
•Prisma AIRS. Prisma AIRS is a comprehensive AI security platform that has been designed to protect customers’ entire AI ecosystem by providing AI model scanning, posture management, red teaming, run-time security, and AI agent security.
•Strata Cloud Manager (“SCM”). SCM, our network security management solution, centrally manages network security across all remote workers, branches, headquarters, campuses, and cloud. SCM leverages AI to simplify and strengthen network security by enabling customers to proactively pinpoint vulnerabilities, gain real-time remediation recommendations, and enhance overall digital experiences, thereby reducing operational burden. This comprehensive solution includes Strata Copilot, which offers a natural language interface for enhanced insights and guided remediation, and integrates Autonomous Digital Experience Monitoring (“ADEM”) to proactively maintain infrastructure health, facilitate AI-driven one-click troubleshooting, and ensure seamless end-user performance across the enterprise.
Security Operations
Our AI-powered Cortex platform transforms end-to-end security operations with unified data, AI, and automation for more secure, faster, and cost effective outcomes. We have consolidated our industry-leading Security Operations and Cloud Security capabilities on a single comprehensive platform to provide centralized visibility, proactive protection, real-time prevention, AI-driven insights, and automated remediation across enterprise and cloud.
•Security Operations. We deliver the next generation of security operations capabilities that unifies standalone Security Information and Event Management (“SIEM”) tools, endpoint security, security automation, cloud detection and response (“CDR”), as well as attack surface management (“ASM”) capabilities on our Cortex® platform. These include Cortex XSIAM®, for AI-powered security operations replacing traditional SIEM tools, Cortex XDR®, for the prevention, detection, and response to complex cybersecurity attacks, Cortex XSOAR®, for security orchestration, automation, and response (“SOAR”), and Cortex Xpanse®, for ASM.
•Cloud Security. We deliver comprehensive security across the cloud application development lifecycle through Cortex Cloud, delivered as a scalable SaaS offering. As a comprehensive Cloud Native Application Protection Platform (“CNAPP”) combined with CDR, Cortex Cloud secures multi- and hybrid-cloud environments for applications, data, generative AI (“GenAI”) ecosystem, and the cloud native technology stack across the full development lifecycle, from code to cloud to security operations. As part of the Cortex Cloud platform, customers can expand from Cortex Cloud to our security operations offerings available on a single user experience and unified agent. We also offer our VM-Series and CN-Series virtual firewalls for inline network security on multi- and hybrid-cloud environments.
Threat Intelligence and Advisory Services
•Unit 42 brings together world-renowned expertise across threat research, incident response, and security consulting to deliver intelligence-driven, response-ready outcomes that help customers reduce cyber risk. Our elite consultants serve as trusted advisors to our customers by assessing and testing their security controls against sophisticated threats, transforming their security strategy with a threat-informed approach, and responding to security incidents on behalf of our clients. Additionally, Unit 42 offers managed detection and response (“MDR”) and managed threat hunting services.
For fiscal 2025 and 2024, total revenue was $9.2 billion and $8.0 billion, respectively, representing year-over-year growth of 14.9%. Our growth reflects the increased adoption of our portfolio, which consists of product, subscriptions, and support. We believe our portfolio will enable us to benefit from recurring revenues and new revenues as we continue to grow our end-customer base. As of July 31, 2025, we had end-customers in over 180 countries. Our end-customers represent a broad range of industries, including education, energy, financial services, government entities, healthcare, Internet and media, manufacturing, public sector, and telecommunications, and include almost all of the Fortune 100 companies and a majority of the Global 2000 companies. We maintain a field sales force that works closely with our channel partners in developing sales opportunities. We primarily use a two-tiered, indirect fulfillment model whereby we sell our products, subscriptions, and support to our distributors, which, in turn, sell to our resellers, which then sell to our end-customers.
Our product revenue grew to $1.8 billion or 19.5% of total revenue for fiscal 2025, representing year-over-year growth of 12.4%. Product revenue is derived from sales of hardware products, primarily our ML-Powered Next-Generation Firewall, and software licenses, including SD-WAN, the VM-Series, and Panorama®. Our ML-Powered Next-Generation Firewall incorporates our PAN-OS operating system, which provides a consistent set of capabilities across our entire network security product line. Our hardware products and software licenses include a broad set of built-in networking and security features and functionalities. Our products are designed for different performance requirements throughout an organization, ranging from our PA-400, which is designed for small organizations and remote or branch offices, to our top-of-the-line PA-7500, which is designed for large-scale data centers and service provider use. The same firewall functionality that is delivered in our hardware products is also available in our VM-Series virtual firewalls, which secure virtualized and cloud-based computing environments, and in our CN-Series container firewalls, which secure container environments and traffic.
Our subscription and support revenue grew to $7.4 billion or 80.5% of total revenue for fiscal 2025, representing year-over-year growth of 15.5%. Our subscriptions provide our end-customers with near real-time access to the latest intrusion prevention, web security, modern malware prevention, data loss prevention, CASB and AI security capabilities across the network, endpoints, and the cloud. Our subscriptions also include security operations, which enable customers to leverage the AI-powered Cortex platform for advanced capabilities such as security information and event management, next-generation antivirus, endpoint detection and response, extended detection and response, identity threat detection and response, cloud detection and response, SOAR, ASM, and CNAPP for comprehensive cloud security. Additionally, we offer MDR for Cortex subscriptions, powered by Unit 42’s elite expertise. When customers purchase our physical, virtual, or container firewalls, or certain cloud offerings, they typically purchase support in order to receive ongoing security updates, upgrades, bug fixes, and repairs. In addition to the subscriptions purchased with these firewalls, customers may also purchase other subscriptions on a per-user, per-endpoint, or capacity-based basis. We also offer professional services, including incident response, risk management, and digital forensic services.
We continue to invest in innovation as we evolve and further extend the capabilities of our portfolio, as we believe that innovation and timely development of new features and products are essential to meeting the needs of our end-customers and improving our competitive position. During fiscal 2025, we introduced several new offerings, including: Prisma Access Browser, new capabilities in our OT Security solution, Cortex Cloud, Prisma AIRS, and Cortex XSIAM 3.0. Additionally, in August 2024, we completed the acquisition of certain IBM QRadar assets, which we expect will help accelerate the growth of our Cortex business. Additionally, in July 2025, we completed the acquisition of Protect AI, which we expect will enhance the capabilities of our AI security platform. In July 2025, we also entered into a definitive agreement to acquire Software Ltd. (“CyberArk”), an identity security company, which acquisition is expected to close during the second half of our fiscal 2026.
We believe that the growth of our business and our short-term and long-term success are dependent upon many factors, including our ability to extend our technology leadership, grow our base of end-customers, expand deployment of our portfolio and support offerings within existing end-customers, focus on end-customer satisfaction, and address any product vulnerabilities. To manage any future growth effectively, we must continue to improve and expand our information technology and financial infrastructure, our operating and administrative systems and controls, and our ability to manage headcount, capital, and processes in an efficient manner. While these areas present significant opportunities for us, they also pose challenges and risks that we must successfully address in order to sustain the growth of our business and improve our operating results. For additional information regarding the challenges and risks we face, see the “Risk Factors” section in Part I, Item 1A of this Annual Report on Form 10-K.
IMPACT OF MACROECONOMIC DEVELOPMENTS AND OTHER FACTORS ON OUR BUSINESS
Our overall performance depends in part on worldwide economic and geopolitical conditions and their impact on customer behavior. Changes in legislation or regulations and actions by regulators, including changes in enforcement and administration policies, may have an impact on our results of operations and financial condition. Significant changes in U.S. or global trade policy, including further expansion of U.S. export/imports controls and tariffs, as well as retaliatory actions by other countries, may materially and adversely affect our business. Further, economic conditions, including inflation, high interest rates, slow growth, fluctuations in foreign exchange rates, supply chain disruptions, impacts of trade regulations or international trade disputes, and other conditions, may adversely affect our results of operations and financial performance.
The hostilities in Israel and the surrounding region have continued to result in economic and political uncertainty. While we have business operations in Israel, and intend to continue growing our presence in Israel, we currently do not expect significant business disruption. We are actively monitoring, evaluating, and responding to the situation.
We are also monitoring the impact of inflationary pressures and the tensions between China and Taiwan, and between the U.S. and China, which could have an adverse impact on our business or results of operations in future periods.
Key Financial Metrics
We monitor the key financial metrics set forth in the tables below to help us evaluate growth trends, establish budgets, measure the effectiveness of our sales and marketing efforts, and assess operational efficiencies. We discuss revenue, gross margin, and the components of operating income and margin below under “Results of Operations.”
| | | | | | | | | | | |
| July 31, |
| 2025 | | 2024 |
| | | |
| (in billions) |
Next-Generation Security Annualized Recurring Revenue | $ | 5.6 | | | $ | 4.2 | |
Remaining performance obligations | $ | 15.8 | | | $ | 12.7 | |
| | | | | | | | | | | | | | | | | |
| Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
| | | | | |
| (dollars in millions) |
| Total revenue | $ | 9,221.5 | | | $ | 8,027.5 | | | $ | 6,892.7 | |
| Total revenue year-over-year percentage increase | 14.9 | % | | 16.5 | % | | 25.3 | % |
| Gross margin | 73.4 | % | | 74.3 | % | | 72.3 | % |
Operating income | $ | 1,242.9 | | | $ | 683.9 | | | $ | 387.3 | |
| Operating margin | 13.5 | % | | 8.5 | % | | 5.6 | % |
| Cash flow provided by operating activities | $ | 3,716.0 | | | $ | 3,257.6 | | | $ | 2,777.5 | |
| Free cash flow (non-GAAP) | $ | 3,469.8 | | | $ | 3,100.8 | | | $ | 2,631.2 | |
•Next-Generation Security Annualized Recurring Revenue (“NGS ARR”). Our NGS ARR represents the annualized allocated revenue of all active contracts as of the final day of the reporting period related to all product, subscription and support offerings, excluding revenue from hardware products, and legacy attached subscriptions, support offerings and professional services. NGS ARR is an operating metric that we use to assess the strength and trajectory of our business. NGS ARR should be viewed independently of revenue, deferred revenue and remaining performance obligations and does not represent our revenue under U.S. GAAP on an annualized basis, as it is an operating metric that can be impacted by contract start and end dates and renewal rates. NGS ARR is not intended to be a replacement for forecasts of revenue. The scope of products, subscriptions, and support offerings that contribute to NGS ARR will generally increase over time as we introduce or acquire new next-generation products, subscriptions, and support offerings.
•Cash Flow Provided by Operating Activities. We monitor cash flow provided by operating activities as a measure of our overall business performance. Our cash flow provided by operating activities is driven in large part by sales of our products and from up-front payments for subscription and support offerings. Monitoring cash flow provided by operating activities enables us to analyze our financial performance without the non-cash effects of certain items such as share-based compensation costs, depreciation, and amortization, thereby allowing us to better understand and manage the cash needs of our business.
•Free Cash Flow (non-GAAP). We define free cash flow, a non-GAAP financial measure, as cash provided by operating activities less purchases of property, equipment, and other assets. We consider free cash flow to be a profitability and liquidity measure that provides useful information to management and investors about the amount of cash generated by the business after necessary capital expenditures. A limitation of the utility of free cash flow as a measure of our financial performance and liquidity is that it does not represent the total increase or decrease in our cash balance for the period. In addition, it is important to note that other companies, including companies in our industry, may not use free cash flow, may calculate free cash flow in a different manner than we do, or may use other financial measures to evaluate their performance, all of which could reduce the usefulness of free cash flow as a comparative measure. A reconciliation of free cash flow to cash flow provided by operating activities, the most directly comparable financial measure calculated and presented in accordance with U.S. GAAP, is provided below:
| | | | | | | | | | | | | | | | | |
| Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
| | | | | |
| (in millions) |
| Free cash flow (non-GAAP): | | | | | |
| Net cash provided by operating activities | $ | 3,716.0 | | | $ | 3,257.6 | | | $ | 2,777.5 | |
| Less: purchases of property, equipment, and other assets | 246.2 | | | 156.8 | | | 146.3 | |
| Free cash flow (non-GAAP) | $ | 3,469.8 | | | $ | 3,100.8 | | | $ | 2,631.2 | |
| Net cash used in investing activities | $ | (2,204.7) | | | $ | (1,509.9) | | | $ | (2,033.8) | |
| Net cash used in financing activities | $ | (778.9) | | | $ | (1,343.1) | | | $ | (1,726.3) | |
Results of Operations
The following table summarizes our results of operations for the periods presented and as a percentage of our total revenue for those periods based on our consolidated statements of operations data. The period-to-period comparison of results is not necessarily indicative of results for future periods.
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
| Amount | | % of Revenue | | Amount | | % of Revenue | | Amount | | % of Revenue |
| | | | | | | | | | | |
| (dollars in millions) |
| Revenue: | | | | | | | | | | | |
| Product | $ | 1,801.9 | | | 19.5 | % | | $ | 1,603.3 | | | 20.0 | % | | $ | 1,578.4 | | | 22.9 | % |
| Subscription and support | 7,419.6 | | | 80.5 | % | | 6,424.2 | | | 80.0 | % | | 5,314.3 | | | 77.1 | % |
| Total revenue | 9,221.5 | | | 100.0 | % | | 8,027.5 | | | 100.0 | % | | 6,892.7 | | | 100.0 | % |
| Cost of revenue: | | | | | | | | | | | |
| Product | 413.2 | | | 4.5 | % | | 348.2 | | | 4.3 | % | | 418.3 | | | 6.1 | % |
| Subscription and support | 2,038.4 | | | 22.1 | % | | 1,711.0 | | | 21.4 | % | | 1,491.4 | | | 21.6 | % |
Total cost of revenue(1) | 2,451.6 | | | 26.6 | % | | 2,059.2 | | | 25.7 | % | | 1,909.7 | | | 27.7 | % |
| Total gross profit | 6,769.9 | | | 73.4 | % | | 5,968.3 | | | 74.3 | % | | 4,983.0 | | | 72.3 | % |
| Operating expenses: | | | | | | | | | | | |
| Research and development | 1,984.1 | | | 21.5 | % | | 1,809.4 | | | 22.5 | % | | 1,604.0 | | | 23.3 | % |
| Sales and marketing | 3,100.2 | | | 33.6 | % | | 2,794.5 | | | 34.8 | % | | 2,544.0 | | | 36.9 | % |
| General and administrative | 442.7 | | | 4.8 | % | | 680.5 | | | 8.5 | % | | 447.7 | | | 6.5 | % |
Total operating expenses(1) | 5,527.0 | | | 59.9 | % | | 5,284.4 | | | 65.8 | % | | 4,595.7 | | | 66.7 | % |
Operating income | 1,242.9 | | | 13.5 | % | | 683.9 | | | 8.5 | % | | 387.3 | | | 5.6 | % |
| Interest expense | (3.0) | | | — | % | | (8.3) | | | (0.1) | % | | (27.2) | | | (0.4) | % |
| Other income, net | 355.8 | | | 3.8 | % | | 312.7 | | | 3.9 | % | | 206.2 | | | 3.0 | % |
Income before income taxes | 1,595.7 | | | 17.3 | % | | 988.3 | | | 12.3 | % | | 566.3 | | | 8.2 | % |
Provision for (benefit from) income taxes | 461.8 | | | 5.0 | % | | (1,589.3) | | | (19.8) | % | | 126.6 | | | 1.8 | % |
Net income | $ | 1,133.9 | | | 12.3 | % | | $ | 2,577.6 | | | 32.1 | % | | $ | 439.7 | | | 6.4 | % |
(1)Includes share-based compensation as follows:
| | | | | | | | | | | | | | | | | |
| Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
| | | | | |
| (in millions) |
| Cost of product revenue | $ | 5.1 | | | $ | 7.3 | | | $ | 9.8 | |
| Cost of subscription and support revenue | 127.0 | | | 121.0 | | | 123.4 | |
| Research and development | 550.5 | | | 525.5 | | | 488.4 | |
| Sales and marketing | 359.5 | | | 300.8 | | | 335.3 | |
| General and administrative | 258.0 | | | 124.1 | | | 130.4 | |
| Total share-based compensation | $ | 1,300.1 | | | $ | 1,078.7 | | | $ | 1,087.3 | |
REVENUE
Our revenue consists of product revenue and subscription and support revenue. Revenue is recognized upon transfer of control of the corresponding promised products and subscriptions and support to our customers in an amount that reflects the consideration we expect to be entitled to in exchange for those products and subscriptions and support. We expect our revenue to vary from quarter to quarter based on seasonal and cyclical factors.
PRODUCT REVENUE
Product revenue is derived from sales of hardware products, primarily our ML-Powered Next-Generation Firewall, and software licenses, including SD-WAN, the VM-Series, and Panorama. Our hardware products and software licenses include a broad set of built-in networking and security features and functionalities. We recognize product revenue at the time of hardware shipment or delivery of software license. As a percentage of product revenue, we expect our revenue from software licenses to vary from quarter to quarter and increase over the long term as we improve features and capabilities of our on-premise software, renew our software license contracts, and expand our installed end-customer base.
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| Year Ended July 31, | | | | Year Ended July 31, | | |
| | 2025 | | 2024 | | Change | | 2024 | | 2023 | | Change |
| Amount | | Amount | | Amount | | % | | Amount | | Amount | | Amount | | % |
| | | | | | | | | | | | | | | |
| | (dollars in millions) |
| Product | $ | 1,801.9 | | | $ | 1,603.3 | | | $ | 198.6 | | | 12.4 | % | | $ | 1,603.3 | | | $ | 1,578.4 | | | $ | 24.9 | | | 1.6 | % |
Product revenue increased for fiscal 2025 compared to fiscal 2024 driven by an increase in price of, and allocation to, on-premise software licenses due to enhanced features and capabilities beginning in the second quarter of fiscal 2025, and an increased demand for our new generation of hardware products and accessories, partially offset by decreased demand for our prior generation of hardware products.
SUBSCRIPTION AND SUPPORT REVENUE
Subscription and support revenue is derived primarily from sales of our subscription and support offerings. Our subscription and support contracts are typically one to five years. We recognize revenue from subscriptions and support over time as the services are performed. As a percentage of total revenue, we expect our subscription and support revenue to vary from quarter to quarter and increase over the long term as we introduce new subscriptions, renew existing subscription and support contracts, and expand our installed end-customer base.
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| Year Ended July 31, | | | | Year Ended July 31, | | |
| | 2025 | | 2024 | | Change | | 2024 | | 2023 | | Change |
| Amount | | Amount | | Amount | | % | | Amount | | Amount | | Amount | | % |
| | | | | | | | | | | | | | | |
| | (dollars in millions) |
| Subscription | $ | 4,974.4 | | | $ | 4,188.5 | | | $ | 785.9 | | | 18.8 | % | | $ | 4,188.5 | | | $ | 3,335.4 | | | $ | 853.1 | | | 25.6 | % |
| Support | 2,445.2 | | | 2,235.7 | | | 209.5 | | | 9.4 | % | | 2,235.7 | | | 1,978.9 | | | 256.8 | | | 13.0 | % |
Total subscription and support | $ | 7,419.6 | | | $ | 6,424.2 | | | $ | 995.4 | | | 15.5 | % | | $ | 6,424.2 | | | $ | 5,314.3 | | | $ | 1,109.9 | | | 20.9 | % |
Subscription and support revenue increased for fiscal 2025 compared to fiscal 2024 due to increased demand for our subscription and support offerings from our end-customers. The mix between subscription revenue and support revenue will fluctuate over time, depending on the introduction of new subscription offerings, renewals of support services, and our ability to increase sales to new and existing end-customers.
REVENUE BY GEOGRAPHIC THEATER
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| Year Ended July 31, | | | | Year Ended July 31, | | |
| | 2025 | | 2024 | | Change | | 2024 | | 2023 | | Change |
| Amount | | Amount | | Amount | | % | | Amount | | Amount | | Amount | | % |
| | | | | | | | | | | | | | | |
| | (dollars in millions) |
| Americas | $ | 6,205.1 | | | $ | 5,482.9 | | | $ | 722.2 | | | 13.2 | % | | $ | 5,482.9 | | | $ | 4,719.9 | | | $ | 763.0 | | | 16.2 | % |
| Europe, the Middle East, and Africa (“EMEA”) | 1,917.4 | | | 1,602.0 | | | 315.4 | | | 19.7 | % | | 1,602.0 | | | 1,359.6 | | | 242.4 | | | 17.8 | % |
| Asia Pacific and Japan (“APAC”) | 1,099.0 | | | 942.6 | | | 156.4 | | | 16.6 | % | | 942.6 | | | 813.2 | | | 129.4 | | | 15.9 | % |
| Total revenue | $ | 9,221.5 | | | $ | 8,027.5 | | | $ | 1,194.0 | | | 14.9 | % | | $ | 8,027.5 | | | $ | 6,892.7 | | | $ | 1,134.8 | | | 16.5 | % |
Revenue from the Americas, EMEA and APAC increased year-over-year for fiscal 2025 as we continued to increase investment in our global sales force in order to support our growth and innovation, with the Americas contributing the highest increase in revenue due to its larger scale.
COST OF REVENUE
Our cost of revenue consists of cost of product revenue and cost of subscription and support revenue.
COST OF PRODUCT REVENUE
Cost of product revenue primarily includes costs paid to our manufacturing partners for procuring components and manufacturing our products. Our cost of product revenue also includes personnel costs, which consist of salaries, benefits, bonuses, share-based compensation, and travel associated with our operations organization, inventory excess and obsolete charges, shipping and tariff costs, amortization of intellectual property licenses, product testing costs, and shared costs. Shared costs consist of certain facilities, depreciation, benefits, recruiting, and information technology costs that we allocate based on headcount. We expect our cost of product revenue to fluctuate with our revenue from hardware products.
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | Year Ended July 31, | | | | Year Ended July 31, | | |
| | 2025 | | 2024 | | Change | | 2024 | | 2023 | | Change |
| Amount | | Amount | | Amount | | % | | Amount | | Amount | | Amount | | % |
| | | | | | | | | | | | | | | |
| | (dollars in millions) |
| Cost of product revenue | $ | 413.2 | | | $ | 348.2 | | | $ | 65.0 | | | 18.7 | % | | $ | 348.2 | | | $ | 418.3 | | | $ | (70.1) | | | (16.8) | % |
| | | | | | | | | | | | | | | |
Cost of product revenue increased for fiscal 2025 compared to fiscal 2024 primarily due to an increase in inventory excess and obsolete charges and an increased demand for our new generation hardware products and accessories, partially offset by a decreased demand for our prior generation of hardware products.
COST OF SUBSCRIPTION AND SUPPORT REVENUE
Cost of subscription and support revenue includes personnel costs for our global customer support and technical operations organizations, data center and cloud hosting service costs, third-party professional services costs, amortization of acquired intangible assets and capitalized software development costs, customer support and repair costs, and shared costs. We expect our cost of subscription and support revenue to increase as our installed end-customer base grows and adoption of our cloud-based subscription offerings increases.
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | Year Ended July 31, | | | | Year Ended July 31, | | |
| | 2025 | | 2024 | | Change | | 2024 | | 2023 | | Change |
| Amount | | Amount | | Amount | | % | | Amount | | Amount | | Amount | | % |
| | | | | | | | | | | | | | | |
| | (dollars in millions) |
| Cost of subscription and support revenue | $ | 2,038.4 | | | $ | 1,711.0 | | | $ | 327.4 | | | 19.1 | % | | $ | 1,711.0 | | | $ | 1,491.4 | | | $ | 219.6 | | | 14.7 | % |
| | | | | | | | | | | | | | | |
Cost of subscription and support revenue increased for fiscal 2025 compared to fiscal 2024 primarily due to increased costs to support the growth of our subscription and support offerings. Cloud hosting service costs, which support our cloud-based subscription offerings, increased $189.5 million for fiscal 2025 compared to fiscal 2024. Personnel costs grew $52.9 million for fiscal 2025 compared to fiscal 2024, primarily due to headcount growth. The increase in cost of subscription and support revenue was further driven by increased professional services expense.
GROSS MARGIN
Gross margin has been and will continue to be affected by a variety of factors, including the introduction of new products, manufacturing costs, the average sales price of our products, cloud hosting service costs, personnel costs, the mix of products sold, and the mix of revenue between product and subscription and support offerings. Our higher-end firewall products generally have higher gross margins than our lower-end firewall products within each product series. We expect our gross margins to vary over time depending on the factors described above.
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | Year Ended July 31, |
| | 2025 | | 2024 | | 2023 |
| | Amount | | Gross Margin | | Amount | | Gross Margin | | Amount | | Gross Margin |
| | | | | | | | | | | |
| | (dollars in millions) |
| Product | $ | 1,388.7 | | | 77.1 | % | | $ | 1,255.1 | | | 78.3 | % | | $ | 1,160.1 | | | 73.5 | % |
| Subscription and support | 5,381.2 | | | 72.5 | % | | 4,713.2 | | | 73.4 | % | | 3,822.9 | | | 71.9 | % |
| Total gross profit | $ | 6,769.9 | | | 73.4 | % | | $ | 5,968.3 | | | 74.3 | % | | $ | 4,983.0 | | | 72.3 | % |
Product gross margin decreased for fiscal 2025 compared to fiscal 2024 primarily due to unfavorable hardware product mix and an increase in inventory excess and obsolete charges, partially offset by increased software revenue.
Subscription and support gross margin decreased for fiscal 2025 compared to fiscal 2024 primarily due to an increase in costs related to our cloud-based offerings, partially offset by increased leverage of our global customer service organization.
OPERATING EXPENSES
Our operating expenses consist of research and development, sales and marketing, and general and administrative expenses. Personnel costs are the most significant component of operating expenses and consist of salaries, benefits, bonuses, share-based compensation, travel and entertainment, and with regard to sales and marketing expense, sales commissions. Our operating expenses also include shared costs, which consist of certain facilities, depreciation, benefits, recruiting, and information technology costs that we allocate based on headcount to each department. We expect operating expenses generally to increase in absolute dollars and to decrease over the long term as a percentage of revenue as we continue to scale our business. As of July 31, 2025, we expect to recognize approximately $2.2 billion of share-based compensation expense over a weighted-average period of approximately 2.5 years, excluding additional share-based compensation expense related to any future grants of share-based awards. Share-based compensation expense is generally recognized on a straight-line basis over the requisite service periods of the awards.
RESEARCH AND DEVELOPMENT
Research and development expense consists primarily of personnel costs. Research and development expense also includes prototype-related expenses and shared costs. We expect research and development expense to increase in absolute dollars as we continue to invest in our future products and services, although our research and development expense may fluctuate as a percentage of total revenue.
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | Year Ended July 31, | | | | Year Ended July 31, | | |
| | 2025 | | 2024 | | Change | | 2024 | | 2023 | | Change |
| Amount | | Amount | | Amount | | % | | Amount | | Amount | | Amount | | % |
| | | | | | | | | | | | | | | |
| | (dollars in millions) |
| Research and development | $ | 1,984.1 | | | $ | 1,809.4 | | | $ | 174.7 | | | 9.7 | % | | $ | 1,809.4 | | | $ | 1,604.0 | | | $ | 205.4 | | | 12.8 | % |
| | | | | | | | | | | | | | | |
Research and development expense increased for fiscal 2025 compared to fiscal 2024 primarily due to increased personnel costs, which grew $123.4 million for fiscal 2025 compared to fiscal 2024, largely due to headcount growth. The increase in research and development expense was further driven by increased shared costs.
SALES AND MARKETING
Sales and marketing expense consists primarily of personnel costs, including commission expense. Sales and marketing expense also includes costs for market development programs, promotional and other marketing costs, professional services, and shared costs. We continue to strategically invest in headcount and have grown our sales presence. We expect sales and marketing expense to continue to increase in absolute dollars as we increase the size of our sales and marketing organizations to grow our customer base, increase touch points with end-customers, and expand our global presence, although our sales and marketing expense may fluctuate as a percentage of total revenue.
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | Year Ended July 31, | | | | Year Ended July 31, | | |
| | 2025 | | 2024 | | Change | | 2024 | | 2023 | | Change |
| Amount | | Amount | | Amount | | % | | Amount | | Amount | | Amount | | % |
| | | | | | | | | | | | | | | |
| | (dollars in millions) |
| Sales and marketing | $ | 3,100.2 | | | $ | 2,794.5 | | | $ | 305.7 | | | 10.9 | % | | $ | 2,794.5 | | | $ | 2,544.0 | | | $ | 250.5 | | | 9.8 | % |
| | | | | | | | | | | | | | | |
Sales and marketing expense increased for fiscal 2025 compared to fiscal 2024 primarily due to increased personnel costs, which grew $263.6 million for fiscal 2025 compared to fiscal 2024, largely due to headcount growth.
GENERAL AND ADMINISTRATIVE
General and administrative expense consists primarily of personnel costs and shared costs for our executive, finance, human resources, information technology, and legal organizations, and professional services costs, which consist primarily of legal, auditing, accounting, and other consulting costs. General and administrative expense also includes change in fair value of contingent consideration liability. We expect general and administrative expense to increase in absolute dollars over time as we increase the size of our general and administrative organizations and incur additional costs to support our business growth, although our general and administrative expense may fluctuate as a percentage of total revenue.
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | Year Ended July 31, | | | | Year Ended July 31, | | |
| | 2025 | | 2024 | | Change | | 2024 | | 2023 | | Change |
| Amount | | Amount | | Amount | | % | | Amount | | Amount | | Amount | | % |
| | | | | | | | | | | | | | | |
| | (dollars in millions) |
| General and administrative | $ | 442.7 | | | $ | 680.5 | | | $ | (237.8) | | | (34.9) | % | | $ | 680.5 | | | $ | 447.7 | | | $ | 232.8 | | | 52.0 | % |
| | | | | | | | | | | | | | | |
General and administrative expenses decreased for fiscal 2025 compared to fiscal 2024 primarily due to litigation-related charges of $204.4 million in fiscal 2024 and a partial release of litigation-related accrual of $38.8 million in fiscal 2025. We also recorded a gain of $135.3 million in fiscal 2025 for the change in fair value of the contingent consideration liability from our acquisition of certain IBM QRadar assets. The decrease in general and administrative expense was partially offset by increased personnel costs, which grew $153.2 million, largely due to increased share-based compensation.
INTEREST EXPENSE
Interest expense primarily consists of interest expense related to our 0.75% Convertible Senior Notes due 2023 (the “2023 Notes”) and our 0.375% Convertible Senior Notes due 2025 (the “2025 Notes,” and together with “2023 Notes,” the “Notes”).
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | Year Ended July 31, | | | | Year Ended July 31, | | |
| | 2025 | | 2024 | | Change | | 2024 | | 2023 | | Change |
| Amount | | Amount | | Amount | | % | | Amount | | Amount | | Amount | | % |
| | | | | | | | | | | | | | | |
| | (dollars in millions) |
| Interest expense | $ | 3.0 | | | $ | 8.3 | | | $ | (5.3) | | | (63.9) | % | | $ | 8.3 | | | $ | 27.2 | | | $ | (18.9) | | | (69.5) | % |
Interest expense decreased for fiscal 2025 compared to fiscal 2024 primarily due to conversions of the 2025 Notes prior to or upon maturity in June 2025. Refer to Note 11. Debt in Part II, Item 8 of this Annual Report on Form 10-K for more information on the Notes.
OTHER INCOME, NET
Other income, net includes interest income earned on our cash, cash equivalents, and investments, and gains and losses from foreign currency remeasurement and foreign currency transactions.
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | Year Ended July 31, | | | | Year Ended July 31, | | |
| | 2025 | | 2024 | | Change | | 2024 | | 2023 | | Change |
| Amount | | Amount | | Amount | | % | | Amount | | Amount | | Amount | | % |
| | | | | | | | | | | | | | | |
| | (dollars in millions) |
| Other income, net | $ | 355.8 | | | $ | 312.7 | | | $ | 43.1 | | | 13.8 | % | | $ | 312.7 | | | $ | 206.2 | | | $ | 106.5 | | | 51.6 | % |
Other income, net increased for fiscal 2025 compared to fiscal 2024 primarily due to higher interest income as a result of higher average cash, cash equivalents, and investments balance for fiscal 2025 compared to fiscal 2024. The increase was further driven by increased gains from our non-designated derivative instruments and investments, partially offset by increased foreign currency exchange losses for fiscal 2025 compared to fiscal 2024.
PROVISION FOR (BENEFIT FROM) INCOME TAXES
Provision for income taxes consists primarily of U.S. and foreign income taxes. We had a benefit from income taxes during fiscal 2024 primarily due to the release of our valuation allowance on U.S. federal, U.S. states other than California, and U.K. deferred tax assets. We continue to maintain a valuation allowance for California and certain deferred tax assets.
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | Year Ended July 31, | | | | | | Year Ended July 31, | | | | |
| | 2025 | | 2024 | | Change | | 2024 | | 2023 | | Change |
| | Amount | | Amount | | Amount | | % | | Amount | | Amount | | Amount | | % |
| | | | | | | | | | | | | | | |
| | (dollars in millions) |
Provision for (benefit from) income taxes | $ | 461.8 | | | $ | (1,589.3) | | | $ | 2,051.1 | | | * | | $ | (1,589.3) | | | $ | 126.6 | | | $ | (1,715.9) | | | * |
| Effective tax rate | 28.9 | % | | (160.8) | % | | | | | | (160.8) | % | | 22.4 | % | | | | |
* Not meaningful
Our provision for income taxes in fiscal 2025 was $461.8 million, a net change of $2.1 billion compared to a benefit from income taxes of $1.6 billion in fiscal 2024, primarily due to the release of our valuation allowance in fiscal 2024. This is also the primary driver of the change in our effective tax rate for fiscal 2025 compared to fiscal 2024.
During the year ended July 31, 2025, we recorded a deferred tax provision of $218.5 million arising from the remeasurement of our basis differences associated with the U.S. tax effects of foreign deferred tax assets. Our remeasurement is a result of the One Big Beautiful Bill Act ("OBBB") enacted on July 4, 2025 which provides for significant tax law changes and modifications including changes to the U.S. effective tax rates on certain foreign earnings. Refer to Note 16. Income Taxes in Part II, Item 8 of this Annual Report on Form 10-K for more information on OBBB.
Liquidity and Capital Resources
| | | | | | | | | | | |
| July 31, |
| 2025 | | 2024 |
| | | |
| (in millions) |
Working capital (deficit)(1) | $ | (465.2) | | | $ | (833.0) | |
| Cash, cash equivalents, and investments: | | | |
| Cash and cash equivalents | $ | 2,268.6 | | | $ | 1,535.2 | |
| Investments | 6,190.2 | | | 5,216.8 | |
| Total cash, cash equivalents, and investments | $ | 8,458.8 | | | $ | 6,752.0 | |
(1)Current liabilities included net carrying amounts of convertible senior notes of $1.0 billion as of July 31, 2024. Refer to Note 11. Debt in Part II, Item 8 of this Annual Report on Form 10-K for information on the Notes.
As of July 31, 2025, our total cash, cash equivalents, and investments of $8.5 billion were held for general corporate purposes. As of July 31, 2025, we had no unremitted earnings when evaluating our outside basis difference relating to our U.S. investment in foreign subsidiaries. However, there could be local withholding taxes due to various foreign countries if certain lower tier earnings are distributed. Withholding taxes that would be payable upon remittance of these lower tier earnings are not material.
DEBT
In June 2020, we issued the 2025 Notes with an aggregate principal amount of $2.0 billion. The 2025 Notes were converted prior to or settled on the maturity date of June 1, 2025. During fiscal 2025, we repaid in cash $965.6 million in aggregate principal amount of the 2025 Notes and issued 14.0 million shares of common stock to the holders for the conversion value in excess of the principal amount of the 2025 Notes converted, which were fully offset by shares we received from our exercise of the associated note hedges.
In April 2023, we entered into a credit agreement (the “Credit Agreement”) that provides for a $400.0 million unsecured revolving credit facility (the “Credit Facility”), with an option to increase the amount of the Credit Facility by up to an additional $350.0 million, subject to certain conditions. The interest rates and commitment fees are also subject to upward and downward adjustments based on our progress towards the achievement of certain sustainability goals. As of July 31, 2025, there were no amounts outstanding, and we were in compliance with all covenants under the Credit Agreement. Refer to Note 11. Debt in Part II, Item 8 of this Annual Report on Form 10-K for more information on the Credit Agreement.
CAPITAL RETURN
In February 2019, our board of directors authorized a $1.0 billion share repurchase program. Our board of directors subsequently authorized additional increases to this share repurchase program, bringing the total authorization to $4.1 billion. Repurchases will be funded from available working capital and may be made at management’s discretion from time to time. As of July 31, 2025, $1.0 billion remained available for future share repurchases under this repurchase program. The repurchase authorization will expire on December 31, 2025, and may be suspended or discontinued at any time without prior notice. Refer to Note 14. Stockholders’ Equity in Part II, Item 8 of this Annual Report on Form 10-K for more information on this repurchase program.
CONTRACTUAL OBLIGATIONS AND OTHER MATERIAL CASH REQUIREMENTS
We have entered into various non-cancelable operating leases, primarily for our offices and data centers, with lease terms expiring through fiscal 2036. As of July 31, 2025, we have total operating lease obligations of $417.4 million recorded on our consolidated balance sheet.
As of July 31, 2025, our commitments to purchase products, components, cloud hosting and other services totaled $7.1 billion. Refer to Note 13. Commitments and Contingencies in Part II, Item 8 of this Annual Report on Form 10-K for more information on these commitments.
Our acquisition of certain IBM QRadar assets on August 31, 2024 included contingent consideration that requires potential future payments through the fiscal quarter ending October 2028. As of July 31, 2025, we have total contingent consideration obligation of $513.6 million recorded on our consolidated balance sheet. Refer to Note 3. Fair Value Measurements and Note 8. Acquisitions in Part II, Item 8 of this Annual Report on Form 10-K for more information on our contingent consideration obligation.
On July 30, 2025, we entered into a definitive agreement to acquire CyberArk. The acquisition is expected to close during the second half of our fiscal 2026, subject to the satisfaction of customary closing conditions. Under the terms of the definitive agreement, CyberArk shareholders will receive $45.00 in cash and 2.2005 shares of our common stock for each CyberArk share. This represents an equity value for CyberArk of approximately $25 billion based on the unaffected 10-day average daily volume-weighted average trading prices of our common stock as of July 25, 2025. We expect to fund the cash portion of the consideration with our cash on hand. Refer to Part I, Item 1A “Risk Factors” in this Form 10-K and Note 8. Acquisitions in Part II, Item 8 of this Annual Report on Form 10-K for more information on the acquisition.
CASH FLOWS
The following table summarizes our cash flows for the years ended July 31, 2025, 2024, and 2023:
| | | | | | | | | | | | | | | | | |
| Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
| | | | | |
| (in millions) |
| Net cash provided by operating activities | $ | 3,716.0 | | | $ | 3,257.6 | | | $ | 2,777.5 | |
| Net cash used in investing activities | (2,204.7) | | | (1,509.9) | | | (2,033.8) | |
| Net cash used in financing activities | (778.9) | | | (1,343.1) | | | (1,726.3) | |
Net increase (decrease) in cash, cash equivalents, and restricted cash | $ | 732.4 | | | $ | 404.6 | | | $ | (982.6) | |
Cash from operations could be affected by various risks and uncertainties detailed in Part I, Item 1A “Risk Factors” in this Form 10-K. We believe that our cash flow from operations with existing cash and cash equivalents will be sufficient to meet our anticipated cash needs for at least the next 12 months and thereafter for the foreseeable future. Our future capital requirements will depend on many factors including our growth rate, the timing and extent of spending to support development efforts, the expansion of sales and marketing activities, the introduction of new and enhanced products and subscription and support offerings, the costs to acquire or invest in complementary businesses and technologies, the costs to ensure access to adequate manufacturing capacity, the investments in our infrastructure to support the adoption of our cloud-based subscription offerings, the continuing market acceptance of our products and subscription and support offerings and macroeconomic events. In addition, from time to time, we may incur additional tax liability in connection with certain corporate structuring decisions.
We may also choose to seek additional equity or debt financing. In the event that additional financing is required from outside sources, we may not be able to raise it on terms acceptable to us or at all. If we are unable to raise additional capital when desired, our business, operating results, and financial condition may be adversely affected.
OPERATING ACTIVITIES
Our operating activities have consisted of net income adjusted for certain non-cash items and changes in assets and liabilities. Our largest source of cash provided by our operations is receipts from our customers. Net cash provided by operating activities can be impacted by factors such as timing of payments and collections, vendor payment terms, and timing and amount of tax payments.
Cash provided by operating activities during fiscal 2025 was $3.7 billion, an increase of $458.4 million compared to fiscal 2024. The increase was primarily due to growth of our business as reflected by increases in collections during fiscal 2025, partially offset by higher cash expenditure to support our business growth.
INVESTING ACTIVITIES
Our investing activities have consisted of capital expenditures, net investment purchases, sales, and maturities, and business acquisitions. We expect to continue such activities as our business grows.
Cash used in investing activities during fiscal 2025 was $2.2 billion, an increase of $694.8 million compared to fiscal 2024. The increase was primarily due to an increase in net cash payments for business acquisitions and higher purchases of investments during fiscal 2025.
FINANCING ACTIVITIES
Our financing activities have consisted of repayments of our convertible senior notes, cash used to repurchase shares of our common stock, proceeds from sales of shares through employee equity incentive plans, and payments for tax withholding obligations of certain employees related to the net share settlement of equity awards.
Cash used in financing activities during fiscal 2025 was $778.9 million, a decrease of $564.2 million compared to fiscal 2024. The decrease was primarily due to a decrease in cash used to repurchase our common stock which did not recur during fiscal 2025.
Critical Accounting Estimates
Our consolidated financial statements have been prepared in accordance with U.S. GAAP. The preparation of these consolidated financial statements requires us to make estimates and assumptions that affect the reported amounts of assets, liabilities, revenue, expenses, and related disclosures. We base our estimates on historical experience and on various other assumptions that we believe are reasonable under the circumstances. We evaluate our estimates and assumptions on an ongoing basis. Actual results could differ materially from those estimates due to risks and uncertainties, including uncertainty in the current economic environment. To the extent that there are material differences between these estimates and our actual results, our future consolidated financial statements will be affected.
We believe that of our significant accounting policies described in Note 1. Description of Business and Summary of Significant Accounting Policies in Part II, Item 8 of this Annual Report on Form 10-K, the critical accounting estimates, assumptions, and judgments that have the most significant impact on our consolidated financial statements are described below.
REVENUE RECOGNITION
The majority of our contracts with our customers include various combinations of our products and subscriptions and support. Our hardware products and software licenses are distinct from our subscriptions and support services as the customer can benefit from the product without these services and such services are separately identifiable within the contract. We account for multiple agreements with a single customer as a single contract if the contractual terms and/or substance of those agreements indicate that they may be so closely related that they are, in effect, parts of a single contract. The amount of consideration we expect to receive in exchange for delivering on the contract is allocated to each performance obligation based on its relative standalone selling price.
When estimating standalone selling price, we first consider the prices charged for a deliverable when sold separately. If the standalone selling price is not observable through past transactions, we estimate it based on our pricing model and our go-to-market strategy, which include factors such as type of sales channel (channel partner or end-customer), the geographies in which our offerings were sold (domestic or international), and offering type (products, subscriptions, or support). As our business offerings evolve over time, we may be required to modify our estimated standalone selling prices, and as a result the timing and classification of our revenue could be affected.
INCOME TAXES
We account for income taxes using the asset and liability method, which requires the recognition of deferred tax assets and liabilities for the expected future tax consequences of events that have been recognized in our consolidated financial statements or tax returns. In addition, deferred tax assets are recorded for all future benefits including, but not limited to, net operating losses, research and development credit carryforwards, and basis differences relating to our global intangible low-taxed income. Valuation allowances are provided when necessary to reduce deferred tax assets to the amount more likely than not to be realized.
Significant judgment is required in determining any valuation allowance recorded against deferred tax assets. In assessing the need for a valuation allowance, we consider all available evidence, including past operating results, estimates of future taxable income, and the feasibility of tax planning strategies. In the event that we change our determination as to the amount of deferred tax assets that can be realized, we will adjust our valuation allowance with a corresponding impact to the provision for income taxes in the period in which such determination is made.
We recognize liabilities for uncertain tax positions based on a two-step process which includes evaluating if a tax position is more likely than not to be sustained on audit and then measuring the tax benefit as the largest amount that is more likely than not to be realized upon ultimate settlement. Assumptions, judgment, and the use of estimates are required in determining if the more-likely-than-not standard has been met and in determining the expected benefit when developing the provision for income taxes. Our evaluations are based upon a number of factors, including changes in facts or circumstances, changes in tax law or guidance, correspondence with tax authorities during the course of audits, and effective settlement of audit issues. Changes in these or other factors could result in material increases or decreases in our provision for (benefit from) income taxes in the period in which we make the change.
LOSS CONTINGENCIES
We are subject to the possibility of various loss contingencies arising in the ordinary course of business. We accrue for loss contingencies when it is probable that an asset has been impaired or a liability has been incurred and the amount of loss can be reasonably estimated. If we determine that a loss is reasonably possible, then we disclose the possible loss or range of the possible loss or state that such an estimate cannot be made. We regularly evaluate current information available to us to determine whether an accrual is required, an accrual should be adjusted, or a range of possible loss should be disclosed.
From time to time, we are involved in disputes, litigation, and other legal actions. However, there are many uncertainties associated with any litigation, and these actions or other third-party claims against us may cause us to incur substantial settlement charges, which are inherently difficult to estimate and could adversely affect our results of operations. The actual liability in any such matters may be materially different from our estimates, which could result in the need to adjust our liability and record additional expenses. Refer to the “Litigation” subheading in Note 13. Commitments and Contingencies in Part II, Item 8 of this Annual Report on Form 10-K for more information regarding our litigation.
BUSINESS COMBINATIONS
We make significant estimates, assumptions, and judgments when valuing assets acquired and liabilities assumed, especially with respect to purchased intangible assets, in connection with the initial purchase price allocation of an acquired business. Critical estimates in valuing certain purchased intangible assets include, but are not limited to, cash flows that an asset is expected to generate in the future, discount rates, the time and expense that would be necessary to recreate the assets, and the profit margin a market participant would receive on such recreated assets. The amounts and useful lives assigned to identified intangible assets impact the amount and timing of future amortization expense.
One of our business combinations has included post-closing payments contingent upon the occurrence of future events and/or certain conditions being met. Critical estimates used in valuing our contingent consideration obligation include, but are not limited to, estimated future cash payments related to customers entering into qualified new transactions and risk-adjusted discount rates used to present value the expected cash flows. These estimates and assumptions are updated to revalue our contingent consideration liability at the end of each reporting period. Accordingly, subsequent changes in underlying facts and circumstances could result in changes in these estimates and assumptions, which could have a material impact on the estimated future fair values of these obligations.
Recent Accounting Pronouncements
Refer to “Recently Adopted Accounting Pronouncement” and “Recently Issued Accounting Pronouncements” in Note 1. Description of Business and Summary of Significant Accounting Policies in Part II, Item 8 of this Annual Report on Form 10-K for a description of recent accounting pronouncements and our expectation of their impact, if any, on our results of operations and financial condition.
Item 7A. Quantitative and Qualitative Disclosures About Market Risk
Foreign Currency Exchange Risk
Our sales contracts are primarily denominated in U.S. dollars. A portion of our operating expenditures are denominated in foreign currencies, making them subject to fluctuations in foreign currency exchange rates. Additionally, fluctuations in foreign currency exchange rates may cause us to recognize transaction gains and losses in our statement of operations. Foreign currency remeasurement gains and losses and foreign currency transaction gains and losses have not had a significant impact to our consolidated financial statements.
We enter into foreign currency derivative contracts with maturities of 24 months or less, which we designate as cash flow hedges, to manage the foreign currency exchange risk associated with our revenue and operating expenditures. We also enter into foreign currency derivative contracts that are not designated as hedging instruments to hedge a portion of our outstanding monetary assets and liabilities denominated in foreign currencies. These foreign currency derivative contracts reduce but do not entirely eliminate the effect of foreign exchange rate fluctuations.
A hypothetical 10% change in foreign exchange rates on monetary assets and liabilities would not be material to our financial condition or results of operations after taking into consideration the effect of foreign currency forward contracts in place as of July 31, 2025. The effectiveness of our existing hedging transactions and the availability and effectiveness of any hedging transactions we may decide to enter into in the future may be limited, and we may not be able to successfully hedge our exposure, which could adversely affect our financial condition and results of operations. Refer to Note 6. Derivative Instruments in Part II, Item 8 of this Annual Report on Form 10-K for more information.
As our international operations grow, our risks associated with fluctuations in foreign currency exchange rates will become greater, and we will continue to reassess our approach to managing this risk. In addition, a weakening U.S. dollar can increase the costs of our international expansion and a strengthening U.S. dollar can increase the real cost of our products and services to our end-customers outside of the United States, leading to delays in the purchase of our products and services. For additional information, see the risk factor entitled “We are exposed to fluctuations in foreign currency exchange rates, which could negatively affect our financial condition and operating results.” in Part 1, Item 1A of this Annual Report on Form 10-K.
Interest Rate Risk
The primary objectives of our investment activities are to preserve principal, provide liquidity, and maximize income without significantly increasing risk. Most of the securities we invest in are subject to interest rate risk. To minimize this risk, we maintain a diversified portfolio of cash, cash equivalents, and investments, consisting only of investment-grade securities. To assess the interest rate risk, we performed a sensitivity analysis to determine the impact a change in interest rates would have on the value of the investment portfolio. Based on investment positions as of July 31, 2025, a hypothetical 100 basis point increase in interest rates across all maturities would result in a $132.3 million decline in the fair market value of the portfolio. Such losses would only be realized if we sold the investments prior to maturity. Conversely, a hypothetical 100 basis point decrease in interest rates would lead to a $134.7 million increase in the fair market value of the portfolio.
Item 8. Financial Statements and Supplementary Data
Index To Consolidated Financial Statements
Report of Independent Registered Public Accounting Firm
To the Stockholders and the Board of Directors of Palo Alto Networks, Inc.
Opinion on the Financial Statements
We have audited the accompanying consolidated balance sheets of Palo Alto Networks, Inc. (the Company) as of July 31, 2025 and 2024, the related consolidated statements of operations, comprehensive income, stockholders’ equity and cash flows for each of the three years in the period ended July 31, 2025, and the related notes (collectively referred to as the “consolidated financial statements”). In our opinion, the consolidated financial statements present fairly, in all material respects, the financial position of the Company at July 31, 2025 and 2024, and the results of its operations and its cash flows for each of the three years in the period ended July 31, 2025, in conformity with U.S. generally accepted accounting principles.
We also have audited, in accordance with the standards of the Public Company Accounting Oversight Board (United States) (PCAOB), the Company’s internal control over financial reporting as of July 31, 2025, based on criteria established in Internal Control—Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission (2013 framework), and our report dated August 29, 2025 expressed an unqualified opinion thereon.
Basis for Opinion
These financial statements are the responsibility of the Company’s management. Our responsibility is to express an opinion on the Company’s financial statements based on our audits. We are a public accounting firm registered with the PCAOB and are required to be independent with respect to the Company in accordance with the U.S. federal securities laws and the applicable rules and regulations of the Securities and Exchange Commission and the PCAOB.
We conducted our audits in accordance with the standards of the PCAOB. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether due to error or fraud. Our audits included performing procedures to assess the risks of material misstatement of the financial statements, whether due to error or fraud, and performing procedures that respond to those risks. Such procedures included examining, on a test basis, evidence regarding the amounts and disclosures in the financial statements. Our audits also included evaluating the accounting principles used and significant estimates made by management, as well as evaluating the overall presentation of the financial statements. We believe that our audits provide a reasonable basis for our opinion.
Critical Audit Matter
The critical audit matters communicated below are matters arising from the current period audit of the financial statements that were communicated or required to be communicated to the audit committee and that: (1) relate to accounts or disclosures that are material to the financial statements and (2) involved our especially challenging, subjective or complex judgments. The communication of critical audit matters does not alter in any way our opinion on the consolidated financial statements, taken as a whole, and we are not, by communicating the critical audit matters below, providing separate opinions on the critical audit matters or on the accounts or disclosures to which they relate.
REVENUE RECOGNITION
| | | | | |
Description
of the Matter | As described in Note 1 to the consolidated financial statements, the Company’s contracts with customers sometimes contain multiple performance obligations, which are accounted for separately if they are distinct. In such cases, the transaction price is then allocated to the distinct performance obligations on a relative standalone selling price basis, and revenue is recognized when control of the distinct performance obligation is transferred. For example, product revenue is recognized at the time of hardware shipment or delivery of software license, and subscription and support revenue is recognized over time as the services are performed. Auditing the Company’s revenue recognition was complex, including the identification and determination of distinct performance obligations and the timing of revenue recognition. For example, there were certain customer arrangements with nonstandard terms and conditions that required judgment to determine the distinct performance obligations and the impact on the timing of revenue recognition. |
How We Addressed
the Matter in Our Audit | We obtained an understanding, evaluated the design and tested the operating effectiveness of the Company’s process and controls to identify and determine the distinct performance obligations and the timing of revenue recognition. To test the identification and determination of the distinct performance obligations and the timing of revenue recognition, our audit procedures included, among others, reading the executed contract and other contractual documents to understand the contract, identifying the performance obligation(s), determining the distinct performance obligations, and evaluating the timing of revenue recognition for a sample of individual sales transactions. We evaluated the accuracy of the Company’s contract summary documentation, specifically related to the identification and determination of distinct performance obligations and the timing of revenue recognition. |
| |
| |
| |
VALUATION OF CONTINGENT CONSIDERATION LIABILITY IN CONNECTION WITH THE ACQUISITION OF IBM QRADAR ASSETS
| | | | | |
Description
of the Matter | As described in Note 8 to the consolidated financial statements, the Company completed the acquisition of certain IBM QRadar assets on August 31, 2024, for which the purchase consideration included contingent consideration. The Company has determined the fair value of contingent consideration liability to be $513.6 million as of July 31, 2025, using a discounted cash flow valuation technique including an estimate of future cash payments related to customers entering into qualified new transactions with the Company as well as a risk-adjusted discount rate used to present value the expected cash flows. Auditing the Company’s accounting for contingent consideration liability was complex due to estimation uncertainty in the Company’s determination of the fair value due to the significant assumption about customer transactions that will qualify for cash payments under the arrangement. The significant assumption is forward-looking, dependent upon customer behavior, and could be affected by various factors including future economic and market conditions. |
How We Addressed
the Matter in Our Audit | We obtained an understanding, evaluated the design and tested the operating effectiveness of the Company’s process and controls to estimate fair value of the contingent consideration liability. We also tested controls regarding management’s review of assumptions used in the valuation model. To test the estimated fair value of this contingent consideration liability, our audit procedures included, among others, assessing the valuation methodology with the assistance of a valuation specialist, and testing the significant assumption about customer transactions that will qualify for cash payments under the arrangement and the completeness and accuracy of the underlying data used by the Company. We also performed a sensitivity analysis to evaluate the changes in the fair value of this contingent consideration liability that would result from changes in the significant assumption. We also considered whether the assumption was consistent with evidence obtained in other areas of the audit. |
| |
| |
| |
/s/ Ernst & Young LLP
We have served as the Company’s auditor since 2009.
San Mateo, California
August 29, 2025
Report of Independent Registered Public Accounting Firm
To the Stockholders and the Board of Directors of Palo Alto Networks, Inc.
Opinion on Internal Control Over Financial Reporting
We have audited Palo Alto Networks, Inc.’s internal control over financial reporting as of July 31, 2025, based on criteria established in Internal Control—Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission (2013 framework) (the COSO criteria). In our opinion, Palo Alto Networks, Inc. (the Company) maintained, in all material respects, effective internal control over financial reporting as of July 31, 2025, based on the COSO criteria.
We also have audited, in accordance with the standards of the Public Company Accounting Oversight Board (United States) (PCAOB), the consolidated balance sheets of the Company as of July 31, 2025 and 2024, the related consolidated statements of operations, comprehensive income, stockholders’ equity and cash flows for each of the three years in the period ended July 31, 2025, and the related notes and our report dated August 29, 2025 expressed an unqualified opinion thereon.
Basis for Opinion
The Company’s management is responsible for maintaining effective internal control over financial reporting and for its assessment of the effectiveness of internal control over financial reporting included in the accompanying Management’s Annual Report on Internal Control over Financial Reporting. Our responsibility is to express an opinion on the Company’s internal control over financial reporting based on our audit. We are a public accounting firm registered with the PCAOB and are required to be independent with respect to the Company in accordance with the U.S. federal securities laws and the applicable rules and regulations of the Securities and Exchange Commission and the PCAOB.
We conducted our audit in accordance with the standards of the PCAOB. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether effective internal control over financial reporting was maintained in all material respects.
Our audit included obtaining an understanding of internal control over financial reporting, assessing the risk that a material weakness exists, testing and evaluating the design and operating effectiveness of internal control based on the assessed risk, and performing such other procedures as we considered necessary in the circumstances. We believe that our audit provides a reasonable basis for our opinion.
Definition and Limitations of Internal Control Over Financial Reporting
A company’s internal control over financial reporting is a process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles. A company’s internal control over financial reporting includes those policies and procedures that (1) pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the company; (2) provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the company are being made only in accordance with authorizations of management and directors of the company; and (3) provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use, or disposition of the company’s assets that could have a material effect on the financial statements.
Because of its inherent limitations, internal control over financial reporting may not prevent or detect misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate.
/s/ Ernst & Young LLP
San Mateo, California
August 29, 2025
PALO ALTO NETWORKS, INC.
| | | | | | | | | | | |
CONSOLIDATED BALANCE SHEETS
(In millions, except per share data) |
| July 31, |
| 2025 | | 2024 |
| Assets | | | |
| Current assets: | | | |
| Cash and cash equivalents | $ | 2,268.6 | | | $ | 1,535.2 | |
| Short-term investments | 634.6 | | | 1,043.6 | |
Accounts receivable, net of allowance for credit losses of $9.7 and $7.5 as of July 31, 2025 and July 31, 2024, respectively | 2,965.0 | | | 2,618.6 | |
| Short-term financing receivables, net | 714.6 | | | 725.9 | |
| Short-term deferred contract costs | 419.5 | | | 369.0 | |
| Prepaid expenses and other current assets | 520.5 | | | 557.4 | |
| Total current assets | 7,522.8 | | | 6,849.7 | |
| Property and equipment, net | 387.3 | | | 361.1 | |
| Operating lease right-of-use assets | 347.0 | | | 385.9 | |
| Long-term investments | 5,555.6 | | | 4,173.2 | |
| Long-term financing receivables, net | 1,002.3 | | | 1,182.1 | |
| Long-term deferred contract costs | 585.9 | | | 562.0 | |
| Goodwill | 4,566.6 | | | 3,350.1 | |
| Intangible assets, net | 762.7 | | | 374.9 | |
Deferred tax assets | 2,424.2 | | | 2,399.0 | |
| Other assets | 421.8 | | | 352.9 | |
| Total assets | $ | 23,576.2 | | | $ | 19,990.9 | |
| Liabilities and stockholders’ equity | | | |
| Current liabilities: | | | |
| Accounts payable | $ | 232.2 | | | $ | 116.3 | |
| Accrued compensation | 607.6 | | | 554.7 | |
| Accrued and other liabilities | 846.0 | | | 506.7 | |
| Deferred revenue | 6,302.2 | | | 5,541.1 | |
| Convertible senior notes, net | — | | | 963.9 | |
| Total current liabilities | 7,988.0 | | | 7,682.7 | |
| | | |
| Long-term deferred revenue | 6,449.7 | | | 5,939.4 | |
Deferred tax liabilities | 89.1 | | | 387.7 | |
| Long-term operating lease liabilities | 338.2 | | | 380.5 | |
| Other long-term liabilities | 886.8 | | | 430.9 | |
| Total liabilities | 15,751.8 | | | 14,821.2 | |
Commitments and contingencies (Note 13) | | | |
| | | |
| Stockholders’ equity: | | | |
Preferred stock; $0.0001 par value; 100.0 shares authorized; none issued and outstanding as of July 31, 2025 and July 31, 2024 | — | | | — | |
Common stock and additional paid-in capital; $0.0001 par value; 2,000.0 shares authorized; 667.9 and 650.2 shares issued and outstanding as of July 31, 2025 and July 31, 2024, respectively | 5,291.9 | | | 3,821.1 | |
Accumulated other comprehensive income (loss) | 48.4 | | | (1.6) | |
Retained earnings | 2,484.1 | | | 1,350.2 | |
| Total stockholders’ equity | 7,824.4 | | | 5,169.7 | |
| Total liabilities and stockholders’ equity | $ | 23,576.2 | | | $ | 19,990.9 | |
| | | |
See notes to consolidated financial statements.
PALO ALTO NETWORKS, INC.
| | | | | | | | | | | | | | | | | |
CONSOLIDATED STATEMENTS OF OPERATIONS (In millions, except per share data) |
| Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
| Revenue: | | | | | |
| Product | $ | 1,801.9 | | | $ | 1,603.3 | | | $ | 1,578.4 | |
| Subscription and support | 7,419.6 | | | 6,424.2 | | | 5,314.3 | |
| Total revenue | 9,221.5 | | | 8,027.5 | | | 6,892.7 | |
| Cost of revenue: | | | | | |
| Product | 413.2 | | | 348.2 | | | 418.3 | |
| Subscription and support | 2,038.4 | | | 1,711.0 | | | 1,491.4 | |
| Total cost of revenue | 2,451.6 | | | 2,059.2 | | | 1,909.7 | |
| Total gross profit | 6,769.9 | | | 5,968.3 | | | 4,983.0 | |
| Operating expenses: | | | | | |
| Research and development | 1,984.1 | | | 1,809.4 | | | 1,604.0 | |
| Sales and marketing | 3,100.2 | | | 2,794.5 | | | 2,544.0 | |
| General and administrative | 442.7 | | | 680.5 | | | 447.7 | |
| Total operating expenses | 5,527.0 | | | 5,284.4 | | | 4,595.7 | |
Operating income | 1,242.9 | | | 683.9 | | | 387.3 | |
| Interest expense | (3.0) | | | (8.3) | | | (27.2) | |
| Other income, net | 355.8 | | | 312.7 | | | 206.2 | |
Income before income taxes | 1,595.7 | | | 988.3 | | | 566.3 | |
Provision for (benefit from) income taxes | 461.8 | | | (1,589.3) | | | 126.6 | |
Net income | $ | 1,133.9 | | | $ | 2,577.6 | | | $ | 439.7 | |
Net income per share, basic | $ | 1.71 | | | $ | 4.04 | | | $ | 0.73 | |
Net income per share, diluted | $ | 1.60 | | | $ | 3.64 | | | $ | 0.64 | |
Weighted-average shares used to compute net income per share, basic | 662.5 | | | 638.5 | | | 606.4 |
Weighted-average shares used to compute net income per share, diluted | 709.3 | | | 707.9 | | | 684.5 |
| | | | | |
See notes to consolidated financial statements.
PALO ALTO NETWORKS, INC.
| | | | | | | | | | | | | | | | | |
CONSOLIDATED STATEMENTS OF COMPREHENSIVE INCOME (In millions) |
| Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
Net income | $ | 1,133.9 | | | $ | 2,577.6 | | | $ | 439.7 | |
Other comprehensive income, net of tax: | | | | | |
| Change in unrealized gains (losses) on investments | 18.5 | | | 48.2 | | | (13.0) | |
| Cash flow hedges: | | | | | |
| Change in unrealized gains (losses) | 29.6 | | | (18.9) | | | (0.2) | |
| Net realized (gains) losses reclassified into earnings | 1.9 | | | 12.3 | | | 25.6 | |
| Net change on cash flow hedges | 31.5 | | | (6.6) | | | 25.4 | |
Other comprehensive income | 50.0 | | | 41.6 | | | 12.4 | |
Comprehensive income | $ | 1,183.9 | | | $ | 2,619.2 | | | $ | 452.1 | |
See notes to consolidated financial statements.
PALO ALTO NETWORKS, INC.
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
CONSOLIDATED STATEMENTS OF STOCKHOLDERS’ EQUITY (In millions) |
| | Common Stock
and
Additional Paid-In Capital | | Accumulated Other Comprehensive Income (Loss) | | Retained Earnings (Accumulated Deficit) | | Total Stockholders’ Equity |
| | Shares | | Amount | |
| Balance as of July 31, 2022 | 597.7 | | | $ | 1,932.7 | | | $ | (55.6) | | | $ | (1,667.1) | | | $ | 210.0 | |
| | | | | | | | | |
Net Income | — | | | — | | | — | | | 439.7 | | | 439.7 | |
Other comprehensive income | — | | | — | | | 12.4 | | | — | | | 12.4 | |
| Issuance of common stock in connection with employee equity incentive plans | 22.6 | | | 259.7 | | | — | | | — | | | 259.7 | |
| Taxes paid related to net share settlement of equity awards | — | | | (20.4) | | | — | | | — | | | (20.4) | |
| Share-based compensation for equity-based awards | — | | | 1,097.0 | | | — | | | — | | | 1,097.0 | |
| Repurchase and retirement of common stock | (3.6) | | | (250.0) | | | — | | | — | | | (250.0) | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| Settlement of convertible notes | 22.9 | | | — | | | — | | | — | | | — | |
Settlement of note hedges | (22.9) | | | — | | | — | | | — | | | — | |
| Balance as of July 31, 2023 | 616.7 | | | 3,019.0 | | | (43.2) | | | (1,227.4) | | | 1,748.4 | |
| | | | | | | | | |
Net income | — | | | — | | | — | | | 2,577.6 | | | 2,577.6 | |
Other comprehensive income | — | | | — | | | 41.6 | | | — | | | 41.6 | |
| Issuance of common stock in connection with employee equity incentive plans | 19.5 | | | 282.7 | | | — | | | — | | | 282.7 | |
| Taxes paid related to net share settlement of equity awards | — | | | (26.6) | | | — | | | — | | | (26.6) | |
| Share-based compensation for equity-based awards | — | | | 1,115.3 | | | — | | | — | | | 1,115.3 | |
| Repurchase and retirement of common stock | (4.0) | | | (566.7) | | | — | | | — | | | (566.7) | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| Settlement of convertible notes | 14.0 | | | (2.6) | | | — | | | — | | | (2.6) | |
Settlement of note hedges | (14.0) | | | — | | | — | | | — | | | — | |
| Settlement of warrants | 18.0 | | | — | | | — | | | — | | | — | |
| | | | | | | | | |
| | | | | | | | | |
| Balance as of July 31, 2024 | 650.2 | | | 3,821.1 | | | (1.6) | | | 1,350.2 | | | 5,169.7 | |
| | | | | | | | | |
| Net income | — | | | — | | | — | | | 1,133.9 | | | 1,133.9 | |
| Other comprehensive income | — | | | — | | | 50.0 | | | — | | | 50.0 | |
| Issuance of common stock in connection with employee equity incentive plans | 17.7 | | | 369.3 | | | — | | | — | | | 369.3 | |
| Taxes paid related to net share settlement of equity awards | — | | | (183.8) | | | — | | | — | | | (183.8) | |
| Share-based compensation for equity-based awards | — | | | 1,285.3 | | | — | | | — | | | 1,285.3 | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| Settlement of convertible notes | 14.0 | | | — | | | — | | | — | | | — | |
| Settlement of note hedges | (14.0) | | | — | | | — | | | — | | | — | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| Balance as of July 31, 2025 | 667.9 | | | $ | 5,291.9 | | | $ | 48.4 | | | $ | 2,484.1 | | | $ | 7,824.4 | |
See notes to consolidated financial statements.
PALO ALTO NETWORKS, INC.
| | | | | | | | | | | | | | | | | |
CONSOLIDATED STATEMENTS OF CASH FLOWS (In millions) |
| Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
| Cash flows from operating activities | | | | | |
Net income | $ | 1,133.9 | | | $ | 2,577.6 | | | $ | 439.7 | |
Adjustments to reconcile net income to net cash provided by operating activities: | | | | | |
| Share-based compensation for equity-based awards | 1,295.1 | | | 1,075.4 | | | 1,074.5 | |
| Deferred income taxes | (349.9) | | | (2,033.7) | | | 12.5 | |
| Depreciation and amortization | 343.4 | | | 283.3 | | | 282.2 | |
| | | | | |
| Amortization of deferred contract costs | 480.6 | | | 446.0 | | | 413.4 | |
Amortization of debt issuance costs | 1.1 | | | 3.5 | | | 6.7 | |
Change in fair value of contingent consideration liability | (135.3) | | | — | | | — | |
| Reduction of operating lease right-of-use assets | 65.4 | | | 55.3 | | | 49.9 | |
| Amortization of investment premiums, net of accretion of purchase discounts | (41.1) | | | (60.1) | | | (52.2) | |
| | | | | |
| | | | | |
| Changes in operating assets and liabilities, net of effects of acquisitions: | | | | | |
| Accounts receivable, net | (345.3) | | | (154.3) | | | (320.3) | |
| Financing receivables, net | 191.1 | | | (865.9) | | | (738.7) | |
| Deferred contract costs | (555.0) | | | (489.3) | | | (431.9) | |
| Prepaid expenses and other assets | 88.3 | | | (134.1) | | | (270.6) | |
| Accounts payable | 106.8 | | | (15.0) | | | 1.0 | |
| Accrued compensation | 51.3 | | | 3.8 | | | 84.4 | |
| Accrued and other liabilities | 147.5 | | | 384.5 | | | (74.8) | |
| Deferred revenue | 1,238.1 | | | 2,180.6 | | | 2,301.7 | |
| Net cash provided by operating activities | 3,716.0 | | | 3,257.6 | | | 2,777.5 | |
| Cash flows from investing activities | | | | | |
| Purchases of investments | (3,695.9) | | | (3,551.3) | | | (5,460.4) | |
| Proceeds from sales of investments | 1,196.9 | | | 956.2 | | | 965.9 | |
| Proceeds from maturities of investments | 1,594.9 | | | 1,852.6 | | | 2,811.5 | |
Business acquisitions, net of cash and restricted cash acquired | (1,054.4) | | | (610.6) | | | (204.5) | |
| Purchases of property, equipment, and other assets | (246.2) | | | (156.8) | | | (146.3) | |
| Net cash used in investing activities | (2,204.7) | | | (1,509.9) | | | (2,033.8) | |
| Cash flows from financing activities | | | | | |
| Repayments of convertible senior notes | (965.6) | | | (1,033.7) | | | (1,692.0) | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| Repurchases of common stock | — | | | (566.7) | | | (272.7) | |
| Proceeds from sales of shares through employee equity incentive plans | 370.5 | | | 283.9 | | | 258.8 | |
| Payments for taxes related to net share settlement of equity awards | (183.8) | | | (26.6) | | | (20.4) | |
| | | | | |
| Net cash used in financing activities | (778.9) | | | (1,343.1) | | | (1,726.3) | |
Net increase (decrease) in cash, cash equivalents, and restricted cash | 732.4 | | | 404.6 | | | (982.6) | |
| Cash, cash equivalents, and restricted cash—beginning of period | 1,546.8 | | | 1,142.2 | | | 2,124.8 | |
| Cash, cash equivalents, and restricted cash—end of period | $ | 2,279.2 | | | $ | 1,546.8 | | | $ | 1,142.2 | |
| | | | | |
| Reconciliation of cash, cash equivalents, and restricted cash to the consolidated balance sheets | | | | | |
| Cash and cash equivalents | $ | 2,268.6 | | | $ | 1,535.2 | | | $ | 1,135.3 | |
| Restricted cash included in prepaid expenses and other current assets | 10.6 | | | 11.6 | | | 6.9 | |
| | | | | |
| Total cash, cash equivalents, and restricted cash | $ | 2,279.2 | | | $ | 1,546.8 | | | $ | 1,142.2 | |
| | | | | |
| Non-cash investing and financing activities | | | | | |
| Equity consideration for business acquisitions | $ | (27.1) | | | $ | (27.4) | | | $ | (0.3) | |
Contingent consideration for a business acquisition | $ | (648.9) | | | $ | — | | | $ | — | |
| | | | | |
| Supplemental disclosures of cash flow information | | | | | |
| Cash paid for income taxes | $ | 505.5 | | | $ | 342.3 | | | $ | 147.1 | |
| Cash paid for contractual interest | $ | 1.7 | | | $ | 5.6 | | | $ | 20.2 | |
See notes to consolidated financial statements.
Notes To Consolidated Financial Statements
1. Description of Business and Summary of Significant Accounting Policies
Description of Business
Palo Alto Networks, Inc. (the “Company,” “we,” “us,” or “our”), headquartered in Santa Clara, California, was incorporated in March 2005 under the laws of the State of Delaware and commenced operations in April 2005. Our cybersecurity platforms and services help enterprises, organizations, service providers, and government entities to secure their users, networks, clouds, and endpoints by delivering comprehensive cybersecurity backed by artificial intelligence and automation.
Basis of Presentation
The accompanying consolidated financial statements have been prepared in conformity with U.S. generally accepted accounting principles (“U.S. GAAP”). The consolidated financial statements include all adjustments necessary for a fair presentation of our annual results. All adjustments are of a normal recurring nature.
Principles of Consolidation
The consolidated financial statements include our accounts and our wholly owned subsidiaries. All significant intercompany balances and transactions have been eliminated in consolidation.
Use of Estimates
The preparation of consolidated financial statements in conformity with U.S. GAAP requires management to make estimates and assumptions that affect the amounts reported and disclosed in the consolidated financial statements and the accompanying notes. We evaluate our estimates on an ongoing basis. Management estimates include, but are not limited to, the standalone selling price for our products and services, share-based compensation, fair value of assets acquired and liabilities assumed in business combinations, fair value of our contingent consideration liability, the assessment of recoverability of our intangibles and goodwill, valuation allowance against deferred tax assets, valuation of inventory and manufacturing partner and supplier liabilities, deferred contract costs benefit period, and loss contingencies. We base our estimates on assumptions, both historical and forward looking, that we believe are reasonable. Actual results could differ materially from those estimates due to risks and uncertainties.
Stock Split
On December 12, 2024, we effected a two-for-one stock split of our outstanding shares of common stock through an amendment to our restated certificate of incorporation (“Stock Split”), which also effected a proportionate increase in the number of authorized shares of our common stock from 1.0 billion to 2.0 billion. The par value per share of our common stock remains unchanged at $0.0001 per share after the Stock Split. All references made to share or per share amounts related to our common stock have been retroactively adjusted on the accompanying consolidated financial statements and applicable disclosures to reflect the effects of the Stock Split.
Concentrations of Risks
Financial instruments that subject us to concentrations of credit risk consist primarily of cash and cash equivalents, investments, derivative contracts, accounts receivable and financing receivables.
We invest only in high-quality credit instruments and our cash and cash equivalents and available-for-sale investments consist primarily of fixed income securities held at large, diverse financial institutions to reduce the credit risk exposure to any single financial institution. Deposits held with banks may exceed the amount of insurance provided on such deposits.
Our derivative contracts expose us to credit risk to the extent that the counterparties are unable to meet the terms of the arrangement. We mitigate credit risk by transacting with multiple major financial institutions with high credit ratings and also enter into master netting arrangements, which permit net settlement of transactions with the same counterparty. We are not required to pledge, and are not entitled to receive, cash collateral related to these derivative instruments. We do not enter into derivative contracts for trading or speculative purposes.
Our accounts receivable are primarily derived from our distributors in various geographical locations. Our financing receivables are with qualified end-customers and channel partners. We perform ongoing credit evaluations and generally do not require collateral on accounts receivable or financing receivables.
As of July 31, 2025, three distributors individually represented 10% or more of our gross accounts receivable, and in the aggregate represented 44.8% of our gross accounts receivable. As of July 31, 2025, no end-customers or channel partners represented 10% or more of our gross financing receivables.
For fiscal 2025, three distributors represented 10% or more of our total revenue, representing 18.8%, 14.4%, and 11.0% respectively. No single end-customer accounted for more than 10% of our total revenue in fiscal 2025, 2024, or 2023.
We rely on an electronics manufacturing services provider (“EMS provider”) to assemble most of our products and sole source component suppliers for certain components.
Comprehensive Income
Comprehensive income is comprised of net income and other comprehensive income. Our other comprehensive income includes unrealized gains and losses on available-for-sale investments and unrealized gains and losses on cash flow hedges, net of tax effects.
Foreign Currency Transactions
The functional currency of our foreign subsidiaries is the U.S. dollar. Monetary assets and liabilities denominated in foreign currencies have been remeasured into U.S. dollars using the exchange rates in effect at the balance sheet dates. Foreign currency remeasurement gains and losses and foreign currency transaction gains and losses are not significant to the consolidated financial statements.
Fair Value
We define fair value as the price that would be received from selling an asset or paid to transfer a liability in an orderly transaction between market participants at the measurement date. When determining the fair value measurements for assets and liabilities which are required to be recorded at fair value, we consider the principal or most advantageous market in which to transact and the market-based risk.
We categorize assets and liabilities recorded or disclosed at fair value on our consolidated balance sheets based upon the level of judgment associated with inputs used to measure their fair value. The categories are as follows:
•Level 1—Inputs are unadjusted quoted prices in active markets for identical assets or liabilities.
•Level 2—Inputs are quoted prices for similar assets and liabilities in active markets or inputs that are observable for the assets or liabilities, either directly or indirectly through market corroboration, for substantially the full term of the financial instruments.
•Level 3—Inputs are unobservable inputs based on our own assumptions used to measure assets and liabilities at fair value. The inputs require significant management judgment or estimation.
Our financial assets and liabilities that are measured at fair value on a recurring basis include marketable securities, derivative financial instruments, and contingent consideration liability. Goodwill, intangible assets, and other long-lived assets are measured at fair value on a nonrecurring basis, only if impairment is indicated. Certain certificates of deposit, time deposits, and overnight sweep accounts recorded in cash and cash equivalents and short-term investments are stated at their carrying amounts, which approximate fair value due to their short maturities. The carrying amounts of accounts receivable, accounts payable, and accrued liabilities approximate fair value due to their short-term nature.
Cash, Cash Equivalents, and Investments
We consider all highly liquid investments with original maturities of three months or less at the date of purchase to be cash equivalents. Investments not considered cash equivalents and with maturities of one year or less from the consolidated balance sheet date are classified as short-term investments. Investments with maturities greater than one year from the consolidated balance sheet date are classified as long-term investments.
We determine the classification of our investments in marketable debt securities at the time of purchase and reevaluate such determination at each balance sheet date. Our marketable debt securities are classified as available-for-sale. Debt securities in an unrealized loss position are written down to its fair value with the corresponding charge recorded in other income, net on our consolidated statements of operations, if it is more likely than not that we will be required to sell the impaired security before recovery of its amortized cost basis, or we have the intention to sell the security. If neither of these conditions are met, we determine whether a credit loss exists by comparing the present value of the expected cash flows of the security with its amortized cost basis. An allowance for credit losses is recorded in other income, net on our consolidated statements of operations for an amount not to exceed the unrealized loss. Unrealized losses that are not credit-related are included in accumulated other comprehensive income (loss) (“AOCI”) in stockholders’ equity.
Accounts Receivable
Trade accounts receivable are recorded at the invoiced amount, net of allowances for credit losses. The allowance for credit losses is based on our assessment of collectability. Management regularly reviews the adequacy of the allowance for credit losses on a collective basis by considering the age of each outstanding invoice, each customer’s expected ability to pay and collection history, current market conditions, and, where appropriate, reasonable and supportable forecasts of future economic conditions. Accounts receivable deemed uncollectible are charged against the allowance for credit losses. For the years ended July 31, 2025, 2024 and 2023, the allowance for credit losses activity was not significant.
Financing Receivables
We provide financing arrangements for certain qualified end-customers and channel partners to purchase our products and services. Payment terms on these financing arrangements are generally two to five years. Financing receivables are recorded at amortized cost, which approximates fair value. As part of our financing credit risk management policy, we may sell financing receivables with an internal risk rating of 5 or greater on a non-recourse basis to third-party financial institutions when the outstanding balance of our financing receivables exceeds preestablished thresholds. The financing receivables are derecognized upon sale as these transactions qualify as true sales. We classify the proceeds from these sales as cash flows from operating activities on our consolidated statements of cash flows.
We evaluate the allowance for credit losses by assessing the risks and losses inherent in our financing receivables on either an individual or a collective basis. Our assessment considers various factors, including lifetime expected losses determined using customer risk profile, current economic conditions that may affect a customer’s ability to pay, and forward-looking economic considerations. Financing receivables deemed uncollectible are charged against the allowance for credit losses.
Derivatives
We are exposed to foreign currency exchange risk, which we manage through the use of derivative financial instruments. Our derivative financial instruments are recorded at fair value, on a gross basis, as either assets or liabilities on our consolidated balance sheets.
Our sales contracts are primarily denominated in U.S. dollars. A portion of our operating expenditures are denominated in foreign currencies, making them subject to fluctuations in foreign currency exchange rates. We enter into foreign currency derivative contracts with maturities of 24 months or less, which we designate as cash flow hedges, to manage the foreign currency exchange risk associated with our revenue and operating expenditures. Gains and losses related to the effective portion of our cash flow hedges are recorded as a component of AOCI on our consolidated balance sheets and are reclassified into the financial statement line item associated with the underlying hedged transaction on our consolidated statements of operations when the underlying hedged transaction is recognized in earnings. In the event the underlying hedged transaction does not occur, or it becomes probable that it will not occur within the defined hedge period, the gains or losses on the related cash flow hedges are recognized in other income, net on our consolidated statements of operations. Cash flows from foreign currency derivative contracts designated as cash flow hedges are classified on our consolidated statements of cash flows in the same manner as the underlying hedged transaction, primarily within cash flows from operating activities.
We also enter into foreign currency derivative contracts to hedge a portion of our outstanding monetary assets and liabilities denominated in foreign currencies. These derivatives are not designated as hedging instruments for accounting purposes, and the related gains and losses are recorded in other income, net on our consolidated statements of operations.
Inventory and Manufacturing Partner and Supplier Liabilities
Inventory consists primarily of raw materials and service-related spares, and is stated at the lower of average cost and net realizable value. Inventory is included in prepaid expenses and other current assets on our consolidated balance sheets. Inventory that is obsolete or in excess of forecasted demand is written down to its estimated realizable value. Once inventory has been written down, a new, lower-cost basis for that inventory is established.
We outsource most of our manufacturing, repair, and supply chain management operations to our EMS provider and payments to it are a significant portion of our cost of product revenue. Although we are contractually obligated to purchase manufactured products and components, we generally do not own the components and manufactured products. Product title transfers from our EMS provider to us and immediately to our customers upon shipment. We record a liability for manufacturing purchase commitments in excess of our forecasted demand.
We use consistent demand forecasts for our valuation of excess and obsolete inventory and manufacturing partner and supplier liabilities. These forecasts are based upon historical trends and analysis, adjusted for overall market conditions. Inventory write-downs and excess manufacturing purchase commitment charges are included in cost of product revenue on our consolidated statements of operations.
Property and Equipment
Property and equipment are stated at cost, less accumulated depreciation. Depreciation is computed using the straight-line method over the estimated useful lives of the assets. Land is not depreciated. The estimated useful lives of our depreciable assets are as follows:
| | | | | | | | |
| Asset category | | Useful life |
Computers, equipment, and software | | 3 years - 5 years |
Demonstration units | | 4 years |
Furniture and fixtures | | 5 years |
Leasehold improvements | | Lesser of 10 years or remaining lease term |
Business Combinations
We include the results of operations of the businesses that we acquire as of the respective dates of acquisition. We allocate the fair value of the purchase price of our acquisitions to the assets acquired and liabilities assumed, including contingent consideration, generally based on their estimated fair values. The excess of the purchase price over the fair values of these identifiable assets and liabilities is recorded as goodwill. Additional information existing as of the acquisition date but unknown to us may become known during the remainder of the measurement period, not to exceed 12 months from the acquisition date, which may result in changes to the amounts and allocations recorded.
Contingent consideration obligation incurred in connection with a business combination is recorded at fair value on the acquisition date and remeasured at each subsequent reporting period until the related contingencies have been resolved, with the change in fair value recognized in general and administrative expense on our consolidated statements of operations. Payments not made soon after the acquisition date to settle a contingent consideration liability are classified as cash flows from financing activities up to the amount of the contingent consideration liability recognized at the acquisition date.
Intangible Assets
Purchased intangible assets with finite lives are carried at cost, less accumulated amortization. Amortization is computed using the straight-line method over the estimated useful lives of the assets.
Impairment of Goodwill, Intangible Assets, and Other Long-Lived Assets
Goodwill is evaluated for impairment on an annual basis in the fourth quarter of our fiscal year, and whenever events or changes in circumstances indicate the carrying amount of goodwill may not be recoverable. We have elected to first assess qualitative factors to determine whether it is more likely than not that the fair value of our single reporting unit is less than its carrying amount, including goodwill. If we determine that it is more likely than not that the fair value is less than its carrying amount, then the quantitative impairment test will be performed. Under the quantitative impairment test, if the carrying amount exceeds its fair value, we will recognize an impairment loss in an amount equal to that excess but limited to the total amount of goodwill.
We evaluate events and changes in circumstances that could indicate carrying amounts of purchased intangible assets and other long-lived assets may not be recoverable. When such events or changes in circumstances occur, we assess the recoverability of an asset or asset group by determining whether or not the carrying amount will be recovered through undiscounted expected future cash flows. If the total of the future undiscounted cash flows is less than the carrying amount of an asset or asset group, we record an impairment loss for the amount by which the carrying amount exceeds the fair value of the asset or asset group.
We did not recognize any impairment losses on our goodwill, intangible assets, or other long-lived assets during the years ended July 31, 2025, 2024, and 2023.
Convertible Senior Notes
Our convertible senior notes were fully settled upon maturity as of July 31, 2025. Prior to settlement, our convertible senior notes were accounted for as a liability and measured at their amortized cost. Transaction costs related to the issuance of the notes were netted with the liability and were amortized on a straight-line basis, which approximates the effective interest rate method, to interest expense over the term of the notes.
Revenue Recognition
Our revenue consists of product revenue and subscription and support revenue. Revenue is recognized when control of promised products, subscriptions and support services are transferred to customers, in an amount that reflects the expected consideration in exchange for those products and services.
We determine revenue recognition through the following steps:
•Identification of the contract, or contracts, with a customer.
•Identification of the performance obligations in the contract.
•Determination of the transaction price.
•Allocation of the transaction price to the performance obligations in the contract.
•Recognition of revenue when, or as, we satisfy a performance obligation.
Revenues are reported net of sales taxes. Shipping charges billed to our customers are included in revenue and related costs are included in cost of revenue.
Product Revenue
Product revenue is derived from sales of our hardware products and software licenses. Our hardware products and software licenses include a broad set of built-in networking and security features and functionalities. We recognize product revenue at the time of hardware shipment or delivery of software license.
Subscription and Support Revenue
Subscription and support revenue is derived primarily from sales of our subscription and support offerings. We recognize subscription and support revenue over time as the services are performed. Our contractual subscription and support contracts are typically one to five years.
Contracts with Multiple Performance Obligations
The majority of our contracts with our customers include various combinations of our products and subscriptions and support. Our hardware products and software licenses are distinct from our subscriptions and support services as the customer can benefit from the product without these services and such services are separately identifiable within the contract. We account for multiple agreements with a single customer as a single contract if the contractual terms and/or substance of those agreements indicate that they may be so closely related that they are, in effect, parts of a single contract. The amount of consideration we expect to receive in exchange for delivering on the contract is allocated to each performance obligation based on its relative standalone selling price.
When estimating standalone selling price, we first consider the prices charged for a deliverable when sold separately. If the standalone selling price is not observable through past transactions, we estimate it based on our pricing model and our go-to-market strategy, which include factors such as type of sales channel (channel partner or end-customer), the geographies in which our offerings were sold (domestic or international), and offering type (products, subscriptions, or support).
Deferred Revenue
We record deferred revenue when customers are invoiced or cash payments are received in advance of our performance. Our payment terms typically require payment within 30 to 45 days of the date we issue an invoice. The current portion of deferred revenue represents the amounts that are expected to be recognized as revenue within one year of the consolidated balance sheet date.
Deferred Contract Costs
We defer contract costs that are recoverable and incremental to obtaining customer sales contracts. Contract costs, which primarily consist of sales commissions, are amortized on a systematic basis that is consistent with the transfer to the customer of the goods or services to which the asset relates. Certain sales commissions for initial contracts are not commensurate with the commissions for renewal contracts, given the substantive difference in commission rates in proportion to their respective contract values. Sales commissions for initial contracts that are not commensurate are amortized over a benefit period of five years. The benefit period is determined by taking into consideration contract length, expected renewals, technology life, and other quantitative and qualitative factors. Sales commissions for initial contracts that are commensurate and sales commissions for renewal contracts are amortized over the related contractual period.
We classify deferred contract costs as short-term or long-term based on when we expect to recognize the expense. The amortization of deferred contract costs is included in sales and marketing expense on our consolidated statements of operations. Deferred contract costs are periodically reviewed for impairment. We did not recognize any impairment losses on our deferred contract costs during the years ended July 31, 2025, 2024, or 2023.
Software Development Costs
Internally developed software includes security software developed to deliver our cloud-based subscription offerings to our end-customers. We capitalize internal compensation-related costs and external direct costs incurred during the application development stage and amortize these costs over a useful life of three years. As of July 31, 2025 and 2024, we capitalized as other assets on our consolidated balance sheets $167.3 million and $129.2 million in costs, respectively, net of accumulated amortization, for security software developed to deliver our cloud-based subscription offerings. We recognized amortization expense of $82.7 million, $77.2 million, and $79.5 million related to these capitalized costs as cost of subscription and support revenue on our consolidated statements of operations during the years ended July 31, 2025, 2024, and 2023, respectively.
The costs to develop software that is marketed externally have not been capitalized as we believe our current software development process is essentially completed concurrent with the establishment of technological feasibility. As such, all related software development costs are expensed as incurred and included in research and development expense on our consolidated statements of operations.
Share-Based Compensation
Compensation expense related to share-based transactions is measured at fair value on the grant date. We recognize share-based compensation expense for awards with only service conditions on a straight-line basis over the requisite service period. We recognize share-based compensation expense for awards with market conditions and awards with performance conditions on a straight-line basis over the requisite service period for each separately vesting tranche of the award. We recognize share-based compensation expense for awards with performance conditions when it is probable that the performance condition will be achieved. We account for forfeitures of all share-based payment awards when they occur.
Leases
We determine if an arrangement is a lease at inception. We evaluate the classification of leases at commencement and, as necessary, at modification. Operating lease related balances are included in operating lease right-of-use assets, accrued and other liabilities, and long-term operating lease liabilities on our consolidated balance sheets. We did not have any material finance leases in any of the periods presented.
Operating lease right-of-use assets represent our right to use an underlying asset for the lease term. Operating lease liabilities represent our obligation to make payments arising from the lease. Operating lease right-of-use assets and liabilities are recognized at the present value of the future lease payments at the lease commencement date. The interest rate used to determine the present value of the future lease payments is our incremental borrowing rate, because the interest rates implicit in our leases are not readily determinable. Our incremental borrowing rate is estimated to approximate the interest rate on a collateralized basis with similar terms and payments, and in similar economic environments. Operating lease right-of-use assets also include adjustments related to lease incentives, prepaid or accrued rent and initial direct lease costs. Operating lease right-of-use assets are subject to evaluation for impairment or disposal on a basis consistent with other long-lived assets.
Our lease terms may include periods under options to extend or terminate the lease when it is reasonably certain that we will exercise that option. We generally use the base, non-cancelable lease term when determining our operating lease right-of-use assets and lease liabilities. Operating lease costs are recognized on a straight-line basis over the lease term.
We account for lease and non-lease components as a single lease component and do not recognize right-of-use assets and lease liabilities for leases with a term of 12 months or less. Payments under our lease arrangements are primarily fixed, however, certain lease agreements contain variable payments, which are expensed as incurred and not included in operating lease right-of-use assets and liabilities. Our variable lease payments primarily consist of real estate taxes, common area maintenance charges, and insurance costs.
Income Taxes
We account for income taxes using the asset and liability method, which requires the recognition of deferred tax assets and liabilities for the expected future tax consequences of events that have been recognized in our consolidated financial statements or tax returns. In addition, deferred tax assets are recorded for all future benefits including, but not limited to, net operating losses, research and development credit carryforwards, and basis differences relating to our global intangible low-taxed income. Valuation allowances are provided when necessary to reduce deferred tax assets to the amount more likely than not to be realized.
Significant judgment is required in determining any valuation allowance recorded against deferred tax assets. In assessing the need for a valuation allowance, we consider all available evidence, including past operating results, estimates of future taxable income, and the feasibility of tax planning strategies. In the event that we change our determination as to the amount of deferred tax assets that can be realized, we will adjust our valuation allowance with a corresponding impact to the provision for income taxes in the period in which such determination is made.
We recognize liabilities for uncertain tax positions based on a two-step process which includes evaluating if a tax position is more likely than not to be sustained on audit and then measuring the tax benefit as the largest amount that is more likely than not to be realized upon ultimate settlement.
Loss Contingencies
We are subject to the possibility of various loss contingencies arising in the ordinary course of business. In determining loss contingencies, we consider the likelihood of loss or impairment of an asset, or the incurrence of a liability, as well as our ability to reasonably estimate the amount of loss. An estimated loss contingency is accrued when it is probable that an asset has been impaired or a liability has been incurred and the amount of loss can be reasonably estimated. If we determine that a loss is reasonably possible, then we disclose the possible loss or range of the possible loss or state that such an estimate cannot be made. We regularly evaluate current information available to us to determine whether an accrual is required, an accrual should be adjusted, or a range of possible loss should be disclosed.
Recently Adopted Accounting Pronouncement
Segment Reporting
In November 2023, the Financial Accounting Standards Board (“FASB”) issued authoritative guidance that expands annual and interim disclosure requirements for reportable segments, primarily through enhanced disclosures about significant segment expenses. We adopted the standard in our fourth quarter of fiscal 2025. Refer to Note 19. Segment Information for more details.
Recently Issued Accounting Pronouncements
Income Tax Disclosures
In December 2023, the FASB issued authoritative guidance that requires consistent categories and greater disaggregation of information in the effective tax rate reconciliation and additional disclosures of income taxes paid by jurisdiction. The standard is effective for our fiscal 2026 and could be applied either prospectively or retrospectively. We are currently evaluating the impact of this standard on our disclosures in the consolidated financial statements.
Expense Disaggregation Disclosures
In November 2024, the FASB issued authoritative guidance that expands annual and interim disclosure of specified information about certain costs and expenses in the notes to financial statements. The standard is effective for our annual period in fiscal 2028 and interim period in our first quarter of fiscal 2029, and could be applied either prospectively or retrospectively. Early adoption is permitted. We are currently evaluating the impact of this standard on our disclosures in the consolidated financial statements.
Measurement of Credit Losses for Accounts Receivable and Contract Assets
In July 2025, the FASB issued authoritative guidance that provides a practical expedient for estimating expected credit losses on accounts receivable and contract assets. The standard is effective for us in our first quarter of fiscal 2027 and will be applied on a prospective basis. Early adoption is permitted. We are currently evaluating the impact of this standard on our consolidated financial statements.
2. Revenue
Disaggregation of Revenue
The following table presents revenue by geographic theater (in millions):
| | | | | | | | | | | | | | | | | |
| Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
| Revenue: | | | | | |
| Americas | | | | | |
| United States | $ | 5,786.2 | | | $ | 5,134.0 | | | $ | 4,424.2 | |
| Other Americas | 418.9 | | | 348.9 | | | 295.7 | |
| Total Americas | 6,205.1 | | | 5,482.9 | | | 4,719.9 | |
| Europe, the Middle East, and Africa (“EMEA”) | 1,917.4 | | | 1,602.0 | | | 1,359.6 | |
| Asia Pacific and Japan (“APAC”) | 1,099.0 | | | 942.6 | | | 813.2 | |
| Total revenue | $ | 9,221.5 | | | $ | 8,027.5 | | | $ | 6,892.7 | |
The following table presents revenue for groups of similar products and services (in millions):
| | | | | | | | | | | | | | | | | |
| Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
| Revenue: | | | | | |
| Product | $ | 1,801.9 | | | $ | 1,603.3 | | | $ | 1,578.4 | |
| Subscription and support | | | | | |
| Subscription | 4,974.4 | | | 4,188.5 | | | 3,335.4 | |
| Support | 2,445.2 | | | 2,235.7 | | | 1,978.9 | |
| Total subscription and support | 7,419.6 | | | 6,424.2 | | | 5,314.3 | |
| Total revenue | $ | 9,221.5 | | | $ | 8,027.5 | | | $ | 6,892.7 | |
Deferred Revenue
During the years ended July 31, 2025 and 2024, we recognized approximately $5.5 billion and $4.6 billion of revenue pertaining to amounts that were deferred as of July 31, 2024 and 2023, respectively.
Remaining Performance Obligations
Remaining performance obligations were $15.8 billion as of July 31, 2025, of which we expect to recognize as revenue approximately $7.0 billion over the next 12 months and the remainder thereafter.
3. Fair Value Measurements
The following table presents our financial assets and liabilities measured at fair value on a recurring basis as of July 31, 2025 and 2024 (in millions):
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | July 31, 2025 | | July 31, 2024 |
| | Level 1 | | Level 2 | | Level 3 | | Total | | Level 1 | | Level 2 | | Level 3 | | Total |
| Cash equivalents: | | | | | | | | | | | | | | | | |
| Money market funds | | $ | 1,206.1 | | | $ | — | | | $ | — | | | $ | 1,206.1 | | | $ | 494.0 | | | $ | — | | | $ | — | | | $ | 494.0 | |
| | | | | | | | | | | | | | | | |
| Commercial paper | | — | | | 168.5 | | | — | | | 168.5 | | | — | | | 299.6 | | | — | | | 299.6 | |
| Corporate debt securities | | — | | | — | | | — | | | — | | | — | | | 18.2 | | | — | | | 18.2 | |
| U.S. government and agency securities | | — | | | — | | | — | | | — | | | — | | | 149.6 | | | — | | | 149.6 | |
| | | | | | | | | | | | | | | | |
| Total cash equivalents | | 1,206.1 | | | 168.5 | | | — | | | 1,374.6 | | | 494.0 | | | 467.4 | | | — | | | 961.4 | |
| Short-term investments: | | | | | | | | | | | | | | | | |
| Certificates of deposit | | — | | | — | | | — | | | — | | | — | | | 20.6 | | | — | | | 20.6 | |
| Commercial paper | | — | | | 14.8 | | | — | | | 14.8 | | | — | | | 79.9 | | | — | | | 79.9 | |
| Corporate debt securities | | — | | | 584.0 | | | — | | | 584.0 | | | — | | | 935.9 | | | — | | | 935.9 | |
| U.S. government and agency securities | | — | | | 5.9 | | | — | | | 5.9 | | | — | | | 2.7 | | | — | | | 2.7 | |
| Non-U.S. government and agency securities | | — | | | 3.1 | | | — | | | 3.1 | | | — | | | 4.2 | | | — | | | 4.2 | |
| Asset-backed securities | | — | | | 22.2 | | | — | | | 22.2 | | | — | | | 0.3 | | | — | | | 0.3 | |
| Total short-term investments | | — | | | 630.0 | | | — | | | 630.0 | | | — | | | 1,043.6 | | | — | | | 1,043.6 | |
| Long-term investments: | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | |
| Corporate debt securities | | — | | | 4,049.8 | | | — | | | 4,049.8 | | | — | | | 3,151.3 | | | — | | | 3,151.3 | |
| U.S. government and agency securities | | — | | | 164.5 | | | — | | | 164.5 | | | — | | | 19.0 | | | — | | | 19.0 | |
| Non-U.S. government and agency securities | | — | | | 26.2 | | | — | | | 26.2 | | | — | | | 54.4 | | | — | | | 54.4 | |
| Asset-backed securities | | — | | | 1,315.1 | | | — | | | 1,315.1 | | | — | | | 948.5 | | | — | | | 948.5 | |
| Total long-term investments | | — | | | 5,555.6 | | | — | | | 5,555.6 | | | — | | | 4,173.2 | | | — | | | 4,173.2 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | July 31, 2025 | | July 31, 2024 |
| | Level 1 | | Level 2 | | Level 3 | | Total | | Level 1 | | Level 2 | | Level 3 | | Total |
| Prepaid expenses and other current assets: | | | | | | | | | | | | | | | | |
| Foreign currency forward contracts | | — | | | 57.9 | | | — | | | 57.9 | | | — | | | 4.1 | | | — | | | 4.1 | |
| Total prepaid expenses and other current assets | | — | | | 57.9 | | | — | | | 57.9 | | | — | | | 4.1 | | | — | | | 4.1 | |
| Other assets: | | | | | | | | | | | | | | | | |
| Foreign currency forward contracts | | — | | | 3.4 | | | — | | | 3.4 | | | — | | | 0.1 | | | — | | | 0.1 | |
| Total other assets | | — | | | 3.4 | | | — | | | 3.4 | | | — | | | 0.1 | | | — | | | 0.1 | |
| Total assets measured at fair value | | $ | 1,206.1 | | | $ | 6,415.4 | | | $ | — | | | $ | 7,621.5 | | | $ | 494.0 | | | $ | 5,688.4 | | | $ | — | | | $ | 6,182.4 | |
| | | | | | | | | | | | | | | | |
| Accrued and other liabilities: | | | | | | | | | | | | | | | | |
| Foreign currency forward contracts | | $ | — | | | $ | 3.6 | | | $ | — | | | $ | 3.6 | | | $ | — | | | $ | 15.3 | | | $ | — | | | $ | 15.3 | |
Contingent consideration | | — | | | — | | | 276.0 | | | 276.0 | | | — | | | — | | | — | | | — | |
| Total accrued and other liabilities | | — | | | 3.6 | | | 276.0 | | | 279.6 | | | — | | | 15.3 | | | — | | | 15.3 | |
| Other long-term liabilities: | | | | | | | | | | | | | | | | |
| Foreign currency forward contracts | | — | | | 0.1 | | | — | | | 0.1 | | | — | | | 0.9 | | | — | | | 0.9 | |
Contingent consideration | | — | | | — | | | 237.6 | | | 237.6 | | | — | | | — | | | — | | | — | |
| Total other long-term liabilities | | — | | | 0.1 | | | 237.6 | | | 237.7 | | | — | | | 0.9 | | | — | | | 0.9 | |
| Total liabilities measured at fair value | | $ | — | | | $ | 3.7 | | | $ | 513.6 | | | $ | 517.3 | | | $ | — | | | $ | 16.2 | | | $ | — | | | $ | 16.2 | |
| | | | | | | | | | | | | | | | |
The fair value of our contingent consideration liability is estimated using a discounted cash flow valuation technique. We consider the fair value of our contingent consideration liability to be a Level 3 measurement as we use unobservable inputs in determining discounted cash flows to estimate the fair value. The significant unobservable inputs include an estimate of future cash payments related to customers entering into qualified new transactions as well as a risk-adjusted discount rate used to present value the expected cash flows. A significant change in any of these assumptions could have a material impact to the fair value of our contingent consideration liability.
In June 2025, we amended the terms of our contingent consideration arrangement with International Business Machines Corporation (“IBM”). During the three months ended July 31, 2025, we reduced our estimate of future cash payments based on the amended terms and our quarterly assessment of assumptions, including the magnitude and likelihood of customers entering into qualified new transactions, the competitive industry environment, and current market conditions.
The following table presents a reconciliation of our contingent consideration liability (in millions):
| | | | | | | | | |
| |
| Year Ended July 31, 2025 | | | | |
Contingent consideration liability at the beginning of the period | $ | — | | | | | |
Initial valuation on the acquisition date | 648.9 | | | | | |
Change in fair value | (135.3) | | | | | |
| | | | | |
Contingent consideration liability at the end of the period | $ | 513.6 | | | | | |
The total estimated fair value of our financing receivables approximates their carrying amounts as of July 31, 2025 and 2024. We consider the fair value of our financing receivables to be a Level 3 measurement as we use unobservable inputs in determining discounted cash flows to estimate the fair value.
Refer to Note 11. Debt, for the carrying amount and estimated fair value of our convertible senior notes as of July 31, 2024.
4. Cash Equivalents and Investments
Available-for-sale Debt Securities
The following tables summarize the amortized cost, unrealized gains and losses, and fair value of our available-for-sale debt securities (in millions):
| | | | | | | | | | | | | | | | | | | | | | | |
| July 31, 2025 |
| Amortized Cost | | Unrealized Gains | | Unrealized Losses | | Fair Value |
| Cash equivalents: | | | | | | | |
| | | | | | | |
| Commercial paper | $ | 168.5 | | | $ | — | | | $ | — | | | $ | 168.5 | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| Total available-for-sale cash equivalents | $ | 168.5 | | | $ | — | | | $ | — | | | $ | 168.5 | |
| | | | | | | |
| Investments: | | | | | | | |
| | | | | | | |
| Commercial paper | $ | 14.8 | | | $ | — | | | $ | — | | | $ | 14.8 | |
| Corporate debt securities | 4,587.9 | | | 47.0 | | | (1.1) | | | 4,633.8 | |
| U.S. government and agency securities | 170.5 | | | — | | | (0.1) | | | 170.4 | |
| Non-U.S. government and agency securities | 28.8 | | | 0.5 | | | — | | | 29.3 | |
| Asset-backed securities | 1,328.3 | | | 9.3 | | | (0.3) | | | 1,337.3 | |
| Total available-for-sale investments | $ | 6,130.3 | | | $ | 56.8 | | | $ | (1.5) | | | $ | 6,185.6 | |
| | | | | | | | | | | | | | | | | | | | | | | |
| July 31, 2024 |
| Amortized Cost | | Unrealized Gains | | Unrealized Losses | | Fair Value |
| Cash equivalents: | | | | | | | |
| | | | | | | |
| Commercial paper | $ | 299.6 | | | $ | — | | | $ | — | | | $ | 299.6 | |
| Corporate debt securities | 18.2 | | | — | | | — | | | 18.2 | |
| U.S. government and agency securities | 149.6 | | | — | | | — | | | 149.6 | |
| | | | | | | |
| Total available-for-sale cash equivalents | $ | 467.4 | | | $ | — | | | $ | — | | | $ | 467.4 | |
| | | | | | | |
| Investments: | | | | | | | |
| Certificates of deposit | $ | 20.6 | | | $ | — | | | $ | — | | | $ | 20.6 | |
| Commercial paper | 79.9 | | | 0.1 | | | (0.1) | | | 79.9 | |
| Corporate debt securities | 4,065.5 | | | 28.3 | | | (6.6) | | | 4,087.2 | |
| U.S. government and agency securities | 21.9 | | | — | | | (0.2) | | | 21.7 | |
| Non-U.S. government and agency securities | 57.9 | | | 0.7 | | | — | | | 58.6 | |
| Asset-backed securities | 943.1 | | | 6.3 | | | (0.6) | | | 948.8 | |
| Total available-for-sale investments | $ | 5,188.9 | | | $ | 35.4 | | | $ | (7.5) | | | $ | 5,216.8 | |
Unrealized losses related to our available-for-sale debt securities are primarily due to interest rate fluctuations as opposed to credit quality. We do not intend to sell any of the securities in an unrealized loss position and it is not likely that we would be required to sell these securities before recovery of their amortized cost basis, which may be at maturity. We did not recognize any credit losses related to our available-for-sale debt securities during the years ended July 31, 2025 and 2024.
The following table summarizes the amortized cost and fair value of our available-for-sale debt securities as of July 31, 2025, by contractual years-to-maturity (in millions):
| | | | | | | | | | | |
| Amortized Cost | | Fair Value |
| Due within one year | $ | 797.3 | | | $ | 798.5 | |
| Due between one and three years | 1,896.9 | | | 1,912.9 | |
| Due between three and five years | 3,128.2 | | | 3,161.5 | |
| Due between five and ten years | 293.2 | | | 295.5 | |
| Due after ten years | 183.2 | | | 185.7 | |
| Total | $ | 6,298.8 | | | $ | 6,354.1 | |
Marketable Equity Securities
Marketable equity securities consist of money market funds and are included in cash and cash equivalents on our consolidated balance sheets. As of July 31, 2025 and 2024, the carrying values of our marketable equity securities were $1.2 billion and $494.0 million, respectively. There were no unrealized gains or losses recognized for these securities during the years ended July 31, 2025, 2024, and 2023.
5. Financing Receivables
The following table summarizes our short-term and long-term financing receivables (in millions):
| | | | | | | | | | | |
| July 31, |
| 2025 | | 2024 |
Short-term financing receivables, gross | $ | 806.1 | | | $ | 830.2 | |
Unearned income | (85.8) | | | (95.7) | |
Allowance for credit losses | (5.7) | | | (8.6) | |
Short-term financing receivables, net | $ | 714.6 | | | $ | 725.9 | |
Long-term financing receivables, gross | $ | 1,079.4 | | | $ | 1,286.4 | |
Unearned income | (69.1) | | | (94.6) | |
Allowance for credit losses | (8.0) | | | (9.7) | |
Long-term financing receivables, net | $ | 1,002.3 | | | $ | 1,182.1 | |
The following table presents amortized cost basis of our financing receivables categorized by internal risk rating and year of origination (in millions):
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Internal Risk Rating(1) | | July 31, 2025 | | July 31, 2024 |
| Fiscal Years Ended July 31, | | | | Fiscal Years Ended July 31, | | |
| 2025 | | 2024 | | 2023 | | 2022 | | 2021 | | Total | | 2024 | | 2023 | | 2022 | | 2021 | | Total |
| 1 to 4 | | $ | 260.9 | | | $ | 732.1 | | | $ | 242.4 | | | $ | 9.2 | | | $ | 17.8 | | | $ | 1,262.4 | | | $ | 885.9 | | | $ | 477.3 | | | $ | 14.7 | | | $ | 44.4 | | | $ | 1,422.3 | |
| 5 to 6 | | 174.3 | | | 226.1 | | | 49.8 | | | — | | | — | | | 450.2 | | | 272.2 | | | 172.0 | | | 21.1 | | | 1.1 | | | 466.4 | |
| 7 to 10 | | 0.1 | | | 3.9 | | | 14.0 | | | — | | | — | | | 18.0 | | | 3.2 | | | 25.0 | | | 0.3 | | | 9.1 | | | 37.6 | |
| Amortized cost basis of financing receivables | | $ | 435.3 | | | $ | 962.1 | | | $ | 306.2 | | | $ | 9.2 | | | $ | 17.8 | | | $ | 1,730.6 | | | $ | 1,161.3 | | | $ | 674.3 | | | $ | 36.1 | | | $ | 54.6 | | | $ | 1,926.3 | |
(1)Internal risk ratings are categorized as 1 through 10, with the lowest rating representing the highest quality.
We sold $37.8 million of our financing receivables during the year ended July 31, 2025. The associated gains and losses were not material.
There was no significant activity in allowance for credit losses during the years ended July 31, 2025 and 2024. Past due amounts on financing receivables were not material as of July 31, 2025 and 2024.
6. Derivative Instruments
As of July 31, 2025 and 2024, the notional amount of our outstanding foreign currency forward contracts designated as cash flow hedges was $964.3 million and $804.8 million, respectively. Refer to Note 3. Fair Value Measurements for the fair value of our derivative instruments as reported on our consolidated balance sheets as of July 31, 2025 and 2024.
As of July 31, 2025, unrealized gains and losses in AOCI related to our cash flow hedges were a $39.8 million net gain, of which $38.4 million in gains are expected to be recognized into earnings within the next 12 months. As of July 31, 2024, unrealized gains and losses in AOCI related to our cash flow hedges were a $10.6 million net loss.
As of July 31, 2025 and 2024, the notional amount of our outstanding foreign currency forward contracts not designated as hedging instruments was $504.2 million and $375.6 million, respectively.
7. Inventory
As of July 31, 2025 and 2024, our inventory balance was $113.4 million and $115.9 million, respectively.
For the years ended July 31, 2025 and 2024, inventory write-downs and excess manufacturing purchase commitment charges were $71.2 million and $24.9 million, respectively. For the year ended July 31, 2023, inventory write-downs and excess manufacturing purchase commitment charges was not significant.
8. Acquisitions
Fiscal 2025
IBM QRadar Assets
On August 31, 2024, we completed the acquisition of certain IBM QRadar assets, including certain intellectual property rights, customer relationships, and software as a service customer contracts. The total purchase consideration for the acquisition was $1.1 billion, which consisted of the following (in millions):
| | | | | |
| Amount |
| Cash | $ | 500.0 | |
Fair value of contingent consideration liability on the acquisition date | 648.9 | |
| Return of purchase consideration | (6.3) | |
| Total | $ | 1,142.6 | |
As part of the acquisition, we agreed to make post-closing payments to IBM contingent upon customers entering into qualified new transactions through June 30, 2028. We also expect to receive a return of purchase consideration of $6.3 million due to timing of transition of certain underlying customer contracts, of which $2.9 million was received during the year ended July 31, 2025. In addition, we have entered into a transition services arrangement with IBM, under which IBM will perform certain services supporting the acquired assets and customers for a period of time that ends in the fiscal quarter ending October 2026.
Payments related to the contingent consideration liability are expected to begin in the fiscal quarter ending October 2025 and continue through the fiscal quarter ending October 2028. The estimated range of undiscounted contingent consideration is between $0.4 billion and $0.6 billion. Refer to Note 3. Fair Value Measurements, for more information on the fair value of our contingent consideration liability.
We have accounted for this transaction as a business combination and allocated the purchase consideration to assets acquired and liabilities assumed based on estimated fair values, as presented in the following table (in millions):
| | | | | |
| Amount |
| Goodwill | $ | 700.7 | |
| Identified intangible assets | 476.0 | |
| |
| Net liabilities assumed | (34.1) | |
| Total | $ | 1,142.6 | |
Goodwill generated from this business combination is primarily attributable to the expected post-acquisition synergies from increased market penetration to support the growth of our Cortex Security Operations business. The goodwill is deductible for U.S. income tax purposes.
The following table presents details of the identified intangible assets acquired (in millions, except years):
| | | | | | | | | | | |
| Fair Value | | Estimated Useful Life |
| Customer relationships | $ | 464.0 | | | 12 years |
| Developed technology | 12.0 | | | 2 years |
| Total | $ | 476.0 | | | |
Protect AI, Inc.
On July 22, 2025, we completed our acquisition of Protect AI, Inc. (“Protect AI”), a privately-held cyber security company focused on AI security. The total purchase consideration for the acquisition of Protect AI was $634.5 million, which consisted of the following (in millions):
| | | | | |
| Amount |
| Cash | $ | 607.4 | |
| Fair value of replacement awards | 27.1 | |
| Total | $ | 634.5 | |
As part of the acquisition, we issued $106.5 million of replacement awards, of which the portion attributable to services performed prior to the acquisition date was allocated to purchase consideration. The remaining fair value was allocated to future services and will be expensed over the remaining service periods as share-based compensation.
We have accounted for this transaction as a business combination and allocated the purchase consideration to assets acquired and liabilities assumed based on preliminary estimated fair values, as presented in the following table (in millions):
| | | | | |
| Amount |
Goodwill | $ | 515.8 | |
Identified intangible assets | 70.0 | |
Cash | 50.5 | |
Net liabilities assumed | (1.8) | |
| Total | $ | 634.5 | |
Goodwill generated from this business combination is primarily attributable to the assembled workforce and expected post-acquisition synergies from integrating Protect AI technology into our platforms. The goodwill is not deductible for U.S. income tax purposes.
The following table presents details of the identified intangible asset acquired (in millions, except years):
| | | | | | | | | | | |
| Fair Value | | Estimated Useful Life |
| Developed technology | $ | 70.0 | | | 5 years |
CyberArk Software Ltd.
On July 30, 2025, we entered into a definitive agreement to acquire CyberArk Software Ltd., an identity security company (“CyberArk”). The acquisition is expected to close during the second half of our fiscal 2026, subject to the satisfaction of customary closing conditions, including the receipt of CyberArk shareholder approval, the expiration of the waiting period under the Hart-Scott-Rodino Antitrust Improvements Act of 1976, as amended, and receipt of other approvals under specified antitrust and foreign investment laws. Under the terms of the agreement, CyberArk shareholders will receive $45.00 in cash and 2.2005 shares of our common stock for each CyberArk share. This represents an equity value of approximately $25 billion for CyberArk based on the unaffected 10-day average daily volume-weighted average trading prices of our common stock as of July 25, 2025. We expect to fund the cash portion of the consideration with our cash on hand. The agreement also provides that we will assume certain unvested outstanding equity awards held by CyberArk employees.
We and CyberArk each have certain termination rights under the definitive acquisition agreement. A termination fee of $1.0 billion may be payable by us to CyberArk, or a fee of $750.0 million may be payable by CyberArk to us, upon termination of the definitive acquisition agreement under specified circumstances.
Fiscal 2024
Dig Security Solutions Ltd.
On December 5, 2023, we completed our acquisition of Dig Security Solutions Ltd. (“Dig”), a privately-held cyber security company providing a data security posture management solution for multi-cloud environments. The total purchase consideration for the acquisition of Dig was $255.4 million, which consisted of the following (in millions):
| | | | | |
| Amount |
| Cash | $ | 247.6 | |
| Fair value of replacement awards | 7.8 | |
| Total | $ | 255.4 | |
As part of the acquisition, we issued replacement equity awards, which included 0.4 million shares of our restricted common stock. The total fair value of the replacement equity awards was $72.0 million, of which the portion attributable to services performed prior to the acquisition date was allocated to purchase consideration. The remaining fair value was allocated to future services and will be expensed over the remaining service periods as share-based compensation.
We have accounted for this transaction as a business combination and allocated the purchase consideration to assets acquired and liabilities assumed based on estimated fair values, as presented in the following table (in millions):
| | | | | |
| Amount |
Goodwill | $ | 186.4 | |
Identified intangible assets | 45.4 | |
Cash and restricted cash | 22.1 | |
Net assets acquired | 1.5 | |
Total | $ | 255.4 | |
Goodwill generated from this business combination is primarily attributable to the assembled workforce and expected post-acquisition synergies from integrating Dig technology into our platforms. The goodwill is deductible for U.S. income tax purposes.
The following table presents details of the identified intangible asset acquired (in millions, except years):
| | | | | | | | | | | |
| Fair Value | | Estimated Useful Life |
| Developed technology | $ | 45.4 | | | 5 years |
Talon Cyber Security Ltd.
On December 28, 2023, we completed our acquisition of Talon Cyber Security Ltd. (“Talon”), a privately-held cyber security company providing a secure enterprise browser solution. The total purchase consideration for the acquisition of Talon was $458.6 million, which consisted of the following (in millions):
| | | | | |
| Amount |
| Cash | $ | 439.0 | |
| Fair value of replacement awards | 19.6 | |
| Total | $ | 458.6 | |
As part of the acquisition, we issued replacement equity awards, which included 0.6 million shares of our restricted common stock. The total fair value of the replacement equity awards was $109.6 million, of which the portion attributable to services performed prior to the acquisition date was allocated to purchase consideration. The remaining fair value was allocated to future services and will be expensed over the remaining service periods as share-based compensation.
We have accounted for this transaction as a business combination and allocated the purchase consideration to assets acquired and liabilities assumed based on estimated fair values, as presented in the following table (in millions):
| | | | | |
| Amount |
| Goodwill | $ | 236.9 | |
| Identified intangible assets | 131.4 | |
| Cash and restricted cash | 53.9 | |
| Net assets acquired | 36.4 | |
| Total | $ | 458.6 | |
Goodwill generated from this business combination is primarily attributable to the assembled workforce and expected post-acquisition synergies from integrating Talon technology into our platforms. The goodwill is deductible for U.S. income tax purposes.
The following table presents details of the identified intangible asset acquired (in millions, except years):
| | | | | | | | | | | |
| Fair Value | | Estimated Useful Life |
| Developed technology | $ | 131.4 | | | 5 years |
Fiscal 2023
Cider Security Ltd.
On December 20, 2022, we completed our acquisition of Cider Security Ltd. (“Cider”), a privately-held cloud security company. The total purchase consideration for the acquisition of Cider was $198.3 million, which consisted of the following (in millions):
| | | | | |
| Amount |
| Cash | $ | 198.0 | |
| Fair value of replacement awards | 0.3 | |
| Total | $ | 198.3 | |
As part of the acquisition, we issued replacement equity awards, which included 0.4 million shares of our restricted common stock. The total fair value of the replacement equity awards was $48.6 million, of which the portion attributable to services performed prior to the acquisition date was allocated to purchase consideration. The remaining fair value was allocated to future services and will be expensed over the remaining service periods as share-based compensation.
We have accounted for this transaction as a business combination and allocated the purchase consideration to assets acquired and liabilities assumed based on estimated fair values, as presented in the following table (in millions):
| | | | | |
| Amount |
| Goodwill | $ | 164.6 | |
| Identified intangible assets | 27.8 | |
| Cash | 12.4 | |
| Net liabilities assumed | (6.5) | |
| Total | $ | 198.3 | |
Goodwill generated from this business combination is primarily attributable to the assembled workforce and expected post-acquisition synergies from integrating Cider technology into our platforms. The goodwill is deductible for U.S. income tax purposes.
The following table presents the identified intangible asset acquired (in millions, except years):
| | | | | | | | | | | |
| Fair Value | | Estimated Useful Life |
Developed technology | $ | 27.8 | | | 5 years |
Other acquisition
In April 2023, we completed an acquisition for total purchase consideration of $18.9 million in cash. We have accounted for this transaction as a business combination and recorded goodwill of $14.5 million. The goodwill is not deductible for income tax purposes.
Additional Acquisition-Related Information
Pro forma results of operations have not been presented because the effects of the acquisitions were not material to our consolidated statements of operations.
Additional information related to our Protect AI acquisition, such as that related to income tax and other contingencies, existing as of the acquisition date may become known during the remainder of the measurement period, not to exceed 12 months from the acquisition date, which may result in changes to the amounts and allocations recorded.
9. Goodwill and Intangible Assets
Goodwill
The following table presents details of our goodwill during the year ended July 31, 2025 (in millions):
| | | | | |
| Amount |
| Balance as of July 31, 2024 | $ | 3,350.1 | |
| Goodwill acquired | 1,216.5 | |
| |
| Balance as of July 31, 2025 | $ | 4,566.6 | |
Purchased Intangible Assets
The following table presents details of our purchased intangible assets (in millions):
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| July 31, |
| 2025 | | 2024 |
| Gross Carrying Amount | | Accumulated Amortization | | Net Carrying Amount | | Gross Carrying Amount | | Accumulated Amortization | | Net Carrying Amount |
| Intangible assets subject to amortization: | | | | | | | | | | | |
| Developed technology | $ | 535.3 | | | $ | (274.3) | | | $ | 261.0 | | | $ | 813.9 | | | $ | (526.2) | | | $ | 287.7 | |
| Customer relationships | 609.0 | | | (123.2) | | | 485.8 | | | 172.7 | | | (96.1) | | | 76.6 | |
| Acquired intellectual property | 24.4 | | | (8.6) | | | 15.8 | | | 18.2 | | | (7.9) | | | 10.3 | |
| Trade name and trademarks | — | | | — | | | — | | | 9.4 | | | (9.4) | | | — | |
| Other | 0.9 | | | (0.8) | | | 0.1 | | | 0.9 | | | (0.6) | | | 0.3 | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| Total purchased intangible assets | $ | 1,169.6 | | | $ | (406.9) | | | $ | 762.7 | | | $ | 1,015.1 | | | $ | (640.2) | | | $ | 374.9 | |
We recognized amortization expense of $166.3 million, $120.9 million, and $104.9 million for the years ended July 31, 2025, 2024, and 2023, respectively.
The following table summarizes estimated future amortization expense of our intangible assets subject to amortization as of July 31, 2025 (in millions):
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | Fiscal years ending July 31, |
| Total | | 2026 | | 2027 | | 2028 | | 2029 | | 2030 | | 2031 and Thereafter |
| Future amortization expense | $ | 762.7 | | | $ | 155.9 | | | $ | 125.0 | | | $ | 104.2 | | | $ | 78.2 | | | $ | 61.7 | | | $ | 237.7 | |
10. Property and Equipment
The following table presents details of our property and equipment, net (in millions):
| | | | | | | | | | | |
| | July 31, |
| | 2025 | | 2024 |
| Computers, equipment, and software | $ | 513.3 | | | $ | 466.0 | |
| Leasehold improvements | 324.7 | | | 274.0 | |
| Land | 87.2 | | | 87.2 | |
| Demonstration units | 46.7 | | | 44.4 | |
| Furniture and fixtures | 54.0 | | | 48.7 | |
| Total property and equipment, gross | 1,025.9 | | | 920.3 | |
| Less: accumulated depreciation | (638.6) | | | (559.2) | |
| Total property and equipment, net | $ | 387.3 | | | $ | 361.1 | |
We recognized depreciation expense of $94.4 million, $85.1 million, and $95.9 million related to property and equipment during the years ended July 31, 2025, 2024, and 2023, respectively.
11. Debt
Convertible Senior Notes
In July 2018, we issued $1.7 billion aggregate principal amount of 0.75% Convertible Senior Notes due 2023 (the “2023 Notes”) and in June 2020, we issued $2.0 billion aggregate principal amount of 0.375% Convertible Senior Notes due 2025 (the “2025 Notes,” and together with the 2023 Notes, the “Notes”). The 2023 Notes bear interest at a fixed rate of 0.75% per year, payable semi-annually in arrears on January 1 and July 1 of each year, beginning on January 1, 2019. The 2023 Notes were converted prior to or settled on the maturity date of July 1, 2023 in accordance with their terms. The 2025 Notes bear interest at a fixed rate of 0.375% per year, payable semi-annually in arrears on June 1 and December 1 of each year, beginning on December 1, 2020. The 2025 Notes were converted prior to or settled on the maturity date of June 1, 2025 in accordance with their terms.
The following table presents details of our Notes (number of shares in millions):
| | | | | | | | | | | | | | | | | | | | | | | |
| | Conversion Rate per $1,000 Principal | | Initial Conversion Price | | Convertible Date | | Initial Number of Shares |
| | | | | | | |
2023 Notes | 22.5270 | | | $ | 44.39 | | | April 1, 2023 | | 38.1 | |
| 2025 Notes | 20.1612 | | | $ | 49.60 | | | March 1, 2025 | | 40.3 | |
Holders of the 2023 Notes were able to early convert their 2023 Notes in fiscal 2023 up to April 1, 2023 and conversion requests received on or after April 1, 2023 were settled upon maturity of the 2023 Notes. Holders of the 2025 Notes were able to early convert their 2025 Notes in fiscal 2023, fiscal 2024, and fiscal 2025 up to March 1, 2025 and conversion requests received on or after March 1, 2025 were settled upon maturity of the 2025 Notes. During the years ended July 31, 2025, 2024, and 2023, we repaid in cash $965.6 million, $1.0 billion, and $1.7 billion, respectively, in aggregate principal amount of the Notes. We also issued 14.0 million, 14.0 million, and 22.9 million shares of our common stock to the holders of the Notes during the years ended July 31, 2025, 2024, and 2023, respectively, for the conversion value in excess of the principal amount. These shares were fully offset by shares we received from the corresponding exercise of the associated note hedges.
The following table sets forth the net carrying amount of our 2025 Notes (in millions):
| | | | | | | | | | | |
| July 31, 2025 | | July 31, 2024 |
| Principal | $ | — | | | $ | 965.6 | |
| Less: debt issuance costs, net of amortization | — | | | (1.7) | |
| Net carrying amount | $ | — | | | $ | 963.9 | |
The total estimated fair value of the 2025 Notes was $3.2 billion as of July 31, 2024. The fair value was determined based on the closing trading price per $100 of the 2025 Notes as of the last day of trading for the period. We consider the fair value of the 2025 Notes at July 31, 2024 to be a Level 2 measurement. The fair value of the 2025 Notes is primarily affected by the trading price of our common stock and market interest rates.
The following table sets forth interest expense recognized related to the Notes (dollars in millions):
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| Year Ended July 31, 2025 | | Year Ended July 31, 2024 | | Year Ended July 31, 2023 |
| 2023 Notes | | 2025 Notes | | Total | | 2023 Notes | | 2025 Notes | | Total | | 2023 Notes | | 2025 Notes | | Total |
| Contractual interest expense | $ | — | | | $ | 1.9 | | | $ | 1.9 | | | $ | — | | | $ | 4.8 | | | $ | 4.8 | | | $ | 11.6 | | | $ | 7.5 | | | $ | 19.1 | |
| Amortization of debt issuance costs | — | | | 1.1 | | | 1.1 | | | — | | | 3.5 | | | 3.5 | | | 2.6 | | | 4.1 | | | 6.7 | |
| Total interest expense recognized | $ | — | | | $ | 3.0 | | | $ | 3.0 | | | $ | — | | | $ | 8.3 | | | $ | 8.3 | | | $ | 14.2 | | | $ | 11.6 | | | $ | 25.8 | |
| Effective interest rate of the liability component | — | % | | 0.6 | % | | | | — | % | | 0.6 | % | | | | 0.9 | % | | 0.6 | % | | |
Note Hedges
To minimize the impact of potential economic dilution upon conversion of our convertible senior notes, we entered into separate convertible note hedge transactions (the “2023 Note Hedges,” with respect to the 2023 Notes, the “2025 Note Hedges,” with respect to the 2025 Notes, and the 2023 Note Hedges together with 2025 Note Hedges, the “Note Hedges”) with respect to our common stock concurrent with the issuance of each series of the Notes.
The following table presents details of our Note Hedges (in millions):
| | | | | | | | | | | |
| Initial Number of Shares | | Aggregate Purchase |
| | | |
2023 Note Hedges | 38.1 | | | $ | 332.0 | |
| 2025 Note Hedges | 40.3 | | | $ | 370.8 | |
The Note Hedges covered shares of our common stock at a strike price per share that corresponded to the initial applicable conversion price of the applicable series of the Notes and were exercisable upon conversion of the applicable series of the Notes. The Note Hedges expired upon maturity of the applicable series of the Notes. The Note Hedges are separate transactions and are not part of the terms of the applicable series of the Notes. Holders of the Notes of either series do not have any rights with respect to the Note Hedges. Any shares of our common stock receivable by us under the Note Hedges are excluded from the calculation of diluted earnings per share as they are antidilutive.
As a result of the conversions of the Notes during the years ended July 31, 2025, 2024, and 2023, we exercised the corresponding portion of our Note Hedges and received 14.0 million, 14.0 million, and 22.9 million shares of our common stock during the respective periods.
Warrants
Separately, but concurrently with the issuance of each series of our convertible senior notes, we entered into transactions whereby we sold warrants (the “2023 Warrants,” with respect to the 2023 Notes, the “2025 Warrants,” with respect to the 2025 Notes, and the 2023 Warrants together with the 2025 Warrants, the “Warrants”) to acquire shares of our common stock, subject to anti-dilution adjustments. The 2023 Warrants were, and the 2025 Warrants are, exercisable over 60 scheduled trading days beginning October 2023 and September 2025, respectively.
The following table presents details of our Warrants (in millions, except per share data):
| | | | | | | | | | | | | | | | | |
| Initial Number of Shares | | Strike Price per Share | | Aggregate Proceeds |
| 2023 Warrants | 38.1 | | | $ | 69.63 | | | $ | 145.4 | |
| 2025 Warrants | 40.3 | | | $ | 68.08 | | | $ | 202.8 | |
The shares issuable under the Warrants are included in the calculation of diluted earnings per share when the average market value per share of our common stock for the reporting period exceeds the applicable strike price for such series of Warrants. The Warrants are separate transactions and are not part of either series of Notes or Note Hedges and are not remeasured through earnings each reporting period. Holders of the Notes of either series do not have any rights with respect to the Warrants.
During the year ended July 31, 2024, we net settled all of the 2023 Warrants with 18.0 million shares of our common stock with a fair value of $2.4 billion. The number of net shares issued was determined based on the number of 2023 Warrants exercised multiplied by the difference between the strike price of the 2023 Warrants and their daily volume-weighted-average stock price.
Revolving Credit Facility
On April 13, 2023, we entered into a credit agreement (the “Credit Agreement”) with certain institutional lenders that provides for a $400.0 million unsecured revolving credit facility (the “Credit Facility”), with an option to increase the amount of the Credit Facility by up to an additional $350.0 million, subject to certain conditions. The Credit Facility matures on April 13, 2028.
The borrowings under the Credit Facility bear interest, at our option, at a base rate plus a spread of 0.000% to 0.375%, or an adjusted term Secured Overnight Financing Rate plus a spread of 1.000% to 1.375%, in each case with such spread being determined based on our leverage ratio. We are obligated to pay an ongoing commitment fee on undrawn amounts at a rate of 0.090% to 0.150%, depending on our leverage ratio. The interest rates and commitment fees are also subject to upward and downward adjustments based on our progress towards the achievement of certain sustainability goals.
As of July 31, 2025, there were no amounts outstanding and we were in compliance with all covenants under the Credit Agreement.
12. Leases
We have entered into various non-cancelable operating leases, primarily for our offices and data centers, with lease terms expiring through the year ending July 31, 2036. Some of our leases contain rent holiday periods, scheduled rent increases, lease incentives, early termination rights, and/or renewal options.
During the years ended July 31, 2025, 2024, and 2023, our net cost for operating leases was $121.7 million, $104.7 million, and $91.3 million, respectively, primarily consisting of operating lease costs of $88.1 million, $75.6 million, and $64.2 million, respectively. Our net cost for operating leases also included variable lease costs, short-term lease costs, and sublease income in the periods presented.
The following tables present additional information for our operating leases (in millions, except for years and percentages):
| | | | | | | | | | | | | | | | | | | | | | | |
| Year Ended July 31, | | | | | | |
| 2025 | | 2024 | | 2023 | | | | | | |
| Operating cash flows used in payments of operating lease liabilities | $ | 91.2 | | | $ | 87.4 | | | $ | 82.7 | | | | | | | |
| Right-of-use assets obtained in exchange for new operating lease liabilities | $ | 26.5 | | | $ | 177.9 | | | $ | 71.1 | | | | | | | |
| | | | | | | | | | | | | | | | | |
| July 31, 2025 | | July 31, 2024 | | | | | | |
| Weighted-average remaining lease term | 6.0 years | | 6.6 years | | | | | | |
| Weighted-average discount rate | 5.4 | % | | 5.3 | % | | | | | | |
The following table presents maturities of operating lease liabilities as of July 31, 2025 (in millions):
| | | | | |
| Amount |
| Fiscal years ending July 31: | |
| 2026 | $ | 99.4 | |
| 2027 | 95.0 | |
| 2028 | 94.3 | |
| 2029 | 47.7 | |
| 2030 | 45.2 | |
2031 and thereafter | 112.3 | |
| Total operating lease payments | 493.9 | |
| Less: imputed interest | (76.5) | |
| Present value of operating lease liabilities | $ | 417.4 | |
Current portion of operating lease liabilities(1) | $ | 79.2 | |
| Long-term operating lease liabilities | $ | 338.2 | |
(1)Current portion of operating lease liabilities is included in accrued and other liabilities on our consolidated balance sheet.
As of July 31, 2025, we had additional non-cancelable operating leases for office space that had been signed but had not yet commenced with total future minimum lease payments of $36.4 million. These leases are expected to commence on or after fiscal 2026, with lease terms ranging from four to seven years.
13. Commitments and Contingencies
Purchase Commitments
We have entered into various non-cancelable agreements with cloud hosting service providers, under which we are committed to minimum or fixed purchases of certain cloud hosting services. In addition, in order to reduce manufacturing lead times and plan for adequate supply, we have entered into agreements with manufacturing partners and component suppliers to procure inventory based on our demand forecasts. Other purchase obligations include non-cancellable subscription agreements and other commitments in the normal course of business. The following table presents details of the aggregate future non-cancelable purchase commitments under these agreements as of July 31, 2025 (in millions):
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | Fiscal years ending July 31, |
| Total | | 2026 | | 2027 | | 2028 | | 2029 | | 2030 | | 2031 and Thereafter | | |
Cloud | $ | 6,580.5 | | | $ | 145.5 | | | $ | 774.1 | | | $ | 997.8 | | | $ | 1,017.5 | | | $ | 1,147.8 | | | $ | 2,497.8 | | | |
Manufacturing | 197.1 | | | 197.1 | | | — | | | — | | | — | | | — | | | — | | | |
Other | 187.3 | | | 112.9 | | | 60.7 | | | 6.8 | | | 3.4 | | | 3.5 | | | — | | | |
Total | $ | 6,964.9 | | | $ | 455.5 | | | $ | 834.8 | | | $ | 1,004.6 | | | $ | 1,020.9 | | | $ | 1,151.3 | | | $ | 2,497.8 | | | |
Additionally, we have a $119.0 million minimum purchase commitment with a cloud hosting service provider through September 2027 with no specified annual commitments.
Mutual Covenant Not to Sue and Release Agreement
In January 2020, we executed a Mutual Covenant Not to Sue and Release Agreement for $50.0 million to extend an existing covenant not to sue for seven years. As the primary benefit of the arrangement was attributable to future use, the amount was recorded in other assets on our consolidated balance sheets and is amortized to cost of product revenue on our consolidated statements of operations over the estimated period of benefit of seven years.
Guarantee
In October 2023, we established a multi-currency notional cash pool for a certain number of our entities with a third-party bank. As part of the notional cash pool agreement, the bank extends overdraft credit to our participating entities as needed, provided that the overall notionally pooled balance of all accounts in the pool at the end of each day is positive. In the unlikely event of a default, any overdraft balances incurred would be guaranteed by our collective entities participating in the pool.
Litigation
We are subject to legal proceedings, claims, tax matters, and litigation arising in the ordinary course of business, including, for instance, intellectual property and patent litigation. We accrue for contingencies when we believe that a loss is probable and that we can reasonably estimate the amount of any such loss.
Legal matters could include speculative, substantial, or indeterminate monetary amounts. Significant judgment is required to determine both the likelihood of there being a loss and the estimated amount of a loss related to such matters, and we may be unable to estimate the reasonably possible loss or range of loss. The outcomes of outstanding legal matters are inherently unpredictable, and could, either individually or in aggregate, have a material adverse effect on us and our results of operations. To the extent there is a reasonable possibility that a loss exceeding any amounts already recognized may be incurred, we will either disclose the estimated additional loss or state that such an estimate cannot be made.
The following matters arose in the ordinary course of business.
Centripetal Networks, Inc. v. Palo Alto Networks
On March 12, 2021, Centripetal Networks, Inc., filed a lawsuit against us in the United States District Court for the Eastern District of Virginia. The lawsuit alleges that our products infringe multiple Centripetal patents. We successfully challenged certain of these patents, which were found unpatentable by the U.S. Patent and Trademark Office (“PTO”). The case went to jury trial on January 22, 2024, on four patents. On January 31, 2024, the jury returned a verdict of non-willful infringement with a lump sum amount of $151.5 million, plus statutory interest. After post-trial motions, a judgment was issued on October 3, 2024 affirming infringement on three patents, reversing infringement on the fourth patent, and subsequently, reducing the damages amount to $113.6 million. We posted a surety bond that was agreed upon by the parties and approved by the court. This bond prevents execution of the judgment while appeals are pending. In addition, Centripetal filed infringement contentions on certain of their patents in the European Patent Office and Unified Patent Court in Germany, to which we filed appropriate legal challenges. Those matters are still pending.
As of July 31, 2024, we accrued $184.4 million for the verdict amount and estimated interest. As of July 31, 2025, we accrued $145.6 million based on the judgment and estimated interest, which is recorded in other long-term liabilities on our consolidated balance sheets. The corresponding amount was a charge of $184.4 million for the year ended July 31, 2024, and a release of $38.8 million for the year ended July 31, 2025, which is included in general and administrative expense on our consolidated statements of operations.
Finjan, Inc. v. Palo Alto Networks
On November 4, 2014, Finjan, Inc., filed a lawsuit against us in the United States District Court for the Northern District of California. The lawsuit alleges that our products infringe multiple Finjan patents. The complaint requests injunctive relief, monetary damages, and attorneys’ fees. On March 21, 2025, the judge issued an order granting summary judgment of non-infringement on all remaining patents at issue. Plaintiff filed a Notice of Appeal on April 21, 2025. We are unable, at this time, to reasonably estimate a possible loss or potential range of loss, if any.
Eire OG Innovations. v. Palo Alto Networks
On April 3, 2024, Eire OG Innovations filed a lawsuit against us in the United States District Court for the Eastern District of Texas asserting infringement of multiple patents, certain of which were subsequently dismissed. The complaint requests monetary damages and attorneys’ fees. Trial is set for February 17, 2026. We are unable, at this time, to reasonably estimate a possible loss or potential range of loss, if any.
Indemnification
Under the indemnification provisions of our standard sales related contracts, we agree to defend our end-customers against third-party claims asserting infringement of certain intellectual property rights, which may include patents, copyrights, trademarks, or trade secrets, and to pay judgments or approved settlements attributable to such claims. Our exposure under these indemnification provisions is generally limited to payments made to us for the alleged infringing products over the preceding twelve months under the agreement. However, certain agreements include indemnification provisions that could potentially expose us to losses in excess of these payments. In addition, we indemnify our officers, directors, and certain key employees while they are serving in good faith in their company capacities. To date, we have not recorded any accruals for loss contingencies associated with indemnification claims or determined that an unfavorable outcome is probable or reasonably possible.
14. Stockholders’ Equity
Share Repurchase Program
In February 2019, our board of directors authorized a $1.0 billion share repurchase program, which is funded from available working capital. Our board of directors subsequently authorized additional increases to this share repurchase program, including $915.0 million in August 2022, $316.7 million in November 2023, and $500.0 million in August 2024, bringing the total authorization under this share repurchase program to $4.1 billion (our “current authorization”). The expiration date of our current authorization was extended to December 31, 2025, and our repurchase program may be suspended or discontinued at any time. Repurchases may be made at management’s discretion from time to time on the open market, through privately negotiated transactions, transactions structured through investment banking institutions, block purchase techniques, 10b5-1 trading plans, or a combination of the foregoing.
The following table summarizes the share repurchase activity under our share repurchase program (in millions, except per share amounts):
| | | | | | | | | | | | | |
| | | Year Ended July 31, |
| | | 2024 | | 2023 |
| Number of shares repurchased | | | 4.0 | | | 3.6 | |
Weighted-average price per share (1) | | | $ | 142.00 | | | $ | 69.32 | |
Aggregate purchase price (1) | | | $ | 566.7 | | | $ | 250.0 | |
(1)Includes transaction costs
We did not repurchase shares of our common stock during the year ended July 31, 2025. During the year ended July 31, 2023, we paid $22.7 million related to share repurchases of our common stock that were not settled as of July 31, 2022.
As of July 31, 2025, $1.0 billion remained available for future share repurchases under our current repurchase authorization. The total price of the shares repurchased and related transaction costs are reflected as a reduction to common stock and additional paid-in capital on our consolidated balance sheets.
15. Equity Award Plans
Share-Based Compensation Plans
Equity Incentive Plans
Our 2021 Equity Incentive Plan (our “2021 Plan”) became effective in December 2021 and replaced our 2012 Equity Incentive Plan (our “2012 Plan”). Our 2021 Plan provides for the granting of stock options, stock appreciation rights, restricted stock awards (“RSAs”), restricted stock units (“RSUs”), performance shares (“PSAs”), performance-based stock units (“PSUs”) and performance stock options (“PSOs”) to our employees, directors, and consultants. Upon effectiveness of the 2021 Plan, the 2012 Plan was terminated and no further awards will be granted under the 2012 Plan. Awards that were outstanding upon such termination remained outstanding pursuant to their original terms, and any subsequent expiration, cancellation or forfeiture of awards under our 2012 Plan are returned to our 2021 Plan.
The majority of our equity awards are RSUs, which generally vest over a period of four years from the date of grant. Until vested, RSUs do not have the voting and dividend participation rights of common stock and the shares underlying the awards are not considered issued and outstanding.
Our PSUs generally vest over a period of one to four years from the date of grant. The number of PSUs eligible to vest is determined based on the level of achievement against certain performance conditions, market conditions, and a combination thereof.
During the year ended July 31, 2023, we granted 1.8 million shares of PSUs with both service and market conditions. The market conditions are satisfied when the price of our common stock is equal to or exceeds stock price targets of $116.67, $133.34, $150.00, and $166.67 based on the average closing price for 30 consecutive trading days during the three- or four-year period following the date of grant. Once a market condition is met, its corresponding one-fourth of the awards vest on each anniversary date of the grant date, subject to continued service. As of July 31, 2025, all stock price targets for these PSU awards have been met, and the related shares will vest when the underlying service conditions are satisfied.
During the year ended July 31, 2023, we granted 1.5 million shares of PSUs, which contain service and market conditions. The service conditions are satisfied after a period of five years. The market condition is measured based on our total shareholder return (“TSR”) relative to the TSR of the companies listed in the Standard & Poor’s 500 index.
During the years ended July 31, 2025, 2024, and 2023, we granted 3.4 million, 4.2 million, and 3.2 million shares of PSUs, respectively, which contain service, performance and market conditions. The service conditions are satisfied over a period of one to three years. For PSUs granted during the year ended July 31, 2025, the performance conditions are based on an average of next-generation security annualized recurring revenue and non-GAAP net income per diluted share. For PSUs granted during the years ended July 31, 2024 and 2023, the performance conditions are based on revenue growth or billing growth. The market condition is measured based on our TSR relative to the TSR of the companies listed in the Standard & Poor’s 500 index. As of July 31, 2025, we have approved an additional 2.7 million shares of PSUs, which will be granted upon the performance condition being established during the next two years.
We have also granted PSOs with both service and market conditions. The market condition for PSOs granted in the fiscal years 2018 and 2019 requires the price of our common stock to equal or exceed $49.63, $66.17, $82.71, and $99.25 based on the average closing price for 30 consecutive trading days during the four-, five-, six-, and seven-and-a-half-year periods following the date of grant in fiscal year 2018 and 2019, respectively. Once a market condition is met, its corresponding one-fourth of the PSOs vest on each anniversary date of the grant date, subject to continued service. The maximum contractual term of our outstanding PSOs is seven and a half years from the date of grant, depending on vesting period. As of July 31, 2025, all of our outstanding PSOs have been fully vested.
We net-share settle equity awards held by certain employees by withholding shares upon vesting to satisfy tax withholding obligations. The shares withheld to satisfy employee tax withholding obligations are returned to our 2021 Plan and will be available for future issuance. Payments for employees’ tax obligations to the tax authorities are recognized as a reduction to additional paid-in capital and reflected as financing activities on our consolidated statements of cash flows.
A total of 55.8 million shares of our common stock are reserved for issuance pursuant to our equity incentive plans as of July 31, 2025.
2012 Employee Stock Purchase Plan
Our 2012 Employee Stock Purchase Plan was adopted by our board of directors and approved by the stockholders on June 5, 2012, and was effective upon completion of our initial public offering. On August 29, 2017, we amended and restated our 2012 Employee Stock Purchase Plan (our “2012 ESPP”) to extend the length of our offering periods from 6 to 24 months.
Our 2012 ESPP permits eligible employees to acquire shares of our common stock at 85% of the lower of the fair market value of our common stock on the first trading day of each offering period or on the purchase date. If the fair market value of our common stock on the purchase date is lower than the first trading day of the offering period, the current offering period will be cancelled after purchase and a new 24-month offering period will begin. Under our 2012 ESPP, each 24-month offering period consists of four consecutive 6-month purchase periods, with purchase dates on the first trading day on or after February 28 and August 31 of each year. Participants may purchase shares of common stock through payroll deductions of up to 15% of their eligible compensation, subject to purchase limits of 3,750 shares per six-month purchase period and $25,000 worth of stock for each calendar year. Shares purchased under our 2012 ESPP during the fiscal years ended July 31, 2025, 2024 and 2023 were 1.9 million, 2.2 million and 2.3 million, at an average exercise price of $106.99 per share, $80.32 per share, and $69.15 per share, respectively.
A total of 41.5 million shares of our common stock are available for sale under our 2012 ESPP as of July 31, 2025. On the first day of each fiscal year, the number of shares in the reserve may be increased by the lesser of (i) 12.0 million shares, (ii) 1% of the outstanding shares of our common stock on the first day of the fiscal year, or (iii) such other amount as determined by our board of directors.
Assumed Share-Based Compensation Plans
In connection with our acquisitions, we have assumed equity incentive plans of certain acquired companies (collectively “the Assumed Plans”). The equity awards assumed in connection with each acquisition were granted from their respective assumed plans. The assumed equity awards will be settled in shares of our common stock and will retain the terms and conditions under which they were originally granted. No additional equity awards will be granted under and forfeited awards will not be returned to the Assumed Plans. Refer to Note 8. Acquisitions for more information on our acquisitions and the related equity awards assumed.
Stock Option Activities
The following table summarizes the stock option and PSO activity under our stock plans during the years ended July 31, 2025, 2024, and 2023 (in millions, except per share amounts):
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| Stock Options Outstanding | | PSOs Outstanding |
| Number of Shares | | Weighted-Average Exercise Price Per Share | | Weighted-Average Remaining Contractual Term
(Years) | | Aggregate Intrinsic Value | | Number of Shares | | Weighted-Average Exercise Price Per Share | | Weighted-Average Remaining Contractual Term
(Years) | | Aggregate Intrinsic Value |
| Balance—July 31, 2022 | 0.1 | | | $ | 9.23 | | | 0.5 | | $ | 6.7 | | | 15.9 | | | $ | 32.42 | | | 3.2 | | $ | 809.3 | |
| | | | | | | | | | | | | | | |
| Exercised | (0.1) | | | 9.23 | | | | | | | (3.1) | | | 31.70 | | | | | |
| | | | | | | | | | | | | | | |
| Balance—July 31, 2023 | — | | | $ | — | | | 0.0 | | $ | — | | | 12.8 | | | $ | 32.60 | | | 2.2 | | $ | 1,184.6 | |
| | | | | | | | | | | | | | | |
| Exercised | — | | | — | | | | | | | (3.2) | | | 32.42 | | | | | |
| | | | | | | | | | | | | | | |
| Balance—July 31, 2024 | — | | | $ | — | | | 0.0 | | $ | — | | | 9.6 | | | $ | 32.66 | | | 1.2 | | $ | 1,244.9 | |
| | | | | | | | | | | | | | | |
Exercised(1) | — | | | — | | | | | | | (8.2) | | | 32.65 | | | | | |
| | | | | | | | | | | | | | | |
| Balance—July 31, 2025 | — | | | $ | — | | | 0.0 | | $ | — | | | 1.4 | | | $ | 32.76 | | | 0.5 | | $ | 197.0 | |
| Exercisable—July 31, 2025 | — | | | $ | — | | | 0.0 | | $ | — | | | 1.4 | | | $ | 32.76 | | | 0.5 | | $ | 197.0 | |
(1)Includes 1.3 million shares withheld by us to satisfy the exercise price and tax withholding requirements.
The intrinsic value of options exercised during the years ended July 31, 2025, 2024, and 2023 was $1.2 billion, $358.5 million, and $237.7 million, respectively.
RSU and PSU Activities
The following table summarizes the RSU and PSU activity under our stock plans during the years ended July 31, 2025, 2024, and 2023 (in millions, except per share amounts):
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| Unvested RSUs | | Unvested PSUs |
| Number of Shares | | Weighted-Average Grant-Date Fair Value Per Share | | | | Aggregate Intrinsic Value | | Number of Shares | | Weighted-Average Grant-Date Fair Value Per Share | | | | Aggregate Intrinsic Value |
| Balance—July 31, 2022 | 29.5 | | | $ | 57.75 | | | | | $ | 2,456.9 | | | 6.2 | | | $ | 53.19 | | | | | $ | 513.7 | |
Granted(1) | 11.5 | | | 84.52 | | | | | | | 7.1 | | | 71.44 | | | | | |
Vested(2) | (13.9) | | | 55.47 | | | | | | | (2.6) | | | 56.36 | | | | | |
| Forfeited | (3.0) | | | 64.03 | | | | | | | (0.8) | | | 68.48 | | | | | |
| Balance—July 31, 2023 | 24.1 | | | $ | 71.30 | | | | | $ | 3,013.0 | | | 9.9 | | | $ | 64.32 | | | | | $ | 1,242.3 | |
Granted(1) | 8.5 | | | 137.76 | | | | | | | 4.3 | | | 91.39 | | | | | |
Vested(2) | (11.8) | | | 68.63 | | | | | | | (3.2) | | | 57.28 | | | | | |
| Forfeited | (2.8) | | | 84.12 | | | | | | | (1.0) | | | 68.54 | | | | | |
| Balance—July 31, 2024 | 18.0 | | | $ | 102.59 | | | | | $ | 2,924.4 | | | 10.0 | | | $ | 77.95 | | | | | $ | 1,624.2 | |
Granted(1) | 6.0 | | | 189.45 | | | | | | | 3.8 | | | 201.59 | | | | | |
Vested(2) | (8.6) | | | 97.00 | | | | | | | (1.2) | | | 64.65 | | | | | |
| Forfeited | (2.2) | | | 115.94 | | | | | | | (3.2) | | | 92.11 | | | | | |
| Balance—July 31, 2025 | 13.2 | | | $ | 143.33 | | | | | $ | 2,284.7 | | | 9.4 | | | $ | 140.92 | | | | | $ | 1,635.4 | |
(1)For PSUs, shares granted represent the aggregate maximum number of shares that may be earned and issued with respect to these awards over their full terms.
(2)Includes time-based vesting for PSUs.
The aggregate fair value, as of the respective vesting dates, of RSUs vested during the years ended July 31, 2025, 2024, and 2023 was $1.6 billion, $1.6 billion, and $1.3 billion, respectively. The aggregate fair value, as of the respective vesting dates, of PSUs vested during the years ended July 31, 2025, 2024, and 2023 was $220.7 million, $377.7 million, and $218.9 million, respectively.
Shares Available for Grant
The following table presents the stock activity and the total number of shares available for grant under our equity incentive plans as of July 31, 2025 (in millions):
| | | | | |
| Number of shares |
| Balance—July 31, 2024 | 26.2 | |
| Authorized | 6.0 | |
| |
| RSUs and PSUs granted | (9.8) | |
| RSUs and PSUs forfeited | 5.5 | |
| Shares withheld for taxes | 1.4 | |
| Balance—July 31, 2025 | 29.3 | |
Share-Based Compensation
We record share-based compensation awards based on estimated fair value as of the grant date. The fair value of RSUs and PSUs not subject to market conditions is based on the closing market price of our common stock on the date of grant.
The fair value of the PSUs subject to market conditions is estimated on the grant date using a Monte Carlo simulation model. The following table summarizes the assumptions used and the resulting grant-date fair value of our PSUs subject to market conditions granted during the years ended July 31, 2025, 2024, and 2023:
| | | | | | | | | | | | | | | | | |
| Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
| Volatility | 43.5% - 47.6% | | 40.8% - 43.4% | | 38.3% - 44.8% |
| Expected term (in years) | 1.0 - 2.9 | | 0.9 - 2.9 | | 1.0 - 5.0 |
| Dividend yield | — | % | | — | % | | — | % |
| Risk-free interest rate | 3.7% - 4.5% | | 4.4% - 5.3% | | 3.2% - 4.1% |
| Grant-date fair value per share | $264.51 - $305.83 | | $173.46 - $310.61 | | $45.89 - $140.21 |
The expected volatility is based on the historical volatility of our common stock. The expected term is based on the length of each tranche’s performance period from the grant date. The dividend yield assumption is based on our current expectations about our anticipated dividend policy. The risk-free interest rate is based on the implied yield available on U.S. Treasury zero-coupon issues with maturities that approximate the expected term.
The fair value of PSOs was estimated on the grant date using a Monte Carlo simulation model, which predicts settlement of the PSOs midway between the vesting term and the contractual term. No PSOs were granted during the years ended July 31, 2025, 2024, and 2023.
The fair value of shares issued under our 2012 ESPP are estimated on the grant date using the Black-Scholes option pricing model. The following table summarizes the assumptions used and the resulting grant-date fair values of our ESPP:
| | | | | | | | | | | | | | | | | |
| Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
| Volatility | 34.3% - 43.3% | | 39.6% - 50.0% | | 38.6% - 44.7% |
| Expected term (in years) | 0.5 - 2.0 | | 0.5 - 2.0 | | 0.5 - 2.0 |
| Dividend yield | — | % | | — | % | | — | % |
| Risk-free interest rate | 3.9% - 4.8% | | 4.6% - 5.5% | | 3.3% - 5.2% |
| Grant-date fair value per share | $45.43 - $74.81 | | $32.81 - $66.66 | | $24.39 - $37.03 |
The expected volatility is based on a combination of implied volatility from traded options on our common stock and the historical volatility of our common stock. The expected term represents the term from the first day of the offering period to the purchase dates within each offering period. The dividend yield assumption is based on our current expectations about our anticipated dividend policy. The risk-free interest rate is based on the implied yield available on U.S. Treasury zero-coupon issues with maturities that approximate the expected term.
The following table summarizes share-based compensation included in costs and expenses (in millions):
| | | | | | | | | | | | | | | | | |
| Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
| Cost of product revenue | $ | 5.1 | | | $ | 7.3 | | | $ | 9.8 | |
| Cost of subscription and support revenue | 127.0 | | | 121.0 | | | 123.4 | |
| Research and development | 550.5 | | | 525.5 | | | 488.4 | |
| Sales and marketing | 359.5 | | | 300.8 | | | 335.3 | |
| General and administrative | 258.0 | | | 124.1 | | | 130.4 | |
| Total share-based compensation | $ | 1,300.1 | | | $ | 1,078.7 | | | $ | 1,087.3 | |
As of July 31, 2025, total compensation cost related to unvested share-based awards not yet recognized was $2.2 billion. This cost is expected to be amortized over a weighted-average period of approximately 2.5 years. Future grants will increase the amount of compensation expense to be recorded in these periods.
16. Income Taxes
The following table presents the components of income before income taxes (in millions):
| | | | | | | | | | | | | | | | | |
| | Year Ended July 31, |
| | 2025 | | 2024 | | 2023 |
| United States | $ | 1,124.9 | | | $ | 669.2 | | | $ | 374.3 | |
| Foreign | 470.8 | | | 319.1 | | | 192.0 | |
| Total | $ | 1,595.7 | | | $ | 988.3 | | | $ | 566.3 | |
The following table summarizes our provision for (benefit from) income taxes (in millions):
| | | | | | | | | | | | | | | | | |
| | Year Ended July 31, |
| | 2025 | | 2024 | | 2023 |
| Federal: | | | | | |
| Current | $ | 517.3 | | | $ | 213.4 | | | $ | 26.1 | |
| Deferred | (300.2) | | | 311.7 | | | 19.3 | |
| State: | | | | | |
| Current | 108.2 | | | 101.5 | | | 44.0 | |
| Deferred | (44.5) | | | (172.8) | | | 0.4 | |
| Foreign: | | | | | |
| Current | 186.0 | | | 129.6 | | | 44.0 | |
| Deferred | (5.0) | | | (2,172.7) | | | (7.2) | |
| Total | $ | 461.8 | | | $ | (1,589.3) | | | $ | 126.6 | |
For the year ended July 31, 2025, our provision for income taxes was $461.8 million, which included a deferred tax provision of $218.5 million arising from the remeasurement of our basis difference associated with the U.S. tax effects of foreign deferred tax assets. Our remeasurement is a result of the One Big Beautiful Bill Act ("OBBB") enacted on July 4, 2025 which provides for significant tax law changes and modifications including changes to the U.S. effective tax rates on certain foreign earnings. Although these specific provisions are not effective until our fiscal 2027, our policy to account for basis differences relating to our global intangible low-taxed income requires us to account for these changes in the period of enactment.
For the year ended July 31, 2024, our benefit from income taxes was $1.6 billion, primarily due to the release of our valuation allowance on U.S. federal, U.S. states other than California, and United Kingdom (“U.K.”) deferred tax assets, partially offset by the deferred tax provision in our U.S. federal tax provision to recognize the indirect effect on basis differences relating to our global intangible low-taxed income in connection with the release of our valuation allowance in the U.K.
The following table presents the items accounting for the difference between income taxes computed at the federal statutory income tax rate and our provision for (benefit from) income taxes:
| | | | | | | | | | | | | | | | | |
| | Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
| Federal statutory rate | 21.0 | % | | 21.0 | % | | 21.0 | % |
| Effect of: | | | | | |
| State taxes, net of federal tax benefit | 3.8 | | | 3.1 | | | 2.8 | |
Non-U.S. operations | 2.2 | | | 9.5 | | | 9.7 | |
| Change in valuation allowance | 1.1 | | | (341.9) | | | 15.5 | |
U.S. effect of foreign deferred tax assets | 11.2 | | | 175.8 | | | — | |
| | | | | |
| Share-based compensation | (5.5) | | | (16.9) | | | (12.6) | |
| | | | | |
| Tax credits | (6.2) | | | (13.4) | | | (15.6) | |
| Non-deductible expenses | 1.2 | | | 1.5 | | | 2.3 | |
| Other, net | 0.1 | | | 0.5 | | | (0.7) | |
| Total | 28.9 | % | | (160.8) | % | | 22.4 | % |
The following table presents the components of our deferred tax assets and liabilities as of July 31, 2025 and 2024 (in millions):
| | | | | | | | | | | |
| | July 31, |
| | 2025 | | 2024 |
| | | |
| Deferred tax assets: | | | |
| Accruals and reserves | $ | 132.1 | | | $ | 109.7 | |
| Operating lease liabilities | 126.5 | | | 132.6 | |
| Deferred revenue | 1,266.1 | | | 1,004.9 | |
| Net operating loss carryforwards | 620.0 | | | 585.2 | |
| Tax credits | 222.3 | | | 175.3 | |
| Capitalized research expenditures | 895.4 | | | 626.6 | |
| Share-based compensation | 105.6 | | | 75.6 | |
| Fixed assets and intangible assets | 1,561.4 | | | 1,631.7 | |
| | | |
| Gross deferred tax assets | 4,929.4 | | | 4,341.6 | |
| Valuation allowance | (278.1) | | | (243.4) | |
| Total deferred tax assets | 4,651.3 | | | 4,098.2 | |
| Deferred tax liabilities: | | | |
U.S. effect of foreign deferred tax assets | (1,921.6) | | | (1,728.5) | |
| | | |
| Operating lease right-of-use assets | (108.2) | | | (115.8) | |
| Deferred contract costs | (212.5) | | | (199.1) | |
| Other deferred tax liabilities | (74.1) | | | (43.5) | |
| Total deferred tax liabilities | (2,316.4) | | | (2,086.9) | |
| Net deferred tax assets (liabilities) | $ | 2,334.9 | | | $ | 2,011.3 | |
We regularly assess the need for a valuation allowance on our deferred tax assets. In making this assessment, we consider both positive and negative evidence related to the likelihood of realization of the deferred tax assets to determine, based on the weight of available evidence, whether it is more likely than not that some or all the deferred tax assets will not be realized. The assessment requires significant judgment and is performed for each of the applicable jurisdictions. Based on our analysis of all positive and negative evidence during the year ended July 31, 2025, we continue to maintain a valuation allowance for our California deferred tax assets due to the uncertainty regarding realizability of these deferred tax assets as they have not met the “more likely than not” realization criterion. We expect future research and development tax credit generation in California to exceed our ability to use the existing tax credits.
Our U.S. federal and state deferred tax assets largely consist of capitalized research expenditures and accelerated recognition of deferred revenue for tax purposes. U.S. tax carryforwards (including net operating losses and tax credits) are expected to be fully utilized to the extent allowable by law. Our U.K. deferred tax assets largely consist of basis differences in intangible assets and related net operating losses expected to be utilized in the future.
As of July 31, 2025, we had federal, state, and foreign net operating loss carryforwards of approximately $129.1 million, $112.8 million, and $2.3 billion, respectively, as reported on our tax returns, available to reduce future taxable income, if any. If not utilized, our federal and state net operating loss carryforwards will expire in various amounts at various dates beginning in the years ending July 31, 2034 and July 31, 2030, respectively. Our foreign net operating loss will carry forward indefinitely.
As of July 31, 2025, we had federal and state research and development tax credit carryforwards of approximately $2.0 million and $340.2 million, respectively, as reported on our tax returns. If not utilized, the federal credit carryforwards will expire in various amounts at various dates beginning in the year ending July 31, 2040. The state credit carryforwards have no expiration.
As of July 31, 2025, we had foreign tax credit carryforwards of $1.7 million as reported on our tax returns. If not utilized, the foreign tax credit carryforwards will expire in various amounts at various dates beginning in the year ending July 31, 2029.
Utilization of the net operating loss carryforwards and credits may be subject to a substantial annual limitation due to the ownership change limitations provided by the Internal Revenue Code of 1986, as amended, and similar state provisions. The annual limitation may result in the expiration of net operating losses and credits before utilization.
As of July 31, 2025, we had $572.2 million of unrecognized tax benefits, $274.8 million of which would affect income tax expense if recognized, after consideration of our valuation allowance in California and other assets. As of July 31, 2024, we had $454.4 million of unrecognized tax benefits, $200.1 million of which would affect income tax expense if recognized, after consideration of our valuation allowance in the United States and other assets. We do not expect the amount of unrecognized tax benefits as of July 31, 2025 to materially change over the next 12 months.
We file federal, state, and foreign income tax returns in jurisdictions with varying statutes of limitations. Generally, all years remain subject to adjustment due to our net operating loss and credit carryforwards. We currently have ongoing tax audits in various jurisdictions and at various times. The primary focus of these audits is, generally, profit allocation. The ultimate amount and timing of any future settlements cannot be predicted with reasonable certainty.
We recognize both interest and penalties associated with uncertain tax positions as a component of income tax expense. During the years ended July 31, 2025, 2024, and 2023, we recognized an income tax expense of $42.4 million, an income tax expense of $5.8 million, and a net income tax benefit of $4.8 million related to interest and penalties, respectively. We had accrued interest and penalties on our consolidated balance sheets related to unrecognized tax benefits of $53.3 million and $10.9 million as of July 31, 2025 and 2024, respectively.
The following table presents a reconciliation of the beginning and ending amount of our gross unrecognized tax benefits (in millions):
| | | | | | | | | | | | | | | | | |
| | Year Ended July 31, |
| | 2025 | | 2024 | | 2023 |
| Unrecognized tax benefits at the beginning of the period | $ | 454.4 | | | $ | 360.0 | | | $ | 414.0 | |
| Additions for tax positions taken in prior years | 10.4 | | | 1.9 | | | 7.8 | |
| Reductions for tax positions taken in prior years | (11.1) | | | (19.8) | | | (99.8) | |
| Additions for tax positions taken in the current year | 118.5 | | | 112.3 | | | 66.9 | |
| Reduction relating to audit settlement | — | | | — | | | (28.9) | |
| Unrecognized tax benefits at the end of the period | $ | 572.2 | | | $ | 454.4 | | | $ | 360.0 | |
During the years ended July 31, 2025 and 2024, increases in uncertain tax positions were primarily due to our credits and incentives and intercompany transactions.
As of July 31, 2025, we had no unremitted earnings when evaluating our outside basis difference relating to our U.S. investment in foreign subsidiaries. However, there could be local withholding taxes due to various foreign countries if certain lower tier earnings are distributed. Withholding taxes that would be payable upon remittance of these lower tier earnings are not material.
17. Net Income Per Share
Basic net income per share is computed by dividing net income by basic weighted-average shares outstanding during the period. Diluted net income per share is computed by dividing net income by diluted weighted-average shares outstanding during the period giving effect to all potentially dilutive securities to the extent they are dilutive. We compute the dilutive effect of shares issuable upon conversion of our convertible senior notes using the if-converted method, and the dilutive effect of warrants related to the issuance of convertible senior notes and equity awards under our employee equity incentive plans using the treasury stock method.
The following table presents the computation of basic and diluted net income per share of common stock (in millions, except per share data):
| | | | | | | | | | | | | | | | | |
| | Year Ended July 31, |
| | 2025 | | 2024 | | 2023 |
Net income | $ | 1,133.9 | | | $ | 2,577.6 | | | $ | 439.7 | |
Weighted-average shares used to compute net income per share, basic | 662.5 | | | 638.5 | | | 606.4 |
| Weighted-average effect of potentially dilutive securities: | | | | | |
| Convertible senior notes | 7.3 | | | 20.7 | | | 35.7 | |
| Warrants related to the issuance of convertible senior notes | 25.4 | | | 25.6 | | | 18.6 | |
| Employee equity incentive plans | 14.1 | | | 23.1 | | | 23.8 | |
Weighted-average shares used to compute net income per share, diluted | 709.3 | | | 707.9 | | | 684.5 |
Net income per share, basic | $ | 1.71 | | | $ | 4.04 | | | $ | 0.73 | |
Net income per share, diluted | $ | 1.60 | | | $ | 3.64 | | | $ | 0.64 | |
The following securities were excluded from the computation of diluted net income per share of common stock as their effect would have been antidilutive or issuance of such shares is contingent upon the satisfaction of certain conditions which were not satisfied by the end of the applicable period (in millions):
| | | | | | | | | | | | | | | | | |
| Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
| | | | | |
| | | | | |
| Employee equity incentive plans | 3.4 | | | 4.7 | | | 7.7 | |
| | | | | |
18. Other Income, Net
The following table sets forth the components of other income, net (in millions):
| | | | | | | | | | | | | | | | | |
| Year Ended July 31, |
| 2025 | | 2024 | | 2023 |
| Interest income | $ | 363.5 | | | $ | 317.9 | | | $ | 224.4 | |
| Foreign currency exchange gains (losses), net | (32.8) | | | 0.2 | | | (7.9) | |
| Other, net | 25.1 | | | (5.4) | | | (10.3) | |
| Total other income, net | $ | 355.8 | | | $ | 312.7 | | | $ | 206.2 | |
19. Segment Information
We have one operating and reportable segment. We conduct business globally and sales are primarily managed on a geographic theater basis. Our chief operating decision maker (“CODM”) is our Chairman and Chief Executive Officer who reviews financial information presented on a consolidated basis accompanied by revenue information for purposes of allocating resources and evaluating financial performance. Our CODM uses consolidated net income as our measure of segment profit or loss. The consolidated financial information by function as reflected on our consolidated statements of operations is used in our annual budget and forecasting process to establish goals and monitor budget versus actual results. The measure of segment assets is reported on the consolidated balance sheets as total consolidated assets.
The following table presents our long-lived assets, which consist of property and equipment, net and operating lease right-of-use assets, by geographic area (in millions):
| | | | | | | | | | | |
| | Year Ended July 31, |
| | 2025 | | 2024 |
| Long-lived assets: | | | |
| United States | $ | 418.0 | | | $ | 438.9 | |
| Israel | 162.1 | | | 141.1 | |
| Other countries | 154.2 | | | 167.0 | |
| Total long-lived assets | $ | 734.3 | | | $ | 747.0 | |
Refer to Note 2. Revenue for revenue by geographic theater and revenue for groups of similar products and services for the years ended July 31, 2025, 2024, and 2023.
Item 9. Changes in and Disagreements with Accountants on Accounting and Financial Disclosure
Not applicable.
Item 9A. Controls and Procedures
Evaluation of Disclosure Controls and Procedures
Our management, with the participation of our chief executive officer and chief financial officer, evaluated the effectiveness of our disclosure controls and procedures pursuant to Rule 13a-15(f) under the Securities Exchange Act of 1934, as amended (the “Exchange Act”). In designing and evaluating the disclosure controls and procedures, management recognizes that any controls and procedures, no matter how well designed and operated, can provide only reasonable assurance of achieving the desired control objectives. In addition, the design of disclosure controls and procedures must reflect the fact that there are resource constraints and that management is required to apply its judgment in evaluating the benefits of possible controls and procedures relative to their costs.
Based on our evaluation, our chief executive officer and chief financial officer concluded that, as of July 31, 2025, our disclosure controls and procedures are designed at a reasonable assurance level and are effective to provide reasonable assurance that information we are required to disclose in reports that we file or submit under the Exchange Act is recorded, processed, summarized, and reported within the time periods specified in Securities and Exchange Commission (“SEC”) rules and forms, and that such information is accumulated and communicated to our management, including our chief executive officer and chief financial officer, as appropriate, to allow timely decisions regarding required disclosure.
Management’s Annual Report on Internal Control over Financial Reporting
Our management is responsible for establishing and maintaining adequate internal control over financial reporting as defined in Rules 13a-15(f) under the Exchange Act. Our management assessed the effectiveness of our internal control over financial reporting as of July 31, 2025, based on the framework set forth by the Committee of Sponsoring Organizations of the Treadway Commission (“COSO”) in Internal Control - Integrated Framework (2013 framework). Based on that assessment, management concluded that, as of July 31, 2025, our internal control over financial reporting was effective.
The effectiveness of our internal control over financial reporting as of July 31, 2025 has been audited by Ernst & Young LLP, the independent registered public accounting firm that audits our consolidated financial statements, as stated in their report which is included in Part II, Item 8 of this Annual Report on Form 10-K.
Changes in Internal Control over Financial Reporting
There were no changes in our internal control over financial reporting identified in connection with the evaluation required by Rule 13a-15(d) and 15d-15(d) of the Exchange Act that occurred during the fiscal quarter ended July 31, 2025 that have materially affected, or are reasonably likely to materially affect, our internal control over financial reporting.
Item 9B. Other Information
Trading Plans of Directors and Executive Officers
Set forth below is certain information regarding Rule 10b5-1 trading plans adopted or terminated by our directors and officers (as defined in Rule 16a-1(f)) during the fourth quarter of fiscal 2025. The Rule 10b5-1 trading plans listed below are each intended to satisfy the affirmative defense of Rule 10b5-1(c).
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| Name | | Title | | Date Plan Was Adopted | | Date Plan Was Terminated | | Original Expiration Date | | Total Amount of Common Stock to Be Sold Under the Plan |
Nikesh Arora | | Chief Executive Officer | | June 24, 2025 | | Not applicable | | December 24, 2025 or when all shares have been sold | | 846,408 |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
No other officers or directors, as defined in Rule 16a-1(f), adopted, modified, and/or terminated a “Rule 10b5-1 trading arrangement” or a “non-Rule 10b5-1 trading arrangement,” as defined in Regulation S-K Item 408, during the fourth quarter of fiscal 2025.
Item 9C. Disclosure Regarding Foreign Jurisdictions That Prevent Inspections
Not applicable.
Part III
Item 10. Directors, Executive Officers and Corporate Governance
The information required by this item will be contained in our definitive proxy statement to be filed with the SEC in connection with our 2025 annual meeting of stockholders (the “Proxy Statement”), which is expected to be filed not later than 120 days after the end of our fiscal year ended July 31, 2025 and is incorporated herein by reference.
Item 11. Executive Compensation
The information required by this item will be set forth in the Proxy Statement and is incorporated herein by reference.
Item 12. Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters
The information required by this item will be set forth in the Proxy Statement and is incorporated herein by reference.
Item 13. Certain Relationships and Related Transactions, and Director Independence
The information required by this item will be set forth in the Proxy Statement and is incorporated herein by reference.
Item 14. Principal Accountant Fees and Services
The information required by this item will be set forth in the Proxy Statement and is incorporated herein by reference.
Part IV
Item 15. Exhibits and Financial Statement Schedules
Documents filed as part of this Annual Report on Form 10-K are as follows:
1.Consolidated Financial Statements
Our Consolidated Financial Statements are listed in the “Index to Consolidated Financial Statements” under Part II, Item 8 of this Annual Report on Form 10-K.
2.Financial Statement Schedules
Financial statement schedules have been omitted because they are not required, not applicable, not present in amounts sufficient to require submission of the schedule, or the required information is shown in the Consolidated Financial Statements or the notes thereto.
3.Exhibits
The following documents are incorporated by reference or are filed with this Annual Report on Form 10-K, in each case as indicated therein (numbered in accordance with Item 601 of Regulation S-K).
Exhibit Index
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Exhibit
Number | | Exhibit Description | | Incorporated by Reference | | |
| Form | | File No. | | Exhibit | | Filing Date | | |
| | | | | | | | | | | | |
| | Agreement and Plan of Merger, dated as of July 30, 2025, by and among Palo Alto Networks, Inc., Athens Strategies Ltd. and CyberArk Software Ltd. | | 8-K | | 001-35594 | | 2.1 | | July 31, 2025 | | |
| | | | | | | | | | | | |
| | Restated Certificate of Incorporation of the Registrant, as amended. | | | | | | | | | | |
| | | | | | | | | | | | |
| | Amended and Restated Bylaws of the Registrant. | | 8-K | | 001-35594 | | 3.1 | | August 18, 2025 | | |
| | | | | | | | | | | | |
| | Certificate of Change of Location of Registered Agent and/or Registered Office. | | 8-K | | 001-35594 | | 3.1 | | August 30, 2016 | | |
| | | | | | | | | | | | |
| | Description of Registrant’s Securities. | | | | | | | | | | |
| | | | | | | | | | | | |
| | Form of Indemnification Agreement between the Registrant and its directors and officers. | | S-1/A | | 333-180620 | | 10.1 | | July 9, 2012 | | |
| | | | | | | | | | | | |
| | 2012 Equity Incentive Plan and related form agreements. | | 10-Q | | 001-35594 | | 10.2 | | November 26, 2019 | | |
| | | | | | | | | | | | |
| | Form of 2012 Equity Incentive Plan Performance-Based Restricted Stock Unit Award Agreement. | | 10-Q | | 001-35594 | | 10.4 | | November 19, 2021 | | |
| | | | | | | | | | | | |
| | 2021 Equity Incentive Plan, as amended and restated, and related form agreements. | | | | | | | | | | |
| | | | | | | | | | | | |
| | 2012 Employee Stock Purchase Plan, as amended and restated, and related form agreements. | | | | | | | | | | |
| | | | | | | | | | | | |
| | RedLock Inc. 2015 Stock Plan, as amended, and related form agreements under RedLock Inc. 2015 Stock Plan, as amended. | | S-8 | | 333-227901 | | 99.1 | | October 19, 2018 | | |
| | | | | | | | | | | | |
| | Cider Security Ltd. 2020 Equity Incentive Plan. | | S-8 | | 333-268931 | | 99.1 | | December 21, 2022 | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Exhibit
Number | | Exhibit Description | | Incorporated by Reference | | |
| Form | | File No. | | Exhibit | | Filing Date | | |
| | | | | | | | | | | | |
| | US Sub-Plan to Cider Security Ltd. 2020 Equity Incentive Plan. | | S-8 | | 333-268931 | | 99.2 | | December 21, 2022 | | |
| | | | | | | | | | | | |
| | Employee Incentive Compensation Plan, as amended and restated. | | 10-Q | | 001-35594 | | 10.2 | | November 25, 2014 | | |
| | | | | | | | | | | | |
| | Clawback Policy, adopted as of August 29, 2017, amended August 14, 2024. | | 10-K | | 001-35594 | | 10.16 | | September 6, 2024 | | |
| | | | | | | | | | | | |
| | Amended and Restated Outside Director Compensation Policy (last amended February 12, 2025). | | 10-Q | | 001-35594 | | 10.1 | | May 21, 2025 | | |
| | | | | | | | | | | | |
| | Continued Service Policy. | | 10-Q | | 001-35594 | | 10.3 | | May 20, 2022 | | |
| | | | | | | | | | | | |
| | Palo Alto Networks, Inc. Deferred Compensation Plan effective June 1, 2022. | | 10-K | | 001-35594 | | 10.23 | | September 6, 2022 | | |
| | | | | | | | | | | | |
| | Amendment and Restated Employment Letter between Palo Alto Networks, Inc. and Nir Zuk, dated July 7, 2025. | |
| |
| |
| |
| | |
| | | | | | | | | | | | |
| | Offer Letter between the Registrant and Nikesh Arora, dated May 30, 2018. | | 8-K | | 001-35594 | | 10.2 | | June 4, 2018 | | |
| | | | | | | | | | | | |
| | Offer Letter between the Registrant and Josh Paul, dated August 5, 2021. | | 8-K | | 001-35594 | | 10.1 | | September 8, 2021 | | |
| | | | | | | | | | | | |
| | Confirmatory Employment Letter with Updated Change in Control Protection between the Registrant and Lee Klarich, dated December 19, 2011. | | 10-Q | | 001-35594 | | 10.4 | | November 30, 2018 | | |
| | | | | | | | | | | | |
| | Addendum to Employment Offer Letter by and between the Registrant and Dipak Golechha, dated March 17, 2021. | | 8-K | | 001-35594 | | 10.1 | | March 19, 2021 | | |
| | | | | | | | | | | | |
| | Addendum to Employment Offer Letter by and between the Registrant and Dipak Golechha, dated February 18, 2022. | | 10-Q | | 001-35594 | | 10.1 | | May 20, 2022 | | |
| | | | | | | | | | | | |
| | Employment Offer Letter by and between the Registrant and William “BJ” Jenkins, dated July 27, 2021. | | 8-K | | 001-35594 | | 10.1 | | August 12, 2021 | | |
| | | | | | | | | | | | |
| | Addendum to Employment Offer Letter between the Registrant and William “BJ” Jenkins, dated February 18, 2022. | | 10-Q | | 001-35594 | | 10.2 | | May 20, 2022 | | |
| | | | | | | | | | | | |
| | Form of Offer Letter between the Registrant and its directors. | | 10-Q | | 001-35594 | | 10.2 | | May 21, 2025 | | |
| | | | | | | | | | | | |
| | Amended and Restated Flextronics Manufacturing Services Agreement, by and between the Registrant and Flextronics Telecom Systems Ltd., dated April 1, 2019. | | 10-Q | | 001-35594 | | 10.1 | | May 30, 2019 | | |
| | | | | | | | | | | | |
| | Vendor Information Security Terms between the Registrant and Flextronics Telecom Systems Ltd., dated July 23, 2021. | | 10-K | | 001-35594 | | 10.29 | | September 3, 2021 | | |
| | | | | | | | | | | | |
| | Lease between the Registrant and Santa Clara Campus Property Owner I LLC, dated May 28, 2015. | | 10-K | | 001-35594 | | 10.29 | | September 17, 2015 | | |
| | | | | | | | | | | | |
| | Lease between the Registrant and Santa Clara Campus Property Owner I LLC, dated May 28, 2015. | | 10-K | | 001-35594 | | 10.30 | | September 17, 2015 | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Exhibit
Number | | Exhibit Description | | Incorporated by Reference | | |
| Form | | File No. | | Exhibit | | Filing Date | | |
| | | | | | | | | | | | |
| | Lease between the Registrant and Santa Clara Campus Property Owner I LLC, dated May 28, 2015. | | 10-K | | 001-35594 | | 10.31 | | September 17, 2015 | | |
| | | | | | | | | | | | |
| | Lease by and between the Registrant and Santa Clara Campus Property Owner I LLC, dated October 7, 2015. | | 8-K/A | | 001-35594 | | 10.1 | | October 19, 2015 | | |
| | | | | | | | | | | | |
| | Amendment No. 1 to Lease by and between the Registrant and Santa Clara Phase I Property LLC, dated November 9, 2015. | | 10-Q | | 001-35594 | | 10.2 | | November 24, 2015 | | |
| | | | | | | | | | | | |
| | Amendment No. 1 to Lease by and between the Registrant and Santa Clara Campus Property Owner I LLC, dated November 9, 2015. | | 10-Q | | 001-35594 | | 10.3 | | November 24, 2015 | | |
| | | | | | | | | | | | |
| | Amendment No. 1 to Lease by and between the Registrant and Santa Clara Campus Property Owner I LLC, dated September 16, 2016. | | 10-Q | | 001-35594 | | 10.1 | | November 22, 2016 | | |
| | | | | | | | | | | | |
| | Amendment No. 1 to Lease by and between the Registrant and Santa Clara Campus Property Owner I LLC, dated September 16, 2016. | | 10-Q | | 001-35594 | | 10.2 | | November 22, 2016 | | |
| | | | | | | | | | | | |
| | Amendment No. 2 to Lease by and between the Registrant and Santa Clara Campus Property Owner I LLC, dated September 16, 2016. | | 10-Q | | 001-35594 | | 10.3 | | November 22, 2016 | | |
| | | | | | | | | | | | |
| | Amendment No. 2 to Lease by and between the Registrant and Santa Clara Campus Property Owner I LLC, dated November 16, 2016. | | 10-Q | | 001-35594 | | 10.1 | | March 1, 2017 | | |
| | | | | | | | | | | | |
| | Amendment No. 2 to Lease by and between the Registrant and Santa Clara Campus Property Owner I LLC, dated November 16, 2016. | | 10-Q | | 001-35594 | | 10.2 | | March 1, 2017 | | |
| | | | | | | | | | | | |
| | Amendment No. 3 to Lease by and between the Registrant and Santa Clara Campus Property Owner I LLC, dated November 16, 2016. | | 10-Q | | 001-35594 | | 10.3 | | March 1, 2017 | | |
| | | | | | | | | | | | |
| | Amendment No. 3 to Lease by and between the Registrant and Santa Clara EFH LLC, dated June 22, 2017. | | 10-K | | 001-35594 | | 10.40 | | September 7, 2017 | | |
| | | | | | | | | | | | |
| | Amendment No. 3 to Lease by and between the Registrant and Santa Clara G LLC, dated June 22, 2017. | | 10-K | | 001-35594 | | 10.41 | | September 7, 2017 | | |
| | | | | | | | | | | | |
| | Amendment No. 4 to Lease by and between the Registrant and Santa Clara EFH LLC, dated June 22, 2017. | | 10-K | | 001-35594 | | 10.42 | | September 7, 2017 | | |
| | | | | | | | | | | | |
| | Amendment No. 4 to Lease by and between the Registrant and Santa Clara Phase III EFH LLC, dated September 29, 2017. | | 10-Q | | 001-35594 | | 10.5 | | November 21, 2017 | | |
| | | | | | | | | | | | |
| | Amendment No. 4 to Lease by and between the Registrant and Santa Clara Phase III G LLC, dated September 29, 2017. | | 10-Q | | 001-35594 | | 10.6 | | November 21, 2017 | | |
| | | | | | | | | | | | |
| | Amendment No. 5 to Lease by and between the Registrant and Santa Clara Phase III EFH LLC, dated September 29, 2017. | | 10-Q | | 001-35594 | | 10.7 | | November 21, 2017 | | |
| | | | | | | | | | | | |
| | Credit Agreement, dated as of April 13, 2023 among the Registrant, the lenders party thereto and Wells Fargo, National Association, as administrative agent. | | 8-K | | 001-35594 | | 10.1 | | April 19, 2023 | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Exhibit
Number | | Exhibit Description | | Incorporated by Reference | | |
| Form | | File No. | | Exhibit | | Filing Date | | |
| | | | | | | | | | | | |
| | Amendment No. 1, dated as of November 22, 2024, to Credit Agreement, dated as of April 13, 2023, among Palo Alto Networks, Inc., the lenders party thereto, and Wells Fargo Bank, National Association, as administrative agent. | | 10-Q | | 001-35594 | | 10.3 | | February 14, 2025 | | |
| | | | | | | | | | | | |
| | Form of Warrant Confirmation. | | 8-K | | 001-35594 | | 10.3 | | June 8, 2020 | | |
| | | | | | | | | | | | |
| | Insider Trading Policy and Requirements for Trading Plans, as amended and restated. | | | | | | | | | | |
| | | | | | | | | | | | |
| | List of subsidiaries of the Registrant. | | | | | | | | | | |
| | | | | | | | | | | | |
| | Consent of Independent Registered Public Accounting Firm. | | | | | | | | | | |
| | | | | | | | | | | | |
| | Power of Attorney (contained in the signature page to this Annual Report on Form 10-K). | | | | | | | | | | |
| | | | | | | | | | | | |
| | Certification of the Chief Executive Officer pursuant to Section 302(a) of the Sarbanes-Oxley Act of 2002. | | | | | | | | | | |
| | | | | | | | | | | | |
| | Certification of the Chief Financial Officer pursuant to Section 302(a) of the Sarbanes-Oxley Act of 2002. | | | | | | | | | | |
| | | | | | | | | | | | |
| | Certification of Chief Executive Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002. | | | | | | | | | | |
| | | | | | | | | | | | |
| | Certification of Chief Financial Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002. | | | | | | | | | | |
| | | | | | | | | | | | |
| | Compensation Recovery Policy. | | 10-K | | 001-35594 | | 97.1 | | September 6, 2024 | | |
| | | | | | | | | | | | |
| 101.INS | | XBRL Instance Document. | | | | | | | | | | |
| | | | | | | | | | | | |
| 101.SCH | | XBRL Taxonomy Schema Linkbase Document. | | | | | | | | | | |
| | | | | | | | | | | | |
| 101.CAL | | XBRL Taxonomy Calculation Linkbase Document. | | | | | | | | | | |
| | | | | | | | | | | | |
| 101.DEF | | XBRL Taxonomy Definition Linkbase Document. | | | | | | | | | | |
| | | | | | | | | | | | |
| 101.LAB | | XBRL Taxonomy Labels Linkbase Document. | | | | | | | | | | |
| | | | | | | | | | | | |
| 101.PRE | | XBRL Taxonomy Presentation Linkbase Document. | | | | | | | | | | |
| | | | | | | | | | | | |
| 104 | | Cover Page Interactive Data File (formatted as inline XBRL and contained in Exhibit 101). | | | | | | | | | | |
* Indicates a management contract or compensatory plan or arrangement.
** Certain portions of this exhibit have been omitted as the Registrant has determined (i) the omitted information is not material and (ii) the omitted information would likely cause harm to the Registrant if publicly disclosed.
*** Schedules omitted pursuant to Item 601(b)(2) of Regulation S-K. The Registrant agrees to furnish supplementally a copy of any omitted schedule to the SEC upon request; provided, however, that the Registrant may request confidential treatment pursuant to Rule 24b-2 of the Securities Exchange Act of 1934, as amended, for any schedules or exhibits so furnished.
† The certifications attached as Exhibit 32.1 and Exhibit 32.2 that accompany this Annual Report on Form 10-K, are not deemed filed with the Securities and Exchange Commission and are not to be incorporated by reference into any filing of the Registrant under the Securities Act of 1933, as amended, or the Securities Exchange Act of 1934, as amended, whether made before or after the date of this Annual Report on Form 10-K, irrespective of any general incorporation language contained in such filing.
Item 16. Form 10-K Summary
Not applicable.
Signatures
Pursuant to the requirements of Section 13 or 15(d) of the Securities Exchange Act of 1934, the Registrant has duly caused this report to be signed on its behalf by the undersigned, thereunto duly authorized, on August 29, 2025.
| | | | | |
| PALO ALTO NETWORKS, INC. |
| By: | /s/ NIKESH ARORA |
| Nikesh Arora |
| Chairman and Chief Executive Officer |
Power of Attorney
KNOW ALL THESE PERSONS BY THESE PRESENTS, that each person whose signature appears below constitutes and appoints Nikesh Arora, Dipak Golechha, and Josh Paul, and each of them, as his or her true and lawful attorney-in-fact and agent, with full power of substitution and resubstitution, for him or her and in his or her name, place and stead, in any and all capacities, to sign any and all amendments to this Annual Report on Form 10-K, and to file the same, with all exhibits thereto, and other documents in connection therewith, with the Securities and Exchange Commission, granting unto said attorneys-in-fact and agents, and each of them, full power and authority to do and perform each and every act and thing requisite and necessary to be done in connection therewith, as fully to all intents and purposes as he or she might or could do in person, hereby ratifying and confirming all that said attorneys-in-fact and agents, or any of them, or their, his or her substitutes, may lawfully do or cause to be done by virtue thereof.
Pursuant to the requirements of the Securities Exchange Act of 1934, this report has been signed below by the following persons on behalf of the Registrant and in the capacities and on the dates indicated:
| | | | | | | | | | | | | | |
| Signature | | Title | | Date |
| | |
| /s/ NIKESH ARORA | | Chairman, Chief Executive Officer and Director (Principal Executive Officer) | | August 29, 2025 |
| Nikesh Arora | | |
| | | | |
| /s/ DIPAK GOLECHHA | | Chief Financial Officer (Duly Authorized Officer and Principal Financial Officer) | | August 29, 2025 |
| Dipak Golechha | | |
| | | | |
| /s/ JOSH PAUL | | Chief Accounting Officer (Duly Authorized Officer and Principal Accounting Officer) | | August 29, 2025 |
Josh Paul | | |
| | | | |
/s/ LEE KLARICH | | Chief Product and Technology Officer and Director | | August 29, 2025 |
Lee Klarich | | |
| | | | |
/s/ APARNA BAWA | | Director | | August 29, 2025 |
| Aparna Bawa | | |
| | | | |
| /s/ JOHN M. DONOVAN | | Director | | August 29, 2025 |
| John M. Donovan | | |
| | | | |
| /s/ CARL ESCHENBACH | | Director | | August 29, 2025 |
| Carl Eschenbach | | |
| | | | |
| /s/ JAMES J. GOETZ | | Director | | August 29, 2025 |
| James J. Goetz | | |
| | | | |
/s/ RALPH HAMERS | | Director | | August 29, 2025 |
Ralph Hamers | | |
| | | | |
/s/ RT HON SIR JOHN KEY | | Director | | August 29, 2025 |
| Rt Hon Sir John Key | | |
| | | | |
| /s/ MARY PAT MCCARTHY | | Director | | August 29, 2025 |
| Mary Pat McCarthy | | |
| | |
/s/ HELLE THORNING-SCHMIDT | | Director | | August 29, 2025 |
Helle Thorning-Schmidt | | |
| | | | |
/s/ LORRAINE TWOHILL | | Director | | August 29, 2025 |
| Lorraine Twohill | | |
| | | | |
