Palo Alto Networks Q4 Earnings Highlight AI's Impact on Cybersecurity Landscape

What Palo Alto Networks' Q4 Says About The Security Market In The Agentic AI Era

Vendor consolidation, agentic AI and secure browser opportunities were among the biggest topics on Palo Alto Networks' latest quarterly earnings call. Palo Alto Networks' fourth fiscal quarter results and forecast for the 2026 fiscal year didn't only showcase success for the vendor-they were a signal to the channel about emerging trends in the security field in the age of artificial intelligence. Customers looking to consolidate their security vendors, growing opportunity in the secure browser market and how a combined Palo Alto Networks and CyberArk can shake up the industry were some of the topics the Santa Clara, Calif.-based company covered on the earnings call Monday. The vendor's total revenue of $2.54 billion exceeded Wall Street's expectation of $2.5 billion and remaining performance obligation (RPO) of $15.8 billion exceeded Wall Street's estimate of $15.26 billion, according to a report Tuesday by investment firm Wedbush. The vendor has also now surpassed a $10 billion run rate. [RELATED: Palo Alto Networks-CyberArk Combination Would Be 'Watershed Deal:' Analyst] Palo Alto Networks 4Q The vendor's investment in software-based products instead of hardware and signs of a growing presence of agentic AI in the business security conversation-for good, bad or a mix of the two-were also big topics of conversation on the call, which covered the vendor's fourth fiscal quarter, ended July 31. "In this new era, security is no longer a bolt on," Palo Alto Networks CEO Nikesh Arora told analysts on the call. "It is a foundational enabler of transformational success." Read on for some of our biggest takeaways from Palo Alto Networks' latest quarterly earnings call. Security Vendor Consolidation Arora has touted the vendor's "platformization" approach to selling customers on buying a security platform to improve their posture instead of stitching together a group of point solutions. The platformization strategy has proven "prescient" for the vendor, with multiple eight-figure deals won thanks to a broader consolidated set of products, according to a William Blair report Tuesday. Palo Alto Networks customers appear sold by security through a unified platform more so than any discounting, according to the investment firm. Platformization gives the vendor the potential "to capture much larger wallet share from enterprise customers looking to rationalize point solution providers." "In our view, many of these deals are not necessarily ELAs and typically represent the starting point for a relationship that can grow much larger over time, as many enterprises cannot make a wholesale change in their security structure overnight," according to the firm. Palo Alto Networks' innovation-driven strategy and broad portfolio sets it up for success, according to the firm. But for long-term success, the vendor needs "large training sets of data and broad-based coverage that can improve the effectiveness of next-generation products." In its own report Tuesday, Wedbush said that Palo Alto Networks saw about 150 net-net platformization deals during the quarter compared to about 90 the prior quarter. The vendor saw a 51 percent increase year on year in $5 million-plus accounts and 50 percent year on year in $10 million-plus accounts thanks to platformization, with an increase in the average ARR per platformized customer, according to the investment firm. Secure Browsers A New OS? On the call, Arora called enterprise browsers a "new operating system for the enterprise" and "the primary interface for AI and cloud applications." This trend bodes well for Palo Alto Networks' Prisma Access Browser, which saw seat licenses double quarter over quarter to more than 6 million. The vendor's secure browser offer comes from its 2023 acquisition of Talon Cyber Security. "It will become impossible to allow employees access to non-secure browsers in the future," Arora said. "As more and more critical applications and data reside within the browser, it naturally becomes a target for cyberattacks." Prisma Access Browser "is strategically positioned to be the future OS in enabling secure and productive work in an AI-driven world," Arora added. AI vendors relying more on consumer browsers for AI agents will increase enterprises' desire to put employees on secure browsers, the CEO said. "If you believe that agentic's true future is coming through browsers in the future for the desktop, then you have to believe that the case for secure browser just became a mainstream case in the enterprise use case," he said. Security In The Agentic AI Era Although Palo Alto Networks started investing in the enterprise browser opportunity to reach virtual desktop infrastructure, mobile devices and other use cases not covered by secure access service edge (SASE), in the past six to eight months, the vendor has seen browsers leveraged for successful consumer AI agent deployment, Arora said on the call. Palo Alto Networks "will have significant advantages as agentic AI becomes a critical growth area over time" due to the foundation formed by its network security, XSIAM, AI, cloud and SASE portfolio, according to investment firm William Blair's Tuesday report. Palo Alto Networks' AI annual recurring revenue (ARR) was about $545 million, up almost threefold year over year, according to Wedbush's Tuesday report. "Cybersecurity is a clear 2nd/3rd derivative play in the AI Revolution," according to Wedbush, which described the vendor as "in the driver's seat to gain market/mind share." Cloud hyperscalers such as Microsoft have also pointed to data showing growth in the agentic AI market. In their most recent quarterly earnings call, Microsoft executives said that Azure AI Foundry Agent Service now has 14,000 customers, that tens of thousands of organizations have already used Microsoft researcher and analyst deep-reasoning AI agents in the first weeks of availability this year and that customers have created 3 million agents using SharePoint and Copilot Studio. Microsoft's GitHub code review agent performs millions of code reviews each month, the tech giant revealed on the July call. CyberArk Gives Palo Alto Networks Identity Boost Arora offered some roadmap on the call for how a combined Palo Alto Networks and CyberArk push further into the security market, especially as artificial intelligence use grows. Palo Alto Networks still expects to close the deal in the second half of its fiscal year and adjusted free cash flow of 40-plus percent for the combined company by fiscal year 2028. He sees the identity market that CyberArk serves hitting an inflection point in the next 12 to 24 months as agentic AI grows, the CEO said on the call. More than 90 percent of breaches involve stolen or mismanaged credentials, meaning that every user machine and AI agent should be considered privileged users rather than just a small set of IT administrators. CyberArk has about 3,000 channel partners worldwide, according to CRN's 2025 Channel Chiefs. That's about a fifth the size of Palo Alto Networks' ecosystem. As a part of Palo Alto Networks, CyberArk will deepen privileged access management (PAM) penetration and attract a larger base of global identity and access management (IAM) users and machine identities, the CEO said. Palo Alto Networks has nearly 10 times the number of core sellers as CyberArks and a much larger, 75,000 customer base. Palo Alto Networks aims to double the value of the joint businesses over the next five years. CyberArk's telemetry data has synergy potential with Palo Alto Networks' XSIAM extended security intelligence and automation management platform, and identity combined with SASE and extended detection and response (XDR) as a unified agent has cross-selling potential for the 100 million endpoint footprint, KeyBanc said in its Tuesday report. However, integrating CyberArk and the timing of the agentic AI market were some of the investment firm's concerns around the deal. In its report Tuesday, William Blair praised the CyberArk deal, saying that "Palo Alto's value proposition as a core platform only becomes stronger." "CyberArk represents an incremental opportunity to Palo Alto's NGS ARR target of $15 billion for fiscal 2030," according to the report. "Existing customers that have already signed onto its platform are likely to also shift to adopt its identity solutions as well, in our view." Software Investment Avoids Network Security Headwinds Palo Alto Networks' diverse portfolio, especially with software firewall form factors, appears to have saved it from weakness experienced by competitors more aligned with the hardware network security space in the second calendar quarter, KeyBanc said in its Tuesday report. More than 60 percent of Palo Alto Networks' network security bookings in the quarter came from software and SASE. Software firewall grew about 20 percent on an ARR basis while hardware product revenue declined year on year. Although KeyBanc didn't name a specific competitor, Cisco's security segment notably saw disappointing results when it reported quarterly earnings in August. The 9 percent growth year on year Cisco reported came in about $160 million below what Wall Street wanted, according to a Thursday report by Melius Research. That number also came in below Cisco's 15 percent target. (Cisco executives on the call did say that growth would have been double digits excluding its U.S. federal government business.) Another network security rival, Fortinet, disappointed analysts earlier this month when it revealed that it was already almost halfway done with its firewall refresh cycle and that the cycle would likely not bring in the $400 million to $450 million forecasted. It turned out that more boxes were no longer active in the 650,000 unit installed base and more units at lower average selling prices (ASPs) were present, according to a report by Morgan Stanley. Palo Alto Networks' greater mix of software deals compared to hardware was reflected in software accounting for about 56 percent of product revenues compared to a 44 percent mix last year, according to Bank of America's Tuesday note. The vendor has a 50 percent market share in virtual firewalls, firewall-as-a-service (FWaaS) and other software offers. Palo Alto Networks continues to see hardware as a mid-single digit grower in the 2026 fiscal year, executives said on Monday's call.

Palo Alto Networks Q4 2025 Earnings: CEO Arora Credits Platform Strategy With Growth, Says To Watch Enterprise Browsers For AI Security

'In this new era, security is no longer a bolt on,' Palo Alto Networks CEO Nikesh Arora said. Palo Alto Networks CEO Nikesh Arora believes the cybersecurity vendor's "platformization" strategy of selling customers more of its product portfolio to provide a consistent security experience led to growth in its most recent fiscal quarter, with the upcoming acquisition of CyberArk taking the vendor to another level in identity and enterprise browsers positioning Palo Alto Networks for domination in AI security. "In this new era, security is no longer a bolt on," Arora told analysts on the Santa Clara, Calif.-based vendor's quarterly earnings call Monday. "It is a foundational enabler of transformational success." Reporting results for its fourth fiscal quarter, ended July 31, Palo Alto Networks revealed that it has become the first dedicated cybersecurity company to surpass a $10 billion revenue run-rate milestone exiting the 2025 fiscal year. [RELATED: Palo Alto Networks-CyberArk Combination Would Be 'Watershed Deal:' Analyst] The vendor's top channel goals for 2025 include increasing the overall percentage of company revenue that comes through the channel and improving partner profitability, according to CRN's 2025 Channel Chiefs. CyberArk has about 3,000 channel partners worldwide, according to CRN's 2025 Channel Chiefs. That's about a fifth the size of Palo Alto Networks' ecosystem. Palo Alto Networks and its ecosystem of partners are not only selling customers on a security platform approach for cost savings, but because the shared data under one vendor better prepares customers for cyberattacks, especially in an AI-dominated world. AI has taken attack times down to 25 minutes, Arora said on the call. "AI is going to act as an accelerant towards the desire to consolidate," he said. "Customers are beginning to feel the value of consolidated data-not just in security, in other areas, as you can see." A study of Palo Alto Networks customers showed generative AI traffic up more than ninefold in 2024, Arora told analysts Monday. Data security incidents related to generative AI (GenAI) have more than doubled since last year. Betting on one security vendor also makes customers more prepared as Palo Alto Networks leads competitors on product innovation, he said. "Two years ago, we didn't have a browser," he said. "A year ago, we didn't have an AI firewall. Our customers see that and said, 'Look, I know that if I commit to your platform, I will see a path to the next technology out there.' On the subject of whether global economics will hurt Palo Alto Networks, Arora said that he doesn't "see anything different in the market going forward." Company CFO Dipak Golechha told analysts on the call that Palo Alto Networks has been moving its primary manufacturing and fulfillment center to a contract manufacturing facility in Texas to take advantage of a foreign trade zone that can mitigate the impact of potential tariffs on products shipped to international customers. Palo Alto Networks is the only pure-play cybersecurity firm to assemble all of hardware in the U.S. at scale, he said, calling tariff impacts "immaterial." The value CyberArk brings to Palo Alto Networks and its network is in the identity space, Arora said on the call. He sees the identity market hitting an inflection point in the next 12 to 24 months as agentic AI grows. More than 90 percent of breaches involve stolen or mismanaged credentials, meaning that every user machine and AI agent should be considered privileged users rather than just a small set of IT administrators, he said. CyberArk reaches about 8 million privileged end users and more than 50 percent of the Fortune 500. "We believe the future in this category is going to belong to somebody who's already established a strong reputation and is a leader in identity security," Arora said. As a part of Palo Alto Networks, CyberArk will deepen privileged access management (PAM) penetration and attract a larger base of global identity and access management (IAM) users and machine identities, the CEO said. Palo Alto Networks has nearly 10 times the number of core sellers as CyberArks and a much larger, 75,000 customer base. Palo Alto Networks aims to double the value of the joint businesses over the next five years. Palo Alto Networks closed on its acquisition of Protect AI during the quarter, in July. The new purchase has helped fuel AI security conversations, Arora said. "We will be able to offer the most complete, integrated security solution of the market," Arora said. "We're building an evergreen security company that will define the industry for decades to come." Arora called enterprise browsers a "new operating system for the enterprise" and "the primary interface for AI and cloud applications," boding well for Palo Alto Networks' Prisma Access Browser. Palo Alto Networks sold more than 3 million licenses in the fourth quarter, with its cumulative seat count more than doubling on a sequential basis to more than 6 million, according to the vendor. "It will become impossible to allow employees access to non-secure browsers in the future," Arora said. "As more and more critical applications and data reside within the browser, it naturally becomes a target for cyberattacks." Prisma Access Browser "is strategically positioned to be the future OS in enabling secure and productive work in an AI-driven world," Arora added. Although Palo Alto Networks started investing in enterprise browser sales to reach virtual desktop infrastructure, mobile devices and other use cases not covered by secure access service edge (SASE), in the past six to eight months, the vendor has seen browsers leveraged for successful consumer AI agent deployment, Arora said on the call. AI vendors relying more on consumer browsers for AI agents will increase enterprises' desire to put employees on secure browsers, the CEO said. "If you believe that agentic's true future is coming through browsers in the future for the desktop, then you have to believe that the case for secure browser just became a mainstream case in the enterprise use case," he said. "It's going to become a critical part of your SASE stack." On Monday, Palo Alto Networks also revealed that Nir Zuk, its founder and chief technology officer, has retired. Lee Klarich succeeds Zuk as CTO and has joined the board of directors. Klarich will also retain the role of chief product officer. Zuk founded Palo Alto Networks in 2005 as a next-generation firewall provider. He will "turn his attention to a new set of challenges and untapped ideas he is passionate about pursuing," according to a company statement Monday. "I started Palo Alto Networks with a radical idea and the conviction to challenge a stagnant industry with a cybersecurity platform," Zuk said in a statement. "Our vision has always been to lead from the front, and our recent intent to acquire CyberArk is a testament to that enduring ambition. With the most comprehensive security portfolio today, I am confident in Nikesh's leadership and thrilled to pass the torch to Lee Klarich." Klarich joined Palo Alto Networks in 2006 and "will be responsible for driving the company's technology vision and leading the product and engineering organizations to deliver the industry's most comprehensive, integrated, and AI-powered cybersecurity platforms," according to Palo Alto Networks. On Monday's earnings call, Arora said "when you think of Palo Alto Networks, you think of Nir." "He didn't just start a company," Arora said. "He started a revolution with the next-generation firewall, forever changing the security landscape. Personally, it has been a privilege to call him a partner and a friend. The relentless competitive fire that defines our culture, that is his legacy." Palo Alto Networks saw $2.5 billion in revenue during the fourth fiscal quarter, up 16 percent year over year. The vendor's net income using Generally Accepted Accounting Principles (GAAP) was $253.8 million, down about 30 percent year over year. For the fiscal year, Palo Alto Networks saw $9.2 billion in revenue, up 15 percent year on year. GAAP net income was $1.1 billion, down about 60 percent year on year, according to the vendor. Next-generation security annual revenue rate (ARR) was $5.6 billion at the end of the quarter, up 32 percent year over year. The company added $490 million in net new NGS ARR in the fourth quarter, up 12 percent from a year ago. AI ARR was about $545 million in the quarter, up almost threefold year over year. Remaining performance obligation (RPO) was $15.8 billion, up 24 percent year over year. Arora called fourth quarter bookings growth "the highest we've seen in two-and-a-half years." The vendor ended the fiscal year with $2.3 billion in cash and cash equivalents, perhaps signaling more acquisitions on the horizon. Customers spending $5 million to $10 million in ARR were up about 50 percent year over year, according to the vendor. Customers spending $20 million-plus ARR customers were up nearly 80 percent year over year. The software firewall business saw ARR in the fourth quarter up nearly 20 percent year on year and almost double the total contract value. Product revenue grew 19 percent year over year. The software firewall market share is nearly 50 percent, according to the vendor. Services revenue grew 15 percent year over year. Subscription revenue grew 17 percent. Support revenue grew 11 percent. Network security continues to account for over 75 percent of the vendor's bookings, but more than 60 percent of network security bookings are driven by software form factors across SASE and virtual firewalls. For the last year, Palo Alto Networks displaced incumbent SASE vendors in more 70 accounts exceeding $200 million in total contract value (TCV), Arora said. SASE ARR grew 35 percent year over year, more than twice as fast as the overall market. Palo Alto Networks has more than 6,300 SASE customers. Cortex and cloud saw a combined ARR up nearly 25 percent year over year in the fourth quarter. Palo Alto Networks now has about 400 XSIAM customers, with an average ARR per customer of more than $1 million. Extended detection and response (XDR) saw deals of more than $1 million grow 30 percent year on year. Palo Alto Networks said to expect ARR of its next-generation security portfolio between $5.82 billion and $5.84 billion in the first quarter of its 2026 fiscal year, which would be 29 percent growth year over year. The vendor expects remaining performance obligation (RPO) of $15.4 billion to $15.5 billion, representing year-over-year growth of 23 percent. Total revenue should come in at $2.45 billion to $2.47 billion, which would mean 15 percent growth year on year. Palo Alto Networks continues to see hardware as a mid single digit grower in the 2026 fiscal year. For the 2026 fiscal year, Palo Alto Networks said to expect $7 billion to $7.1 billion in next-generation security ARR, up 26 percent to 27 percent year on year. The vendor did not include any impacts on revenue from CyberArk. Palo Alto Networks predicts closing the deal in the second half of its fiscal year. The vendor predicts adjusted free cash flow of 40-plus percent for the combined company by fiscal year 2028. RPO should come in between $18.6 billion and $18.7 billion, growth of 17 percent to 18 percent year on year. Total revenue should come in at about $10.5 billion, growth year on year of 14 percent. First fiscal quarter product revenue growth should be about 20 percent. That growth should come in at the low teens for the fiscal year. Palo Alto Networks' stock grew about 5 percent after market close Monday, trading at about $185 a share.

Palo Alto : PANW Corrected Transcript

Senior Vice President-Investor Relations & Strategic Finance, Palo Alto Networks, Inc. Nikesh Arora Chairman & Chief Executive Officer, Palo Alto Networks, Inc. Chief Product and Technology Officer & Director, Palo Alto Networks, Inc. Senior Vice President-Investor Relations & Strategic Finance, Palo Alto Networks, Inc. ...August 18 at 1:30 p.m. Pacific Time. With me on today's call to discuss fourth quarter results are Nikesh Arora, our Chairman and Chief Executive Officer; and Dipak Golechha, our Chief Financial Officer. Following our prepared remarks, Lee Klarich, our Chief Product Officer, will join us for the question-and-answer portion. You can find the press release and other information to supplement today's discussion on our website at investors.paloaltonetworks.com. While there, please click on the link for Quarterly Results to find the Q4 2025 supplemental information and Q4 2025 earnings presentation. During the course of today's call, we will be making forward-looking statements and projections regarding the company's business operations and financial performance, as well as the company's proposed acquisition of CyberArk. These statements made today are subject to a number of risks and uncertainties that could cause our actual results to differ from these forward-looking statements. Please review our press release and recent SEC filings for a description of these risks and uncertainties. We assume no obligation to update any forward-looking statements made in the presentation today. This presentation contains non-GAAP financial measures and key metrics relating to the company's past and expected future performance. Non-GAAP financial measures should not be considered a substitute for financial measures prepared in accordance with GAAP. The most directly comparable GAAP financial measures and reconciliations are in the press release and the appendix of investor presentation. Unless specifically noted otherwise, all results and comparisons are on a fiscal year-over-year basis. We also note that management is scheduled to participate in the Citi Global TMT Conference this quarter. Chairman & Chief Executive Officer, Palo Alto Networks, Inc. Thank you, Hamza. Good afternoon. Thank you, everyone, for joining us today for our earnings call. As you can all see, we had a strong finish to the fiscal year. We've just closed a landmark quarter, capping a year of disciplined execution and strategic acceleration. Our results this quarter are a direct reflection of a strategy we have been architecting for years, anticipating where the market is going and building the future of cybersecurity before it arrives. This is a moment of conviction, both for us and for our customers. We're proud to be the first dedicated cybersecurity company to surpass a $10 billion revenue run rate. While this milestone is significant, it is not the ultimate goal. Our focus has already shifted to - sorry, excuse me. Yeah, our focus has already shifted to leveraging the scale to define the next decade of cybersecurity. The very fabric of technology is being rewoven by AI, creating a vast, new and complex attack surface. In this new era, security is no longer a bolt on. It is a foundational enabler of transformational success. The record-breaking number of platformization deals this quarter demonstrates that customers are not just buying products, they are buying into a strategic partnership. We believe that integrated best-of-breed platforms deliver superior security outcomes, and our customers are validating this conviction by making larger, more strategic commitments with us than ever before. During Q4, many of the deals our teams had been working on during our fiscal year came to fruition. We saw robust activity across the board. In Q4, our bookings growth turned the corner and was the highest we've seen in 2.5 years. This growth is driven by deals across our platforms and also as a result of strong renewals and upsells across our existing portfolio. The robust booking growth was coupled with strong Next-Generation Security ARR and revenue performance. This, coupled with prudent financial management, allowed us to exceed our full year guidance metrics across the board. RPO grew 24% year-over-year in Q4, an acceleration versus the prior year. It is early days, but we see the quality of revenue, ARR and retention is consistently higher across our platform customers. This bodes well for our longterm targets of Palo Alto Networks' platform business. Next-Generation Security ARR grew 32% and net new ARR for the quarter was also up double digits year-on-year. We had strong contributions across our portfolio, particularly SASE, XSIAM and software firewalls. Our investment in software firewalls and SASE are bearing fruit. As our customers end up in a hybrid compute environment across multiple clouds, we expect to continue to see strength in our software firewall business. These offerings, each with very large TAMs, continue to gain momentum and reinforce our conviction in achieving $15 billion in Next-Generation Security ARR by FY 2030 on a standalone basis. This top line growth, coupled with scale effects and our prudent financial management, has allowed us once again to expand our operating margin. Additionally, continued deft management of our deferred payments plan portfolio has allowed us to deliver 38%-plus free cash flow margins for the third consecutive year. Not just that, we now believe that structurally, we have visibility to go even higher on our free cash flow margins, more from Dipak on this later. Demand for cybersecurity remains strong. Our customers are looking to us to help them secure their cloud and AI transformation journeys. We continue to see GenAI conversations as it becomes imperative for our customers to deploy productivity tools, coding tools or revamp their customer systems to enable natural language conversations. All these use cases for AI need to be protected, no pun intended. Our timely acquisition of Protect AI, which we completed this quarter, coupled with our native abilities around our AI firewalls are driving conversations across many platform customers and prospects around securing the AI infrastructure. Adoption of GenAI is happening faster than any previous technology trend. Recent internal study amongst our customers showed GenAI traffic is up over 890% in 2024. Following this, data security incidents related to GenAI more than doubled since last year. With this rapid adoption of AI comes a new and complex attack surface. That's why, in early Q4, we introduced Prisma AIRS, industry's most comprehensive AI security platform. AIRS is a unified platform that empowers organizations to deploy AI bravely by providing end-to-end security across every AI app, agent, model and data set. It closes critical blind spots and secures AI deployments everywhere, ensuring confidence and compliance. But securing the AI you build is only half of the equation. The other equally critical side is securing how employees use third-party AI. Our AI Access solutions provides the deep visibility and granular control needed for the safe adoption of those services. We are unique in providing a strategy for both sides of the AI landscape, each with integrated DLP controls to protect our customers' most sensitive data. This complete vision is resonating, and we have a strong combined pipeline for AI security offerings. The chart you see here tells a powerful story. It's not just a graph of numbers going up. It's a visual representation of our customers' growing conviction in our strategy. The question is why is this happening? It's because we made a promise to our customers that when they partner with us, they are investing in platforms that are constantly evolving, and we are going to stay ahead of the threat landscape. Time and again, you've seen the future first. You saw it with the tectonic shift to the next-generation firewall, which we pioneered 17 (sic) [7] years ago. You saw it with the move to the cloud and with the rise of SASE, where we're now the clear leader. You saw the inevitable shift from reactive SIEM to proactive AI-powered SOCs, as well as in XSIAM, a platform that is now our fastest growing offering ever. And you saw the market's ultimate shift towards the word we define platformization, integrated platforms that deliver superior security outcomes, a framework our peers once again are now rushing to imitate. We continue to evolve our platforms, and this quarter was no exception. In our network security platform, we announced PAN-OS 12.1 Orion, which includes new appliances designed to provide an easy path to quantum readiness and multi-cloud security. We are anticipating threats of tomorrow, so our customers don't have to. This commitment to future proofing their investment is why we are seeing robust interest in integrated subscriptions like CASB and DLP. Building on the launch of Cortex Cloud in Q3, we delivered powerful new capabilities like Application Security Posture Management, or ASPM, helping to redefine application security to meet the demands of the AI era. Natively built into our Cortex Cloud platform, ASPM provides a single source of truth, correlating data from our native scanners and third-party tools to secure the entire AI development life cycle. This allows our customers to break down the silos between their teams and focus on remediating the critical vulnerabilities that truly matter. And our XSIAM platform continues to expand beyond its core wartime mission with new peacetime modules like Exposure Management that proactively identify and fix security gaps before an attack can ever happen. That confidence is translating directly into platformization traction you see here. These platformizations are driving superior financial outcomes for us and better security outcomes for our customers. In Q4, our net retention rate amongst platform customers was an impressive 120% with nearly zero churn. This is the ultimate proof of the value we deliver and the deep strategic partnerships we are building. As we aim to more than double the number of platformization in the next five years, we believe our foundation for sustainable growth becomes stronger. This underpins our confidence in achieving $15 billion of NGS ARR on a standalone basis by FY 2030. The clear validation of our strategy is in the landmark deals we're signing. These are not product sales. These are deep partnerships with the world's leading organizations to transform the security posture. We had one of our strongest large deals quarters ever. Customers with over $5 million and $10 million in ARR were up approximately 50% year-over-year and $20-million-plus ARR customers were up nearly 80% year-over-year. These types of large multi-platform deals hardly existed a few years ago and showcase our customers' growing commitment to us. Let's look at a few examples. Leading global consulting firm signed a deal for over $100 million in Q4 on Cloud Security and SASE, including a purchase of our new AI Access Security product. The customer lacked identity entitlement controls over AI and cloud environments and also required a comprehensive secure access offerings that could scale globally across its employees, contractors and clients. Our deep relationship with that company's C-suite were also critical to landing a deal of this size. With this deal, this customer is now fully platformized and provides us an ARR of $50 million. Next, a leading European bank signed a $60-plus million deal. This customer is going through a significant digital transformation and adopted XSIAM with multiple goals in mind, to address an expanding attack surface, while simplifying their security stack and keeping costs under control. Platformization was a competitive edge as part of this deal, and we have become a true security partner as now they have three platforms with us. Finally, a leading US insurance company purchased $33 million across NetSec, SASE, SecOps, and Cloud Security. This customer needed to improve their security posture, level up their SOC analysts and drive further automation to reach their goals of 15-minute mean time to contain. This involved using AI. machine learning to assist their analyst teams, while also reducing their false positives. In addition to their existing Palo Alto Networks spend, this customer has now platformized on network security, cloud, and security operations.