Signage with logo at the Silicon Valley headquarters of computer security and firewall company Palo … [+]
Ask any CIO about organizational priorities, and you’ll get an earful about cybersecurity. Digital transformation, after all, begins and ends with an enterprise’s data. So the first job of every IT organization is to protect that data, keeping it uncontaminated for the workloads that rely on the data to drive the business forward.
It’s no surprise that cybersecurity is perhaps the most resilient segment of the overall enterprise IT market. While overall IT infrastructure spending is down in the current environment, with even public cloud providers forecasting a near-term growth slowdown, the cybersecurity industry continues to bloom.
The most recent projections from Canalys show that the cybersecurity market is expected to grow by 13.2% in 2023, with total spending of up to $223.8B worldwide. Cybersecurity products make up $79.5B and are expected to grow by 13% this year.
Palo Alto Networks benefits from the overall growth of the market. The company is the most successful cybersecurity vendor globally, owning nearly 9% of the market and delivering products to over 70,000 customers worldwide. Delve into the segments it most strongly plays, such as network security, and you’ll find that Palo Alto Networks is the most dominant player.
This success is reflected in Palo Alto Networks’ most recent earnings announcement, where it beat both top and bottom-line estimates. The company reported top-line revenue growth for the quarter of $1.7B, growing 26% year-on-year. At the same time, profit was $377M, up 81%. Beyond its strong performance, the company is demonstrating strong momentum in critical sub-segments of its market. As a result, there’s continued growth on the horizon.
Today’s enterprise IT infrastructure is a complicated blend of on-prem, public cloud, and as-a-service offerings. Add to that the growing push to the edge, where AI-driven analytics can deliver insights and faster time-to-value for data. The complexity – and the attack surface for cybercrime – increases dramatically.
Palo Alto Networks began in 2005 as a network security company, introducing one of the industry’s first stateful inspection network firewalls to the market. The company has continued since to expand with a blend of organic growth and purposeful acquisition. Palo Alto Networks successfully acquired ten companies in the past five years, growing its capabilities in line with the IT infrastructure trends.
Network security is Palo Alto’s core strength. It’s business that the company has always been in and where it’s never taken its eye off the ball. Palo Alto delivers its network next-generation firewall products under its Strata brand, encompassing a broad mix of hardware- and software-based solutions.
The roots of Palo Alto Networks show in the company’s range of more than ten different firewall appliance offerings. These products target nearly every segment of IT networking, including the industrial edge.
As IT infrastructure becomes more virtual and software-defined, so do Palo Alto’s network security offerings. The company’s line-up includes the CN-series firewall to protect the unique needs of cloud-native containerized workloads, the VM-series software firewall for virtualized environments, and its Cloud NGFW for cloud environments.
The rise of the cloud as a critical component of enterprise IT infrastructure has forced a different model on cybersecurity vendors. It’s simply impossible to place a hardware device inside most CSPs, or to even get too close to the core networking capabilities shared between multiple cloud customers.
Cybersecurity for cloud and cloud-native applications go well beyond network security concerns. There are compliance and governance issues. The software supply chain for cloud-native applications and deployments is riskier than traditional models. Container frameworks implement new networking and network segmentation models. APIs need protection. The list goes on and on. This is a complicated problem. Prisma Cloud is Palo Alto’s solution to these challenges.
Prisma Cloud is Palo Alto’s platform to secure nearly everything an enterprise runs in the public cloud. However, Prisma Cloud goes well beyond simple network security. The offering is architected for cloud-native and integrates directly into developer workflows to identify vulnerabilities before they make it to a production environment.
This shouldn’t be understated. Securing the software supply chain is fundamental to cloud-native deployments. Applications delivered by IT teams are often a blend of in-house code and third-party libraries, all built with open-source tooling. This leads to countless opportunities for vulnerabilities to arise, both intentional and accidental.
At the recent Barclays Global Technology, Media, and Telecommunications Conference, Palo Alto CEO Nikesh Arora said he expects Prisma Cloud to evolve into a $1B/year business over the next 12 to 18 months. That’s a strong statement, but one I believe. The recent Bridgecrew and Cider Security acquisitions give Palo Alto Networks an enviable amount of intellectual property to address this problem. As a result, the company is far ahead of its competitors in this space.
Prisma Cloud is the largest cloud security solution on the market. Palo Alto Networks says its Prisma offering is growing at 48% year-on-year. Within the Global 2000, Prisma is growing at more than 39% year-on-year. The market continues to expand with enterprise cloud adoption.
Securing a diverse multi-cloud infrastructure requires blending data and alerts from multiple disparate solutions to deliver a unified set of recommendations to an IT administrator. This is the function of the Security Operations Center (SOC), a market growing at an estimated 15% year-on-year. Palo Alto Networks addresses this market with its Cortex line of offerings.
The job of SOC is to detect and respond to threats. It involves prioritizing alerts from activity security monitoring functions to help IT security staff investigate and respond before the threat becomes a real problem.
Cortex XDR is Palo Alto’s core offering in this space. Cortex XDR integrates and normalizes all data, delivering AI-fueled analytics. This includes collating and analyzing data from endpoints, the network, the cloud, and identity services, among other sources.
Going further, Cortex XPANSE provides complete visibility of all connected assets. Combining XPANSE with XDR yields a complete enterprise view for cybersecurity personnel. Cortex XSOAR expands on this to enable end-to-end workload automation for DevSecOps teams.
This is an exciting part of Palo Alto’s story and is fueling significant growth. According to Palo Alto Networks, Cortex has achieved of $400M in annual recurring revenue, growing at 80% year-on-year. In addition, cortex XDR has an impressive 168% CAGR, while Cortex XPANSE is growing 57% year-on-year.
Competitively, Palo Alto Networks is most challenged by Fortinet, Cisco, and Checkpoint in the network security space. According to Canalys, Fortinet and Palo Alto each have above 20% market share in this space.
Palo Alto Networks, under the leadership of CEO and Chairman Nikesh Arora, is placing strong bets that are starting to pay off. Palo Alto has evolved its network security offerings into a blend of hardware- and software-driven solutions that directly address the unique needs of multi-cloud network security.
The company’s relentless focus on securing cloud-native technologies during the development cycle and in production is perhaps the most exciting set of security innovations I’ve seen in a long time. In addition, its emerging focus on SOC and endpoint security promises an upside to come.
Cybersecurity is the number one concern for most CIOs and enterprise IT teams, naturally leading to a crowded market — companies like Fortinet, Cisco, and Check Point challenge Palo Alto Networks in the network security space. Palo Alto is the challenger in other markets, such as endpoint security, taking on companies like CrowdStrike and Trend Micro. Vulnerability and security analytics is a market where Palo Alto is a challenger to Splunk and IBM.
Despite the competitive challenges, Palo Alto Networks is delivering a strategy that will extend its reach beyond its network security roots. Its comprehensive products set the company up for success as the industry looks to consolidate cybersecurity functions. In addition, it has some of the best available technology to address high-growth and emergent markets, such as SASE, SOC, and software firewalls.
Palo Alto Networks is a company that executes with precision, and that execution is paying off. The most recent earnings show that the market responds to Palo Alto’s approach. This is a company poised for continued growth.
Disclosure: Steve McDowell is an industry analyst who engages in, or has engaged in, research, analysis, and advisory services with many technology companies, which may include those mentioned in this article. Mr. McDowell does not hold any equity positions with any company mentioned in this article.