Clay Bilby: All right. Our next question from Saket Kalia of Barclays followed by Joe Gallo. Go ahead, Saket.
Saket Kalia: Okay. Great. Hey, guys. Thanks for fitting me in. Numbers speak for themselves, Nikesh. Maybe a question for you. A lot of excitement around XSIAM. Some interesting wins you called out as well in your AI section. But maybe a strategic question for you. As you think ahead, maybe the next couple of years for XSIAM, how do you think that, that will have started to disrupt the SIM market, either from a tech or a pricing perspective? And maybe just to flip that on its head a little bit, is it possible that tools like XSIAM maybe help expand the SIM market?
Nikesh Arora: So I think, Saket, the SIM market doesn’t have a pricing problem. It has a value problem. I spend a lot of money. I don’t get enough value. And if you ask some of the customers out there, how do they use the SIM, SIM is used post-breach or post-event to figure out what happened. A SIM is not doing on-the-fly real-time blocking. So when SolarWinds happens, Log4j happens, you can go to your SIM and look at where it happened and figure out and trace it back and try and block the whole. What it won’t do for you is stop it mid-flight. And that’s a paradigm shift as far as security is concerned. The only way you can do that and stop it mid-flight is analyzing data as it’s being created. So to us, the reason we call XSIAM not SIM is here’s our words.
We watch the data in flow. We watch it coming from the endpoint. We cross correlate mid-flight with firewall data. We go and triage it. We automate some of the alert, some of the noise away. And we’re looking at like real incidents between triage already, which are not being put in some large data lake and then running query language against to see how do I solve the problem. They’re already doing it in the back end. Now of course, with the availability of new LLMs that are out there, which you all I’m sure have been talking about and dealing with in their free time, they do a lot more useful things than write poetry for your wife. They can actually analyze data to tell you what is anomalous and what is off pattern. And if you can figure that out, then what do you have to do?
You have to go ahead and remediate it. How do you remediate it? You got to be a firewall to remediate a network. You’ve got to be an endpoint to remediate the endpoint. You got to be Prisma Cloud, remediate it in the cloud. So I think what XSIAM is going to do is going to bring real-time capability in the SOC, or real-time capability in security. It’s early days. Again, I’m going to say €“ keep repeating, reputation doesn’t spoil the prayer, don’t get ahead of itself, but this is where we’re heading. And if you can picture chat ChatGPT 10 years from now, picture AI and security 10 years from now. You will not have humans trying to analyze because it’d be too hard for humans to analyze petabytes of data. Already, the data in an organization is too much for a security analyst to analyze.
Clay Bilby: All right. Great. Next question from Joe Gallo of Jefferies, followed by Ben Bollin of Cleveland. Go ahead, Joe.
Joe Gallo: Hey, guys. Thanks for the question. Can you just comment on the execution in cloud security despite the backdrop of hyperscaler growth moderation? And then maybe more importantly, where customers are in the journey to cloud security consolidation? It still feels like the Wild West of a lot of disparate products in that category. When does that market merge, which I’d imagine benefits to? Thanks.
Nikesh Arora: Thanks, Joe. So two quick answers. One, we’re still the largest player with north of 2,000 customers in cloud security. I don’t know, if you explicitly called it out, but our largest cloud security was $40 million this past quarter. I don’t know any other vendor in the cloud security space who’s doing half of that in a quarter in one deal. So yes, there are many small players out there, but we’ve seen a bit of churn in the market where some small players have kind of been acquired and gone. Does that mean we’ll be the only player? No, there’ll be other players in the medium term, but we feel comfortable that there are people who are consolidating. It feels like the Wild West because customers are still not fully in the full cloud security platform mold.
So they’ve not fully embraced the need to have all these things connected, but I think it’s a matter of time and a matter of demonstration that it’s going to happen. In terms of your question around where we are, and we talked about that in the prepared remarks around hyperscalers. Remember, the cloud security market is a few billion dollars. The hyperscalable market hundreds of billions of dollars. Now the difference is when you commit to a hyperscaler, you commit that you’re going to move, you’re going to transition, you spend a lot of money. And a lot of that stuff sits in deferred revenue because they are not fully deployed, or customers haven’t fully consumed. Cloud security applies to stuff that you consume, right? Like, if you haven’t consumed it, or you aren’t ready to consume it, they’re not going to be buying cloud security.
So I think we have a little bit of a gap in terms of when people commit to when they deploy it, to when they take cloud security. I just think the €“ that stuff can slow down for a while, but it’s still got €“ there’s a lot of headroom for us to get from where we are. Even, if we got to all the customers who are in deployment or are deployed, I think we should see a steady continued growth for Prisma Cloud. So the market demand, to me, is not where the challenge is. The challenge for us or the opportunity is to go convince as many customers as we can that this is a platform play. You have to consolidate across multiple modules. You have to have stuff talk to each other on a constant basis, otherwise, you end up in the same situation as you were in enterprise security many –.
Clay Bilby: Our last question today is from Ben Bollin of Cleveland Research. Go ahead, Ben.
