We’re seeing that network security is beginning to evolve from a hardware-only market to effectively a faster-growing software part of the network security market. Not just that, what we’re also seeing is things like SD-WAN, which are part of the networking TAM are now moving into cybersecurity because people want an integrated solution as a SASE solution between SD-WAN and your security protocol. So it’s interesting. There are markets going — undergoing inflection like network security. The market of endpoint has gone through a huge inflection in the last five years. We’ve seen people go from endpoint protection to EDR and XDR. We’ve seen an explosion, there are about 14 vendors at last count in the EDR XDR space, but you can see clear leaders emerging, which are down to two or three players in that space.
And there’s a huge inflection going on there. We think not just there. You’re going to see a large inflection in effectively what is a 15-year-old market called SIEM and SOC. That market has been — a technology that has not been evolved for the last 15 years. It’s primarily been a reactive technology where if I am breached, I need to figure out what to do, and we collect a lot of data and analyze it. That’s no longer going to work, the arrival of AI, they have the need for automation, the need for normalized data, actually going to force that market to inflect. And that’s something we’ll talk about more. And you saw already in our Q4 results at something like XSIAM, which is targeted to that market, is where the real opportunity is for that inflection to continue, for that market to go through its own transformation.
Outside of that, there are still about $30-plus billion in sort of steady cybersecurity segments as well as about $80 million of services, which we think will also continue to evolve in the next three to five years. So with that in mind, I think it’s important to think about where we were when we thought about the transformation of Palo Alto Networks five years ago, where we said, cloud is going to be big, AI is going to be big, and the networks are going to have to start getting reimagined as we go towards the cloud. So effectively, cloud was going to drive the cloud security market and the network transformation and AI and machine learning would have to start helping us do this transformation in the SIEM and SOC market. Now what we saw over the last three to five years is, we at Palo Alto Networks as well as, to some degree, different plays in the industry, started to look at the various parts of these markets and say, like, these things need to start getting integrated because you can’t deliver great security outcomes without these things getting integrated.
So this is the thing. We talked about this. We were told that market does not need platforms. We were told that integration is not key. Customers can deal with the integration. What we want is best-of-breed products. So we decided we’re going to do both. We’re going to have phenomenal success in best-of-breed categories. In addition, we’re going to make sure our best-of-breed products were integrated. So in these three TAMs, in these three markets of network, cloud and SOC operation, what happened is we saw these point products, we started to get integrated into the larger platform vision we had, and we saw the TAM continue to grow because these are all markets which are undergoing transformation or rapid growth. Now where we are today, we believe this is about a $100 billion opportunity across these three platforms.
So for us, the opportunity has grown. It’s almost gone up 2x from five years ago where we believe it’s a $100 billion market today, which allows us to deliver the superior growth you’ve seen and the continued consolidation in the market that we’ve had at Palo Alto Networks. What’s even more exciting within these markets will continue to drive future growth. And you will see that because of the arrival of AI, the need for more real-time autonomous security, these markets will continue to drive opportunity. In the same period over the last five years, as I said, we have been able to transform Palo Alto Networks to get it to where it is today. A, we actually proved that platforms are relevant and important in the space of cybersecurity. Just imagine, it seems obvious now, possibly to many of us, but five years ago, we had customers who had more cybersecurity vendors than they had IT vendors.
And it was a customer’s responsibility to take these vendors, deploy them across their infrastructure, make them work together to deliver security outcomes. You’re expecting 2,000 customers out there in the Global 2000 or possibly tens of thousands of customers having security experts trying to stitch together products made by fast growth cybersecurity companies, which are deeply technical and trying to figure out how to correlate what one vendor saw or one set of vendors is telling you versus another. It just seemed like a problem that could not be solved. But over the last five years, you’ve seen that starting to stitch these together, starting to take this disparate solutions for security, trying to provide them in a common fabric has actually allowed us to deliver better security outcomes And we’ve proven that by doing that in a way, they are — each of those pieces work in a best-of-breed fashion are leading in their own category.
However, they’re kind of better together in the platform. So the last three years — the last five years, as we just shared in our Q4 results, we have been able to build a $1 billion business in security operations under Cortex, which was 0. We have been able to build a $1 billion SASE business in the last 12 months to be able to show that integration across this remote and hybrid network space is actually working. Not only that, we actually built a $500 million ARR cloud security business, proving that, again, the ability to stitch across the entire cloud development life cycle is useful for our customers. So we think that we’ve established that these platforms are going to be around are important and necessary, and that is the way of doing security in the future.