Palo Alto Networks, Inc. (PANW) Earnings
Palo Alto Networks, Inc. is expected to report next earnings on August 17, 2026 (in NaN days), with a consensus EPS estimate of $0.96. PANW has beaten EPS estimates in 8 of its last 12 reported quarters (average surprise +7.1% over the last four).
| Report date | EPS est | EPS actual | Surprise | Revenue | Rev. surprise |
|---|---|---|---|---|---|
| Jun 2, 2026 | $0.79 | $0.85 | +7.2% | $3.0B | +2.0% |
| Feb 17, 2026 | $0.94 | $1.03 | +9.7% | $2.6B | +0.4% |
| Nov 19, 2025 | $0.89 | $0.93 | +4.4% | $2.5B | +0.5% |
| Aug 18, 2025 | $0.89 | $0.95 | +7.3% | $2.5B | +1.4% |
| May 20, 2025 | $0.77 | $0.80 | +3.6% | $2.3B | +0.4% |
| Feb 13, 2025 | $0.78 | $0.81 | +4.0% | $2.3B | +0.7% |
| Nov 20, 2024 | $1.48 | $0.78 | -47.3% | $2.1B | +0.9% |
| Aug 19, 2024 | $1.41 | $0.75 | -46.8% | $2.2B | +1.3% |
| May 20, 2024 | $1.27 | $0.66 | -48.0% | $2.0B | +0.6% |
| Feb 20, 2024 | $1.30 | $0.73 | -43.8% | $2.0B | +0.2% |
| Nov 15, 2023 | $0.58 | $0.69 | +19.0% | $1.9B | +1.9% |
| Aug 18, 2023 | $0.64 | $0.72 | +12.5% | $2.0B | -0.2% |
Source: company filings + earnings calendar. For informational purposes only — not investment advice.
Earnings call summary
Q3 FY2026 · June 2, 2026
AI summary of management’s prepared remarks and analyst Q&A. For informational purposes only — not investment advice.
Management highlights
- AI Paradigm Shift in Cybersecurity • The emergence of autonomous frontier AI models like Mythos has created a fundamental industry shift: adversaries can now execute full attack campaigns in minutes, down from months of manual work, creating unsustainable latency gaps for traditional enterprise defenses that require days to identify breaches • Palo Alto Networks leverages early access to leading frontier AI models to complete years of equivalent pen testing in under 3 weeks, and has launched Unit 42 Frontier AI Defense to help customers fortify against AI-driven attacks, drawing strong market interest with over 1,200 customers requesting engagement • General standalone AI models face two critical structural flaws for cybersecurity: 25% false positive rates that force manual intervention, and consistent failure at complex last-mile remediation; only a unified platform with broad in-line sensor data can deliver the high-fidelity context needed for reliable AI defense - Platformization Strategy Progress • The company secured 110 net new platformized customers in Q3, bringing the total to ~2,280 platformized customers; platformized customers deliver 120% net retention and single-digit churn, with the company on track to surpass 4,000 platformizations by fiscal 2030, supporting its long-term target of $20 billion in NGS ARR • Palo Alto Networks operates 125 million global sensors across network, endpoint and cloud environments, ingesting 17 petabytes of daily telemetry to fuel a scale flywheel: more sensors improve platform intelligence, driving more deployments and stronger real-time protection - Recent Acquisition Integration Milestones • CyberArk integration is 3-6 months ahead of the original timeline: over 1,000 cross-organization go-to-market engagements have been initiated, the business has maintained its growth trajectory, and profitability convergence with Palo Alto Networks is expected within 12-18 months • The recently launched Idira next-generation identity platform addresses the new threat of agentic AI, extending privileged access control to all identities including human, machine, and autonomous software agents • Chronosphere has outperformed expectations, with 2 of the top 5 global frontier AI labs adopting its observability platform, which scales to handle the massive telemetry growth from AI workloads at half the cost of incumbent alternatives • The Koi acquisition for agentic endpoint security has already generated interest from over 150 customers, addressing the new endpoint ecosystem created by proliferating AI coding tools and autonomous agents - Financial Operational Highlights • Adjusted trailing 12-month free cash flow hit $4.08 billion, representing a 38.5% margin, a 430 basis point improvement year-over-year; the company remains on track to reach a 40% free cash flow margin by fiscal 2028 • $1 billion in shares were repurchased in Q3 at an average price of $147.69, with $1 billion of remaining repurchase authorization outstanding
Guidance
All guidance reflects upward revision driven by stronger-than-expected Q3 performance, accelerated organic bookings growth, and better-than-planned acquisition integration: • Fiscal Q4 2026: NGS ARR expected to reach $8.9 billion to $8.95 billion (59% to 60% year-over-year growth); RPO expected to reach $20.9 billion to $21 billion (32% to 33% year-over-year growth); revenue expected to reach $3.345 billion to $3.355 billion (32% year-over-year growth); non-GAAP diluted EPS expected in the range of $0.96 to $0.98 • Full Fiscal 2026: NGS ARR expected 59% to 60% year-over-year growth; RPO expected 32% to 33% year-over-year growth; revenue expected to reach $11.415 billion to $11.425 billion (24% year-over-year growth); non-GAAP operating margin expected 28.9% to 29.2%; non-GAAP diluted EPS expected $3.77 to $3.79; adjusted free cash flow margin expected 37.5% • Going forward, the company will shift to consolidated total company guidance, and will introduce segment-level revenue disclosures for network security, Cortex, and identity starting in fiscal 2027, aligned with its post-acquisition platform strategy
Segment performance
1. Network Security: Palo Alto Networks' largest product segment, accounting for approximately 70% of total revenue. Next-generation firewall bookings grew nearly 40% year-over-year, marking the strongest hardware performance in a decade. SASE ARR reached $1.6 billion, growing 40% year-over-year. Software firewall ARR rose 25% year-over-year. Hardware as a category accounts for ~10% of total revenue. 2. Prisma AIRS: The company's fastest-growing product in its history, reaching over 300 customers in Q3 2026, up from 100 at the end of Q2. It is on track to hit $100 million in ARR within the next couple of quarters, just one year after market launch. 3. Cortex XSIAM: Ended Q3 with more than $600 million in ARR, representing 100% year-over-year growth, across a customer base of 740 organizations. 4. Observability (Chronosphere): ARR surpassed $300 million in Q3, nearly doubling since the acquisition announcement in autumn 2025. 5. Identity Security (CyberArk): Contributed $1.63 billion in total NGS ARR alongside Chronosphere in Q3. The business sustained its growth trajectory post-close while profitability improvement is ahead of schedule. Overall company total next-generation security (NGS) ARR was $8.13 billion, up 60% year-over-year; organic NGS ARR (excluding CyberArk and Chronosphere) was $6.5 billion, up 28% year-over-year. Total remaining performance obligation (RPO) hit $18.4 billion, up 36% year-over-year; organic RPO was up 22% year-over-year. Total quarterly revenue was $3 billion, growing 31% year-over-year.
Risks & headwinds
• Rising component costs for memory and storage are being monitored, though hardware now only accounts for 10% of total revenue (down from 20% in FY21), reducing exposure; the 10% hardware price increase implemented in April 2026 is reflected in current guidance, and the company is evaluating alternative suppliers and additional pricing actions to mitigate impacts • Agentic AI-driven attacks are advancing faster than traditional enterprise defenses can adapt, creating growing risk of devastating breaches for organizations that do not update their cybersecurity architecture • Probabilistic AI models inherently carry inaccuracy risk; even a single incorrect enforcement decision can disable global production networks, requiring rigorous testing and deterministic validation to mitigate • Integration of large acquisitions carries execution risk; Palo Alto Networks is prioritizing gradual, careful integration of CyberArk to avoid disrupting core revenue while driving profitability improvements
Analyst Q&A
Q: How much is AI data center demand contributing to the strong network security growth, and how are non-AI customers adjusting their network security needs as AI traffic grows? /
A: General AI adoption has created a broad, multiyear tailwind for network security: all AI workloads generate more traffic that requires real-time inspection, and hardware is the lowest-cost, highest-throughput way to deliver this inspection. Demand for next-generation firewalls has increased roughly 50% across the industry from AI-driven data center builds by hyperscalers, frontier AI labs, and new sovereign infrastructure providers, and this growth trend is expected to continue for multiple quarters, if not years.
Q: How are customers evaluating Prisma AIRS's speed and threat detection advantages after the emergence of new frontier AI models like Mythos? /
A: Prisma AIRS provides end-to-end AI security, spanning pre-deployment model scanning and red teaming through real-time runtime threat prevention. All threat data from Prisma AIRS feeds directly into XSIAM, which can ingest massive volumes of sensor data, process it in real time with AI, and automate response. This allows Palo Alto Networks to deliver mean time to remediation in minutes, compared to the days-long response times of legacy security architectures, which is a critical capability against AI-driven attacks that can compromise environments in tens of minutes. This proven speed advantage is a very powerful selling point for customers.
Q: How are observability and security converging, and how does this position Palo Alto Networks against pure-play observability competitors? /
A: Palo Alto Networks first prioritizes building best-in-class independent capabilities for both observability (via Chronosphere) and security (via XSIAM), because attempts to expand from one category to the other often fail when the underlying capability is not competitive. Over time, telemetry collected for observability will be leveraged as additional sensor data for XSIAM security analytics, and security data will provide broader context for observability use cases, creating cross-pollination value. The shared AgentiX AI automation foundation will also enable deeper integration across both platforms, starting with Cortex and expanding to Chronosphere.
Q: Why has agentic endpoint security reemerged as a growth area, and what progress has the company seen with the Koi acquisition? /
A: Endpoint security had not seen major fundamental change for years, but the rapid proliferation of agentic AI tools such as AI coding platforms has created an entirely new endpoint ecosystem, with extensive supporting scripts, hooks, and third-party services running alongside core AI applications. This requires specialized security functionality that cannot be delivered via simple incremental updates to existing endpoint tools. Palo Alto Networks identified Koi's unique capabilities in this emerging space and acquired the company; the recent emergence of frontier AI models has significantly increased customer interest, as organizations recognize that securing agentic endpoints is critical to safe AI adoption, with over 150 customers already expressing interest.