BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

Palo Alto Networks Is Putting AI To Work To Help Fight Cyberattacks

Following
This article is more than 4 years old.

Getty

Hackers are increasingly automating their attacks, enabling them to exploit vulnerabilities more quickly. Cybersecurity software vendors are responding by turning to machine learning technology, a subset of artificial intelligence (AI), to try to stay one step ahead of the bad guys.

Palo Alto Networks (PANW) uses machine learning to help identify variations of known threats and patterns in attacks in order to predict the next stages of an attack, then automatically create and implement protections for customers in near real-time.

With more than 60,000 customers, Palo Alto is one of the cybersecurity giants. For fiscal 2019 (ending July), Wall Street expects the company’s revenue to advance 26% to $2.87 billion. That strong growth rate suggests Palo Alto continues to take market share from legacy competitors. As a comparison, the 2019 consensus revenue estimate for Check Point Software of $1.99 billion indicates growth of just 4%.

While best known for its next-generation firewall, Palo Alto has been making steady progress with a number of add-on offerings, including those sold as standalone subscriptions (not attached to a hardware sale)—including AutoFocus for threat intelligence, Traps for endpoint protection and Aperture, a SaaS-based cloud access security broker (CASB). The company’s non-attached subscriptions have achieved total run-rate billings of $383 million, up 60% year over year.

To stay ahead of the competition, Palo Alto has been expanding its product and services portfolio, with management successfully complementing internal R&D efforts with a smart M&A strategy, spending more than $1.2 billion over the past two years on a series of acquisitions, the largest of which was the March 2019 purchase of Demisto—a provider of security orchestration, automation and response (SOAR) solutions—for $560 million in cash and stock.

With the SOAR market still in its early stages, it was wise for Palo Alto to make a strategic move at this point when the technology is still gaining utility and relevance. SOAR technology is becoming critically important because it provides automated operational responses to security threats, making sure humans don’t miss anything important. Demisto brought with it more than 150 customers (including 25% of the Fortune 500) across multiple verticals.

One big problem in enterprise security at the moment: too many alerts. Security operations teams are getting overwhelmed by trying to keep up with all of the notifications, many of which turn out to be false.

Demisto’s automated playbooks, built on various methods of exploitation, have helped reduce alerts that require human review by as much as 95%, allowing security teams to focus on more complex threats. Demisto’s technology brings Palo Alto closer to using AI and machine learning to further automate significant parts of customers’ security operations.

Security In The Cloud

With cloud security getting all of the attention these days, it’s important to point out that Palo Alto is making significant progress in the space. The company now has nearly 8,000 customers that have purchased cloud solutions.

Magnifier, Palo Alto’s new cloud-based behavioral analytics application, applies machine learning at scale to network, endpoint and cloud data. The goal is to quickly find and stop targeted attacks, insider abuse and compromised endpoints. Magnifier came from Palo Alto’s $105-million acquisition in early 2017 of LightCyber, an early leader in using machine learning technology to accurately identify attacks based on behavioral anomalies inside the network.

In March 2018, Palo Alto Networks paid $300 million in cash to purchase privately held Evident, a leader in public cloud services infrastructure protection. Evident technology lets public cloud participants make sure their deployments are secure via continuous monitoring, with configurations of all services and account settings measured against strict compliance controls. Security risks across public cloud deployments are quickly identified and assessed.

Palo Alto’s $173-million acquisition of RedLock last October provided a boost to the company’s cloud presence. With RedLock technology, users can detect cloud vulnerabilities and monitor cloud traffic for suspicious user activity.

Stifel recently made a good point when it said Palo Alto has essentially done a 180-degree turn by moving firmly away from a core focus on prevention to one centered around improved response and security outcomes. In late February, Palo Alto debuted Cortex, an AI-based continuous security platform that’s designed to simplify security operations and improve response times.

Cortex is deployed on a global, scalable public cloud platform, enabling security teams to speed the analysis of massive data sets. On the platform, Cortex XDR, a detection and response solution, integrates data from the network, cloud and endpoints. The new offering was launched in conjunction with Traps 6.0, which uses a behavioral threat prevention engine to stop attacks in real-time.

Healthy Financials

In FQ2 (ended January), Palo Alto’s total revenue rose 30% to $711.2 million (coming in above the consensus estimate of $682.1 million), driven in part by subscription revenue (35% of total revenue) advancing 36%, which was only a slight deceleration from the FQ1 growth rate of 37%.

Product revenue of $271.6 million was up 32%, acceleration from growth of 30% in the previous quarter and 26% in Q4 of FY’18. Billings of $852.5 million rose 27%, consistent with the FQ1 growth rate.

Palo Alto in FQ2 delivered a strong performance across all geographies, with the EMEA region showing growth acceleration to 38% from 35% in FQ1. Gross margin held steady at 76.3% compared to the year-ago level, while operating margin was up 250 basis points to 24.6%. The company added 3,500 new customers in the quarter. Among Palo Alto’s top 25 customers (all of which were buyers in FQ2), the minimum spend was $35.6 million, up 39% year over year.

With the current fiscal year nearly in the books, investors are now turning their attention to FY’20. The consensus revenue estimate for next year of $3.42 billion represents growth of 19.2%, while the Street-high estimate of $3.55 billion indicates growth of 23.7%. The company’s latest enterprise value is 6.3 times the FY’20 consensus revenue estimate.