The U.S. dollar index peaked in early November 2022 and has since fallen like a rock. Historically, when investors believe that the dollar will remain weak, they will bid up the stock price of technology stocks, which appears to be the case starting this new year.

So far, the Technology Select Sector SPDR Fund, which tracks an index of S&P 500 technology stocks, has risen around 15% in 2023. And with a rising tide lifting all boats, Palo Alto Networks' (PANW -1.59%) shares have risen 17%. However, you should refrain from investing based solely on what happens in foreign exchange markets.

Let's consider some other excellent reasons why Palo Alto Networks should be high on your potential buy list in this uncertain economic environment.

It is still snowballing in a down market

Palo Alto Networks is a cybersecurity company -- an advantage in a terrible economic environment because while the global economy might be going into a recession, cybercrime is in a bull market. Internet magazine Cybersecurity Ventures estimates global cybercrime costs will rise from $3 trillion in 2015 to $10.5 trillion annually by 2025, a compound annual growth rate of 13.4%.

Since few companies can afford many of the costs of intellectual property theft, website spoofing, ransomware, identity theft, Internet-of-Things hacking, or malware, cybersecurity has become an essential service. Consequently, demand for Palo Alto's cybersecurity services remains high even amidst a pandemic, high inflation, rising interest rates, a European war, supply chain woes, and general economic uncertainty.

Image source: Palo Alto Networks.

The company generated 25% revenue growth to reach $1.56 billion in its fiscal 2023's first quarter, which ended in September 2022. That's excellent for the largest IT security company by market capitalization. Additionally, the company's next generation security (NGS) business grew its average recurring revenue (ARR) an astounding 67% year over year to $2 billion. ARR is a fundamental subscription business metric that can help predict future sales. Therefore, a rapidly growing ARR augurs well for the future.

Even better for shareholders, Palo Alto says it is growing at roughly twice its total addressable market rate because multiple changes in the security market are tailwinds for its business. One of the most significant changes is that customers no longer want to buy multiple disparate security functions from different vendors.

Instead, many cybersecurity customers today prefer a vendor that offers a platform of interoperable solutions. So, for example, the days of buying a firewall from one company, antivirus software from another company, and intrusion prevention software from another are over.

The exact economic downturn accelerates this consolidation trend. Many companies, wanting to conserve capital, are consolidating more security functions to fewer vendors in order to cut costs. And Palo Alto gets a lot of that consolidation business because of the high quality of its products.

Today, the company is a leader across seven significant security categories, and information technology experts like Gartner, Forrester Research, Frost & Sullivan, and others rate Palo Alto as having the best solutions.

The one fly in the ointment

Should you decide to invest in this company, you will need to be comfortable with the fact that it is difficult to achieve profitability in the cybersecurity industry. Plus, the potential of rapid technological changes can cause cybersecurity companies to quickly decline into obsolescence if they fail to keep up with change.

For example, despite being in business since 2005, Palo Alto found that its original products providing advanced firewalls and intrusion prevention systems remained stubbornly unprofitable. Then before the company became profitable, technological advancements like cloud computing upended its original business model, delaying profitability further and forcing it to change in 2018 to stay competitive.

PANW Net Income (TTM) data by YCharts

You can see on the above chart that Palo Alto's net income has rarely ventured into profitability for most of its history. However, things are changing.

Growing profits and free cash flow

Palo Alto has finally reached a point in its evolution where it can add revenue at a much greater rate than cost. As a result, its first-quarter fiscal 2023 results produced a net income under generally accepted accounting principles (GAAP) of $20 million, or $0.06 per diluted share, its second straight quarter of profitability.

The company is also a free-cash-flow (FCF) machine, producing $2.4 billion of FCF on a trailing-12-month basis at a robust 42% margin.

PANW Free Cash Flow data by YCharts

Investors love profitable companies with healthy cash flows in a slowing economy, which should limit Palo Alto's downside. And with long-term solid growth tailwinds at its back, it is little wonder savvy investors gravitate to this stock.

Intro

This article takes a high level view of cybersecurity, mainly focusing on Palo Alto Networks and its leading technologies within cybersecurity. We also discuss SentinelOne, CrowdStrike, Fortinet, Cloudflare, Zscaler, and Check Point Software at various points. We opted to analyse the cybersecurity landscape by incorporating the dynamics of the private markets. This is important because the cybersecurity industry is a fertile breeding ground for innovative startups, and those that deploy the right mixture of PMF (Product Market Fit) and GTM (Go to Market) focus, are fast becoming serious rivals to these larger public companies. Additionally, software-focused PEs continue to acquire second tier cybersecurity vendors, which we think will be beneficial to leading names over the long run.

Public Stock Overview

• PANW has the highest revenue base within the standalone public cybersecurity companies. We have a strong belief in PANW's products, vision, and execution. However, it is barely breakeven in profitability terms, which is something the market is discounting. Furthermore, because of its expansive product lines that includes legacy and cutting-edge products combined together, it is time-consuming for a generalist investor to appreciate and properly price PANW's potential. As a result, even though it has high growth rates, the market gives it a similar valuation as MSFT.

• FTNT is another one of our long-term bullish ideas in the cybersecurity space. Similar to PANW, FTNT's portfolio complexity makes it a natural discount to many other standalone names like ZS or CRWD. However, FTNT has greater emphasis on profitability, which naturally makes it a less volatile, but higher valued, stock versus PANW in the current climate.

• S experienced a heavy discount after the IPO lockup expiry and growing concerns of CRWD and MSFT killing this emerging cybersecurity star. We believe S has great technology and overall it has the upper hand over the strongest competitors, including CRWD and MSFT. Another source of the relative valuation discount, is SentinelOne's deep negative profit margins. We believe this shouldn't be overly concerning due to the company's strong unit economics that will translate to healthy profitability once the company has reached a certain scale.

• CRWD to us is the second best choice to invest in endpoint security. It still has tons of room to grow and increase profitability due to its expansive EDR platform and continued founder control. However, as its revenue base grows and it is losing the leadership in the cutting-edge technology architecture compared to S, we see CRWD as a lower risk, lower reward bet versus S. That being said, CRWD should continue to be an attractive name for investors to hold with great risk-reward, especially during times of sharp discounts.

• CHKP has been left for dead, generating mid to low single-digit growth for a few years now. IBs speculated CHKP would resurge in its growth. We don't think so after conducting quite lengthy governance research.

• ZS has tons of momentum set to continue, catalysed by products such as ZIA, ZPA and ZDX, and a formiddable S&M prowess. However, we expect tougher comps in the future, and the space is crowded with competitors that have better architecture and products due to last-mover advantages.

• NET is a great company, with great products, culture, founder, and execution. We would say fairly priced, however.

• Previously, OKTA used to have the same investor appreciation as NET, but unfortunately it was priced to perfection, allowing zero room for execution error. It has had major troubles with its Auth0 integration and ensuring sales execution. We agree with IBs that OKTA's discount is becoming a great opportunity, but less so in terms of timing. At present, there seems to be too much optimism at an early stage without material evidence of fundamental improvements.

• SNOW will benefit tremendously as cybersecurity is becoming a data problem. Priced to perfection, not very attractive for now.

• PLTR a contrarian/peripheral cybersecurity player. Data is the future and PLTR has tons of room to grow as it helps enterprises securely manage their data fabric and build applications. Unfortunately, it has been overkilled by the market due to concerns over SBC and about its ability to scale.

Landscape Observations

In exact years, cybersecurity is the only subsector that has become increasingly nondiscretionary within the broader discretionary tech sector. And this is because the industry dynamics are so unique. Expanding digital sprawl makes it increasingly difficult for enterprises to defend their data and systems. Cybercriminals exploit the resulting new attack vectors to extort financial gain, with far better reward-to-risk than even cocaine trafficking in the 1990s. The most skilled bad actors can extort millions of dollars for almost negligible risk.

Enterprise vulnerability plus extreme reward-to-risk for cybercrime means that there will always be the demand for new security solutions. There are thousands of cybersecurity vendors - a few are tech giants, many are legacy names, and 100s to 1000s are startups - vying to provide these new solutions to deliver more comprehensive security for their customers. The major issue, however, is that more point solutions actually weaken the overarching defense posture. Ironically, more security means less defense.

This dichotomy perpetuates the CISO (Chief Information Security Officer) debate, that has been ongoing for decades now. Should enterprises choose BoB (best of breed) point solutions or consolidate its number of vendors by choosing to depend on a single broad-based vendor? BoB is the best option to defend against a particular threat, but adding a new vendor, console, and UI, weakens the enterprise's overall posture.

Some CISOs are choosing BoB while others are choosing consolidation. This is why the cybersecurity industry will remain buoyant for many years to come, and it's why we've personally had such a great time analysing private and public names in exact months.

From an investment perspective - I guess like any other tech sector - there are 1) the VCs investing in the startups, 2) software-focused PE firms acquiring companies that have an established name but have experienced a permanent slowdown in growth, and 3) the hugely successful public names that are dominating their markets and making occasional bolt-on acquisitions of BoB startups. We'll briefly discuss each of these areas next.

Startups & VCs

Our view for about one year now, is that the general SaaS market (including cybersecurity) has become so fragmented, with enterprises managing 100s of apps, that the next wave of value surely needs to come from consolidation rather than more fragmentation. There are some startups that clearly acknowledge the fragmentation. They have hence developed an expansive platform of integrated solutions from the outset, rather than focusing on being the best at a single solution and providing an API to be interoperable with other BoB solutions.

Names that have been coined for such startups include compound and platform startups. To begin with a platform mindset, it appears that such startups need to have a graph-like focus, with the centre being what the whole business is committed to. For Meta that graph is a social one, for Salesforce it is a customer one. Rippling is a good startup example here. They compete against the likes of Workday by having the employee as the central focal point of their business, and thus they provide any feature, solution, and use case that helps enterprises better manage employee-related aspects.

Wiz is probably the best example of a cybersecurity platform or compound startup. It was only founded in February 2020, and has already surpassed $100m in ARR. And the reason for their success is the entire PMF (Product Market Fit) and GTM was designed from the outset to serve the most pressing compliance needs of enterprises migrating to the cloud or expanding their footprint in the cloud.

Along with Wiz, we would say the likes of Netskope, Illumio, and Orca Security are other platform/compound security startups. Cybersecurity investors interested in IPOs, should keep these types of startups in mind, because when the business cycle turns these names may go for their IPO. They are also important to monitor if you are a Palo Alto Networks, Cloudflare, or Fortinet investor, because such compound startups have the ability to eat away at their market share.

Recently, there has been somewhat of a funding squeeze, which is likely to benefit these platform startups. In the past few years, we've seen a sharp rise in the number of startups, though compared to 2021, this larger group is now competing for a smaller pool of capital. The following chart indicates VC activity is still historically high, but the dealmaking drawdown in 2022 will favour the platform/compound names over the niche startup players.

The venture funding scene looks slightly better when narrowed down to cybersecurity, however. This research by MomentumCyber was part of their 3Q22 cybersecurity review. If you extrapolate the deal value related to financing/VC activity, and do the same for the deal count, you can see that, while cybersecurity funding remains healthy, per startup there are fewer funds apparently available. On the M&A/PE side, the opposite appears to be the case, as we'll show later.

On the whole, we consider the current startup/VC landscape rather favourable for PANW, NET, and FTNT for two reasons. Firstly, if startups are competing for fewer funds, then the industry will endure a degree of consolidation. Secondly, if startup valuations remain on the low side, then these cybersecurity giants can snap up attractive bargains when they need to indulge in some M&A.

Legacy & PE

To evaluate the cybersecurity landscape and its long-term impact on public investors, it is also useful to consider the PE activity in the industry. In 2021, STG acquired McAfee's enterprise division. They turned the network security-related assets into Skyhigh Security, which is an SSE (Secure Service Edge) player, competing against the likes of ZS, Netskope, PANW, and NET. Then, STG acquired FireEye and combined it with the remainder of McAfee's enterprise assets to create Trellix, which is marketed as an XDR vendor. STG has also acquired RSA for identity access management.

Similarly, Thoma Bravo has been acquiring legacy names in the identity space (as well as email security, e.g., Proofpoint), though it is currently unknown as to whether the strategic objective is to combine SailPoint, Ping Identity, and ForgeRock into one identity giant.

Over the long-term, this level of PE activity in cybersecurity is good news for public market leaders like PANW, FTNT, S, NET, and CRWD. Private Equity is mainly focused on operating leverage rather than innovation, meaning that the likes of Skyhigh and Trellix will likely be good enough for many enterprises but are not going to become market leaders and pioneer cutting-edge technologies. Given the rising cyberattacks, the increase in cybercriminal sophistication, and the growing enterprise complexity, customers are more likely to choose the leaders rather than second tier players.

Over the shorter-term, the above table highlights the attractive valuations of some public names. In particular, if we consider the multiples paid by Thoma Bravo during 2022, well into the market drawdown, it makes PANW, FTNT, and JAMF look like bargains. Although the attractiveness isn't as obvious, we also consider OKTA to be of great value right now.

It is clear that PEs' as asset owners are willing to pay hefty premiums for legacy identity names. If you think about Warren Buffett's mantra - "I am going to buy a stock only if I can sleep nicely knowing the stock exchange will be closed for three years", then considering the relative quality of OKTA's technology and its number of customers, OKTA is a substantially better long-term bet. Thoma Bravo has bought legacy names for higher EV/S than OKTA but with lower expected growth, and in the case of ForgeRock, the EBIT margin is not that different either.

The following chart from Momentum Cyber's 3Q22 review, shows the median EV/Sales multiple across all M&A deals in the cybersecurity industry. Assuming the majority of buyers in these M&A deals are PE firms and the targets are legacy, or second tier names, then comparing PANW's EV/LTM Sales to the industry median highlights the valuation drawdown between legacy and first tier players.

Further PE activity in the cybersecurity industry will likely create a clearer divide between first and second tier players. For instance, ForgeRock is probably considered to be positioned at the lower rungs of the first tier, but it's likely in due course they will be become a second tier once Thoma Bravo has optimised operations and depleted R&D resources. There are/will be many more examples like this, which over time, will establish a clear divide between second tier and first tier players like PANW, FTNT, NET, ZS, S, and CRWD.

And it's likely it will continue. Indeed, as shown in the next two charts, during 2022 PE sentiment has declined leading to a drop in fundraising. However, the subsequent chart indicates the amount of funds ready to be invested (the dry powder pool) is still near all-time highs.

$700bn of the $1.24tn global PE pot is located in the U.S. And 63% of the global PE capital has been raised since 2020. Typically, LPs commit capital for about 10 years, and typically PE firms hold portfolio companies for 5-7 years. So, by working backwards it's clear that a sizeable portion of the dry powder pool ought to be invested in 2023 and immediately thereafter. Given cybersecurity is one of the ripest subsectors for consolidation, we expect to see a significant continuation of PE activity. Again, this is really good news for long-term PANW, FTNT, NET, S, ZS, and CRWD investors.

Public Tech Giants M&A

The third area of the cybersecurity investment landscape is the public market leaders acquiring BoB startups. We think the VC and PE dynamics will actually deliver the public names more of the right opportunities. The higher rate environment is forcing VCs to be more selective, which combined with the SaaS fragmentation, means fewer startups are going to thrive. This is good for PANW versus its competition, but also over time it may help their selection due diligence and help them land better deals.

On the PE side, if PE firms are buying legacy names or borderline first-tier players, then, in turn, those are less likely to buy BoB startups. So, again the likes of PANW should have less M&A competition for BoB over time. And this is crucially important for cybersecurity names like PANW and CRWD because they now must rely on M&A in order to successfully adapt to the ever-changing landscape. PANW, in particular, has a very successful recipe for integrating its acquisitions, though, perhaps the prices paid have historically been at too high of a premium. If going forward the aforementioned dynamics can help them land better deals, it will be great for future shareholder value creation.

Cybersecurity TAM

Estimates for the current cybersecurity TAM range from $150bn to $200bn. About half of this TAM is for software/hardware and the other half is for services. The fragmentation means even the largest cybersecurity players, like PANW and FTNT, have low single-digit market shares. What is extra appetizing for investors is that the major cybersecurity software players are not just going after their core software TAM (c. $70bn to $100bn), they are also targeting the services TAM by developing automation technologies that replace much of services work.

PANW's CEO Nikesh Arora, has long had a specific objective of radically reducing the unmanageable number of alerts that in-house SOCs (Security Operation Centres) and MSSPs/IRs (Managed Security Service Providers / Incident Responders) need to respond to manually. And doing so would be for the greater good of the entire industry, because the majority of the innumerable daily breaches occur because an alert was missed by someone.

Here, we whet investors' appetite some more by sharing analysis by McKinsey below. The management consultancy believes the mature-stage TAM of cybersecurity is 10x from what it is today. This may seem overly optimistic to some; however, it does corroborate with data we shared in a previous SA article. In that article we discussed Cybersecurity Ventures' estimate of $6tn in annual damage caused by cybercrime, and yet according to IDC and Canalys, the amount spent on cybersecurity software each year is only $60bn to $100bn.

The rise of ransomware and BEC (Business Email Compromise) is leading to huge financial and reputational suffering for many enterprises. As a result, cybersecurity has recently become a board-level topic, thus receiving the attention and funding it deserves at most enterprises. This should gradually close this colossal chasm between what is being currently spent on defenses and the damage these cybercriminals cause.

With respect to PANW and FTNT, how can they best capitalise on this very large and still-growing double-digit industry? We think that PANW needs to perhaps focus more on developing an open ecosystem around itself and be even more interoperable - to embrace the industry fragmentation rather than fight it. In regards to FTNT, as it gets larger perhaps it needs to focus more on M&A and less on building everything from scratch in-house. This is a great trait, but to continue being adaptable this trait alone will not help them maintain their leadership. In fact, because of the company's focus on in-house over M&A, it has missed substantial market opportunity on the cloud side of things.

Vendor Evaluation

There are numerous ways in which to slice and dice the cybersecurity threat landscape and map this to the vendors most likely to succeed. For us, a quick way to assess the value that a vendor can bring to enterprises, is to consider these two high-level threat capabilities:

1. Can they prevent the bad guys from infiltrating (e.g., next-gen firewalls, SWG, NGAV, email security, shift-left security, vulnerability management, misconfiguration management, attack surface management, OT/IoT security, and Zero Trust/least privileged tech like CIEM, etc.)?

2. By how much and how quickly can they limit the blast radius when bad guys do eventually infiltrate (e.g., runtime protection for workloads running on bare metal, VMs, containers, or serverless; all of the shift-right aspects such as EDR/XDR, ITDR, microsegmentation, etc.)?

If vendors have a large scope across both of these areas, which we will abbreviate to prevent and react, then they should do well in their efforts to consolidate the market in the next few years. In the following table, we share our views on how the most prominent established (public) and emerging (private) vendors score against these two areas. Please note that this scoring is completely arbitrary and based only on our opinion after having researched these companies for the past 2-3 years.

It is probably no surprise to readers that we believe PANW is the standout player when considering both prevent and react. This is because they have cutting-edge prevention capabilities (either developed in-house or acquired) while also having a formidable security operations capability (which includes EDR/XDR). Readers may note another observation is that the players that originated in network security (PANW, FTNT, NET, ZS, CHKP) score relatively higher on the prevention side and the players originating from endpoint security (CRWD, S) score relatively high on the reaction side. Then, the next-gen pure cloud names (Wiz, Orca, Lacework, Aqua) have a balanced mixture of both prevention and reaction.

While the above scoring is not scientific, perhaps it helps investors quickly evaluate the players most likely to succeed and generate incremental shareholder value in the coming years. Additionally, the rate of change is very important in any type of long-term vendor evaluation. For instance, NET has been frequently adding new solutions to both of these cybersecurity dimensions. S has also.

Another consideration for investors is that of security convergence. Security has been merging more and more with networking, software development, data engineering, identity, and productivity, to name a few. So, the vendors that do an excellent job at helping enterprises bridge security with these areas have a great opportunity to evolve and deliver shareholder value.

For instance, the hybrid and distributed enterprise, not only needs high-quality security, they also need low latency networking - so network security vendors with capabilities in SD-WAN (e.g., PANW and FTNT) should continue to be in high demand. In software development we're seeing DevOps players like GTLB and HCP expand more into security while security vendors expand out into securing DevOps. Similarly, in the data space, SNOW is pivoting toward cybsecurity, but security names like S and PANW have created their own data lake/warehouse specialised for cybersecurity. OKTA and JAMF are two more examples of vendors that are generating value by bridging security with other areas, that is identity and productivity.

So, we think there is significant long-term alpha that investors can capture if they consider which vendors are effectively riding these security convergence trends.

Valuation Exercise for PANW

Here we update a valuation exercise we've previously shared with SA readers. We compare PANW's revenue and FCF multiples to that of an aggregate weighted revenue and FCF multiple of Check Point Software (CHKP), Zscaler (ZS), and CrowdStrike (CRWD). Comparing PANW to these three names is a great match. The majority of CHKP's business is composed of on-prem network security, the majority of ZS' business is composed of SASE (off-prem network security), and the majority of CrowdStrike's business is composed of endpoint and cloud security. PANW's business is largely made up of all these areas, which makes for a good comparison. Additionally, the revenue level and the FCF level of PANW is similar to the CHKP, ZS, and CRWD combined.

We'll begin by comparing the market caps.

The following table compares the revenue weighted TTM P/S divided by NTM growth estimate for CHKP, ZS, and CRWD, to that of PANW's. On a forward revenue basis, PANW is currently trading at half of the weighted three peer group (0.40 vs 0.83).

We conduct the same approach for the forward P/FCF multiple. The P/FCF divided by NTM growth estimate for the weighted group is 2.26, while for PANW is 0.94. So, again, on a forward FCF basis PANW is trading at half that of the weighted three peer group.

As mentioned earlier, we believe PANW's relative discount is a result of its scope and firewall heritage. Some investors may discard the company due to the complexity of understanding its technological and market leadership across the main areas of cybersecurity. Later in the article, we'll break down the industry into network security, security operations, and cloud security, and attempt to articulate why PANW and others are growing stronger in these areas.

Cutting-edge vs Commoditised Solutions

It's important to consider vendor potential scope in order to evaluate their ability to consolidate the market. It is also important to consider where vendors are positioned within the cutting-edge versus commoditised areas of cybersecurity. In the same McKinsey research piece, we found the following chart that depicts the growth rate of patents within certain areas of security. We think it's useful as an aid to assess where the innovative spaces are likely to emerge in the next few years.

FTNT investors will be pleased to learn that they are becoming a leader in the emerging OT (Operational Technology) space. As verticals, such as manufacturing, that have been slow to modernize, begin to digitally transform, it is causing various security issues. Most issues are caused by dated appliances connecting online while running nonstandard operating systems, which don't integrate very well with endpoint security solutions. Therefore, new technologies are required to secure OT in factories, hospitals, and airports, for example. FTNT's software-defined technologies combined with its compact and affordable all-in-box (basically including every networking and security function needed), position it well to compete in the growing OT space.

Caveat: while this chart is useful, it doesn't necessarily mean these areas of high patent growth will result in a future high TAM or high growth for associated businesses. There is a large portion of patents that become unmonetizable and there is considerable patent flushing that occurs in the industry. Nonetheless, the McKinsey chart does indicate the current focus of innovation.

The chart also shows that security operations is an area of security experiencing high patent growth. This resonates with our own research as we've found that shift-right activities are becoming increasingly critical to thwart cybercriminals from succeeding. PANW, S, and CRWD are all leaders in the SecOps space, but it seems as though PANW and S have relatively more room to innovate.

For SecOps to evolve it certainly requires innovation at the backend. The backend is where the SIEM and other log management systems reside. Many of these are dated and legacy-fied, and hence don't provide speedy ingestion or retrieval of data, which is becoming more and more crucial to combat skilled adversaries. All three players have tackled this backend data problem by acquiring cutting-edge technologies (PANW acquired Demisto, S acquired Scalyr, and CRWD acquired Humio), but PANW and S appear to have added more value to the acquisitions. For instance, PANW has transitioned Demisto into XSIAM which is an AL/ML-based automation workflow platform - it's kind of like a next-gen SOAR and next-gen data lake combined. And S has launched products like XDR Ingest and Skylight that closely integrate with Scalyr (rebranded as DataSet) to deliver SecOps analysts (in-house SOC or MSSPs) a programmable platform for creating highly customised detection and automation rules at massive scale. The backend innovations from both PANW and S are revolutionising SecOps for SOCs and MSSPs, and considering that services compose roughly half of the $170bn to $200bn industry, these companies have a huge runway of growth.

Cloud security is another innovative space as indicated by the growth in patents. PANW's Prisma Cloud is the most comprehensive CNAPP (Cloud-Native Application Protection Platform), but they have fierce competition from the next-gen startups such as the ones listed earlier. Endpoint names like CRWD and S are also expanding within the cloud security space - we think S, in particular, has a great opportunity to compete well in the CWP (Cloud Workload Protection) space.

It's also interesting to see that network security is experiencing ongoing innovation. Cloud security certainly takes the limelight at present, though, network security is still the glue that holds an organisations' defense posture together. Gartner coined the SASE term to describe the need for the convergence of networking and security functionality for distributed enterprises - something that became urgently needed in response to the ramifications of the pandemic. Subsequently, it was narrowed down to SSE, which includes SWG, CASB, and ZTNA, which respectively, provides protection as users connect to the internet, protection as users interact with SaaS apps, and protection as users access private data centre applications. Somewhat aligned with Gartner's Magic Quadrant for SSE, we view PANW, FTNT, ZS, NET, and Netskope as the leaders in network security.

Lastly, we're not surprised to see IAM (Identity Access Management) is experiencing a relatively lower patent growth, because it has become somewhat of a commoditised area. SSO and MFA are mature technologies, and while passwordless technology is cutting-edge, it is a niche solution that many vendors are already incorporating. However, we are surprised that adjacent identity areas like CIAM, IGA, PAM, and ITDR are not represented on the chart. CIAM is a completely blue ocean market led by OKTA, and IGA and PAM are legacy identity tools that OKTA is working on revolutionising into their cloud-native way.

ITDR (Identity Threat, Detection & Response) is a niche but very important area for enterprises concerned about credential-based attacks. As security defenses have become really effective at stopping malware and unauthorised movements, bad actors are increasingly turning their attention toward looking like legitimate users. Thus, attacks involving credential theft and compromise have become all the more common. S and CRWD have both entered the ITDR space with exact acquisitions of Attivo and Preempt. And we believe this is one of the most important and innovative spaces of cybersecurity that has the potential to grow into a billion-dollar TAM.

To summarise, across network, cloud, security operations, and identity, we've attempted to highlight both the mature and nascent areas. Typically, the nascent, high-growth areas have replaced the mature technologies in an evolutionary manner, or have simply sprouted as a blue ocean type of market. We would say PANW is top-2 in network security (along with FTNT), #1 in cloud security (with close competition from Wiz and Orca), and top-3 in security operations (along with CRWD ad S). And in regards to identity, PANW mainly interoperates rather than having any standalone solutions.

In the next sections we'll briefly discuss some things investors should be aware of in regards to network security, cloud security, and security operations. In our opinion, breaking the industry down into these three areas helps to get a clearer understanding.

Network Security

Expedited by the pandemic and the ensuing urgency for digital transformations, network security has fragmented into a few different directions. SASE and then SSE has received increasing demand as a way to securely connect remote employees with disparate IT resources. SD-WAN has emerged to reduce latencies and costs associated with connecting globally distributed enterprises. OT and IoT security have gained attention for helping the unmodernised verticals securely modernise. And virtual, or VM-based, firewalls have become extremely useful in cloud operations, whereby they can be deployed on commodity hardware to secure inbound connections, as well as connections between clouds.

The common denominator across these different form factors of networking and security is the firewall. The firewall is still hugely important, which is contrary to popular belief. The purpose of the firewall is to allow/deny network connections and then to secure those connections. And this is not a cutting-edge technology, but it requires ability on behalf of the vendor to transfer these firewall capabilities into the different form factors. This is why not all firewall vendors have successfully pivoted to SASE, or more specifically, FWaaS.

So, the innovation from these firewall vendors comes from them being able to collectively:

• Deliver the firewall in on-prem deployed hardware - and this form factor usually gives the highest throughput and lowest latency between office branches and data centres.

• Deliver the firewall as a virtual software form factor in the clouds - the majority of traffic has now become intra and inter cloud, where SASE and hardware are of little use.

• Deliver the firewall via SASE - heavy use of the Internet so higher latency occurs, so SD-WAN is needed to optimise the balance between fastest routes and costs. The major benefits of SASE are the removal of tedious and costly hardware/software management and securely connecting remote users.

• Interoperate with, or even integrate home-grown SD-WAN - firewalls operate at Layer 3 of the OSI reference model, so it's no surprise that they have found it relatively easy to interoperate with SD-WAN vendors. FTNT made a major step further by integrating home-grown SD-WAN into its FortiGate NGFW box.

The next diagram separates network security into the four areas we've just mentioned, and we've listed who we believe are the market leaders in descending order. From the earnings calls we listen to, it seems as though PANW, ZS, NET and Netskope are the SASE market leaders, as these names are mentioned most. However, technically we think FTNT is the best at delivering SASE. This is because they have packed all the security and networking, including home-grown SD-WAN, into one single box, which has not been done by any other vendor. And if, according to Gartner's definition, converged networking and security is one of the hallmarks of SASE, then FTNT can deliver SASE anywhere it can install a box >>> off-prem, on-prem, home office, etc. Thus, we have believed for a long time that FTNT is the most accommodative SASE vendor.

As highlighted, a major innovation of network security has been adapting the firewall to the different form factors required as enterprises undergo digital transformation - SASE, cloud VM, on-prem, and OT. Other exact innovations in network security worth a more detailed mention include microsegmentation and ASM (Attack Surface Management).

To do microsegmentation, whereby, in a few clicks, you can segment a network into subnets, user groups, and applications, etc. to make it difficult for bad actors to move around the network, requires Layer 7 (of the OSI model) knowhow. The NGFWs (next-gen firewalls) of vendors such as PANW and FTNT have long had capabilities to do this level of granular network segmentation. This is certainly one reason for PANW and FTNT's market dominance in the NGFW market.

Newer, pure-play, microsegmentation players like Illumio leverage the host firewalls, built into machine operating systems, to control and secure inbound/outbound connections. Illumio is a Series F startup that has raised a total of $560m, and its last valuation in mid-2021 was $2.75bn. It is a vendor with novel technology that is riding the Zero Trust wave, plus it is very effective to thwart ransomware. We think this is a company that cybersecurity investors should monitor, because when the economy recovers, they might begin IPO proceedings.

ASM, or even Extended ASM (EASM), is another innovative area of network security. Taking the perspective of a potential attacker, typically this software involves scanning the Internet and corporate network to see if anything belonging to an enterprise is exposed. The open-source search engine, Shodan, and various other tools, enable attackers to scan and detect vulnerable assets and systems. On average, attackers start scanning for vulnerabilities with such tools within 15 minutes of a CVE (Common Vulnerability & Exposures) being announced. Additionally, many systems that are dated remain unpatchable, allowing attackers ample time to conduct their reconnaissance. Thus, tools like ASM are becoming necessary to combat these cybercriminal opportunists.

TENB is a strong name in the ASM space, having leveraged and expanded out from their core competencies of vulnerability management. Axonius is a startup attracting a lot of VC attention (Accel, Lightspeed Ventures, Bessemer Ventures), raising a total of $670m through its Series E, that has specialties in ASM/EASM. However, we still think PANW, after having acquired Xpanse in 2020, has the best ASM capability. And this is largely due to the synergy generated by combining Xpanse with its wider network security and security operations portfolios.

Security Operations

To simplify the complexity of security operations, it is useful to break it down into 1) the data management backend, 2) the work that SecOps analysts do, and 3) the endpoint agent.

We consider this a huge TAM within cybersecurity. Firstly, the majority of enterprises still have mass signature-based AV deployments, such as Symantec and McAfee. This means there is still a long runway of growth for vendors related to EPP, NGAV and EDR, and even for endpoint security leader CRWD which has reached $2bn in TTM revenue. Secondly, as mentioned earlier, there is a huge innovation space related to automating workflows for SecOps analysts. And thirdly, for those vendors willing to spend big on revamping the data backend, there is significant value they can deliver to enterprises and MSSPs.

Our opinion is that S, followed closely by PANW, have innovated the most comprehensively across the three areas of security operations. S has the autonomous agent that works right out-of-the-box, which has proved to be a determining factor in the MITRE testing rounds in exact years. S has worked hard to provide a programmable PaaS for analysts whereby they can granularly customise and deploy at massive scale. And they have made a bold bet on acquiring and integrating Scalyr (now known as DataSet) to revolutionise the data ingestion, retention, and retrieval process, that provides great value to SOCs/MSSPs. In contrast, CRWD's agent has very limited autonomy, its EDR layer is not very programmable for third-parties (like in-house SOC or MSSP), and they have revamped their backend with the Humio integration, though, in our opinion, Humio is more about cost reduction than it is for speed.

Cloud Security

The major trend in cloud security at present is the race toward CNAPP (Cloud-Native Application Protection Platform). As we showed in the earlier table, vendors making a beeline for CNAPP are attempting to incorporate as many of the individual solutions as possible. And in essence, the major innovation space is seamless integrating all of these solutions into a single-pane-of-glass platform.

We've recently done some deep dives into the established and emerging CNAPP players. It is a fertile ground of innovation, and there are few startups that have the technology and GTM to be potential security giants. However, it's probably no surprise by now, that we believe PANW's Prisma Cloud is the most complete CNAPP.

Cloud security started off with solutions such as first-gen CSPMs, that were very detective in nature - it was all about detecting misconfigurations, or noncompliant settings, or something untoward at runtime. Over time, the shift-left philosophy emerged, which is preventative in nature and about building security as early as possible into the software development lifecycle. More recently, there has been a focus on integrating cloud security with more shift-right activities, whereby cloud data is sent to SecOps via SIEM integrations so they can better protect their organisation.

So, cloud security can be described along a shift-left and shift-right dimension. But it can also include an abstraction dimension. This is because security in the cloud can operate at the bare metal level, within VMs, at the container level, or the serverless function level. The next diagram depicts how we view PANW's Prisma Cloud along these two dimensions.

According to the research we've done so far, there is no other CNAPP contender that has this scope of cloud security. Indeed, PANW has made many acquisitions to complete their CNAPP, but it has still required skilled integrations and smart empowerment of the acquired founders.

This is a huge TAM and durable growth opportunity for PANW. Typically, the security allocation of an annual IT budget is 5% to 15%. According to Forrester (and many other research firms), cloud spending will reach $1tn in a few years, so if we take the mid-point of 10%, cloud security could be worth $100bn in a few years. PANW is the CNAPP leader with about $1bn revenue (an estimate), so it's clear that the growth opportunity is substantial.

Dave Vellante, of SiliconANGLE, theCube, and Wikibon, was the first to coin the term supercloud, which describes a SaaS vendor that can operate on top of multiple clouds and deliver a unified experience to enterprises and end users. In the process, such superclouds will help organisations simplify operations, speed up the time to market, and reduce costs. We believe that PANW's Prisma Cloud will be one of the first vendors to establish themselves in this category.

Cybersecurity Mesh

A Cybersecurity Mesh Architecture, or CSMA, was actually a term first coined by FTNT to market its Fabric platform, and later on Gartner began to use it to describe a comprehensive and highly interoperable cybersecurity ecosystem. After the initial buzz of SASE in 2019, and FTNT not being appreciated by Gartner for their SASE-like qualities, FTNT began pushing the CSMA terminology in attempt to show that what they can do is so much more than SASE. The vision of CSMA is to have individual security tools share data and interoperate with one another, with outcomes including fewer blind spots and consistent policy enforcement, thus leading to better security.

Gartner explains the four key components are 1) security analytics & intelligence, 2) identity fabric, 3) consolidated policy and playbook management, and 4) consolidated dashboards.

In the CSMA report, Gartner elaborates that enterprises can begin implementing CSMA by 1) checking out the connectivity of their existing tools, 2) evaluating emerging technologies, 3) build some of their own layers, and 4) take the help of a consolidated security platform. Given the severe shortage in global cybersecurity talent, SecOps teams are most likely to take the quicker and easier route of getting a big head start by deploying something like FTNT or PANW.

The issue, however, is not even FTNT's and PANW's highly comprehensive platforms can cover every single granular use case. Therefore, they need to develop their platform by not thinking they are the CSMA, but just the core of the CSMA, and hence make their technology super interoperable with all kinds of third-party solutions.

With the previously mentioned need for vendor consolidation, combined with Gartner's promotion of CSMA, the global talent shortage, and FTNT's and PANW's platform capabilities, we would not be surprised if these security giants became the CSMA core of most enterprises within the next 10 years.

In a head-to-head, FTNT's main advantage in regards to CSMA is that it has built the high majority of its solutions in-house, and from memorizing prior Gartner and Forrester reports, it's clear that this has a very positive effect on the ease-of-use of its Fabric platform. One of PANW's main advantages is the investment it has made in its XSIAM (its SOAR plus next-gen SIEM or cybersecurity-focused data lake). As Gartner explains analytics and intelligence is the foundational pillar of CSMA, XSIAM should deliver PANW a huge advantage to become that connective data layer for disparate third-party solutions. We expect PANW to eventually come out with their own terminology for describing this mesh architecture, now that FTNT has the marketing head start. And PANW's version will most likely be more inclusive of the cloud-native components, whereas FTNT's CSMA, as can be seen in the above diagram, is heavily tilted toward network security.

Conclusion

The current dynamics of the startup + VC and legacy + PE landscape makes for a favourable environment for leading public cybersecurity stocks, such as PANW, FTNT, NET, ZS, S, and CRWD. Fewer VC funds for startups mean that fewer will emerge as future competition. Moreover, the public players will benefit from better M&A deals. And the dry powder pool available in PE is also good news for these public names, as PE firms continue to buy up second tier names and we see a bigger innovation divide.

The TAM of cybersecurity is colossal. Not only does PANW, S, and FTNT have low penetration in the $80bn-$100bn software segment, their SecOps automation efforts are going to disrupt and grab significant share of the $80bn-$100bn services segment.

Finally, a useful way to breakdown the cybersecurity industry is to separate it into network security, cloud security, and security operations. We would say the fourth is identity but it kind of infuses into the other areas. PANW is the outright leader in the former three areas, with tremendous durable growth outlook, and an attractive valuation of NTM EV/S of 6.7x and NTM EV/EBITDA of 27x.

The MarketWatch News Department was not involved in the creation of this content.

Feb 01, 2023 (The Expresswire) -- “Cybersecurity Market” forecast 2023-2029 research report finds essential elements of this market in light of present industry, this market requests, business methodologies employed by Cybersecurity market players and therefore the future prospects from different edges familiarly. Regionally, this file specializes in numerous key regions: North America, Europe, Japan, China, Southeast Asia, India, etc. The report considers the revenue generated from the sales of this report and technologies by various application segments and browse market data with tables and figures spread through 122 pages and in-depth TOC on Cybersecurity market.

The MarketWatch News Department was not involved in the creation of this content.

Leading cybersecurity company Palo Alto Networks, Inc. (NASDAQ:PANW) is scheduled to report its FQ2'23 earnings results (for CQ ended January 2023) on February 21.

Savvy investors picked PANW's bottom in early January, following the risk-on sentiment that returned to tech stocks. Accordingly, PANW has recovered nearly 35% from its January lows toward this week's highs.

Therefore, we believe investors have likely anticipated an optimistic earnings report from Palo Alto Networks, expecting it to maintain or surpass its FY23 guidance.

As a reminder, the company guided FY23 revenue growth of 25.5% at the midpoint, just slightly above the consensus estimates of 25.2% growth. Moreover, the company's guidance range of 25% to 26% suggests that Palo Alto has tremendous revenue visibility, despite the worsening macro headwinds.

Therefore, the company's ability to navigate highly challenging economic conditions where sales cycles are expected to remain elongated should not be understated.

Keen investors should know that Palo Alto Networks has a broad cybersecurity portfolio encompassing capabilities in SASE, cloud security (including zero-trust), and endpoint security with XDR.

Hence, it's well-placed to protect on-premise and cloud-based workloads, particularly effective for companies with multi/hybrid cloud architecture. While the company's next-gen solutions, such as cloud security, are expected to drive its top-line growth, its legacy solutions provide the customer base and broader adoption opportunities.

Hence, Palo Alto Networks could be in a much better position than pure-play cloud peers to leverage the trend toward vendor consolidation, spurred by worse macro headwinds forcing CISOs toward cost optimization.

Moreover, Palo Alto Networks believes it has the next-gen zero trust solution or ZTNA 2.0, which is expected to integrate its customers' hybrid workplace environment better.

Therefore, we aren't surprised that PANW has seen firm buying support at significant dips. In addition, astute investors likely capitalized to add more positions, as the increased need for cybersecurity will not disappear.

Moreover, Palo Alto Networks is confident that its AI/ML capabilities "will help predict and resolve issues before they cause business disruptions."

Accordingly, CEO Nikesh Arora reminded investors that he started to infuse artificial intelligence into Palo Alto Network's offerings when he started more than four years ago. Arora stressed:

Our entire AI capability is centered around everything we're doing in Cortex [XDR]. Security needs to become real-time. You can't do anything [in] real-time unless you have good data. So we spent the last 4.5 years figuring out how to get good data, which is why we [launched] the products 12 weeks called Cortex XSIAM. The whole notion there is you collect all the data you can. You run AI models against it and try and remediate secured. Expanse is one aspect of it. It is the aspect, which looks at data, which you can see from the outside in. And Cortex XSIAM looks at it from [the] inside out. So I think, yes, AI is going to have a huge impact on how real-time security is deployed. (Barclays Global Technology, Media and Telecommunications Conference)

We think there should be little doubt that Palo Alto is a clear leader in the cybersecurity space. Hence, the question about its growth valuation has consistently attracted debate with bulls and bears on whether PANW deserves its premium.

PANW last traded at an NTM EBITDA multiple of 29.6x, below its 10Y average of 36.7x (20% below). However, PANW has had difficulty sustaining its valuation above its 10Y average since its peak in early 2022, suggesting the market had likely de-rated it.

Hence, we believe some prudence is justified by demanding a significant discount below its 10Y average for an improved reward-to-risk entry.

Given the high valuations of cybersecurity stocks, we also don't encourage investors to load their portfolios with too many cybersecurity companies to mitigate valuation compression risks.

Despite that, We have confidence that Palo Alto's consistent free cash flow (FCF) profitability and robust ARR visibility position it as one of the prime candidates for investors to consider carefully.

However, the question remains: Is the current price action and valuation constructive for investors looking for a less risky entry zone?

As seen above, PANW has surged well above its January lows but is still in a medium-term downtrend, resisted by its November 2022 highs.

So, PANW investors need to consider whether they think its January bottom is robust enough to sustain its bear market lows before recovering its upward bias?

We noted that PANW's January lows corresponded to an NTM EBITDA multiple of 22x, in line with the one standard deviation zone under its 10Y average. In other words, it was relatively attractive compared to its historical valuation averages.

We also noted a bullish reversal price action in January, predicated against a false downside breakdown (or bear trap) against the lows in May 2022. In other words, market operators likely used highly pessimistic sentiment at the start of January to lead weak PANW holders to sell low. However, the "attempt" to break below May 2022 lows was firmly rejected before staging a stunning bullish reversal to shift its momentum back up.

Hence, we believe PANW's January lows should hold robustly. Therefore, investors considering adding exposure should capitalize on any subsequent pullback (hopefully weak earnings outlook).

Rating: Hold (Reiterated).

Warren Buffett never mentions this but he is one of the first hedge fund managers who unlocked the secrets of successful stock market investing. He launched his hedge fund in 1956 with $105,100 in seed capital. Back then they weren’t called hedge funds, they were called “partnerships”. Warren Buffett took 25% of all returns in excess of 6 percent. 

For example S&P 500 Index returned 43.4% in 1958. If Warren Buffett’s hedge fund didn’t generate any outperformance (i.e. secretly invested like a closet index fund), Warren Buffett would have pocketed a quarter of the 37.4% excess return. That would have been 9.35% in hedge fund “fees”. 

Actually Warren Buffett failed to beat the S&P 500 Index in 1958, returned only 40.9% and pocketed 8.7 percentage of it as “fees”. His investors didn’t mind that he underperformed the market in 1958 because he beat the market by a large margin in 1957. That year Buffett’s hedge fund returned 10.4% and Buffett took only 1.1 percentage points of that as “fees”. S&P 500 Index lost 10.8% in 1957, so Buffett’s investors actually thrilled to beat the market by 20.1 percentage points in 1957.

Between 1957 and 1966 Warren Buffett’s hedge fund returned 23.5% annually after deducting Warren Buffett’s 5.5 percentage point annual fees. S&P 500 Index generated an average annual compounded return of only 9.2% during the same 10-year period. An investor who invested $10,000 in Warren Buffett’s hedge fund at the beginning of 1957 saw his capital turn into $103,000 before fees and $64,100 after fees (this means Warren Buffett made more than $36,000 in fees from this investor).

As you can guess, Warren Buffett’s #1 wealth building strategy is to generate high returns in the 20% to 30% range.

We see several investors trying to strike it rich in options market by risking their entire savings. You can get rich by returning 20% per year and compounding that for several years. Warren Buffett has been investing and compounding for at least 65 years.

So, how did Warren Buffett manage to generate high returns and beat the market?

In a free sample issue of our monthly newsletter we analyzed Warren Buffett’s stock picks covering the 1999-2017 period and identified the best performing stocks in Warren Buffett’s portfolio. This is basically a recipe to generate better returns than Warren Buffett is achieving himself.

You can enter your email below to get our FREE report. In the same report you can also find a detailed bonus biotech stock pick that we expect to return more than 50% within 12-24 months. We initially share this idea in October 2018 and the stock already returned more than 150%. We still like this investment.

Warren Buffet's Secret Recipe

Our Price: $199 FREE

We may use your email to send marketing emails about our services. Click here to read our privacy policy.

© Provided by Benzinga

Investment banking giant Goldman Sachs Group Inc (NYSE: GS) made a major move in the security sector, initiating coverage of several companies with Buy, Neutral and Sell ratings.

The Goldman Analysts: Several Goldman analysts identified favorable industry dynamics for the security sector in an industry initiation note Tuesday, including the rise of multi-product platforms, less cyclical demand and natural extensions for growth for industry incumbents.

The maturing of machine-learning applications was expected to further boost the sector, Goldman Sachs analysts said, and unit economics are outperforming broader software benchmarks.

While demand may be muted in 2023, the investment bank said these longer-term positives are expected to provide a more benign competitive environment, with rising tides lifting many boats.

Trending: Pepsi Shares Its Experience Using The Tesla Semi: What Drivers Are Saying - Tesla (NASDAQ:TSLA)

Must Read: Tesla Employees Responsible For Autopilot Data Labeling Push For Unionization

Read Also: Inflation Continues To Cool, But At Slower Pace Than Economists Predicted

The Goldman Buy/Sell Takeaways: On the Buy side, Goldman said Crowdstrike’s core strengths in data collection and monitoring were expected to drive significant growth in the cloud sector. With solid free cash flow generation and a exact revenue revision, analysts found the risk/reward ratio favorable for investment.

For Check Point, the analysts said the company’s increased investments in mergers and acquisitions, research and development, and sales and marketing resources slowed down its loss of market share in the firewall market. Check Point’s position in the market improved, thanks to the Infinity platform, which enabled consolidated management of threat vectors.

Fortinet’s founding thesis on the convergence of networking and security was being realized through network transformation and the adoption of Secure Access Service Edge (SASE), Goldman said. Despite the need for more investment in its cloud portfolio, Fortinet's leadership in SD-WAN technology positioned it for growth in the SASE market.

The analysts said Palo Alto lead the way in implementing a multi-platform strategy with technology excellence in various product areas. The company's network, endpoint and cloud products, each benefiting from centralized domain expertise in UIUX, marketing, security intelligence and machine learning, were at different stages of development.

On the Sell side, the investment bank said its concerns with Cloudflare is that overall growth may normalize after five years, leading to fewer catalysts for the company’s core products, while increased visibility into the revenue mix is needed to ensure success. Further, Goldman said Cloudflare may face stiff competition from hyperscalers, necessitating heavy go-to-market investments to achieve success in Wave 2 and 3 products.

Okta's share gains in identity access management were likely to slow as Microsoft became more competitive and the identity cloud upgrade cycle reached more than 50% of the IAM TAM, the analysts said. Moreover, product cycles in identity governance and privileged access would take longer than expected to make a meaningful revenue contribution.

Photo: NicoElNino via Shutterstock

Latest Ratings for CRWD

View More Analyst Ratings for CRWD

View the Latest Analyst Ratings

© 2023 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.

SPONSORED

Retirement can be a difficult part of life to navigate, and a financial advisor can help. Finding a qualified financial advisor doesn't have to be hard. SmartAsset's free tool matches you with up to three financial advisors who serve your area, and you can interview your advisor matches at no cost to decide which one is right for you. If you're ready to find an advisor who can help you achieve your financial goals, get started now.

This article Goldman On Cybersecurity Stocks: Bullish On Palo Alto, Bearish On Cloudflare, Plus More Ratings originally appeared on Benzinga.com

Delivers its best-in-class cloud-based cyber security platforms in the country to support customers with their data location needs

SANTA CLARA, Calif. and ZURICH, Feb. 16, 2023 /PRNewswire/ -- Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today announced the launch of its cloud infrastructure in Switzerland allowing Swiss customers to access the full breadth of Palo Alto Networks security capabilities while meeting data residency needs.

"As organisations continue to transform their businesses with cloud computing, they need to protect themselves against an increasingly complex threat landscape, while trying to navigate and meet in-country data residency needs," said Helmut Reisinger, CEO EMEA and LATAM for Palo Alto Networks. "Our investment in new cloud infrastructure demonstrates our commitment to Switzerland and will ensure that Swiss customers have access to market-leading cybersecurity platforms and analytics, while helping them meet their data residency needs."

The new cloud location provides organisations in Switzerland with domestic, high-performance access to:

• Prisma® Access: Prisma Access is the security service edge (SSE) solution of Prisma SASE, the industry's most complete SASE solution converging network security, SD-WAN, and Autonomous Digital Experience Management into a single cloud-delivered service. With a domestic cloud footprint, Swiss customers can bring Zero Trust security to the hybrid workforce with the lowest latency and highest performance in the industry.
• Cortex XDR®: Cortex XDR is the industry's first extended detection and response platform, which integrates endpoint, network and cloud data to stop sophisticated attacks through state of the art AI and analytics. With the new Swiss cloud infrastructure, customers can meet data residency needs by keeping their logs and analytics in Switzerland.
• Cortex® XSIAM: Palo Alto Networks has launched its automation-first platform for the modern SOC, harnessing the power of machine intelligence to radically Strengthen security outcomes and transform security operations. With Cortex XSIAM, Swiss customers can now accelerate their SOC transformation while meeting data location preferences.
• AIOps: Palo Alto Networks AIOps helps reduce misconfigurations that can lead to security breaches. AIOps, launched early last year, now processes 65 billion metrics every month across 60,000 firewalls, and proactively shares 24,000 misconfigurations and other issues with customers for resolution every month. Swiss customers will be able to take advantage of this new offering while ensuring their telemetry remains in the country.
• Advanced WildFire: Customers can fully utilise the industry's largest malware prevention engine while ensuring that files submitted for analysis stay in Switzerland to help meet data privacy concerns. Advanced WildFire can be leveraged by the Palo Alto Networks Zero Trust Network Security Platform (i.e. Prisma SASE, ML-Powered Next-Generation Firewalls and VM-/CN-Series software firewalls) and Cortex XDR, which secures a world where any user can work anywhere without restrictions, as well as by third-party products via API.
• Cortex Data Lake: Customers can collect, transform and integrate their enterprise's security data to enable Palo Alto Networks solutions while data logs remain locally.

The availability of the regionally hosted services is part of Palo Alto Networks ongoing commitment to deliver the most complete set of security services locally for Swiss and European customers. These services enable customers to balance data privacy concerns with the ability to detect emerging threats, providing a seamless, streamlined security solution operated and delivered within Switzerland.

For more information on Palo Alto Networks regional cloud locations, please visit https://www.paloaltonetworks.com/products/regional-cloud-locations?utm_medium=earned&utm_source=SwissCloud-Press-Release.

About Palo Alto Networks
Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

At Palo Alto Networks, we're committed to bringing together the very best people in service of our mission, so we're also proud to be the cybersecurity workplace of choice, recognized among Newsweek's Most Loved Workplaces (2021 and 2022), Comparably Best Companies for Diversity (2021), and HRC Best Places for LGBTQ Equality (2022). For more information, visit www.paloaltonetworks.com.

Palo Alto Networks, Cortex, Cortex XDR, Prisma, WildFire, and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names, or service marks used or mentioned herein belong to their respective owners. Any unreleased services or features (and any services or features not generally available to customers) referenced in this or other press releases or public statements are not currently available (or are not yet generally available to customers) and may not be delivered when expected or at all. Customers who purchase Palo Alto Networks applications should make their purchase decisions based on services and features currently generally available.

Logo - https://mma.prnewswire.com/media/325503/palo_alto_networks_logo_2015.jpg

View original content:https://www.prnewswire.co.uk/news-releases/palo-alto-networks-goes-all-in-with-new-cloud-infrastructure-investment-in-switzerland-301748573.html