What changed in SentinelOne, Inc.'s 2023 10-K compared to 2022?

Across the narrative sections we track, SentinelOne, Inc. (S) added 449 paragraphs, removed 456, and edited 351 between the 2022 and 2023 10-K filings. The biggest movers are Item 1A. Risk Factors (+258/−245), Item 1. Business (+114/−99), Item 7. Management's Discussion & Analysis (+62/−93).

Did SentinelOne, Inc. add new Risk Factors in the 2023 10-K?

Yes — Item 1A Risk Factors shows 258 new/edited paragraphs and 245 removed paragraphs versus the 2022 10-K.

What changed in SentinelOne, Inc.'s MD&A (Item 7) in 2023?

Item 7 Management's Discussion & Analysis shows 62 new/edited paragraphs and 93 removed paragraphs year-over-year. Read the side-by-side diff to see exactly which revenue, margin, and outlook commentary was rewritten.

Did SentinelOne, Inc.'s Legal Proceedings (Item 3) change in 2023?

Item 3 shows 1 added/edited paragraphs and 1 removed paragraphs — usually indicating new litigation disclosed or settled cases removed.

Where does this S 10-K diff come from?

The source filings are SentinelOne, Inc.'s official 2022 and 2023 Form 10-K annual reports from SEC EDGAR. 10q10k.net parses each filing, aligns paragraphs by section (Item 1, 1A, 1C, 2, 3, 7, 7A), and highlights every added, removed and edited sentence side-by-side.

What changed in SentinelOne, Inc.'s 10-K — 2022 vs 2023

Paragraph-level year-over-year comparison of SentinelOne, Inc.'s 2022 and 2023 10-K annual filings, covering the Business, Risk Factors, Legal Proceedings, Cybersecurity, MD&A and Market Risk sections. Every new, removed and edited paragraph is highlighted side-by-side so you can see exactly what management changed in the 2023 report.

+449 added−456 removedSource: 10-K (2023-03-29) vs 10-K (2022-04-07)

Top changes in SentinelOne, Inc.'s 2023 10-K

449 paragraphs added · 456 removed · 351 edited across 7 sections

Item 1A. Risk Factors+258 / −245 · 194 edited
Item 1. Business+114 / −99 · 89 edited
Item 7. Management's Discussion & Analysis+62 / −93 · 56 edited
Item 5. Market for Registrant's Common Equity+6 / −10 · 5 edited
Item 7A. Quantitative and Qualitative Disclosures About Market Risk+7 / −7 · 5 edited

Item 1. Business

Business — how the company describes what it does

89 edited+25 added−10 removed114 unchanged

2022 filing

2023 filing

Biggest changeRanger provides organization-wide inventory and control of IoT devices by discovering connected devices, including virtual machines, containers, and IoT devices such as printers, smart TVs, and thermostats. Ranger has four key component features: • Rogue Discovery . Enables administrators to identify unprotected or “rogue assets” and verifies our agent is installed on all corporate assets. • Ranger Insight .

Biggest changeRanger has four key component features: • Rogue Discovery . Enables administrators to identify unprotected or “rogue assets” and verifies our agent is installed on all corporate assets. • Ranger Insight . Provides a clear picture of the inventory and risk in the IoT environment, including open ports, header and application versions, and vulnerability information, • Rogue Control .

They cannot take action at machine speed and are thus unable to detect and prevent or stop many fast-acting attacks. Additionally, due to communication latency with the cloud, these tools cannot generate actionable insights in real-time, which is required to stop many current threats. 6 Table of Contents • Lack long-term data visibility to proactively investigate advanced threats.

They cannot take action at machine speed and are thus unable to detect and prevent or stop many fast-acting 6 Table of Contents attacks. Additionally, due to communication latency with the cloud, these tools cannot generate actionable insights in real-time, which is required to stop many current threats. • Lack long-term data visibility to proactively investigate advanced threats.

Our platform is able to ingest structured and unstructured data from any source, with little to no manual configuration and at unprecedented speed and scale. 10 Table of Contents • Normalize . Aligns every data point to extract the shared elements regardless of origin and to produce true insights. • Correlate .

Our platform is able to ingest structured and unstructured data from any source, with little to no manual configuration and at unprecedented speed and scale. • Normalize . Aligns every data point to extract the shared elements regardless of origin and to produce true insights. 10 Table of Contents • Correlate .

Singularity XDR Integrations Singularity XDR unifies and extends detection, investigation, and response capability across the entire enterprise, providing security teams with centralized end-to-end enterprise visibility, powerful analytics, and automated responses across the technology stack.

XDR Integrations Singularity XDR unifies and extends detection, investigation, and response capability across the entire enterprise, providing security teams with centralized end-to-end enterprise visibility, powerful analytics, and automated responses across the technology stack.

Coupled with Storyline Active Response (STAR), our File Integrity solution (FIM) is able to automatically alert or remediate unauthorized changes to these files. Organizations use this to be compliant with PCI DSS and other regulatory requirements while eliminating other agents, products, and spend. Singularity XDR Platform Tiers Our Singularity XDR Platform offers a highly flexible deployment model.

Coupled with Storyline Active Response (STAR), our File Integrity solution (FIM) is able to automatically alert or remediate unauthorized changes to these files. Organizations use this to be compliant with PCI DSS and other regulatory requirements while eliminating other agents, products, and spend. Singularity Platform Tiers Our Singularity Platform offers a highly flexible deployment model.

We provide our partners with our differentiated technology and platform to enable them to provide the best security service to their own customers. Our Singularity XDR Platform offers our partners complete multi-tenancy and a superior level of management capability and flexibility with tiering, policy inheritance, and customizable role-based access control from the same console.

We provide our partners with our differentiated technology and platform to enable them to provide the best security service to their own customers. Our Singularity Platform offers our partners complete multi-tenancy and a superior level of management capability and flexibility with tiering, policy inheritance, and customizable role-based access control from the same console.

Our Singularity XDR Platform provides feature parity across Windows, macOS, and Linux. It provides customers with full flexibility through a multi-tier offering priced on a per agent basis, which generally corresponds with an endpoint, server, virtual machine, or host. The tiers of our Singularity Platform include: • Singularity Core.

Our Singularity Platform provides feature parity across Windows, macOS, and Linux. It provides customers with full flexibility through a multi-tier offering priced on a per agent basis, which generally corresponds with an endpoint, server, virtual machine, or host. The tiers of our Singularity Platform include: • Singularity Core.

Existing endpoint detection and response tools lack the capability to store large sets of historical data cost efficiently, and consequently often only offer limited data retention capabilities. This results in only partial datasets being available for threat hunting and time bound retrospective forensic analysis.

Existing endpoint detection and response (EDR) tools lack the capability to store large sets of historical data cost efficiently, and consequently often only offer limited data retention capabilities. This results in only partial datasets being available for threat hunting and time bound retrospective forensic analysis.

Our principal executive offices are located at 444 Castro Street, Suite 400, Mountain View, California 94041. Our telephone number is (855) 868-3733. We completed our initial public offering of shares of our Class A common stock in July 2021.

Our principal executive offices are located at 444 Castro Street, Suite 400, Mountain View, California 94041. Our telephone number is (855) 868-3733. We completed our initial public offering (IPO) of shares of our Class A common stock in July 2021.

Our Singularity Platform offers multi-tenancy and can be deployed on a diverse range of environments that our customers choose, including public, private, or hybrid clouds. Singularity XDR Platform Capabilities and Our Competitive Strengths • Protects against present and future cyber threats .

Our Singularity Platform offers multi-tenancy and can be deployed on a diverse range of environments that our customers choose, including public, private, or hybrid clouds. Singularity Platform Capabilities and Our Competitive Strengths • Protects against present and future cyber threats .

Our on-device AI model can detect file-based attacks predictively, even those that are previously unknown zero day exploits, with extreme precision in milliseconds.

Our on-device AI model can detect file-based attacks, even those that are previously unknown zero-day exploits, with extreme precision in milliseconds.

Our Singularity Platform provides organizations with our full suite of real-time threat prevention, detection, and remediation capabilities across all of their endpoints, cloud workloads, servers, and operating systems. Our platform further leverages our agents, combined with passive and active network discovery methods, to provide our customers with organization-wide visibility into all of their network assets, managed and unmanaged.

Our Singularity Platform provides organizations with our full suite of real-time threat prevention, detection, and remediation capabilities across all of their endpoints, cloud workloads, servers, operating systems, and user credentials. Our platform further leverages our agents, combined with passive and active network discovery methods, to provide our customers with organization-wide visibility into all of their network assets, managed and unmanaged.

We also engage temporary employees and consultants as needed to support our operations. Our U.S.-based employees includes team members in all key functions, including go-to-market, customer success, technology, product, and support. Each of our U.S. offices has a different functional focus but share a driven, customer-centric culture.

We also engage temporary employees and consultants as needed to support our operations. Our U.S.-based employees include team members in all key functions, including go-to-market, customer success, technology, product, and support. Each of our U.S. offices has a different functional focus but share a driven, customer-centric culture.

Endpoint Protection Our next-generation antivirus technology provides autonomous real-time protection across all operating systems, including Windows, Linux, macOS, and cloud-native and containerized workloads. Our endpoint protection is powered by distributed AI which resides both on devices as well as in the cloud for always-on, machine-speed protection.

Endpoint Protection Our next-generation cybersecurity technology provides autonomous real-time protection across all operating systems, including Windows, Linux, macOS, and cloud-native and containerized workloads. Our endpoint protection is powered by distributed AI which resides both on devices as well as in the cloud for always-on, machine-speed protection.

As our on-device machine 7 Table of Contents learning models assess how an endpoint behaves, they are completely independent of the attack vector itself or any further updates and configurations. • Enables protection and visibility across all digital assets .

As our on-device machine 7 Table of Contents learning models assess how an endpoint behaves, they are completely independent of the attack vector itself or any further updates and configurations. • Platform approach enables protection and visibility across all digital assets .

It securely streams a copy of all endpoint EDR telemetry to a 14 Table of Contents customer’s local data lake for further correlation with other security tools, while allowing offline data storage for audit and compliance. WatchTower WatchTower delivers threat hunting and insights to help customers understand the nature of threats, targeted attacks, threat actors, and risk reduction.

It securely streams a copy of all endpoint EDR telemetry to a customer’s local data lake for further correlation with other security tools, while allowing offline data storage for audit and compliance. WatchTower WatchTower delivers threat hunting and insights to help customers understand the nature of threats, targeted attacks, threat actors, and risk reduction.

Made for organizations seeking best-of-breed security with the addition of our “security suite” features for endpoint management. It provides additional features for control network connectivity, USB and Bluetooth peripherals, and to uncover rogue devices. • Singularity Complete. Our flagship offering that includes our full suite of product capabilities.

Our Go-To-Market Strategy Our sales and marketing organizations partner to create brand awareness, drive demand, and develop customer relationships to deliver strong sales pipeline coverage and revenue growth. Sales We sell subscriptions to our Singularity Platform through our direct sales team, which is composed of field sales and inside sales professionals.

Our Go-To-Market Strategy Our sales and marketing organizations partner to create brand awareness, drive demand, and develop customer relationships to deliver strong sales pipeline coverage and revenue growth. 18 Table of Contents Sales We sell subscriptions to our Singularity Platform through our direct sales team, which is composed of field sales and inside sales professionals.

Having access to some of the world’s top cybersecurity and AI talent through our distributed workforce model and our research and development centers across North America, Israel, Europe, and Asia allows us to continue hiring top technical talent and innovate to maintain our leading position. • Drive new customer acquisition.

Having access to some of the world’s top cybersecurity and AI talent through our distributed workforce model and our research and development centers across North America, Europe, Middle East, and Asia allows us to continue hiring top technical talent and innovate to maintain our leading position. • Drive new customer acquisition.

We will make available on our website at www.sentinelone.com, free of charge, copies of these reports and other information as soon as reasonably practicable after we electronically file such material with, or furnish it to, the SEC.

We will 21 Table of Contents make available on our website at www.sentinelone.com, free of charge, copies of these reports and other information as soon as reasonably practicable after we electronically file such material with, or furnish it to, the SEC.

The contents of the websites referred to above are not incorporated into this filing. Further, our references to the URLs for these websites are intended to be inactive textual references only. 21 Table of Contents

The contents of the websites referred to above are not incorporated into this filing. Further, our references to the URLs for these websites are intended to be inactive textual references only.

Vigilance MDR helps customers of all sizes augment their cybersecurity staff with a 24/7/365 globally-distributed operation which operates under the industry’s only publicly available SLAs. DataSet Platform Building upon the acquisition of Scalyr, Inc., we launched DataSet, a revolutionary live enterprise data platform for data queries, analytics, insights, and retention.

Vigilance MDR helps customers of all sizes augment their cybersecurity staff with a 24/7/365 globally-distributed operation which operates under the industry’s only publicly available Service Level Agreements. DataSet Platform Building upon the acquisition of Scalyr, Inc., we launched DataSet, a revolutionary live enterprise data platform for data queries, analytics, insights, and retention.

As such, we encourage investors, the media, and others to follow the channels listed above and to review the information 20 Table of Contents disclosed through such channels. Any updates to the list of disclosure channels through which we will announce information will be posted on the investor relations page on our website.

As such, we encourage investors, the media, and others to follow the channels listed above and to review the information disclosed through such channels. Any updates to the list of disclosure channels through which we will announce information will be posted on the investor relations page on our website.

The growth of remote work has increased the risk of cyberattacks. As a result of the accelerated structural shift towards a distributed workforce, organizations are increasingly looking for cybersecurity solutions that safeguard their remote workforce. Sophisticated cyberattacks circumvent existing security controls.

The growth of remote work has increased the risk of cyberattacks. As a result of the accelerated structural shift towards a distributed workforce, organizations are increasingly looking for cybersecurity solutions that safeguard their remote workforce and employee credentials. Sophisticated cyberattacks circumvent existing security controls.

Our sales team also identifies existing customers who may be interested in free trials of additional platform modules, which serves as a powerful 17 Table of Contents driver of our “land and expand” growth model.

Our sales team also identifies existing customers who may be interested in free trials of additional platform modules, which serves as a powerful driver of our “land and expand” growth model.

By providing full visibility into the Storyline of every secured device across the organization through one console, our platform makes it very fast for analysts to easily search through petabytes of data to investigate incidents and proactively hunt threats. We have extended our control and visibility planes beyond the traditional endpoint to cloud workloads, unmanaged devices, and IoT devices.

By providing full visibility into the Storyline of every secured device across the organization through one console, our platform makes it very fast for analysts to easily search through petabytes of data to investigate incidents and proactively hunt threats. We have extended protection and visibility beyond the traditional endpoint to cloud workloads, identity credentials, unmanaged devices, and IoT devices.

As we enhance our platform functionality and value proposition, we expect many of our customers to adopt additional platform functionalities and Singularity modules to address all of their cybersecurity use cases through the same platform and agent. Our customers can seamlessly activate additional modules and add increased functionality through the already deployed agent.

As we enhance our platform functionality and value proposition, we expect many of our customers to adopt additional platform functionalities and Singularity modules to address all of their cybersecurity use cases through the same platform and agent. Our customers can seamlessly activate additional modules to expand platform capabilities through the already deployed agent.

These patents and patent applications seek to protect our proprietary inventions relevant to our business. These issued patents are scheduled to expire on or around the years between 2034 and 2040 and cover various aspects of our platform and technology.

These patents and patent applications seek to protect our proprietary inventions relevant to our business. These issued patents are scheduled to expire on or around the years between 2033 and 2041 and cover various aspects of our platform and technology.

Having these teams together supports a highly collaborative and customer-focused site. Our office in Tel Aviv, Israel benefits from Israel’s concentration of cybersecurity experts. Our employees in Israel draw from Israel’s deep pool of Israeli military cybersecurity and intelligence experts, product mavens, and general technical talent.

Having these teams together supports a highly collaborative and customer-focused site. Our office in Tel Aviv, Israel benefits from Israel’s concentration of cybersecurity experts. This team draws from a deep pool of Israeli military cybersecurity and intelligence experts, product mavens, and general technical talent.

Available Information We file electronically with the SEC our Annual Report on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, and amendments to reports filed or furnished pursuant to Section 13(a) or 15(d) of the Exchange Act.

Available Information We file electronically with the SEC our Annual Report on Form 10-K, Definitive Proxy Statements on Schedule 14A, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, and amendments to reports filed or furnished pursuant to Section 13(a) or 15(d) of the Exchange Act.

We have increased our investment in training and development and have rolled out several key programs as well as enabling our employees to access over 1,000 on demand webinars in technical and soft skills areas. In response to the COVID-19 pandemic, we have worked to globally realign our benefits to focus on business continuity and employee well-being.

We have increased our investment in training and development and have rolled out several key programs as well as enabling our employees to access over 1,000 on demand webinars in technical and soft skills areas. Since the COVID-19 pandemic, we continue to globally align our benefits to focus on business continuity and employee well-being.

Tectonic shifts in IT require a “Zero Trust” operating procedure. With millions of remote devices accessing thousands of applications running in public, private and hybrid clouds, traditional perimeter-based security controls are bypassed and organizations have to operate in a “Zero Trust” IT environment.

With millions of remote devices accessing thousands of applications running in public, private and hybrid clouds, traditional perimeter-based security controls are bypassed and organizations have to operate in a “Zero Trust” IT environment.

We generally enter into confidentiality agreements and invention or work product assignment agreements with our officers, employees, agents, contractors, and business partners to control access to, and clarify ownership of, our proprietary information. 19 Table of Contents As of January 31, 2022, we had 22 issued patents and 15 pending patent applications in the United States and abroad.

We generally enter into confidentiality agreements and invention or work product assignment agreements with our officers, 20 Table of Contents employees, agents, contractors, and business partners to control access to, and clarify ownership of, our proprietary information. As of January 31, 2023, we had 48 issued patents and 29 pending patent applications in the United States and abroad.

We typically receive a higher percentage of our annual orders from new customers, as well as renewal orders from existing customers, in our fourth fiscal quarter as compared to other quarters due to the annual budget approval process of many of our customers. 15 Table of Contents Human Capital Resources Our Team As of January 31, 2022, we had over 1,200 full-time employees worldwide.

We typically receive a higher percentage of our annual orders from new customers, as well as renewal orders from existing customers, in our fourth fiscal quarter as compared to other quarters due to the annual budget approval process of many of our customers. Human Capital Resources Our Team As of January 31, 2023, we had over 2,100 full-time employees worldwide.

As of January 31, 2022, we had six trademark registrations in the United States, including registrations for “SentinelOne” and our logo. We also had 41 trademark registrations and applications in certain foreign jurisdictions. Additionally, we are the registered holder of a number of domain names, including sentinelone.com.

As of January 31, 2023, we had 7 trademark registrations in the United States, including registrations for “SentinelOne” and our logo. We also had 74 trademark registrations and applications in certain foreign jurisdictions. Additionally, we are the registered holder of a number of domain names, including sentinelone.com and dataset.com.

We have been very intentional with our efforts to support employees while working from home, and have enhanced and promoted programs to support employees’ physical and mental health and well-being. We have built a company that we believe can thrive whether our employees are in offices or remote.

We have been very intentional with our efforts to support employees while working from home and in their return to the office. Further, we have enhanced and promoted programs to support employees’ physical and mental health and well-being. We have built a company that we believe thrives whether our employees are in offices or remote.

We believe our XDR capabilities position us well to consolidate and unify spend across these categories. Over time, we believe this unification and re-architecture of the prevention, detection and response paradigm will create new opportunities for additional products and features for us.

We believe our leading security and platform breadth position us well to consolidate and unify spend across multiple categories. Over time, we believe this unification and re-architecture of the prevention, detection and response paradigm will create new opportunities for additional products and features for us.

As of January 31, 2022, we ha d over 6,700 customers, ranging from large enterprises, such as Fortune 10 companies, to small and medium-sized businesses. We intend to continue to add new customers through a product-first approach.

As of January 31, 2023, we ha d over 10,000 customers, ranging from large enterprises, such as Fortune 500 companies, to small and medium-sized businesses around the world. We intend to continue to add new customers through a product-first approach.

In addition to base salary, these programs, which vary by country and region, include annual bonuses, equity awards, an employee stock purchase plan, a 401(k) plan, including a recently announced 401(k) match in the United States, healthcare and insurance benefits, health savings and flexible spending accounts, unlimited vacation, wellness reimbursement, and more.

In addition to base salary, these programs, which vary by country and region, include bi-annual bonuses, equity awards, an employee stock purchase plan, a 401(k) plan, including a 401(k) match in the United States, healthcare and insurance benefits, health savings 17 Table of Contents and flexible spending accounts, unlimited vacation, wellness reimbursement, 16 weeks of gender-neutral parental leave and more.

Our runtime protection delivers prevention, detection, response and hunting functionalities purpose-built for these environments. We offer full-fledged EPP and EDR for servers, virtual machines, and containerized workloads. Our Cloud Application Control locks down the running image of servers and containers to prevent configuration drift and protect against unauthorized changes, in line with best practices for cloud workload security.

We offer full-fledged EPP and EDR for servers, virtual machines, and containerized workloads. Our Cloud Application Control locks down the running image of servers and containers to prevent configuration drift and protect against unauthorized changes, in line with best practices for cloud workload security.

Our European head office is in Amsterdam, Netherlands, which we chose for its talent pool, language versatility, diversity, labor and tax laws, and central location in relation to our offices in the United States and Israel. None of our employees are represented by a labor union or are a party to a collective bargaining arrangement.

It delivers mobile threat defense that is local, adaptive, and real-time, to thwart mobile malware and phishing attacks at the device, with or without a cloud connection. It is the industry’s leading on-device behavioral AI product that dynamically detects never before seen malware, phishing, exploits, and man-in-the-middle attacks. Singularity Mobile provides security and data privacy to support zero trust.

It is the industry’s leading on-device behavioral AI product that dynamically detects never before seen malware, phishing, exploits, and man-in-the-middle attacks. Singularity Mobile provides security and data privacy to support zero trust.

Our platform capabilities are connected through three key patented technologies: • Data Analytics. Our data analytics technology can ingest, correlate, and query petabytes of structured and unstructured data from disparate external and internal sources at machine speed. • AI.

We built our platform to be deployed as a cloud service or in private and hybrid clouds. Our platform capabilities are connected through three key patented technologies: • Data Analytics. Our data analytics technology can ingest, correlate, and query petabytes of structured and unstructured data from disparate external and internal sources at machine speed. • AI.

In addition, they lack the ability to detect and prevent an increasing number of fileless attacks, that deposit no malware, but instead exploit operating system vulnerabilities and use trusted tools within IT environments. In general, enterprises need to take a more holistic view of security protection across endpoints, cloud environments, and identity credentials.

Be reliable in all your actions and words. Put customers first. Be the owner. • OneSentinel . Be passionate about driving team success and collaboration across our company. • Relentlessness . Act with unwavering purpose and determination in everything you do. • Ingenuity . Encourage innovative approaches to problem-solving and market leadership. Embrace diverse perspectives. Hustle. • Community .

Be passionate about driving team success and collaboration across our company. • Relentlessness . Act with unwavering purpose and determination in everything you do. • Ingenuity . Encourage innovative approaches to problem-solving and market leadership. Embrace diverse perspectives. Hustle. • Community . Be kind to one another. Think about how your actions will affect others. Together.

Storyline powers our unified Endpoint Protection Platform (EPP), Endpoint Detection and Response (EDR), or, Extended Detection and Response (XDR) functionalities. Storyline is the foundation of our EPP while providing unprecedented levels of visibility with contextual information for benign and malicious processes.

Storyline powers our unified Endpoint Protection Platform (EPP), EDR, or XDR functionalities. Storyline is the foundation of our EPP while providing unprecedented levels of visibility with contextual information for benign and malicious processes. We extend our fundamental protection, visibility and response capabilities well beyond the endpoint to cloud, and third-party solutions in our Singularity Platform.

Our Customers As of January 31, 2022, we had over 6,700 customers using our Singularity XDR Platform in approximately 100 countries. We are protecting the digital infrastructures of thousands of customers around the world, including large global enterprises, small and medium sized businesses, and government organizations. Our business does not depend on any single end customer.

We are protecting the digital infrastructures of thousands of customers around the world, including large global enterprises, small and medium sized businesses, and government organizations. Our business does not depend on any single end customer.

By eliminating data schema requirements from the ingestion process and index limitations from querying, DataSet can process massive amounts of live data in real time, delivering log management, data analytics, and alerting with unparalleled speed, performance, and efficiency built on a security and privacy-first foundation. 15 Table of Contents As a software as a service (SaaS) platform, it can be deployed in minutes and is easy to operate without any maintenance requirement.

As a result, our net loss for fiscal 2022 was $271.1 million compared with net loss of $117.6 million in fiscal 2021. Industry Background Cybersecurity is fundamentally a data problem. Advances in AI, specifically machine learning, where algorithms use data to make decisions with minimal human intervention, are already revolutionizing fields such as healthcare, advertising, and securities trading.

Industry Background Cybersecurity is fundamentally a data problem. Advances in AI, specifically machine learning, where algorithms use data to make decisions with minimal human intervention, are already revolutionizing fields such as healthcare, advertising, and securities trading. We believe that AI is ripe for revolutionizing cybersecurity.

We believe in the strengths of diversity and are committed to building out a diverse talent base. We plan to continue investing in hiring employees both in and outside of the United States. We received Great Place to Work, a global authority on workplace culture, certification in fiscal 2022 in the United States, Netherlands and the United Kingdom.

We believe in the strengths of diversity and are committed to building out a diverse talent base. We plan to continue investing in hiring employees both in and outside of the United States.

It was designed with the goal of optimizing scale, cost and performance - what we call the Golden Ratio of Big Data. This is achieved by the use of innovative data structures, storage systems, and algorithms: • Ingest .

With our Singularity Platform, enterprises gain access to their security data from multiple sources through a single pane of glass. It was designed with the goal of optimizing scale, cost and performance - what we call the Golden Ratio of Big Data. This is achieved by the use of innovative data structures, storage systems, and algorithms: • Ingest .

Together, these capabilities make our platform the logical choice for organizations of all sizes, industry verticals, and compliance requirements. Our platform offers true multi-tenancy, which enables the world’s largest organizations and our managed security providers and incident response partners with an excellent management experience. Our customers realize improved cybersecurity outcomes with fewer people.

Our platform offers true multi-tenancy, which enables the world’s largest organizations and our managed security providers and incident response partners with an excellent management experience. Our customers realize improved cybersecurity outcomes with fewer people. Our Singularity Platform is used globally by organizations of all sizes across a broad range of industries.

It helps them gain insights from shared security events without requiring a massive time investment in custom business logic, code, and complex configuration.

It helps 19 Table of Contents them gain insights from shared security events without requiring a massive time investment in custom business logic, code, and complex configuration. It allows security teams to drive a unified, orchestrated response among security tools in different domains.

When activity is deemed a threat, our software autonomously takes action to kill the attack. Because Storylines contain a complete record of unauthorized changes made during an attack, we are ready to remediate or roll back these changes. The power to turn back time on a device is unique in the market.

Because Storylines contain a complete record of unauthorized changes made during an attack, we are ready to remediate or roll back these changes. The power to turn back time on a device is unique in the market. It is the ultimate safety net and exemplifies autonomous cybersecurity. Therefore, our software eliminates manual, expensive, and time-consuming incident cleanup.

Our distributed AI models run both locally on every endpoint and every cloud workload, as well as on our cloud platform. Our Static and vector-agnostic Behavioral AI models, which run on the endpoints themselves, provide our customers with protection even when their devices are not connected to the cloud.

Our Static and vector-agnostic Behavioral AI models, which run on the endpoints themselves, provide our customers with protection even when their devices are not connected to the cloud. In the cloud, our Streaming AI detects anomalies that surface when multiple data feeds are correlated.

It is the ultimate safety net and exemplifies autonomous cybersecurity. Thus, our software eliminates manual, expensive, and time-consuming incident cleanup. In the cloud, our platform aggregates Storylines. Our Streaming AI detects anomalies that surface when multiple data feeds are correlated with additional external and internal data.

In the cloud, our platform aggregates Storylines. Our Streaming AI detects anomalies that surface when multiple data feeds are correlated with additional external and internal data.

The power of our land-and-expand strategy is evidenced by our 129% dollar-based net retention rates as of January 31, 2022. • Expand our global footprint. Revenue generated outside of the United States was 32% for fiscal 2022, compared to 30% for fiscal 2021. We intend to continue to grow our international customer base by increasing our investments in international operations.

The success of our land-and-expand strategy is evidenced by our greater than 130% dollar-based net retention rate as of January 31, 2023 . • Expand our global footprint. Revenue generated outside of the United States was 35% for fiscal 2023, compared to 32% for fiscal 2022.

Offers data retention from one month to three years and beyond. Modern attacks can take days and weeks to initiate after infiltration. Therefore, it is critical for an EDR solution to provide visibility for extended periods of time. This enhances both retrospective analysis and proactive hunting measures.

Therefore, it is critical for an EDR solution to provide visibility for extended periods of time. This enhances both retrospective analysis and proactive hunting measures.

Be kind to one another. Think about how your actions will affect others. Together. We value transparent and respectful communication as key components of our continuous feedback culture, something that we view as a key driver of our business success. We benefit from the varied perspectives that come from our global workforce.

Here you will enjoy your work , in a culture that is built on equity, integrity and autonomous action. We value transparent and respectful communication as key components of our continuous feedback culture, something that we view as a key driver of our business success. We benefit from the varied perspectives that come from our global workforce.

This allows customers to identify potentially vulnerable endpoints and either add protection, or isolate them from the network. • Provides autonomous protection and remediation . Powered by our AI and Storyline technology, our agents defend and heal endpoints autonomously and in real-time by stopping malicious processes, quarantining, remediating, and even rolling back events to surgically keep endpoints clean.

Our platform approach helps enterprise consolidate security tools while enhancing enterprise-wide coverage. • Provides autonomous protection and remediation . Powered by our AI and Storyline technology, our agents defend and heal endpoints autonomously and in real-time by stopping malicious processes, quarantining, remediating, and even rolling back events to surgically keep endpoints clean.

Our remote script orchestration module allows concurrent execution of custom and preset scripts across an enterprise, instead of having to triage with a device by device approach. By converging our protection, detection, and response capabilities with remote script orchestration, our platform is the only solution that is needed to respond to a breach. • Storyline Active Response (STAR) .

Our remote script orchestration module allows concurrent execution of 14 Table of Contents custom and preset scripts across an enterprise, instead of having to triage with a device by device approach.

As of January 31, 2022, we had over 6,700 customers, increasing from over 3,900 as of January 31, 2021. Our revenue for fiscal 2022 and 2021 was $204.8 million and $93.1 million, respectively, representing year-over-year growth of 120%. During this period we continued to invest in growing our business to capitalize on our market opportunity.

Our revenue for fiscal 2023 and 2022 was $422.2 million and $204.8 million, respectively, representing year-over-year growth of 106%. During this period, we continued to invest in growing our business to capitalize on our market opportunity. As a result, our net loss for fiscal 2023 was $378.7 million compared with net loss of $271.1 million in fiscal 2022.

Research and Development Our research and development organization is responsible for the design, development, testing, and delivery of new technologies, features and integrations of our platform, as well as the continued improvement and iteration of our existing products. It is also responsible for operating and scaling our platform including its underlying infrastructure.

In addition, MentorOne program provides Sentinels the opportunity to mentor and be mentored to develop professionally. Research and Development Our research and development organization is responsible for the design, development, testing, and delivery of new technologies, features and integrations of our platform, as well as the continued improvement and iteration of our existing products.

We compete with an array of established and emerging security solution vendors. Our competitors include the following: • endpoint security providers, such as CrowdStrike Holdings, Inc. (Crowdstrike) and VMware, Inc.

Competition The market for our solutions is competitive and characterized by an evolving IT environment, customer requirements, industry standards and by frequent new product and service offerings and improvements. We compete with an array of established and emerging security solution vendors. Our competitors include the following: • endpoint security providers, such as CrowdStrike Holdings, Inc. (CrowdStrike) and VMware, Inc.

Our Singularity Platform is used globally by organizations of all sizes across a broad range of industries. Our AI and automation driven approach to cybersecurity has been adopted by some of the world’s largest organizations. As a result, we have grown rapidly since our inception.

Our AI and automation driven approach to cybersecurity has been adopted by some of the world’s largest organizations. As a result, we have grown rapidly since our inception. As of January 31, 2023, we had over 10,000 customers, increasing from over 6,700 as of January 31, 2022.

Our Singularity XDR Platform Our Singularity XDR Platform delivers AI-powered autonomous threat prevention, detection, and response capabilities across an organization’s endpoints and cloud workloads, enabling seamless and automatic protection against a full spectrum of cyber threats. We built our platform to be deployed as a cloud service or in private and hybrid clouds.

We are committed to innovation, automation, and securing data wherever it resides with a front-row seat into cutting-edge cybersecurity technologies. Our Singularity Platform Our Singularity Platform delivers AI-powered autonomous threat prevention, detection, and response capabilities across an organization’s endpoints and cloud workloads, enabling seamless and automatic protection against a full spectrum of cyber threats.

We have not experienced any work stoppages and we believe that our employee relations are strong. Our Culture Our core values capture our company’s culture and guide our approach on how we build and grow our business with all stakeholders: • Trust . Be dependable. Conduct yourself with the highest integrity at all times. • Accountability .

Our core values are at the foundation of our equitable culture and guide our approach on how we build and grow our business with all stakeholders: • Trust . Be dependable. Conduct yourself with the highest integrity at all times. • Accountability . Be reliable in all your actions and words. Put customers first. Be the owner. • OneSentinel .

Our compensation and benefits program is intended to anticipate and meet the needs of our employees.

Retention and Talent Development We believe that motivating and retaining talent at all levels is vital to our success. Our compensation and benefits program is intended to anticipate and meet the needs of our employees.

Attack Surface Management Our Ranger module enables control of the enterprise network attack surface in real time by discovering, identifying, and containing any device-based threat. Ranger leverages the presence of our software in an organization’s network to track assets, create an Enterprise Asset Map, perform network segmentation, deploy our agents to unprotected devices, and provide risk scores.

Ranger leverages the presence of our software in an organization’s network to track assets, create an Enterprise Asset Map, perform network segmentation, deploy our agents to unprotected devices, and provide risk scores. Ranger provides organization-wide inventory and control of IoT devices by discovering connected devices, including virtual machines, containers, and IoT devices such as printers, smart TVs, and thermostats.

As a result, despite deploying a myriad of point solutions, organizations have continued to suffer huge losses from cyberattacks. • Utilize AI approaches that rely on humans to power protection mechanisms . First generation AI tools cannot handle the volume, variety, and velocity of data that must be ingested and analyzed, in real-time, to be effective in preventing breaches.

First generation AI tools cannot handle the volume, variety, and velocity of data that must be ingested and analyzed, in real-time, to be effective in preventing breaches.

Our proprietary data stack - DataSet - and cloud architecture enable us to retain this rich, contextual data on behalf of our customers for up to three years in a highly cost-efficient manner. All of this threat intelligence is fed back into our AI model and further strengthens our algorithms, creating a strong flywheel effect and deepening our competitive moat.

Our proprietary data stack - DataSet - and cloud architecture enable us to retain this rich, contextual data on behalf of our customers for extended periods of time in a highly cost-efficient manner.

Our XDR platform ingests, correlates, and queries petabytes of structured and unstructured data from a myriad of ever-expanding disparate external and internal sources in real-time. We build rich context and deliver greater visibility by constructing a dynamic representation of data across an organization. As a result, our AI models are highly accurate, actionable, and autonomous.

We build rich context and deliver greater visibility by constructing a dynamic representation of data across an organization. As a result, our AI models are highly accurate, actionable, and autonomous. Our distributed AI models run both locally on every endpoint and every cloud workload, as well as on our cloud platform.

As a software as a service (SaaS) platform, it can be deployed in minutes and is easy to operate without any maintenance requirement. DataSet is built for the cloud and offered as a cloud service freeing up engineering resources from managing data refineries. DataSet is built with the security and controls that enterprises require for their most precious asset: data.

DataSet is built for the cloud and offered as a cloud service freeing up engineering resources from managing data refineries. DataSet is built with the security and controls that enterprises require for their most precious asset: data. Our Customers As of January 31, 2023, we had over 10,000 customers using our Singularity Platform in approximately 80 countries.

It is time to fight machine with machine. We pioneered the world’s first purpose-built AI-powered XDR platform to make cybersecurity defense truly autonomous, from the endpoint and beyond. Our Singularity Platform instantly defends against cyberattacks - performing at a faster speed, greater scale, and higher accuracy than otherwise possible from any single human or even a crowd.

It is time to fight machine with machine. We pioneered the world’s first purpose-built AI-powered Extended Detection and Response (XDR) platform to make cybersecurity defense truly autonomous, from the endpoint and beyond.

Our most significant investments are in research and development to drive core technology innovation and bring new products to market. Research and development employees are located primarily in our Israel and the Czech Republic offices, and remotely. We have a proven team that constantly works to expand our market, customer and user reach and impact with new, innovative products.

We have a proven team that constantly works to expand our market, customer and user reach and impact with new, innovative products. We intend to continue to invest in our research and development capabilities to extend our platform and products.

Our Static AI model predicts file-based attacks of all types, even previously unknown threats, often referred to as “zero-day attacks,” with extreme precision in milliseconds. Our Behavioral AI model maps, monitors, and links all behaviors on the endpoint to create rich, contextual narratives that we call Storylines. These high-fidelity Storylines are continuously evaluated by our Behavioral AI model.

On each endpoint and cloud workload, we run highly optimized AI models in a single lightweight software agent. Our Static AI model predicts file-based attacks of all types, even previously unknown threats, often referred to as “zero-day attacks,” with extreme precision in milliseconds.

The STAR module uses Streaming AI technology to match billions of events to tens of millions of IOCs at the time of ingestion. STAR is a threat hunting and workflow orchestration force multiplier. Without STAR, it is difficult for security analysts to keep pace with the number and complexity of emerging threats from an EDR perspective. • Data Retention .

Our STAR module is also capable of ingesting threat intelligence feeds to enhance and correlate analyses. The STAR module uses Streaming AI technology to match billions of events to tens of millions of IOCs at the time of ingestion. STAR is a threat hunting and workflow orchestration force multiplier.

To gain access to an organization’s data, cybercriminals target endpoints and applications and deploy a variety of sophisticated methods in the form of attack frameworks, machine learning, weaponized exploits, fileless techniques, and social engineering. As a result, solutions that help strengthen and scale their cyber defenses cost effectively is a top-level priority for organizations today.

Powered by very large networks of individual attackers distributed worldwide, cybercrime is practically infinite in scale and transcends geographical boundaries. To gain access to an organization’s data, cybercriminals target endpoints, applications, user credentials, and deploy a variety of sophisticated methods in the form of attack frameworks, machine learning, weaponized exploits, fileless techniques, and social engineering.

In the cloud, our Streaming AI detects anomalies that surface when multiple data feeds are correlated. Furthermore, our platform provides visibility across an organization’s digital assets through one console, making it easy and very fast for analysts to search through petabytes of data to investigate incidents and hunt threats.

Furthermore, our platform provides visibility across an organization’s digital assets through one console, making it easy and very fast for analysts to search through petabytes of data to investigate incidents and hunt threats. Our Singularity Platform offers multi-tenancy and can be deployed on a diverse range of environments that our customers choose, including public, private, or hybrid clouds.

Proprietary XDR Data Lake Dataset is our XDR data stack that seamlessly fuses together the data, access, control, and integration planes of EPP, EDR, Cloud Workload Protection Platform (CWPP), and IoT security into a centralized platform. With Singularity, organizations gain access to back-end data across the organization through a single solution.

We designed our platform based on our “design to delight” principle and developed a powerful yet simple and intuitive user experience. Proprietary Security Data Lake Dataset is our fully integrated security data lake that seamlessly fuses together the data, access, control, and integration planes of EPP, EDR, Cloud Workload Protection (CWP), Identity Protection, and IoT security into a centralized platform.

… 44 more changes not shown on this page.

Item 1A. Risk Factors

Risk Factors — what could go wrong, per management

194 edited+64 added−51 removed294 unchanged

2022 filing

2023 filing

Biggest changeGDPR as a processor when processing this personal data; • costs of localizing products and services; • lack of acceptance of localized products and services; • the need to make significant investments in people, solutions and infrastructure, typically well in advance of revenue generation; • challenges inherent in efficiently managing an increased number of employees over large geographic distances, including the need to implement appropriate systems, policies, benefits, and compliance programs; • difficulties in maintaining our corporate culture with a dispersed and distant workforce; • treatment of revenue from international sources, evolving domestic and international tax environments, and other potential tax issues, including with respect to our corporate operating structure and intercompany arrangements; • different or weaker protection of our intellectual property, including increased risk of theft of our proprietary technology and other intellectual property; • economic weakness or currency-related crises; • compliance with multiple, conflicting, ambiguous or evolving governmental laws and regulations, including employment, tax, privacy, anti-corruption, import/export, antitrust, data transfer, storage and protection, and industry-specific laws and regulations, including rules related to compliance by our third-party resellers and our ability to identify and respond timely to compliance issues when they occur, and regulations applicable to us and our third-party data providers from whom we purchase and resell syndicated data; • vetting and monitoring our third-party resellers in new and evolving markets to confirm they maintain standards consistent with our brand and reputation; 37 Table of Contents • generally longer payment cycles and greater difficulty in collecting accounts receivable; • our ability to adapt to sales practices and customer requirements in different cultures; • the lack of reference customers and other marketing assets in regional markets that are new or developing for us, as well as other adaptations in our market generation efforts that we may be slow to identify and implement; • dependence on certain third parties, including resellers with whom we do not have extensive experience; • natural disasters, acts of war, terrorism, or pandemics, including the ongoing COVID-19 pandemic and the conflict in Ukraine; • corporate espionage; and • political instability and security risks in the countries where we are doing business and changes in the public perception of governments in the countries where we operate or plan to operate.

Biggest changeWe are generating a growing portion of our revenue outside of the United States, and conduct our business activities in various foreign countries, including some emerging markets where we have limited experience, where the challenges of conducting our business can be significantly different from those we have faced in more developed markets and where business practices may create internal control risks including: • fluctuations in foreign currency exchange rates, which could add volatility to our operating results; • new, or changes in, regulatory requirements; • tariffs, export and import restrictions, restrictions on foreign investments, sanctions, and other trade barriers or protection measures; • exposure to numerous, increasing, stringent (particularly in the European Union), and potentially inconsistent laws and regulations relating to privacy, data protection, and information security; • costs of localizing products and services; • lack of acceptance of localized products and services; • the need to make significant investments in people, solutions and infrastructure, typically well in advance of revenue generation; • challenges inherent in efficiently managing an increased number of employees over large geographic distances, including the need to implement appropriate systems, policies, benefits, and compliance programs; 36 Table of Contents • difficulties in maintaining our corporate culture with a dispersed and distant workforce; • treatment of revenue from international sources, evolving domestic and international tax environments, and other potential tax issues, including with respect to our corporate operating structure and intercompany arrangements; • different or weaker protection of our intellectual property, including increased risk of theft of our proprietary technology and other intellectual property; • economic weakness or currency-related crises; • compliance with multiple, conflicting, ambiguous or evolving governmental laws and regulations, including employment, tax, data privacy, anti-corruption, import/export, antitrust, data transfer, storage and protection, and industry-specific laws and regulations, including rules related to compliance by our third-party resellers and our ability to identify and respond timely to compliance issues when they occur; • vetting and monitoring our third-party channel partners in new and evolving markets to confirm they maintain standards consistent with our brand and reputation; • generally longer payment cycles and greater difficulty in collecting accounts receivable; • our ability to adapt to sales practices and customer requirements in different cultures; • the lack of reference customers and other marketing assets in regional markets that are new or developing for us, as well as other adaptations in our market generation efforts that we may be slow to identify and implement; • dependence on certain third parties, including channel partners with whom we do not have extensive experience; • natural disasters, acts of war, terrorism, or pandemics, including the COVID-19 pandemic and the conflict in Ukraine; • instability in the global banking system; • corporate espionage; and • political instability and security risks in the countries where we are doing business and changes in the public perception of governments in the countries where we operate or plan to operate.

Cybersecurity companies face particularly intense attack efforts, and we have faced, and will continue to face, cyber threats and attacks from a variety of sources. The research that we conduct and report may make us, or our customers, a further target for attacks for all kinds.

In the future, we may not be able to find suitable acquisition candidates, and we may not be able to complete such acquisitions on favorable terms, if at all. Our due diligence efforts may fail to identify all of the problems, liabilities or other shortcomings or challenges involved in an acquisition.

In the future, we may not be able to find suitable acquisition candidates, and we may not be able to complete such acquisitions on favorable terms, if at all. Our due diligence efforts may fail to identify all of the challenges, problems, liabilities or other shortcomings involved in an acquisition.

Risks Related to our People We rely on our management team and other key employees and will need additional personnel to grow our business, and the loss of one or more key employees or our inability to hire, integrate, train, manage, retain, and motivate qualified personnel, including members of our board of directors, could harm our business.

We receive, store, and process some personal information from our employees, customers, and the employees of our customers, and our end users. This personal information is hosted by third party service providers.

We receive, store, and process some personal information from our employees, customers, the employees of our customers, and our end users. This personal information is hosted by our third-party service providers.

To the extent we process personal data on behalf of our customers for the provision of services, we have, and may in the future, also be required to enter into data processing agreements which comply with Article 28 of the GDPR/U.K.

Among other things, our restated certificate of incorporation and amended and restated bylaws include provisions that: • provide that our board of directors is classified into three classes of directors with staggered three-year terms; • permit our board of directors to establish the number of directors and fill any vacancies and newly created directorships; • require super-majority voting to amend some provisions in our restated certificate of incorporation and restated bylaws; • authorize the issuance of “blank check” preferred stock that our board of directors could use to implement a stockholder rights plan; • provide that only our chief executive officer or a majority of our board of directors will be authorized to call a special meeting of stockholders; • eliminate the ability of our stockholders to call special meetings of stockholders; • do not provide for cumulative voting; • provide that directors may only be removed “for cause” and only with the approval of two-thirds of our stockholders; • provide for a dual class common stock structure in which holders of our Class B common stock may have the ability to control the outcome of matters requiring stockholder approval, even if they own significantly less than a majority of the outstanding shares of our common stock, including the election of directors and other significant corporate transactions, such as a merger or other sale of our company or its assets; • prohibit stockholder action by written consent, which requires all stockholder actions to be taken at a meeting of our stockholders; • provide that our board of directors is expressly authorized to make, alter, or repeal our bylaws; and 63 Table of Contents • establish advance notice requirements for nominations for election to our board of directors or for proposing matters that can be acted upon by stockholders at annual stockholder meetings.

Among other things, our restated certificate of incorporation and amended and restated bylaws include provisions that: • provide that our board of directors is classified into three classes of directors with staggered three-year terms; • permit our board of directors to establish the number of directors and fill any vacancies and newly created directorships; • require super-majority voting to amend some provisions in our restated certificate of incorporation and amended and restated bylaws; • authorize the issuance of “blank check” preferred stock that our board of directors could use to implement a stockholder rights plan; • provide that only our chief executive officer or a majority of our board of directors will be authorized to call a special meeting of stockholders; • eliminate the ability of our stockholders to call special meetings of stockholders; • do not provide for cumulative voting; • provide that directors may only be removed “for cause” and only with the approval of two-thirds of our stockholders; 61 Table of Contents • provide for a dual class common stock structure in which holders of our Class B common stock may have the ability to control the outcome of matters requiring stockholder approval, even if they own significantly less than a majority of the outstanding shares of our common stock, including the election of directors and other significant corporate transactions, such as a merger or other sale of our company or its assets; • prohibit stockholder action by written consent, which requires all stockholder actions to be taken at a meeting of our stockholders; • provide that our board of directors is expressly authorized to make, alter, or repeal our amended and restated bylaws; and • establish advance notice requirements for nominations for election to our board of directors or for proposing matters that can be acted upon by stockholders at annual stockholder meetings.

A breach in our data security or an attack against our platform could impact our networks or the networks of our customers that are secured by our platform, creating system disruptions or slowdowns and providing access to malicious parties to information stored on our networks or the networks of our customers, resulting in data being publicly disclosed, altered, lost, or stolen, which could subject us to liability and adversely affect our financial condition.

A breach in our data security or an attack against our platform could impact our networks or the networks and data of our customers that are secured by our platform, creating system disruptions or slowdowns and providing access to malicious parties to information stored on our networks or the networks of our customers, resulting in data being publicly disclosed, misused, altered, lost, or stolen, which could subject us to liability and adversely affect our financial condition.

Factors that could cause fluctuations in the market price of our Class A common stock include the following: • actual or anticipated changes or fluctuations in our operating results; 57 Table of Contents • the financial projections we may provide to the public, any changes in these projections or our failure to meet these projections; • announcements by us or our competitors of new products or new or terminated significant contracts, commercial relationships, acquisitions or capital commitments; • rumors and market speculation involving us or other companies in our industry; • the overall performance of the stock market or technology companies; • the number of shares of our Class A common stock publicly owned and available for trading; • failure of industry or financial analysts to maintain coverage of us, changes in financial estimates by any analysts who follow our company, or our failure to meet these estimates or the expectations of investors; • litigation involving us, our industry or both, or investigations by regulators into our operations or those of our competitors; • developments or disputes concerning our intellectual property rights or our solutions, or third-party proprietary rights; • new laws or regulations or new interpretations of existing laws or regulations applicable to our business; • any major changes in our management or our board of directors; • interest rate changes or fluctuations; and • other events or factors, including those resulting from the COVID-19 pandemic, war, such as Russia’s invasion of Ukraine, armed conflict, incidents of terrorism or responses to these events.

Factors that could cause fluctuations in the market price of our Class A common stock include the following: • actual or anticipated changes or fluctuations in our operating results; • the financial projections we may provide to the public, any changes in these projections or our failure to meet these projections; • announcements by us or our competitors of new products or new or terminated significant contracts, commercial relationships, acquisitions or capital commitments; • rumors and market speculation involving us or other companies in our industry; • the overall performance of the stock market or technology companies; • the number of shares of our Class A common stock publicly owned and available for trading; 56 Table of Contents • failure of industry or financial analysts to maintain coverage of us, changes in financial estimates by any analysts who follow our company, or our failure to meet these estimates or the expectations of investors; • litigation or other proceedings involving us, our industry or both, or investigations by regulators into our operations or those of our competitors; • developments or disputes concerning our intellectual property rights or our solutions, or third-party proprietary rights; • new laws or regulations or new interpretations of existing laws or regulations applicable to our business; • any major changes in our management or our board of directors; • interest rate changes or fluctuations; and • other events or factors, including those resulting from the COVID-19 pandemic, war, such as Russia’s invasion of Ukraine, armed conflict, incidents of terrorism or responses to these events.

Our business is subject to the risks of warranty claims and product liability claims from real or perceived defects in our solutions or their misuse by our customers or third parties and indemnity provisions in various agreements potentially expose us to substantial liability for intellectual property infringement and other losses.

Our business is subject to the risks of warranty claims, product returns and product defects from real or perceived defects in our solutions or their misuse by our customers or third parties and indemnity provisions in various agreements potentially expose us to substantial liability for intellectual property infringement and other losses.

Third parties have, and may claim in the future, that our current or future products and services infringe their intellectual property rights, and such claims may result in legal claims against our channel partners, our alliance partners, our customers and us. These claims may damage our brand and reputation, harm our customer relationships, and create liability for us.

Third parties have claimed, and may claim in the future, that our current or future products and services infringe their intellectual property rights, and such claims may result in legal claims against our channel partners, our alliance partners, our customers and us. These claims may damage our brand and reputation, harm our customer relationships, and create liability for us.

Although we have implemented security measures to prevent such attacks, our networks and systems may be breached due to the actions of outside parties, employee error, malfeasance, a combination of these, or otherwise, and as a result, an unauthorized party may obtain access to our systems, networks, or data.

Licensing technologies from third parties exposes us to increased risk of being the subject of intellectual property infringement due to, among other things, our lower level of visibility into the development process with respect to such technology and the care taken to safeguard against infringement risks.

Licensing technologies from third parties exposes us to increased risk of being the subject of intellectual property infringement and vulnerabilities due to, among other things, our lower level of visibility into the development process with respect to such technology and the care taken to safeguard against risks.

Our corporate structure and intercompany arrangements are subject to the tax laws of various jurisdictions, and we could be obligated to pay additional taxes, which would harm our operating results and financial condition. We are expanding our international operations and staff to support our business in international markets.

Our competitors also may be successful in recruiting and hiring members of our management team or other key employees, and it may be difficult for us to find suitable replacements on a timely basis, on competitive terms, or at all.

Our competitors also may be successful in recruiting and hiring members of our management team, sales team or other key employees, and it may be difficult for us to find suitable replacements on a timely basis, on competitive terms, or at all.

We are also subject to evolving E.U. and U.K. privacy laws on cookies and e-marketing. In the E.U. and the U.K., informed consent is required for the placement of a cookie or similar technologies on a user’s device and for direct electronic marketing.

We are also subject to evolving E.U. and U.K. privacy laws on cookies and electronic marketing. In the E.U. and the U.K., informed opt-in consent is required for the placement of a cookie or similar technologies on a user’s device and for direct electronic marketing.

Where a security incident involves a breach of security leading to the accidental or unlawful destruction, loss, alternation, unauthorized disclosure of, or access to, personal data in respect of which we are a controller or processor under the GDPR (U.K.

Notably, but not necessarily limited to, we may be subject to: • Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM) and similar state consumer protection laws regarding the use telephones and text messaging for marketing purposes. • Section 5(a) of the Federal Trade Commission (FTC) Act for violating consumers’ privacy rights or failing to take appropriate steps to keep consumers’ personal information secure, resulting in a finding of an unfair act or practice. 48 Table of Contents • The CCPA, effective since January 1, 2020, which created new data privacy obligations for covered companies and provided new privacy rights to California residents, including the right to opt out of certain disclosures of their information and receive detailed information about how their personal information is used.

Notably, but not necessarily limited to, we may be subject to: • Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM) and similar state consumer protection laws regarding the use of telephones and text messaging for marketing purposes. • Section 5(a) of the Federal Trade Commission (FTC) Act for violating consumers’ privacy rights or failing to take appropriate steps to keep consumers’ personal information secure, resulting in a finding of an unfair act or practice. • The CCPA, effective since January 1, 2020, which created new data privacy obligations for covered companies and provided new privacy rights to California residents, including the right to opt out of certain disclosures of their information and receive detailed information about how their personal information is used.

If we combine our proprietary software with open source software in a certain manner, we could, under certain open source licenses, be required to release the source code of our proprietary software to the public, including authorizing further modification and redistribution, or otherwise be limited in the licensing of our services, each of which could provide an advantage to our competitors or other entrants to the market, create security vulnerabilities in our solution, require us to re-engineer all or a portion of our platform, and reduce or eliminate the value of our services.

If we combine and distribute our proprietary software with open source software in a certain manner, we could, under certain open source licenses, be required to release combined the source code of our proprietary software to the public, including authorizing further modification and redistribution, or otherwise be limited in the licensing of our services, each of which could provide an advantage to our competitors or other entrants to the market, create security vulnerabilities in our solution, require us to re-engineer all or a portion of our platform, and reduce or eliminate the value of our services.

Any real or perceived defects, 29 Table of Contents errors or vulnerabilities in our platform, or any other failure of our platform to detect an advanced threat, could result in: • a loss of existing or potential customers; • delayed or lost revenue and adverse impacts to our business, operating results, and financial condition; • a delay in attaining, or the failure to attain, market acceptance; • the expenditure of significant financial and research and development resources in efforts to analyze, correct, eliminate, or work around errors or defects, and address and eliminate vulnerabilities; • an increase in resources devoted to customer service and support, which could adversely affect our gross margin; • harm to our reputation or brand; and • claims and litigation, regulatory inquiries, or investigations, enforcement actions, and other claims and liabilities, all of which may be costly and burdensome and further harm our reputation.

Any real or perceived defects, errors or vulnerabilities in our platform, or any other failure of our platform to detect an advanced threat, could result in: • a loss of existing or potential customers; • delayed or lost revenue and adverse impacts to our business, operating results, and financial condition; • a delay in attaining, or the failure to attain, market acceptance; • the expenditure of significant financial and research and development resources in efforts to analyze, correct, eliminate, or work around errors or defects, and address and eliminate vulnerabilities; • an increase in resources devoted to customer service and support, which could adversely affect our gross margin; • harm to our reputation or brand; and • claims and litigation, regulatory inquiries, or investigations, enforcement actions, and other claims and liabilities, all of which may be costly and burdensome and further harm our reputation.

While we anticipate the development of a ePrivacy Regulation to govern cookies and e-marketing, recent European court decisions and regulators’ guidance are driving increased attention to cookies and tracking technologies.

While we anticipate the development of the ePrivacy Regulation to govern cookies and e-marketing, recent European court decisions and regulators’ guidance are driving increased attention to cookies and tracking technologies.

Because of the twenty-to-one voting ratio between our Class B and Class A common stock, the holders of our Class B common stock collectively are expected to continue to control a majority of the combined voting power of our common stock and therefore will be able to control all matters submitted to our stockholders for approval until the earlier of (i) the date specified by a vote of the holders of 66 2/3% of the then outstanding shares of Class B common stock, (ii) seven years from the date of our Final Prospectus, or June 29, 2028, (iii) the first date following the completion of our IPO on which the number of shares of outstanding Class B common stock (including shares of Class B common stock subject to outstanding stock options) held by Tomer Weingarten, including certain permitted entities that Mr.

Because of the twenty-to-one voting ratio between our Class B and Class A 57 Table of Contents common stock, the holders of our Class B common stock collectively are expected to continue to control a majority of the combined voting power of our common stock and therefore will be able to control all matters submitted to our stockholders for approval until the earlier of (i) the date specified by a vote of the holders of 66 2/3% of the then outstanding shares of Class B common stock, (ii) seven years from the date of our Final Prospectus, or June 29, 2028, (iii) the first date following the completion of our IPO on which the number of shares of outstanding Class B common stock (including shares of Class B common stock subject to outstanding stock options) held by Tomer Weingarten, including certain permitted entities that Mr.

Sales to governmental organizations are subject to a number of challenges and risks that may adversely affect our business and operating results, including the following risks: • selling to governmental agencies can be highly competitive, expensive, and time consuming, often requiring significant upfront time and expense without any assurance that such efforts will generate a sale; • government certification, software supply chain or source code transparency requirements applicable to us or our platform may change and, in doing so, restrict our ability to sell into the governmental sector until we have attained the revised certification or meet other new requirements.

Sales to governmental organizations are subject to a number of challenges and risks that may adversely affect our business and operating results, including the following risks: • selling to governmental agencies can be highly competitive, expensive, and time consuming, often requiring significant upfront time and expense without any assurance that such efforts will generate a sale; 35 Table of Contents • government certification, software supply chain or source code transparency requirements applicable to us or our platform may change and, in doing so, restrict our ability to sell into the governmental sector until we have attained the revised certification or meet other new requirements.

If we cannot achieve and sustain profitability, our business, operating results, and financial condition will be adversely affected. • We face intense competition and could lose market share to our competitors, which would adversely affect our business, operating results, and financial condition. • Our operating results may fluctuate significantly, which could make our future results difficult to predict and could cause our operating results to fall below expectations. • A network or data security incident against us, whether actual, alleged, or perceived, would harm our reputation, create liability, and regulatory exposure, and adversely affect our business, operating results, and financial condition. • Defects, errors, or vulnerabilities in our platform, the failure of our platform to block malware or prevent a security breach, misuse of our platform, or risks of product liability claims would harm our reputation and adversely affect our business, operating results, and financial condition. • Existing and future acquisitions, strategic investments, partnerships or alliances could be difficult to identify and integrate, divert the attention of key management personnel, disrupt our business, dilute stockholder value and adversely affect our business, operating results, and financial condition. • If we are unable to retain our customers, renew and expand our relationships with them, and add new customers, we may not be able to sustain revenue growth, and we may not achieve or maintain profitability in the future. • If our platform is not effectively interoperated within our customers’ IT infrastructure, deployments could be delayed or canceled, which would adversely affect our business, operating results, and financial condition. • Disruptions or other business interruptions that affect the availability of our platform could adversely affect our customer relationships and overall business. 22 Table of Contents • We may not be able to timely and cost-effectively scale and adapt our existing technology to meet our customers’ performance and other requirements. • If we are unable to maintain successful relationships with our channel partners and alliance partners, or if our channel partners or alliance partners fail to perform, our ability to market, sell and distribute our platform will be limited, and our business, operating results, and financial condition will be harmed.

If we cannot achieve and sustain profitability, our business, operating results, and financial condition will be adversely affected. ◦ We face intense competition and could lose market share to our competitors, which would adversely affect our business, operating results, and financial condition. ◦ Our operating results may fluctuate significantly, which could make our future results difficult to predict and could cause our operating results to fall below expectations. ◦ Adverse economic conditions or reduced information technology spending could adversely affect our business, operating results and financial condition. ◦ A network or data security incident against us, whether actual, alleged, or perceived, would harm our reputation, create liability, and regulatory exposure, and adversely affect our business, operating results, and financial condition. ◦ Defects, errors, or vulnerabilities in our platform, the failure of our platform to block malware or prevent a security breach, misuse of our platform, or risks of product liability claims would harm our reputation and adversely affect our business, operating results, and financial condition. 22 Table of Contents ◦ Existing and future acquisitions, strategic investments, partnerships or alliances could be difficult to identify and integrate, divert the attention of key management personnel, disrupt our business, dilute stockholder value and adversely affect our business, operating results, and financial condition. ◦ If we are unable to retain our customers, renew and expand our relationships with them, and add new customers, we may not be able to sustain revenue growth, and we may not achieve or maintain profitability in the future. • If our platform is not effectively interoperated within our customers’ IT infrastructure, deployments could be delayed or canceled, which would adversely affect our business, operating results, and financial condition. • Disruptions or other business interruptions that affect the availability of our platform could adversely affect our customer relationships and overall business. • We may not be able to timely and cost-effectively scale and adapt our existing technology to meet our customers’ performance and other requirements. • If we are unable to maintain successful relationships with our channel partners and alliance partners, or if our channel partners or alliance partners fail to perform, our ability to market, sell and distribute our platform will be limited, and our business, operating results, and financial condition will be harmed.

Even if there is significant demand for endpoint security solutions like ours, if our competitors include functionality that is, or is perceived to be, equivalent to or better than ours in legacy products that are already generally accepted as necessary components of an organization’s IT security architecture, we will have difficulty increasing the market penetration of our platform.

Even if there is significant demand for endpoint and cloud security solutions like ours, if our competitors include functionality that is, or is perceived to be, equivalent to or better than ours in legacy products that are already generally accepted as necessary components of an organization’s IT security architecture, we will have difficulty increasing the market penetration of our platform.

However, such agreements may not be enforceable in full or in part in all jurisdictions and any breach could negatively affect on our business and our remedy for such breach may be limited.

However, such agreements may not be enforceable in full or in part in all jurisdictions and any breach could negatively affect our business and our remedy for such breach may be limited.

GDPR), which respectively govern the collection, use, disclosure, transfer or other processing of personal data of natural persons, and it applies extra-territorially and imposes onerous requirements on controllers and processors of personal data, including, for example: (i) accountability and transparency requirements, and enhanced requirements for obtaining valid consent; (ii) obligations to consider data protection as any new products or services are developed and to limit the amount of personal data processed; (iii) obligations to comply with data protection rights of data subjects; and (iv) reporting of personal data breaches to the supervisory authority without undue delay (and no later than 72 hours).

GDPR), which respectively govern the collection, use, disclosure, transfer or other processing of personal data of natural persons, and it applies extra-territorially and imposes onerous requirements on 47 Table of Contents controllers and processors of personal data, including, for example: (i) accountability and transparency requirements, and enhanced requirements for obtaining valid consent; (ii) obligations to consider data protection as any new products or services are developed and to limit the amount of personal data processed; (iii) obligations to comply with data protection rights of data subjects; and (iv) reporting of personal data breaches to the supervisory authority without undue delay (and no later than 72 hours).

Additional risks we may face in connection with acquisitions include: • diversion of management’s time and focus from operating our business to addressing acquisition integration challenges; • the inability to coordinate research and development and sales and marketing functions; • the inability to integrate product and service offerings; • retention of key employees from the acquired company; • changes in relationships with strategic partners or the loss of any key customers or partners as a result of product acquisitions or strategic positioning resulting from the acquisition; • cultural challenges associated with integrating employees from the acquired company into our organization; • integration of the acquired company’s accounting, CRM, management information, human resources and other administrative systems; • the need to implement or improve controls, procedures and policies at a business that prior to the acquisition may have lacked sufficiently effective controls, procedures and policies; 31 Table of Contents • unexpected security risks or higher than expected costs to improve the security posture of the acquired company; • additional legal, regulatory or compliance requirements; • financial reporting, revenue recognition or other financial or control deficiencies of the acquired company that we don’t adequately address and that cause our reported results to be incorrect; • liability for activities of the acquired company before the acquisition, including intellectual property infringement claims, violations of laws, commercial disputes, tax liabilities and other known and unknown liabilities; • failing to achieve the expected benefits of the acquisition or investment; and • litigation or other claims in connection with the acquired company, including claims from terminated employees, customers, current and former stockholders or other third parties.

Additional risks we may face in connection with acquisitions include: • diversion of management’s time and focus from operating our business to addressing acquisition integration challenges; • the inability to coordinate research and development and sales and marketing functions; • the inability to integrate product and service offerings; • retention of key employees from the acquired company; • changes in relationships with strategic partners or the loss of any key customers or partners as a result of product acquisitions or strategic positioning resulting from the acquisition; • cultural challenges associated with integrating employees from the acquired company into our organization; • integration of the acquired company’s accounting, CRM, management information, human resources and other administrative systems; • the need to implement or improve controls, procedures and policies at a business that prior to the acquisition may have lacked sufficiently effective controls, procedures and policies; • unexpected security risks or higher than expected costs to improve the security posture of the acquired company; • higher than expected costs to bring the acquired company’s IT infrastructure up to our standards; • additional legal, regulatory or compliance requirements; • financial reporting, revenue recognition or other financial or control deficiencies of the acquired company that we don’t adequately address and that cause our reported results to be incorrect; 31 Table of Contents • liability for activities of the acquired company before the acquisition, including intellectual property infringement claims, violations of laws, commercial disputes, tax liabilities and other known and unknown liabilities; • failing to achieve the expected benefits of the acquisition or investment; and • litigation or other claims in connection with the acquired company, including claims from or against terminated employees, customers, current and former stockholders or other third parties.

If our customers or other third parties we do business with make intellectual property rights or other indemnification claims against us, we will incur significant legal expenses and may have to pay damages, license fees and/or stop using technology found to be in violation of the third party’s rights. We may also have to seek a license for the technology.

When our customers or other third parties we do business with make intellectual property rights or other indemnification claims against us, we will incur significant legal expenses and may have to pay damages, license fees and/or stop using technology found to be in violation of the third party’s rights. We may also have to seek a license for the technology.

A network or data security incident against us, whether actual, alleged, or perceived, would harm our reputation, create liability, and regulatory exposure, and adversely affect our business, operating results, and financial condition. Companies are subject to an increasing number and wide variety of attacks on their networks on an ongoing basis.

A network or data security incident against us, whether actual, alleged, or perceived, would harm our reputation, create liability and regulatory exposure, and adversely impact our business, operating results, and financial condition. Companies are subject to an increasing number and wide variety of attacks on their networks on an ongoing basis.

In the event of a natural disaster, including a major earthquake, blizzard, or hurricane, or a catastrophic event such as a fire, power loss, cyberattack, or telecommunications failure, we may be unable to continue our operations and may endure system interruptions, reputational harm, delays in development of our platform, lengthy interruptions in service, 60 Table of Contents breaches of data security, and loss of critical data, all of which could have an adverse effect on our future operating results.

In the event of a natural disaster, including a major earthquake, blizzard, or hurricane, or a catastrophic event such as a fire, power loss, cyberattack, or telecommunications failure, we may be unable to continue our operations and may endure system interruptions, reputational harm, delays in development of our platform, lengthy interruptions in service, breaches of data security, and loss of critical data, all of which could have an adverse effect on our future operating results.

If this adequacy decision is reversed by the European Commission, we would have to implement protection measures such as the SCCs for data transfers between the E.U. and the U.K. or find alternative solutions for the complaint transfer of personal data from the E.U. into the U.K.

If this adequacy decision is reversed by the European Commission, we would have to implement protection measures such as the SCCs for data transfers between the E.U. and the U.K. or find alternative solutions for the compliant transfer of personal data from the E.U. into the U.K.

If the market for our platform does not achieve widespread adoption or there is a reduction in demand for our software or our services in our market caused by a lack of customer acceptance, implementation challenges for deployment, technological challenges, competing technologies and services, decreases in corporate spending, weakening 27 Table of Contents economic conditions, or otherwise, it could result in reduced customer orders and decreased revenue, which would adversely affect our business operations and financial condition.

If the market for our platform does not achieve widespread adoption or there is a reduction in demand for our software or our services caused by a lack of customer acceptance, implementation challenges for deployment, technological challenges, competing technologies and services, decreases in corporate spending, weakening economic conditions, or otherwise, it could result in reduced customer orders and decreased revenue, which would adversely affect our business operations and financial condition.

Alternatively, if a court were to find the choice of forum provision contained in our restated certificate of incorporation or restated bylaws to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such action in other jurisdictions, which could harm our business, financial condition, and operating results. 64 Table of Contents ITEM 1B.

Alternatively, if a court were to find the choice of forum provision contained in our restated certificate of incorporation or amended and restated bylaws to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such action in other jurisdictions, which could harm our business, financial condition, and operating results. 62 Table of Contents ITEM 1B.

Any failure or perceived failure by us, even if unfounded, to comply with applicable privacy and data security laws and regulations, our privacy policies, or our privacy-related obligations to users or other third parties, or any compromise of security that results in the unauthorized release or transfer of personal information or other customer data, may result in governmental enforcement actions, litigation, or public statements against us by consumer advocacy groups or others and could cause our users to lose trust in us, which would have an adverse effect on our reputation and business.

Any failure or perceived failure by us, even if unfounded, to comply with applicable privacy and data security laws and regulations, our privacy policies, or our privacy-related obligations to customers, users or other third 49 Table of Contents parties, or any compromise of security that results in the unauthorized release or transfer of personal information or other customer data, may result in governmental enforcement actions, litigation, or public statements against us by consumer advocacy groups or others and could cause our users to lose trust in us, which would have an adverse effect on our reputation and business.

Defects, errors, or vulnerabilities in our platform, the failure of our platform to block malware or prevent a security breach, misuse of our platform, or risks of product liability claims would harm our reputation and adversely affect our business, operating results, and financial condition.

Defects, errors, or vulnerabilities in our platform, the failure of our platform to block malware or prevent a security breach, misuse of our platform, or risks of product liability claims would harm our reputation and adversely impact our business, operating results, and financial condition.

We do not yet know the full extent of potential impacts on our business, operations or on the global economy as a whole, particularly if the COVID-19 pandemic continues and persists for an extended period of time.

We do not yet know the full extent of potential impacts on our business, operations or on the global economy as a whole, particularly if the COVID-19 pandemic persists for an extended period of time.

Our competitors may be able to devote greater resources to the development, promotion and sale of their products and services than we can, and they may offer lower pricing than we do or bundle certain competing products and services at lower price.

Such license may not be available on reasonable terms, if at all, and may significantly increase our operating expenses or may require us to restrict our business activities and limit our ability to deliver certain solutions or features.

Such licenses may not be available on reasonable terms, if at all, and may significantly increase our operating expenses or may require us to restrict our business activities and limit our ability to deliver certain solutions or features.

For example, many foreign countries limit the enforceability of patents against certain third parties, including government agencies or government contractors. In these countries, patents may provide limited or no benefit. Effective trade secret protection 43 Table of Contents may also not be available in every country in which our products are available or where we have employees or independent contractors.

For example, many foreign countries limit the enforceability of patents against certain third parties, including government agencies or government contractors. In these countries, patents may provide limited or no benefit. Effective trade secret protection may also not be available in every country in which our products are available or where we have employees or independent contractors.

We generally agree in our customer contracts to indemnify customers for certain expenses or liabilities they incur as a result of third-party intellectual property infringement claims associated with our platform.

We generally agree in our customer and partner contracts to indemnify customers for certain expenses or liabilities they incur as a result of third-party intellectual property infringement claims associated with our platform.

Noncompliance with these laws could subject us to investigations, severe criminal or civil sanctions, settlements, prosecution, loss of export privileges, suspension or debarment from U.S. government contracts, other enforcement actions, disgorgement of profits, significant fines, damages, other civil and criminal penalties or injunctions, whistleblower complaints, adverse media coverage and other consequences.

Accordingly, our financial results in any one quarter should not be relied upon as indicative of future performance. Fluctuation in quarterly results may negatively impact the trading price of our Class A common stock.

Accordingly, our financial results in any one quarter should not be relied upon as indicative of future performance. Fluctuations in quarterly results may negatively impact the trading price of our Class A common stock.

Our long-term success depends, in part, on our ability to expand the sale of our platform to customers located outside of the United States and our current, and any further, expansion of our international 36 Table of Contents operations exposes us to risks that could have a material adverse effect on our business, operating results, and financial condition.

Our long-term success depends, in part, on our ability to expand the sale of our platform to customers located outside of the United States and our current, and any further, expansion of our international operations exposes us to risks that could have a material adverse effect on our business, operating results, and financial condition.

If we do not effectively assist our customers in deploying our platform, succeed in helping our customers quickly resolve technical issues, or provide effective ongoing support, our ability to sell additional products and services as part of our platform to existing customers would be adversely affected and our reputation with potential customers could be damaged.

If we do not effectively assist our customers in deploying our platform, succeed in helping our customers quickly resolve technical issues, or provide 41 Table of Contents effective ongoing support, our ability to sell additional products and services as part of our platform to existing customers would be adversely affected and our reputation with potential customers could be damaged.

Furthermore, U.S. export control laws and economic sanctions prohibit the shipment of certain hardware and software and the provision of certain cloud-based solutions to certain countries, governments and persons targeted by U.S. sanctions and for certain end-uses.

Furthermore, U.S. export control laws and economic sanctions prohibit the export and re-export of certain hardware and software and the provision of certain cloud-based solutions to certain countries, governments and persons targeted by U.S. sanctions and for certain end-uses.

If we are unable to achieve, or are delayed in achieving, compliance with these certifications and standards, we may be disqualified from selling our platform to such customers, or may otherwise be at a competitive disadvantage, either of which could adversely affect our business, operating results, and financial condition.

If we are unable to achieve, or are delayed in achieving, compliance with these certifications and standards, we may be disqualified from selling our 32 Table of Contents platform to such customers, or may otherwise be at a competitive disadvantage, either of which could adversely affect our business, operating results, and financial condition.

If one or more of these analysts cease coverage of our Class A common stock or fail to publish reports on us regularly, our visibility in the financial markets could decrease, which in turn could cause our stock price or trading volume to decline. We could be subject to securities class action litigation.

If one or more of these analysts cease coverage of our Class A common stock or fail to publish reports on us regularly, our 60 Table of Contents visibility in the financial markets could decrease, which in turn could cause our stock price or trading volume to decline. We could be subject to securities class action litigation.

Failure to manage any future growth effectively could result in increased costs, cause difficulty or delays in deploying new customers, reduce demand for our platform, cause 38 Table of Contents difficulties in introducing new features or other operational difficulties, and any of these difficulties would adversely affect our business, operating results, and financial condition.

Failure to manage any future growth effectively could result in increased costs, cause difficulty or delays in deploying new customers, reduce demand for our platform, cause difficulties in introducing new features or other operational difficulties, and any of these difficulties would adversely affect our business, operating results, and financial condition.

We incorporate standard encryption algorithms into our platform, which, along with the underlying technology, may be exported outside of the U.S. only with the required export authorizations, including by 46 Table of Contents license, license exception or other appropriate government authorizations, which may require the filing of an encryption registration and classification request.

We incorporate standard encryption algorithms into our platform, which, along with the underlying technology, may be exported outside of the U.S. only with the required export authorizations, including by license, license exception or other appropriate government authorizations, which may require the filing of an encryption registration and classification request.

We are continuing to develop and refine our disclosure controls, internal control over financial reporting and other procedures that are designed to ensure information required to be disclosed by us in our financial statements and in the reports that we will file with the SEC is recorded, processed, summarized and reported within the time periods specified in SEC rules and forms, and information required to be disclosed in reports under the Exchange Act is accumulated and communicated to our principal executive and financial officers.

We are continuing to develop and refine our disclosure 51 Table of Contents controls, internal control over financial reporting and other procedures that are designed to ensure information required to be disclosed by us in our financial statements and in the reports that we will file with the SEC is recorded, processed, summarized and reported within the time periods specified in SEC rules and forms, and information required to be disclosed in reports under the Exchange Act is accumulated and communicated to our principal executive and financial officers.

For example, although we are currently FedRAMP certified, such certification is costly to maintain and subject to rigorous compliance and if we lose our certification, it would restrict our ability to sell to government customers; • government demand and payment for our platform may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our platform, including as a result of abrupt events such as government shut downs, war, incidents of terrorism, natural disasters, and public health concerns or epidemics; • governments routinely investigate and audit government contractors’ administrative processes, and any unfavorable audit could result in the government refusing to continue buying our platform, which would adversely impact our revenue and operating results, or institute fines or civil or criminal liability if an investigation, audit, or other review, were to uncover improper or illegal activities; • governments may require certain products to be manufactured, produced, hosted or accessed solely in their country or in other relatively high-cost locations, and we may not produce or host all products in locations that meet these requirements, affecting our ability to sell these products to governmental agencies; and • refusal to grant certain certifications or clearance by one government agency, or decision by one government agency that our products do not meet certain standards, may cause reputational harm and cause concern with other government agencies.

For example, although SentinelOne is currently FedRAMP authorized, such authorization is costly to maintain and subject to rigorous compliance and if we lose our authorization, it would restrict our ability to sell to government customers; • government demand and payment for our platform may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our platform, including as a result of sudden, unforeseen and disruptive events such as government shut downs, war, incidents of terrorism, natural disasters, and public health concerns or epidemics; • governments routinely investigate and audit government contractors’ administrative processes, and any unfavorable audit could result in the government refusing to continue buying our platform, which would adversely impact our revenue and operating results, or institute fines or civil or criminal liability if an investigation, audit, or other review, were to uncover improper or illegal activities; • governments may require certain products to be manufactured, produced, hosted or accessed solely in their country or in other relatively high-cost locations, and we may not produce or host all products in locations that meet these requirements, affecting our ability to sell these products to governmental agencies; and • refusal to grant certain certifications or clearance by one government agency, or decision by one government agency that our products do not meet certain standards, may cause reputational harm and cause concern with other government agencies.

We may not be successful in developing or implementing 33 Table of Contents these technologies. In addition, it takes a significant amount of time to plan, develop and test improvements to our technologies and infrastructure, and we may not be able to accurately forecast demand or predict the results we will realize from such improvements.

We may not be successful in developing or implementing these technologies. In addition, it takes a significant amount of time to plan, develop and test improvements to our technologies and infrastructure, and we may not be able to accurately forecast demand or predict the results we will realize from such improvements.

Although we monitor our use of open source software in an effort both to comply with the terms of the applicable open source licenses and to avoid subjecting our products to conditions we do not intend, many of the risks associated with use of open source software cannot be eliminated and could negatively affect our business.

Although we monitor our use of open source software in an effort both to comply with the terms of the applicable open source licenses and to avoid subjecting our products to conditions we do not intend, many of the risks associated with use of open source software cannot be 44 Table of Contents eliminated and could negatively affect our business.

For example, in 2017, we reached a consent agreement with the Federal Trade Commission (FTC), to resolve an investigation relating to certain disclosures in our privacy policy. The consent agreement requires us, among other things, to provide information about our compliance with the FTC order and about representations made in our marketing materials.

For example, in 2017, we reached a consent agreement with the FTC, to resolve an investigation relating to certain disclosures in our privacy policy. The consent agreement requires us, among other things, to provide information about our compliance with the FTC order and about representations made in our marketing materials.

The loss of key personnel, including key members of our management team or members of our board of directors, as well as certain of our key marketing, sales, finance, support, product development, human resources, or technology personnel, could disrupt our operations and have an adverse effect on our ability to grow our business.

The loss of key personnel, including key members of our management team or members of our board of directors, as well as certain of our key marketing, sales, finance, support, product development, people team, or technology personnel, could disrupt our operations and have an adverse effect on our ability to grow our business.

Our business may be adversely affected if legislative or administrative changes to immigration or visa laws and regulations impair our hiring processes. Moreover, many of the companies with which we compete for experienced personnel have greater resources than we have.

Our business may be adversely affected if legislative or administrative changes to immigration or visa laws and regulations impair our hiring processes. 40 Table of Contents Moreover, many of the companies with which we compete for experienced personnel have greater resources than we have.

If taxing authorities in any of the jurisdictions in which we conduct our international operations were to successfully challenge our transfer pricing, we could be required to reallocate part or all of our income to reflect transfer pricing adjustments, which could result in an increased tax liability to us.

If taxing authorities in any of the jurisdictions in which we conduct our 54 Table of Contents international operations were to successfully challenge our transfer pricing, we could be required to reallocate part or all of our income to reflect transfer pricing adjustments, which could result in an increased tax liability to us.

We may be adversely affected by natural disasters, pandemics and other catastrophic events, and by man-made problems such as war, armed conflict, terrorism, that could disrupt our business operations, and our business continuity and disaster recovery plans may not adequately protect us from a serious disaster.

We may be adversely affected by natural disasters, pandemics and other catastrophic events, and by man-made problems such as war, that could disrupt our business operations, and our business continuity and disaster recovery plans may not adequately protect us from a serious disaster.

We may also become increasingly dependent on a more limited number of channel partners, as consolidation 35 Table of Contents increases the relative proportion of our business for which each channel partner is responsible, which may magnify the risks described in the preceding paragraphs.

We may also become increasingly dependent on a more limited number of channel partners, as consolidation increases the relative proportion of our business for which each channel partner is responsible, which may magnify the risks described in the preceding paragraphs.

Such a transition may require technical changes to our platform, including, but not limited to, our cloud service infrastructure which was designed to run on AWS. Making such changes could be costly in terms of time and financial resources.

Such a transition could require further technical changes to our platform, including, but not limited to, our cloud service infrastructure which was initially designed to run on AWS. Making such changes could be costly in terms of time and financial resources.

As a result, the dual class structure of our common stock may make us ineligible for inclusion in certain indices and may discourage such indices from selecting us for inclusion, notwithstanding our automatic termination provision, may cause 59 Table of Contents stockholder advisory firms to public negative commentary about our corporate governance practices or otherwise seek to cause us to change our capital structure, and may result in large institutional investors not purchasing shares of our Class A common stock.

As a result, the dual class structure of our common stock may make us ineligible for inclusion in certain indices and may discourage such indices from selecting us for inclusion, notwithstanding our automatic termination provision, may cause stockholder advisory firms to publish negative commentary about our corporate governance practices or otherwise seek to cause us to change our capital structure, and may result in large institutional investors not purchasing shares of our Class A common stock.

Any failure or refusal of our insurance providers to provide the expected insurance benefits to us after we have paid the ransomware warranty claims would cause us to incur significant expense or cause us to cease offering this warranty which could damage our reputation, cause us to lose customers, expose us to liability claims by our customers, negatively impact our sales and marketing efforts, and have an adverse effect on our business, operating results, and financial condition.

Any failure or refusal of our insurance providers to provide the expected insurance benefits to us after we have remediated warranty claims would cause us to incur significant expense or cause us to cease offering warranties which could damage our reputation, cause us to lose customers, expose us to liability claims by our customers, negatively impact our sales and marketing efforts, and have an adverse effect on our business, operating results, and financial condition.

Third parties have claimed and may claim in the future that our platform infringes their intellectual property rights and this may create liability for us or otherwise adversely affect our business, operating results, and financial condition.

Third parties have claimed and may claim that our platform infringes their intellectual property rights and this may create liability for us or otherwise adversely affect our business, operating results, and financial condition.

From time to time, we may face claims from third parties asserting ownership of, or demanding release of, the open source software or derivative works that we developed using such software (which could include our proprietary source code), or otherwise seeking to enforce the terms of the applicable open source license. These claims could result in litigation.

If our assumptions regarding these risks and uncertainties are incorrect or change due to fluctuations in our markets or otherwise, or if we do not address these risks successfully, our operating and financial results could differ materially from our expectations and our business and operating results would 23 Table of Contents be adversely affected.

If our efforts to comply with new laws, regulations and standards differ from the activities intended by regulatory or governing bodies due to ambiguities related to practice, regulatory authorities may initiate legal proceedings against us, and our business may be harmed. We have incurred significant costs with respect to our directors’ and officers’ insurance coverage.

If our efforts to comply with new laws, regulations, and standards differ from the activities intended by regulatory or governing bodies due to ambiguities related to their application and practice, regulatory authorities may initiate legal proceedings against us, and our business may be adversely affected. We have incurred significant costs with respect to our directors’ and officers’ insurance coverage.

Our competitors may also have greater resources for 25 Table of Contents research and development of new technologies, customer support and to pursue acquisitions, or they may have other financial, technical, or other resource advantages.

Our competitors may also have greater resources for research and development of new technologies, customer support and to pursue acquisitions, or they may have other financial, technical, or other resource advantages.

We would also be exposed to a risk of loss or litigation and potential liability under laws, regulations and contracts that protect the privacy and security of personal information.

We would also be exposed to a risk of loss or litigation and potential liability under laws, regulations and 28 Table of Contents contracts that protect the privacy and security of personal information.

If not utilized, the federal net operating loss carryforwards will begin to expire in 2031, and the state net operating loss carryforwards will begin to expire in 2023.

If not utilized, the federal net operating loss carryforwards will begin to expire in 2031, and the state net operating loss carryforwards will begin to expire in 2024.

Significant assumptions and estimates used in preparing our consolidated financial statements include but are not limited to those related to the valuation of our common stock prior to our IPO in June 2021, stock-based compensation, the period of benefit for deferred contract acquisition costs, standalone selling prices for each performance obligation, useful lives of long-lived assets, the incremental borrowing rate used for operating lease liabilities, and accounting for income taxes.

Significant assumptions and estimates used in preparing our consolidated financial statements include but are not limited to those related to stock-based compensation, the period of benefit for deferred contract acquisition costs, standalone selling prices for each performance obligation, useful lives of long-lived assets, the incremental borrowing rate used for operating lease liabilities, and accounting for income taxes.

Any failure to maintain high-quality technical support, or a market perception that we do not maintain high-quality 42 Table of Contents support, could adversely affect our reputation, our ability to sell our services to existing and prospective customers, and our business, operating results and financial condition.

Any failure to maintain high-quality technical support, or a market perception that we do not maintain high-quality support, could adversely affect our reputation, our ability to sell our services to existing and prospective customers, and our business, operating results and financial condition.

If 39 Table of Contents we are unable to meet our stated service level commitments or if we suffer extended periods of poor performance or unavailability of our platform, we may be contractually obligated to provide affected customers with partial refunds or termination rights.

If we are unable to meet our stated service level commitments or if we suffer extended periods of poor performance or unavailability of our platform, we may be contractually obligated to provide affected customers with credit, partial refunds or termination rights.

Such changes to existing standards or changes in their interpretation may have an adverse effect 56 Table of Contents on our reputation, business, financial condition and profit, or cause an adverse deviation from our revenue and operating profit target, which may adversely affect our financial results.

Such changes to existing standards or changes in their interpretation may have an adverse effect on our reputation, business, financial condition and profit, or cause an adverse deviation from our revenue and operating profit target, which may adversely affect our financial results.

Department of Commerce’s Export Administration Regulations (EAR), and we and our employees, representatives, contractors, agents, intermediaries, and other third parties are also subject to various economic and trade sanctions regulations administered by OFAC.

Risks Related to Ownership of Our Class A Common Stock • The market price of our class A common stock may be volatile, and you could lose all or part of your investment. • The dual class structure of our common stock has the effect of concentrating voting control with certain stockholders who held our capital stock prior to the completion of our initial public offering (IPO), including our directors, executive officers, and beneficial owners of 5% or greater of our outstanding capital stock who hold in the aggregate approximately 89% of the voting power of our capital stock, which will limit or preclude your ability to influence corporate matters, including the election of directors and the approval of any change of control transaction.

Risks Related to Ownership of Our Class A Common Stock • The market price of our Class A common stock may be volatile, and you could lose all or part of your investment. • The dual class structure of our common stock has the effect of concentrating voting control with certain stockholders who held our capital stock prior to the completion of our IPO, including our directors, executive officers, and other beneficial owners who hold in the aggregate approximately 85% of the voting power of our capital stock, which will limit or preclude your ability to influence corporate matters, including the election of directors and the approval of any change of control transaction.

If we experience, or our service provides experience any breaches of security measures or sabotage or otherwise suffer unauthorized use or disclosure of, or access to, personal information, financial account information or other confidential information, we might be required to expend significant capital and resources to address these problems.

If we experience, or our service providers experience, any breaches of security 29 Table of Contents measures or sabotage or otherwise suffer unauthorized use or disclosure of, or access to, personal information, financial account information or other confidential information, we might be required to expend significant capital and resources to address these problems.

Our quarterly financial results may fluctuate as a result of a number of factors, many of which are outside of our control and may be difficult to predict, including, without limitation: • the continuing impact of the on-going COVID-19 pandemic on our operations, financial results, and liquidity and capital resources, including on customers, sales, expenses, and employees; • our ability to attract new and retain existing customers or sell additional features to existing customers; • the budgeting cycles, seasonal buying patterns, and purchasing practices of customers; • the timing and length of our sales cycles; • changes in customer or channel partner requirements or market needs; • changes in the growth rate of the cybersecurity market generally and market for endpoint security; • the timing and success of new product and service introductions by us or our competitors or any other competitive developments, including consolidation among our customers or competitors; • the level of awareness of cybersecurity threats, particularly advanced cyberattacks, and the market adoption of our platform; • our ability to successfully expand our business domestically and internationally; 26 Table of Contents • decisions by organizations to purchase security solutions from larger, more established security vendors or from their primary IT equipment vendors; • changes in our pricing policies or those of our competitors; • any disruption in our relationship with ISVs, channel partners, MSPs, MSSPs, MDRs, OEMs and IR firms; • insolvency or credit difficulties confronting our customers, affecting their ability to purchase or pay for our solution; • significant security breaches of, technical difficulties with or interruptions to, the use of our platform; • extraordinary expenses such as litigation or other dispute-related settlement payments or outcomes, taxes, regulatory fines or penalties; • general political, economic and macroeconomic conditions, both domestic and in our foreign markets, including as a result of war, terrorism or armed conflict, including Russia’s invasion of Ukraine; • future accounting pronouncements or changes in our accounting policies or practices; • negative media coverage or publicity; • the amount and timing of operating costs and capital expenditures related to the expansion of our business; and • increases or decreases in our expenses caused by fluctuations in foreign currency exchange rates.

Our quarterly financial results may fluctuate as a result of a number of factors, many of which are outside of our control and may be difficult to predict, including, without limitation: • general economic, macroeconomic and political conditions, both domestic and in our foreign markets, that could impact some or all regions where we operate, including any global economic slowdown, global banking and finance related issues, increased risk of inflation, rising interest rates, labor shortages and potential global recession, war, terrorism or armed conflict, including Russia’s invasion of Ukraine, or instability in the global system; • our ability to attract new and retain existing customers or sell additional features to existing customers; • the budgeting cycles, seasonal buying patterns, and purchasing practices of customers; • the timing and length of our sales cycles; 26 Table of Contents • changes in customer or channel partner requirements or market needs; • changes in the growth rate of the cybersecurity market generally and market for endpoint security; • the timing and success of new product and service introductions by us or our competitors or any other competitive developments, including consolidation among our customers or competitors; • the level of awareness of cybersecurity threats, particularly advanced cyberattacks, and the market adoption of our platform; • our ability to successfully expand our business domestically and internationally; • decisions by organizations to purchase security solutions from larger, more established security vendors or from their primary IT equipment vendors; • changes in our pricing policies or those of our competitors; • any disruption in our relationship with ISVs, channel partners, MSPs, MSSPs, MDRs, OEMs and IR firms; • insolvency or credit difficulties confronting our customers, affecting their ability to purchase or pay for our solution; • significant security breaches of, technical difficulties with or interruptions to, the use of our platform; • extraordinary expenses such as litigation or other dispute-related settlement payments or outcomes, taxes, regulatory fines or penalties; • the impact of the COVID-19 pandemic on our operations, financial results, and liquidity and capital resources, including on customers, sales, expenses, and employees; • future accounting pronouncements or changes in our accounting policies or practices; • negative media coverage or publicity; • the amount and timing of operating costs and capital expenditures related to the expansion of our business; and • increases or decreases in our expenses caused by fluctuations in foreign currency exchange rates.

AWS may also take actions beyond our control that could seriously harm our business, including discontinuing or limiting our access to one or more AWS services, increasing pricing terms, competing with us, terminating or seeking to terminate our contractual relationship altogether, or altering how we are able to process data on AWS in a way that is unfavorable or costly to us.

AWS, and other cloud hosting providers, may also take actions beyond our control that could seriously harm our business, including discontinuing or limiting our access to one or more services, increasing pricing terms, competing with us, terminating or seeking to terminate our contractual relationship altogether, or altering how we are able to process data on their system in a way that is unfavorable or costly to us.

Our intercompany relationships and intercompany transactions are subject 54 Table of Contents to complex transfer pricing rules administered by taxing authorities in various jurisdictions in which we operate with potentially divergent tax laws.

Our intercompany relationships and intercompany transactions are subject to complex transfer pricing rules administered by taxing authorities in various jurisdictions in which we operate with potentially divergent tax laws.

… 229 more changes not shown on this page.

Item 2. Properties

Properties — owned and leased real estate

1 edited+0 added−0 removed1 unchanged

2022 filing

2023 filing

Biggest changeWe lease additional offices in the United States and around the world, including in the Czech Republic, France, Israel, Japan, the Netherlands, and United Arab Emirates. We believe that our current facilities are adequate to meet our current needs.

Biggest changeWe lease additional offices in the United States and around the world, including in the Czech Republic, France, Israel, and United Arab Emirates. We believe that our current facilities are adequate to meet our current needs.

Item 3. Legal Proceedings

Legal Proceedings — active lawsuits and investigations

1 edited+0 added−0 removed1 unchanged

2022 filing

2023 filing

Biggest changeFor more information regarding legal proceedings and other claims in which we are involved, see Note 15 to our consolidated financial statements included in Part II, Item 8 of this Annual Report on Form 10-K, and is incorporated herein by reference. ITEM 4. MINE SAFETY DISCLOSURES Not applicable. 65 Table of Contents PART II.

Biggest changeFor more information regarding legal proceedings and other claims in which we are involved, see Note 13 to our consolidated financial statements included in Part II, Item 8 of this Annual Report on Form 10-K, and is incorporated herein by reference. ITEM 4. MINE SAFETY DISCLOSURES Not applicable. 63 Table of Contents PART II.

Item 5. Market for Registrant's Common Equity

Market for Common Equity — stock, dividends, buybacks

5 edited+1 added−5 removed4 unchanged

2022 filing

2023 filing

Biggest changeOur Class B common stock is not listed or traded on any stock exchange. Holders of Record As of January 31, 2022, we had 98 holders of record of our Class A common stock and 93 holders of record of our Class B common stock.

Biggest changeOur Class B common stock is not listed or traded on any stock exchange. Holders of Record As of March 24, 2023, we had 70 holders of record of our Class A common stock and 69 holders of record of our Class B common stock.

Securities Authorized for Issuance Under Equity Compensation Plans The information required by this item will be included in our Proxy Statement for the 2022 Annual Meeting to be filed with the SEC within 120 days of the fiscal year ended January 31, 2022, and is incorporated herein by reference. Unregistered Sales of Equity Securities None.

Securities Authorized for Issuance Under Equity Compensation Plans The information required by this item will be included in our Proxy Statement for the 2023 Annual Meeting to be filed with the SEC within 120 days of the fiscal year ended January 31, 2023, and is incorporated herein by reference. Unregistered Sales of Equity Securities None.

We have presented below the cumulative total return to our stockholders between June 30, 2021 (the date our Class A common stock commenced trading on the NYSE) through January 31, 2022 in comparison to the Standard & Poor’s 500 Index and Standard & Poor Information Technology Index.

We have presented below the cumulative total return to our stockholders between June 30, 2021 (the date our Class A common stock commenced trading on the NYSE) through January 31, 2023 in comparison to the Standard & Poor’s 500 Index and Standard & Poor Information Technology Index.

All values assume a $100 initial investment and data for the Standard & Poor’s 500 Index and Standard & Poor Information Technology Index assume reinvestment of dividends. Such returns are based on historical data and are not indicative of, nor intended to forecast, the future performance of our Class A common stock. ITEM 6. [RESERVED]

Stock Performance Graph 66 Table of Contents This performance graph shall not be deemed “soliciting material” or be “filed” with the SEC for purposes of Section 18 of the Exchange Act, or otherwise subject to the liability under that Section, and shall not be deemed to be incorporated by reference into any filing of SentinelOne, Inc. under the Securities Act or Exchange Act generally.

Stock Performance Graph This performance graph shall not be deemed “soliciting material” or be “filed” with the SEC for purposes of Section 18 of the Exchange Act, or otherwise subject to the liability under that Section, and shall not be deemed to be incorporated by reference into any filing of SentinelOne, Inc. under the Securities Act or Exchange Act generally.

Removed

Use of Proceeds from Initial Public Offering of Common Stock and Concurrent Private Placement On July 2, 2021, we closed our IPO, in which we sold 41,678,568 shares of Class A common stock at a price to the public of $35.00 per share, including shares sold in connection with the full exercise of the underwriters’ option to purchase additional shares, as well as shares sold in a concurrent private placement.

Added

Issuer Purchases of Equity Securities None. Use of Proceeds from Initial Public Offering of Common Stock and Concurrent Private Placement None.

Removed

The offer and sale of all of the shares in the IPO, but not the concurrent private placement, were registered under the Securities Act pursuant to registration statements on Form S-1 (File No. 333-256761 and File No. 333-257539), which were declared effective by the SEC on June 29, 2021.

Removed

The shares were sold for an aggregate offering price of approximately $1.4 billion. We raised approximately $1,384.8 million in net proceeds after deducting $73.9 million in underwriters' discounts and commissions but before deducting offering costs.

Removed

No payments were made by us to directors, officers, or persons owning ten percent or more of our common stock or to their associates, or to our affiliates, other than payments in the ordinary course of business to officers for salaries.

Removed

There has been no material change in the planned use of proceeds from our IPO from those disclosed in the Final Prospectus.

Item 7. Management's Discussion & Analysis

Management's Discussion & Analysis (MD&A) — revenue / margin commentary

56 edited+6 added−37 removed46 unchanged

2022 filing

2023 filing

Biggest changeResults of Operations The following table sets forth our results of operations for the periods presented: Year Ended January 31, 2022 2021 2020 (in thousands) Revenue $ 204,799 $ 93,056 $ 46,474 Cost of revenue (1) 81,677 39,332 18,331 Gross profit 123,122 53,724 28,143 Operating expenses: Research and development (1) 136,274 62,444 36,683 Sales and marketing (1) 160,576 77,740 51,322 General and administrative (1) 93,504 29,059 15,122 Total operating expenses 390,354 169,243 103,127 Loss from operations (267,232) (115,519) (74,984) Interest income 202 231 886 Interest expense (787) (1,401) (2,015) Other income (expense), net (2,280) (424) (217) Loss before provision for income taxes (270,097) (117,113) (76,330) Provision for income taxes 1,004 460 237 Net loss $ (271,101) $ (117,573) $ (76,567) __________________ (1) Includes stock-based compensation expense as follows: Year Ended January 31, 2022 2021 2020 (in thousands) Cost of revenue $ 3,618 $ 308 $ 138 Research and development 35,358 6,590 1,686 Sales and marketing 15,460 3,835 1,034 General and administrative 33,453 5,179 1,488 Total stock-based compensation expense $ 87,889 $ 15,912 $ 4,346 73 Table of Contents The following table sets forth the components of our consolidated statements of operations as a percentage of revenue for each of the periods presented: Year Ended January 31, 2022 2021 2020 (as a percentage of total revenue) Revenue 100 % 100 % 100 % Cost of revenue 40 42 39 Gross profit 60 58 61 Operating expenses: Research and development 67 67 79 Sales and marketing 78 84 110 General and administrative 46 31 33 Total operating expenses 191 182 222 Loss from operations (130) (124) (161) Interest income — — 2 Interest expense — (2) (5) Other income (expense), net (1) — — Loss before provision for income taxes (132) (126) (164) Provision for income taxes — — 1 Net loss (132) % (126) % (165) % Note: Certain figures may not sum due to rounding.

Biggest changeResults of Operations The following table sets forth our results of operations for the periods presented: Year Ended January 31, 2023 2022 2021 (in thousands) Revenue $ 422,179 $ 204,799 $ 93,056 Cost of revenue (1) 144,177 81,677 39,332 Gross profit 278,002 123,122 53,724 Operating expenses: Research and development (1) 207,008 136,274 62,444 Sales and marketing (1) 310,848 160,576 77,740 General and administrative (1) 162,722 93,504 29,059 Total operating expenses 680,578 390,354 169,243 Loss from operations (402,576) (267,232) (115,519) Interest income 21,408 202 231 Interest expense (1,830) (787) (1,401) Other expense, net (1,293) (2,280) (424) Loss before income taxes (384,291) (270,097) (117,113) Provision (benefit) for income taxes (5,613) 1,004 460 Net loss $ (378,678) $ (271,101) $ (117,573) __________________ (1) Includes stock-based compensation expense as follows: Year Ended January 31, 2023 2022 2021 (in thousands) Cost of revenue $ 10,093 $ 3,618 $ 308 Research and development 51,771 35,358 6,590 Sales and marketing 40,115 15,460 3,835 General and administrative 62,487 33,453 5,179 Total stock-based compensation expense $ 164,466 $ 87,889 $ 15,912 70 Table of Contents The following table sets forth the components of our consolidated statements of operations as a percentage of revenue for each of the periods presented: Year Ended January 31, 2023 2022 2021 (as a percentage of total revenue) Revenue 100 100% 100% Cost of revenue 34 40 42 Gross profit 66 60 58 Operating expenses: Research and development 49 67 67 Sales and marketing 74 78 84 General and administrative 39 46 31 Total operating expenses 161 191 182 Loss from operations (95) (130) (124) Interest income 5 — — Interest expense — — (2) Other expense, net — (1) — Loss before income taxes (91) (132) (126) Provision (benefit) for income taxes (1) — — Net loss (90) % (132) % (126) % Note: Certain figures may not sum due to rounding.

Dollar-Based Net Retention Rate We believe that our ability to retain and expand our revenue generated from our existing customers is an indicator of the long-term value of our customer relationships and our potential future business opportunities. NRR measures the percentage change in our ARR derived from our customer base at a point in time.

Dollar-Based Net Retention Rate (NRR) We believe that our ability to retain and expand our revenue generated from our existing customers is an indicator of the long-term value of our customer relationships and our potential future business opportunities. NRR measures the percentage change in our ARR derived from our customer base at a point in time.

Investing Activities Cash used in investing activities during fiscal 2022 was $19.7 million, consisting of $6.0 million of cash paid for purchases of strategic investments, $3.4 million of cash paid for the acquisition of Scalyr, $5.8 million of capitalized internal-use software costs, and $3.7 million of purchases of property and equipment to support additional office facilities.

Cash used in investing activities during fiscal 2022 was $19.7 million, consisting of $6.0 million of cash paid for purchases of strategic investments, $3.4 million of cash paid for the acquisition of Scalyr, $5.8 million of capitalized internal-use software costs, and $3.7 million of purchases of property and equipment to support additional office facilities.

ARR represents the annualized revenue run rate of our subscription contracts at the end of a reporting period, assuming contracts are renewed on their existing terms for customers that are under subscription contracts with us. ARR is not a forecast of future revenue, which can be impacted by contract start and end dates and renewal rates.

ARR represents the annualized revenue run rate of our subscription and capacity contracts at the end of a reporting period, assuming contracts are renewed on their existing terms for customers that are under contracts with us. ARR is not a forecast of future revenue, which can be impacted by contract start and end dates and renewal rates.

We expect to incur additional expenses as a result of operating as a public company, including costs to comply with the rules and regulations applicable to companies listed on a national securities exchange, costs related to compliance and reporting obligations, and increased expenses for insurance, investor relations, and professional services.

We expect to continue to incur additional expenses as a result of operating as a public company, including costs to comply with the rules and regulations applicable to companies listed on a national securities exchange, costs related to compliance and reporting obligations, and increased expenses for insurance, investor relations, and professional services.

Annualized Recurring Revenue We believe that ARR is a key operating metric to measure our business because it is driven by our ability to acquire new subscription customers and to maintain and expand our relationship with existing subscription customers.

Annualized Recurring Revenue (ARR) We believe that ARR is a key operating metric to measure our business because it is driven by our ability to acquire new subscription and capacity customers and to maintain and expand our relationship with existing customers.

Cost of revenue also consists of personnel-related costs associated with our customer support and services organization, including salaries, benefits, bonuses, and stock-based compensation, amortization of acquired intangible assets, amortization of capitalized internal-use software, software and subscription services used by our customer support and services team, and allocated overhead costs. 71 Table of Contents Our third-party cloud infrastructure costs are driven primarily by the number of customers, the number of endpoints per customer, the number of modules, and the incremental costs for storing additional data collected for such cloud modules.

Cost of revenue also consists of personnel-related costs associated with our customer support and services organization, including salaries, benefits, bonuses, and stock-based compensation, amortization of acquired intangible assets, amortization of capitalized internal-use software, software and subscription services used by our customer support and services team, and allocated overhead costs. 68 Table of Contents Our third-party cloud infrastructure costs are driven primarily by the number of customers, the number of endpoints per customer, the number of modules, and the incremental costs for storing additional data collected for such cloud modules.

Such costs are capitalized and amortized over an estimated period of benefit of four years, and any such expenses paid for the renewal of a subscription are capitalized and amortized over the contractual term of the renewal.

Our XDR Platform ingests, correlates, and queries petabytes of structured and unstructured data from a myriad of ever-expanding disparate external and internal sources in real-time. We build rich context and deliver greater visibility by constructing a dynamic representation of data across an organization. As a result, our AI models are highly accurate, actionable, and autonomous.

Our Singularity Platform ingests, correlates, and queries petabytes of structured and unstructured data from a myriad of ever-expanding disparate external and internal sources in real-time. We build rich context and deliver greater visibility by constructing a dynamic representation of data across an organization. As a result, our AI models are highly accurate, actionable, and autonomous.

The critical accounting policies requiring estimates, assumptions, and judgments that we believe have the most significant impact on our consolidated financial statements are described below. 78 Table of Contents Revenue Recognition We recognize revenue in accordance with Accounting Standards Codification 606, Revenue from Contracts with Customers .

The critical accounting policies requiring estimates, assumptions, and judgments that we believe have the most significant impact on our consolidated financial statements are described below. 75 Table of Contents Revenue Recognition We recognize revenue in accordance with Accounting Standards Codification 606, Revenue from Contracts with Customers .

Financing Activities Cash provided by financing activities during fiscal 2022 was $1.4 billion, consisting of $1.4 billion of aggregate net proceeds from our IPO and the concurrent private placement completed in July 2021, net of underwriting 77 Table of Contents discounts and commissions, $14.6 million of proceeds from the exercise of stock options, $11.4 million of proceeds from issuance of common stock under the ESPP, partially offset by a $20.0 million repayment of our revolving line of credit and $7.4 million of payments of deferred offering costs.

Cash provided by financing activities during fiscal 2022 was $1.4 billion, consisting of $1.4 billion of aggregate net proceeds from our IPO and the concurrent private placement completed in July 2021, net of underwriting discounts and commissions, $14.6 million of proceeds from the exercise of stock options, $11.4 million of proceeds from issuance of common stock under the ESPP, partially offset by a $20.0 million repayment of our revolving line of credit and $7.4 million of payments of deferred offering costs.

We define ARR as the annualized revenue run rate of our subscription contracts at the end of a reporting period, assuming contracts are renewed on their existing terms for customers that are under subscription contracts with us.

We define ARR as the annualized revenue run rate of our subscription and capacity contracts at the end of a reporting period, assuming contracts are renewed on their existing terms for customers that are under contracts with us.

Additionally, our sales teams work closely with our customers, channel partners, and alliance partners to drive adoption of our platform, and our software solutions are fulfilled through our channel partners. Our channel partners include some of the world’s largest resellers and distributors, MSPs, MSSPs, MDRs, OEMs, and IR 68 Table of Contents firms.

The nature of our promise to the customer under the subscription is to provide protection for the duration of the contractual term and as such is considered as a series of distinct services. Our arrangements may include fixed consideration, variable consideration, or a combination of the two.

Subscriptions provide access to hosted software. The nature of our promise to the customer under the subscription is to provide protection for the duration of the contractual term and as such is considered as a series of distinct services. Our arrangements may include fixed consideration, variable consideration, or a combination of the two.

General and Administrative General and administrative expenses consist primarily of salaries, benefits, bonuses, stock-based compensation, and other expenses for our executive, finance, legal, human resources, and facilities organizations. General and administrative expenses also include external legal, accounting, other consulting, and professional services fees, software and subscription services, and other corporate expenses.

General and Administrative General and administrative expenses consist primarily of salaries, benefits, bonuses, stock-based compensation, and other expenses for our executive, finance, legal, people team, and facilities organizations. General and administrative expenses also include external legal, accounting, other consulting, and professional services fees, software and subscription services, and other corporate expenses.

As of January 31, 2022 and 2021, our principal source of liquidity was cash, cash equivalents, and short-term investments of $1.7 billion and $395.8 million, respectively. In the short term, we believe that our existing cash, cash equivalents, and short-term investments will be sufficient to support working capital and capital expenditure requirements for at least the next 12 months.

As of January 31, 2023 and 2022, our principal source of liquidity was cash, cash equivalents, and investments of $1.2 billion and $1.7 billion, respectively. In the short term, we believe that our existing cash, cash equivalents, and investments will be sufficient to support working capital and capital expenditure requirements for at least the next 12 months.

The combination of platform upgrades and extended modules drives our powerful land-and-expand motion. Our Singularity Platform is used globally by organizations of all sizes across a broad range of industries. As of January 31, 2022, we had over 6,700 customers, increasing from over 3,900 customers as of January 31, 2021.

The combination of platform upgrades and extended modules drives our powerful land-and-expand motion. Our Singularity Platform is used globally by organizations of all sizes across a broad range of industries. As of January 31, 2023, we had over 10,000 customers, increasing from over 6,700 customers as of January 31, 2022.

During this period, we continued to invest in growing our business to capitalize on our market opportunity. As a result, our net loss for fiscal 2022, 2021, and 2020 was $271.1 million, $117.6 million, and $76.6 million, respectively.

During this period, we continued to invest in growing our business to capitalize on our market opportunity. As a result, our net loss for fiscal 2023, 2022, and 2021 was $378.7 million, $271.1 million, and $117.6 million, respectively.

When determining the fair value of assets acquired and liabilities assumed, management makes significant estimates and assumptions, especially with respect to intangible assets. Significant estimates in valuing certain identifiable assets include, but are not limited to, the selection of valuation methodologies, future expected cash flows, discount rates, and useful lives.

When determining the fair value of assets acquired and liabilities assumed, management makes significant estimates and assumptions, especially with respect to intangible assets. Significant estimates in valuing certain identifiable assets include, but are not limited to, the selection of valuation methodologies, forecasted revenue, discount rates, and useful lives.

We have office facility operating leases in the United States, the Czech Republic, France, Israel, Japan, the Netherlands, and United Arab Emirates. See Note 8, Leases, to the consolidated financial statements included in Part II, Item 8, Financial Statements and Supplementary Data.

We have office facility operating leases in the United States, the Czech Republic, France, Israel, United Arab Emirates, and other countries. See Note 7, Leases , to the consolidated financial statements included in Part II, Item 8, Financial Statements and Supplementary Data.

We do not count our reseller or distributor channel partners as customers. 70 Table of Contents As of As of January 31, 2022 2021 2020 (in thousands) Customers with ARR of $100,000 or more 520 219 104 Customers with ARR of $100,000 or more grew 137% year-over-year to 520 for fiscal 2022, primarily due to growth in the ARR of existing customers from additional purchases and to growth in the average size of purchases by new customers.

We do not count our reseller or distributor channel partners as customers. 67 Table of Contents As of January 31, 2023 2022 2021 (in thousands) Customers with ARR of $100,000 or more 905 520 219 Customers with ARR of $100,000 or more grew 74% year-over-year to 905 for fiscal 2023, primarily due to growth in the ARR of existing customers from additional purchases and to growth in the average size of purchases by new customers.

Contractual Obligations and Commitments Our operating lease obligations as of January 31, 2022 were approximately $33.5 million, with $4.9 million expected to be paid within 12 months and the remainder thereafter. Our operating leases are related to leased facilities under operating lease agreements expiring through fiscal 2029.

Contractual Obligations and Commitments Our operating lease obligations as of January 31, 2023 were approximately $30.4 million, with $4.8 million expected to be paid within 12 months and the remainder thereafter. Our operating leases are related to leased facilities under operating lease agreements expiring through fiscal 2029.

Gross margin increased from 58% for fiscal 2021 to 60% for fiscal 2022, primarily due to revenue growth from existing and new customers outpacing growth in cost of revenue.

Gross margin increased from 60% for fiscal 2022 to 66% for fiscal 2023, primarily due to revenue growth from existing and new customers outpacing growth in cost of revenue.

Overview We founded SentinelOne in 2013 with a dramatically new approach to cybersecurity. We pioneered the world’s first purpose-built AI-powered XDR platform to make cybersecurity defense truly autonomous, from the endpoint and beyond. Our Singularity Platform instantly defends against cyberattacks - performing at a faster speed, greater scale, and higher accuracy than otherwise possible from a human-powered approach.

We pioneered the world’s first purpose-built AI-powered Singularity Platform to make cybersecurity defense truly autonomous, from the endpoint and beyond. Our Singularity Platform instantly defends against cyberattacks - performing at a faster speed, greater scale, and higher accuracy than otherwise possible from a human-powered approach.

As of January 31, 2022 2021 2020 (in thousands) Annualized recurring revenue (ARR) $ 292,341 $ 130,825 $ 66,764 ARR grew 123% year-over-year to $292.3 million for fiscal 2022, primarily due to high growth in the number of new customers purchasing our subscriptions and to additional purchases by existing customers.

As of January 31, 2023 2022 2021 (in thousands) Annualized recurring revenue $ 548,652 $ 292,341 $ 130,825 ARR grew 88% year-over-year to $548.7 million for fiscal 2023, primarily due to high growth in the number of new customers purchasing our subscriptions and to additional purchases by existing customers.

Prior to the IPO, we financed operations primarily through proceeds received from sales of equity securities, payments received from our customers, and borrowings under our loan and security agreement, and we have generated operating losses, as reflected in our accumulated deficit of $621.7 million and $350.6 million as of January 31, 2022 and 2021, respectively.

We have financed operations primarily through proceeds received from sales of equity securities, payments received from our customers, and borrowings under our loan and security agreement, and we have generated operating losses, as reflected in our accumulated deficit of $1,000.4 million and $621.7 million as of January 31, 2023 and 2022, respectively.

Certain sales arrangements may include variable consideration, which is recorded as part of the transaction price if, in our judgment, it is probable that no significant future reversal of cumulative revenue under the contract will occur.

We had 520 customers with ARR of $100,000 or more as of January 31, 2022, up from 219 customer with ARR of $100,000 or more as of January 31, 2021. As of January 31, 2022 and 2021, no single end customer accounted for more than 3% of our ARR.

We had 905 customers with ARR of $100,000 or more as of January 31, 2023, up from 520 customer with ARR of $100,000 or more as of January 31, 2022. As of January 31, 2023 and 2022, no single end customer accounted for 66 Table of Contents more than 4% of our ARR.

As of As of January 31, 2022 2021 2020 (in thousands) Dollar-based net retention rate 129 % 117 % 119 % Our dollar-based net retention rate was 129% for fiscal 2022, driven by existing customers primarily from expansion of the number of endpoints, upgrades of subscription tiers, and purchases of additional modules.

As of January 31, 2023 2022 2021 Dollar-based net retention rate 132 % 129 % 117 % Our dollar-based net retention rate was 132% as of January 31, 2023, driven by existing customers primarily from expansion of the number of endpoints and purchases of additional modules.

Recently Issued Accounting Pronouncements See Note 2 to our consolidated financial statements included elsewhere in this Annual Report on Form 10-K for more information regarding recently issued accounting pronouncements.

See Note 17 to our consolidated financial statements included elsewhere in this Annual Report on Form 10-K for more information regarding this subsequent event.

For additional information, see the section titled “Risk Factors.” Key Business Metrics We monitor the following key metrics to help us evaluate our business, identify trends affecting our business, formulate business plans, and make strategic decisions.

Key Business Metrics We monitor the following key metrics to help us evaluate our business, identify trends affecting our business, formulate business plans, and make strategic decisions.

Our ARR outside of the United States represented 36% and 28% as of January 31, 2022 and 2021, respectively, illustrating the global nature of our solutions. We have grown rapidly since our inception. Our revenue was $204.8 million, $93.1 million, and $46.5 million for fiscal 2022, 2021, and 2020, respectively, representing year-over-year growth of 120% and 100%, respectively.

Our revenue outside of the United States represented 35% and 32% for fiscal 2023 and 2022, respectively, illustrating the global nature of our solutions. We have grown rapidly since our inception. Our revenue was $422.2 million, $204.8 million, and $93.1 million for fiscal 2023, 2022, and 2021, respectively, representing year-over-year growth of 106% and 120%, respectively.

Our purchase obligations as of January 31, 2022 were approximately $255.1 million, with $88.0 million expected to be paid within 12 months and the remainder thereafter. Our purchase obligations primarily relate to a non-cancelable purchase commitment entered in April 2021 with our cloud infrastructure vendor for a total value of $250.0 million over the next three years.

Our purchase obligations as of January 31, 2023 were approximately $871.5 million, with $81.9 million expected to be paid within 12 months and the remainder thereafter. Our purchase obligations primarily relate to a non-cancellable purchase commitment entered in February 2023 with our cloud infrastructure vendor for a total net value of $860.0 million over the next six years.

Sales and Marketing Year Ended January 31, Change 2022 2021 $ % (dollars in thousands) Sales and marketing expenses $ 160,576 $ 77,740 $ 82,836 107 % Sales and marketing expenses increased from $77.7 million in fiscal 2021 to $160.6 million in fiscal 2022, primarily due to an increase in personnel-related expenses of $57.0 million, including an increase of $11.6 million in stock-based compensation expense as a result of increased headcount.

Sales and Marketing Year Ended January 31, Change 2023 2022 $ % (dollars in thousands) Sales and marketing expenses $ 310,848 $ 160,576 $ 150,272 94 % Sales and marketing expenses increased from $160.6 million in fiscal 2022 to $310.8 million in fiscal 2023, primarily due to an increase in personnel-related expenses of $103.2 million, including an increase of $24.7 million in stock-based compensation expense as a result of increased headcount.

General and Administrative Year Ended January 31, Change 2022 2021 $ % (dollars in thousands) General and administrative expenses $ 93,504 $ 29,059 $ 64,445 222 % General and administrative expenses increased from $29.1 million in fiscal 2021 to $93.5 million in fiscal 2022, primarily due to an increase in personnel-related expenses of $49.2 million, including an increase of $28.3 million in stock-based compensation expense as a result of increased headcount.

General and Administrative Year Ended January 31, Change 2023 2022 $ % (dollars in thousands) General and administrative expenses $ 162,722 $ 93,504 $ 69,218 74 % General and administrative expenses increased from $93.5 million in fiscal 2022 to $162.7 million in fiscal 2023, primarily due to an increase in personnel-related expenses of $57.0 million, including an increase of $29.0 million in stock-based compensation expense as a result of increased headcount.

We count MSPs, MSSPs, MDRs, and OEMs, who may purchase our products on behalf of multiple companies, as a single customer.

We define a customer as an entity that has an active subscription for access to our platform. We count MSPs, MSSPs, MDRs, and OEMs, who may purchase our products on behalf of multiple companies, as a single customer.

Research and Development Year Ended January 31, Change 2022 2021 $ % (dollars in thousands) Research and development expenses $ 136,274 $ 62,444 $ 73,830 118 % Research and development expenses increased from $62.4 million in fiscal 2021 to $136.3 million in fiscal 2022, primarily due to an increase in personnel-related expenses of $53.7 million, including an increase of $28.8 million related to stock-based compensation expense as a result of increased headcount, an increase of $12.8 million in third-party cloud infrastructure expenses incurred in developing our platform and modules, an increase of $3.8 million related to allocated overhead costs, and an increase of $2.5 million in consulting and software subscription expenses.

Research and Development Year Ended January 31, Change 2023 2022 $ % (dollars in thousands) Research and development expenses $ 207,008 $ 136,274 $ 70,734 52 % Research and development expenses increased from $136.3 million in fiscal 2022 to $207.0 million in fiscal 2023, primarily due to an increase in personnel-related expenses of $45.7 million, including an increase of $15.7 million related to stock-based compensation expense as a result of increased headcount, an increase of $16.8 million in third-party cloud infrastructure expenses incurred in developing our platform and modules, and an increase of $6.1 million related to allocated overhead costs as a result of increased headcount.

Provision for (Benefit from) Income Taxes Provision for (benefit from) income taxes consists primarily of income taxes in certain foreign and state jurisdictions in which we conduct business.

Provision for Income Taxes Provision for (benefit from) income taxes consists primarily of income taxes in certain foreign and state jurisdictions in which we conduct business and a one-time benefit from the release of valuation allowance as a result of the Attivo business combination.

Cost of Revenue, Gross Profit, and Gross Margin Year Ended January 31, Change 2022 2021 $ % (dollars in thousands) Cost of revenue $ 81,677 $ 39,332 $ 42,345 108 % Gross profit $ 123,122 $ 53,724 $ 69,398 129 % Gross margin 60 % 58 % 74 Table of Contents Cost of revenue increased by $42.3 million from $39.3 million for fiscal 2021 to $81.7 million for fiscal 2022, primarily due to higher third-party cloud infrastructure expenses from increased data usage of $20.1 million, an increase of $18.5 million in overhead costs due to increase in our personnel to support overall growth and an increase of $2.2 million from amortization of intangible assets.

Cost of Revenue, Gross Profit, and Gross Margin Year Ended January 31, Change 2023 2022 $ % (dollars in thousands) Cost of revenue $ 144,177 $ 81,677 $ 62,500 77 % Gross profit $ 278,002 $ 123,122 $ 154,880 126 % Gross margin 66 % 60 % 71 Table of Contents Cost of revenue increased by $62.5 million from $81.7 million for fiscal 2022 to $144.2 million for fiscal 2023, primarily due to an increase of $26.4 million in overhead costs due to increase in our personnel to support overall growth, higher third-party cloud infrastructure expenses from increased data usage of $17.7 million, and an increase of $13.8 million from amortization of intangible assets.

Our fiscal year ends on January 31, and our fiscal quarters end on April 30, July 31, October 31, and January 31.

Our fiscal year ends on January 31, and our fiscal quarters end on April 30, July 31, October 31, and January 31. Our fiscal years ended January 31, 2023, 2022, and 2021 are referred to herein as fiscal 2023, fiscal 2022, and fiscal 2021, respectively.

Components of Our Results of Operations Revenue We generate substantially all of our revenue from subscriptions to our Singularity Platform. Customers can extend the functionality of their subscription to our platform by subscribing to additional Singularity Modules. Subscriptions provide access to hosted software.

NRR is an operational metric, and there is no comparable GAAP financial measure to which we can reconcile this particular key metric. Components of Our Results of Operations Revenue We generate substantially all of our revenue from subscriptions to our Singularity Platform. Customers can extend the functionality of their subscription to our platform by subscribing to additional Singularity Modules.

Cash used in operating activities during fiscal 2021 was $66.6 million, primarily consisting of our net loss of $117.6 million, adjusted for non-cash items of $33.3 million and net cash inflows of $17.7 million provided by changes in our operating assets and liabilities.

Cash used in operating activities during fiscal 2023 was $193.3 million, primarily consisting of our net loss of $378.7 million, and $35.4 million used in net changes to our operating assets and liabilities, partially offset by non-cash items of $220.8 million.

Customers with ARR of $100,000 or More We believe that our ability to increase the number of customers with ARR of $100,000 or more is an indicator of our market penetration and strategic demand for our platform. We define a customer as an entity that has an active subscription for access to our platform.

ARR is an operational metric, and there is no comparable GAAP financial measure to which we can reconcile this particular key metric. Customers with ARR of $100,000 or More We believe that our ability to increase the number of customers with ARR of $100,000 or more is an indicator of our market penetration and strategic demand for our platform.

Our fiscal years ended January 31, 2022, 2021, and 2020 are referred to herein as fiscal 2022, fiscal 2021, and fiscal 2020, respectively. 67 Table of Contents Unless the context otherwise requires, all references in this report to “SentinelOne,” the “Company,” “we” “our” “us,” or similar terms refer to SentinelOne, Inc. and its subsidiaries.

Unless the context otherwise requires, all references in this report to “SentinelOne,” the “Company,” “we” “our” “us,” or similar terms refer to SentinelOne, Inc. and its subsidiaries. A discussion regarding our financial condition and results of operations for fiscal 2023 compared to fiscal 2022 is presented below.

Interest Income, Interest Expense, and Other Income (Expense), Net Interest income consists primarily of interest earned on our cash equivalents and short-term investments. 72 Table of Contents Interest expense consisted primarily of interest on borrowings associated with our loan and security agreement. Other income (expense), net consists primarily of foreign currency transaction gains and losses.

Interest Income, Interest Expense, and Other Income (Expense), Net Interest income consists primarily of interest earned on our cash equivalents and investments. 69 Table of Contents Interest expense consists primarily of the amortization of the discount related to Attivo indemnity escrow liability. Other income (expense), net consists primarily of foreign currency transaction gains and losses.

If we are unable to raise additional capital or generate cash flows necessary to expand our operations and invest in continued innovation, we may not be able to compete successfully, which would harm our business, operating results, and financial condition. 76 Table of Contents The following table shows a summary of our cash flows for the periods presented: Year Ended January 31, 2022 2021 2020 (in thousands) Net cash used in operating activities $ (95,588) $ (66,570) $ (44,424) Net cash used in investing activities $ (19,743) $ (6,265) $ (3,187) Net cash provided by financing activities $ 1,387,124 $ 423,978 $ 52,770 Operating Activities Our largest source of operating cash is payments received from our customers.

The following table shows a summary of our cash flows for the periods presented: Years Ended January 31, 2023 2022 2021 (in thousands) Net cash used in operating activities $ (193,287) $ (95,588) $ (66,570) Net cash used in investing activities $ (1,312,666) $ (19,743) $ (6,265) Net cash provided by financing activities $ 36,308 $ 1,387,124 $ 423,978 Operating Activities Our largest source of operating cash is payments received from our customers.

In addition, there was an increase of $14.4 million in outside consulting services, legal, audit, tax and software subscription expenses. 75 Table of Contents Interest Income, Interest Expense, and Other Income (Expense), Net Year Ended January 31, Change 2022 2021 $ % (dollars in thousands) Interest income $ 202 $ 231 $ (29) (13) % Interest expense $ (787) $ (1,401) $ 614 (44) % Other income (expense), net $ (2,280) $ (424) $ (1,856) 438 % Interest income remained relatively flat.

In addition, there was an increase of $14.1 million in outside consulting services, legal, audit, tax and software subscription expenses. 72 Table of Contents Interest Income, Interest Expense, and Other Income (Expense), Net Year Ended January 31, Change 2023 2022 $ % (dollars in thousands) Interest income $ 21,408 $ 202 $ 21,206 10498 % Interest expense $ (1,830) $ (787) $ (1,043) 133 % Other income (expense), net $ (1,293) $ (2,280) $ 987 (43) % Interest income increased $21.2 million as a result of interest earned on investments, which we did not have in fiscal year 2022.

In addition, there was an increase of $10.8 million in marketing-related expenses, an increase of $6.1 million in travel and entertainment, software subscription and sales related expenses, and an increase of $5.3 million related to allocated overhead costs.

In addition, there was an increase of $17.4 million in marketing-related expenses, an increase of $9.6 million related to allocated overhead costs as a result of increased headcount, and the remaining increase is primarily a result of increased travel and entertainment expenses.

Cash used in investing activities during fiscal 2021 was $6.3 million, consisting of $3.3 million of purchases of property and equipment to support additional office facilities, $2.8 million of capitalized internal-use software costs, and $0.2 million of purchases of intangible assets.

Investing Activities Cash used in investing activities during fiscal 2023 was $1,312.7 million, consisting of $1,938.0 million of investment purchases, $281.0 million of net cash paid for the acquisition of Attivo, $13.5 million of capitalized 74 Table of Contents internal-use software costs, and $5.0 million of purchases of property and equipment to support additional office facilities, partially offset by $925.2 million of investment maturities.

Management’s estimates of fair value are based upon assumptions believed to be reasonable, but which are inherently uncertain and unpredictable and, as a result, actual results may differ from estimates. JOBS Act Accounting Election We are an emerging growth company, as defined in the Jumpstart Our Business Startups (JOBS Act).

Management’s estimates of fair value are based upon assumptions believed to be reasonable, but which are inherently uncertain and unpredictable and, as a result, actual results may differ from estimates. Recently Issued Accounting Pronouncements See Note 2 to our consolidated financial statements included elsewhere in this Annual Report on Form 10-K for more information regarding recently issued accounting pronouncements.

Comparison of the Years Ended January 31, 2022 and 2021 Revenue Year Ended January 31, Change 2022 2021 $ % (dollars in thousands) Revenue $ 204,799 $ 93,056 $ 111,743 120 % Revenue increased by $111.7 million, or 120%, from $93.1 million for fiscal 2021 to $204.8 million for fiscal 2022, primarily due to the ongoing demand for our platform.

Comparison of the Years Ended January 31, 2023 and 2022 Revenue Year Ended January 31, Change 2023 2022 $ % (dollars in thousands) Revenue $ 422,179 $ 204,799 $ 217,380 106 % Revenue increased by $217.4 million, or 106%, from $204.8 million for fiscal 2022 to $422.2 million for fiscal 2023, which was primarily driven by a combination of the addition of new customers and the sale of additional endpoints and modules to existing customers.

The main drivers of the changes in operating assets and liabilities were a $49.1 million increase in deferred revenue, resulting primarily from increased subscription contracts, a $7.8 million increase in accrued payroll and benefits due to increased headcount, a $7.4 million increase in accounts payable, and a $1.4 million increase in accrued liabilities due to our growth and timing of payments.

The main drivers of the changes in operating assets and liabilities were a $61.3 million increase in deferred contract acquisition costs, a $44.4 million increase in accounts receivable due to timing of cash received from customers, a $14.5 million increase in prepaid expenses and other assets primarily due to annual insurance renewal and prepaid sponsorship costs, and a $7.2 million decrease in accrued payroll and benefits.

A discussion regarding our financial condition and results of operations for fiscal 2021 compared to fiscal 2020 can be found in “Management’s Discussion and Analysis of Financial Condition and Results of Operations” in the final prospectus for our IPO dated as of June 29, 2021 (Final Prospectus) and filed with the SEC pursuant to Rule 424(b)(4) on June 30, 2021.

A discussion regarding our financial condition and results of operations for fiscal 2022 compared to fiscal 2021 can be found in “Management’s Discussion and Analysis of Financial Condition and Results of Operations” in the Form 10-K for the fiscal year ended January 31, 2022 filed with the SEC on April 7, 2022. 65 Table of Contents Overview We founded SentinelOne in 2013 with a dramatically new approach to cybersecurity.

Interest expense decreased due to the repayment and termination of the revolving line of credit in June 2021. The decrease in other income (expense), net is primarily due to net foreign currency exchange losses.

Interest expense increased due to the amortization of the discount related to Attivo indemnity escrow liability. The decrease in other expense, net is primarily due to net foreign currency exchange gains.

Provision for Income Taxes Year Ended January 31, Change 2022 2021 $ % (dollars in thousands) Provision for income taxes $ 1,004 $ 460 $ 544 118 % The provision for income taxes increased primarily as a result of the increase in foreign taxes related to operations in international subsidiaries.

Provision for Income Taxes Year Ended January 31, Change 2023 2022 $ % (dollars in thousands) Provision (benefit) for income taxes $ (5,613) $ 1,004 $ (6,617) (659) % The provision for income taxes decreased primarily as a result of the application of our deferred tax assets with a full valuation allowance to net deferred tax liability of Attivo acquired intangibles.

Cash provided by financing activities during fiscal 2021 was $424.0 million, consisting of $419.3 million of net proceeds from the issuances of our Series E redeemable convertible preferred stock and Series F redeemable convertible preferred stock, $19.9 million of net proceeds from our revolving line of credit, and $4.8 million of proceeds from the exercise of stock options and warrants, partially offset by a $20.0 million repayment of our term loan.

Financing Activities Cash provided by financing activities during fiscal 2023 was $36.3 million, consisting of $19.2 million of proceeds from the issuance of common stock under our 2021 Employee Stock Purchase Plan, $17.3 million of proceeds from the exercise of employee stock options, partially offset by $0.2 million of payments of deferred offering costs.

Removed

A discussion regarding our financial condition and results of operations for fiscal 2022 compared to fiscal 2021 is presented below.

Added

In addition, there was an increase of $28.6 million derived from revenue resulting from the Attivo acquisition.

Removed

Initial Public Offering and Private Placement In July 2021, we completed our IPO and a concurrent private placement, in which we issued and sold an aggregate of 41,678,568 shares of our Class A common stock at $35 per share, including 5,250,000 shares issued upon the exercise of the underwriters’ option to purchase additional shares and 1,428,568 shares issued pursuant to the concurrent private placement.

Added

Removed

We received net proceeds of approximately $1.4 billion after deducting underwriting discounts and commissions. Impact of COVID-19 Beginning in January 2020, the COVID-19 pandemic resulted in travel restrictions, prohibitions of non-essential activities, disruption and shutdown of certain businesses worldwide, as well as greater uncertainty in global financial markets.

Added

While some of our cash, cash equivalents and short-term investments were held at SVB prior to its closure, in light of the FDIC’s announcement that depositors of the institution will be made whole, we currently have full access to these funds.

Removed

The full extent to which the COVID-19 pandemic will directly or indirectly impact our business, operating results, cash flows, and financial condition will depend on future developments that are highly uncertain and cannot be accurately predicted.

Added

We hold our cash, cash equivalents, and investments with a diverse group of banking partners and, as a result, we have not experienced a material impact to our business as a result of SVB’s closure.

Removed

As a result of the COVID-19 pandemic, we have experienced, and may continue to experience, a modest adverse impact on certain parts of our business, including a lengthening of the sales cycle for some prospective customers and delays in the delivery of professional services and trainings to our customers.

Added

However, any instability in the global banking system may impact liquidity both in the short term and long term and may result in adverse impacts to our or our customers’ business, including in our customers’ ability to pay for our platform.

Removed

We have also experienced, and may continue to experience, a positive impact as a result of the COVID-19 pandemic. For example, in connection with the travel restrictions, shelter-in-place, and work-from-home policies resulting from the COVID-19 pandemic, we have seen an increase in usage and subscriptions from smaller customers, many of whom are small or medium sized businesses.

Added

These amounts were partially offset by a $92.5 million increase in deferred revenue resulting primarily from increased subscription contracts.

Removed

We have also seen slower growth in certain operating expenses due to reduced business travel and the virtualization or cancellation of customer and employee events. While a reduction in operating expenses may have an immediate positive impact on our operating results, we do not yet have visibility into the full impact this will have on our business.

Removed

Moreover, as vaccines become widely available and people begin to return to offices and other workplaces, any positive impacts of the COVID-19 pandemic on our business may slow or decline once the impact of the pandemic tapers. 69 Table of Contents We cannot predict how long we will continue to experience the impact of the COVID-19 pandemic including any new variants, vaccine mandates, and further travel and office restrictions.

Removed

Our operating results, cash flows, and financial condition have not been adversely affected to date. However, as certain of our customers or partners experience downturns or uncertainty in their own business operations or revenue resulting from the spread of COVID-19 our operating results, cash flows, and financial condition could be adversely affected.

Removed

In addition, in response to the spread of COVID-19, we previously required substantially all of our employees to work remotely to minimize the risk of the virus to our employees and the communities in which we operate.

Removed

Most of our employees continue to work remotely and we have slowly opened up our offices at minimal capacity, subject to local COVID-19 restrictions. We may take further actions as may be required by government authorities or that we determine are in the best interests of our employees, customers, and business partners.

Removed

The global impact of the COVID-19 pandemic continues to rapidly evolve, and we will continue to monitor the situation and the effects on our business and operations closely.

Removed

We do not yet know the full extent of potential impacts on our business or operations or on the global economy as a whole, particularly if the COVID-19 pandemic continues and persists for an extended period of time. Given the uncertainty, we cannot reasonably estimate the impact on our future operating results, cash flows, or financial condition.

Removed

Approximately 42% of the increase was derived from new customers, approximately 40% of the increase was derived from existing customers and the remainder was derived from MSP, MSSP, and OEM channel partners.

Removed

These amounts were partially offset by a $26.9 million increase in deferred contract acquisition costs, a $9.4 million increase in prepaid expenses and other current assets, primarily due to an increase in prepaid hosting and sponsorship costs, and an $8.3 million increase in accounts receivable due to an increase in sales.

Removed

Debt Obligations In May 2018, we entered into a loan and security agreement with a certain lender, which was restated in May 2020, or the Amended Loan and Security Agreement. The Amended Loan and Security Agreement provided a revolving line of credit of up to $45.0 million, maturing in May 2023.

Removed

In June 2021, we repaid all outstanding indebtedness owed pursuant to the Amended Loan and Security Agreement, terminated the agreement, and closed our revolving line of credit. Pursuant to our termination of the Amended Loan and Security Agreement, the related security interests have been removed and the covenants shall be of no further force and effect.

Removed

In June 2021, we repaid all outstanding indebtedness owed pursuant to the Amended Loan and Security Agreement, terminated the agreement, and closed our revolving line of credit.

… 19 more changes not shown on this page.

Item 7A. Quantitative and Qualitative Disclosures About Market Risk

Market Risk — interest-rate, FX, commodity exposure

5 edited+2 added−2 removed1 unchanged

2022 filing

2023 filing

Biggest changeOperating expenses within the United States are primarily denominated in U.S. dollars, while operating expenses incurred outside the United States are primarily denominated in each country’s respective local currency. Our operating results and cash flows are, therefore, subject to fluctuations due to changes in foreign currency exchange rates.

Biggest changeForeign Currency Exchange Risk To date, primarily all of our sales contracts have been denominated in U.S. dollars, therefore our revenue is not subject to foreign currency risk. Operating expenses within the United States are primarily denominated in U.S. dollars, while operating expenses incurred outside the United States are primarily denominated in each country’s respective local currency.

As the impact of foreign currency exchange rates has not been material 81 Table of Contents to our historical operating results, we have not entered into derivative or hedging transactions, but we may do so in the future if our exposure to foreign currency becomes more significant.

As the impact of foreign currency exchange rates has not been material to our historical operating results, we have not entered into derivative or hedging transactions, but we may do so in the future if our exposure to foreign currency becomes more significant.

We also had $2.7 million of restricted cash as of January 31, 2022 primarily due to outstanding letters of credit established in connection with lease agreements for our facilities. Our cash, cash equivalents, and short-term investments are held for working capital purposes. We do not enter into investments for trading or speculative purposes.

We also had $64.5 million of restricted cash as of January 31, 2023 primarily due to outstanding letters of credit established in connection with lease agreements for our facilities. Our cash, cash equivalents, and investments are held for working capital purposes. We do not enter into investments for trading or speculative purposes.

Our market risk exposure is primarily the result of fluctuations in interest rates and foreign currency exchange rates. Interest Rate Risk As of January 31, 2022, we had $1.7 billion of cash, cash equivalents, and short-term investments, which consist of money market funds and certificates of deposit.

Our market risk exposure is primarily the result of fluctuations in interest rates and foreign currency exchange rates. Interest Rate Risk As of January 31, 2023, we had $1.2 billion of cash, cash equivalents, and investments, which consist of money market funds, commercial paper, corporate notes and bonds and U.S. government securities.

Foreign currency transaction gains and losses are recorded in other income (expense), net in the consolidated statements of operations.

Our operating results and cash flows are, therefore, subject to fluctuations due to changes in foreign currency exchange rates. Foreign currency transaction gains and losses are recorded in other income (expense), net in the consolidated statements of operations.

Removed

We do not believe a 10% increase or decrease in interest rates would have resulted in a material impact to our operating results. Foreign Currency Exchange Risk To date, all of our sales contracts have been denominated in U.S. dollars, therefore our revenue is not subject to foreign currency risk.

Added

The effect of a hypothetical 100 basis point change in interest rates would not have had a material effect on the fair market value of our portfolio 76 Table of Contents as of January 31, 2023. We therefore do not expect our results of operations or cash flows to be materially affected by a sudden change in market interest rates.

Removed

We do not believe a 10% increase or decrease in foreign exchange rates would have resulted in a material impact to our operating results. 82 Table of Contents

Added

A hypothetical 10% adverse change in the U.S. dollar against other currencies would have resulted in an increase in operating loss of approximately $9.7 million for fiscal 2023. The hypothetical impact in fiscal 2022 and 2021 would not have been material. 77 Table of Contents

Top changes in SentinelOne, Inc.'s 2023 10-K

Item 1. Business

Item 1A. Risk Factors

Item 2. Properties

Item 3. Legal Proceedings

Item 5. Market for Registrant's Common Equity

Item 7. Management's Discussion & Analysis

Item 7A. Quantitative and Qualitative Disclosures About Market Risk

Other S 10-K year-over-year comparisons