What changed in SentinelOne, Inc.'s 2024 10-K compared to 2023?

Across the narrative sections we track, SentinelOne, Inc. (S) added 547 paragraphs, removed 484, and edited 417 between the 2023 and 2024 10-K filings. The biggest movers are Item 1A. Risk Factors (+277/−248), Item 1. Business (+147/−145), Item 7. Management's Discussion & Analysis (+106/−76).

Did SentinelOne, Inc. add new Risk Factors in the 2024 10-K?

Yes — Item 1A Risk Factors shows 277 new/edited paragraphs and 248 removed paragraphs versus the 2023 10-K.

What changed in SentinelOne, Inc.'s MD&A (Item 7) in 2024?

Item 7 Management's Discussion & Analysis shows 106 new/edited paragraphs and 76 removed paragraphs year-over-year. Read the side-by-side diff to see exactly which revenue, margin, and outlook commentary was rewritten.

Did SentinelOne, Inc.'s Legal Proceedings (Item 3) change in 2024?

Item 3 shows 1 added/edited paragraphs and 1 removed paragraphs — usually indicating new litigation disclosed or settled cases removed.

Where does this S 10-K diff come from?

The source filings are SentinelOne, Inc.'s official 2023 and 2024 Form 10-K annual reports from SEC EDGAR. 10q10k.net parses each filing, aligns paragraphs by section (Item 1, 1A, 1C, 2, 3, 7, 7A), and highlights every added, removed and edited sentence side-by-side.

What changed in SentinelOne, Inc.'s 10-K — 2023 vs 2024

Paragraph-level year-over-year comparison of SentinelOne, Inc.'s 2023 and 2024 10-K annual filings, covering the Business, Risk Factors, Legal Proceedings, Cybersecurity, MD&A and Market Risk sections. Every new, removed and edited paragraph is highlighted side-by-side so you can see exactly what management changed in the 2024 report.

+547 added−484 removedSource: 10-K (2024-03-27) vs 10-K (2023-03-29)

Top changes in SentinelOne, Inc.'s 2024 10-K

547 paragraphs added · 484 removed · 417 edited across 7 sections

Item 1A. Risk Factors+277 / −248 · 208 edited
Item 1. Business+147 / −145 · 130 edited
Item 7. Management's Discussion & Analysis+106 / −76 · 65 edited
Item 5. Market for Registrant's Common Equity+8 / −7 · 6 edited
Item 7A. Quantitative and Qualitative Disclosures About Market Risk+7 / −6 · 6 edited

Item 1. Business

Business — how the company describes what it does

130 edited+17 added−15 removed83 unchanged

2023 filing

2024 filing

Biggest changeWe received multiple workplace accolades in 2022. • Fortune recognized the company as a Best Workplace in Technology, Best Medium Workplace, Best Workplace for Millennials, and Best Workplace in the Bay Area. • Dun’s 100 list acknowledged SentinelOne as one of the Best High Tech Companies to Work for and one of the Top 10 High Tech Companies to Work for Parents in 2022. • SentinelOne also achieved Great Place to Work certification for the USA, UK, France, India, and Netherlands in 2022. • Comparably awarded SentinelOne with 14 distinctions in 2022, including Best Company for Diversity, Best Company for Women, Best CEO, Best Company Perks & Benefits, Best Company Compensation, Happiest Employees, Best Career Growth, Best CEOs for Diversity, Best CEOs for Women, Best Sales Team, Best Engineering Team, Best Places to Work in the Bay Area, Best Global Culture, and Best Company Outlook.

Biggest changeWe received multiple workplace accolades in 2023. • Fortune recognized SentinelOne as a Best Workplace in Technology, Best Medium Workplace, Best Workplace for Millennials, and Best Workplace in the Bay Area. • Dun’s 100 list acknowledged SentinelOne as one of the Best High Tech Companies to Work for in 2023. • SentinelOne also achieved Great Place to Work certification (December 2023 - December 2024) for the US, UK, France, India, Netherlands, Australia, Canada, Slovakia, Germany, Italy, UAE, Poland, Spain, Czechia, and Singapore. • SentinelOne received the Best Workplaces in Tech in the UK, Best Workplaces for Women in the UK and Best workplaces in Technology in France.

Powered by very large networks of individual attackers distributed worldwide, cybercrime is practically infinite in scale and transcends geographical boundaries. To gain access to an organization’s data, cybercriminals target endpoints, applications, user credentials, and deploy a variety of sophisticated methods in the form of attack frameworks, machine learning, weaponized exploits, fileless techniques, and social engineering.

Powered by very large networks of individual attackers distributed worldwide, cybercrime is practically infinite in scale and transcends geographical boundaries. To gain access to an organization’s data, cybercriminals target endpoints, applications, and user credentials and deploy a variety of sophisticated methods in the form of attack frameworks, machine learning, weaponized exploits, fileless techniques, and social engineering.

Our thought leadership in security and AI, combined with our award-winning culture, allows us to attract and retain some of the best talent at a global scale. It allows us to develop state-of-the-art solutions, to innovate faster, and to solve many of the industry’s most complex problems.

Our thought leadership in security and AI, combined with our award-winning culture, allows us to attract and retain some of the best talent at a global scale. It allows us to develop state-of-the-art solutions, innovate faster, and solve many of the industry’s most complex problems.

Having access to some of the world’s top cybersecurity and AI talent through our distributed workforce model and our research and development centers across North America, Europe, Middle East, and Asia allows us to continue hiring top technical talent and innovate to maintain our leading position. • Drive new customer acquisition.

Having access to some of the world’s top cybersecurity and AI talent through our distributed workforce model and our research and development centers across North America, Europe, the Middle East, and Asia allows us to continue hiring top technical talent and innovate to maintain our leading position. • Drive new customer acquisition.

In addition, MentorOne program provides Sentinels the opportunity to mentor and be mentored to develop professionally. Research and Development Our research and development organization is responsible for the design, development, testing, and delivery of new technologies, features and integrations of our platform, as well as the continued improvement and iteration of our existing products.

In addition, the MentorOne program provides Sentinels the opportunity to mentor and be mentored to develop professionally. Research and Development Our research and development organization is responsible for the design, development, testing, and delivery of new technologies, features and integrations of our platform, as well as the continued improvement and iteration of our existing products.

Vendors have extended their existing solutions by bolting on functionalities, which has led to a wide disparity of capabilities across endpoints and operating systems. Existing tools further lack the ability to identify unmanaged IoT devices which often have very limited, if any, built-in security capabilities and can be used by attackers to access the networks of target organizations.

Vendors have extended their existing solutions by bolting on functionalities, which has led to a wide disparity of capabilities across endpoints and operating systems. Legacy tools further lack the ability to identify unmanaged IoT devices which often have very limited, if any, built-in security capabilities and can be used by attackers to access the networks of target organizations.

Our Singularity Platform provides organizations with our full suite of real-time threat prevention, detection, and remediation capabilities across all of their endpoints, cloud workloads, servers, operating systems, and user credentials. Our platform further leverages our agents, combined with passive and active network discovery methods, to provide our customers with organization-wide visibility into all of their network assets, managed and unmanaged.

Our Singularity Platform provides organizations with our full suite of real-time threat prevention, detection, and remediation capabilities across their endpoints, cloud workloads, servers, operating systems, and user credentials. Our platform further leverages our agents, combined with passive and active network discovery methods, to provide our customers with organization-wide visibility into their network assets, managed and unmanaged.

A combination of our powerful Static AI and Behavioral AI on the device with Streaming AI models in the cloud addresses the spectrum of attacks in an evolving threat landscape, including ransomware, known and unknown malware, trojans, hacking tools, memory exploits, script misuse, bad macros and “living off the land,” or file-less, attacks.

A combination of our powerful Static AI and Behavioral AI locally on the device with Streaming AI models in the cloud addresses the spectrum of attacks in an evolving threat landscape, including ransomware, known and unknown malware, trojans, hacking tools, memory exploits, script misuse, bad macros, and “living off the land,” or file-less, attacks.

Our platform offers true multi-tenancy, which enables the world’s largest organizations and our managed security providers and incident response partners with an excellent management experience. Our customers realize improved cybersecurity outcomes with fewer people. Our Singularity Platform is used globally by organizations of all sizes across a broad range of industries.

Our platform offers true multi-tenancy, which enables the world’s largest organizations and provides our managed security providers and incident response partners with an excellent management experience. Our customers realize improved cybersecurity outcomes with fewer people. Our Singularity Platform is used globally by organizations of all sizes across a broad range of industries.

Endpoint Protection Our next-generation cybersecurity technology provides autonomous real-time protection across all operating systems, including Windows, Linux, macOS, and cloud-native and containerized workloads. Our endpoint protection is powered by distributed AI which resides both on devices as well as in the cloud for always-on, machine-speed protection.

Endpoint Protection (EPP) Our next-generation cybersecurity technology provides autonomous real-time protection across all operating systems, including Windows, Linux, macOS, and cloud-native and containerized workloads. Our endpoint protection is powered by distributed AI which resides both on devices as well as in the cloud for always-on, machine-speed protection.

It is also responsible for operating and scaling our platform including its underlying infrastructure. Our most significant investments are in research and development to drive core technology innovation and bring new products to market. Research and development employees are located primarily in our Israel, India, and the Czech Republic offices, and remotely.

We believe our leading security and platform breadth position us well to consolidate and unify spend across multiple categories. Over time, we believe this unification and re-architecture of the prevention, detection and response paradigm will create new opportunities for additional products and features for us.

We believe our leading security and platform breadth position us well to consolidate and unify cybersecurity spend across multiple categories. Over time, we believe this unification and re-architecture of the prevention, detection and response paradigm will create new opportunities for additional products and features.

As a result, solutions that help strengthen and scale their cyber defenses cost effectively is a top-level priority for organizations today. Tectonic shifts in IT require a “Zero Trust” operating procedure.

As a result, solutions that help strengthen and scale cyber defenses cost effectively is a top-level priority for organizations today. Tectonic shifts in IT require a “Zero Trust” operating procedure.

It is capable of autonomous decision making on the device and stopping threats in milliseconds rather than minutes, hours or even days. We are able to provide superior performance compared to traditional signature-based antivirus tools and earlier next-gen antivirus products with the following three key capabilities: • Static AI .

It is capable of autonomous decision making on the device and stopping threats in milliseconds rather than minutes, hours or even days. We are able to provide superior performance compared to traditional signature-based antivirus tools and earlier next-generation antivirus products with the following three key capabilities: • Static AI .

We use our investor relations page on our website (www.sentinelone.com), press releases, public conference calls, public webcasts, our Twitter account (@SentinelOne), our Facebook page, and our LinkedIn page as means of disclosing material non-public information and for complying with our disclosure obligations under Regulation FD. The information disclosed by the foregoing channels could be deemed to be material information.

We use our investor relations page on our website (www.sentinelone.com), press releases, public conference calls, public webcasts, our X account (@SentinelOne), our Facebook page, and our LinkedIn page as means of disclosing material non-public information and for complying with our disclosure obligations under Regulation FD. The information disclosed by the foregoing channels could be deemed to be material information.

First, organizations need to ingest, normalize, and correlate petabytes of structured and unstructured data from a myriad of external and internal data in a cost efficient manner. Second, organizations need to apply powerful AI models on this high-fidelity contextual data to automatically detect known and unknown threats, then autonomously remediate and neutralize the threats.

Our entry level security solution for organizations that want to replace antivirus tools with our EPP which we believe is more effective and easier to manage than legacy antivirus and next-gen antivirus products. Singularity Core includes our Static and Behavioral AI models and autonomous threat response and rollback features. • Singularity Control.

Our entry level security solution for organizations that want to replace antivirus tools with our EPP which we believe is more effective and easier to manage than legacy antivirus and next-generation antivirus products. Singularity Core includes our Static and Behavioral AI models and autonomous threat response and rollback features. • Singularity Control.

Our Behavioral AI model maps, monitors, and links all behaviors on the endpoint to create rich, contextual narratives that we call Storylines. These high-fidelity Storylines are continuously evaluated by our Behavioral AI model. When activity is deemed a threat, our software autonomously takes action to kill the attack.

Our Behavioral AI model maps, monitors, and links all behaviors to create rich, contextual narratives that we call Storylines. These high-fidelity Storylines are continuously evaluated by our Behavioral AI model. When activity is deemed a threat, our software autonomously takes action to kill the attack.

We put the user at the center of our product development and engineering processes. The combination of our intuitive and clean user interface, our ability to provide context with one click, and our high degree of automation empowers our customers to use our platform independent of their expertise level. • Proprietary data stack .

We put the user at the center of our product development and engineering processes. The combination of our intuitive and clean user interface, our ability to provide context with one click, and a high degree of automation empowers our customers to use Singularity platform independent of their expertise level. • Proprietary data stack .

This lack of unified visibility and control over endpoints, cloud workloads, and IoT devices results in gaps in security coverage for organizations. • Lack deployment flexibility for organizations . Organizations struggle with the limited deployment methods mandated by existing tools. On-premise tools impose complexity and maintenance burdens on organizations.

This lack of unified visibility and control over endpoints, cloud workloads, and IoT devices results in gaps in security coverage for organizations. • Lack deployment flexibility for organizations . Organizations struggle with the limited deployment methods mandated by legacy tools. On-premise tools impose complexity and maintenance burdens on organizations.

We also have five key pillars to support our DEI initiatives. • Diversifying our talent pipeline including targeting hiring diverse slates across key functional areas and targeting underrepresented groups through our University Recruiting program. • Amplifying the power of communities through our Inclusion Networks including Women’s Inclusion Network, WIN@sentinelone; Black Inclusion Network, BLK@sentinelone; Pride Inclusion Network, Out@sentinelone; Latino Inclusion Network, Latinos@sentinelone and Veteran’s Inclusion Network, Served@sentinelone. • Holding ourselves accountable through data and insights and publishing a DEI dashboard. • Creating an equitable culture for all through strategic partnerships including Women in Cybersecurity (WiCys).

Enterprises must deploy solutions that enable them to stay one step ahead of attackers and address intrusion attempts in real-time at machine speed - empowering human operators with the speed, scale, and precision of technology. We envisioned a revolutionary data and artificial intelligence (AI) paradigm where technology alone could autonomously prevent, detect, and respond to cyberattacks.

Enterprises must deploy solutions that enable them to stay one step ahead of attackers and address intrusion attempts in real-time at machine speed—empowering human operators with the speed, scale, visibility, and precision of technology. We envisioned a revolutionary data and AI paradigm where technology alone could autonomously prevent, detect, and respond to cyberattacks.

Ranger has four key component features: • Rogue Discovery . Enables administrators to identify unprotected or “rogue assets” and verifies our agent is installed on all corporate assets. • Ranger Insight . Provides a clear picture of the inventory and risk in the IoT environment, including open ports, header and application versions, and vulnerability information, • Rogue Control .

Ranger has four key component features: • Rogue Discovery . Enables administrators to identify unprotected or “rogue” assets and verifies our agent is installed on all corporate assets. • Ranger Insight . Provides a clear picture of the inventory and risk in the IoT environment, including open ports, header and application versions, and vulnerability information, • Rogue Control .

Our XDR integrations give customers the flexibility to operate our platform as a platform-as-a-service in their own customized graphical user interface and workflows simply by leveraging our robust, well-documented and easy-to-use APIs. IT and Security Operations Our Singularity Platform enables security and IT teams to identify vulnerabilities, fix insecure configurations, and manage endpoints.

Our XDR integrations give customers the flexibility to operate our platform as a platform-as-a-service in their own customized graphical user interface and workflows simply by leveraging our robust, well-documented and easy-to-use APIs. IT and Security Operations Our Singularity Platform enables security and IT teams to identify software or application vulnerabilities, fix insecure configurations, and manage endpoints.

Although certain of our competitors enjoy greater brand awareness and recognition, deep customer relationships, and larger existing customer bases, we believe that we compete favorably with respect to our autonomous and AI-powered threat prevention, detection, response, and hunting capabilities. Intellectual Property The protection of our technology and intellectual property is an important aspect of our business.

Although certain of our competitors enjoy greater brand awareness and recognition, deep customer relationships, and larger existing customer bases, we believe that we compete favorably with respect to our autonomous and AI-powered threat prevention, detection, response, and hunting capabilities. 20 Table of Contents Intellectual Property The protection of our technology and intellectual property is an important aspect of our business.

All of this threat intelligence is fed back into our AI model and further strengthens our algorithms, creating a strong flywheel effect and deepening our competitive moat. 4 Table of Contents Our Singularity Platform can be flexibly deployed on the environments that our customers choose, including public, private, or hybrid clouds.

All of this threat intelligence is fed back into our AI model and further strengthens our algorithms, creating a strong flywheel effect and deepening our competitive moat. Our Singularity Platform can be flexibly deployed on the environments that our customers choose, including public, private, or hybrid clouds.

Growth Strategy Key elements of our growth strategy include: • Continue to innovate and enhance our cybersecurity and data platform . We will continue to expand our platform and XDR capabilities by developing new modules to include greater functionality and address additional use cases.

Growth Strategy Key elements of our growth strategy include: • Continue to innovate and enhance our cybersecurity and data platform . We will continue to expand our platform by developing new modules to include greater functionality and address additional use cases.

Identity Protection Our identity security portfolio acts as a force multipliers for security teams, allowing them to assume a more robust security posture and extend the capabilities of the Singularity Platform to protect user credentials. Our Singularity Identity solution detects and responds to identity-based attacks and finds attackers early, before they can exploit identities.

Identity Security Our identity security portfolio acts as a force multiplier for security teams, allowing them to assume a more robust security posture and extend the capabilities of the Singularity Platform to protect user credentials. Our Singularity Identity solution detects and responds to identity-based attacks and finds attackers early, before they can exploit identities.

Available Information We file electronically with the SEC our Annual Report on Form 10-K, Definitive Proxy Statements on Schedule 14A, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, and amendments to reports filed or furnished pursuant to Section 13(a) or 15(d) of the Exchange Act.

Available Information 21 Table of Contents We file electronically with the SEC our Annual Report on Form 10-K, Definitive Proxy Statements on Schedule 14A, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, and amendments to reports filed or furnished pursuant to Section 13(a) or 15(d) of the Exchange Act.

As our on-device machine 7 Table of Contents learning models assess how an endpoint behaves, they are completely independent of the attack vector itself or any further updates and configurations. • Platform approach enables protection and visibility across all digital assets .

When our on-device machine learning models assess how an endpoint behaves, they are completely independent of the attack vector itself or any further updates and configurations. 7 Table of Contents • One Platform approach enables protection and visibility across all digital assets .

Our platform is able to ingest structured and unstructured data from any source, with little to no manual configuration and at unprecedented speed and scale. • Normalize . Aligns every data point to extract the shared elements regardless of origin and to produce true insights. 10 Table of Contents • Correlate .

Our platform can ingest structured and unstructured data from any source, with little to no manual configuration and at unprecedented speed and scale. 10 Table of Contents • Normalize . Aligns every data point to extract the shared elements regardless of origin and to produce true insights. • Correlate .

As a pioneer in autonomous and AI-based endpoint security, we have established a track record for expanding our platform capabilities with new modules. Through convergence of cybersecurity and data, we intend to bring our customers and prospects a variety of differentiated cybersecurity-first and enhanced data analytics offerings.

As a pioneer in autonomous and AI-based cybersecurity, we have established a track record for expanding our platform capabilities with new modules. Through convergence of cybersecurity and data, we intend to bring our customers and prospects a variety of differentiated cybersecurity-first, AI powered, and enhanced data analytics offerings.

We will 21 Table of Contents make available on our website at www.sentinelone.com, free of charge, copies of these reports and other information as soon as reasonably practicable after we electronically file such material with, or furnish it to, the SEC.

We will make available on our website at www.sentinelone.com, free of charge, copies of these reports and other information as soon as reasonably practicable after we electronically file such material with, or furnish it to, the SEC.

The contents of the websites referred to above are not incorporated into this filing. Further, our references to the URLs for these websites are intended to be inactive textual references only.

The contents of the websites referred to above are not incorporated into this filing. Further, our references to the URLs for these websites are intended to be inactive textual references only. 22 Table of Contents

Many existing tools lack out-of-the box APIs and rely heavily on professional services, which makes the integration and implementation process long, expensive and often unattainable. The lack of flexible workflow integrations limits organizations’ ability to reduce overhead by automating processes, and to improve their security by ensuring that process steps are done quickly, consistently, and according to their predefined requirements.

Many legacy tools lack out-of-the box APIs and rely heavily on professional services, which makes the integration and implementation process long, expensive, and often unattainable. The lack of flexible workflow integrations limits organizations’ ability to reduce overhead by automating processes and improving their security by ensuring that process steps are done quickly, consistently, and according to their predefined requirements.

Deep Visibility Threat Hunting provides an easy-to-use search interface on top of our Deep Visibility dataset. The Storylines shown within Deep Visibility hunts enable one-click responses, which are far easier and faster to execute than manually scripting responses.

The main capabilities of ActiveEDR are: • Deep Visibility Threat Hunting . Deep Visibility Threat Hunting provides an easy-to-use search interface on top of our Deep Visibility dataset. The Storylines shown within Deep Visibility hunts enable one-click responses, which are far easier and faster to execute than manually scripting responses.

Organizations can gain visibility over data across historically disparate security solutions without the need for custom business logic, coding or complex configuration. Organizations can integrate any security applications and tools regard-less of vendor into a single platform without coding or scripting required.

Organizations can gain visibility over data across historically disparate security solutions without the need for custom business logic, coding, or complex configuration. Organizations can integrate any security applications and tools regardless of vendor into a single platform without coding or scripting required.

As a result, it is attack vector agnostic because it is not limited to any particular pathway used by attackers to penetrate a system, such as zero-day vulnerability exploits and living off the land attacks. • Embedded Threat Intelligence .

As a result, our Behavioral AI is attack vector agnostic because it is not limited to any particular pathway used by attackers to penetrate a system, such as zero-day vulnerability exploits and living off the land attacks. • Embedded Threat Intelligence .

As we grow and expand our geographical reach, we may become subject to additional regulations in the United States and internationally. These laws often require companies to implement specific information security controls to protect certain types of information, such as personal data.

As we grow and expand our geographical reach, we may become subject to additional regulations in the US and internationally. These laws often require companies to implement specific information security controls to protect certain types of information, such as personal data.

It securely streams a copy of all endpoint EDR telemetry to a customer’s local data lake for further correlation with other security tools, while allowing offline data storage for audit and compliance. WatchTower WatchTower delivers threat hunting and insights to help customers understand the nature of threats, targeted attacks, threat actors, and risk reduction.

Moreover, it securely streams a copy of all endpoint EDR telemetry to a customer’s local data lake for further correlation with other security tools, while allowing offline data storage for audit and compliance. 15 Table of Contents WatchTower WatchTower delivers threat hunting and insights to help customers understand the nature of threats, targeted attacks, threat actors, and risk reduction.

We typically receive a higher percentage of our annual orders from new customers, as well as renewal orders from existing customers, in our fourth fiscal quarter as compared to other quarters due to the annual budget approval process of many of our customers. Human Capital Resources Our Team As of January 31, 2023, we had over 2,100 full-time employees worldwide.

We typically receive a higher percentage of our annual orders from new customers, as well as renewal orders from existing customers, in our fourth fiscal quarter as compared to other quarters due to the annual budget approval process of many of our customers. Human Capital Resources Our Team As of January 31, 2024, we had over 2,300 full-time employees worldwide.

On each endpoint and cloud workload, we run highly optimized AI models in a single lightweight software agent. Our Static AI model predicts file-based attacks of all types, even previously unknown threats, often referred to as “zero-day attacks,” with extreme precision in milliseconds.

For each endpoint, cloud workload, and user identity, we run highly optimized AI models in a single lightweight software agent. Our Static AI model predicts file-based attacks of all types, even previously unknown threats, often referred to as “zero-day attacks,” with extreme precision in milliseconds.

Vulnerable and mis-configured applications make it easier for attackers to gain entry and evade detection. Addressing these vulnerabilities and mis-configured settings strengthens the security risk profile of our customers. Our platform has the following capabilities: • Application Inventory .

Vulnerable and misconfigured applications make it easier for attackers to gain entry and evade detection. Addressing these vulnerabilities and misconfigured settings strengthens the security risk profile of our customers. Our platform has the following capabilities: • Application Inventory .

(VMware); • legacy antivirus providers such as Trellix (formerly McAfee Corp.), Symantec (a subsidiary of Broadcom, Inc.) (Symantec), and Microsoft Corporation (Microsoft); and • providers of general network security products and services who offer a broad portfolio of solutions, such as Palo Alto Networks, Inc.

(Carbon Black); • legacy antivirus providers such as Trellix (formerly McAfee Corp.), Symantec (a subsidiary of Broadcom, Inc.) (Symantec), and Microsoft Corporation (Microsoft); and • providers of general network security products and services who offer a broad portfolio of solutions, such as Palo Alto Networks, Inc.

Security and compliance is a shared responsibility model between the cloud infrastructure provider and their customer, organizations are looking for technology solutions that protect their growing cloud workloads while enabling flexible deployment options across public, private and hybrid clouds. • The operating system landscape is more complex than ever before .

Security and compliance is a shared responsibility model between cloud infrastructure providers and their customers, and organizations are looking for technology solutions that protect their growing cloud workloads while enabling flexible deployment options across public, private and hybrid clouds. • The operating system landscape is more complex than ever before .

Made for organizations seeking best-of-breed security with the addition of our “security suite” features for endpoint management. It provides additional features for control network connectivity, USB and Bluetooth peripherals, and to uncover rogue devices. • Singularity Complete. Our flagship offering that includes a comprehensive suite of product capabilities.

Made for organizations seeking best-of-breed security with the addition of our “security suite” features for endpoint management. It provides additional features for control network connectivity, USB and Bluetooth peripherals, and uncovering rogue devices. • Singularity Complete. Our flagship offering that includes a comprehensive suite of product capabilities. • Singularity Commercial.

It delivers holistic identity threat detection and response including credential theft, privilege escalation, lateral movement, data cloaking, identity exposure, and more for zero trust cybersecurity. 13 Table of Contents • Singularity Ranger Active Directory uncovers vulnerabilities in Active Directory and Azure AD with a cloud-delivered, continuous identity assessment solution.

It delivers holistic identity threat detection and response including credential theft, privilege escalation, lateral movement, data cloaking, identity exposure, and more for zero trust cybersecurity. • Singularity Ranger Active Directory uncovers vulnerabilities in Active Directory and Azure AD with a cloud-delivered, continuous identity assessment solution.

Government Regulation We are subject to many varying laws and regulations in the United States, the United Kingdom, the European Union and throughout the world, including those related to privacy, data protection, intellectual property, consumer protection, marketing, advertising, employment and labor, competition, customs and international trade, taxation, and more.

Government Regulation We are subject to many varying laws and regulations in the US, the United Kingdom (UK), the European Union (EU) and throughout the world, including those related to privacy, data protection, intellectual property, consumer protection, marketing, advertising, employment and labor, competition, customs and international trade, taxation, and more.

Limited historical EDR data makes full incident investigation challenging for security personnel, as they are unable to go back in time and see how the attack breached the organization and progressed. • Struggle to protect complex modern IT environments. Existing tools were not designed to protect today’s multi-cloud, multi-device, multi-OS IT environments.

Limited historical EDR data makes full incident investigation challenging for security personnel, as they are unable to go back in time and see how the attack breached the organization and progressed. • Struggle to protect complex modern IT environments. Legacy tools were not designed to protect today’s multi-cloud, multi-device, and multi-operating system IT environments.

In addition to base salary, these programs, which vary by country and region, include bi-annual bonuses, equity awards, an employee stock purchase plan, a 401(k) plan, including a 401(k) match in the United States, healthcare and insurance benefits, health savings 17 Table of Contents and flexible spending accounts, unlimited vacation, wellness reimbursement, 16 weeks of gender-neutral parental leave and more.

In addition to base salary, these programs, which vary by country and region, include bi-annual bonuses, equity awards, an employee stock purchase plan, a 401(k) plan, including a 401(k) match in the US, healthcare and insurance benefits, health savings and flexible spending accounts, unlimited vacation, wellness reimbursement, 16 weeks of gender-neutral parental leave and more.

We also engage temporary employees and consultants as needed to support our operations. Our U.S.-based employees include team members in all key functions, including go-to-market, customer success, technology, product, and support. Each of our U.S. offices has a different functional focus but share a driven, customer-centric culture.

We also engage temporary employees and consultants as needed to support our operations. Our US-based employees include team members in all key functions, including go-to-market, customer success, technology, product, and support. Each of our US offices has a different functional focus but shares a driven, customer-centric culture.

We believe in the strengths of diversity and are committed to building out a diverse talent base. We plan to continue investing in hiring employees both in and outside of the United States.

We believe in the strengths of diversity and are committed to building out a diverse talent base. We plan to continue investing in hiring employees both in and outside of the US.

We have increased our investment in training and development and have rolled out several key programs as well as enabling our employees to access over 1,000 on demand webinars in technical and soft skills areas. Since the COVID-19 pandemic, we continue to globally align our benefits to focus on business continuity and employee well-being.

We have increased our investment in training and development and have rolled out several key programs as well as enabling our employees to access over 1,000 on demand webinars in technical and soft skills areas. We continue to globally align our benefits to focus on business continuity and employee well-being.

This forensic data helps our customers to investigate breaches that have stealthily infiltrated their organization and operated undetected for many months. It gives them the ability to ensure that any incident has been fully remediated without the need to reimage or replace elements of their IT infrastructure. • Provides a superior customer experience .

This forensic data helps our customers investigate breaches that have stealthily infiltrated their organization and potentially operated undetected for many months giving them the ability to ensure that any incident has been fully remediated without the need to re-image or replace elements of their IT infrastructure. • Provides a superior customer experience .

Industry Background Cybersecurity is fundamentally a data problem. Advances in AI, specifically machine learning, where algorithms use data to make decisions with minimal human intervention, are already revolutionizing fields such as healthcare, advertising, and securities trading. We believe that AI is ripe for revolutionizing cybersecurity.

Advances in AI, specifically machine learning, where algorithms use data to make decisions with minimal human intervention, are already revolutionizing fields such as healthcare, advertising, and securities trading. We believe that AI is ripe for revolutionizing cybersecurity.

We are currently certified under the Federal Risk and Authorization Management Program (FedRAMP), and we intend to further grow our footprint within the U.S. federal government.

We are currently certified under the Federal Risk and Authorization Management Program (FedRAMP), and we intend to further grow our footprint within the US federal government.

We have not experienced any work stoppages and we believe that our employee relations are strong. 16 Table of Contents Our Culture Our mission is to Secure Tomorrow TM and our purpose is to be a Force for Good.

We have not experienced any work stoppages and we believe that our employee relations are strong. Our Culture Our mission is to Secure Tomorrow TM and our purpose is to be a Force for Good.

As we enhance our platform functionality and value proposition, we expect many of our customers to adopt additional platform functionalities and Singularity modules to address all of their cybersecurity use cases through the same platform and agent. Our customers can seamlessly activate additional modules to expand platform capabilities through the already deployed agent.

As we enhance our platform functionality and value proposition, we expect many of our customers to adopt additional platform functionalities and Singularity modules to address all of their cybersecurity use cases through the same platform. Our customers can seamlessly activate additional modules to adopt more platform capabilities.

The growth of remote work has increased the risk of cyberattacks. As a result of the accelerated structural shift towards a distributed workforce, organizations are increasingly looking for cybersecurity solutions that safeguard their remote workforce and employee credentials. Sophisticated cyberattacks circumvent existing security controls.

As a result of the accelerated structural shift towards a distributed workforce, organizations are increasingly looking for cybersecurity solutions that safeguard their remote workforce and employee credentials. Sophisticated cyberattacks circumvent existing security controls.

First generation AI tools cannot handle the volume, variety, and velocity of data that must be ingested and analyzed, in real-time, to be effective in preventing breaches.

First-generation AI tools cannot handle the volume, variety, and velocity of data that must be ingested and analyzed, in real-time, to effectively prevent breaches.

Creates network segments to restrict access to a corporate network. Rogue Control prevents unsanctioned devices, such as guest machines, from connecting to authorized networks. • Ranger Auto-Deploy . Rapidly deploys our agents using service credentials to unprotected endpoints with no additional IT infrastructure or software. Auto-Deploy provides security teams with complete, instant asset coverage.

We employ a wide range of digital programs, including search engine marketing, online and social media initiatives, and content syndication to increase traffic to our website and encourage new customers to free trials of our Singularity Platform. Additionally, we engage in joint marketing activities with our channel and alliance partners.

We employ a wide range of digital programs, including search engine marketing, online and social media initiatives, and content syndication to increase traffic to our website and encourage new customers to request an expertly guided trial of our Singularity Platform. Additionally, we engage in joint marketing activities with our channel and alliance partners.

With our Singularity Platform, enterprises gain access to their security data from multiple sources through a single pane of glass. It was designed with the goal of optimizing scale, cost and performance - what we call the Golden Ratio of Big Data. This is achieved by the use of innovative data structures, storage systems, and algorithms: • Ingest .

With our Singularity Platform, enterprises gain visibility and access to their security data through a single pane of glass across multiple sources. SDL was designed with the goal of optimizing scale, cost and performance - what we call the Golden Ratio of Big Data. This is achieved using innovative data structures, storage systems, and algorithms: • Ingest .

Storyline powers our unified Endpoint Protection Platform (EPP), EDR, or XDR functionalities. Storyline is the foundation of our EPP while providing unprecedented levels of visibility with contextual information for benign and malicious processes. We extend our fundamental protection, visibility and response capabilities well beyond the endpoint to cloud, and third-party solutions in our Singularity Platform.

Storyline is the foundation of our EPP providing unprecedented levels of visibility, with contextual information for benign and malicious processes. We extend our fundamental protection, visibility and response capabilities well beyond the endpoint to cloud, and third-party solutions in our Singularity Platform.

Our Singularity Platform provides feature parity across Windows, macOS, and Linux. It provides customers with full flexibility through a multi-tier offering priced on a per agent basis, which generally corresponds with an endpoint, server, virtual machine, or host. The tiers of our Singularity Platform include: • Singularity Core.

It provides customers with full flexibility through a multi-tier offering priced on a per agent basis, which generally corresponds with an endpoint, server, virtual machine, or host. The tiers of our Singularity Platform include: • Singularity Core.

Module driven growth has been broad-based with notable strength from our cloud and data modules. This enables us to show in-product promotions and trials and to 9 Table of Contents drive the expansion of our Singularity Modules.

Module-driven growth has been broad-based with notable strength from our cloud and data modules. Our platform also enables us to show in-product promotions and trials and to drive the expansion of our Singularity Modules.

Our proprietary data stack - DataSet - and cloud architecture enable us to retain this rich, contextual data on behalf of our customers for extended periods of time in a highly cost-efficient manner.

Our proprietary data stack, Singularity Data Lake, and cloud architecture enable us to retain this rich, contextual data on behalf of our customers for extended periods of 4 Table of Contents time in a highly cost-efficient manner.

We generally enter into confidentiality agreements and invention or work product assignment agreements with our officers, 20 Table of Contents employees, agents, contractors, and business partners to control access to, and clarify ownership of, our proprietary information. As of January 31, 2023, we had 48 issued patents and 29 pending patent applications in the United States and abroad.

We generally enter into confidentiality agreements and invention or work product assignment agreements with our officers, employees, agents, contractors, and business partners to control access to, and clarify ownership of, our proprietary information. As of January 31, 2024, we had 66 issued patents and 5 pending patent applications in the US and abroad.

As of January 31, 2023, we ha d over 10,000 customers, ranging from large enterprises, such as Fortune 500 companies, to small and medium-sized businesses around the world. We intend to continue to add new customers through a product-first approach.

We have customers, ranging from large enterprises, such as Fortune 500 companies, to small and medium-sized businesses around the world. We intend to continue to add new customers through a product-first approach.

We offer full-fledged EPP and EDR for servers, virtual machines, and containerized workloads. Our Cloud Application Control locks down the running image of servers and containers to prevent configuration drift and protect against unauthorized changes, in line with best practices for cloud workload security.

Our Cloud Application Control locks down the running image of servers and containers to prevent configuration drift and protect against unauthorized changes, in line with best practices for cloud workload security.

A new paradigm for cybersecurity is needed to autonomously protect organizations and their heterogeneous IT footprints from highly sophisticated, machine-based attacks in a holistic, seamless, and automated manner. Our Revolutionary Autonomous Approach to Cybersecurity Our AI-powered Singularity Platform defines and delivers XDR.

Singularity Platform Modules We further offer customers a broad set of capabilities through our Singularity Modules. We price our modules as a subscription on a per agent basis.

We further offer customers a broad set of capabilities through our Singularity Modules. We price our modules as a subscription on a per agent basis. Our platform capabilities are connected through three key patented technologies: • Data Analytics.

By providing full visibility into the Storyline of every secured device across the organization through one console, our platform makes it very fast for analysts to easily search through petabytes of data to investigate incidents and proactively hunt threats. We have extended protection and visibility beyond the traditional endpoint to cloud workloads, identity credentials, unmanaged devices, and IoT devices.

Existing tools, such as signature-based approaches, human-powered monitoring, application whitelisting and sandboxing, are each effective under limited circumstances, but lack the ability to detect the full spectrum of threats organizations are dealing with.

Key limitations of legacy tools are that they: • Cover a limited spectrum of cyber threats . Legacy tools, such as signature-based approaches, human-powered monitoring, application whitelisting and sandboxing, are each effective under limited circumstances, but lack the ability to detect the full spectrum of threats that organizations face.

As a result, both entry level analysts and highly skilled analysts can analyze results faster, review more alerts, and be more productive with the power of technology. 11 Table of Contents • Response Capabilities . Our Singularity Platform offers one of the broadest sets of response actions in the EDR market.

As a result, both entry level and highly skilled analysts can analyze results faster, review more alerts, and be more productive with the power of technology. • Response Capabilities . Our Singularity Platform offers one of the broadest sets of response actions in the EDR market. Leveraging Storylines, we automate responses or make them optionally initiated by operators.

We have a proven team that constantly works to expand our market, customer and user reach and impact with new, innovative products. We intend to continue to invest in our research and development capabilities to extend our platform and products.

We have a proven team that constantly works to expand our market, customer and user reach and impact with new, innovative products.

It is the industry’s leading on-device behavioral AI product that dynamically detects never before seen malware, phishing, exploits, and man-in-the-middle attacks. Singularity Mobile provides security and data privacy to support zero trust.

It delivers mobile threat defense that is local, adaptive, and real-time, to thwart mobile malware and phishing attacks at the device, with or without a cloud connection. It is the industry’s leading on-device behavioral AI product that dynamically detects never before seen malware, phishing, exploits, and man-in-the-middle attacks. Singularity Mobile provides security and data privacy to support zero trust.

ActiveEDR reduces analysis time and requirements for specialized skills by providing technology-generated context which would otherwise need to be produced by highly skilled people manually in a time-intensive and error prone fashion. ActiveEDR excels at visualizing context, pinpointing anomalies, and providing a variety of granular responses. The main capabilities of ActiveEDR are: • Deep Visibility Threat Hunting .

It enables on-device behavioral analysis, auto-remediation, and response in a fully autonomous fashion. ActiveEDR reduces analysis time and requirements for specialized skills by providing technology-generated context which would otherwise need to be produced by highly skilled people manually in a time-intensive and error prone fashion. ActiveEDR excels at visualizing context, pinpointing anomalies, and providing a variety of granular responses.

The success of our land-and-expand strategy is evidenced by our greater than 130% dollar-based net retention rate as of January 31, 2023 . • Expand our global footprint. Revenue generated outside of the United States was 35% for fiscal 2023, compared to 32% for fiscal 2022.

The success of our land-and-expand strategy is evidenced by our dollar-based net retention rate of 114% as of January 31, 2024 . 9 Table of Contents • Expand our global footprint. Revenue generated outside of the US was 36% for fiscal 2024, compared to 35% for fiscal 2023.

Alternatively, some attacks, such as advanced persistent attacks (APT), and targeted attacks, are designed to breach the organization and stealthily infiltrate across assets to steal data, facilitate future attacks, or cause other harm over a long period of time, all while operating undetected. Cybersecurity teams are unable to scale.

Alternatively, some attacks, such as advanced persistent attacks and targeted attacks, are designed to breach the organization and stealthily infiltrate across assets to steal data, facilitate future attacks, or cause other harm over a long period of time, all while operating undetected. In addition, threat actors are using generative AI to increase the sophistication, frequency, and speed of cyberattacks.

… 82 more changes not shown on this page.

Item 1A. Risk Factors

Risk Factors — what could go wrong, per management

208 edited+69 added−40 removed304 unchanged

2023 filing

2024 filing

Biggest changeOur competitors and potential competitors include the following: • endpoint security providers, such as CrowdStrike and VMware; • legacy anti-virus providers such as Trellix, Symantec, and Microsoft; and • providers of general network security products and services who offer a broad portfolio of solutions, such as Palo Alto Networks. 24 Table of Contents Our ability to compete effectively depends upon numerous factors, many of which are beyond our control, including, but not limited to: • our ability to attract and retain new customers, expand our platform or sell additional products and services to our existing customers; • our ability to attract, train, retain, and motivate talented employees; • the budgeting cycles, seasonal buying patterns, and purchasing practices of our customers, including any slowdown in technology spending due to U.S. and global macro-economic issues, including global banking and finance related issues, rising interest rates, overall market downturns, inflation, supply chain disruptions, the COVID-19 pandemic or otherwise; • changes in customer, distributor or reseller requirements or market needs; • price competition; • the timing and success of new product and service introductions by us or our competitors or any other change in the competitive landscape of our industry, including consolidation among our competitors or customers and strategic partnerships entered into by and between our competitors; • changes in our mix of products, subscriptions and services sold, including changes in the average contract length for subscriptions and support; • our ability to successfully and continuously expand our business domestically and internationally; • changes in the growth rate of endpoint security, cloud security and overall cybersecurity product platform and services sectors; • deferral of orders from customers in anticipation of new or enhanced products and services announced by us or our competitors; • significant security breaches of, technical difficulties with or interruptions to, the use of our platform; • the timing and costs related to the development or acquisition of technologies or businesses or strategic partnerships; • our ability to execute, complete or integrate efficiently any acquisitions that we may undertake; • increased expenses, unforeseen liabilities, or write-downs and any impact on our operating results from any acquisitions we consummate; • our ability to increase the size and productivity of our distribution channels; • decisions by potential customers to purchase security solutions from larger, more established security vendors or from their primary network equipment vendors; • timing of revenue recognition and revenue deferrals; • insolvency or credit difficulties confronting our customers, which could increase due to U.S. and global macro-economic issues, including global banking and finance related issues, inflation, rising interest rates, market downturns and the effects of the COVID-19 pandemic, which would adversely affect their ability to purchase or pay for our platform, products, and services in a timely manner or at all; • the cost and potential outcomes of litigation or other proceedings, which could have a material adverse effect on our business; • future accounting pronouncements or changes in our accounting policies; 25 Table of Contents • increases or decreases in our expenses caused by fluctuations in foreign currency exchange rates; and • general macroeconomic conditions, both domestically and in our foreign markets that could impact some or all regions where we operate, including global economic slowdowns, global banking and finance related issues, increased risk of inflation, rising interest rates, labor shortages and potential global recession.

Biggest changeFor a description of our competitors, see the section titled “Business—Competition.” Our ability to compete effectively depends upon numerous factors, many of which are beyond our control, including, but not limited to: • our ability to attract and retain new customers, expand our platform or sell additional products and services to our existing customers; • our ability to attract, train, retain, and motivate talented employees; • our ability to successfully incorporate new technologies into our platform, including AI; • the budgeting cycles, seasonal buying patterns, and purchasing practices of our customers, including any slowdown in technology spending due to US and general global macroeconomic conditions; • general global macroeconomic and political conditions, both domestically and in our foreign markets that could impact some or all regions where we operate, including global economic slowdowns, actual or perceived global banking and finance related issues, increased risk of inflation, potential uncertainty with respect to the federal debt ceiling and budget and potential government shutdowns related thereto, interest rate volatility, supply chain disruptions, labor shortages, and potential global recession; 25 Table of Contents • the impact of natural or man-made global events on our business, including wars and other armed conflict, such as the conflicts in the Middle East, Ukraine and the tensions between China and Taiwan; • changes in customer, distributor or reseller requirements or market needs; • price competition; • the timing and success of new product and service introductions by us or our competitors or any other change in the competitive landscape of our industry, including consolidation among our competitors or customers and strategic partnerships entered into by and between our competitors; • changes in our mix of products, subscriptions and services sold, including changes in the average contract length for subscriptions and support; • our ability to successfully and continuously expand our business domestically and internationally; • changes in the growth rate of endpoint security, cloud security, and overall cybersecurity product platform and services sectors; • deferral of orders from customers in anticipation of new or enhanced products and services announced by us or our competitors; • significant security breaches of, technical difficulties with, or interruptions to the use of our platform; • the timing and costs related to the development or acquisition of technologies, businesses, or strategic partnerships; • our ability to execute, complete, or efficiently integrate any acquisitions that we may undertake; • increased expenses, unforeseen liabilities, or write-downs and any impact on our operating results from any acquisitions we consummate; • our ability to increase the size and productivity of our distribution channels; • decisions by potential customers to purchase security solutions from larger, more established security vendors or from their primary network equipment vendors; • timing of revenue recognition and revenue deferrals; • insolvency or credit difficulties confronting our customers, which could increase due to US and global macroeconomic issues, including actual or perceived global banking and finance related issues, inflation, interest rate volatility, and market downturns, which would adversely affect their ability to purchase or pay for our platform, products, and services in a timely manner or at all; • the cost and potential outcomes of litigation or other proceedings, which could have a material adverse effect on our business; • future accounting pronouncements or changes in our accounting policies; and • increases or decreases in our expenses caused by fluctuations in foreign currency exchange rates.

Risks Related to our People We rely on our management team and other key employees and will need additional personnel to grow our business, and the loss of one or more key employees or our inability to hire, integrate, train, manage, retain, and motivate qualified personnel, including members of our board of directors, could harm our business.

For example, in recent years, recruiting, hiring and retaining employees with expertise in the cybersecurity industry has become increasingly difficult as the demand for cybersecurity professionals has increased as a result of the recent cybersecurity attacks on global corporations and governments. We may be required to provide more training to our personnel than we currently anticipate.

For example, in recent years, recruiting, hiring and retaining employees with expertise in the cybersecurity industry has become increasingly difficult as the demand for cybersecurity professionals has increased as a result of recent cybersecurity attacks on global corporations and governments. We may be required to provide more training to our personnel than we currently anticipate.

If we fail to attract new personnel or fail to retain and motivate our current personnel, our business and future growth prospects would be severely harmed.

Moreover, our international expansion may be slow or unsuccessful if we are unable to retain qualified personnel with international experience, language skills and cultural competencies in the geographic markets in which we target.

For example, in 2017, we reached a consent agreement with the FTC, to resolve an investigation relating to certain disclosures in our privacy policy. The consent agreement requires us, among other things, to provide information about our compliance with the FTC order and about representations made in our marketing materials.

For example, in 2017, we reached a consent agreement with the FTC, to resolve an investigation relating to certain disclosures in our privacy policy. The consent agreement requires us, among other things, to provide information to the FTC about our compliance with the FTC order and about representations made in our marketing materials.

As a result, the dual class structure of our common stock may make us ineligible for inclusion in certain indices and may discourage such indices from selecting us for inclusion, notwithstanding our automatic termination provision, may cause stockholder advisory firms to publish negative commentary about our corporate governance practices or otherwise seek to cause us to change our capital structure, and may result in large institutional investors not purchasing shares of our Class A common stock.

As a result, the dual class structure of our common stock may make us ineligible for inclusion in certain indices, may discourage such indices from selecting us for inclusion (notwithstanding our automatic termination provision) may cause stockholder advisory firms to publish negative commentary about our corporate governance practices or otherwise seek to cause us to change our capital structure, and may result in large institutional investors not purchasing shares of our Class A common stock.

Among other things, our restated certificate of incorporation and amended and restated bylaws include provisions that: • provide that our board of directors is classified into three classes of directors with staggered three-year terms; • permit our board of directors to establish the number of directors and fill any vacancies and newly created directorships; • require super-majority voting to amend some provisions in our restated certificate of incorporation and amended and restated bylaws; • authorize the issuance of “blank check” preferred stock that our board of directors could use to implement a stockholder rights plan; • provide that only our chief executive officer or a majority of our board of directors will be authorized to call a special meeting of stockholders; • eliminate the ability of our stockholders to call special meetings of stockholders; • do not provide for cumulative voting; • provide that directors may only be removed “for cause” and only with the approval of two-thirds of our stockholders; 61 Table of Contents • provide for a dual class common stock structure in which holders of our Class B common stock may have the ability to control the outcome of matters requiring stockholder approval, even if they own significantly less than a majority of the outstanding shares of our common stock, including the election of directors and other significant corporate transactions, such as a merger or other sale of our company or its assets; • prohibit stockholder action by written consent, which requires all stockholder actions to be taken at a meeting of our stockholders; • provide that our board of directors is expressly authorized to make, alter, or repeal our amended and restated bylaws; and • establish advance notice requirements for nominations for election to our board of directors or for proposing matters that can be acted upon by stockholders at annual stockholder meetings.

Among other things, our restated certificate of incorporation and amended and restated bylaws include provisions that: • provide that our board of directors is classified into three classes of directors with staggered three-year terms; • permit our board of directors to establish the number of directors and fill any vacancies and newly created directorships; 64 Table of Contents • require super-majority voting to amend some provisions in our restated certificate of incorporation and amended and restated bylaws; • authorize the issuance of “blank check” preferred stock that our board of directors could use to implement a stockholder rights plan; • provide that only our chief executive officer or a majority of our board of directors will be authorized to call a special meeting of stockholders; • eliminate the ability of our stockholders to call special meetings of stockholders; • do not provide for cumulative voting; • provide that directors may only be removed “for cause” and only with the approval of two-thirds of our stockholders; • provide for a dual class common stock structure in which holders of our Class B common stock may have the ability to control the outcome of matters requiring stockholder approval, even if they own significantly less than a majority of the outstanding shares of our common stock, including the election of directors and other significant corporate transactions, such as a merger or other sale of our company or its assets; • prohibit stockholder action by written consent, which requires all stockholder actions to be taken at a meeting of our stockholders; • provide that our board of directors is expressly authorized to make, alter, or repeal our amended and restated bylaws; and • establish advance notice requirements for nominations for election to our board of directors or for proposing matters that can be acted upon by stockholders at annual stockholder meetings.

When our customers or other third parties we do business with make intellectual property rights or other indemnification claims against us, we will incur significant legal expenses and may have to pay damages, license fees and/or stop using technology found to be in violation of the third party’s rights. We may also have to seek a license for the technology.

When our customers or other third parties we do business with make intellectual property rights or other indemnification claims against us, we incur significant legal expenses and may have to pay damages, license fees and/or stop using technology found to be in violation of the third party’s rights. We may also have to seek a license for the technology.

Moreover, this variability and unpredictability could result in our failure to meet our operating plan or the expectations of investors or analysts for any period. If we fail to meet such expectations for the reasons described above or other reasons, our stock price could fall substantially, and we could face costly lawsuits, including securities class action suits.

Although we obtain services from other cloud hosting providers, if our current arrangement with AWS were terminated, we could experience interruptions on our platform and in our ability to make our content available to customers, as well as delays and additional expenses in arranging for expansion and transition to alternative cloud hosting and infrastructure services.

Although we obtain services from other cloud hosting providers, if our current arrangement with AWS were to be terminated, we could experience interruptions on our platform and in our ability to make our content available to customers, as well as delays and additional expenses in arranging for expansion and transition to alternative cloud hosting and infrastructure services.

As a result of the continued rapid innovations in the technology industry, including the rapid growth of smartphones, tablets and other devices, enterprise employees using personal devices for work, and the rapidly evolving Internet of Things, we expect the networks of our customers to continue to change rapidly and become more complex.

As a result of the continued rapid innovations in the technology industry, including the rapid growth of smartphones, tablets and other devices, enterprise employees using personal devices for work, the rapidly evolving Internet of Things and AI, we expect the networks of our customers to continue to change rapidly and become more complex.

In addition, the wide availability of source code used in our solutions could expose us to security vulnerabilities. Some open source licenses contain requirements that we make available source code for modifications or derivative works we create based upon our use and distribution of the open source software.

In addition, the wide availability of source code used in our solutions could expose us to security vulnerabilities. Some open source licenses contain requirements that we make available as source code for modifications or derivative works we create based upon our use and distribution of the open source software.

The first pillar is focused on the allocation of taxing rights between countries for in-scope multinational enterprises that sell goods and services into countries with little or no local physical presence and is intended to apply to multinational enterprises with global turnover above 20 billion euros.

Competition for highly skilled personnel is intense, especially in the San Francisco Bay Area and in Israel, where we have a substantial presence and need for highly skilled personnel, and we may not be successful in hiring or retaining qualified personnel to fulfill our current or future needs.

Competition for highly skilled personnel is intense, especially in the San Francisco Bay Area, where we have a substantial presence and need for highly skilled personnel, and we may not be successful in hiring or retaining qualified personnel to fulfill our current or future needs.

We are also subject to the United States Foreign Corrupt Practices Act of 1977 (FCPA), as amended, the United Kingdom Bribery Act 2010 (the Bribery Act), and other anti-corruption, sanctions, anti-bribery, anti-money laundering and similar laws in the United States and other countries in which we conduct activities.

We are also subject to the United States Foreign Corrupt Practices Act of 1977 (FCPA), as amended, the United Kingdom Bribery Act 2010 (the Bribery Act), and other anti-corruption, sanctions, anti-bribery, anti-money laundering and similar laws in the US and other countries in which we conduct activities.

The second pillar is focused on developing a global minimum tax rate of at least 15 percent applicable to in-scope multinational enterprises and is intended to apply to multinational enterprises with annual consolidated group revenue in excess of 750 million euro.

Risks Related to Ownership of Our Class A Common Stock • The market price of our Class A common stock may be volatile, and you could lose all or part of your investment. • The dual class structure of our common stock has the effect of concentrating voting control with certain stockholders who held our capital stock prior to the completion of our IPO, including our directors, executive officers, and other beneficial owners who hold in the aggregate approximately 85% of the voting power of our capital stock, which will limit or preclude your ability to influence corporate matters, including the election of directors and the approval of any change of control transaction.

Risks Related to Ownership of Our Class A Common Stock • The market price of our Class A common stock may be volatile, and you could lose all or part of your investment. • The dual class structure of our common stock has the effect of concentrating voting control with certain stockholders who held our capital stock prior to the completion of our IPO, including our directors, executive officers, and other beneficial owners who hold in the aggregate approximately 72% of the voting power of our capital stock, which will limit or preclude your ability to influence corporate matters, including the election of directors and the approval of any change of control transaction.

If we cannot achieve and sustain profitability, our business, operating results, and financial condition will be adversely affected. ◦ We face intense competition and could lose market share to our competitors, which would adversely affect our business, operating results, and financial condition. ◦ Our operating results may fluctuate significantly, which could make our future results difficult to predict and could cause our operating results to fall below expectations. ◦ Adverse economic conditions or reduced information technology spending could adversely affect our business, operating results and financial condition. ◦ A network or data security incident against us, whether actual, alleged, or perceived, would harm our reputation, create liability, and regulatory exposure, and adversely affect our business, operating results, and financial condition. ◦ Defects, errors, or vulnerabilities in our platform, the failure of our platform to block malware or prevent a security breach, misuse of our platform, or risks of product liability claims would harm our reputation and adversely affect our business, operating results, and financial condition. 22 Table of Contents ◦ Existing and future acquisitions, strategic investments, partnerships or alliances could be difficult to identify and integrate, divert the attention of key management personnel, disrupt our business, dilute stockholder value and adversely affect our business, operating results, and financial condition. ◦ If we are unable to retain our customers, renew and expand our relationships with them, and add new customers, we may not be able to sustain revenue growth, and we may not achieve or maintain profitability in the future. • If our platform is not effectively interoperated within our customers’ IT infrastructure, deployments could be delayed or canceled, which would adversely affect our business, operating results, and financial condition. • Disruptions or other business interruptions that affect the availability of our platform could adversely affect our customer relationships and overall business. • We may not be able to timely and cost-effectively scale and adapt our existing technology to meet our customers’ performance and other requirements. • If we are unable to maintain successful relationships with our channel partners and alliance partners, or if our channel partners or alliance partners fail to perform, our ability to market, sell and distribute our platform will be limited, and our business, operating results, and financial condition will be harmed.

If we cannot achieve and sustain profitability, our business, operating results, and financial condition will be adversely affected. • We face intense competition and could lose market share to our competitors, which would adversely affect our business, operating results, and financial condition. • Our operating results may fluctuate significantly, which could make our future results difficult to predict and could cause our operating results to fall below expectations. • Adverse global macroeconomic conditions or reduced information technology spending could adversely affect our business, operating results, and financial condition. • A network or data security incident against us, whether actual, alleged, or perceived, would harm our reputation, create liability, and regulatory exposure, and adversely affect our business, operating results, and financial condition. • Defects, errors, or vulnerabilities in our platform, the failure of our platform to block malware or prevent a security breach, misuse of our platform, or risks of product liability claims would harm our reputation and adversely affect our business, operating results, and financial condition. • Existing and future acquisitions, strategic investments, partnerships, or alliances could be difficult to identify and integrate, divert the attention of key management personnel, disrupt our business, dilute stockholder value and adversely affect our business, operating results, and financial condition. • If we are unable to retain our customers, renew and expand our relationships with them, and add new customers, we may not be able to sustain revenue growth, and we may not achieve or maintain profitability in the future. • If our platform is not effectively interoperated within our customers’ IT infrastructure, deployments could be delayed or canceled, which would adversely affect our business, operating results, and financial condition. • Disruptions or other business interruptions that affect the availability of our platform could adversely affect our customer relationships and overall business. 23 Table of Contents • We may not be able to timely and cost-effectively scale and adapt our existing technology to meet our customers’ performance and other requirements. • If we are unable to maintain successful relationships with our channel partners and alliance partners, or if our channel partners or alliance partners fail to perform, our ability to market, sell and distribute our platform will be limited, and our business, operating results, and financial condition will be harmed.

We believe that maintaining and enhancing our brand and our reputation as a leading provider of endpoint security solutions is critical to our relationship with our existing customers, channel partners, and alliance partners and our ability to attract new customers and partners.

We believe that maintaining and enhancing our brand and our reputation as a leading provider of endpoint and platform security solutions is critical to our relationship with our existing customers, channel partners, and alliance partners and our ability to attract new customers and partners.

A successful assertion by a U.S. state or local government, or other country or jurisdiction that we should have been or should be collecting additional sales, use, value added, digital services or other similar taxes could, among other things, result in substantial tax payments, create significant administrative burdens for us, discourage potential customers from subscribing to our platform due to the incremental cost of any such sales or other related taxes, or otherwise harm our business.

A successful assertion by a US state or local government, or other country or jurisdiction that we should have been or should be collecting additional sales, use, value added, digital services or other similar taxes could, among other things, result in substantial tax payments, create significant administrative burdens for us, discourage potential customers from subscribing to our platform due to the incremental cost of any such sales or other related taxes, or otherwise harm our business.

Additionally, export restrictions recently imposed on Russia and Belarus specifically limit the export of encryption hardware, software and related source code and technology to these locations which could limit our ability to provide our software and services to these countries.

Additionally, export restrictions imposed on Russia and Belarus specifically limit the export of encryption hardware, software and related source code and technology to these locations which could limit our ability to provide our software and services to these countries.

In addition, we cannot assure you that any limitation of liability provisions in our customer agreements, contracts with third-party vendors and service providers, or other contracts would be enforceable or adequate or would otherwise protect us from any liabilities or damages with respect to any particular claim relating to a security breach or other security-related matter or as a result of federal, state, or local laws or ordinances, or unfavorable judicial decisions in the U.S. or other countries.

Negative publicity about us, including about our management, the efficacy and reliability of our platform, our products offerings, our professional services, and the customers we work with, even if inaccurate, could adversely affect our reputation and brand. 34 Table of Contents If we are unable to maintain successful relationships with our channel partners and alliance partners, or if our channel partners or alliance partners fail to perform, our ability to market, sell and distribute our platform will be limited, and our business, operating results, and financial condition will be harmed.

Negative publicity about us, including about our management, the efficacy and reliability of our platform, our products offerings, our professional services, and the customers we work with, even if inaccurate, could adversely affect our reputation and brand. 37 Table of Contents If we are unable to maintain successful relationships with our channel partners and alliance partners, or if our channel partners or alliance partners fail to perform, our ability to market, sell and distribute our platform will be limited, and our business, operating results, and financial condition will be harmed.

Any real or perceived defects, errors or vulnerabilities in our platform, or any other failure of our platform to detect an advanced threat, could result in: • a loss of existing or potential customers; • delayed or lost revenue and adverse impacts to our business, operating results, and financial condition; • a delay in attaining, or the failure to attain, market acceptance; • the expenditure of significant financial and research and development resources in efforts to analyze, correct, eliminate, or work around errors or defects, and address and eliminate vulnerabilities; • an increase in resources devoted to customer service and support, which could adversely affect our gross margin; • harm to our reputation or brand; and • claims and litigation, regulatory inquiries, or investigations, enforcement actions, and other claims and liabilities, all of which may be costly and burdensome and further harm our reputation.

Any real or perceived defects, errors or vulnerabilities in our platform, or any other failure of our platform to detect an advanced threat, could result in: • a loss of existing or potential customers; • delayed or lost revenue and adverse impacts to our business, operating results, and financial condition; • a delay in attaining, or the failure to attain, market acceptance; 32 Table of Contents • the expenditure of significant financial and research and development resources in efforts to analyze, correct, eliminate, or work around errors or defects, and address and eliminate vulnerabilities; • an increase in resources devoted to customer service and support, which could adversely affect our gross margin; • harm to our reputation or brand; and • claims and litigation, regulatory inquiries, or investigations, enforcement actions, and other claims and liabilities, all of which may be costly and burdensome and further harm our reputation.

If any of these tax authorities determine that our transfer pricing for these intercompany transactions do not meet arm’s-length criteria, and were successful in challenging our positions, we could be required to pay additional taxes, interest and penalties related thereto, which could be in excess of any reserves established therefor, and which could result in higher effective tax rates, reduced cash flows and lower overall profitability of our operations.

If any of these tax authorities determine that our transfer pricing for these intercompany transactions do not meet arm’s-length criteria, and were successful in challenging our positions, we could be required to pay additional taxes, interest and penalties related thereto, which could be in excess of any reserves established therefore, and which could result in higher effective tax rates, reduced cash flows, and lower overall profitability of our operations.

Sales to governmental organizations are subject to a number of challenges and risks that may adversely affect our business and operating results, including the following risks: • selling to governmental agencies can be highly competitive, expensive, and time consuming, often requiring significant upfront time and expense without any assurance that such efforts will generate a sale; 35 Table of Contents • government certification, software supply chain or source code transparency requirements applicable to us or our platform may change and, in doing so, restrict our ability to sell into the governmental sector until we have attained the revised certification or meet other new requirements.

Sales to governmental organizations are subject to a number of challenges and risks that may adversely affect our business and operating results, including the following risks: • selling to governmental agencies can be highly competitive, expensive, and time consuming, often requiring significant upfront time and expense without any assurance that such efforts will generate a sale; • government certification, software supply chain or source code transparency requirements applicable to us or our platform may change and, in doing so, restrict our ability to sell into the governmental sector until we have attained the revised certification or meet other new requirements.

We also offer certain customers a ransomware warranty in addition to their subscriptions, providing coverage in the form of a limited monetary payment if they are affected by a ransomware attack (as specified in our ransomware warranty agreement), and though the terms of the warranty do not allow those customers to use warranty claim payments to fund payments to persons on OFAC’s list of Specially Designated Nationals and Blocked Persons or who are otherwise prohibited to receive such payments under U.S. sanctions, we cannot assure you that all of our customers will comply with our warranty terms or refrain from taking actions in violation of our warranty and applicable law.

We also offer certain customers a ransomware warranty in addition to their subscriptions, providing coverage in the form of a limited monetary payment if they are affected by a ransomware attack (as specified in our ransomware warranty agreement), and though the terms of the warranty do not allow those customers to use warranty claim payments to fund payments to persons on OFAC’s list of Specially Designated Nationals and Blocked Persons or who are otherwise prohibited to receive such payments under US sanctions, we cannot assure you that all of our customers will comply with our warranty terms or refrain from taking actions in violation of our warranty and applicable law.

Although we have experienced rapid growth historically, we may not sustain our current growth rates, nor can we assure you that our investments to support our growth will be successful.

Although we have experienced rapid growth historically, we may not sustain our growth rates, nor can we assure you that our investments to support our growth will be successful.

We receive, store, and process some personal information from our employees, customers, the employees of our customers, and our end users. This personal information is hosted by our third-party service providers.

We receive, store, and process personal information from our employees, customers, the employees of our customers, and our end users. This personal information is hosted by our third-party service providers.

Any actual, alleged or perceived security breach in our systems or networks, or any other actual, alleged or perceived data security incident we suffer, could result in damage to our reputation, negative publicity, loss of customers and sales, loss of competitive advantages over our competitors, increased costs to remedy any problems and otherwise respond to any incident, regulatory investigations and enforcement actions, costly litigation, and other liability.

Any actual, alleged, or perceived security breach in our systems or networks, or any other actual, alleged or perceived data security incident we suffer, could result in damage to our reputation, negative publicity, loss of customers and sales, loss of competitive advantages over our competitors, increased costs to remedy any problems and otherwise respond to any incident, regulatory investigations and enforcement actions, fines and penalties, costly litigation, and other liability.

As a cybersecurity company, we have been and may continue to be specifically targeted by bad actors for attacks intended to circumvent our security capabilities as an entry point into customers’ endpoints, networks, or systems. Our industry is experiencing an increase in phishing attacks and unauthorized scans of systems searching for vulnerabilities or misconfigurations to exploit.

As a cybersecurity company, we have been and may continue to be specifically targeted by malicious actors for attacks intended to circumvent our security capabilities as an entry point into customers’ endpoints, networks, or systems. Our industry is experiencing an increase in phishing attacks and unauthorized scans of systems searching for vulnerabilities or misconfigurations to exploit.

Our revenue growth is expected to slow or decline and our revenue may decline for a number of other reasons, including reduced demand for our platform, increased competition, a decrease in the growth or reduction in size of our overall market, or if we cannot capitalize on growth opportunities, including acquisitions, new products, services, and feature releases.

Our revenue growth is expected to slow as we grow and our revenue may decline for a number of other reasons, including reduced demand for our platform, increased competition, a decrease in the growth or reduction in size of our overall market, or if we cannot capitalize on growth opportunities, including acquisitions, new products, services, and feature releases.

The growth and expansion of our business will require us to invest significant financial and operational resources and the continuous dedication of our management team. 37 Table of Contents In addition, as we have grown, our number of customers has also increased significantly, and we have increasingly managed more complex deployments of our platform in more complex computing environments.

The growth and expansion of our business will require us to invest significant financial and operational resources and the continuous dedication of our management team. 40 Table of Contents In addition, as we have grown, our number of customers has also increased significantly, and we have increasingly managed more complex deployments of our platform in more complex computing environments.

In addition, under Sections 382 and 383 of the Internal Revenue Code, if a corporation undergoes an “ownership change,” generally defined as a greater than 50% change (by value) in ownership by “5 percent shareholders” over a rolling three-year period, the corporation’s ability to use its pre-change net operating loss carryovers and other pre-change tax attributes, such as research and development credits, to offset its post-change income or taxes may be limited.

In addition, under Sections 382 and 383 of the Internal Revenue Code, if a corporation undergoes an “ownership change,” generally defined as a greater than 50% change (by value) in ownership by “5 percent 57 Table of Contents shareholders” over a rolling three-year period, the corporation’s ability to use its pre-change net operating loss carryovers and other pre-change tax attributes, such as research and development credits, to offset its post-change income or taxes may be limited.

Our long-term success depends, in part, on our ability to expand the sale of our platform to customers located outside of the United States and our current, and any further, expansion of our international operations exposes us to risks that could have a material adverse effect on our business, operating results, and financial condition.

Our long-term success depends, in part, on our ability to expand the sale of our platform to customers located outside of the US and our current, and any further, expansion of our international operations exposes us to risks that could have a material adverse effect on our business, operating results, and financial condition.

As a public company we incur significant legal, accounting, and other expenses. We are subject to the reporting requirements of the Exchange Act, the Sarbanes-Oxley Act, Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 and the rules and regulations of the applicable listing standards of the New York Stock Exchange (NYSE).

As a public company we incur and expect to continue to incur significant legal, accounting, and other expenses. We are subject to the reporting requirements of the Exchange Act, the Sarbanes-Oxley Act, Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 and the rules and regulations of the applicable listing standards of the New York Stock Exchange (NYSE).

In the last few years there have been many successful advanced cybersecurity incidents that have damaged several prominent companies in spite of strong information security measures. We expect that the risks associated with cybersecurity incidents and the costs of preventing such attacks will continue to increase in the future.

In the last few years there have been many successful advanced cybersecurity incidents that have damaged several prominent companies despite strong information security measures. We expect that the risks associated with cybersecurity incidents and the costs of preventing such attacks will continue to increase in the future.

Although we generally have limitation of liability provisions in our terms and conditions of sale, they may not fully or effectively protect us from claims as a result of federal, state or local laws or ordinances, or unfavorable judicial decisions in the United States or other countries.

This could limit or delay our ability to offer new or competitive solutions and increase our costs. Third-party software we rely on may be updated infrequently, unsupported or subject to vulnerabilities that may not be patched in a timely manner, any of which may expose our solutions to vulnerabilities.

This could limit or delay our ability to offer new or competitive solutions and increase our costs. Third-party software we rely on may be updated infrequently, unsupported or subject to vulnerabilities that may not be resolved in a timely manner, any of which may expose our solutions to vulnerabilities.

In addition, changing laws, regulations, and standards relating to corporate governance and public disclosure, including those related to climate change and other ESG-focused disclosures, are creating uncertainty for public companies, increasing legal and financial compliance costs, and making some activities more time consuming.

In addition, changing laws, regulations, and standards relating to corporate governance and public disclosure, including those related to climate change and other environmental, social, and governance (ESG)-focused disclosures, are creating uncertainty for public companies, increasing legal and financial compliance costs, and making some activities more time consuming.

Our agreements with our channel partners, including agreements with Exclusive Networks, are non-exclusive, do not last for set terms, and may be terminated by either party at any time. Further, channel partners fulfill our sales on a purchase order basis and do not impose minimum purchase requirements or related terms on sales.

Our agreements with our channel partners are non-exclusive, do not last for set terms, and may be terminated by either party at any time. Further, channel partners fulfill our sales on a purchase order basis and do not impose minimum purchase requirements or related terms on sales.

A successful assertion by one or more U.S. states requiring us to collect taxes where we presently do not do so, or to collect more taxes in a jurisdiction in which we currently do collect some taxes, could result in substantial liabilities, including taxes on past sales, as well as interest and penalties.

A successful assertion by one or more US states requiring us to collect taxes where we presently do not do so, or to collect more taxes in a jurisdiction in which we currently do collect some taxes, could result in substantial liabilities, including taxes on past sales, as well as interest and penalties.

Our platform interoperates with, but does not necessarily replace, other security products. Businesses that use other cybersecurity products and services may be hesitant to purchase our platform if they believe their existing products and services provide a level of security that is sufficient to meet their needs.

Our platform interoperates with, but does not necessarily replace, other security and log analytics products. Businesses that use other cybersecurity products and services may be hesitant to purchase our platform if they believe their existing products and services provide a level of security that is sufficient to meet their needs.

As a result, management’s attention may be diverted from other business concerns, which could harm our business, operating results, and financial condition. We could be subject to additional tax liabilities and United States federal and global income tax reform could adversely affect us.

As a result, management’s attention may be diverted from other business concerns, which could harm our business, operating results, and financial condition. We could be subject to additional tax liabilities and US federal and global income tax reform could adversely affect us.

In recent years, the increased availability of hybrid or remote working arrangements has expanded the pool of companies that can compete for our employees and employment candidates. Although we have entered into employment agreements with our key employees, these agreements are on an “at-will” basis, meaning they are able to terminate their employment with us at any time.

In recent years, the increased availability of hybrid or remote working arrangements has expanded the pool of companies that can compete for our employees and employment candidates. 44 Table of Contents Although we have entered into employment agreements with our key employees, these agreements are on an “at-will” basis, meaning they are able to terminate their employment with us at any time.

Changes in our platform or changes in export and import regulations may create delays in the introduction of our platform into international markets, prevent our customers with international operations from deploying our platform globally or, in some cases, prevent the export or import of our platform to certain countries, governments or persons altogether.

Changes in our platform, and changes in or promulgation of new export and import regulations may create delays in the introduction of our platform into international markets, prevent our customers with international operations from deploying our platform globally or, in some cases, prevent the export or import of our platform to certain countries, governments or persons altogether.

As we implement more complex organizational structures, we may find it increasingly difficult to maintain the beneficial aspects of our corporate culture, which could negatively impact our future success. We are also taking steps to develop a more inclusive and diverse workforce, however, there is no guarantee that we will be able to do so.

As we implement more complex organizational structures, we may find it increasingly difficult to maintain the beneficial aspects of 45 Table of Contents our corporate culture, which could negatively impact our future success. We are also taking steps to develop a more inclusive and diverse workforce, however, there is no guarantee that we will be able to do so.

Alternatively, if a court were to find the choice of forum provision contained in our restated certificate of incorporation or amended and restated bylaws to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such action in other jurisdictions, which could harm our business, financial condition, and operating results. 62 Table of Contents ITEM 1B.

The amount of taxes we pay in different jurisdictions will depend on the application of the tax laws of the various jurisdictions, including the United States, to our intercompany transactions, international business activities, changes in tax rates, new or revised tax laws or interpretations of existing tax laws and policies by taxing authorities and courts in various jurisdictions, and our ability to operate our business in a manner consistent with our corporate structure and intercompany arrangements.

The amount of taxes we pay in different jurisdictions will depend on the application of the tax laws of the various jurisdictions, including the US, to our intercompany transactions, international business activities, changes in tax rates, new or revised tax laws or interpretations of existing tax laws and policies by taxing authorities and courts in various jurisdictions, and our ability to operate our business in a manner consistent with our corporate structure and intercompany arrangements.

In addition, laws, regulations, government guidance, and industry standards and practices in the United States and elsewhere are rapidly evolving to combat these threats. We may face increased compliance burdens regarding such requirements with regulators and customers regarding our products and services and also incur additional costs for oversight and monitoring of our own supply chain.

In addition, laws, regulations, government guidance, and industry standards and practices in the US and elsewhere are rapidly evolving to combat these threats. We may face increased compliance burdens regarding such requirements with regulators and customers regarding our products and services and also incur additional costs for oversight and monitoring of our own supply chain.

If we are unsuccessful in collecting such taxes from our customers, we could be held liable for such costs, which may adversely affect our results of operations. Further, an increasing number of U.S. states have considered or adopted laws that attempt to impose tax collection obligations on out-of-state companies.

If we are unsuccessful in collecting such taxes from our customers, we could be held liable for such costs, which may adversely affect our results of operations. Further, an increasing number of US states have considered or adopted laws that attempt to impose tax collection obligations on out-of-state companies.

In addition, pursuant to our amended and restated investors’ rights agreement, dated October 28, 2020, certain stockholders have the right, subject to certain conditions, to require us to file a registration statement for the public resale of such capital stock or to include such shares in registration statements that we may file for us or other stockholders.

If we do not effectively assist our customers in deploying our platform, succeed in helping our customers quickly resolve technical issues, or provide 41 Table of Contents effective ongoing support, our ability to sell additional products and services as part of our platform to existing customers would be adversely affected and our reputation with potential customers could be damaged.

If we do not effectively assist our customers in deploying our platform, succeed in helping our customers quickly resolve technical issues, or provide effective ongoing support, our ability to sell additional products and services as part of our platform to existing customers would be adversely affected and our reputation with potential customers could be damaged.

The terms of many open source licenses have not been interpreted by U.S. courts, and there is a risk that these licenses could be construed in ways that could impose unanticipated conditions or restrictions on our ability to commercialize products and subscriptions incorporating such software.

The terms of many open source licenses have not been interpreted by US courts, and there is a risk that these licenses could be construed in ways that could impose unanticipated conditions or restrictions on our ability to commercialize products and subscriptions incorporating such software.

Any failure or perceived failure by us, even if unfounded, to comply with applicable privacy and data security laws and regulations, our privacy policies, or our privacy-related obligations to customers, users or other third 49 Table of Contents parties, or any compromise of security that results in the unauthorized release or transfer of personal information or other customer data, may result in governmental enforcement actions, litigation, or public statements against us by consumer advocacy groups or others and could cause our users to lose trust in us, which would have an adverse effect on our reputation and business.

Any failure or perceived failure by us, even if unfounded, to comply with applicable privacy and data security laws and regulations, our privacy policies, or our privacy-related obligations to customers, users or other third parties, or any compromise of security that results in the unauthorized release or transfer of personal information or other customer data, may result in governmental enforcement actions, fines, penalties, litigation, or public statements against us by consumer advocacy groups or others and could cause our users to lose trust in us, which would have an adverse effect on our reputation and business.

If we cannot license or develop alternative non-infringing substitutes for any infringing technology used in any aspect of our business, we would be forced to limit or stop sales of our platform and may be unable to compete effectively. Any of these results would adversely affect our business, operating results, and financial condition.

If we cannot license or develop alternative non-infringing substitutes for any infringing technology used in any aspect of our business, we would be forced to limit or stop sales of our 47 Table of Contents platform and may be unable to compete effectively. Any of these results would adversely affect our business, operating results, and financial condition.

Companies that must comply with the GDPR face increased compliance obligations and risk, including more robust regulatory enforcement of data protection requirements and potential fines for noncompliance of up to €20 million or 4 percent of the annual global revenues of the noncompliant company, whichever is greater.

Companies that must comply with the GDPR face increased compliance obligations and risk, including more robust regulatory enforcement of data protection requirements and potential fines for noncompliance of up to €20 million or 4% of the annual global turnover of the noncompliant company, whichever is greater.

If we are unable to retain our customers, renew and expand our relationships with them, and add new customers, we may not be able to sustain revenue growth, and we may not achieve or maintain profitability in the future. In recent periods, we have experienced rapid growth in the adoption of our platform, customer base and revenue.

If we are unable to retain our customers, renew and expand our relationships with them, and add new customers, we may not be able to sustain revenue growth, and we may not achieve or maintain profitability in the future. Historically, we have experienced rapid growth in the adoption of our platform, customer base, and revenue.

Although we monitor our use of open source software in an effort both to comply with the terms of the applicable open source licenses and to avoid subjecting our products to conditions we do not intend, many of the risks associated with use of open source software cannot be 44 Table of Contents eliminated and could negatively affect our business.

Although we monitor our use of open source software in an effort both to comply with the terms of the applicable open source licenses and to avoid subjecting our products to conditions we do not intend, many of the risks associated with use of open source software cannot be eliminated and could negatively affect our business.

We incorporate standard encryption algorithms into our platform, which, along with the underlying technology, may be exported outside of the U.S. only with the required export authorizations, including by license, license exception or other appropriate government authorizations, which may require the filing of an encryption registration and classification request.

We incorporate standard encryption algorithms into our platform, which, along with the underlying technology, may be exported outside of the US only with the required export authorizations, including by license, license exception or other appropriate government authorizations, which may require the filing of an encryption registration and classification request.

If we do not effectively hire, integrate, train, manage, and retain additional sales personnel, and expand our sales and marketing capabilities, we may be unable to increase our customer base and increase sales to our existing customers.

If we do not effectively integrate, train, manage, and retain sales personnel, and expand our sales and marketing capabilities, we may be unable to increase our customer base and increase sales to our existing customers.

If we experience, or our service providers experience, any breaches of security 29 Table of Contents measures or sabotage or otherwise suffer unauthorized use or disclosure of, or access to, personal information, financial account information or other confidential information, we might be required to expend significant capital and resources to address these problems.

If we experience, or our service providers experience, any breaches of security measures or sabotage or otherwise suffer unauthorized use or disclosure of, or access to, personal information, financial account information or other confidential information, we might be required to expend significant capital and resources to address these problems.

From time to time, we may face claims from third parties asserting ownership of, or demanding release of, the open source software or derivative works that we developed using such software (which could include our proprietary source code), or otherwise seeking to enforce the terms of the applicable open source license.

From time to time, we may face claims from third parties asserting ownership of, or demanding release of, the open source software or derivative works that we developed using such software (which could include our proprietary source 48 Table of Contents code), or otherwise seeking to enforce the terms of the applicable open source license.

These factors would also make it more difficult for us to attract and retain qualified members of our board of directors, particularly to serve on our audit committee and compensation committee, and qualified executive officers. Being a public company requires significant resources and management oversight.

These factors would also 56 Table of Contents make it more difficult for us to attract and retain qualified members of our board of directors, particularly to serve on our audit committee and compensation committee, and qualified executive officers. Being a public company requires significant resources and management oversight.

Any exclusion from certain stock indices could result in less demand for our Class A common stock. Any actions or publications by stockholder advisory firms or institutional investors critical of our corporate governance practices or capital structure could also adversely affect the value of our Class A common stock.

Any exclusion from certain stock indices could result in less demand for our Class A common stock. Any actions or publications by stockholder advisory firms or institutional investors critical of our 62 Table of Contents corporate governance practices or capital structure could also adversely affect the value of our Class A common stock.

If taxing authorities in any of the jurisdictions in which we conduct our 54 Table of Contents international operations were to successfully challenge our transfer pricing, we could be required to reallocate part or all of our income to reflect transfer pricing adjustments, which could result in an increased tax liability to us.

If taxing authorities in any of the jurisdictions in which we conduct our international operations were to successfully challenge our transfer pricing, we could be required to reallocate part or all of our income to reflect transfer pricing adjustments, which could result in an increased tax liability to us.

Loss, retention or misuse of certain information and alleged violations of laws and regulations relating to privacy and data security, and any relevant claims, may expose us to potential liability and may require us to expend significant resources on data security and in responding to and defending such allegations and claims.

Loss, retention or misuse of certain information and alleged violations of laws and regulations relating to privacy and data security, and any relevant claims, may expose 52 Table of Contents us to potential liability and may require us to expend significant resources on data security and in responding to and defending such allegations and claims.

Because litigation is inherently unpredictable, we cannot assure you that the results of any of these actions will not have a material adverse effect on our business, operating results, financial condition, and prospects. Any of these consequences could adversely affect our business, operating results, and financial condition.

Because litigation is inherently unpredictable, we cannot assure you that the results of any of these actions will not have a material adverse effect on our business, operating results, 55 Table of Contents financial condition, and prospects. Any of these consequences could adversely affect our business, operating results, and financial condition.

As an example, following Russia’s invasion of Ukraine, the United States and other countries imposed economic sanctions and severe export control restrictions against Russia and Belarus. The United States and its allies could expand and strengthen these sanctions and export restrictions and take other actions should the conflict further escalate.

As an example, following Russia’s invasion of Ukraine, the US and other countries imposed economic sanctions and severe export control restrictions against Russia and Belarus. The US and its allies could expand and strengthen these sanctions and export restrictions and take other actions should the conflict further escalate.

In the United States, there are numerous federal and state consumer, privacy and data security laws and regulations governing the collection, use, disclosure, and protection of personal information, including security breach notification laws and consumer protection laws. Each of these laws is subject to varying interpretations and constantly evolving.

In the US, there are numerous federal and state consumer, privacy, and data security laws and regulations governing the collection, use, disclosure, and protection of personal information, including security breach notification laws and consumer protection laws. Each of these laws is subject to varying interpretations and constantly evolving.

The dual class structure of our common stock has the effect of concentrating voting control with the holders of our Class B common stock who held, in the aggregate, approximately 85% of the voting power of our capital stock as of January 31, 2023, which will limit or preclude your ability to influence corporate matters, including the election of directors and the approval of any change of control transaction.

The dual class structure of our common stock has the effect of concentrating voting control with the holders of our Class B common stock who held, in the aggregate, approximately 72% of the voting power of our capital stock as of January 31, 2024, which will limit or preclude your ability to influence corporate matters, including the election of directors and the approval of any change of control transaction.

To the extent we process personal data on behalf of our customers for the provision of services, we have, and may in the future, also be required to enter into data processing agreements which comply with Article 28 of the GDPR/U.K. GDPR.

Notably, but not necessarily limited to, we may be subject to: • Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM) and similar state consumer protection laws regarding the use of telephones and text messaging for marketing purposes. • Section 5(a) of the Federal Trade Commission (FTC) Act for violating consumers’ privacy rights or failing to take appropriate steps to keep consumers’ personal information secure, resulting in a finding of an unfair act or practice. • The CCPA, effective since January 1, 2020, which created new data privacy obligations for covered companies and provided new privacy rights to California residents, including the right to opt out of certain disclosures of their information and receive detailed information about how their personal information is used.

Notably, but not necessarily limited to, we may be subject to: • Controlling the Assault of Non-Solicited Pornography And Marketing Act (also known as the “CAN-SPAM Act”) and similar state consumer protection laws regarding the use of telephones and text messaging for marketing purposes. • Section 5(a) of the Federal Trade Commission (FTC) Act for violating consumers’ privacy rights or failing to take appropriate steps to keep consumers’ personal information secure, resulting in a finding of an unfair act or practice. • The CCPA, effective since January 1, 2020, which created new data privacy obligations for covered businesses and provided new privacy rights to California residents, including the right to opt out of certain disclosures of their information and receive detailed information about how their personal information is used.

From time to time, legal action by us may be necessary to enforce our patents and other IP rights, to protect our trade secrets, to determine the validity and scope of the proprietary rights of others or to defend against claims of infringement or invalidity.

From time to time, legal action by us may be necessary to enforce our patents and other intellectual property rights, to protect our trade secrets, to determine the validity and scope of the proprietary rights of others or to defend against claims of infringement or invalidity.

We are continuing to develop and refine our disclosure 51 Table of Contents controls, internal control over financial reporting and other procedures that are designed to ensure information required to be disclosed by us in our financial statements and in the reports that we will file with the SEC is recorded, processed, summarized and reported within the time periods specified in SEC rules and forms, and information required to be disclosed in reports under the Exchange Act is accumulated and communicated to our principal executive and financial officers.

We are continuing to develop and refine our disclosure controls, internal control over financial reporting and other procedures that are designed to ensure information required to be disclosed by us in our consolidated financial statements and in the reports that we will file with the SEC is recorded, processed, summarized and reported within the time periods specified in SEC rules and forms, and information required to be disclosed in reports under the Exchange Act is accumulated and communicated to our principal executive and financial officers.

The myriad international and U.S. privacy and data breach laws are not consistent, and compliance in the event of a widespread data breach is difficult and may be costly. In many jurisdictions, enforcement actions and consequences for noncompliance are also rising.

The myriad of international and US privacy and data breach laws are not consistent, and compliance in the event of a widespread data breach is difficult and may be costly. In many jurisdictions, enforcement actions and consequences for noncompliance are also rising.

Data protection and privacy-related laws and regulations are evolving and may result in ever increasing regulatory and public scrutiny and escalating levels of enforcement and sanctions. Failure to comply with laws, regulations and industry standards regarding personal information or other information could adversely affect our business, operating results and financial condition.

Data protection and privacy-related laws and regulations are evolving and may result in 50 Table of Contents increasing regulatory and public scrutiny and escalating levels of enforcement and sanctions. Failure to comply with laws, regulations and industry standards regarding personal information or other information could adversely affect our business, operating results, and financial condition.

If we are otherwise unable to transfer personal data between and among countries and regions in which we operate, it could affect the manner in which we provide our services, adversely affecting our financial results, and possibly making it necessary to establish systems in the EEA, Switzerland, and the U.K. to maintain personal data originating from those jurisdictions that adds expenses and may create distractions from our other business pursuits.

If we are otherwise unable to transfer personal data between and among countries and regions in which we operate, it could affect the manner in which we provide our services, adversely affecting our financial results, and possibly making it necessary to establish localized storage systems in the EEA, Switzerland, and the UK to maintain personal data originating from those jurisdictions that adds expenses and may create distractions from our other business pursuits.

Our larger competitors have substantially broader and more diverse product and service offerings and more mature distribution and go-to-market strategies, which allows them to leverage their existing customer and distributor relationships to gain business in a manner that discourages potential customers from purchasing our platform.

Our larger competitors have substantially broader and more diverse product and service offerings and more mature distribution 26 Table of Contents and go-to-market strategies, which allows them to leverage their existing customer and distributor relationships to gain business in a manner that discourages potential customers from purchasing our platform.

… 237 more changes not shown on this page.

Item 2. Properties

Properties — owned and leased real estate

1 edited+0 added−0 removed1 unchanged

2023 filing

2024 filing

Biggest changeWe lease additional offices in the United States and around the world, including in the Czech Republic, France, Israel, and United Arab Emirates. We believe that our current facilities are adequate to meet our current needs.

Biggest changeWe lease additional offices in the US and around the world, including the Czech Republic, France, India, Israel, Netherlands, United Arab Emirates, and other countries. We believe that our current facilities are adequate to meet our current needs.

Item 3. Legal Proceedings

Legal Proceedings — active lawsuits and investigations

1 edited+0 added−0 removed1 unchanged

2023 filing

2024 filing

Biggest changeFor more information regarding legal proceedings and other claims in which we are involved, see Note 13 to our consolidated financial statements included in Part II, Item 8 of this Annual Report on Form 10-K, and is incorporated herein by reference. ITEM 4. MINE SAFETY DISCLOSURES Not applicable. 63 Table of Contents PART II.

Biggest changeFor more information regarding legal proceedings and other claims in which we are involved, see Note 15, Commitments and Contingencies , to the consolidated financial statements included in Part II, Item 8 of this Annual Report on Form 10-K, and is incorporated herein by reference. ITEM 4. MINE SAFETY DISCLOSURES Not applicable. 67 Table of Contents PART II.

Item 5. Market for Registrant's Common Equity

Market for Common Equity — stock, dividends, buybacks

6 edited+2 added−1 removed3 unchanged

2023 filing

2024 filing

Biggest changeStock Performance Graph This performance graph shall not be deemed “soliciting material” or be “filed” with the SEC for purposes of Section 18 of the Exchange Act, or otherwise subject to the liability under that Section, and shall not be deemed to be incorporated by reference into any filing of SentinelOne, Inc. under the Securities Act or Exchange Act generally. 68 Table of Contents We have presented below the cumulative total return to our holders of our Class A common stock between June 30, 2021 (the date our Class A common stock commenced trading on the NYSE) through January 31, 2024 in comparison to the Standard & Poor’s 500 Index and Standard & Poor Information Technology Index.

ITEM 5. MARKET FOR REGISTRANT’S COMMON EQUITY, RELATED STOCKHOLDER MATTER AND ISSUER PURCHASES OF EQUITY SECURITIES Market Information for Class A Common Stock Our Class A common stock has been traded on the NYSE under the symbol “S” since June 30, 2021. Prior to that date, there was no public trading market for our common stock.

ITEM 5. MARKET FOR REGISTRANT’S COMMON EQUITY, RELATED STOCKHOLDER MATTERS AND ISSUER PURCHASES OF EQUITY SECURITIES Market Information for Class A Common Stock Our Class A common stock has been traded on the NYSE under the symbol “S” since June 30, 2021. Prior to that date, there was no public trading market for our common stock.

All values assume a $100 initial investment and data for the Standard & Poor’s 500 Index and Standard & Poor Information Technology Index assume reinvestment of dividends. Such returns are based on historical data and are not indicative of, nor intended to forecast, the future performance of our Class A common stock. 64 Table of Contents ITEM 6. [RESERVED]

Securities Authorized for Issuance Under Equity Compensation Plans The information required by this item will be included in our Proxy Statement for the 2023 Annual Meeting to be filed with the SEC within 120 days of the fiscal year ended January 31, 2023, and is incorporated herein by reference. Unregistered Sales of Equity Securities None.

Securities Authorized for Issuance Under Equity Compensation Plans The information required by this item will be included in our Proxy Statement for the 2024 Annual Meeting to be filed with the SEC within 120 days of the fiscal year ended January 31, 2024, and is incorporated herein by reference.

Our Class B common stock is not listed or traded on any stock exchange. Holders of Record As of March 24, 2023, we had 70 holders of record of our Class A common stock and 69 holders of record of our Class B common stock.

Our Class B common stock is not listed or traded on any stock exchange. Holders of Record As of March 22, 2024, we had 116 holders of record of our Class A common stock and 52 holders of record of our Class B common stock.

Issuer Purchases of Equity Securities None. Use of Proceeds from Initial Public Offering of Common Stock and Concurrent Private Placement None.

We believe this transaction was exempt from registration under the Securities Act in reliance on the exemptions provided by Rule 501(a) of Regulation D under the Securities Act and Rule 902(k) of Regulation S under the Securities Act. Issuer Purchases of Equity Securities None. Use of Proceeds from Initial Public Offering of Common Stock and Concurrent Private Placement None.

Removed

We have presented below the cumulative total return to our stockholders between June 30, 2021 (the date our Class A common stock commenced trading on the NYSE) through January 31, 2023 in comparison to the Standard & Poor’s 500 Index and Standard & Poor Information Technology Index.

Added

Unregistered Sales of Equity Securities On February 1, 2024, we completed the acquisition of PingSafe.

Added

Under the terms of the Purchase Agreement, we acquired 100% of the outstanding shares of PingSafe for total consideration of approximately $57.5 million in cash and 2,354,607 shares of our Class A common stock, subject to customary adjustments set forth in the Purchase Agreement, to the former shareholders of PingSafe.

Item 7. Management's Discussion & Analysis

Management's Discussion & Analysis (MD&A) — revenue / margin commentary

65 edited+41 added−11 removed32 unchanged

2023 filing

2024 filing

Biggest changeResults of Operations The following table sets forth our results of operations for the periods presented: Year Ended January 31, 2023 2022 2021 (in thousands) Revenue $ 422,179 $ 204,799 $ 93,056 Cost of revenue (1) 144,177 81,677 39,332 Gross profit 278,002 123,122 53,724 Operating expenses: Research and development (1) 207,008 136,274 62,444 Sales and marketing (1) 310,848 160,576 77,740 General and administrative (1) 162,722 93,504 29,059 Total operating expenses 680,578 390,354 169,243 Loss from operations (402,576) (267,232) (115,519) Interest income 21,408 202 231 Interest expense (1,830) (787) (1,401) Other expense, net (1,293) (2,280) (424) Loss before income taxes (384,291) (270,097) (117,113) Provision (benefit) for income taxes (5,613) 1,004 460 Net loss $ (378,678) $ (271,101) $ (117,573) __________________ (1) Includes stock-based compensation expense as follows: Year Ended January 31, 2023 2022 2021 (in thousands) Cost of revenue $ 10,093 $ 3,618 $ 308 Research and development 51,771 35,358 6,590 Sales and marketing 40,115 15,460 3,835 General and administrative 62,487 33,453 5,179 Total stock-based compensation expense $ 164,466 $ 87,889 $ 15,912 70 Table of Contents The following table sets forth the components of our consolidated statements of operations as a percentage of revenue for each of the periods presented: Year Ended January 31, 2023 2022 2021 (as a percentage of total revenue) Revenue 100 100% 100% Cost of revenue 34 40 42 Gross profit 66 60 58 Operating expenses: Research and development 49 67 67 Sales and marketing 74 78 84 General and administrative 39 46 31 Total operating expenses 161 191 182 Loss from operations (95) (130) (124) Interest income 5 — — Interest expense — — (2) Other expense, net — (1) — Loss before income taxes (91) (132) (126) Provision (benefit) for income taxes (1) — — Net loss (90) % (132) % (126) % Note: Certain figures may not sum due to rounding.

Biggest changeIn connection with our global consolidated losses, we maintain a full valuation allowance against our US and Israel deferred tax assets because we have concluded that it is more likely than not that the deferred tax assets will not be realized. 76 Table of Contents Results of Operations The following table sets forth our results of operations for the periods presented: Year Ended January 31, 2024 2023 2022 (in thousands) Revenue $ 621,154 $ 422,179 $ 204,799 Cost of revenue (1) 179,281 144,177 81,677 Gross profit 441,873 278,002 123,122 Operating expenses: Research and development (1) 218,176 207,008 136,274 Sales and marketing (1) 397,160 310,848 160,576 General and administrative (1) 198,247 162,722 93,504 Restructuring (1) 6,706 — — Total operating expenses 820,289 680,578 390,354 Loss from operations (378,416) (402,576) (267,232) Interest income 45,880 21,408 202 Interest expense (1,216) (1,830) (787) Other income (expense), net 918 (1,293) (2,280) Loss before income taxes (332,834) (384,291) (270,097) Provision for (benefit from) income taxes 5,859 (5,613) 1,004 Net loss $ (338,693) $ (378,678) $ (271,101) __________________ (1) Includes stock-based compensation expense as follows: Year Ended January 31, 2024 2023 2022 (in thousands) Cost of revenue $ 17,187 $ 10,093 $ 3,618 Research and development 61,055 51,771 35,358 Sales and marketing 55,798 40,115 15,460 General and administrative 83,890 62,487 33,453 Restructuring (1,060) — — Total stock-based compensation expense $ 216,870 $ 164,466 $ 87,889 77 Table of Contents The following table sets forth the components of our consolidated statements of operations as a percentage of revenue for each of the periods presented: Year Ended January 31, 2024 2023 2022 (as a percentage of total revenue) Revenue 100% 100% 100% Cost of revenue 29 34 40 Gross profit 71 66 60 Operating expenses: Research and development 35 49 67 Sales and marketing 64 74 78 General and administrative 32 39 46 Restructuring 1 — — Total operating expenses 132 161 191 Loss from operations (61) (95) (130) Interest income 7 5 — Interest expense — — — Other income (expense), net — — (1) Loss before income taxes (54) (91) (132) Provision (benefit) for income taxes 1 (1) — Net loss (55) % (90) % (132) % Note: Certain figures may not sum due to rounding.

Financing Activities Cash provided by financing activities during fiscal 2023 was $36.3 million, consisting of $19.2 million of proceeds from the issuance of common stock under our 2021 Employee Stock Purchase Plan, $17.3 million of proceeds from the exercise of employee stock options, partially offset by $0.2 million of payments of deferred offering costs.

Cash provided by financing activities during fiscal 2023 was $36.3 million, consisting of $19.2 million of proceeds from the issuance of common stock under our 2021 Employee Stock Purchase Plan, $17.3 million of proceeds from the exercise of stock options, partially offset by $0.2 million of payments of deferred offering costs.

Our contracts with customers may contain multiple performance obligations, which are accounted for separately if they are capable of being distinct and are distinct in the context of the contract. Contracts that contain multiple performance obligations require an allocation of the transaction price to each performance obligation based on relative standalone selling price (SSP).

We expect these losses and operating losses to continue for the foreseeable future. We also expect to incur significant research and development, sales and marketing, and general and administrative expenses over the next several years in connection with the continued development and expansion of our business.

We expect these and other operating losses to continue for the foreseeable future. We also expect to incur significant research and development, sales and marketing, and general and administrative expenses over the next several years in connection with the continued development and expansion of our business.

Premium support and maintenance and other Singularity Modules are distinct from subscriptions and are recognized ratably over the term as the performance obligations are satisfied. We invoice our customers upfront upon signing for the entire term of the contract, periodically, or in arrears. Most of our subscription contracts have a term of one to three years.

Premium support and maintenance and other Singularity Modules are distinct from subscriptions and are recognized ratably over the term as the performance obligations are satisfied. 74 Table of Contents We invoice our customers upfront upon signing for the entire term of the contract, periodically, or in arrears. Most of our subscription contracts have a term of one to three years.

As of January 31, 2023 and 2022, our principal source of liquidity was cash, cash equivalents, and investments of $1.2 billion and $1.7 billion, respectively. In the short term, we believe that our existing cash, cash equivalents, and investments will be sufficient to support working capital and capital expenditure requirements for at least the next 12 months.

As of January 31, 2024 and 2023, our principal source of liquidity was cash, cash equivalents, and investments of $1.1 billion and $1.2 billion, respectively. In the short term, we believe that our existing cash, cash equivalents, and investments will be sufficient to support working capital and capital expenditure requirements for at least the next 12 months.

Our go-to-market strategy is focused on acquiring new customers and driving expanded usage of our platform by existing customers. Our sales organization is comprised of our enterprise sales, inside sales and customer solutions engineering teams. It leverages our global network of ISVs, alliance partners, and channel partners for prospect access.

Our go-to-market strategy is focused on acquiring new customers and driving expanded usage of our platform by existing customers. Our sales organization is comprised of our enterprise sales, inside sales and customer solutions engineering teams. It leverages our global network of independent software vendors (ISVs), alliance partners, and channel partners for prospect access.

Depending upon the structure of a particular arrangement, we (1) allocate the variable amount to each distinct service period within the series and recognize revenue as each distinct service period is performed (i.e. direct allocation), (2) estimate total variable consideration at contract inception (giving consideration to any constraints that may apply and updating the estimates as new information becomes available) and recognizes the total transaction price over the period to which it relates, or (3) apply the ‘right to invoice’ practical expedient and recognize revenue based on the amount invoiced to the customer during the period.

Depending upon the structure of a particular arrangement, we i) allocate the variable amount to each distinct service period within the series and recognize revenue as each distinct service period is performed (i.e. direct allocation), ii) estimate total variable consideration at contract inception (giving consideration to any constraints that may apply and updating the estimates as new information becomes available) and recognizes the total transaction price over the period to which it relates, or iii) apply the ‘right to invoice’ practical expedient and recognize revenue based on the amount invoiced to the customer during the period.

Once customers experience the benefits of our platform, they often upgrade their subscriptions to benefit from the full range of our XDR and IT and security operations capabilities. Additionally, many of our customers adopt Singularity Modules over time to extend the functionality of our platform and increase their coverage footprint.

Once customers experience the benefits of our platform, they often upgrade their subscriptions to benefit from the full range of our extended detection and response (XDR), IT, and security operations capabilities. Additionally, many of our customers adopt Singularity Modules over time to extend the functionality of our platform and increase their coverage footprint.

General and Administrative General and administrative expenses consist primarily of salaries, benefits, bonuses, stock-based compensation, and other expenses for our executive, finance, legal, people team, and facilities organizations. General and administrative expenses also include external legal, accounting, other consulting, and professional services fees, software and subscription services, and other corporate expenses.

General and Administrative General and administrative expenses consist primarily of salaries, benefits, bonuses, stock-based compensation, and other expenses for our executive, finance, legal, people team, and facilities organizations. General and 75 Table of Contents administrative expenses also include external legal, accounting, other consulting, and professional services fees, software and subscription services, and other corporate expenses.

Critical Accounting Policies and Estimates Our consolidated financial statements are prepared in accordance with GAAP. The preparation of consolidated financial statements requires us to make estimates and assumptions that affect the reported amounts of assets, liabilities, revenue, expenses, and related disclosures.

Critical Accounting Policies and Estimates Our consolidated financial statements are prepared in accordance with generally accepted accounting principles (GAAP) in the US. The preparation of consolidated financial statements requires us to make estimates and assumptions that affect the reported amounts of assets, liabilities, revenue, expenses, and related disclosures.

The critical accounting policies requiring estimates, assumptions, and judgments that we believe have the most significant impact on our consolidated financial statements are described below. 75 Table of Contents Revenue Recognition We recognize revenue in accordance with Accounting Standards Codification 606, Revenue from Contracts with Customers .

The critical accounting policies requiring estimates, assumptions, and judgments that we believe have the most significant impact on our consolidated financial statements are described below. 82 Table of Contents Revenue Recognition We recognize revenue in accordance with Accounting Standards Codification (ASC) Topic 606, Revenue from Contracts with Customers .

Subscriptions provide access to hosted software. The nature of our promise to the customer under the subscription is to provide protection for the duration of the contractual term and as such is considered as a series of distinct services. Our arrangements may include fixed consideration, variable consideration, or a combination of the two.

The nature of our promise to the customer under the subscription is to provide protection for the duration of the contractual term and as such is considered as a series of distinct services. Our arrangements may include fixed consideration, variable consideration, or a combination of the two.

However, any instability in the global banking system may impact liquidity both in the short term and long term and may result in adverse impacts to our or our customers’ business, including in our customers’ ability to pay for our platform.

However, any instability in the US or global banking system or relating to the federal budget may impact liquidity both in the short term and long term and may result in adverse impacts to our or our customers’ business, including in our customers’ ability to pay for our platform.

During this period, we continued to invest in growing our business to capitalize on our market opportunity. As a result, our net loss for fiscal 2023, 2022, and 2021 was $378.7 million, $271.1 million, and $117.6 million, respectively.

During this period, we continued to invest in growing our business to capitalize on our market opportunity. As a result, our net loss for fiscal 2024, 2023, and 2022 was $338.7 million, $378.7 million, and $271.1 million, respectively.

Provision for Income Taxes Provision for (benefit from) income taxes consists primarily of income taxes in certain foreign and state jurisdictions in which we conduct business and a one-time benefit from the release of valuation allowance as a result of the Attivo business combination.

Provision for (Benefit From) Income Taxes Provision for (benefit from) income taxes consists primarily of income taxes in certain foreign and state jurisdictions in which we conduct business, and a one-time benefit from the release of valuation allowance as a result of the Attivo acquisition during fiscal 2023.

In the long term, our future capital requirements will depend on many factors, including our revenue growth rate, the timing and the amount of cash received from customers, the expansion of sales and marketing activities, the timing and extent of spending to support research and development efforts, the price at which we are able to purchase third-party cloud infrastructure, expenses associated with our international expansion, the introduction of platform enhancements, and the continuing market adoption of our platform.

In the long term beyond the next 12 months, our future capital requirements will depend on many factors, including global 80 Table of Contents macroeconomic conditions, our revenue growth rate, the timing and the amount of cash received from customers, the expansion of sales and marketing activities, the timing and extent of spending to support research and development efforts, the price at which we are able to purchase third-party cloud infrastructure, expenses associated with our international expansion, the introduction of platform enhancements, and the continuing market adoption of our platform.

Key Business Metrics We monitor the following key metrics to help us evaluate our business, identify trends affecting our business, formulate business plans, and make strategic decisions.

Key Business Metrics and Non-GAAP Financial Measures We monitor the following key metrics and non-GAAP financial measures to help us evaluate our business, identify trends affecting our business, formulate business plans, and make strategic decisions.

Gross margin increased from 60% for fiscal 2022 to 66% for fiscal 2023, primarily due to revenue growth from existing and new customers outpacing growth in cost of revenue.

Gross margin increased from 66% for fiscal 2023 to 71% for fiscal 2024, primarily due to revenue growth from existing and new customers outpacing growth in cost of revenue.

Investing Activities Cash used in investing activities during fiscal 2023 was $1,312.7 million, consisting of $1,938.0 million of investment purchases, $281.0 million of net cash paid for the acquisition of Attivo, $13.5 million of capitalized 74 Table of Contents internal-use software costs, and $5.0 million of purchases of property and equipment to support additional office facilities, partially offset by $925.2 million of investment maturities.

Cash used in investing activities during fiscal 2023 was $1.3 billion, consisting of $1.9 billion of investment purchases, $281.0 million of net cash paid for the Attivo acquisition, $13.5 million of capitalized internal-use software costs, and $5.0 million of purchases of property and equipment to support additional office facilities, partially offset by $925.2 million of investment maturities.

The following table shows a summary of our cash flows for the periods presented: Years Ended January 31, 2023 2022 2021 (in thousands) Net cash used in operating activities $ (193,287) $ (95,588) $ (66,570) Net cash used in investing activities $ (1,312,666) $ (19,743) $ (6,265) Net cash provided by financing activities $ 36,308 $ 1,387,124 $ 423,978 Operating Activities Our largest source of operating cash is payments received from our customers.

The following table shows a summary of our cash flows for the periods presented: Years Ended January 31, 2024 2023 2022 (in thousands) Net cash used in operating activities $ (68,374) $ (193,287) $ (95,588) Net cash provided by (used in) investing activities $ 140,590 $ (1,312,666) $ (19,743) Net cash provided by financing activities $ 47,464 $ 36,308 $ 1,387,124 Operating Activities Our largest source of operating cash is payments received from our customers.

Interest Income, Interest Expense, and Other Income (Expense), Net Interest income consists primarily of interest earned on our cash equivalents and investments. 69 Table of Contents Interest expense consists primarily of the amortization of the discount related to Attivo indemnity escrow liability. Other income (expense), net consists primarily of foreign currency transaction gains and losses.

Interest expense consists primarily of the amortization of the discount related to the Attivo indemnity escrow liability. Other income (expense), net consists primarily of foreign currency transaction gains and losses and gains and losses on strategic investments.

Our revenue outside of the United States represented 35% and 32% for fiscal 2023 and 2022, respectively, illustrating the global nature of our solutions. We have grown rapidly since our inception. Our revenue was $422.2 million, $204.8 million, and $93.1 million for fiscal 2023, 2022, and 2021, respectively, representing year-over-year growth of 106% and 120%, respectively.

Our revenue outside of the US represented 36% and 35% for fiscal 2024 and 2023, respectively, illustrating the global nature of our solutions. We have grown rapidly since our inception. Our revenue was $621.2 million, $422.2 million, and $204.8 million for fiscal 2024, 2023, and 2022, respectively, representing year-over-year growth of 47% and 106%, respectively.

We have financed operations primarily through proceeds received from sales of equity securities, payments received from our customers, and borrowings under our loan and security agreement, and we have generated operating losses, as reflected in our accumulated deficit of $1,000.4 million and $621.7 million as of January 31, 2023 and 2022, respectively.

We have financed operations primarily through proceeds received from sales of equity securities, payments received from our customers, and borrowings under a now-terminated loan and security agreement, and we have generated operating losses, as reflected in our accumulated deficit of $1.3 billion and $1.0 billion as of January 31, 2024 and 2023, respectively.

Sales and Marketing Year Ended January 31, Change 2023 2022 $ % (dollars in thousands) Sales and marketing expenses $ 310,848 $ 160,576 $ 150,272 94 % Sales and marketing expenses increased from $160.6 million in fiscal 2022 to $310.8 million in fiscal 2023, primarily due to an increase in personnel-related expenses of $103.2 million, including an increase of $24.7 million in stock-based compensation expense as a result of increased headcount.

Sales and Marketing Year Ended January 31, Change 2024 2023 $ % (dollars in thousands) Sales and marketing expenses $ 397,160 $ 310,848 $ 86,312 28 % Sales and marketing expenses increased from $310.8 million in fiscal 2023 to $397.2 million in fiscal 2024, primarily due to an increase in personnel-related expenses of $56.9 million, including an increase of $15.7 million in stock-based compensation expense as a result of increased headcount and increase of $7.0 million in commission expense.

We define ARR as the annualized revenue run rate of our subscription and capacity contracts at the end of a reporting period, assuming contracts are renewed on their existing terms for customers that are under contracts with us.

We define ARR as the annualized revenue run rate of our subscription and consumption and usage-based agreements at the end of a reporting period, assuming contracts are renewed on their existing terms for customers that are under contracts with us. As of January 31, 2024 and 2023, no single end customer accounted for more than 3% of our ARR.

We define a customer as an entity that has an active subscription for access to our platform. We count MSPs, MSSPs, MDRs, and OEMs, who may purchase our products on behalf of multiple companies, as a single customer.

We count MSPs, MSSPs, MDRs, and OEMs, who may purchase our products on behalf of multiple companies, as a single customer.

A discussion regarding our financial condition and results of operations for fiscal 2022 compared to fiscal 2021 can be found in “Management’s Discussion and Analysis of Financial Condition and Results of Operations” in the Form 10-K for the fiscal year ended January 31, 2022 filed with the SEC on April 7, 2022. 65 Table of Contents Overview We founded SentinelOne in 2013 with a dramatically new approach to cybersecurity.

A discussion regarding our financial condition and results of operations for fiscal 2023 compared to fiscal 2022 can be found in “Management’s Discussion and Analysis of Financial Condition and Results of Operations” in the Form 10-K for the fiscal year ended January 31, 2023 filed with the SEC on March 29, 2023.

Contractual Obligations and Commitments Our operating lease obligations as of January 31, 2023 were approximately $30.4 million, with $4.8 million expected to be paid within 12 months and the remainder thereafter. Our operating leases are related to leased facilities under operating lease agreements expiring through fiscal 2029.

Contractual Obligations and Commitments Our operating lease obligations as of January 31, 2024 were approximately $25.2 million, with $5.6 million expected to be paid within 12 months and the remainder thereafter. Our operating leases are related to leased office space with expirations through 2029.

The combination of platform upgrades and extended modules drives our powerful land-and-expand motion. Our Singularity Platform is used globally by organizations of all sizes across a broad range of industries. As of January 31, 2023, we had over 10,000 customers, increasing from over 6,700 customers as of January 31, 2022.

These amounts were partially offset by a $92.5 million increase in deferred revenue resulting primarily from increased subscription contracts.

These amounts were partially offset by a $19.1 million increase in accrued payroll and benefits and a $108.2 million increase in deferred revenue resulting primarily from increased subscription contracts.

Together, these capabilities make our platform the logical choice for organizations of all sizes, industry verticals, and compliance requirements. Our platform offers true multi-tenancy, which enables some of the world’s largest organizations and our managed security providers and incident response partners with an excellent management experience. Our customers realize improved cybersecurity outcomes with fewer people.

Our platform offers true multi-tenancy, which enables some of the world’s largest organizations and our managed security providers and incident response partners with an excellent management experience. Our customers realize improved cybersecurity outcomes with fewer people. We generate substantially all of our revenue by selling subscriptions to our Singularity Platform.

Cost of revenue also consists of personnel-related costs associated with our customer support and services organization, including salaries, benefits, bonuses, and stock-based compensation, amortization of acquired intangible assets, amortization of capitalized internal-use software, software and subscription services used by our customer support and services team, and allocated overhead costs. 68 Table of Contents Our third-party cloud infrastructure costs are driven primarily by the number of customers, the number of endpoints per customer, the number of modules, and the incremental costs for storing additional data collected for such cloud modules.

Comparison of the Years Ended January 31, 2023 and 2022 Revenue Year Ended January 31, Change 2023 2022 $ % (dollars in thousands) Revenue $ 422,179 $ 204,799 $ 217,380 106 % Revenue increased by $217.4 million, or 106%, from $204.8 million for fiscal 2022 to $422.2 million for fiscal 2023, which was primarily driven by a combination of the addition of new customers and the sale of additional endpoints and modules to existing customers.

Comparison of the Years Ended January 31, 2024 and 2023 Revenue Year Ended January 31, Change 2024 2023 $ % (dollars in thousands) Revenue $ 621,154 $ 422,179 $ 198,975 47 % Revenue increased by $199.0 million, or 47%, from $422.2 million for fiscal 2023 to $621.2 million for fiscal 2024, primarily due to a combination of sales to new customers and sales of additional endpoints and modules to existing customers.

We have extended our control and visibility planes beyond the traditional endpoint to unmanaged IoT devices. Our Singularity Platform can be flexibly deployed on the environments that our customers choose, including public, private, or hybrid clouds. Our feature parity across Windows, macOS, Linux, and Kubernetes offers best-of-breed protection, visibility, and control across today’s heterogeneous IT environments.

Our Singularity Platform can be flexibly deployed on the environments that our customers choose, including public, private, or hybrid clouds. Our feature parity across Windows, macOS, Linux, and Kubernetes offers best-of-breed protection, visibility, and control across today’s heterogeneous IT environments. Together, these capabilities make our platform the logical choice for organizations of all sizes, industry verticals, and compliance requirements.

In the cloud, our Streaming AI detects anomalies that surface when multiple data feeds are correlated. By providing full visibility into the Storyline of every secured device across the organization through one console, our platform makes it very fast for analysts to easily search through petabytes of data to investigate incidents and proactively hunt threats.

By providing full visibility into the Storyline of every secured device across the organization through one console, our platform makes it very fast for analysts to easily search through petabytes of data to investigate incidents and proactively hunt threats. We have extended our control and visibility planes beyond the traditional endpoint to unmanaged IoT devices.

ARR represents the annualized revenue run rate of our subscription and capacity contracts at the end of a reporting period, assuming contracts are renewed on their existing terms for customers that are under contracts with us. ARR is not a forecast of future revenue, which can be impacted by contract start and end dates and renewal rates.

ARR represents the annualized revenue run rate of our subscription and consumption and usage-based agreements at the end of a reporting period, assuming contracts are renewed on their existing terms for customers that are under contracts with us. ARR is an operational metric and is not a non-GAAP metric.

See Note 17 to our consolidated financial statements included elsewhere in this Annual Report on Form 10-K for more information regarding this subsequent event.

Recently Issued Accounting Pronouncements See Note 2, Summary of Significant Accounting Policies , to the consolidated financial statements included elsewhere in this Annual Report on Form 10-K for more information regarding recently issued accounting pronouncements.

Provision for Income Taxes Year Ended January 31, Change 2023 2022 $ % (dollars in thousands) Provision (benefit) for income taxes $ (5,613) $ 1,004 $ (6,617) (659) % The provision for income taxes decreased primarily as a result of the application of our deferred tax assets with a full valuation allowance to net deferred tax liability of Attivo acquired intangibles.

Provision for (Benefit from) Income Taxes Year Ended January 31, Change 2024 2023 $ % (dollars in thousands) Provision for (benefit from) income taxes $ 5,859 $ (5,613) $ 11,472 (204) % The provision for income taxes increased in fiscal 2024, compared to fiscal 2023, primarily as a result of the increase in foreign taxes related to operations in international subsidiaries and a one-time tax benefit from the application of our deferred assets with a full valuation allowance to net deferred tax liability of Attivo acquired intangibles recorded in fiscal 2023.

Our distributed AI models run both locally on every endpoint and every cloud workload, as well as on our cloud platform. Our Static and vector-agnostic Behavioral AI models, which run on the endpoints themselves, provide our customers with protection even when their devices are not connected to the cloud.

Our Static and vector-agnostic Behavioral AI models, which run on the endpoints themselves, provide our customers with protection even when their devices are not connected to the cloud. In the cloud, our Streaming AI detects anomalies that surface when multiple data feeds are correlated.

Additionally, our sales teams work closely with our customers, channel partners, and alliance partners to drive adoption of our platform, and our software solutions are fulfilled through our channel partners. Our channel partners include some of the world’s largest resellers and distributors, MSPs, MSSPs, MDRs, OEMs, and IR firms.

We generate substantially all of our revenue by selling subscriptions to our Singularity Platform. Our subscription tiers include Singularity Core, Singularity Control, and Singularity Complete. Additionally, customers can extend the functionality of our platform through our subscription Singularity Modules.

Our subscription tiers include Singularity Core, Singularity Control, and Singularity Complete. We also offer product bundles that include Singularity Commercial and Singularity Enterprise. Additionally, customers can extend the functionality of our platform through our subscription Singularity Modules.

We expect that our general and administrative expenses will increase in absolute dollars as our business grows but will decrease as a percentage of our revenue over time.

We expect that our general and administrative expenses will increase in absolute dollars as our business grows but will decrease as a percentage of our revenue over time. Restructuring Restructuring charges, related to the Plan, consist primarily of charges related to severance payments, employee benefits, stock-based compensation, and impairment charges related to excess facilities.

Interest expense increased due to the amortization of the discount related to Attivo indemnity escrow liability. The decrease in other expense, net is primarily due to net foreign currency exchange gains.

Interest expense decreased due to the amortization of the discount related to Attivo indemnity escrow liability through July 2023. The change in other income (expense), net is primarily due to gains and losses on strategic investments, partially offset by net foreign currency exchange fluctuations.

Our fiscal year ends on January 31, and our fiscal quarters end on April 30, July 31, October 31, and January 31. Our fiscal years ended January 31, 2023, 2022, and 2021 are referred to herein as fiscal 2023, fiscal 2022, and fiscal 2021, respectively.

Our fiscal year ends on January 31, and our fiscal quarters end on April 30, July 31, October 31, and January 31.

If we are unable to raise additional capital or generate cash flows necessary to expand our operations and invest in continued innovation, we may not be able to compete successfully, which would harm our business, operating results, and financial condition. 73 Table of Contents On March 10, 2023, SVB was closed by the California Department of Financial Protection and Innovation, which also appointed the FDIC as receiver.

If we are unable to raise additional capital or generate cash flows necessary to expand our operations and invest in continued innovation, we may not be able to compete successfully, which would harm our business, operating results, and financial condition. We hold our cash, cash equivalents, and investments with a diverse group of banking partners.

Unless the context otherwise requires, all references in this report to “SentinelOne,” the “Company,” “we” “our” “us,” or similar terms refer to SentinelOne, Inc. and its subsidiaries. A discussion regarding our financial condition and results of operations for fiscal 2023 compared to fiscal 2022 is presented below.

Our fiscal years ended January 31, 2024, 2023, and 2022 are referred to herein as fiscal 2024, fiscal 2023, and fiscal 2022, respectively. 69 Table of Contents Unless the context otherwise requires, all references in this report to “SentinelOne,” the “Company,” “we” “our” “us,” or similar terms refer to SentinelOne, Inc. and its subsidiaries.

NRR is an operational metric, and there is no comparable GAAP financial measure to which we can reconcile this particular key metric. Components of Our Results of Operations Revenue We generate substantially all of our revenue from subscriptions to our Singularity Platform. Customers can extend the functionality of their subscription to our platform by subscribing to additional Singularity Modules.

Components of Our Results of Operations Revenue We generate substantially all of our revenue from subscriptions to our Singularity Platform. Customers can extend the functionality of their subscription to our platform by subscribing to additional Singularity Modules. Subscriptions provide access to hosted software.

As of January 31, 2023 2022 2021 (in thousands) Annualized recurring revenue $ 548,652 $ 292,341 $ 130,825 ARR grew 88% year-over-year to $548.7 million for fiscal 2023, primarily due to high growth in the number of new customers purchasing our subscriptions and to additional purchases by existing customers.

ARR grew 39% year-over-year to $724.4 million for fiscal 2024, primarily due to high growth in the number of new customers purchasing our subscriptions and to additional purchases by existing customers.

ARR is an operational metric, and there is no comparable GAAP financial measure to which we can reconcile this particular key metric. Customers with ARR of $100,000 or More We believe that our ability to increase the number of customers with ARR of $100,000 or more is an indicator of our market penetration and strategic demand for our platform.

Customers with ARR of $100,000 or More We believe that our ability to increase the number of customers with ARR of $100,000 or more is an indicator of our market penetration and strategic demand for our platform. We define a customer as an entity that has an active subscription for access to our platform.

General and Administrative Year Ended January 31, Change 2023 2022 $ % (dollars in thousands) General and administrative expenses $ 162,722 $ 93,504 $ 69,218 74 % General and administrative expenses increased from $93.5 million in fiscal 2022 to $162.7 million in fiscal 2023, primarily due to an increase in personnel-related expenses of $57.0 million, including an increase of $29.0 million in stock-based compensation expense as a result of increased headcount.

General and Administrative Year Ended January 31, Change 2024 2023 $ % (dollars in thousands) General and administrative expenses $ 198,247 $ 162,722 $ 35,525 22 % General and administrative expenses increased from $162.7 million in fiscal 2023 to $198.2 million in fiscal 2024, primarily due to an increase in personnel-related expenses of $33.5 million, including an increase of $21.4 million in stock-based compensation expense as a result of increased headcount, and $9.7 million increase in litigation expenses due to settlements made during the period, partially offset by a $4.8 million decrease in office related expenditures.

In addition, research and development expenses that qualify as internal-use software are capitalized, the amount of which may fluctuate significantly from period to period. Sales and Marketing Sales and marketing expenses consist primarily of employee salaries, commissions, benefits, bonuses, stock-based compensation, travel and entertainment related expenses, advertising, branding and marketing events, promotions, and software and subscription services.

In addition, research and development expenses that qualify as internal-use software are capitalized, the amount of which may fluctuate significantly from period to period.

Management’s estimates of fair value are based upon assumptions believed to be reasonable, but which are inherently uncertain and unpredictable and, as a result, actual results may differ from estimates. Recently Issued Accounting Pronouncements See Note 2 to our consolidated financial statements included elsewhere in this Annual Report on Form 10-K for more information regarding recently issued accounting pronouncements.

Research and Development Year Ended January 31, Change 2023 2022 $ % (dollars in thousands) Research and development expenses $ 207,008 $ 136,274 $ 70,734 52 % Research and development expenses increased from $136.3 million in fiscal 2022 to $207.0 million in fiscal 2023, primarily due to an increase in personnel-related expenses of $45.7 million, including an increase of $15.7 million related to stock-based compensation expense as a result of increased headcount, an increase of $16.8 million in third-party cloud infrastructure expenses incurred in developing our platform and modules, and an increase of $6.1 million related to allocated overhead costs as a result of increased headcount.

Research and Development Year Ended January 31, Change 2024 2023 $ % (dollars in thousands) Research and development expenses $ 218,176 $ 207,008 $ 11,168 5 % Research and development expenses increased from $207.0 million in fiscal 2023 to $218.2 million in fiscal 2024, primarily due to an increase in personnel-related expenses of $29.1 million, including an increase of $9.3 million related to stock-based compensation expense as a result of increased headcount, partially offset by a decrease of $14.2 million incurred in the prior year as a result of the migration of Scalyr into our platform.

We do not count our reseller or distributor channel partners as customers. 67 Table of Contents As of January 31, 2023 2022 2021 (in thousands) Customers with ARR of $100,000 or more 905 520 219 Customers with ARR of $100,000 or more grew 74% year-over-year to 905 for fiscal 2023, primarily due to growth in the ARR of existing customers from additional purchases and to growth in the average size of purchases by new customers.

Customers with ARR of $100,000 or more grew 30% year-over-year to 1,133 for fiscal 2024, primarily due to growth in the ARR of existing customers from additional purchases and to growth in the average size of purchases by new customers.

Our Singularity Platform ingests, correlates, and queries petabytes of structured and unstructured data from a myriad of ever-expanding disparate external and internal sources in real-time. We build rich context and deliver greater visibility by constructing a dynamic representation of data across an organization. As a result, our AI models are highly accurate, actionable, and autonomous.

We build rich context and deliver greater visibility by constructing a dynamic representation of data across an organization. As a result, our AI models are highly accurate, actionable, and autonomous. Our distributed AI models run both locally on every endpoint and every cloud workload, as well as on our cloud platform.

Cash used in operating activities during fiscal 2022 was $95.6 million, primarily consisting of our net loss of $271.1 million, adjusted for non-cash items of $119.9 million and net cash inflows of $55.6 million provided by changes in our operating assets and liabilities.

Cash used in operating activities during fiscal 2024 was $68.4 million, primarily consisting of our net loss of $338.7 million, and $20.2 million used in net changes to our operating assets and liabilities, partially offset by non-cash items of $290.5 million.

As of January 31, 2023 2022 2021 Dollar-based net retention rate 132 % 129 % 117 % Our dollar-based net retention rate was 132% as of January 31, 2023, driven by existing customers primarily from expansion of the number of endpoints and purchases of additional modules.

NRR represents the quotient obtained by dividing Net Retention ARR by Prior Period ARR. As of January 31, 2024 2023 2022 Dollar-based net retention rate 114 % 132 % 129 % Our NRR of 114% was driven by existing customers adoption of additional endpoint licenses and adjacent platform solutions.

We pioneered the world’s first purpose-built AI-powered Singularity Platform to make cybersecurity defense truly autonomous, from the endpoint and beyond. Our Singularity Platform instantly defends against cyberattacks - performing at a faster speed, greater scale, and higher accuracy than otherwise possible from a human-powered approach.

Overview We founded SentinelOne in 2013 with a dramatically new approach to cybersecurity. We pioneered the world’s first purpose-built AI-powered extended detection and response (XDR) platform to make cybersecurity defense truly autonomous, from the endpoint and beyond.

Cash used in investing activities during fiscal 2022 was $19.7 million, consisting of $6.0 million of cash paid for purchases of strategic investments, $3.4 million of cash paid for the acquisition of Scalyr, $5.8 million of capitalized internal-use software costs, and $3.7 million of purchases of property and equipment to support additional office facilities.

These amounts were partially offset by a $92.5 million increase in deferred revenue resulting primarily from increased subscription contracts. 81 Table of Contents Investing Activities Cash provided by investing activities during fiscal 2024 was $140.6 million, consisting of $639.2 million of investment sales and maturities, partially offset by $466.3 million of investment purchases, $14.0 million of capitalized internal-use software costs, $13.6 million of net cash paid for the KSG acquisition, $3.5 million for purchases of intangible assets, and $1.3 million of purchases of property and equipment to support additional office facilities.

We had 905 customers with ARR of $100,000 or more as of January 31, 2023, up from 520 customer with ARR of $100,000 or more as of January 31, 2022. As of January 31, 2023 and 2022, no single end customer accounted for 66 Table of Contents more than 4% of our ARR.

We had 1,133 customers with annualized recurring revenue (ARR) of $100,000 or more as of January 31, 2024, up from 872 customers with ARR of $100,000 or more as of January 31, 2023.

Cost of Revenue, Gross Profit, and Gross Margin Year Ended January 31, Change 2023 2022 $ % (dollars in thousands) Cost of revenue $ 144,177 $ 81,677 $ 62,500 77 % Gross profit $ 278,002 $ 123,122 $ 154,880 126 % Gross margin 66 % 60 % 71 Table of Contents Cost of revenue increased by $62.5 million from $81.7 million for fiscal 2022 to $144.2 million for fiscal 2023, primarily due to an increase of $26.4 million in overhead costs due to increase in our personnel to support overall growth, higher third-party cloud infrastructure expenses from increased data usage of $17.7 million, and an increase of $13.8 million from amortization of intangible assets.

Cost of Revenue, Gross Profit, and Gross Margin Year Ended January 31, Change 2024 2023 $ % (dollars in thousands) Cost of revenue $ 179,281 $ 144,177 $ 35,104 24 % Gross profit $ 441,873 $ 278,002 $ 163,871 59 % Gross margin 71 % 66 % 78 Table of Contents Cost of revenue increased by $35.1 million from $144.2 million for fiscal 2023 to $179.3 million for fiscal 2024, primarily due to a $23.9 million increase in allocated customer support costs which were mostly personnel-related expenses, a $4.4 million increase in amortization of acquired intangible assets in connection with the Attivo acquisition, $3.0 million increase in amortization of capitalized internal use-software due to the continued investment in our platform, and $2.2 million increase in cloud hosting usage charges to support our expanding business.

The main drivers of the changes in operating assets and liabilities were a $115.1 million increase in deferred revenue, resulting primarily from increased subscription contracts, a $41.5 million increase in accrued payroll and benefits due to increased headcount, a $24.2 million increase in accrued and other liabilities primarily due to net invoices received from vendors.

The main drivers of the changes in operating assets and liabilities were a $81.0 million increase in deferred contract acquisition costs, a $61.9 million increase in accounts receivable due to timing of cash received from customers, and a $4.5 million decrease in accounts payable.

In addition, there was an increase of $14.1 million in outside consulting services, legal, audit, tax and software subscription expenses. 72 Table of Contents Interest Income, Interest Expense, and Other Income (Expense), Net Year Ended January 31, Change 2023 2022 $ % (dollars in thousands) Interest income $ 21,408 $ 202 $ 21,206 10498 % Interest expense $ (1,830) $ (787) $ (1,043) 133 % Other income (expense), net $ (1,293) $ (2,280) $ 987 (43) % Interest income increased $21.2 million as a result of interest earned on investments, which we did not have in fiscal year 2022.

Interest Income, Interest Expense, and Other Income (Expense), Net Year Ended January 31, Change 2024 2023 $ % (dollars in thousands) Interest income $ 45,880 $ 21,408 $ 24,472 114 % Interest expense $ (1,216) $ (1,830) $ 614 (34) % Other income (expense), net $ 918 $ (1,293) $ 2,211 (171) % Interest income increased $24.5 million as a result of higher interest rates on investments.

Cash provided by financing activities during fiscal 2022 was $1.4 billion, consisting of $1.4 billion of aggregate net proceeds from our IPO and the concurrent private placement completed in July 2021, net of underwriting discounts and commissions, $14.6 million of proceeds from the exercise of stock options, $11.4 million of proceeds from issuance of common stock under the ESPP, partially offset by a $20.0 million repayment of our revolving line of credit and $7.4 million of payments of deferred offering costs.

Financing Activities Cash provided by financing activities during fiscal 2024 was $47.5 million, consisting of $28.3 million of proceeds from the exercise of employee stock options and $19.1 million of proceeds from the issuance of common stock under our 2021 Employee Stock Purchase Plan.

Removed

Annualized Recurring Revenue (ARR) We believe that ARR is a key operating metric to measure our business because it is driven by our ability to acquire new subscription and capacity customers and to maintain and expand our relationship with existing customers.

Added

A discussion regarding our financial condition and results of operations for fiscal 2024 compared to fiscal 2023 is presented below.

Removed

In connection with our global consolidated losses, we maintain a full valuation allowance against our U.S. and Israel deferred tax assets because we have concluded that it is more likely than not that the deferred tax assets will not be realized.

Added

Our Singularity Platform instantly defends against cyberattacks — performing at a faster speed, greater scale, and higher accuracy than otherwise possible from a human-powered approach. Our Singularity Platform ingests, correlates, and queries petabytes of structured and unstructured data from a myriad of ever-expanding disparate external and internal sources in real-time.

Removed

In addition, there was an increase of $28.6 million derived from revenue resulting from the Attivo acquisition.

Added

Our channel partners include some of the world’s largest resellers and distributors, managed service providers (MSPs), managed security service providers (MSSPs), managed detection and response providers (MDRs), original equipment manufacturers (OEMs), and incident response (IR) firms.

Removed

In addition, there was an increase of $17.4 million in marketing-related expenses, an increase of $9.6 million related to allocated overhead costs as a result of increased headcount, and the remaining increase is primarily a result of increased travel and entertainment expenses.

Added

Impact of Global Macroeconomic and Geopolitical Conditions Our overall performance depends in part on worldwide economic and geopolitical conditions and their impact on customer behavior.

Removed

While some of our cash, cash equivalents and short-term investments were held at SVB prior to its closure, in light of the FDIC’s announcement that depositors of the institution will be made whole, we currently have full access to these funds.

Added

Worsening economic conditions, including inflation, interest rate volatility, slower growth, potential recession, fluctuations in foreign exchange rates, actual or perceived instability in the global banking industry, potential uncertainty with respect to the federal debt ceiling and budget and potential government shutdowns related thereto, and other changes in economic conditions, and the impact of natural or man-made global events, including wars and other regional geopolitical armed conflict, such as the conflicts in the Middle East, Ukraine and tensions between China and Taiwan, may result in decreased sales productivity and growth and adversely affect our results of operations and financial performance.

Removed

We hold our cash, cash equivalents, and investments with a diverse group of banking partners and, as a result, we have not experienced a material impact to our business as a result of SVB’s closure.

Added

As a result of the current macroeconomic environment, we have recently experienced certain impacts on our business, including a decline in usage and consumption patterns from certain customers, especially larger enterprise customers, longer sales cycles, and deal downsizing by new customers and of renewals by existing customers, especially larger enterprises.

Removed

These amounts were partially offset by a $59.1 million increase in accounts receivable due to an increase in sales, a $53.6 million increase in deferred contract acquisition costs, a $7.3 million increase in prepaid expenses and other assets, primarily due to annual insurance renewal and prepaid sponsorship costs and a $2.1 million decrease in accounts payable due to timing of payments.

Added

We intend to continue to monitor global macroeconomic conditions closely and may determine to take certain financial or operational actions in response to such conditions to the extent our business begins to be adversely impacted.

Removed

We have office facility operating leases in the United States, the Czech Republic, France, Israel, United Arab Emirates, and other countries. See Note 7, Leases , to the consolidated financial statements included in Part II, Item 8, Financial Statements and Supplementary Data.

… 37 more changes not shown on this page.

Item 7A. Quantitative and Qualitative Disclosures About Market Risk

Market Risk — interest-rate, FX, commodity exposure

6 edited+1 added−0 removed2 unchanged

2023 filing

2024 filing

Biggest changeForeign Currency Exchange Risk To date, primarily all of our sales contracts have been denominated in U.S. dollars, therefore our revenue is not subject to foreign currency risk. Operating expenses within the United States are primarily denominated in U.S. dollars, while operating expenses incurred outside the United States are primarily denominated in each country’s respective local currency.

Biggest changeOperating expenses within the U.S. are primarily denominated in U.S. dollars, while operating expenses incurred outside the U.S. are primarily denominated in each country’s respective local currency. Our operating results and cash flows are, therefore, subject to fluctuations due to changes in foreign currency exchange rates.

Our market risk exposure is primarily the result of fluctuations in interest rates and foreign currency exchange rates. Interest Rate Risk As of January 31, 2023, we had $1.2 billion of cash, cash equivalents, and investments, which consist of money market funds, commercial paper, corporate notes and bonds and U.S. government securities.

Our market risk exposure is primarily the result of fluctuations in interest rates and foreign currency exchange rates. Interest Rate Risk As of January 31, 2024, we had $1.1 billion of cash, cash equivalents, and investments, which consist of money market funds, certificates of deposit, commercial paper, corporate notes and bonds and US government securities.

A hypothetical 10% adverse change in the U.S. dollar against other currencies would have resulted in an increase in operating loss of approximately $9.7 million for fiscal 2023. The hypothetical impact in fiscal 2022 and 2021 would not have been material. 77 Table of Contents

A hypothetical 10% adverse change in the US dollar against other currencies would have resulted in an increase in operating loss of approximately $7.4 million and $9.7 million for fiscal 2024 and 2023, respectively. The hypothetical impact in fiscal 2022 would not have been material. 84 Table of Contents

We also had $64.5 million of restricted cash as of January 31, 2023 primarily due to outstanding letters of credit established in connection with lease agreements for our facilities. Our cash, cash equivalents, and investments are held for working capital purposes. We do not enter into investments for trading or speculative purposes.

We also had $65.4 million of restricted cash as of January 31, 2024 primarily due to Attivo indemnity escrow liability, and to a lesser extent, outstanding letters of credit established in connection with lease agreements for our facilities. Our cash, cash equivalents, and investments are held for working capital purposes.

Our operating results and cash flows are, therefore, subject to fluctuations due to changes in foreign currency exchange rates. Foreign currency transaction gains and losses are recorded in other income (expense), net in the consolidated statements of operations.

Foreign currency transaction gains and losses are recorded in other income (expense), net in the consolidated statements of operations.

The effect of a hypothetical 100 basis point change in interest rates would not have had a material effect on the fair market value of our portfolio 76 Table of Contents as of January 31, 2023. We therefore do not expect our results of operations or cash flows to be materially affected by a sudden change in market interest rates.

The effect of a hypothetical 100 basis point change in interest rates would result in a $4.9 million change in the fair market value of our investment portfolio as of January 31, 2024. 83 Table of Contents Foreign Currency Exchange Risk To date, primarily all of our sales contracts have been denominated in U.S. dollars, therefore our revenue is not subject to foreign currency risk.

Added

We do not enter into investments for trading or speculative purposes.

Top changes in SentinelOne, Inc.'s 2024 10-K

Item 1. Business

Item 1A. Risk Factors

Item 2. Properties

Item 3. Legal Proceedings

Item 5. Market for Registrant's Common Equity

Item 7. Management's Discussion & Analysis

Item 7A. Quantitative and Qualitative Disclosures About Market Risk

Other S 10-K year-over-year comparisons