What changed in Palo Alto Networks's 2025 10-K compared to 2024?

Across the narrative sections we track, Palo Alto Networks (PANW) added 441 paragraphs, removed 441, and edited 313 between the 2024 and 2025 10-K filings. The biggest movers are Item 1A. Risk Factors (+168/−149), Item 1. Business (+127/−142), Item 7. Management's Discussion & Analysis (+118/−115).

Did Palo Alto Networks add new Risk Factors in the 2025 10-K?

Yes — Item 1A Risk Factors shows 168 new/edited paragraphs and 149 removed paragraphs versus the 2024 10-K.

What changed in Palo Alto Networks's MD&A (Item 7) in 2025?

Item 7 Management's Discussion & Analysis shows 118 new/edited paragraphs and 115 removed paragraphs year-over-year. Read the side-by-side diff to see exactly which revenue, margin, and outlook commentary was rewritten.

Did Palo Alto Networks update its Cybersecurity disclosure (Item 1C) in 2025?

Item 1C Cybersecurity has 11 paragraph-level changes between the 2024 and 2025 filings.

Where does this PANW 10-K diff come from?

The source filings are Palo Alto Networks's official 2024 and 2025 Form 10-K annual reports from SEC EDGAR. 10q10k.net parses each filing, aligns paragraphs by section (Item 1, 1A, 1C, 2, 3, 7, 7A), and highlights every added, removed and edited sentence side-by-side.

What changed in Palo Alto Networks's 10-K — 2024 vs 2025

Paragraph-level year-over-year comparison of Palo Alto Networks's 2024 and 2025 10-K annual filings, covering the Business, Risk Factors, Legal Proceedings, Cybersecurity, MD&A and Market Risk sections. Every new, removed and edited paragraph is highlighted side-by-side so you can see exactly what management changed in the 2025 report.

+441 added−441 removedSource: 10-K (2025-08-29) vs 10-K (2024-09-06)

Top changes in Palo Alto Networks's 2025 10-K

441 paragraphs added · 441 removed · 313 edited across 7 sections

Item 1A. Risk Factors+168 / −149 · 125 edited
Item 1. Business+127 / −142 · 79 edited
Item 7. Management's Discussion & Analysis+118 / −115 · 82 edited
Item 5. Market for Registrant's Common Equity+11 / −15 · 11 edited
Item 1C. Cybersecurity+11 / −13 · 10 edited

Item 1. Business

Business — how the company describes what it does

79 edited+48 added−63 removed35 unchanged

2024 filing

2025 filing

Biggest changeStrata Cloud Manager: • Strata Cloud Manager enables our customers to easily manage their Palo Alto Networks’ Network Security infrastructure—including NGFWs and SASE environment—from the cloud, via one unified management interface. In addition to getting complete visibility, with Strata Cloud Manager, customers can predict and prevent network health issues, strengthen security, and configure and manage their entire network security estate.

Biggest changeCritically, Runtime Security prevents threats during live AI model execution, while AI Agent Security extends protection to autonomous AI agents. - 6 - Table of Contents Strata Cloud Manager. SCM enables our customers to easily manage their Palo Alto Networks’ Network Security infrastructure—including NGFWs and SASE deployments—from the cloud, via one unified management interface.

Available as a stand-alone cloud-based subscription and a cloud-based subscription module within Cortex XSIAM, Cortex Xpanse provides ASM, which is the ability for an organization to identify what an attacker would see among all of its sanctioned and unsanctioned Internet-facing assets.

Available as a stand-alone cloud-based service and a cloud-based subscription module within Cortex XSIAM, Cortex Xpanse provides ASM, which is the ability for an organization to identify what an attacker would see among all of its sanctioned and unsanctioned Internet-facing assets.

These activities and tools benefit both our direct and indirect channels and are available at no cost to our channel partners. Our products and services have been recognized as leading in 24 categories by third-party industry analysts firms that perform independent assessments of these categories. This recognition by third parties is an important measure of validation for our customers. Backlog.

These activities and tools benefit both our direct and indirect channels and are available at no cost to our channel partners. Our products and services have been recognized as leading in 25 categories by third-party industry analysts firms that perform independent assessments of these categories. This recognition by third parties is an important measure of validation for our customers. Backlog.

In addition, it includes a cloud-based URL filtering database which consists of millions of URLs across many categories and is designed to analyze web traffic and prevent web-based threats, such as phishing, malware, and C2. • Advanced DNS Security. This cloud-delivered security service uses machine learning to proactively block malicious domains and stop attacks in progress.

In addition, the service includes a cloud-based URL filtering database which consists of millions of URLs across many categories and is designed to analyze web traffic and prevent web-based threats, such as phishing, malware, and C2. • Advanced DNS Security. This cloud-delivered security service uses machine learning to proactively block malicious domains and stop attacks in progress.

This cloud-based subscription enables organizations to collect telemetry from endpoint, network, identity and cloud data sources and apply advanced analytics and machine learning, to quickly find and stop targeted attacks, insider abuse, and compromised endpoints. Cortex XDR has two product tiers: XDR Prevent and XDR Pro. XDR Prevent delivers enterprise-class endpoint security focused on preventing attacks.

This cloud-based service enables organizations to collect telemetry from endpoint, network, identity and cloud data sources and apply advanced analytics and machine learning, to quickly find and stop targeted attacks, insider abuse, and compromised endpoints. Cortex XDR has two product tiers: XDR Prevent and XDR Pro. XDR Prevent delivers enterprise-class endpoint security focused on preventing attacks.

In addition to our People Strategy described in the section titled “Human Capital” above, we continue to communicate our expectations regarding labor standards, business practices, and workplace health and safety conditions to our supply chain through our Global Supplier Code of Conduct. During fiscal 2024, we maintained our affiliate membership in the Responsible Business Alliance.

In addition to our People Strategy described in the section titled “Human Capital” above, we continue to communicate our expectations regarding labor standards, business practices and workplace health and safety conditions to our supply chain through our Global Supplier Code of Conduct. During fiscal 2025, we maintained our affiliate membership in the Responsible Business Alliance.

Our sales organization is supported by sales engineers with responsibility for pre-sales technical support, solutions engineering for our end-customers, and technical training for our channel partners. Channel Program. Our NextWave Channel Partner program is focused on building in-depth relationships with solutions-oriented distributors and channel partners that have strong security expertise.

Our sales organization is supported by sales engineers with responsibility for pre-sales technical support, solutions engineering for our end-customers, and technical training for our channel partners. Channel Program. Our NextWave Channel Partner program is focused on building in-depth relationships with solutions-oriented distributors, channel, delivery and services partners that have strong security expertise.

We pursue sales opportunities both through our direct sales force and as assisted by our channel partners, which include resellers, global and regional systems integrators, service providers, and cloud providers. We expect to continue to grow our sales headcount to expand our reach in all key growth sectors.

We pursue sales opportunities both through our direct sales force and as assisted by our channel partners, which include resellers, global and regional systems integrators, service providers, managed security service providers, and cloud hosting service providers. We expect to continue to grow our sales headcount to expand our reach in all key growth sectors.

Item 1. Business General Palo Alto Networks, Inc. is a global cybersecurity provider with a vision of a world where each day is safer and more secure than the one before. We were incorporated in 2005 and are headquartered in Santa Clara, California.

Item 1. Business General Palo Alto Networks, Inc. is a global cybersecurity provider and our vision is a world where each day is safer and more secure than the one before. We were incorporated in 2005 and are headquartered in Santa Clara, California.

All trademarks, trade names, or service marks used or mentioned herein belong to their respective owners. - 14 - Table of Contents

All trademarks, trade names, or service marks used or mentioned herein belong to their respective owners. - 13 - Table of Contents

Cortex XSIAM customers can consolidate multiple products into a single unified platform that delivers security information and event management, extended detection and response (“XDR”), SOAR, network traffic analysis, ASM, threat intelligence management (“TIM”), identity threat detection and response, and CDR.

Cortex XSIAM customers are able to consolidate multiple products into a single unified platform that delivers security information and event management, extended detection and response (“XDR”), SOAR, network traffic analysis, ASM, threat intelligence management (“TIM”), identity threat detection and response, and CDR.

The program rewards these partners based on a number of attainment goals, as well as provides them access to marketing funds, technical and sales training, and support. To promote optimal productivity, we operate a formal accreditation program for our channel partners’ sales and technical professionals. As of July 31, 2024, we had more than 6,500 channel partners. Global Customer Success.

The program rewards these partners based on a number of attainment goals, as well as provides them access to marketing resources, technical and sales training, and support. To promote optimal productivity, we operate a formal accreditation program for our channel partners’ sales and technical professionals. As of July 31, 2025, we had more than 8,500 channel partners. Global Customer Success.

Available as a stand-alone cloud-based subscription, an on-premises appliance, or delivered natively through Cortex XSIAM, Cortex XSOAR is a comprehensive SOAR offering that unifies playbook automation, case management, real-time collaboration, and TIM to serve security teams across the incident lifecycle.

Available as a stand-alone cloud-based service, an on-premises virtual appliance, or delivered natively through Cortex XSIAM, Cortex XSOAR is a comprehensive SOAR offering that unifies playbook automation, case management, real-time collaboration, and threat intelligence management to serve security teams across the incident lifecycle.

Regardless of the operating systems, laptops, tablets, and phones will stay connected to the corporate network when they are on a network of any kind and, as a result, are protected as if they never left the corporate campus.

Regardless of the operating system, laptops, tablets, and phones will stay connected to the corporate network when they are on a network of any kind and as a result, are protected as if they never left the corporate campus. • Prisma Access Agent.

SaaS Security Inline adds an inline service to automatically gain visibility and control over thousands of known and new sanctioned, unsanctioned and tolerated SaaS applications in use within organizations today. It provides enterprise data protection and compliance across all SaaS applications and prevents cloud threats in real time with best-in-class security.

SaaS Security Inline adds an inline service to automatically gain visibility and control over thousands of known and newly sanctioned, unsanctioned and tolerated SaaS applications in use within organizations today. The service provides enterprise data protection and compliance across all SaaS applications and prevents cloud threats in real time.

Our business is affected by seasonal fluctuations in customer spending patterns. We have begun to see seasonal patterns in our business, which we expect to become more pronounced as we continue to grow, with our strongest sequential revenue growth generally occurring in our fiscal second and fourth quarters.

We have begun to see seasonal patterns in our business, which we expect to become more pronounced as we continue to grow, with our strongest sequential revenue growth generally occurring in our fiscal second and fourth quarters.

Typical deployment scenarios include the enterprise network, the enterprise data center, cloud locations, and branch or remote locations. No single end-customer accounted for more than 10% of our total revenue in fiscal 2024, 2023, or 2022. Distribution.

Typical deployment settings include the enterprise network, the enterprise data center, cloud locations, branch or remote locations, and on-device agents. No single end-customer accounted for more than 10% of our total revenue in fiscal 2025, 2024, or 2023. Distribution.

Our end-customers operate in a variety of industries, including education, energy, financial services, government entities, healthcare, Internet and media, manufacturing, public sector, and telecommunications. Our end-customers deploy our portfolio of solutions for a variety of security functions across a variety of deployment scenarios.

Prisma Access delivers exceptional user experience with a combination of application acceleration—up to 5x faster than direct-to-internet—and Autonomous Digital Experience Management. With these capabilities, Prisma Access delivers an optimized digital experience and application performance to end users. • Prisma SD-WAN. Our Prisma SD-WAN solution is a next-generation SD-WAN solution that makes the secure cloud-delivered branch possible.

Prisma Access delivers seamless user experience with a combination of application acceleration—up to 5x faster than direct-to-internet—and Autonomous Digital Experience Management. • Prisma SD-WAN. Our Prisma SD-WAN solution is a next-generation SD-WAN solution that makes the secure cloud-delivered branch possible.

However, many of our competitors have substantially greater financial, technical, and other resources, greater name recognition, larger sales and marketing budgets, broader distribution, more diversified product lines, and larger and more mature intellectual property portfolios. SALES, MARKETING, SERVICES, AND SUPPORT Customers. Our end-customers are predominantly medium to large enterprises, service providers, and government entities.

However, some of our competitors may have substantially greater financial, technical, and other resources, greater name recognition, larger sales and marketing budgets, broader distribution, more diversified product lines, and larger and more mature intellectual property portfolios. SALES, MARKETING, SERVICES, AND SUPPORT Customers. Our end-customers consist of enterprises, service providers, and government entities.

Prisma SD-WAN enables organizations to replace traditional Multiprotocol Label Switching based WAN architectures with affordable broadband and internet transport types that promote improved bandwidth availability, redundancy and performance at a reduced cost. Prisma SD-WAN leverages real-time application performance SLAs and visibility to control and intelligently steer application traffic to deliver an exceptional user experience.

Prisma SD-WAN enables organizations to replace traditional wide area network (“WAN”) architectures with affordable broadband and internet transport types that promote improved bandwidth availability, redundancy and performance at a reduced cost. Prisma SD-WAN leverages real-time application performance SLAs and visibility to control and intelligently steer application traffic to deliver a powerful user experience.

Specifically, the service enables the discovery and classification of data stored in supported SaaS applications, protects sensitive data from accidental exposure, identifies and protects against known and unknown malware, and performs user activity monitoring to identify potential misuse or data exfiltration.

Prisma SD-WAN also provides the flexibility of deploying with an on-premises controller to help businesses meet their industry-specific security compliance requirements and manage deployments with application-defined policies. Our Prisma SD-WAN simplifies network and security operations using machine learning and automation. AI Runtime Security: • AI applications and large language model (“LLM”) models challenge traditional security.

Our consultants serve as trusted advisors to our customers by assessing and testing their security controls against the right threats, transforming their security strategy with a threat-informed approach, and responding to security incidents on behalf of our clients.

Our elite consultants serve as trusted advisors to our customers by assessing and testing their security controls against sophisticated threats, transforming their security strategy with a threat-informed approach, and responding to security incidents on behalf of our clients. Additionally, Unit 42 offers managed detection and response (“MDR”) and managed threat hunting services.

Successful claims of infringement by a third party could prevent us from offering certain products or features, require us to develop alternate, non-infringing technology, which could require significant time and during which we could be unable to continue to offer our affected products or solutions, require us to obtain a license, which may not be available on reasonable terms or at all, or force us to pay substantial damages, royalties, or other fees.

This could result in time during which we may be unable to continue to offer our affected products or solutions because of a potential need for us to develop alternate, non-infringing technology, which could require significant time and resources, or require us to obtain a license, which may not be available on reasonable terms or at all, or could require us to pay substantial damages, royalties, or other fees.

Marketing activities include pipeline development through demand generation, social media and advertising programs, managing the corporate website and partner portal, trade shows and conferences, analyst relationships, customer advocacy, and customer awareness.

Our marketing team consists primarily of product marketing, brand, demand generation, field marketing, digital marketing, communications, analyst relations, and marketing analytics functions. Marketing activities include pipeline development through demand generation, social media and advertising programs, managing the corporate website and partner portal, trade shows and conferences, analyst relationships, customer advocacy, and customer awareness.

Prisma Cloud does this by consolidating multiple code and cloud security technologies such as Software Composition Analysis, Infrastructure as Code security, CI/CD security, secrets scanning, Cloud Security Posture Management, Cloud Identity and Entitlements Management, API security, Vulnerability Management, Cloud Workload Protection, Web Application and API Security, Cloud Network Security, and Cloud Discovery and Exposure Management into a single unified platform.

Cortex Cloud consolidates multiple code and cloud security technologies such as Cloud Detection and Response, Software Composition Analysis, Infrastructure as Code security, CI/CD security, secrets scanning, Cloud Security Posture Management, Cloud Identity and Entitlements Management, API security, Vulnerability Management, Cloud Workload Protection, Web Application and API Security, Cloud Network Security, and Cloud Attack Surface Management into a single unified offering.

Unlike other solutions, it does not require endpoint routing configurations to be maintained and therefore cannot be bypassed. It allows our network security platform access to Domain Name System (“DNS”) signatures that are generated using advanced predictive analysis, machine learning, and malicious domain data from a growing threat intelligence sharing community of which we are a part.

The service allows our network security platform access to Domain Name System (“DNS”) signatures that are generated using advanced predictive analysis, machine learning, and malicious domain data from a growing threat intelligence sharing community of which we are a part of.

(“Flex”), who assembles our products using design specifications, quality assurance programs, and standards that we establish, and procures components and assembles our products based on our demand forecasts. These forecasts represent our estimates of future demand for our products based upon historical trends and analysis from our sales and product management functions as adjusted for overall market conditions.

(“Flex”), who assembles our products using design specifications, quality assurance programs, and standards that we establish, and procures components and assembles our products based on our demand forecasts. These forecasts are based upon historical trends and analysis, adjusted for overall market conditions. All of our hardware products are assembled in the U.S.

Advanced WildFire combines dynamic and static analysis, recursive analysis, and a custom-built analysis environment with network traffic profiling and fileless attack detection to discover even the most sophisticated and evasive threats. Preventions are delivered in seconds to our network security platform. - 5 - Table of Contents • Advanced URL Filtering.

As our market grows, it will attract more highly specialized vendors, as well as larger vendors that may continue to acquire or bundle their products more effectively. - 10 - Table of Contents The principal competitive factors in our market include: • product features, reliability, performance, and effectiveness; • product line breadth, diversity, and applicability; • product extensibility and ability to integrate with other technology infrastructures; • price and total cost of ownership; • adherence to industry standards and certifications; • strength of sales and marketing efforts; and • brand awareness and reputation.

The principal competitive factors in our market include: • product features, reliability, performance, and effectiveness; • product line breadth, diversity, and applicability; • product extensibility and ability to integrate with other technology infrastructures; • price and total cost of ownership; • adherence to industry standards and certifications; • strength of sales and marketing efforts; and • brand awareness and reputation.

The Unit 42 Threat Intelligence team provides threat research that enables security teams to understand adversary intent and attribution, while enhancing protections offered by our products and services to stop advanced attacks.

We help security leaders assess and test their security controls, transform their security strategy with a threat-informed approach, and respond to incidents rapidly. The Unit 42 Threat Intelligence team provides threat research that enables security teams to understand adversary intent and attribution, while enhancing protections offered by our products and services to stop advanced attacks.

CDR is the latest addition to Cortex XSIAM and XDR that addresses the growing need for security teams to respond to cloud threats with purpose-built SOC tools that seamlessly integrate with their security programs. Cortex XSIAM integrates these capabilities into a single platform built for security operations, enabling organizations to simplify operations, stop threats at scale, and accelerate incident remediation.

As a comprehensive Cloud Native Application Protection Platform (“CNAPP”), Prisma Cloud secures multi- and hybrid-cloud environments for applications, data, generative AI (“GenAI”) ecosystem, and the entire cloud native technology stack across the full development lifecycle, from code to cloud. We also offer our VM-Series and CN-Series virtual firewalls for inline network security on multi- and hybrid-cloud environments.

As a comprehensive Cloud Native Application Protection Platform (“CNAPP”) combined with CDR, Cortex Cloud secures multi- and hybrid-cloud environments for applications, data, generative AI (“GenAI”) ecosystem, and the cloud native technology stack across the full development lifecycle, from code to cloud to security operations.

Prisma Access consolidates point-products into a single converged cloud-delivered offering, transforming network security and allowing organizations to enable secure hybrid workforces. Prisma Access protects all application traffic with complete, best-in-class security while ensuring an exceptional user experience with industry-leading service-level agreements (“SLA”s). With native SASE integration, Prisma Access Browser extends Zero Trust to any device—managed or unmanaged—in minutes.

Prisma Access protects all application traffic with complete, best-in-class security while also delivering a seamless user experience with industry-leading service-level agreements (“SLA”s). With native SASE integration, Prisma Access Browser extends Zero Trust to any device—managed or unmanaged—in minutes.

AIOps provides continuous best practice recommendations powered by machine learning based on industry standards, security policy context, and advanced telemetry data collected from our network security customers to improve security posture. It also intelligently predicts health, performance, and capacity problems up to seven days in advance and provides actionable insights to resolve the predicted disruptions.

AIOps enables security teams to proactively strengthen security posture and resolve network disruptions. AIOps provides continuous best practice recommendations powered by machine learning based on industry standards, security policy context, and advanced telemetry data collected from our network security customers to improve security posture.

Reinforcing the importance of our ESG performance, the charter of the Governance and Sustainability Committee of the board of directors includes the primary oversight of ESG. AVAILABLE INFORMATION Our website is located at www.paloaltonetworks.com, and our investor relations website is located at investors.paloaltonetworks.com.

The Governance and Sustainability Committee of the board of directors provides primary oversight of corporate responsibility and the board of directors and applicable committees receive regular updates on corporate responsibility topics. AVAILABLE INFORMATION Our website is located at www.paloaltonetworks.com, and our investor relations website is located at investors.paloaltonetworks.com.

Many of our existing deployments continue using Panorama as the security management solution, while new deployments benefit from using Strata Cloud Manager instead for managing network security estate—including our Next-Generation Firewalls and SASE—with a cloud-based, unified management interface. SUBSCRIPTIONS We offer a number of subscriptions as part of our network security platform.

Many of our existing deployments continue to use Panorama as the security management solution. New deployments benefit from using SCM for managing network security estate—including our Next-Generation Firewalls and SASE—with a cloud-based, unified management interface. SECURITY OPERATIONS • Cortex XSIAM. Our cloud-based AI-powered security operations platform harnesses the power of AI to significantly improve security outcomes and transform security operations.

We empower enterprises, organizations, service providers, and government entities to protect themselves against today’s most sophisticated cyber threats. Our cybersecurity platforms and services help secure enterprise users, networks, clouds, and endpoints by delivering comprehensive cybersecurity backed by artificial intelligence (“AI”) and automation.

Our mission is to be the cybersecurity partner of choice for enterprises, organizations, service providers, and government entities to protect our digital way of life. Our cybersecurity platforms and services help secure enterprise users, networks, clouds, and endpoints by delivering comprehensive cybersecurity backed by artificial intelligence (“AI”) and automation.

We plan to continue to significantly invest in our research and development efforts as we evolve and extend the capabilities of our portfolio. - 9 - Table of Contents INTELLECTUAL PROPERTY We believe that our intellectual property rights are valuable and important to our business, and that our success depends, in part, on our ability to protect and use our core technology and intellectual property rights.

INTELLECTUAL PROPERTY We believe that our intellectual property rights are valuable and important to our business, and that our success depends, in part, on our ability to protect and use our core technology and intellectual property rights.

Our network security platform also includes our cloud-delivered security services, such as Advanced Threat Prevention, Advanced WildFire ® , Advanced URL Filtering, Advanced DNS Security, IoT/OT Security, GlobalProtect ® , Enterprise Data Loss Prevention (“Enterprise DLP”), AI for IT Operations (“AIOps”), SaaS Security, and AI Access Security.

These include Advanced Threat Prevention, Advanced WildFire ® , Advanced URL Filtering, Advanced DNS Security, IoT/OT Security, GlobalProtect ® , Prisma Access Agent, Enterprise Data Loss Prevention (“Enterprise DLP”), AI for IT Operations (“AIOps”), Software as a Service (“SaaS”) Security, and AI Access Security.

This cloud-delivered security service provides protection against targeted malware and advanced persistent threats and provides a near real-time analysis engine for detecting previously unseen malware while resisting attacker evasion techniques.

Advanced Threat Prevention is the industry’s only offering to protect the enterprise from unknown command and control in real-time with the power of Precision AI TM . • Advanced WildFire. This cloud-delivered security service provides protection against targeted malware and advanced persistent threats and provides a near real-time analysis engine for detecting previously unseen malware while resisting attacker evasion techniques.

SaaS Security API (formerly Prisma SaaS) is a multi-mode, cloud access security broker (“CASB”) that helps govern sanctioned SaaS application usage across all users and helps prevent breaches and non-compliance.

The service uses machine learning to baseline normal behavior, identify anomalous activity, assess risk, and provide policy recommendations. • SaaS Security API. SaaS Security API is a multi-mode, cloud access security broker (“CASB”) that helps govern sanctioned SaaS application usage across all users and helps prevent breaches and non-compliance.

This cloud-delivered security service uses machine learning to accurately identify and classify various IoT and operational technology (“OT”) devices, including never-been-seen-before devices, mission-critical OT devices, and unmanaged legacy systems.

We offer comprehensive DNS attack coverage and include industry-first protections against multiple emerging DNS-based network attacks, including real-time analysis of DNS response to prevent DNS hijacking. • IoT/OT Security. This cloud-delivered security service uses machine learning to accurately identify and classify various IoT and operational technology (“OT”) devices, including never-been-seen-before devices, mission-critical OT devices, and unmanaged legacy systems.

Our ML-Powered Next Generation Firewalls embed machine learning in the core of the firewall and employ inline deep learning in the cloud, empowering our customers to stop zero-day threats in real time, see and secure their entire enterprise including Internet of Things (“IoT”), and reduce errors with automatic policy recommendations.

Our hardware and software ML-Powered Next Generation Firewalls use AI—including machine learning and deep learning—to stop zero-day threats in real time, and detect and secure the entire enterprise including Internet of Things (“IoT”).

These include Cortex XSIAM ® , our AI-driven security operations platform, Cortex XDR ® for the prevention, detection, and response to complex cybersecurity attacks, Cortex XSOAR ® for security orchestration, automation, and response (“SOAR”), and Cortex Xpanse ® for ASM. These products are delivered as software as a service (“SaaS”) or software subscriptions.

These include Cortex XSIAM ® , for AI-powered security operations replacing traditional SIEM tools, Cortex XDR ® , for the prevention, detection, and response to complex cybersecurity attacks, Cortex XSOAR ® , for security orchestration, automation, and response (“SOAR”), and Cortex Xpanse ® , for ASM. • Cloud Security.

Our values of disruption, execution, collaboration, inclusion, and integrity were co-created with employees and serve as the foundation of our culture. Source & Hire.

Our values of disruption, execution, collaboration, inclusion and integrity were co-created with employees and serve as the foundation of our culture. These values are embedded in our talent acquisition, learning and enablement, engagement and performance elevation, rewards and recognition programs. Attract & Hire.

Security Operations: • We deliver the next generation of security operations capabilities that combine security analytics, endpoint security, automation, and attack surface management (“ASM”) solutions through our Cortex ® platform.

We deliver the next generation of security operations capabilities that unifies standalone Security Information and Event Management (“SIEM”) tools, endpoint security, security automation, cloud detection and response (“CDR”), as well as attack surface management (“ASM”) capabilities on our Cortex ® platform.

Prisma ® Access, our Security Services Edge (“SSE”) solution, when combined with Prisma SD-WAN, provides a comprehensive single-vendor SASE offering that is used to secure remote workforces and securely enable the cloud-delivered branch.

Prisma ® Access, when combined with Prisma SD-WAN, provides a comprehensive single-vendor SASE offering that is used to secure remote workforces and cloud-delivered branch offices. Prisma Access Browser further extends SASE security and data protection to the end user device, providing workers with freedom to access business applications securely using our secure browser from any device. • Next-Generation Firewalls .

We also listen to and address engagement through external sources such as Glassdoor, The Best Practice Institute, Comparably, and others. In addition, based on employee participation in an anonymous survey, the Best Practice Institute has certified Palo Alto Networks as “Top 100 Global Most Loved Workplaces” since 2021.

In addition, based on employee participation in an anonymous survey, the Best Practice Institute has certified Palo Alto Networks as one of the “Top 100 Global Most Loved Workplaces” since 2021. Palo Alto Networks has been recognized by Comparably for “Best Leadership Teams” and “Best Company Outlook”, in addition to other employer of choice awards.

Cortex XSIAM integrates these capabilities into a single, converged platform built for security operations, enabling organizations to simplify operations, stop threats at scale, and accelerate incident remediation. Cortex XSIAM automates data integration, analysis, and triage to respond to most alerts, enabling analysts to focus on only the incidents that require human intervention. • Cortex XDR.

Cortex XSIAM automates data integration, analysis, and triage to respond to most alerts, enabling analysts to focus on only the incidents that require human intervention. • Cortex XDR.

(“Wiz”), that offer a mix of security products; • startups and point-product vendors that offer independent or emerging solutions across various areas of security; and • public cloud vendors and startups that offer solutions for cloud security (private, public, and hybrid cloud). - 9 - Table of Contents As our market grows, it will attract more highly specialized vendors, as well as larger vendors that may continue to acquire or bundle their products more effectively.

Our education services include certifications, as well as free online technical courses and in-classroom training, which are primarily delivered through our authorized training partners. RESEARCH AND DEVELOPMENT Our research and development efforts are focused on developing new hardware and software and on enhancing and improving our existing product and subscription offerings.

Our education services include certifications, as well as free online technical courses and in-classroom training, which are primarily delivered through our authorized training partners. RESEARCH AND DEVELOPMENT Our research and development efforts are strategically centered on expanding our leadership within the enterprise security industry through AI-powered innovation.

Through these add-on security services, our customers are able to secure their content, applications, users, and devices across their entire organization. Strata Cloud Manager, our network security management solution, can centrally manage our network security platform irrespective of form factor, location, or scale.

Through these add-on services, our customers are able to secure their content, applications, users, and devices across their entire organization. • Prisma AIRS.

Unit 42 brings together world-renowned threat researchers, incident responders, and security consultants to create an intelligence-driven, response-ready organization that is passionate about helping clients proactively manage cyber risk. We help security leaders assess and test their security controls, transform their security strategy with a threat-informed approach, and respond to incidents rapidly.

Additionally, we provide expedited replacement for any defective hardware. We use a third-party logistics provider to manage our worldwide deployment of service-related spares. • Threat Intelligence, Incident Response and Security Consulting. Unit 42 brings together world-renowned threat researchers, incident responders, and security consultants to create an intelligence-driven, response-ready organization that is passionate about helping clients proactively manage cyber risk.

Our subscription offerings include: Cloud-delivered security services: • Advanced Threat Prevention. This cloud-delivered security service provides intrusion detection and prevention capabilities and blocks vulnerability exploits, viruses, spyware, buffer overflows, denial-of-service attacks, and port scans from compromising and damaging enterprise information resources.

This cloud-delivered security service provides intrusion detection and prevention capabilities and blocks vulnerability exploits, viruses, spyware, buffer overflows, denial-of-service attacks, and port scans from compromising and damaging enterprise information resources. In addition, we offer inline deep learning to deliver real-time detection and prevention of unknown, evasive, and targeted command-and-control (“C2”) communications over HTTP, unknown-TCP, unknown-UDP, and encrypted over SSL.

We also value our role as a trusted corporate citizen and in fiscal 2024 continued to execute our social impact programs. We made charitable grants through our donor-advised fund to support nonprofit organizations providing services in areas such as cybersecurity education and disaster relief.

As a company built on trust, continuing to be a leader in responsible business practices and social impact supports our corporate strategy. We made charitable grants through our donor-advised fund to support nonprofit organizations providing services in areas such as cybersecurity education and expanding pathways to cyber careers.

We share and gather information through corporate and functional “All Hands” meetings, digital displays across our sites, our intranet, regular email communications, an active Slack platform, and regular two-way dialogue—such as the small, in-person monthly listening sessions our CEO hosts. We also conduct ad-hoc pulse surveys and offer a peer-to-peer recognition platform.

These channels include company meetings, digital displays across our sites, our intranet, regular email communications, an active Slack platform, pulse surveys, a peer-to-peer recognition platform and regular two-way dialogue—such as small, in-person listening sessions hosted by our chief executive officer. Employee sentiment is also collected and measured from external sources, such as Glassdoor and Comparably.

The solution is easy to deploy being natively integrated on network security platform, eliminating the architectural complexity of traditional CASB products, while offering low total cost of ownership. It can be combined with SaaS Security API as a complete integrated CASB. • GlobalProtect. This subscription provides protection for users of both traditional laptop and mobile devices.

The solution can be combined with SaaS Security API as a complete integrated CASB. • GlobalProtect. This subscription provides protection for users of both traditional laptop and mobile devices. It expands the boundaries of the end-users’ physical network, effectively establishing a logical perimeter that encompasses remote laptop and mobile device users irrespective of their location.

We maintained our work to provide cybersecurity curriculum to schools, universities, and nonprofit organizations to help individuals of all ages protect their digital way of life and to prepare people for careers in cybersecurity. Employees continued to participate in our volunteering and giving programs to positively impact their local communities. Governance. Integrity is one of our core values.

We maintained our work to provide cybersecurity curriculum to schools, universities and nonprofit organizations to help prepare people for careers in cybersecurity. Operate with Integrity. Integrity is one of our core values. Employees, contractors and suppliers are informed about our governance expectations, including through our Codes of Conduct, compliance training programs and ongoing communications.

For fiscal 2024, 59.0% of our total revenue was derived from sales to four distributors. We also sell our VM-Series virtual firewalls directly to end-customers through Amazon’s AWS Marketplace, Microsoft’s Azure Marketplace, and Alphabet’s Google Cloud Marketplace under a usage-based licensing model. Sales.

For example, our VM-Series virtual firewalls are sold on Amazon’s AWS Marketplace, Microsoft’s Azure Marketplace, Alphabet’s Google Cloud Marketplace, and Oracle Corporation’s Oracle Cloud Marketplace either directly to end customers or as part of the respective cloud hosting service provider’s offerings under a usage-based licensing model. Sales.

We were also recognized by CDP (formerly Carbon Disclosure Project) as a “Climate Change A-List” company and a “Supplier Engagement Leader.” We report progress towards our goals in our annual ESG report. Social.

We continue to be recognized by CDP (formerly Carbon Disclosure Project) as a “Supplier Engagement Assessment A-list.” We report progress towards our goals in our annual Corporate Responsibility report. - 12 - Table of Contents Invest in People.

Our Global Customer Success organization is responsible for delivering professional, educational, and support services directly to our channel partners and end-customers. We leverage the capabilities of our channel partners and train them in the delivery of professional, educational, and support services to enable these services to be locally delivered.

Our Global Customer Success organization is responsible for delivering professional, educational, and support services directly to our end-customers and partners. We leverage a global network of certified partners to extend the reach and consistency of these services. We believe that a comprehensive suite of customer success offerings is critical to the successful deployment, adoption, and ongoing use of our products.

Secure Access Service Edge: • Prisma Access. Prisma Access is a cloud-delivered security offering that helps organizations deliver consistent security to remote networks and mobile users. Located in more than 100 locations around the world, Prisma Access consistently inspects all traffic across all ports and provides bidirectional networking to enable branch-to-branch and branch-to-headquarter traffic.

Products and Services NETWORK SECURITY Secure Access Service Edge • Prisma Access. Prisma Access is a cloud-delivered security offering that helps organizations deliver consistent AI-driven security to remote networks and mobile users.

Our appliances and software are designed for different performance requirements throughout an organization and are classified based on throughput, ranging from our PA-410, which is designed for small organizations and branch offices, to our top-of-the-line PA-7500 Series, which is designed for large-scale data centers and service providers.

Enterprise data, applications, users, and devices become integral components of an organization’s security policy. Our hardware and software are designed for different performance requirements throughout an organization—with the ability to secure everything from small businesses and branch offices, to large-scale data centers and service providers.

Our platformization strategy combines various products and services into a tightly integrated architecture and makes security faster, less complex, and more cost-effective.

Our platformization strategy combines various products and services into a tightly integrated architecture for more secure, faster, and cost-effective outcomes. Network Security Our network security platform is designed to deliver complete zero trust solutions to our customers. The platform includes: • Secure Access Service Edge (“SASE”).

GlobalProtect ensures that the same secure application enablement policies that protect users at the corporate site are enforced for all users, independent of their location. • Enterprise DLP. This cloud-delivered security service provides consistent, reliable protection of sensitive data, such as personally identifiable information and intellectual property, for all traffic types, applications, and users.

This cloud-delivered security service provides consistent and reliable protection of sensitive data, such as personally identifiable information and intellectual property, for all traffic types, applications, and users. Native integration with our products makes the service simple to deploy, while advanced machine learning minimizes management complexity.

The majority of our product revenue comes from orders that are received and shipped in the same quarter. However, insufficient supply and inventory may delay our hardware product shipments. As such, we do not believe that our product backlog at any particular time is necessarily indicative of our future operating results. Seasonality.

As such, we do not believe that backlog at any particular time is necessarily indicative of our future operating results. Seasonality. Our business is affected by seasonal fluctuations in customer spending patterns.

We test our products thoroughly to certify and ensure interoperability with third-party hardware and software products. We believe that innovation and timely development of new features and products is essential to meeting the needs of our end-customers and improving our competitive position.

We believe that innovation and timely development of new features and products is essential to meeting the needs of our end-customers and improving our competitive position. During fiscal 2025, we introduced several new offerings, including: Prisma Access Browser, new capabilities in our OT Security solution, Cortex Cloud, Prisma AIRS, and Cortex XSIAM 3.0.

Finally, compliance teams use Cortex Xpanse to improve their audit processes and stay in compliance by assessing their access controls against regulatory frameworks. - 8 - Table of Contents SUPPORT Customer Support. Global customer support helps our customers achieve their security outcomes with services and support capabilities covering the customer's entire journey with Palo Alto Networks.

Existing customers can continue leveraging Prisma Cloud as they upgrade to Cortex Cloud for significantly better, faster and more effective multi-cloud protection. - 7 - Table of Contents THREAT INTELLIGENCE AND ADVISORY SERVICES • Customer Support. Global customer support helps our customers achieve their security outcomes with services and support capabilities covering the customer's entire journey with Palo Alto Networks.

We believe that hardware and software are both critical to expanding our leadership in the enterprise security industry. Our engineering team has deep networking security, cloud security, endpoint security, security operations, and incident response expertise as well as expertise in AI and machine learning capabilities that are applied across these areas.

We focus on enhancing our integrated platforms and developing new software and hardware capabilities. Our engineering teams apply deep expertise in AI and machine learning across networking security, cloud security, endpoint security, and security operations to address the rapidly evolving threat landscape.

We utilize structured interviewing practices, thorough job analyses, and success profiles to identify high-quality candidates and staff critical roles. Our Global Hiring Committee, introduced in fiscal 2023, plays a key role in maintaining our hiring standards, which help drive objectivity.

At Palo Alto Networks, we source talent with the necessary skills and capabilities to contribute to our culture and mission. We utilize structured interviewing practices, thorough job analyses and success profiles to identify high-quality candidates and staff critical roles.

Orders for subscription and support offerings for multiple years are generally billed upfront upon fulfillment and are included in deferred revenue. Contract amounts that are not recorded in deferred revenue or revenue are considered backlog.

Contract amounts that are not recorded in deferred revenue or revenue are considered backlog. Orders billed prior to revenue recognition are included in deferred revenue. We expect backlog will change from period to period for various reasons, including the timing of billing and fulfillment, such as inventory shortages.

It delivers real-time detection and prevention of unknown, evasive, and targeted web-based threats, such as phishing, malware, and C2. While many vendors use machine learning to categorize web content or prevent malware downloads, Advanced URL Filtering is the industry’s first inline web protection engine capable of detecting never-before-seen web-based threats and preventing them in real-time.

This cloud-delivered security service offers the industry’s first Inline Deep Learning powered web protection engine. We deliver real-time detection and prevention of unknown, evasive, and targeted web-based threats, such as phishing.

Threat Intelligence and Advisory Services (Unit 42): • Unit 42 ® brings together world-renowned threat researchers with an elite team of incident responders and security consultants to create an intelligence-driven, response-ready organization to help customers manage cyber risk.

We also offer our VM-Series and CN-Series virtual firewalls for inline network security on multi- and hybrid-cloud environments. - 4 - Table of Contents Threat Intelligence and Advisory Services • Unit 42 ® brings together world-renowned expertise across threat research, incident response, and security consulting to deliver intelligence-driven, response-ready outcomes that help customers reduce cyber risk.

Our marketing is focused on building our brand reputation and the market awareness of our portfolio and driving pipeline and end-customer demand. Our marketing team consists primarily of product marketing, brand, demand generation, field marketing, digital marketing, communications, analyst relations, and marketing analytics functions.

To support this, we have invested in hiring and developing technical experts with deep domain knowledge and proven experience across our portfolio. - 10 - Table of Contents Marketing. Our marketing is focused on building our brand reputation and the market awareness of our portfolio and driving pipeline and end-customer demand.

All of our hardware and software firewalls incorporate our PAN-OS ® operating system and come with the same rich set of features, ensuring consistent operation across our entire product line. The content, applications, users, and devices—the elements that run a business—become integral components of an enterprise’s security policy via our Content-ID™, App-ID™, User-ID™, and Device-ID technologies.

All of our hardware and software firewalls incorporate the PAN-OS ® operating system and include the same rich set of features, ensuring consistent operation across our entire product line. This includes SD-WAN capabilities to intelligently steer traffic to data centers, branches, and the cloud, natively integrated into our Next-Generation Firewalls.

Strata Cloud Manager includes the Strata Copilot which provides a natural language interface to simplify and accelerate platform management. Cloud Security: • We deliver scalable and comprehensive security across the cloud application development lifecycle through our Code to Cloud TM platform, Prisma Cloud.

We deliver comprehensive security across the cloud application development lifecycle through Cortex Cloud, delivered as a scalable SaaS offering.

Our scale and position in multiple areas of the security market enable us to leverage core competencies across hardware, software, and SaaS and also share expertise and research around threats, which allows us to respond to the rapidly changing threat landscape. We supplement our own research and development efforts with technologies and products that we license from third parties.

This approach enables us to leverage core competencies across hardware and software for agile responsiveness and to ensure interoperability with third-party technologies. We supplement our own research with technologies and products licensed from third parties.

Removed

We focus on delivering value in four sectors of the cybersecurity industry: Network Security: • Our network security platform, designed to deliver complete zero trust solutions to our customers, includes our hardware and software ML-Powered Next-Generation Firewalls, AI Runtime Security, as well as a cloud-delivered Secure Access Service Edge (“SASE”).

… 110 more changes not shown on this page.

Item 1A. Risk Factors

Risk Factors — what could go wrong, per management

125 edited+43 added−24 removed205 unchanged

2024 filing

2025 filing

Biggest changeWe may not complete our analysis of our internal control over financial reporting in a timely manner, or our internal control may not be determined to be effective, which may adversely affect investor confidence in our company and, as a result, the value of our common stock. • Our reputation and/or business could be negatively impacted by ESG matters and/or our reporting of such matters. • Failure to comply with governmental laws and regulations could harm our business. • We may not have the ability to raise the funds necessary to settle conversions of our Notes, repurchase our Notes upon a fundamental change, or repay our Notes in cash at their maturity, and our future debt may contain limitations on our ability to pay cash upon conversion or repurchase of our Notes. • We may still incur substantially more debt or take other actions that would diminish our ability to make payments on our Notes when due. • The market price of our common stock historically has been volatile, and the value of an investment in our common stock could decline. • The convertible note hedge and warrant transactions may affect the value of our common stock. • The issuance of additional stock in connection with financings, acquisitions, investments, our stock incentive plans, the conversion of our Notes or exercise of the related Warrants, or otherwise will dilute stock held by all other stockholders. • We cannot guarantee that our share repurchase program will be fully consummated or that it will enhance shareholder value, and share repurchases could affect the price of our common stock. • We do not intend to pay dividends for the foreseeable future. • Our charter documents and Delaware law, as well as certain provisions contained in the indentures governing our Notes, could discourage takeover attempts and lead to management entrenchment, which could also reduce the market price of our common stock. • Our business is subject to the risks of earthquakes, fire, power outages, floods, health risks, and other catastrophic events, and to interruption by man-made problems, such as terrorism. - 16 - Table of Contents Risks Related to Global Economic and Geopolitical Conditions Our operating results may be adversely affected by unfavorable economic and market conditions and the uncertain geopolitical environment.

Biggest changeWe may not complete our analysis of our internal control over financial reporting in a timely manner, or our internal control may not be determined to be effective, which may adversely affect investor confidence in our company and, as a result, the value of our common stock. • Our reputation and/or business could be negatively impacted by corporate responsibility matters and/or our reporting of such matters. • Failure to comply with governmental laws and regulations could harm our business. • The market price of our common stock historically has been volatile, and the value of an investment in our common stock could decline. • The warrant transactions may affect the value of our common stock. • The issuance of additional stock in connection with financings, acquisitions, investments, our stock incentive plans, exercise of the 2025 Warrants, or otherwise will dilute stock held by all other stockholders. • We cannot guarantee that our share repurchase program will be fully consummated or that it will enhance shareholder value, and share repurchases could affect the price of our common stock. • We do not intend to pay dividends for the foreseeable future. • Our charter documents and Delaware law could discourage takeover attempts and lead to management entrenchment, which could also reduce the market price of our common stock. • Our business is subject to the risks of earthquakes, fire, power outages, floods, health risks, and other catastrophic events, and to interruption by man-made problems, such as terrorism. • Our failure to raise additional capital or generate the significant capital necessary to expand our operations and invest in new products and subscriptions could reduce our ability to compete and could harm our business. - 15 - Table of Contents Risks Related to Global Economic and Geopolitical Conditions Our operating results may be adversely affected by unfavorable economic and market conditions and the uncertain geopolitical environment.

We may not successfully evaluate or utilize the acquired technology, products, or personnel, realize anticipated synergies from the acquisition, or accurately forecast the financial impact of an acquisition transaction and integration of such acquisition, including accounting charges and any potential impairment of goodwill and intangible assets recognized in connection with such acquisitions.

We may not successfully evaluate or utilize any acquired technology, products, or personnel, realize anticipated synergies from an acquisition, or accurately forecast the financial impact of an acquisition transaction and integration of such acquisition, including accounting charges and any potential impairment of goodwill and intangible assets recognized in connection with such acquisitions.

In addition, increased international sales in the future, including through our channel partners and other partnerships or as a result of our acquisitions, may result in foreign currency denominated sales, increasing our foreign currency risk.

In addition, increased international sales in the future, including through our channel partners and other partnerships or as a result of our acquisitions, may result in increased foreign currency denominated sales, increasing our foreign currency risk.

If we were to fail to comply with U.S. export licensing requirements, U.S. customs regulations, U.S. economic sanctions, or other laws, we could be subject to substantial civil and criminal penalties, including fines, incarceration for responsible employees and managers, and the possible loss of export or import privileges.

If we were to fail to comply with U.S. export licensing requirements, U.S. customs regulations, U.S. economic sanctions, or other laws or regulations, we could be subject to substantial civil and criminal penalties, including fines, incarceration for responsible employees and managers, and the possible loss of export or import privileges.

Deployments for large enterprise end-customers are also more complex, require greater product functionality, scalability, and a broader range of services, and are more time-consuming. All of these factors add further risk to business conducted with these end-customers. Failure to realize sales from large enterprise end-customers could materially and adversely affect our business, operating results, and financial condition.

Deployments for large enterprise end-customers are also more complex, require greater product functionality, scalability, and a broader range of services, and are more time-consuming and resource-consuming. All of these factors add further risk to business conducted with these end-customers. Failure to realize sales from large enterprise end-customers could materially and adversely affect our business, operating results, and financial condition.

Competition for highly skilled personnel, particularly in engineering, including in the areas of AI and machine learning, is often intense, especially in the San Francisco Bay Area, where we have a substantial presence and need for such personnel. In addition, the industry in which we operate generally experiences high employee attrition.

Competition for highly skilled personnel, particularly in engineering, including in the areas of AI and machine learning, is intense, especially in the San Francisco Bay Area, where we have a substantial presence and need for such personnel. In addition, the industry in which we operate generally experiences high employee attrition.

Any integration process may require significant time and resources, which may disrupt our ongoing business and divert management’s attention, and we may not be able to manage the integration process successfully or in a timely manner. We may have difficulty retaining key personnel of the acquired business.

Significant changes to existing international trade agreements could lead to sourcing or logistics disruption resulting from import delays or the imposition of increased tariffs on our sourcing partners. For example, the United States and Chinese governments have each enacted, and discussed additional, import tariffs.

Significant changes to existing international trade agreements, tariffs, or trade regulations could lead to sourcing or logistics disruption resulting from import delays or the imposition of increased tariffs on our sourcing partners. For example, the United States and Chinese governments have each enacted, and discussed additional, import tariffs.

As we grow and change, we may find it difficult to maintain these important aspects of our corporate culture. While we are taking steps to develop a more inclusive and diverse workforce, there is no guarantee that we will be able to do so.

As we grow and change, we may find it difficult to maintain these important aspects of our corporate culture. While we are taking steps to develop a more inclusive workforce, there is no guarantee that we will be able to do so.

If our efforts to sell additional products and subscriptions to our end-customers are not successful, our revenues may grow more slowly than expected or decline. - 18 - Table of Contents Sales to large enterprise end-customers, which is part of our growth strategy, involve risks that may not be present, or that are present to a lesser extent, with sales to smaller entities, such as (a) longer sales cycles and the associated risk that substantial time and resources may be spent on a potential end-customer that elects not to purchase our products, subscriptions, and support, and (b) increased purchasing power and leverage held by large end-customers in negotiating contractual arrangements.

If our efforts to sell additional products and subscriptions to our end-customers are not successful, our revenues may grow more slowly than expected or decline. - 17 - Table of Contents Sales to large enterprise end-customers, which is part of our growth strategy, involve risks that may not be present, or that are present to a lesser extent, with sales to smaller entities, such as (a) longer sales cycles and the associated risk that substantial time and resources may be spent on a potential end-customer that elects not to purchase our products, subscriptions, and support, and (b) increased purchasing power and leverage held by large end-customers in negotiating contractual arrangements.

The 2025 Warrants could separately have a dilutive effect to the extent that the market price per share of our common stock exceeds the applicable strike price of the 2025 Warrants unless, subject to certain conditions, we elect to cash settle such 2025 Warrants.

The 2025 Warrants could have a dilutive effect to the extent that the market price per share of our common stock exceeds the applicable strike price of the 2025 Warrants unless, subject to certain conditions, we elect to cash settle such 2025 Warrants.

Additionally, the U.S. government may require certain of the products that it purchases to be manufactured in the United States and other relatively high-cost manufacturing locations, and we may not manufacture all products in locations that meet such requirements, affecting our ability to sell these products, subscriptions, and support offerings to the U.S. government. - 20 - Table of Contents We face intense competition in our market and we may lack sufficient financial or other resources to maintain or improve our competitive position.

Additionally, the U.S. government may require certain of the products that it purchases to be manufactured in the United States or other relatively high-cost manufacturing locations, and we may not manufacture all products in locations that meet such requirements, affecting our ability to sell these products, subscriptions, and support offerings to the U.S. government. - 19 - Table of Contents We face intense competition in our market and we may lack sufficient financial or other resources to maintain or improve our competitive position.

Each of these laws and regulations, and any changes to these laws and regulations, or new laws and regulations, could impose significant limitations, or require changes to our business model or practices or growth strategy, which may increase our compliance expenses and make our business more costly or less efficient to conduct. - 31 - Table of Contents Tax, Accounting, Compliance, and Regulatory Risks We may have exposure to tax liabilities that are greater than anticipated.

Each of these laws and regulations, and any changes to these laws and regulations, or new laws and regulations, could impose significant limitations, or require changes to our business model or practices or growth strategy, which may increase our compliance expenses and make our business more costly or less efficient to conduct. - 32 - Table of Contents Tax, Accounting, Compliance, and Regulatory Risks We may have exposure to tax liabilities that are greater than anticipated.

We cannot predict the full impact of these conditions on us in the future, particularly if emergency circumstances or an escalation in the political situation occurs.

We cannot predict the full impact of these conditions on us in the future, particularly if emergency circumstances or an escalation in the political situation or hostilities occurs.

If we are unable to maintain consistent or increasing revenue or revenue growth, the market price of our common stock could be volatile, and it may be difficult for us to maintain profitability or maintain or increase cash flow on a consistent basis. - 17 - Table of Contents In addition, we have incurred losses in fiscal years prior to fiscal 2023.

If we are unable to maintain consistent or increasing revenue or revenue growth, the market price of our common stock could be volatile, and it may be difficult for us to maintain profitability or maintain or increase cash flow on a consistent basis. - 16 - Table of Contents In addition, we have incurred losses in fiscal years prior to fiscal 2023.

The CCPA requires, among other things, covered companies to provide enhanced disclosures to California consumers and to afford such consumers certain rights regarding their personal data, including the right to opt out of data sales for targeted advertising, and creates a private right of action to individuals affected by a data breach, if the breach was caused by a lack of reasonable security.

The CCPA requires, among other things, covered businesses to provide enhanced disclosures to California consumers and to afford such consumers certain rights regarding their personal data, including the right to opt out of data sales for targeted advertising, and creates a private right of action to individuals affected by a data breach, if the breach was caused by a lack of reasonable security.

We are engaging in costly marketing and sales efforts to accelerate platformization and attract new customers, which may fail or may not be as successful as intended or at all. Additionally, prospective customers’ decisions to purchase our solutions depend on a variety of factors, many of which are out of our control.

We are engaging in costly marketing and sales efforts to accelerate our strategies, including platformization, and attract new customers, which may fail or may not be as successful as intended or at all. Additionally, prospective customers’ decisions to purchase our solutions depend on a variety of factors, many of which are out of our control.

If our products and subscriptions are late in achieving or fail to achieve compliance with these certifications and standards, or our competitors achieve compliance with these certifications and standards, we may be disqualified from selling our products, subscriptions, and support offerings to such governmental entity, or be at a competitive disadvantage, which would harm our business, operating results, and financial condition.

If our products and subscriptions are late in achieving or fail to achieve compliance with these certifications and standards or technical requirements, or our competitors achieve compliance with these certifications and standards or technical requirements, we may be disqualified from selling our products, subscriptions, and support offerings to such governmental entity, or be at a competitive disadvantage, which would harm our business, operating results, and financial condition.

The occurrence of any such problem in our products and subscriptions, whether real or perceived, could result in: • expenditure of significant financial and product development resources in efforts to analyze, correct, eliminate, or work-around errors or defects or to address and eliminate vulnerabilities; • loss of existing or potential end-customers or channel partners; • delayed or lost revenue; • delay or failure to attain market acceptance; • an increase in warranty claims compared with our historical experience, or an increased cost of servicing warranty claims, either of which would adversely affect our gross margins; and • litigation, regulatory inquiries, investigations, or other proceedings, each of which may be costly and harm our reputation.

The occurrence of any such problem in our products and subscriptions, or migrations or updates to those products or software, whether real or perceived, could result in: • expenditure of significant financial and product development resources in efforts to analyze, correct, eliminate, or work-around errors or defects or to address and eliminate vulnerabilities; • loss of existing or potential end-customers or channel partners; • delayed or lost revenue; • delay or failure to attain market acceptance; • an increase in warranty claims compared with our historical experience, or an increased cost of servicing warranty claims, either of which would adversely affect our gross margins; and • litigation, regulatory inquiries, investigations, or other proceedings, each of which may be costly and harm our reputation.

These risks include, but are not limited to, the following: • Our operating results may be adversely affected by unfavorable economic and market conditions and the uncertain geopolitical environment. • Our business and operations have experienced growth in recent periods, and if we do not effectively manage any future growth or are unable to improve our systems, processes, and controls, our operating results could be adversely affected. • Our revenue growth rate in recent periods may not be indicative of our future performance, and we may not be able to maintain profitability, which could cause our business, financial condition, and operating results to suffer. • Our operating results may vary significantly from period to period, which makes our results difficult to predict and could cause our results to fall short of expectations, and such results may not be indicative of future performance. • Seasonality may cause fluctuations in our revenue. • If we are unable to sell new and additional product, subscription, and support offerings to our end-customers, especially to large enterprise customers, our future revenue and operating results will be harmed. • If we are unable to attract new customers, our future results of operations could be harmed. • We rely on revenue from subscription and support offerings, and because we recognize revenue from subscription and support over the term of the relevant service period, downturns or upturns in sales or renewals of these subscription and support offerings are not immediately reflected in full in our operating results. • The sales prices of our products, subscriptions, and support offerings may decrease, which may reduce our revenue and gross profits and adversely impact our financial results. • We rely on our channel partners to sell substantially all of our products, including subscriptions and support, and if these channel partners fail to perform, our ability to sell and distribute our products and subscriptions will be limited and our operating results will be harmed. • We are exposed to the credit and liquidity risk of our customers, and to credit exposure in weakened markets, which could result in material losses. • A portion of our revenue is generated by sales to government entities, which are subject to a number of challenges and risks. • We face intense competition in our market and we may lack sufficient financial or other resources to maintain or improve our competitive position. • We may acquire other businesses, which could subject us to adverse claims or liabilities, require significant management attention, disrupt our business, adversely affect our operating results, may not result in the expected benefits of such acquisitions, and may dilute stockholder value. • If we do not accurately predict, prepare for, and respond promptly to rapidly evolving technological and market developments and successfully manage product and subscription introductions and transitions to meet changing end-customer needs in the enterprise security industry, our competitive position and prospects will be harmed. • Issues in the development and deployment of AI may result in reputational harm and legal liability and could adversely affect our results of operations. • A network or data security incident may allow unauthorized access to our network or data, harm our reputation, create additional liability, and adversely impact our financial results. • Defects, errors, or vulnerabilities in our products, subscriptions, or support offerings, the failure of our products or subscriptions to block a virus or prevent a security breach or incident, misuse of our products, or risks of product liability claims could harm our reputation and adversely impact our operating results. • Our ability to sell our products and subscriptions is dependent on the quality of our technical support services and those of our channel partners, and the failure to offer high-quality technical support services could have a material adverse effect on our end-customers’ satisfaction with our products and subscriptions, our sales, and our operating results. - 15 - Table of Contents • Claims by others that we infringe their intellectual property rights could harm our business. • Our proprietary rights may be difficult to enforce or protect, which could enable others to copy or use aspects of our products or subscriptions without compensating us. • Our use of open source software in our products and subscriptions could negatively affect our ability to sell our products and subscriptions and subject us to possible litigation. • We license technology from third parties, and our inability to maintain those licenses could harm our business. • Because we depend on manufacturing partners to build and ship our hardware products, we are susceptible to manufacturing and logistics delays and pricing fluctuations that could prevent us from shipping customer orders on time, if at all, or on a cost-effective basis, which may result in the loss of sales and end-customers. • Managing the supply of our hardware products and product components is complex.

These risks include, but are not limited to, the following: • Our operating results may be adversely affected by unfavorable economic and market conditions and the uncertain geopolitical environment. • Our business and operations have experienced growth in recent periods, and if we do not effectively manage any future growth or are unable to improve our systems, processes, and controls, our operating results could be adversely affected. • Our revenue growth rate in recent periods may not be indicative of our future performance, and we may not be able to maintain profitability, which could cause our business, financial condition, and operating results to suffer. • Our operating results may vary significantly from period to period, which makes our results difficult to predict and could cause our results to fall short of expectations, and such results may not be indicative of future performance. • Seasonality may cause fluctuations in our revenue. • If we are unable to sell new and additional product, subscription, and support offerings to our end-customers, especially to large enterprise customers, our future revenue and operating results will be harmed. • If we are unable to attract new customers, our future results of operations could be harmed. • We rely on revenue from subscription and support offerings, and because we recognize revenue from subscription and support over the term of the relevant service period, downturns or upturns in sales or renewals of these subscription and support offerings are not immediately reflected in full in our operating results. • The sales prices of our products, subscriptions, and support offerings may decrease, which may reduce our revenue and gross profits and adversely impact our financial results. • We rely on our channel partners to sell substantially all of our products, including subscriptions and support, and if these channel partners fail to perform, our ability to sell and distribute our products and subscriptions will be limited and our operating results will be harmed. • We are exposed to the credit and liquidity risk of our customers, and to credit exposure in weakened markets, which could result in material losses. • A portion of our revenue is generated by sales to government entities, which are subject to a number of challenges and risks. • We face intense competition in our market and we may lack sufficient financial or other resources to maintain or improve our competitive position. • We have and may in the future acquire other businesses (including CyberArk), which could subject us to adverse claims or liabilities, require significant management attention, disrupt our business, adversely affect our operating results, may not result in the expected benefits of such acquisitions, and may dilute stockholder value. • We may not complete the acquisition of CyberArk within the timeframe we anticipate or at all, which could negatively impact our future business and financial results. • As a result of the CyberArk acquisition, we anticipate that the scope and size of our business will substantially change and result in certain incremental risks, including increased competition. • If we do not accurately predict, prepare for, and respond promptly to rapidly evolving technological and market developments and successfully manage product and subscription introductions and transitions to meet changing end-customer needs in the enterprise security industry, our competitive position and prospects will be harmed. • Issues in the development and deployment of AI may result in reputational harm and legal liability and could adversely affect our results of operations. • A network or data security incident may allow unauthorized access to our network or data, harm our reputation, create additional liability, and adversely impact our financial results. • Defects, errors, or vulnerabilities in our products, subscriptions, or support offerings, the failure of our products or subscriptions to block a virus or prevent a security breach or incident, misuse of our products, or risks of product liability claims could harm our reputation and adversely impact our operating results. - 14 - Table of Contents • Our ability to sell our products and subscriptions is dependent on the quality of our technical support services and those of our channel partners, and the failure to offer high-quality technical support services could have a material adverse effect on our end-customers’ satisfaction with our products and subscriptions, our sales, and our operating results. • Claims by others that we infringe their intellectual property rights could harm our business. • Our proprietary rights may be difficult to enforce or protect, which could enable others to copy or use aspects of our products or subscriptions without compensating us. • Our use of open source software in our products and subscriptions could negatively affect our ability to sell our products and subscriptions and subject us to possible litigation. • We license technology from third parties, and our inability to maintain those licenses could harm our business. • Because we depend on manufacturing partners to build and ship our hardware products, we are susceptible to manufacturing and logistics delays and pricing fluctuations that could prevent us from shipping customer orders on time, if at all, or on a cost-effective basis, which may result in the loss of sales and end-customers. • Managing the supply of our hardware products and product components is complex.

If, in the future, our chief executive officer, chief financial officer, or independent registered public accounting firm determines that our internal control over financial reporting is not effective as defined under Section 404, we could be subject to one or more investigations or enforcement actions by state or federal regulatory agencies, stockholder lawsuits, or other adverse actions requiring us to incur defense costs, pay fines, settlements, or judgments, causing investor perceptions to be adversely affected and potentially resulting in a decline in the market price of our stock. - 32 - Table of Contents Our reputation and/or business could be negatively impacted by ESG matters and/or our reporting of such matters.

If, in the future, our chief executive officer, chief financial officer, or independent registered public accounting firm determines that our internal control over financial reporting is not effective as defined under Section 404, we could be subject to one or more investigations or enforcement actions by state or federal regulatory agencies, stockholder lawsuits, or other adverse actions requiring us to incur defense costs, pay fines, settlements, or judgments, causing investor perceptions to be adversely affected and potentially resulting in a decline in the market price of our stock. - 33 - Table of Contents Our reputation and/or business could be negatively impacted by corporate responsibility matters and/or our reporting of such matters.

Any production interruptions for any reason, such as a natural disaster, epidemic or pandemic, capacity shortages, or quality problems at one of our manufacturing partners would negatively affect sales of our product lines manufactured by that manufacturing partner and adversely affect our business and operating results. - 27 - Table of Contents Managing the supply of our hardware products and product components is complex.

Any production interruptions for any reason, such as a natural disaster, epidemic or pandemic, capacity shortages, or quality problems at one of our manufacturing partners would negatively affect sales of our product lines manufactured by that manufacturing partner and adversely affect our business and operating results. Managing the supply of our hardware products and product components is complex.

Additionally, our international sales and operations are subject to a number of risks, including the following: • political, economic, and social uncertainty around the world, health risks such as epidemics and pandemics like COVID-19, macroeconomic challenges, terrorist activities, Russia’s invasion of Ukraine, tensions between China and Taiwan, the hostilities in Israel and the surrounding region, and continued hostilities in the Middle East; • unexpected changes in, or the application of, foreign and domestic laws and regulations (including intellectual property rights protections), regulatory practices, trade restrictions, and foreign legal requirements, including those applicable to the importation, certification, and localization of our products, tariffs, and tax laws and treaties, including regulatory and trade policy changes adopted by the current administration, such as the Sanctions on Russia, or foreign countries in response to regulatory changes adopted by the current administration; and • non-compliance with U.S. and foreign laws, including antitrust regulations, anti-corruption laws, such as the U.S.

Additionally, our international sales and operations are subject to a number of risks, including the following: • political, economic, and social uncertainty around the world, health risks such as epidemics and pandemics like COVID-19, macroeconomic challenges, terrorist activities, the Russia-Ukraine war, tensions between China and Taiwan, the hostilities in Israel and the surrounding region, and continued hostilities in the Middle East; • unexpected changes in, or the application of, foreign and domestic laws and regulations (including intellectual property rights protections), regulatory practices or enforcement policies, trade restrictions, international trade agreements, and foreign legal requirements, including those applicable to the importation, certification, and localization of our products, tariffs, and tax laws and treaties, including regulatory and trade policy changes adopted by the current administration, such as the Sanctions on Russia, or foreign countries in response to regulatory changes adopted by the current administration; and • non-compliance with U.S. and foreign laws, including antitrust regulations, anti-corruption laws, such as the U.S.

In order to reduce manufacturing lead times and plan for adequate component supply, from time to time we may issue forecasts for components and products that are non-cancelable and non-returnable. Our inventory management systems and related supply chain visibility tools may be inadequate to enable us to forecast accurately and effectively manage supply of our hardware products and product components.

In order to reduce manufacturing lead times and plan for adequate component supply, from time to time we may issue forecasts for components and products that are non-cancelable and non-returnable. - 28 - Table of Contents Our inventory management systems and related supply chain visibility tools may be inadequate to enable us to forecast accurately and effectively manage supply of our hardware products and product components.

Insufficient supply and inventory would result in lost sales opportunities or delayed revenue, while excess inventory would harm our gross margins. • Because some of the key components in our hardware products come from limited sources of supply, we are susceptible to supply shortages or supply changes, which, in certain cases, have disrupted or delayed our scheduled product deliveries to our end-customers, increased our costs and may result in the loss of sales and end-customers. • If we are unable to attract, retain, and motivate our key technical, sales, and management personnel, our business could suffer. • We generate a significant amount of revenue from sales to distributors, resellers, and end-customers outside of the United States, and we are therefore subject to a number of risks associated with international sales and operations. • We are exposed to fluctuations in foreign currency exchange rates, which could negatively affect our financial condition and operating results. • We face risks associated with having operations and employees located in Israel. • We are subject to governmental export and import controls that could subject us to liability or impair our ability to compete in international markets. • We may incur increased costs to comply with privacy and data protection laws and, if we fail to comply, we could be subject to government enforcement actions, private litigation and adverse publicity. • We may have exposure to tax liabilities that are greater than anticipated. • If our estimates or judgments relating to our critical accounting policies are based on assumptions that change or prove to be incorrect, our operating results could fall below our publicly announced guidance or the expectations of securities analysts and investors, resulting in a decline in the market price of our common stock. • We are obligated to maintain proper and effective internal control over financial reporting.

Insufficient supply and inventory would result in lost sales opportunities or delayed revenue, while excess inventory would harm our gross margins. • Our hardware products contain key components from limited sources of supply, including outside the United States, and we are susceptible to supply shortages, supply changes, and international regulations, which, in certain cases, have disrupted or delayed our scheduled product deliveries to our end-customers, increased our costs and may result in the loss of sales and end-customers. • If we are unable to attract, retain, and motivate our key technical, sales, and management personnel, our business could suffer. • We generate a significant amount of revenue from sales to distributors, resellers, and end-customers outside of the United States, and we are therefore subject to a number of risks associated with international sales and operations. • We are exposed to fluctuations in foreign currency exchange rates, which could negatively affect our financial condition and operating results. • We face risks associated with having operations and employees located in Israel. • We are subject to international trade regulations and governmental export and import controls that could subject us to liability or impair our ability to compete in international markets. • We may incur increased costs to comply with privacy and data protection laws and, if we fail to comply, we could be subject to government enforcement actions, private litigation and adverse publicity. • We may have exposure to tax liabilities that are greater than anticipated. • If our estimates or judgments, including those relating to our critical accounting policies, are based on assumptions that change or prove to be incorrect, our operating results differ from our publicly announced guidance or the expectations of securities analysts and investors, resulting in a decline in the market price of our common stock. • We are obligated to maintain proper and effective internal control over financial reporting.

Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources. These competitive pressures in our market or our failure to compete effectively may result in price reductions, fewer orders, reduced revenue and gross margins, and loss of market share.

Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources or product or service offerings. These competitive pressures in our market or our failure to compete effectively may result in price reductions, fewer orders, reduced revenue and gross margins, and loss of market share.

Any of these provisions could, under certain circumstances, depress the market price of our common stock. General Risk Factors Our business is subject to the risks of earthquakes, fire, power outages, floods, health risks, and other catastrophic events, and to interruption by man-made problems, such as terrorism.

Any of these provisions could, under certain circumstances, depress the market price of our common stock. - 36 - Table of Contents General Risk Factors Our business is subject to the risks of earthquakes, fire, power outages, floods, health risks, and other catastrophic events, and to interruption by man-made problems, such as terrorism.

In addition, we are or may become subject to various new and proposed climate-related and other sustainability-related laws and regulations, including, for example, the E.U.’s Corporate Sustainability Reporting Directive.

In addition, we are or may become subject to various new and proposed sustainability-related laws and regulations, including, for example, the E.U.’s Corporate Sustainability Reporting Directive.

Government certification requirements for products and subscriptions like ours may change, thereby restricting our ability to sell into the federal government sector until we have attained the revised certification.

Government certification or technical requirements for products and subscriptions like ours may change, thereby restricting our ability to sell into the federal government sector until we have attained the revised certification or technical requirements.

As a result, we may not be able to obtain adequate patent protection or effectively enforce any issued patents. Despite our efforts to protect our proprietary rights, unauthorized parties may attempt to copy aspects of our products or subscriptions or obtain and use information that we regard as proprietary.

As a result, we may not be able to obtain adequate patent protection or effectively enforce any issued patents. - 26 - Table of Contents Despite our efforts to protect our proprietary rights, unauthorized parties may attempt to copy aspects of our products or subscriptions or obtain and use information that we regard as proprietary.

Additional examples of patent infringement cases have been disclosed in Note 12. Commitments and Contingencies in Part II, Item 8 of this Annual Report on Form 10-K.

Additional examples of patent infringement cases have been disclosed in Note 13. Commitments and Contingencies in Part II, Item 8 of this Annual Report on Form 10-K.

Additionally, defects or vulnerabilities may cause our products or subscriptions to become temporarily unavailable, to be vulnerable to security attacks, cause them to fail to help secure networks, or temporarily interrupt end-customers’ networking traffic, or the availability of other information technology infrastructure or systems.

Additionally, defects or vulnerabilities may cause our products or subscriptions to become partially or fully unavailable temporarily or permanently, to be vulnerable to security attacks, cause them to fail to help secure networks, or interrupt end-customers’ networking traffic, or the availability of other information technology infrastructure or systems.

Conditions in our market could change rapidly and significantly as a result of technological advancements, partnering or acquisitions by our competitors, or continuing market consolidation.

Conditions in our market could change rapidly and significantly as a result of technological advancements, partnering, acquisitions or strategic investments by our competitors, or continuing market consolidation.

For more information, refer to the section entitled “Critical Accounting Estimates” in “Management’s Discussion and Analysis of Financial Condition and Results of Operations” in Part II, Item 7 of this Annual Report on Form 10-K.

For more information relating to critical accounting policies, refer to the section entitled “Critical Accounting Estimates” in “Management’s Discussion and Analysis of Financial Condition and Results of Operations” in Part II, Item 7 of this Annual Report on Form 10-K.

We are subject to governmental export and import controls that could subject us to liability or impair our ability to compete in international markets.

We are subject to international trade regulations and governmental export and import controls that could subject us to liability or impair our ability to compete in international markets.

The instability in the global credit markets, inflation, changes in public policies such as domestic and international regulations, taxes, any increases in interest rates, fluctuations in foreign currency exchange rates, or international trade agreements, international trade disputes, geopolitical turmoil, and other disruptions to global and regional economies and markets continue to add uncertainty to global economic conditions.

The instability in the global credit markets, inflation, changes in public policies such as domestic and international legislation or regulations, changes in enforcement and administration policies, taxes, any increases in interest rates, fluctuations in foreign currency exchange rates, or international trade agreements, international trade disputes, trade regulations, tariffs and changes in tariffs, geopolitical turmoil, and other disruptions to global and regional economies and markets continue to add uncertainty to global economic conditions.

Accordingly, our failure, or our channel partners’ failure, to provide and maintain high-quality support services could have a material adverse effect on our business, financial condition, and operating results. RISKS RELATED TO INTELLECTUAL PROPERTY AND TECHNOLOGY LICENSING Claims by others that we infringe their intellectual property rights could harm our business.

Accordingly, our failure, or our channel partners’ failure, to provide and maintain high-quality support services could have a material adverse effect on our business, financial condition, and operating results. - 25 - Table of Contents RISKS RELATED TO INTELLECTUAL PROPERTY AND TECHNOLOGY LICENSING Claims by others that we infringe their intellectual property rights could harm our business.

Our amended and restated certificate of incorporation authorizes us to issue up to 1.0 billion shares of common stock and up to 100.0 million shares of preferred stock with such rights and preferences as may be determined by our board of directors.

Our restated certificate of incorporation authorizes us to issue up to 2.0 billion shares of common stock and up to 100.0 million shares of preferred stock with such rights and preferences as may be determined by our board of directors.

Many of our competitors have greater financial, technical, marketing, sales, and other resources, greater name recognition, longer operating histories, and a larger base of customers than we do. They may be able to devote greater resources to the promotion and sale of products and services than we can, and they may offer lower pricing than we do.

Some of our competitors have or may attain greater financial, technical, marketing, sales, and other resources, greater name recognition, longer operating histories, and a larger base of customers than we do. They may be able to devote greater resources to the promotion and sale of products and services than we can, and they may offer lower pricing than we do.

Factors that could cause fluctuations in the market price of our common stock include, but are not limited to: • announcements of new products, subscriptions or technologies, commercial relationships, strategic partnerships, acquisitions, or other events by us or our competitors; • price and volume fluctuations in the overall stock market from time to time; • news announcements that affect investor perception of our industry, including reports related to the discovery of significant cyberattacks; • significant volatility in the market price and trading volume of technology companies in general and of companies in our industry; • fluctuations in the trading volume of our shares or the size of our public float; • actual or anticipated changes in our operating results or fluctuations in our operating results; • whether our operating results meet the expectations of securities analysts or investors; • actual or anticipated changes in the expectations of securities analysts or investors, whether as a result of our forward-looking statements, our failure to meet such expectations or otherwise; • inaccurate or unfavorable research reports about our business and industry published by securities analysts or reduced coverage of our company by securities analysts; • litigation involving us, our industry, or both; • actions instituted by activist shareholders or others; • regulatory developments in the United States, foreign countries, or both; • major catastrophic events; • sales or repurchases of large blocks of our common stock or substantial future sales by our directors, executive officers, employees, and significant stockholders; • departures of key personnel; or • geopolitical or economic uncertainty around the world.

Factors that could cause fluctuations in the market price of our common stock include, but are not limited to: • announcements of new products, subscriptions or technologies, commercial relationships, strategic partnerships, acquisitions, or other events by us or our competitors; • price and volume fluctuations in the overall stock market from time to time; • news announcements that affect investor perception of our industry, including reports related to the discovery of significant cyberattacks; • significant volatility in the market price and trading volume of technology companies in general and of companies in our industry; • fluctuations in the trading volume of our shares or the size of our public float; • actual or anticipated changes in our operating results or fluctuations in our operating results; • whether our operating results meet the expectations of securities analysts or investors; • actual or anticipated changes in the expectations of securities analysts or investors, whether as a result of our forward-looking statements, our failure to meet such expectations or otherwise; • inaccurate or unfavorable research reports about our business and industry published by securities analysts or reduced coverage of our company by securities analysts; • litigation involving us, our industry, or both; • actions instituted by activist shareholders or others; • regulatory developments in the United States, foreign countries, or both; • major catastrophic events; • sales or repurchases of large blocks of our common stock or substantial future sales by our directors, executive officers, employees, and significant stockholders; • issuances or sales of shares of our common stock, including as part of a capital-raising transaction or as consideration in or in connection with acquisitions; • issuances or sales of debt or securities convertible into or exchangeable for shares of our common stock, including in connection with acquisitions; • departures of key personnel; or • geopolitical or economic uncertainty around the world.

Further, the determination of our worldwide provision for or benefit from income taxes and other tax liabilities requires significant judgment by management, and there are transactions where the ultimate tax determination is uncertain.

Further, the determination of our worldwide provision for income taxes and other tax liabilities requires significant judgment by management, and there are transactions where the ultimate tax determination is uncertain.

Military actions or armed conflict, including the hostilities in Israel and the surrounding region, Russia’s invasion of Ukraine and any related political or economic responses and counter-responses, and uncertainty about, or changes in, government and trade relationships, policies, and treaties could also lead to worsening economic and market conditions and geopolitical environment.

Military actions or armed conflict, including the hostilities in Israel and the surrounding region, the Russia-Ukraine war and any related political or economic responses and counter-responses, and uncertainty about, or changes in, government and trade relationships, policies, and treaties could also lead to worsening economic and market conditions and geopolitical environment.

Increasingly, companies are subject to a wide variety of attacks on their networks on an ongoing basis.

Increasingly, companies are subject to a wide variety of attacks on an ongoing basis.

We have experienced growth and increased demand for our products and subscriptions over the last few years. As a result, our employee headcount has increased, and we expect it to continue to grow over the next year. For example, from the end of fiscal 2023 to the end of fiscal 2024, our headcount increased from 13,948 to 15,289 employees.

We have experienced growth and increased demand for our products and subscriptions over the last few years. As a result, our employee headcount has increased, and we expect it to continue to grow over the next year. For example, from the end of fiscal 2024 to the end of fiscal 2025, our headcount increased from 15,289 to 16,068 employees.

The portion of our hardware products that are sourced outside the United States may subject us to geopolitical risks, additional logistical risks or risks associated with complying with local rules and regulations in foreign countries.

The portion of our hardware products that are sourced outside the United States may subject us to geopolitical risks, additional logistical risks, risks associated with international trade agreements, international trade disputes, trade regulations, tariffs, or risks associated with complying with local rules and regulations in foreign countries.

Our revenue growth rate in recent periods may not be indicative of our future performance, and we may not be able to maintain profitability, which could cause our business, financial condition, and operating results to suffer. We have experienced revenue growth rates of 16.5% and 25.3% in fiscal 2024 and fiscal 2023, respectively.

Our revenue growth rate in recent periods may not be indicative of our future performance, and we may not be able to maintain profitability, which could cause our business, financial condition, and operating results to suffer. We have experienced revenue growth rates of 14.9% and 16.5% in fiscal 2025 and fiscal 2024, respectively.

The conflict in Ukraine and associated activities in Ukraine and Russia may increase the risk of cyberattacks on various types of infrastructure and operations, and the United States government has warned companies to be prepared for a significant increase in Russian cyberattacks in response to the Sanctions on Russia.

The Russia-Ukraine war and associated activities in Ukraine and Russia may increase the risk of cyberattacks on various types of infrastructure and operations, and the United States government has warned companies to be prepared for additional Russian cyberattacks in response to the Sanctions on Russia.

If we combine our proprietary software with open source software in a certain manner, we could, under certain open source licenses, be required to release the source code of our proprietary software to the public.

If we combine our proprietary software with, or otherwise distribute or use open source software in a certain manner, we could, under certain open source licenses, be required to release the source code of our proprietary software to the public.

We have entered into forward contracts in an effort to reduce our foreign currency exchange exposure related to our foreign currency denominated expenditures. As of July 31, 2024, the total notional amount of our outstanding foreign currency forward contracts was $1.2 billion. For more information on our hedging transactions, refer to Note 6.

We have entered into forward contracts in an effort to reduce our foreign currency exchange exposure related to our foreign currency denominated revenue and operating expenditures. As of July 31, 2025, the total notional amount of our outstanding foreign currency forward contracts was $1.5 billion. For more information on our hedging transactions, refer to Note 6.

If our estimates or judgments relating to our critical accounting policies are based on assumptions that change or prove to be incorrect, our operating results could fall below our publicly announced guidance or the expectations of securities analysts and investors, resulting in a decline in the market price of our common stock.

If our estimates or judgments, including those relating to our critical accounting policies, are based on assumptions that change or prove to be incorrect, our operating results differ from our publicly announced guidance or the expectations of securities analysts and investors, resulting in a decline in the market price of our common stock.

As of July 31, 2024, two distributors individually represented 10% or more of our gross accounts receivable and in the aggregate represented 31.5% of our gross accounts receivable. - 19 - Table of Contents We provide our channel partners with specific training and programs to assist them in selling our products, including subscriptions and support offerings, but there can be no assurance that these steps will be utilized or effective.

As of July 31, 2025, three distributors individually represented 10% or more of our gross accounts receivable and in the aggregate represented 44.8% of our gross accounts receivable. - 18 - Table of Contents We provide our channel partners with specific training and programs to assist them in selling our products, including subscriptions and support offerings, but there can be no assurance that these steps will be utilized or effective.

In connection with each such sale of the 2025 Notes, we also entered into warrant transactions with the counterparties pursuant to which we sold warrants (the “2025 Warrants”) for the purchase of our common stock.

In connection with the sale of the 2025 Notes and purchase of the 2025 Note Hedges, we also entered into warrant transactions with the counterparties pursuant to which we sold warrants (the “2025 Warrants”) for the purchase of our common stock.

Our amended and restated certificate of incorporation and amended and restated bylaws include provisions that: • establish that our board of directors is divided into three classes, Class I, Class II, and Class III, with three-year staggered terms; • authorize our board of directors to issue shares of preferred stock and to determine the price and other terms of those shares, including preferences and voting rights, without stockholder approval; • provide our board of directors with the exclusive right to elect a director to fill a vacancy created by the expansion of our board of directors or the resignation, death, or removal of a director; • prohibit our stockholders from taking action by written consent; • specify that special meetings of our stockholders may be called only by the chairman of our board of directors, our president, our secretary, or a majority vote of our board of directors; • require the affirmative vote of holders of at least 66 2/3% of the voting power of all of the then outstanding shares of the voting stock, voting together as a single class, to amend the provisions of our amended and restated certificate of incorporation relating to the issuance of preferred stock and management of our business or our amended and restated bylaws; • authorize our board of directors to amend our bylaws by majority vote; and • establish advance notice procedures with which our stockholders must comply to nominate candidates to our board of directors or to propose matters to be acted upon at a stockholders’ meeting. - 35 - Table of Contents These provisions may frustrate or prevent any attempts by our stockholders to replace or remove our current management by making it more difficult for our stockholders to replace members of our board of directors, which is responsible for appointing the members of management.

Our amended and restated certificate of incorporation and amended and restated bylaws include provisions that, among other things: • establish that our board of directors is divided into three classes, Class I, Class II, and Class III, with three-year staggered terms; • authorize our board of directors to issue shares of preferred stock and to determine the price and other terms of those shares, including preferences and voting rights, without stockholder approval; • provide our board of directors with the exclusive right to elect a director to fill a vacancy created by the expansion of our board of directors or the resignation, death, or removal of a director; • prohibit our stockholders from taking action by written consent; • specify that special meetings of our stockholders may be called only by the chairman of our board of directors, our president, our secretary, or a majority vote of our board of directors; • require the affirmative vote of holders of at least 66 2/3% of the voting power of all of the then outstanding shares of the voting stock, voting together as a single class, to amend the provisions of our restated certificate of incorporation relating to the issuance of preferred stock and management of our business or our amended and restated bylaws; • authorize our board of directors to amend our bylaws by majority vote; and • establish advance notice procedures with which our stockholders must comply to nominate candidates to our board of directors or to propose matters to be acted upon at a stockholders’ meeting.

(collectively, “Europe”) to use our products, on account of the risks identified in the Schrems II decision, and we may find it necessary or desirable to make further changes to our processing of personal data of European residents.

(collectively, “Europe”) to use our products, on account of the risks identified in the Schrems II decision or other developments relating to cross-border data transfers, and we may find it necessary or desirable to make further changes to our processing of personal data of European residents.

Moreover, many of our end-customers operate in markets characterized by rapidly changing technologies and business plans, which require them to add numerous network access points and adapt increasingly complex enterprise networks, incorporating a variety of hardware, software applications, operating systems, and networking protocols.

The enterprise security industry has grown quickly and continues to evolve rapidly. Moreover, many of our end-customers operate in markets characterized by rapidly changing technologies and business plans, which require them to add numerous network access points and adapt increasingly complex enterprise networks, incorporating a variety of hardware, software applications, operating systems, and networking protocols.

Subject to compliance with applicable rules and regulations, we may issue shares of common stock or securities convertible into shares of our common stock from time to time in connection with a financing, acquisition, investment, our stock incentive plans, the conversion of our 2025 Notes, the settlement of our 2025 Warrants, or otherwise.

Subject to compliance with applicable rules and regulations, we may issue shares of common stock or securities convertible into or exchangeable for shares of our common stock from time to time in connection with a financing or other capital raising, acquisition, investment, our stock incentive plans, the settlement of our 2025 Warrants, or otherwise.

Further, they may have greater resources for research and development of new technologies, the provision of customer support, and the pursuit of acquisitions.

Further, they may have greater resources for research and development of new technologies, the provision of customer support, and the pursuit of acquisitions or other strategic investments.

General Data Protection Regulation (“U.K. GDPR,” and collectively the “GDPR”), both of which impose stringent data protection requirements, provide for costly penalties for noncompliance (up to the greater of (a) €20 million under the “E.U. GDPR” or £17.5 million under the “U.K.

General Data Protection Regulation (“U.K. GDPR,” and collectively the “GDPR”), each of which imposes stringent data protection requirements, provide for costly penalties for noncompliance (up to the greater of (a) €20 million under the E.U. GDPR or £17.5 million under the U.K.

If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly impaired, and our business may be adversely affected.

We cannot be certain that our licensors are not infringing the intellectual property rights of third parties or that our licensors have sufficient rights to the licensed intellectual property in all jurisdictions in which we may sell our products and subscriptions.

We incorporate technology that we license from third parties, including software, into our products and subscriptions. We cannot be certain that our licensors are not infringing the intellectual property rights of third parties or that our licensors have sufficient rights to the licensed intellectual property in all jurisdictions in which we may sell our products and subscriptions.

Subscription and support revenue accounts for a significant portion of our revenue, comprising 80.0% of total revenue in fiscal 2024, 77.1% of total revenue in fiscal 2023, and 75.2% of total revenue in fiscal 2022.

Subscription and support revenue accounts for a significant portion of our revenue, comprising 80.5% of total revenue in fiscal 2025, 80.0% of total revenue in fiscal 2024, and 77.1% of total revenue in fiscal 2023.

We may have to pay cash, incur debt, or issue equity or equity-linked securities to pay for any future acquisitions, each of which could adversely affect our financial condition or the market price of our common stock. Furthermore, the sale of equity or issuance of equity-linked debt to finance any future acquisitions could result in dilution to our stockholders.

We may have to pay cash, incur debt, or issue equity or equity-linked securities to pay for any future acquisitions, including the pending acquisition of CyberArk, each of which could adversely affect our financial condition or the market price of our common stock, and result in dilution to our stockholders.

The future of peace efforts between Israel and its Arab neighbors remains uncertain. The effects of hostilities and violence on the Israeli economy and our operations in Israel are unclear, and we cannot predict the effect on us of further increases in these hostilities or future armed conflict, political instability, or violence in the region.

The effects of hostilities and violence on the Israeli economy and our operations in Israel are unclear, and we cannot predict the effect on us of further increases in these hostilities or future armed conflict, political instability, or violence in the region.

These initiatives, goals, or commitments could be difficult to achieve and costly to implement. We could fail to achieve, or be perceived to fail to achieve, our ESG-related initiatives, goals, or commitments. In addition, we could be criticized for the timing, scope or nature of these initiatives, goals, or commitments, or for any revisions to them.

We could fail to achieve, or be perceived to fail to achieve, our corporate responsibility-related initiatives, goals, or commitments. In addition, we could be criticized for the timing, scope or nature of these initiatives, goals, or commitments, or for any revisions to them.

Because some of the key components in our hardware products come from limited sources of supply, we are susceptible to supply shortages or supply changes, which, in certain cases, have disrupted or delayed our scheduled product deliveries to our end-customers, increased our costs and may result in the loss of sales and end-customers.

Our hardware products contain key components from limited sources of supply, including outside the United States, and we are susceptible to supply shortages, supply changes, and international regulations, which, in certain cases, have disrupted or delayed our scheduled product deliveries to our end-customers, increased our costs and may result in the loss of sales and end-customers.

Among other effects, we may experience additional costs associated with increased compliance burdens, reduced demand for our offerings from current or prospective customers in the European Economic Area (“EEA”), Switzerland, and the U.K.

Among other effects of these developments, we may experience additional costs associated with increased compliance burdens, reduced demand for our offerings from current or prospective customers in the EEA, Switzerland, and the U.K.

Substantially all of our revenue is generated by sales through our channel partners, including distributors and resellers. For fiscal 2024, four distributors individually represented 10% or more of our total revenue and in the aggregate represented 59.0% of our total revenue.

Substantially all of our revenue is generated by sales through our channel partners, including distributors and resellers. For fiscal 2025, three distributors individually represented 10% or more of our total revenue and in the aggregate represented 44.2% of our total revenue.

(or, in the case of the U.K. GDPR, the U.K.) to the United States and other jurisdictions only where adequate safeguards are implemented or a derogation applies. In practice, we rely on standard contractual clauses approved under the GDPR to carry out such transfers and to receive personal data subject to the GDPR (directly or indirectly) in the United States.

GDPR, the U.K.) to non-EEA countries, such as the United States, unless adequate safeguards are implemented or a derogation applies. In practice, we rely on standard contractual clauses approved under the GDPR to carry out such transfers and to receive personal data subject to the GDPR (directly or indirectly) in the United States.

Our sales contracts are denominated in U.S. dollars, and therefore, our revenue is not subject to foreign currency risk; however, in the event of a strengthening of the U.S. dollar against foreign currencies in which we conduct business, the cost of our products to our end-customers outside of the United States would increase, which could adversely affect our financial condition and operating results.

However, in the event of a strengthening of the U.S. dollar against foreign currencies in which we conduct business, the cost of our products to our end-customers outside of the United States would increase, which could adversely affect our financial condition and operating results.

The effectiveness of our existing hedging transactions and the availability and effectiveness of any hedging transactions we may decide to enter into in the future may be limited and we may not be able to successfully hedge our exposure, which could adversely affect our financial condition and operating results. - 29 - Table of Contents We face risks associated with having operations and employees located in Israel.

We have established processes to help alleviate these risks, including a review process for screening requests from our development organizations for the use of open source software, but we cannot be sure that our processes for controlling our use of open source software in our products and subscriptions will be effective.

For example, in April 2024, we became aware of a command injection vulnerability in the GlobalProtect feature of certain versions of our PAN-OS software. To remediate the matter, we published a security advisory to advise customers, provided software updates for affected PAN-OS versions, and are actively engaged in customer outreach, support and remediation efforts for potentially impacted customers.

For example, in November 2024, we became aware of an authentication bypass vulnerability through the management web interface of certain versions of our PAN-OS software. To remediate the matter, we published a security advisory to advise customers, provided software updates for affected PAN-OS versions, and engaged in customer outreach, support and remediation efforts for potentially impacted customers.

The applicable counterparties or their respective affiliates may modify their hedge positions by entering into or unwinding various derivatives with respect to our common stock and/or purchasing or selling our common stock or other securities of ours in secondary market transactions prior to the maturity of the outstanding 2025 Notes (and are likely to do so during any applicable observation period related to a conversion of our 2025 Notes).

The applicable counterparties to the 2025 Warrants or their respective affiliates may modify their related hedge positions by entering into or unwinding various derivatives with respect to our common stock and/or purchasing or selling our common stock or other securities of ours in secondary market transactions prior to the expiration of the 2025 Warrants.

If we are held to have breached the terms of an open source software license, we could be required to seek licenses from third parties to continue offering our products and subscriptions on terms that are not economically feasible, to reengineer our products and subscriptions, to discontinue the sale of our products and subscriptions if reengineering could not be accomplished on a timely basis, or to make generally available, in source code form, our proprietary code, any of which could adversely affect our business, operating results, and financial condition. - 26 - Table of Contents In addition to risks related to license requirements, usage of open source software can lead to greater risks than use of third-party commercial software, as open source licensors generally do not provide warranties or assurance of title or controls on origin of the software.

Some components that we import for final manufacturing in the United States have been impacted by these tariffs. As a result, our costs have increased and we have raised, and may be required to further raise, prices on our hardware products. Our manufacturing partners typically fulfill our supply requirements on the basis of individual purchase orders.

Some components that we import for final manufacturing in the United States have been impacted by these tariffs. As a result, our costs have increased and we have raised, and may be required to further raise, prices on our hardware products in response to these and potential new trade regulations.

Any decreased use of our products or limitation on our ability to export to or sell our products in international markets would likely adversely affect our business, financial condition, and operating results. International trade laws and regulations continuously evolve to address technological developments and changes in geopolitical conditions.

A successful claimant could secure a judgment, or we may agree to a settlement that prevents us from distributing certain products or performing certain services or that requires us to pay substantial damages, royalties, or other fees.

For example, AI algorithms may have flaws, and datasets used to train models may be insufficient or contain biased information. The AI that is being incorporated into our products, solutions, and business operation tools may not be successful or beneficial, and instead may cause technical, legal or ethical problems or result in increased costs.

The AI that is being incorporated into our products, solutions, and business operation tools may not be successful or beneficial, and instead may cause technical, legal or ethical problems or result in increased costs.

Any of these negative outcomes could adversely impact the market perception of our products and subscriptions and end-customer and investor confidence in our company and could seriously harm our business or operating results. - 23 - Table of Contents Defects, errors, or vulnerabilities in our products, subscriptions, or support offerings, the failure of our products or subscriptions to block a virus or prevent a security breach or incident, misuse of our products, or risks of product liability claims could harm our reputation and adversely impact our operating results.

Defects, errors, or vulnerabilities in our products, subscriptions, or support offerings, the failure of our products or subscriptions to block a virus or prevent a security breach or incident, misuse of our products, or risks of product liability claims could harm our reputation and adversely impact our operating results.

The share repurchase program could affect the price of our common stock, increase volatility, and diminish our cash reserves. In addition, the program may be suspended or terminated at any time, which may result in a decrease in the price of our common stock. We do not intend to pay dividends for the foreseeable future.

In addition, the program may be suspended or terminated at any time, which may result in a decrease in the price of our common stock. We do not intend to pay dividends for the foreseeable future. We have never declared or paid any dividends on our common stock.

… 112 more changes not shown on this page.

Item 1C. Cybersecurity

Cybersecurity — threats and controls disclosure

10 edited+1 added−3 removed19 unchanged

2024 filing

2025 filing

Biggest changeWe deploy and maintain a variety of technologies to prevent and detect cybersecurity threats across the network, endpoint and cloud. We also apply security-by-design principles in our software development lifecycle, track vulnerabilities of open-source software, and run internal and external network scans at least weekly and after any meaningful change in our network configuration.

Biggest changeWe also apply security-by-design principles in our software development lifecycle, track vulnerabilities of open-source software, and run internal and external network scans at least weekly and after any meaningful change in our network configuration. We conduct regular application security assessments, including our assessments for internet-facing applications that collect, transmit, or display end user data.

We maintain a cross-functional incident response team, including senior representatives from information security, information technology, product, legal, privacy, communications and accounting, that is involved in assessing cybersecurity threats and incidents, assigning severity levels, and evaluating the potential impact, including the potential impact on our business strategy, results of operations and financial condition.

We maintain a cross-functional incident response team, including senior representatives from information security, information technology, product, legal, privacy, communications, and finance, that is involved in assessing cybersecurity threats and incidents, assigning severity levels, and evaluating the potential impact, including the potential impact on our business strategy, results of operations and financial condition.

Our chief information security officer is responsible for defining, overseeing, managing, implementing, and reviewing compliance with the information security programs described above under the heading “Cybersecurity Risk Management and Strategy.” Our chief information security officer receives regular reports from our information security team and monitors the prevention, detection, and mitigation or remediation of cybersecurity risks.

Our vice president acting as chief information security officer is responsible for defining, overseeing, managing, implementing, and reviewing compliance with the information security programs described above under the heading “Cybersecurity Risk Management and Strategy.” This vice president receives regular reports from our information security team and monitors the prevention, detection, and mitigation or remediation of cybersecurity risks.

For additional information regarding these risks, please refer to Part I, Item 1A, “Risk Factors,” in this Form 10-K, including, but not limited to, the risk factor entitled “ A network or data security incident may allow unauthorized access to our network or data, harm our reputation, create additional liability, and adversely impact our financial results. ” Cybersecurity Governance The Security Committee, which is composed of all of our independent directors, facilitates our board of directors’ responsibility for oversight of security matters, including product security, data security, cybersecurity, security risk management, risk exposure and related controls and enterprise risk management related to these risks.

For additional information regarding these risks, please refer to Part I, Item 1A, “Risk Factors,” in this Form 10-K, including, but not limited to, the risk factor entitled “ A network or data security incident may allow unauthorized access to our network or data, harm our reputation, create additional liability, and adversely impact our financial results. ” - 38 - Table of Contents Cybersecurity Governance The Security Committee, which is composed of our independent directors and chaired by our chief product and technology officer, facilitates our board of directors’ responsibility for oversight of security matters, including product security, data security, cybersecurity, security risk management, risk exposure and related controls and enterprise risk management related to these risks.

This allows for prompt direction of appropriate personnel and resources for incident management and response, and internal notification to appropriate members of management, which may include our chief executive officer, chief product officer, chief information security officer, general counsel, chief financial officer, and/or chief accounting officer, and the security committee of our board of directors (the “Security Committee”).

This allows for prompt direction of appropriate personnel and resources for incident management and response, and internal notification to appropriate members of management, which may include our chief executive officer, chief product and technology officer, vice president acting as chief information security officer, general counsel, chief financial officer, and/or chief accounting officer, and the security committee of our board of directors (the “Security Committee”).

The Security Committee meets quarterly to review with our chief information security officer and other members of management, which may include our chief executive officer, chief product officer, chief financial officer, and general counsel, our cybersecurity programs, cybersecurity risks, mitigation or remediation strategies, and other matters impacting the committee’s responsibilities.

The Security Committee meets quarterly to review with our vice president acting as chief information security officer and other members of management, which may include our chief executive officer, chief product and technology officer, chief financial officer, and general counsel, our cybersecurity programs, cybersecurity risks, mitigation or remediation strategies, and other matters impacting the committee’s responsibilities.

The organizational, administrative and technical measures we implement are based on recognized security frameworks established by the National Institute of Standards and Technology, security measures aligned with the ISO/IEC 27000 series of standards, and other generally recognized industry standards. The program is assessed regularly and in light of new and emerging cybersecurity risks. • Technical Safeguards and Product Security.

We maintain incident response and recovery protocols to enable prompt, effective and orderly identification, evaluation, management, and disposition of actual and potential security threats and incidents, including for purposes of escalation and internal and external-notification steps.

We also employ tooling in certain areas to help prevent deviations from policy. • Incident Response and Reporting. We maintain incident response and recovery protocols to enable prompt, effective and orderly identification, evaluation, management, and disposition of actual and potential security threats and incidents, including for purposes of escalation and internal and external-notification steps.

As discussed in more detail below under the heading, “Cybersecurity Governance,” our board of directors’ has delegated oversight of enterprise security risk management, including, but not limited to, cybersecurity risk management to the Security Committee.

Our information security compliance training, data protection training, and code of conduct training is mandatory for all employees. • Governance. As discussed in more detail below under the heading, “Cybersecurity Governance,” our board of directors’ has delegated oversight of enterprise security risk management, including, but not limited to, cybersecurity risk management to the Security Committee.

In particular, our chief information security officer has extensive experience in the management of cybersecurity risk management programs, having served in various roles in information technology and security for over 20 years, including having previously served as the chief security officer of two other publicly traded technology companies.

In particular, our vice president acting as chief information security officer has extensive experience in the management of cybersecurity risk management programs, having served in various roles in information technology and security for over 25 years. In addition, six of the eleven members of our board of directors have expertise in overseeing cybersecurity and information security management.

Removed

We conduct regular application security assessments, including our assessments for internet-facing applications that collect, transmit, or display end user data. We also employ tooling in certain areas to help prevent deviations from policy. • Incident Response and Reporting.

Added

The program is assessed regularly and in light of new and emerging cybersecurity risks. - 37 - Table of Contents • Technical Safeguards and Product Security. We deploy and maintain a variety of technologies to prevent and detect cybersecurity threats across the network, endpoint and cloud.

Removed

Our information security compliance training, data protection training, and code of conduct training is mandatory for all employees. - 37 - Table of Contents • Governance.

Removed

In addition, six of the ten members of our board of directors have expertise in overseeing cybersecurity and information security management. - 38 - Table of Contents

Item 2. Properties

Properties — owned and leased real estate

1 edited+0 added−0 removed3 unchanged

2024 filing

2025 filing

Biggest changeIn addition, we provide our cloud-based subscription offerings through data centers operated under co-location arrangements in the United States, Europe, and Asia. Refer to Note 11. Leases in Part II, Item 8 of this Annual Report on Form 10-K for more information on our operating leases.

Biggest changeIn addition, we provide our cloud-based subscription offerings through data centers operated under co-location arrangements in the United States, Europe, and Asia. Refer to Note 12. Leases in Part II, Item 8 of this Annual Report on Form 10-K for more information on our operating leases.

Item 5. Market for Registrant's Common Equity

Market for Common Equity — stock, dividends, buybacks

11 edited+0 added−4 removed3 unchanged

2024 filing

2025 filing

Biggest changeThe issuances of the securities pursuant to the Transactions were exempt from registration under the Securities Act by virtue of Section 4(a)(2) of the Act and Rule 506 of Regulation D promulgated thereunder. - 40 - Table of Contents Purchases of Equity Securities by the Issuer and Affiliated Purchasers In February 2019, we announced that our board of directors authorized a $1.0 billion share repurchase program, which is funded from available working capital.

Biggest changePurchases of Equity Securities by the Issuer and Affiliated Purchasers In February 2019, we announced that our board of directors authorized a $1.0 billion share repurchase program, which is funded from available working capital. We subsequently announced additional increases to this share repurchase program, bringing the total authorization to $4.1 billion, with $1.0 billion remaining as of July 31, 2025.

This performance graph assumes $100 was invested on July 31, 2019, in each of the common stock of Palo Alto Networks, Inc., the Nasdaq 100 Index, the Standard & Poor’s 500 Index, and the Standard & Poor’s 500 Information Technology Index, and assumes the reinvestment of any dividends.

This performance graph assumes $100 was invested on July 31, 2020, in each of the common stock of Palo Alto Networks, Inc., the Nasdaq 100 Index, the Standard & Poor’s 500 Index, and the Standard & Poor’s 500 Information Technology Index, and assumes the reinvestment of any dividends.

This performance graph compares the cumulative total return on our common stock with that of the Nasdaq 100 Index, the Standard & Poor’s 500 Index, and the Standard & Poor’s 500 Information Technology Index for the five years ended July 31, 2024.

We also issued 1.3 million shares of our unregistered common stock to the holders of the 2025 Notes for the conversion value in excess of the principal amount. These shares of our common stock were issued in reliance on the exemption from registration provided by Section 3(a)(9) of the Securities Act of 1933, as amended (the “Securities Act”).

We also issued 5.6 million shares of our unregistered common stock to the holders of the 2025 Notes for the conversion value in excess of the principal amount. These shares of our common stock were issued in reliance on the exemption from registration provided by Section 3(a)(9) of the Securities Act of 1933, as amended (the “Securities Act”).

The expiration date of this repurchase authorization was extended to December 31, 2024, and our repurchase program may be suspended or discontinued at any time.

The expiration date of this repurchase authorization was extended to December 31, 2025, and our repurchase program may be suspended or discontinued at any time.

The stock price performance on this performance graph is not necessarily indicative of future stock price performance. - 41 - Table of Contents Palo Alto Networks, Inc.

The stock price performance on this performance graph is not necessarily indicative of future stock price performance. Palo Alto Networks, Inc.

Recent Sales of Unregistered Equity Securities During the three months ended July 31, 2024, holders of the 2025 Notes converted $199.6 million in aggregate principal amount of the 2025 Notes, which we repaid in cash.

Recent Sales of Unregistered Equity Securities During the three months ended July 31, 2025, holders of the 2025 Notes converted $382.9 million in aggregate principal amount of the 2025 Notes, which we repaid in cash.

Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities Market Information Our common stock, $0.0001 par value per share, is traded on the Nasdaq Global Select Market under the symbol “PANW.” Prior to October 22, 2021, our common stock traded on the New York Stock Exchange under the symbol “PANW.” Holders of Record As of August 19, 2024, there were 502 holders of record of our common stock.

Item 5. Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities Market Information Our common stock, $0.0001 par value per share, is traded on the Nasdaq Global Select Market under the symbol “PANW.” Holders of Record As of August 18, 2025, there were 565 holders of record of our common stock.

Repurchases under our program are to be made at management’s discretion on the open market, through privately negotiated transactions, transactions structured through investment banking institutions, block purchase techniques, 10b5-1 trading plans, or a combination of the foregoing. During the three months ended July 31, 2024, we did not repurchase any shares pursuant to our share repurchase program.

Stock Price Performance Graph This performance graph shall not be deemed “filed” for purposes of Section 18 of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), or incorporated by reference into any filing of Palo Alto Networks, Inc. under the Securities Act of 1933, as amended, or the Exchange Act, except as shall be expressly set forth by specific reference in such filing.

During the three months ended July 31, 2025, we did not repurchase any shares pursuant to our share repurchase program. - 40 - Table of Contents Stock Price Performance Graph This performance graph shall not be deemed “filed” for purposes of Section 18 of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), or incorporated by reference into any filing of Palo Alto Networks, Inc. under the Securities Act of 1933, as amended, or the Exchange Act, except as shall be expressly set forth by specific reference in such filing.

Comparison of Total Return Performance Company/Index 7/31/2019 7/31/2020 7/31/2021 7/31/2022 7/31/2023 7/31/2024 Palo Alto Networks, Inc. $ 100.00 $ 112.97 $ 176.15 $ 220.31 $ 331.01 $ 430.03 Nasdaq 100 Index $ 100.00 $ 140.37 $ 193.97 $ 169.14 $ 207.66 $ 257.35 S&P 500 Index $ 100.00 $ 111.96 $ 152.76 $ 145.67 $ 164.63 $ 201.10 S&P 500 Information Technology Index $ 100.00 $ 138.91 $ 194.51 $ 183.79 $ 233.14 $ 315.19 Item 6. [Reserved] - 42 - Table of Contents

Comparison of Total Return Performance Company/Index 7/31/2020 7/31/2021 7/31/2022 7/31/2023 7/31/2024 7/31/2025 Palo Alto Networks, Inc. $ 100.00 $ 155.93 $ 195.02 $ 293.01 $ 380.66 $ 407.00 Nasdaq 100 Index $ 100.00 $ 138.19 $ 120.50 $ 147.94 $ 183.34 $ 221.52 S&P 500 Index $ 100.00 $ 136.45 $ 130.11 $ 147.05 $ 179.62 $ 208.95 S&P 500 Information Technology Index $ 100.00 $ 140.03 $ 132.31 $ 167.84 $ 226.91 $ 280.58 Item 6. [Reserved] - 41 - Table of Contents

Removed

Additionally, during the three months ended July 31, 2024, we issued a total of 12,841 shares of our unregistered common stock in connection with certain of our acquisitions (the “Transactions”).The Transactions did not involve any underwriters, any underwriting discounts or commissions, or any public offering.

Removed

In December 2020, August 2021, August 2022, and November 2023, we announced additional $700.0 million, $676.1 million, $915.0 million, and $316.7 million increases to this share repurchase program, respectively, bringing the total authorization to $3.6 billion, with $500.0 million remaining as of July 31, 2024.

Removed

Between May 1, 2024 and May 31, 2024, June 1, 2024 and June 30, 2024, and July 1, 2024 and July 31, 2024, shares of restricted stock were delivered by certain employees upon vesting of equity awards to satisfy tax withholding requirements.

Removed

The average value of shares delivered to satisfy tax withholding requirements during these periods were $308.10 per share, $317.02 per share, and $330.89 per share, respectively. The number of shares delivered to satisfy tax withholding requirements during these periods was not significant.

Item 7. Management's Discussion & Analysis

Management's Discussion & Analysis (MD&A) — revenue / margin commentary

82 edited+36 added−33 removed40 unchanged

2024 filing

2025 filing

Biggest changeYear Ended July 31, 2024 2023 2022 Amount % of Revenue Amount % of Revenue Amount % of Revenue (dollars in millions) Revenue: Product $ 1,603.3 20.0 % $ 1,578.4 22.9 % $ 1,363.1 24.8 % Subscription and support 6,424.2 80.0 % 5,314.3 77.1 % 4,138.4 75.2 % Total revenue 8,027.5 100.0 % 6,892.7 100.0 % 5,501.5 100.0 % Cost of revenue: Product 348.2 4.3 % 418.3 6.1 % 455.5 8.3 % Subscription and support 1,711.0 21.4 % 1,491.4 21.6 % 1,263.2 22.9 % Total cost of revenue (1) 2,059.2 25.7 % 1,909.7 27.7 % 1,718.7 31.2 % Total gross profit 5,968.3 74.3 % 4,983.0 72.3 % 3,782.8 68.8 % Operating expenses: Research and development 1,809.4 22.5 % 1,604.0 23.3 % 1,417.7 25.8 % Sales and marketing 2,794.5 34.8 % 2,544.0 36.9 % 2,148.9 39.0 % General and administrative 680.5 8.5 % 447.7 6.5 % 405.0 7.4 % Total operating expenses (1) 5,284.4 65.8 % 4,595.7 66.7 % 3,971.6 72.2 % Operating income (loss) 683.9 8.5 % 387.3 5.6 % (188.8) (3.4) % Interest expense (8.3) (0.1) % (27.2) (0.4) % (27.4) (0.5) % Other income, net 312.7 3.9 % 206.2 3.0 % 9.0 0.1 % Income (loss) before income taxes 988.3 12.3 % 566.3 8.2 % (207.2) (3.8) % Provision for (benefit from) income taxes (1,589.3) (19.8) % 126.6 1.8 % 59.8 1.1 % Net income (loss) $ 2,577.6 32.1 % $ 439.7 6.4 % $ (267.0) (4.9) % (1) Includes share-based compensation as follows: Year Ended July 31, 2024 2023 2022 (in millions) Cost of product revenue $ 7.3 $ 9.8 $ 9.3 Cost of subscription and support revenue 121.0 123.4 110.2 Research and development 525.5 488.4 471.1 Sales and marketing 300.8 335.3 304.7 General and administrative 124.1 130.4 118.1 Total share-based compensation $ 1,078.7 $ 1,087.3 $ 1,013.4 - 47 - Table of Contents REVENUE Our revenue consists of product revenue and subscription and support revenue.

Biggest changeYear Ended July 31, 2025 2024 2023 Amount % of Revenue Amount % of Revenue Amount % of Revenue (dollars in millions) Revenue: Product $ 1,801.9 19.5 % $ 1,603.3 20.0 % $ 1,578.4 22.9 % Subscription and support 7,419.6 80.5 % 6,424.2 80.0 % 5,314.3 77.1 % Total revenue 9,221.5 100.0 % 8,027.5 100.0 % 6,892.7 100.0 % Cost of revenue: Product 413.2 4.5 % 348.2 4.3 % 418.3 6.1 % Subscription and support 2,038.4 22.1 % 1,711.0 21.4 % 1,491.4 21.6 % Total cost of revenue (1) 2,451.6 26.6 % 2,059.2 25.7 % 1,909.7 27.7 % Total gross profit 6,769.9 73.4 % 5,968.3 74.3 % 4,983.0 72.3 % Operating expenses: Research and development 1,984.1 21.5 % 1,809.4 22.5 % 1,604.0 23.3 % Sales and marketing 3,100.2 33.6 % 2,794.5 34.8 % 2,544.0 36.9 % General and administrative 442.7 4.8 % 680.5 8.5 % 447.7 6.5 % Total operating expenses (1) 5,527.0 59.9 % 5,284.4 65.8 % 4,595.7 66.7 % Operating income 1,242.9 13.5 % 683.9 8.5 % 387.3 5.6 % Interest expense (3.0) — % (8.3) (0.1) % (27.2) (0.4) % Other income, net 355.8 3.8 % 312.7 3.9 % 206.2 3.0 % Income before income taxes 1,595.7 17.3 % 988.3 12.3 % 566.3 8.2 % Provision for (benefit from) income taxes 461.8 5.0 % (1,589.3) (19.8) % 126.6 1.8 % Net income $ 1,133.9 12.3 % $ 2,577.6 32.1 % $ 439.7 6.4 % (1) Includes share-based compensation as follows: Year Ended July 31, 2025 2024 2023 (in millions) Cost of product revenue $ 5.1 $ 7.3 $ 9.8 Cost of subscription and support revenue 127.0 121.0 123.4 Research and development 550.5 525.5 488.4 Sales and marketing 359.5 300.8 335.3 General and administrative 258.0 124.1 130.4 Total share-based compensation $ 1,300.1 $ 1,078.7 $ 1,087.3 - 46 - Table of Contents REVENUE Our revenue consists of product revenue and subscription and support revenue.

If the standalone selling price is not observable through past transactions, we estimate the standalone selling price based on our pricing model and our go-to-market strategy, which include factors such as type of sales channel (channel partner or end-customer), the geographies in which our offerings were sold (domestic or international), and offering type (products, subscriptions, or support).

If the standalone selling price is not observable through past transactions, we estimate it based on our pricing model and our go-to-market strategy, which include factors such as type of sales channel (channel partner or end-customer), the geographies in which our offerings were sold (domestic or international), and offering type (products, subscriptions, or support).

The actual liability in any such matters may be materially different from our estimates, which could result in the need to adjust our liability and record additional expenses. Refer to the “Litigation” subheading in Note 12. Commitments and Contingencies in Part II, Item 8 of this Annual Report on Form 10-K for more information regarding our litigation.

The actual liability in any such matters may be materially different from our estimates, which could result in the need to adjust our liability and record additional expenses. Refer to the “Litigation” subheading in Note 13. Commitments and Contingencies in Part II, Item 8 of this Annual Report on Form 10-K for more information regarding our litigation.

As of July 31, 2024, we had end-customers in over 180 countries. Our end-customers represent a broad range of industries, including education, energy, financial services, government entities, healthcare, Internet and media, manufacturing, public sector, and telecommunications, and include almost all of the Fortune 100 companies and a majority of the Global 2000 companies.

As of July 31, 2025, we had end-customers in over 180 countries. Our end-customers represent a broad range of industries, including education, energy, financial services, government entities, healthcare, Internet and media, manufacturing, public sector, and telecommunications, and include almost all of the Fortune 100 companies and a majority of the Global 2000 companies.

Our products are designed for different performance requirements throughout an organization, ranging from our PA-410, which is designed for small organizations and remote or branch offices, to our top-of-the-line PA-7500, which is designed for large-scale data centers and service provider use.

Our products are designed for different performance requirements throughout an organization, ranging from our PA-400, which is designed for small organizations and remote or branch offices, to our top-of-the-line PA-7500, which is designed for large-scale data centers and service provider use.

Description of Business and Summary of Significant Accounting Policies in Part II, Item 8 of this Annual Report on Form 10-K for a description of recent accounting pronouncements and our expectation of their impact, if any, on our results of operations and financial condition. - 56 - Table of Contents

If we are unable to raise additional capital when desired, our business, operating results, and financial condition may be adversely affected. OPERATING ACTIVITIES Our operating activities have consisted of net income (losses) adjusted for certain non-cash items and changes in assets and liabilities. Our largest source of cash provided by our operations is receipts from our billings.

If we are unable to raise additional capital when desired, our business, operating results, and financial condition may be adversely affected. OPERATING ACTIVITIES Our operating activities have consisted of net income adjusted for certain non-cash items and changes in assets and liabilities. Our largest source of cash provided by our operations is receipts from our customers.

Our subscriptions provide our end-customers with near real-time access to the latest antivirus, intrusion prevention, web filtering, modern malware prevention, data loss prevention, CASB and AI security capabilities across the network, endpoints, and the cloud.

Our subscriptions provide our end-customers with near real-time access to the latest intrusion prevention, web security, modern malware prevention, data loss prevention, CASB and AI security capabilities across the network, endpoints, and the cloud.

Refer to Note 10. Debt in Part II, Item 8 of this Annual Report on Form 10-K for more information on the Notes. - 51 - Table of Contents OTHER INCOME, NET Other income, net includes interest income earned on our cash, cash equivalents, and investments, and gains and losses from foreign currency remeasurement and foreign currency transactions.

Refer to Note 11. Debt in Part II, Item 8 of this Annual Report on Form 10-K for more information on the Notes. - 50 - Table of Contents OTHER INCOME, NET Other income, net includes interest income earned on our cash, cash equivalents, and investments, and gains and losses from foreign currency remeasurement and foreign currency transactions.

GAAP and non-GAAP key financial metrics, which management monitors to evaluate our performance. • Results of Operations. A discussion of the nature and trends in our financial results and an analysis of our financial results comparing fiscal 2024 to fiscal 2023.

Our virtual and higher-end firewall products generally have higher gross margins than our lower-end firewall products within each product series. We expect our gross margins to vary over time depending on the factors described above.

Our higher-end firewall products generally have higher gross margins than our lower-end firewall products within each product series. We expect our gross margins to vary over time depending on the factors described above.

Our ML-Powered Next-Generation Firewall incorporates our PAN-OS operating system, which provides a consistent set of capabilities across our entire network security product line. Our appliances and software licenses include a broad set of built-in networking and security features and functionalities.

Our ML-Powered Next-Generation Firewall incorporates our PAN-OS operating system, which provides a consistent set of capabilities across our entire network security product line. Our hardware products and software licenses include a broad set of built-in networking and security features and functionalities.

The remaining increase in research and development expense was further driven by increased shared costs. - 50 - Table of Contents SALES AND MARKETING Sales and marketing expense consists primarily of personnel costs, including commission expense. Sales and marketing expense also includes costs for market development programs, promotional and other marketing costs, professional services, and shared costs.

The increase in research and development expense was further driven by increased shared costs. - 49 - Table of Contents SALES AND MARKETING Sales and marketing expense consists primarily of personnel costs, including commission expense. Sales and marketing expense also includes costs for market development programs, promotional and other marketing costs, professional services, and shared costs.

For discussion and analysis related to our financial results comparing fiscal 2023 to 2022, refer to Part II, Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations in our Annual Report on Form 10-K for fiscal 2023, which was filed with the Securities and Exchange Commission on September 1, 2023. • Liquidity and Capital Resources.

For discussion and analysis related to our financial results comparing fiscal 2024 to 2023, refer to Part II, Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations in our Annual Report on Form 10-K for fiscal 2024, which was filed with the Securities and Exchange Commission on September 6, 2024. • Liquidity and Capital Resources.

Our future capital requirements will depend on many factors including our growth rate, the timing and extent of spending to support development efforts, the expansion of sales and marketing activities, the introduction of new and enhanced products and subscription and support offerings, the costs to acquire or invest in complementary businesses and technologies, the costs to ensure access to adequate manufacturing capacity, the investments in our infrastructure to support the adoption of our cloud-based subscription offerings, the repayment obligations associated with our 2025 Notes, the continuing market acceptance of our products and subscription and support offerings and macroeconomic events.

Our future capital requirements will depend on many factors including our growth rate, the timing and extent of spending to support development efforts, the expansion of sales and marketing activities, the introduction of new and enhanced products and subscription and support offerings, the costs to acquire or invest in complementary businesses and technologies, the costs to ensure access to adequate manufacturing capacity, the investments in our infrastructure to support the adoption of our cloud-based subscription offerings, the continuing market acceptance of our products and subscription and support offerings and macroeconomic events.

As of July 31, 2024, we expect to recognize approximately $2.0 billion of share-based compensation expense over a weighted-average period of approximately 2.6 years, excluding additional share-based compensation expense related to any future grants of share-based awards. Share-based compensation expense is generally recognized on a straight-line basis over the requisite service periods of the awards.

As of July 31, 2025, we expect to recognize approximately $2.2 billion of share-based compensation expense over a weighted-average period of approximately 2.5 years, excluding additional share-based compensation expense related to any future grants of share-based awards. Share-based compensation expense is generally recognized on a straight-line basis over the requisite service periods of the awards.

Stockholders’ Equity in Part II, Item 8 of this Annual Report on Form 10-K for more information on this repurchase program. LEASES AND OTHER MATERIAL CASH REQUIREMENTS We have entered into various non-cancelable operating leases, primarily for our offices and data centers, with lease terms expiring through fiscal 2036.

Refer to Note 14. Stockholders’ Equity in Part II, Item 8 of this Annual Report on Form 10-K for more information on this repurchase program. CONTRACTUAL OBLIGATIONS AND OTHER MATERIAL CASH REQUIREMENTS We have entered into various non-cancelable operating leases, primarily for our offices and data centers, with lease terms expiring through fiscal 2036.

Refer to Note 10. Debt in Part II, Item 8 of this Annual Report on Form 10-K for information on the Notes. As of July 31, 2024, our total cash, cash equivalents, and investments of $6.8 billion were held for general corporate purposes.

Refer to Note 11. Debt in Part II, Item 8 of this Annual Report on Form 10-K for information on the Notes. As of July 31, 2025, our total cash, cash equivalents, and investments of $8.5 billion were held for general corporate purposes.

For fiscal 2024 and 2023, total revenue was $8.0 billion and $6.9 billion, respectively, representing year-over-year growth of 16.5%. Our growth reflects the increased adoption of our portfolio, which consists of product, subscriptions, and support. We believe our portfolio will enable us to benefit from recurring revenues and new revenues as we continue to grow our end-customer base.

For fiscal 2025 and 2024, total revenue was $9.2 billion and $8.0 billion, respectively, representing year-over-year growth of 14.9%. Our growth reflects the increased adoption of our portfolio, which consists of product, subscriptions, and support. We believe our portfolio will enable us to benefit from recurring revenues and new revenues as we continue to grow our end-customer base.

The amount of consideration we expect to receive in exchange for delivering on the contract is allocated to each performance obligation based on its relative standalone selling price. We establish standalone selling price using the prices charged for a deliverable when sold separately.

The amount of consideration we expect to receive in exchange for delivering on the contract is allocated to each performance obligation based on its relative standalone selling price. When estimating standalone selling price, we first consider the prices charged for a deliverable when sold separately.

COST OF PRODUCT REVENUE Cost of product revenue primarily includes costs paid to our manufacturing partners for procuring components and manufacturing our products.

COST OF REVENUE Our cost of revenue consists of cost of product revenue and cost of subscription and support revenue. COST OF PRODUCT REVENUE Cost of product revenue primarily includes costs paid to our manufacturing partners for procuring components and manufacturing our products.

During fiscal 2024, we repaid in cash $1.0 billion in aggregate principal amount of the 2025 Notes and issued 7.0 million shares of common stock to the holders for the conversion value in excess of the principal amount of the 2025 Notes converted, which were fully offset by shares we received from our exercise of the associated note hedges.

During fiscal 2025, we repaid in cash $965.6 million in aggregate principal amount of the 2025 Notes and issued 14.0 million shares of common stock to the holders for the conversion value in excess of the principal amount of the 2025 Notes converted, which were fully offset by shares we received from our exercise of the associated note hedges.

Year Ended July 31, Year Ended July 31, 2024 2023 Change 2023 2022 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Provision for (benefit from) income taxes $ (1,589.3) $ 126.6 $ (1,715.9) * $ 126.6 $ 59.8 $ 66.8 111.7 % Effective tax rate (160.8) % 22.4 % 22.4 % (28.9) % * Not meaningful Our benefit from income taxes in fiscal 2024 was $1.6 billion, a net change of $1.7 billion compared to a provision for income taxes of $126.6 million in fiscal 2023, primarily due to the release of our valuation allowance in fiscal 2024.

Year Ended July 31, Year Ended July 31, 2025 2024 Change 2024 2023 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Provision for (benefit from) income taxes $ 461.8 $ (1,589.3) $ 2,051.1 * $ (1,589.3) $ 126.6 $ (1,715.9) * Effective tax rate 28.9 % (160.8) % (160.8) % 22.4 % * Not meaningful Our provision for income taxes in fiscal 2025 was $461.8 million, a net change of $2.1 billion compared to a benefit from income taxes of $1.6 billion in fiscal 2024, primarily due to the release of our valuation allowance in fiscal 2024.

From time to time, we are involved in disputes, litigation, and other legal actions. However, there are many uncertainties associated with any litigation, and these actions or other third-party claims against us may cause us to incur substantial settlement charges, which are inherently difficult to estimate and could adversely affect our results of operations.

However, there are many uncertainties associated with any litigation, and these actions or other third-party claims against us may cause us to incur substantial settlement charges, which are inherently difficult to estimate and could adversely affect our results of operations.

The interest rates and commitment fees are also subject to upward and downward adjustments based on our progress towards the achievement of certain sustainability goals related to greenhouse gas emissions. As of July 31, 2024, there were no amounts outstanding, and we were in compliance with all covenants under the Credit Agreement. Refer to Note 10.

The interest rates and commitment fees are also subject to upward and downward adjustments based on our progress towards the achievement of certain sustainability goals. As of July 31, 2025, there were no amounts outstanding, and we were in compliance with all covenants under the Credit Agreement. Refer to Note 11.

PROVISION FOR (BENEFIT FROM) INCOME TAXES Provision for (benefit from) income taxes consists primarily of U.S. taxes, foreign income taxes, and withholding taxes. We had a benefit from income taxes during fiscal 2024 primarily due to the release of our valuation allowance on U.S. federal, U.S. states other than California, and U.K. deferred tax assets.

We had a benefit from income taxes during fiscal 2024 primarily due to the release of our valuation allowance on U.S. federal, U.S. states other than California, and U.K. deferred tax assets. We continue to maintain a valuation allowance for California and certain deferred tax assets.

GAAP, is provided below: Year Ended July 31, 2024 2023 2022 (in millions) Free cash flow (non-GAAP): Net cash provided by operating activities $ 3,257.6 $ 2,777.5 $ 1,984.7 Less: purchases of property, equipment, and other assets 156.8 146.3 192.8 Free cash flow (non-GAAP) $ 3,100.8 $ 2,631.2 $ 1,791.9 Net cash used in investing activities $ (1,509.9) $ (2,033.8) $ (933.4) Net cash used in financing activities $ (1,343.1) $ (1,726.3) $ (806.6) - 46 - Table of Contents Results of Operations The following table summarizes our results of operations for the periods presented and as a percentage of our total revenue for those periods based on our consolidated statements of operations data.

GAAP, is provided below: Year Ended July 31, 2025 2024 2023 (in millions) Free cash flow (non-GAAP): Net cash provided by operating activities $ 3,716.0 $ 3,257.6 $ 2,777.5 Less: purchases of property, equipment, and other assets 246.2 156.8 146.3 Free cash flow (non-GAAP) $ 3,469.8 $ 3,100.8 $ 2,631.2 Net cash used in investing activities $ (2,204.7) $ (1,509.9) $ (2,033.8) Net cash used in financing activities $ (778.9) $ (1,343.1) $ (1,726.3) - 45 - Table of Contents Results of Operations The following table summarizes our results of operations for the periods presented and as a percentage of our total revenue for those periods based on our consolidated statements of operations data.

Debt in Part II, Item 8 of this Annual Report on Form 10-K for more information on the Credit Agreement. CAPITAL RETURN In February 2019, our board of directors authorized a $1.0 billion share repurchase program. Our board of directors subsequently authorized additional increases to this share repurchase program, bringing the total authorization to $4.1 billion.

As of July 31, 2024, we had no unremitted earnings when evaluating our outside basis difference relating to our U.S. investment in foreign subsidiaries. However, there could be local withholding taxes due to various foreign countries if certain lower tier earnings are distributed.

As of July 31, 2025, we had no unremitted earnings when evaluating our outside basis difference relating to our U.S. investment in foreign subsidiaries. However, there could be local withholding taxes due to various foreign countries if certain lower tier earnings are distributed. Withholding taxes that would be payable upon remittance of these lower tier earnings are not material.

In the event that we change our determination as to the amount of deferred tax assets that can be realized, we will adjust our valuation allowance with a corresponding impact to the provision for income taxes in the period in which such determination is made. We recognize liabilities for uncertain tax positions based on a two-step process.

Year Ended July 31, Year Ended July 31, 2024 2023 Change 2023 2022 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Cost of subscription and support revenue $ 1,711.0 $ 1,491.4 $ 219.6 14.7 % $ 1,491.4 $ 1,263.2 $ 228.2 18.1 % Cost of subscription and support revenue increased for fiscal 2024 compared to fiscal 2023 primarily due to increased costs to support the growth of our subscription and support offerings.

Year Ended July 31, Year Ended July 31, 2025 2024 Change 2024 2023 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Cost of subscription and support revenue $ 2,038.4 $ 1,711.0 $ 327.4 19.1 % $ 1,711.0 $ 1,491.4 $ 219.6 14.7 % - 48 - Table of Contents Cost of subscription and support revenue increased for fiscal 2025 compared to fiscal 2024 primarily due to increased costs to support the growth of our subscription and support offerings.

Year Ended July 31, Year Ended July 31, 2024 2023 Change 2023 2022 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Research and development $ 1,809.4 $ 1,604.0 $ 205.4 12.8 % $ 1,604.0 $ 1,417.7 $ 186.3 13.1 % Research and development expense increased for fiscal 2024 compared to fiscal 2023 primarily due to increased personnel costs, which grew $143.4 million, largely due to headcount growth.

Year Ended July 31, Year Ended July 31, 2025 2024 Change 2024 2023 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Research and development $ 1,984.1 $ 1,809.4 $ 174.7 9.7 % $ 1,809.4 $ 1,604.0 $ 205.4 12.8 % Research and development expense increased for fiscal 2025 compared to fiscal 2024 primarily due to increased personnel costs, which grew $123.4 million for fiscal 2025 compared to fiscal 2024, largely due to headcount growth.

Year Ended July 31, Year Ended July 31, 2024 2023 Change 2023 2022 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Other income, net $ 312.7 $ 206.2 $ 106.5 51.6 % $ 206.2 $ 9.0 $ 197.2 * * Not meaningful Other income, net increased for fiscal 2024 compared to fiscal 2023 primarily due to higher interest income as a result of higher interest rates and higher average cash, cash equivalents, and investments balance for fiscal 2024 compared to fiscal 2023.

Year Ended July 31, Year Ended July 31, 2025 2024 Change 2024 2023 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Other income, net $ 355.8 $ 312.7 $ 43.1 13.8 % $ 312.7 $ 206.2 $ 106.5 51.6 % Other income, net increased for fiscal 2025 compared to fiscal 2024 primarily due to higher interest income as a result of higher average cash, cash equivalents, and investments balance for fiscal 2025 compared to fiscal 2024.

GENERAL AND ADMINISTRATIVE General and administrative expense consists primarily of personnel costs and shared costs for our executive, finance, human resources, information technology, and legal organizations, and professional services costs, which consist primarily of legal, auditing, accounting, and other consulting costs.

As of July 31, 2024, we have total operating lease obligations of $446.4 million recorded on our consolidated balance sheet. As of July 31, 2024, our commitments to purchase products, components, cloud and other services totaled $4.8 billion. Refer to Note 12.

As of July 31, 2025, we have total operating lease obligations of $417.4 million recorded on our consolidated balance sheet. As of July 31, 2025, our commitments to purchase products, components, cloud hosting and other services totaled $7.1 billion. Refer to Note 13.

We monitor cash flow provided by operating activities as a measure of our overall business performance. Our cash flow provided by operating activities is driven in large part by sales of our products and from up-front payments for subscription and support offerings.

Our cash flow provided by operating activities is driven in large part by sales of our products and from up-front payments for subscription and support offerings.

We also offer professional services, including incident response, risk management, and digital forensic services. We continue to invest in innovation as we evolve and further extend the capabilities of our portfolio, as we believe that innovation and timely development of new features and products are essential to meeting the needs of our end-customers and improving our competitive position.

We continue to invest in innovation as we evolve and further extend the capabilities of our portfolio, as we believe that innovation and timely development of new features and products are essential to meeting the needs of our end-customers and improving our competitive position.

Commitments and Contingencies in Part II, Item 8 of this Annual Report on Form 10-K for more information on these commitments. - 53 - Table of Contents CASH FLOWS The following table summarizes our cash flows for the years ended July 31, 2024, 2023, and 2022: Year Ended July 31, 2024 2023 2022 (in millions) Net cash provided by operating activities $ 3,257.6 $ 2,777.5 $ 1,984.7 Net cash used in investing activities (1,509.9) (2,033.8) (933.4) Net cash used in financing activities (1,343.1) (1,726.3) (806.6) Net increase (decrease) in cash, cash equivalents, and restricted cash $ 404.6 $ (982.6) $ 244.7 Cash from operations could be affected by various risks and uncertainties detailed in Part I, Item 1A “Risk Factors” in this Form 10-K.

CASH FLOWS The following table summarizes our cash flows for the years ended July 31, 2025, 2024, and 2023: Year Ended July 31, 2025 2024 2023 (in millions) Net cash provided by operating activities $ 3,716.0 $ 3,257.6 $ 2,777.5 Net cash used in investing activities (2,204.7) (1,509.9) (2,033.8) Net cash used in financing activities (778.9) (1,343.1) (1,726.3) Net increase (decrease) in cash, cash equivalents, and restricted cash $ 732.4 $ 404.6 $ (982.6) Cash from operations could be affected by various risks and uncertainties detailed in Part I, Item 1A “Risk Factors” in this Form 10-K.

The mix between subscription revenue and support revenue will fluctuate over time, depending on the introduction of new subscription offerings, renewals of support services, and our ability to increase sales to new and existing end-customers. - 48 - Table of Contents REVENUE BY GEOGRAPHIC THEATER Year Ended July 31, Year Ended July 31, 2024 2023 Change 2023 2022 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Americas $ 5,482.9 $ 4,719.9 $ 763.0 16.2 % $ 4,719.9 $ 3,802.6 $ 917.3 24.1 % Europe, the Middle East, and Africa (“EMEA”) 1,602.0 1,359.6 242.4 17.8 % 1,359.6 1,055.8 303.8 28.8 % Asia Pacific and Japan (“APAC”) 942.6 813.2 129.4 15.9 % 813.2 643.1 170.1 26.5 % Total revenue $ 8,027.5 $ 6,892.7 $ 1,134.8 16.5 % $ 6,892.7 $ 5,501.5 $ 1,391.2 25.3 % Revenue from the Americas, EMEA and APAC increased year-over-year for fiscal 2024 as we continued to increase investment in our global sales force in order to support our growth and innovation.

The mix between subscription revenue and support revenue will fluctuate over time, depending on the introduction of new subscription offerings, renewals of support services, and our ability to increase sales to new and existing end-customers. - 47 - Table of Contents REVENUE BY GEOGRAPHIC THEATER Year Ended July 31, Year Ended July 31, 2025 2024 Change 2024 2023 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Americas $ 6,205.1 $ 5,482.9 $ 722.2 13.2 % $ 5,482.9 $ 4,719.9 $ 763.0 16.2 % Europe, the Middle East, and Africa (“EMEA”) 1,917.4 1,602.0 315.4 19.7 % 1,602.0 1,359.6 242.4 17.8 % Asia Pacific and Japan (“APAC”) 1,099.0 942.6 156.4 16.6 % 942.6 813.2 129.4 15.9 % Total revenue $ 9,221.5 $ 8,027.5 $ 1,194.0 14.9 % $ 8,027.5 $ 6,892.7 $ 1,134.8 16.5 % Revenue from the Americas, EMEA and APAC increased year-over-year for fiscal 2025 as we continued to increase investment in our global sales force in order to support our growth and innovation, with the Americas contributing the highest increase in revenue due to its larger scale.

Year Ended July 31, Year Ended July 31, 2024 2023 Change 2023 2022 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Sales and marketing $ 2,794.5 $ 2,544.0 $ 250.5 9.8 % $ 2,544.0 $ 2,148.9 $ 395.1 18.4 % Sales and marketing expense increased for fiscal 2024 compared to fiscal 2023 primarily due to increased personnel costs, which grew $117.3 million, largely due to headcount growth.

Year Ended July 31, Year Ended July 31, 2025 2024 Change 2024 2023 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Sales and marketing $ 3,100.2 $ 2,794.5 $ 305.7 10.9 % $ 2,794.5 $ 2,544.0 $ 250.5 9.8 % Sales and marketing expense increased for fiscal 2025 compared to fiscal 2024 primarily due to increased personnel costs, which grew $263.6 million for fiscal 2025 compared to fiscal 2024, largely due to headcount growth.

Year Ended July 31, Year Ended July 31, 2024 2023 Change 2023 2022 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Subscription $ 4,188.5 $ 3,335.4 $ 853.1 25.6 % $ 3,335.4 $ 2,539.0 $ 796.4 31.4 % Support 2,235.7 1,978.9 256.8 13.0 % 1,978.9 1,599.4 379.5 23.7 % Total subscription and support $ 6,424.2 $ 5,314.3 $ 1,109.9 20.9 % $ 5,314.3 $ 4,138.4 $ 1,175.9 28.4 % Subscription and support revenue increased for fiscal 2024 compared to fiscal 2023 due to increased demand for our subscription and support offerings from our end-customers.

Year Ended July 31, Year Ended July 31, 2025 2024 Change 2024 2023 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Subscription $ 4,974.4 $ 4,188.5 $ 785.9 18.8 % $ 4,188.5 $ 3,335.4 $ 853.1 25.6 % Support 2,445.2 2,235.7 209.5 9.4 % 2,235.7 1,978.9 256.8 13.0 % Total subscription and support $ 7,419.6 $ 6,424.2 $ 995.4 15.5 % $ 6,424.2 $ 5,314.3 $ 1,109.9 20.9 % Subscription and support revenue increased for fiscal 2025 compared to fiscal 2024 due to increased demand for our subscription and support offerings from our end-customers.

The hostilities in Israel and the surrounding region have increased the levels of economic and political uncertainty. While we have business operations in Israel, and intend to continue growing our presence in Israel, we currently do not expect significant business disruption. We are actively monitoring, evaluating, and responding to the developing situation.

While we have business operations in Israel, and intend to continue growing our presence in Israel, we currently do not expect significant business disruption. We are actively monitoring, evaluating, and responding to the situation.

The same firewall functionality that is delivered in our physical appliances is also available in our VM-Series virtual firewalls, which secure virtualized and cloud-based computing environments, and in our CN-Series container firewalls, which secure container environments and traffic. Our subscription and support revenue grew to $6.4 billion or 80.0% of total revenue for fiscal 2024, representing year-over-year growth of 20.9%.

The same firewall functionality that is delivered in our hardware products is also available in our VM-Series virtual firewalls, which secure virtualized and cloud-based computing environments, and in our CN-Series container firewalls, which secure container environments and traffic. - 43 - Table of Contents Our subscription and support revenue grew to $7.4 billion or 80.5% of total revenue for fiscal 2025, representing year-over-year growth of 15.5%.

On August 31, 2024, we completed the acquisition of IBM’s QRadar SaaS assets and we expect the acquisition will help accelerate the growth of our Cortex XSIAM business. - 44 - Table of Contents We believe that the growth of our business and our short-term and long-term success are dependent upon many factors, including our ability to extend our technology leadership, grow our base of end-customers, expand deployment of our portfolio and support offerings within existing end-customers, focus on end-customer satisfaction, and address any product vulnerabilities.

We believe that the growth of our business and our short-term and long-term success are dependent upon many factors, including our ability to extend our technology leadership, grow our base of end-customers, expand deployment of our portfolio and support offerings within existing end-customers, focus on end-customer satisfaction, and address any product vulnerabilities.

Personnel costs grew $48.2 million for fiscal 2024 compared to fiscal 2023, primarily due to headcount growth. - 49 - Table of Contents GROSS MARGIN Gross margin has been and will continue to be affected by a variety of factors, including the introduction of new products, manufacturing costs, the average sales price of our products, cloud hosting service costs, personnel costs, the mix of products sold, and the mix of revenue between product and subscription and support offerings.

GROSS MARGIN Gross margin has been and will continue to be affected by a variety of factors, including the introduction of new products, manufacturing costs, the average sales price of our products, cloud hosting service costs, personnel costs, the mix of products sold, and the mix of revenue between product and subscription and support offerings.

PRODUCT REVENUE Product revenue is derived from sales of our appliances, primarily our ML-Powered Next-Generation Firewall. Product revenue also includes revenue derived from software licenses of Panorama, SD-WAN, and the VM-Series. Our appliances and software licenses include a broad set of built-in networking and security features and functionalities.

PRODUCT REVENUE Product revenue is derived from sales of hardware products, primarily our ML-Powered Next-Generation Firewall, and software licenses, including SD-WAN, the VM-Series, and Panorama. Our hardware products and software licenses include a broad set of built-in networking and security features and functionalities. We recognize product revenue at the time of hardware shipment or delivery of software license.

Year Ended July 31, Year Ended July 31, 2024 2023 Change 2023 2022 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Interest expense $ 8.3 $ 27.2 $ (18.9) (69.5) % $ 27.2 $ 27.4 $ (0.2) (0.7) % Interest expense decreased for fiscal 2024 compared to fiscal 2023 primarily due to maturity of our 2023 Notes in July 2023 and early conversion of our 2025 Notes in fiscal 2024.

Year Ended July 31, Year Ended July 31, 2025 2024 Change 2024 2023 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Interest expense $ 3.0 $ 8.3 $ (5.3) (63.9) % $ 8.3 $ 27.2 $ (18.9) (69.5) % Interest expense decreased for fiscal 2025 compared to fiscal 2024 primarily due to conversions of the 2025 Notes prior to or upon maturity in June 2025.

Year Ended July 31, Year Ended July 31, 2024 2023 Change 2023 2022 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) General and administrative $ 680.5 $ 447.7 $ 232.8 52.0 % $ 447.7 $ 405.0 $ 42.7 10.5 % General and administrative expenses increased for fiscal 2024 compared to fiscal 2023 primarily due to litigation-related charges of $204.4 million in fiscal 2024.

Year Ended July 31, Year Ended July 31, 2025 2024 Change 2024 2023 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) General and administrative $ 442.7 $ 680.5 $ (237.8) (34.9) % $ 680.5 $ 447.7 $ 232.8 52.0 % General and administrative expenses decreased for fiscal 2025 compared to fiscal 2024 primarily due to litigation-related charges of $204.4 million in fiscal 2024 and a partial release of litigation-related accrual of $38.8 million in fiscal 2025.

Our product revenue grew to $1.6 billion or 20.0% of total revenue for fiscal 2024, representing year-over-year growth of 1.6%. Product revenue is derived from sales of our appliances, primarily our ML-Powered Next-Generation Firewall. Product revenue also includes revenue derived from software licenses of Panorama ® , SD-WAN, and the VM-Series.

Our product revenue grew to $1.8 billion or 19.5% of total revenue for fiscal 2025, representing year-over-year growth of 12.4%. Product revenue is derived from sales of hardware products, primarily our ML-Powered Next-Generation Firewall, and software licenses, including SD-WAN, the VM-Series, and Panorama ® .

Our cost of product revenue also includes personnel costs, which consist of salaries, benefits, bonuses, share-based compensation, and travel associated with our operations organization, amortization of intellectual property licenses, product testing costs, shipping and tariff costs, and shared costs. Shared costs consist of certain facilities, depreciation, benefits, recruiting, and information technology costs that we allocate based on headcount.

Our cost of product revenue also includes personnel costs, which consist of salaries, benefits, bonuses, share-based compensation, and travel associated with our operations organization, inventory excess and obsolete charges, shipping and tariff costs, amortization of intellectual property licenses, product testing costs, and shared costs.

Refer to Note 12. Commitments and Contingencies in Part II, Item 8 of this Annual Report on Form 10-K for more information.

Refer to Part I, Item 1A “Risk Factors” in this Form 10-K and Note 8. Acquisitions in Part II, Item 8 of this Annual Report on Form 10-K for more information on the acquisition.

The decrease was primarily due to a decrease in repayments of our Notes, partially offset by an increase in cash used to repurchases of our common stock during fiscal 2024. - 54 - Table of Contents Critical Accounting Estimates Our consolidated financial statements have been prepared in accordance with U.S. GAAP.

The decrease was primarily due to a decrease in cash used to repurchase our common stock which did not recur during fiscal 2025. - 53 - Table of Contents Critical Accounting Estimates Our consolidated financial statements have been prepared in accordance with U.S. GAAP.

Cash used in financing activities during fiscal 2024 was $1.3 billion, a decrease of $383.2 million compared to fiscal 2023.

Cash used in financing activities during fiscal 2025 was $778.9 million, a decrease of $564.2 million compared to fiscal 2024.

Accordingly, these appliances and software licenses are distinct from our subscriptions and support services as the customer can benefit from the product without these services and such services are separately identifiable within the contract.

REVENUE RECOGNITION The majority of our contracts with our customers include various combinations of our products and subscriptions and support. Our hardware products and software licenses are distinct from our subscriptions and support services as the customer can benefit from the product without these services and such services are separately identifiable within the contract.

Repurchases will be funded from available working capital and may be made at management’s discretion from time to time. As of July 31, 2024, $500.0 million remained available for future share repurchases under this repurchase program.

Repurchases will be funded from available working capital and may be made at management’s discretion from time to time. As of July 31, 2025, $1.0 billion remained available for future share repurchases under this repurchase program. The repurchase authorization will expire on December 31, 2025, and may be suspended or discontinued at any time without prior notice.

Year Ended July 31, Year Ended July 31, 2024 2023 Change 2023 2022 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Cost of product revenue $ 348.2 $ 418.3 $ (70.1) (16.8) % $ 418.3 $ 455.5 $ (37.2) (8.2) % Cost of product revenue decreased for fiscal 2024 compared to fiscal 2023 primarily due to decreased demand for our prior generation of hardware products and lower costs largely driven by an easing of supply chain challenges, partially offset by a change in mix shift within our new generation hardware products.

Year Ended July 31, Year Ended July 31, 2025 2024 Change 2024 2023 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Cost of product revenue $ 413.2 $ 348.2 $ 65.0 18.7 % $ 348.2 $ 418.3 $ (70.1) (16.8) % Cost of product revenue increased for fiscal 2025 compared to fiscal 2024 primarily due to an increase in inventory excess and obsolete charges and an increased demand for our new generation hardware products and accessories, partially offset by a decreased demand for our prior generation of hardware products.

Prisma ® Access, our SSE solution, when combined with Prisma SD-WAN, provides a comprehensive single-vendor SASE offering that is used to secure remote workforces and securely enable the cloud-delivered branch.

Network Security Our network security platform is designed to deliver complete zero trust solutions to our customers. The platform includes: • Secure Access Service Edge (“SASE”). Prisma ® Access, when combined with Prisma SD-WAN, provides a comprehensive single-vendor SASE offering that is used to secure remote workforces and cloud-delivered branch offices.

Year Ended July 31, 2024 2023 2022 Amount Gross Margin Amount Gross Margin Amount Gross Margin (dollars in millions) Product $ 1,255.1 78.3 % $ 1,160.1 73.5 % $ 907.6 66.6 % Subscription and support 4,713.2 73.4 % 3,822.9 71.9 % 2,875.2 69.5 % Total gross profit $ 5,968.3 74.3 % $ 4,983.0 72.3 % $ 3,782.8 68.8 % Product gross margin increased for fiscal 2024 compared to fiscal 2023 primarily due to increased software revenue and lower costs largely driven by an easing of supply chain challenges.

Year Ended July 31, 2025 2024 2023 Amount Gross Margin Amount Gross Margin Amount Gross Margin (dollars in millions) Product $ 1,388.7 77.1 % $ 1,255.1 78.3 % $ 1,160.1 73.5 % Subscription and support 5,381.2 72.5 % 4,713.2 73.4 % 3,822.9 71.9 % Total gross profit $ 6,769.9 73.4 % $ 5,968.3 74.3 % $ 4,983.0 72.3 % Product gross margin decreased for fiscal 2025 compared to fiscal 2024 primarily due to unfavorable hardware product mix and an increase in inventory excess and obsolete charges, partially offset by increased software revenue.

Cloud Security: • We deliver scalable and comprehensive security across the cloud application development lifecycle through our Code to Cloud TM platform, Prisma Cloud. As a comprehensive CNAPP, Prisma Cloud secures multi- and hybrid-cloud environments for applications, data, GenAI ecosystem, and the entire cloud native technology stack across the full development lifecycle, from code to cloud.

LOSS CONTINGENCIES We are subject to the possibility of various loss contingencies arising in the ordinary course of business. We accrue for loss contingencies when it is probable that an asset has been impaired or a liability has been incurred and the amount of loss can be reasonably estimated.

We accrue for loss contingencies when it is probable that an asset has been impaired or a liability has been incurred and the amount of loss can be reasonably estimated. If we determine that a loss is reasonably possible, then we disclose the possible loss or range of the possible loss or state that such an estimate cannot be made.

We discuss revenue, gross margin, and the components of operating income (loss) and margin below under “Results of Operations.” July 31, 2024 2023 (in millions) Total deferred revenue $ 11,480.5 $ 9,296.4 Cash, cash equivalents, and investments $ 6,752.0 $ 5,437.9 Year Ended July 31, 2024 2023 2022 (dollars in millions) Total revenue $ 8,027.5 $ 6,892.7 $ 5,501.5 Total revenue year-over-year percentage increase 16.5 % 25.3 % 29.3 % Gross margin 74.3 % 72.3 % 68.8 % Operating income (loss) $ 683.9 $ 387.3 $ (188.8) Operating margin 8.5 % 5.6 % (3.4) % Billings $ 10,208.1 $ 9,194.4 $ 7,471.5 Billings year-over-year percentage increase 11.0 % 23.1 % 37.0 % Cash flow provided by operating activities $ 3,257.6 $ 2,777.5 $ 1,984.7 Free cash flow (non-GAAP) $ 3,100.8 $ 2,631.2 $ 1,791.9 • Deferred Revenue.

We discuss revenue, gross margin, and the components of operating income and margin below under “Results of Operations.” July 31, 2025 2024 (in billions) Next-Generation Security Annualized Recurring Revenue $ 5.6 $ 4.2 Remaining performance obligations $ 15.8 $ 12.7 - 44 - Table of Contents Year Ended July 31, 2025 2024 2023 (dollars in millions) Total revenue $ 9,221.5 $ 8,027.5 $ 6,892.7 Total revenue year-over-year percentage increase 14.9 % 16.5 % 25.3 % Gross margin 73.4 % 74.3 % 72.3 % Operating income $ 1,242.9 $ 683.9 $ 387.3 Operating margin 13.5 % 8.5 % 5.6 % Cash flow provided by operating activities $ 3,716.0 $ 3,257.6 $ 2,777.5 Free cash flow (non-GAAP) $ 3,469.8 $ 3,100.8 $ 2,631.2 • Next-Generation Security Annualized Recurring Revenue (“NGS ARR”).

Subscription and support gross margin increased for fiscal 2024 compared to fiscal 2023 primarily due to our growth in subscription and support revenue, which outpaced the subscription and support costs. OPERATING EXPENSES Our operating expenses consist of research and development, sales and marketing, and general and administrative expenses.

Subscription and support gross margin decreased for fiscal 2025 compared to fiscal 2024 primarily due to an increase in costs related to our cloud-based offerings, partially offset by increased leverage of our global customer service organization. OPERATING EXPENSES Our operating expenses consist of research and development, sales and marketing, and general and administrative expenses.

Year Ended July 31, Year Ended July 31, 2024 2023 Change 2023 2022 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Product $ 1,603.3 $ 1,578.4 $ 24.9 1.6 % $ 1,578.4 $ 1,363.1 $ 215.3 15.8 % Product revenue increased for fiscal 2024 compared to fiscal 2023 driven by increased software revenue primarily due to our go-to-market strategy for certain Network Security offerings, and a change in mix shift within our new generation of hardware products, partially offset by decreased demand for our prior generation of hardware products.

Year Ended July 31, Year Ended July 31, 2025 2024 Change 2024 2023 Change Amount Amount Amount % Amount Amount Amount % (dollars in millions) Product $ 1,801.9 $ 1,603.3 $ 198.6 12.4 % $ 1,603.3 $ 1,578.4 $ 24.9 1.6 % Product revenue increased for fiscal 2025 compared to fiscal 2024 driven by an increase in price of, and allocation to, on-premise software licenses due to enhanced features and capabilities beginning in the second quarter of fiscal 2025, and an increased demand for our new generation of hardware products and accessories, partially offset by decreased demand for our prior generation of hardware products.

Threat Intelligence and Advisory Services (Unit 42): • Unit 42 brings together world-renowned threat researchers with an elite team of incident responders and security consultants to create an intelligence-driven, response-ready organization to help customers manage cyber risk.

Threat Intelligence and Advisory Services • Unit 42 brings together world-renowned expertise across threat research, incident response, and security consulting to deliver intelligence-driven, response-ready outcomes that help customers reduce cyber risk.

A key element of our strategy is to help our customers simplify their security architectures through consolidating disparate point products. We execute on this strategy by developing our capabilities and packaging our offerings into platforms which are able to cover many of our customers’ needs in the markets in which we operate.

We execute on this strategy by developing our capabilities and packaging our offerings into platforms which are able to cover many of our customers’ needs in the markets in which we operate. Our platformization strategy combines various products and services into a tightly integrated architecture for more secure, faster, and cost-effective outcomes.

Liquidity and Capital Resources July 31, 2024 2023 (in millions) Working capital (1) $ (833.0) $ (1,689.5) Cash, cash equivalents, and investments: Cash and cash equivalents $ 1,535.2 $ 1,135.3 Investments 5,216.8 4,302.6 Total cash, cash equivalents, and investments $ 6,752.0 $ 5,437.9 (1) Current liabilities included net carrying amounts of convertible senior notes of $1.0 billion and $2.0 billion as of July 31, 2024 and 2023, respectively.

Income Taxes in Part II, Item 8 of this Annual Report on Form 10-K for more information on OBBB. - 51 - Table of Contents Liquidity and Capital Resources July 31, 2025 2024 (in millions) Working capital (deficit) (1) $ (465.2) $ (833.0) Cash, cash equivalents, and investments: Cash and cash equivalents $ 2,268.6 $ 1,535.2 Investments 6,190.2 5,216.8 Total cash, cash equivalents, and investments $ 8,458.8 $ 6,752.0 (1) Current liabilities included net carrying amounts of convertible senior notes of $1.0 billion as of July 31, 2024.

The decrease was primarily due to a decrease in purchases of investments, partially offset by a decrease in proceeds from sales and maturities of investments and an increase in net cash payments for business acquisitions during fiscal 2024.

Cash used in investing activities during fiscal 2025 was $2.2 billion, an increase of $694.8 million compared to fiscal 2024. The increase was primarily due to an increase in net cash payments for business acquisitions and higher purchases of investments during fiscal 2025.

INVESTING ACTIVITIES Our investing activities have consisted of capital expenditures, net investment purchases, sales, and maturities, and business acquisitions. We expect to continue such activities as our business grows. Cash used in investing activities during fiscal 2024 was $1.5 billion, a decrease of $523.9 million compared to fiscal 2023.

The increase was primarily due to growth of our business as reflected by increases in collections during fiscal 2025, partially offset by higher cash expenditure to support our business growth. INVESTING ACTIVITIES Our investing activities have consisted of capital expenditures, net investment purchases, sales, and maturities, and business acquisitions. We expect to continue such activities as our business grows.

Impact of Macroeconomic Developments and Other Factors on Our Business Our overall performance depends in part on worldwide economic and geopolitical conditions and their impact on customer behavior. Worsening economic conditions, including inflation, higher interest rates, slower growth, fluctuations in foreign exchange rates, supply chain disruptions, and other conditions, may adversely affect our results of operations and financial performance.

IMPACT OF MACROECONOMIC DEVELOPMENTS AND OTHER FACTORS ON OUR BUSINESS Our overall performance depends in part on worldwide economic and geopolitical conditions and their impact on customer behavior. Changes in legislation or regulations and actions by regulators, including changes in enforcement and administration policies, may have an impact on our results of operations and financial condition.

If we determine that a loss is reasonably possible, then we disclose the possible loss or range of the possible loss or state that such an estimate cannot be made. We regularly evaluate current information available to us to determine whether an accrual is required, an accrual should be adjusted, or a range of possible loss should be disclosed.

We regularly evaluate current information available to us to determine whether an accrual is required, an accrual should be adjusted, or a range of possible loss should be disclosed. - 54 - Table of Contents From time to time, we are involved in disputes, litigation, and other legal actions.

These include Cortex XSIAM, our AI-driven security operations platform, Cortex XDR ® for the prevention, detection, and response to complex cybersecurity attacks, Cortex XSOAR ® for SOAR, and Cortex Xpanse TM for ASM. These products are delivered as SaaS or software subscriptions.

A discussion of expected impacts of impending accounting changes on financial information to be reported in the future. Overview We empower enterprises, organizations, service providers, and government entities to protect themselves against today’s most sophisticated cyber threats. Our cybersecurity platforms and services help secure enterprise users, networks, clouds, and endpoints by delivering comprehensive cybersecurity backed by AI and automation.

A discussion of expected impacts of impending accounting changes on financial information to be reported in the future. Overview Our mission is to be the cybersecurity partner of choice for enterprises, organizations, service providers, and government entities to protect our digital way of life.

When customers purchase our physical, virtual, or container firewall appliances, or certain cloud offerings, they typically purchase support in order to receive ongoing security updates, upgrades, bug fixes, and repairs. In addition to the subscriptions purchased with these appliances, customers may also purchase other subscriptions on a per-user, per-endpoint, or capacity-based basis.

Additionally, we offer MDR for Cortex subscriptions, powered by Unit 42’s elite expertise. When customers purchase our physical, virtual, or container firewalls, or certain cloud offerings, they typically purchase support in order to receive ongoing security updates, upgrades, bug fixes, and repairs.

We expect our cost of product revenue to fluctuate with our revenue from hardware products.

Shared costs consist of certain facilities, depreciation, benefits, recruiting, and information technology costs that we allocate based on headcount. We expect our cost of product revenue to fluctuate with our revenue from hardware products.

We also offer our VM-Series and CN-Series virtual firewalls for inline network security on multi- and hybrid-cloud environments. - 43 - Table of Contents Security Operations: • We deliver the next generation of security operations capabilities that combine security analytics, endpoint security, automation, and ASM solutions through our Cortex platform.

As part of the Cortex Cloud platform, customers can expand from Cortex Cloud to our security operations offerings available on a single user experience and unified agent. We also offer our VM-Series and CN-Series virtual firewalls for inline network security on multi- and hybrid-cloud environments.

The second step requires us to estimate and measure the tax benefit as the largest amount that is more likely than not to be realized upon ultimate settlement. Significant judgment is required in evaluating our uncertain tax positions and determining our provision for income taxes.

We recognize liabilities for uncertain tax positions based on a two-step process which includes evaluating if a tax position is more likely than not to be sustained on audit and then measuring the tax benefit as the largest amount that is more likely than not to be realized upon ultimate settlement.

Our network security platform also includes our cloud-delivered security services, such as Advanced Threat Prevention, Advanced WildFire ® , Advanced URL Filtering, Advanced DNS Security, IoT/OT Security, GlobalProtect ® , Enterprise DLP, AIOps, SaaS Security, and AI Access Security. Through these add-on security services, our customers are able to secure their content, applications, users, and devices across their entire organization.

Through these add-on services, our customers are able to secure their content, applications, users, and devices across their entire organization. • Prisma AIRS.

As of July 31, 2024, $1.0 billion of our 2025 Notes remained outstanding. Refer to Note 10. Debt in Part II, Item 8 of this Annual Report on Form 10-K for more information on the Notes.

Acquisitions in Part II, Item 8 of this Annual Report on Form 10-K for more information on our contingent consideration obligation. - 52 - Table of Contents On July 30, 2025, we entered into a definitive agreement to acquire CyberArk.

Cloud hosting service costs, which support our cloud-based subscription offerings, increased $116.0 million for fiscal 2024 compared to fiscal 2023.

Cloud hosting service costs, which support our cloud-based subscription offerings, increased $189.5 million for fiscal 2025 compared to fiscal 2024. Personnel costs grew $52.9 million for fiscal 2025 compared to fiscal 2024, primarily due to headcount growth. The increase in cost of subscription and support revenue was further driven by increased professional services expense.

… 71 more changes not shown on this page.

Item 7A. Quantitative and Qualitative Disclosures About Market Risk

Market Risk — interest-rate, FX, commodity exposure

5 edited+0 added−1 removed8 unchanged

2024 filing

2025 filing

Biggest changeConversely, a hypothetical 100 basis point decrease in interest rates would lead to a $97.8 million increase in the fair market value of the portfolio. In June 2020, we issued $2.0 billion aggregate principal amount of the 2025 Notes. We carry these instruments at face value less unamortized issuance costs on our consolidated balance sheets.

Biggest changeConversely, a hypothetical 100 basis point decrease in interest rates would lead to a $134.7 million increase in the fair market value of the portfolio. - 56 - Table of Contents

A hypothetical 10% change in foreign exchange rates on monetary assets and liabilities would not be material to our financial condition or results of operations after taking into consideration the effect of foreign currency forward contracts in place as of July 31, 2024.

We enter into foreign currency derivative contracts with maturities of 24 months or less, which we designate as cash flow hedges, to manage the foreign currency exchange risk associated with our foreign currency denominated operating expenditures.

Based on investment positions as of July 31, 2024, a hypothetical 100 basis point increase in interest rates across all maturities would result in a $97.8 million decline in the fair market value of the portfolio. Such losses would only be realized if we sold the investments prior to maturity.

Based on investment positions as of July 31, 2025, a hypothetical 100 basis point increase in interest rates across all maturities would result in a $132.3 million decline in the fair market value of the portfolio. Such losses would only be realized if we sold the investments prior to maturity.

Item 7A. Quantitative and Qualitative Disclosures About Market Risk Foreign Currency Exchange Risk Our sales contracts are denominated in U.S. dollars. A portion of our operating expenditures are incurred outside of the United States and are denominated in foreign currencies and are subject to fluctuations due to changes in foreign currency exchange rates.

Item 7A. Quantitative and Qualitative Disclosures About Market Risk Foreign Currency Exchange Risk Our sales contracts are primarily denominated in U.S. dollars. A portion of our operating expenditures are denominated in foreign currencies, making them subject to fluctuations in foreign currency exchange rates.

Removed

As these instruments have a fixed annual interest rate, we have no financial and economic exposure associated with changes in interest rates. However, the fair value of fixed rate debt instruments fluctuates when interest rates change, and additionally, in the case of the 2025 Notes, when the market price of our common stock fluctuates. - 57 - Table of Contents

Top changes in Palo Alto Networks's 2025 10-K

Item 1. Business

Item 1A. Risk Factors

Item 1C. Cybersecurity

Item 2. Properties

Item 5. Market for Registrant's Common Equity

Item 7. Management's Discussion & Analysis

Item 7A. Quantitative and Qualitative Disclosures About Market Risk

Other PANW 10-K year-over-year comparisons