Good afternoon. Thank you for attending the SentinelOne Q3 FY 2024 Earnings Conference Call. My name is Victoria, and I’ll be your moderator today. All lines will be muted during the presentation portion of the call with an opportunity for questions and answers at the end.

I would now like to pass the conference over to your host, Doug Clark, Vice President, Investor Relations. Thank you. You may proceed, Doug..

Good afternoon, everyone, and welcome to SentinelOne’s earnings call for the third quarter of fiscal year ‘24 ended October 31st. With us today are Tomer Weingarten, CEO; and Dave Bernhardt, CFO. Our press release and the shareholder letter were issued earlier today and are posted on the Investor Relations section of our website.

This call is being broadcast live via webcast, and an audio replay will be available on our website after the call concludes.

Before we begin, I would like to remind you that during today’s call, we’ll be making forward-looking statements about future events and financial and performance, including our guidance for the fourth fiscal quarter and our full fiscal year ‘24 as well as long-term financial targets.

We caution you that such statements reflect our best judgment based on factors currently known to us and that our actual events or results could differ materially. Please refer to the documents we file from time to time with the SEC, in particular, our annual report on Form 10-K and our quarterly reports on Form 10-Q.

These documents contain and identify important risk factors and other information that may cause our actual results to differ materially from those contained in our forward-looking statements. Any forward-looking statements made during this call are being made as of today.

If this call is replayed or reviewed after today, the information presented during the call may not contain current or accurate information.

Except as required by law, we assume no obligation to update these forward-looking statements publicly or to update the reasons actual results could differ materially from those anticipated in the forward-looking statements, even if new information becomes available in the future.

During this call, we will discuss non-GAAP financial measures unless otherwise stated. These non-GAAP financial measures are not prepared in accordance with generally accepted accounting principles. A reconciliation of the GAAP and non-GAAP results is provided in today’s press release and in our shareholder letter.

These non-GAAP measures are not intended to be a substitute for our GAAP results.

Our financial outlook excludes stock-based compensation expense, employer payroll tax on employee stock transactions, amortization expense of acquired intangible assets, acquisition-related compensation costs, restructuring charges and gain on strategic investments, which cannot be determined at this time and are, therefore, not reconciled in today’s press release.

And with that, let me turn the call over to Tomer Weingarten, CEO of SentinelOne..

data and AI, cloud, and as always, endpoint. As I’ve said before, cybersecurity is a data problem. We are the first company to introduce a fully unified data and security platform. Legacy SIEM solutions are falling behind and security vendors are clamoring to keep up.

SentinelOne’s unified data and security platform delivers cost efficiency and high performance at scale. In Q3 we secured large data deals, which reinforces the demand from large enterprises looking to modernize away from legacy SIEM solutions.

Recent news of the leading SIEM vendor being acquired is further boosting enterprise interest in our Singularity Data Lake. We’re taking Singularity to the next level through AI. We’re disrupting the SIEM and security markets by fusing Purple AI with our unified data lake.

Purple AI is fully integrated across the entire Singularity platform and user interface. It enhances investigations, simplifies threat hunting, makes recommendations and automates actions. In essence, it supercharges every SoC and data analyst unlocking efficiency and accelerating response times.

As I mentioned earlier, we’ve already started selling Purple AI to select customers. We expect general availability in Q1 of next year. The combination of Unified Data and Purple AI puts us in a strong position to deliver enterprise-wide security and disrupt the legacy data analytics market. Next, we’re expanding our cloud security offerings.

We are already leading in cloud workload protection and cloud data security. In the coming year, Singularity Cloud will become a full featured CNAPP with agent-based and agentless capabilities. We’ll have more to share in the next couple of quarters. And as always, we will continue to maintain our technology leadership and endpoint.

We achieved the 4th consecutive year of leadership in the MITRE Engenuity ATT&CK Evaluation. Our approach to this year’s MITRE evaluation reflects our philosophy and protection that speed and autonomous security are critical. Unlike most participants in this test, you will see zero delays or configuration modifiers in SentinelOne’s results.

In contrast, our closest next-gen competitor had over 20 delays and configuration changes. Achieving 100% detection and protection without any do-overs is the difference between a simulation and the real world. Attackers don’t offer extra time or a chance to make configuration changes.

Singularity is built to be real time, AI-driven, and autonomous, critical to combat against modern threats. Before concluding my remarks, I’d like to mention some exciting updates. We’ve made some terrific additions to our leadership team that bring unrivaled industry expertise.

Michael Cremen joined SentinelOne in November as our new Chief Revenue Officer. Michael joins us as CRO from Elastic, where he was instrumental in scaling the business to $1 billion and beyond. His experience unites security and data in a way that ideally matches our mission. This transition has been thoughtfully planned over the past several quarters.

I want to thank and congratulate Mark Parrinello, our former CRO, for its contributions and well deserved retirement. Mark will remain at SentinelOne until the end of this fiscal year to ensure smooth transition. As I mentioned earlier, I’m also excited to welcome Chris Krebs and Alex Stamos to the SentinelOne team.

They are renowned for their cybersecurity thought leadership with deep experience across both public and private sector, including Homeland Security, CISA, and global tech giants like Facebook and others. In closing, our technology and talent are stronger than ever, leading to another quarter of outperformance.

Together, we remain focused on the long opportunity and maximizing our business potential. Most importantly, we’re focused on helping enterprises advance their infrastructure and security now and for the future. I want to thank all Sentinels as well as our valued customers, partners, and shareholders.

With that, I will turn the call over to Dave Bernhardt, our Chief Financial Officer..

Thank you, Tomer. This afternoon, I’ll discuss our quarterly financial performance and provide additional context around our guidance for Q4 and fiscal year ‘24. As a reminder, all comparisons are year-over-year and all margins discussed are non-GAAP, unless otherwise noted. Our third quarter results exceeded our expectations across the board.

We delivered high top-line growth and substantial margin expansion. Revenue grew 42% to $164 million and ARR grew 43% to $664 million, reflecting a net new ARR of $52 million in the quarter. Our net new ARR exceeded our typical third quarter seasonality and accelerated to 11% year-over-year growth.

Our growth has accelerated despite persistent macro challenges. We delivered strength across all geographies. Revenue from international markets grew 46% and represented 37% of revenue. Q3 revenue also benefited from a stronger contribution of our professional services, driven by elevated breach activity across legacy and competing platforms.

As Tomer mentioned, deploying software alone doesn’t solve all security challenges. This is why we acquired KSG and launched expert advisory practice, PinnacleOne. We continue to drive a healthy mix of new customers and existing customer expansion across businesses of all sizes.

Our ARR per customer rose 15% year-over-year to approximately $60,000 per customer. In addition, our momentum with MSSP partners, and by extension SMBs, was particularly strong as it continues to fuel a solid base of long-term growth.

We continue to take market share from incumbents and next-gen vendors, and our third quarter performance signifies our strong competitive position in enterprise demand for SentinelOne’s best-in-class cybersecurity. Looking beyond top line growth, our progress towards profitability remains a bright spot, evident by significant margin improvements.

Our gross margin reached a new record of 79%, showing an 8% year-over-year improvement and comfortably within our long-term target range of 75% to 80% or higher. This important achievement reflects the benefit of our increasing scale and platform unit economics.

Our margin improvement is indicative of healthy pricing and the value and innovation we deliver to customers. It also demonstrates the success of our land and expand strategy. Our unified security and data architecture in a single platform is delivering meaningful value for SentinelOne as well as our customers.

Q3 marked our 9th consecutive quarter of more than 25 percentage points of year-over-year operating margin expansion. Our increasing scale and cost discipline are driving substantial operating margin improvement. Q3 operating margin expanded 32 percentage points to negative 11%.

And we’re not just improving our margins, we’ve also significantly reduced our operating losses by more than 60% to negative $18 million in Q3 from negative $50 million in the year ago quarter. Similarly, we improved our free cash outflow by about 60%. This is tremendous progress.

It reflects the continuing success of our proactive efforts to enhance working capital and thoughtfully manage our costs. We are committed to building on this progress and achieving positive free cash flow in the second half of our next fiscal year. Moving to our guidance for Q4 and the full fiscal year ‘24.

The demand environment remains consistent with the trends we discussed last quarter. Indeed, customers are still facing higher costs of capital and additional approval layers. These dynamics can impact visibility into the timing or size of potential deals.

It’s prudent to be mindful of these dynamics as we enter Q4, our seasonally largest quarter of the year. Despite operating in a challenging macro and geopolitical environment, we’re raising our revenue and margin expectations for fiscal year ‘24. Our teams are executing well, our win rates remain strong, and we are delivering operating leverage.

In Q4, we expect revenue of about $169 million, reflecting growth of 34% year-over-year. For the full year, we expect revenue of about $616 million, reflecting growth of 46% in fiscal year ‘24. This is an $11 million increase compared to the prior outlook of $605 million, above and beyond our Q3 beat.

Based on this view, we’re on track to deliver about $200 million in net new ARR for the year, up from our prior expectation of $195 million. Based on our go to market momentum and strong competitive position, we feel confident in our ability to deliver against these higher full year growth targets.

Importantly, we’re seeing durability in our new business generation and the trajectory of growth rates. Beyond endpoint security, we’re encouraged by increasing platform adoption of our adjacent solutions like cloud, data, identity, and AI to drive diverse growth opportunities for years to come. Turning to the outlook for margins.

We expect a Q4 gross margin of about 77.5%, implying a year-over-year increase of about 2.5 percentage points. On a constant currency basis, we expect our Q4 gross margin to be relatively consistent with Q3.

Also for the full year, we are raising our gross margin guidance to 77%, up about 5 percentage points year-over-year and up 100 basis points when compared to our prior guide of 76%. We expect continued benefits from increasing scale and data efficiencies inherent in our business model.

Finally, we expect operating margin to be negative 14% in Q4, implying an improvement of 23 percentage points year-over-year and is stronger than our prior expectation. For the full year, we are raising our guidance for operating margin to about negative 20%, up 5% compared to our prior annual guide of negative 25%.

This implies a significant improvement of more than 29 percentage points compared to fiscal year ‘23. We expect Q4 free cash flow margin to improve sequentially based on the seasonality of cash collections and payments and our improved operating margin outlook.

We have a very strong balance sheet with $1.1 billion in cash, cash equivalents and investments, and zero debt. This provides durability and flexibility to optimize top-line growth and margin improvement. We are delivering industry-leading margin improvement and moving closer to achieving positive free cash flow generation.

As I’ve said before, we’ll continue to grow market share and capitalize on large TAMs with disruptive technologies. Our investment approach remains selective and focused on key areas of competitive strength, notably data, AI, cloud and as always, endpoint. This is evident by our strong top-line growth and industry-leading margin improvement.

Thank you all for joining us today. We will now take questions. Operator, please open up the line..

[Operator Instructions] Our first question comes from the line of Joshua Tilton with Wolfe Research..

Hey, guys. Thanks for taking my questions, and congrats on a pretty solid quarter. Kind of just clarifications here, but customer additions came in a bit lower than we were expecting, anything to highlight there? And just you called out offering a broader CNAPP platform in the next 12 months.

Is that going to be developed in-house or are you guys looking to make some acquisitions in that space?.

The customer count is rounded down, but moreover, I think the amount of additions that we see for our MSSP [ph] channel is very significant, and that spans midsize enterprises all the way to SMBs. To us, I mean, it was a very strong quarter of customer additions.

Moreover, the ARR per customer is obviously something that we optimize and reinvest in, and that obviously has another impact on the total customer count. Having seen our ARR go up per customer 15% year-over-year, obviously, that’s the exact trajectory that we want to see.

So all of that kind of goes into the customer count, but all-in-all, a very healthy kind of net new quarter for us. As for CNAPP, I think we’ve been focused on developing internally for quite a few quarters. We already have, I think a large subset of capability is already available in the market.

With that, we always kind of look out there to see if there’s any interesting technologies. We never preclude an acquisition. But with that, we’re very-disciplined I think in how we approach acquisitions, especially these days.

But all-in-all, I think we’re feeling more and more confident about our ability to provide a full CNAPP portfolio in the near future..

Our next question comes from the line of Brian Essex with JPMorgan..

Thank you for taking the question, and great to see the margin expansion. It’s really nice to see. I guess, Tomer, just one question for you. Really interesting development with PinnacleOne.

Could you maybe unpack a little bit what your intentions are with that part of the business? Is this going to be more of a lead gen innovation type consulting business or is it more incident response? And how might that impact -- how might we expect that to impact revenue margins going forward?.

Absolutely. Definitely not an incident response firm. We actually have already incident response capabilities within Vigilance. We’ve had them for about three years now.

When we look at PinnacleOne, if you kind of look at what’s happening in the threat landscape for the past couple of years, we’ve seen an incredible shift, I think, in attack methodologies. And we’ve also seen, I think, just the failure of the product methodology. People obviously have security products, yet they’re still getting breached.

And what we’re seeing more and more is not only the shift in liability to the boardroom, to the CEO, to the executive level but also the need to actually come up with a security strategy to assess risk and to understand risk, quantify it and convey it in a much better way. PinnacleOne comes to address exactly that.

It’s a highly strategic advisory service, again, with some of the best minds in cybersecurity that comes to help our customers and new prospect, design their security posture, regardless of the product, obviously. This is completely vendor neutral.

Obviously, if you couple that with our technology leadership, if you couple that with the level of threat intelligence that we see and overall geopolitical mapping that we do, you get into a very unique service, I think, in the entire landscape and one that should provide for ample risk reduction for customers out there above and beyond the products that they deploy..

And maybe, I don’t know if Dave could expand on the size of that business and margin impact given it’s more kind of a headcount-focused business?.

Yes. And for Q4, I mean, it’s essentially immaterial. I think it’s under $1 million of total impact to the quarter. So, really no effect on revenue or margins for the current quarter. For next year, we’re obviously working on the plan for next year and we’ll give you guys more visibility on that when we announce Q4 earnings..

Our next question comes from the line of Saket Kalia with Barclays. Please go ahead..

Tomer, maybe for you, I just want to dig into the competitive environment a little bit in endpoint, not the usual suspects, but I think there are some public reports out there that Carbon Black may change hands again, may not stay with VMware as part of that sort of broader deal.

Maybe the question for you is, can you just talk about them a little bit as a competitor, and whether you think that could be a significant share gain opportunity for SentinelOne?.

Sure. Yes. I don’t put a lot of stock in rumors, as you can imagine. But at the same time, it’s definitely been one of the most preeminent share donors out there for the past couple of years. I think the technology has largely stagnated, and we’ve seen a pretty decent amount of Carbon Black displacements throughout the last couple of years.

With that, I think the size of the business is not so material. So, it can really change or impact things in the endpoint market in a significant way.

But with that, again, it’s a relatively easy target for displacement, Carbon Black was mainly on the EDR side, while most prominent vendors right now in endpoint actually cover both endpoint protection and EDR. Most customers are looking for one solution, one platform to cover both aspects. So that doesn’t bode well for Carbon Black, period.

So I don’t know where they’re finally going to find a place or not, but I feel it’s relatively incremental..

Dave, maybe for my follow-up for you, and echo the prior comments, just great to see the continued improvement in operating loss.

Can you just maybe talk about the restructuring program that we implemented earlier this year? And whether we’ve seen most of the benefits of that yet, whether there’s still some more benefit to come? How do you think about that sort of restructuring having played into this improvement and how much more is left?.

The impact of the restructuring, it’s been included in our annual and quarterly guide since we announced it in Q1. So, no real incremental pick up from that. With that being said, we’re continuing to analyze the yield from our expense investments for growth and expanding market share. You see this evident in our continued operating margin expansion.

I think we’re 9 straight quarters of 25% or more year-over-year improvement. And our Q3 results show margin improvement well and above any benefit we would have gotten from restructuring. So, we implemented that. We operated it essentially fully I think on June 1st and we’ve been off and running from that point on..

Our next question comes from the line of Hamza Fodderwala with Morgan Stanley. Please go ahead..

Tomer, you talked a lot about Singularity Data Lake in your prepared remarks. I was wondering if you could maybe just rough sense help us sort of size that business. And what you’re seeing in terms of the opportunity for SIEM replacements in light of recent M&A in the space? Thank you..

Sure. We don’t disclose, obviously, the exact size of the business. It grew more than triple-digit on a standalone basis. It’s definitely one of our fastest growing modules right now. It’s a complete product line. It consists of really pricing by data ingestion. So, it’s a very different motion than the seat based motion that we see in endpoint.

It takes us about $20 billion. If you bundle that with data analytics, it becomes about $40 billion of a target opportunity. The dominant vendors in that market, you mentioned that competitor getting acquired and a bunch of others, these are technologies that have been developed probably about 15 years ago.

So, if you can kind of think today about the data scale that most enterprises need to deal with, obviously, it calls for something new. If we can, with Singularity Data Lake, provide something to customers that is twice the speed and half the cost, obviously, that’s a very palatable offering for them.

And obviously, if you couple that with unique capabilities like generative AI, Purple AI on top of an enterprise-wide data lake, then you start to realize that you get compounded value by switching into an all inclusive platform that is not focused just on endpoint and maybe some generative AI and chatbots for endpoint, but really a broad based capability, where you can ingest any type of data, both structured and unstructured, no need to index, up and running in minutes.

This is a revolution in data analytics. And that’s why we believe that the disruption for the SIEM market, for security analytics is really impending. We foresee in the next 24 months or so major shift in that market.

And it’s not about replacing the SIEM, it’s about coming with a whole new offering, with a modernized platform that can do much beyond the SIEM was ever designed to do. And that’s why we’re incredibly excited by that opportunity..

Our next question comes from the line of Alex Henderson with Needham. Please go ahead..

I actually want to do two follow-up solutions to questions that were already asked. The first one being on the data lake structure. So it’s pretty clear that you guys get a lot of telemetry data off of your endpoints.

But if I think about the merger between Splunk and Cisco, their primary value there is adding not just the traditional SIEM data, but adding it to the data networking content and telemetry information that historically has been in titration and the like, as well as the observability functionality that’s been in AppDynamics.

So I guess the question is to what extent do you need to reach out to third parties to add some of those type of incremental data to your data lake to get beyond just indications of attack and indications of compromise that are captured in the initial data lake architecture?.

Yes. Look, our data lake is built on being totally open, and that is the key to all of it. We don’t, lean on any one specific vendor. And actually, in many cases, and even with deals that we’ve done last quarter, we ingest data even when we’re not the endpoint provider.

So to us, it’s really about being fully open and having the ability to ingest data directly from a network provider, from the email provider, from an authentication provider, much like Splunk. Splunk did not own any one of these assets. They were leaning on integration into their platform. We do it with OCSF. It’s a complete open format.

We’re one of the founding members in that alliance. And that allows us complete flexibility in ingesting data from any ecosystem product that you have in your enterprise. With that said, typically, within a classic SIEM environment, 60% to 70% of the data that you find in the SIEM is actually generated from EDR products.

I’ve been saying that for years, which was really one of the reasons why we thought it makes a whole lot of sense to actually start embedding the other components in enterprise into that same data lake, infusing it with the endpoint data. Moreover, we’re not talking just about threat indicators. We’re talking about fully fledged log analytics.

What we ingest into Data Lake is all pieces of data, not just curated threat indicators, but any log line, any event can be ingested. I think that’s one of the keys in an era where keeping logs becomes this requirement that is becoming more and more important, keeping logs for longer.

If you need to retain your logs for a year worth of time, doing it with any one of these incumbent platforms is going to be a highly cost prohibitive practice. That’s why when we look at the potential for security data lake, it’s not XDR, it’s not a SIEM, it’s built to be a vast petabyte scale log ingestion mechanism to put all logs.

We don’t discriminate logs, we want all of them in and that’s what we believe can also allow for better AI utilization. Once you’re able to feed all that data and expose it to AI algorithms, you’ll be able to get to much more accurate results versus just putting threat events into these different data stores..

If I could just throw one last question, and it’s really a play off of what has already been said.

The PinnacleOne opportunity, it strikes me that this is very much like the managed services environment where once you have a customer in that pipeline and working with PinnacleOne, ultimately that generate significant potential downstream revenues after the fact.

Is it reasonable to think that for every dollar of PinnacleOne revenue that there’s $5 or $6 worth of ARR that will accrue from it in the following periods?.

We definitely hope so. Even though, look, our North Star is just to help customers. And obviously, the KSG Group comes with their own customer base. Obviously, to us, it’s about putting the best security consulting business that we can in that advice in the hands of customers.

Whether that results in further revenue and more product sales, perhaps, obviously, we hope so. But to us, we just feel like there is a dire need and a big gap in actually designing security beyond just deploying sporadic products into environments, and that’s what we’re trying to solve here. So, it’s customers first.

And then yes, if we can help with technology, obviously, that will fuel into that..

Our next question comes from the line of Tal Liani with Bank of America. Please go ahead..

I’ve been asking the same question as all the other security names, and it looks like it’s throughout the industry, we’re seeing it. But if I look at the sequential trends of billings, in ‘22, it was up 54% in 4Q ‘22; 4Q ‘23, up 42%, 43%; and now it’s only up 2%.

Can you discuss why is billing on a sequential basis? We don’t see the same seasonality that we’re seeing. And again, this is industry wide. Does it mean that contract duration is going down? Does it mean that pricing is going down? What are the implications for the business? Thanks..

Thanks, Tal. Billings grew 2% quarter-over-quarter, but they were up 33% year-over-year. The quarterly billings can vary based on customer mix, especially with MSSP. So we focus on ARR and as a better metric. Just from an overall contract standpoint, the average contract duration is up.

But we’re seeing less frequent upfront payments, which is the entire industry thing. We’re not in a $0 -- or 0% interest environment. And that obviously impacts customers’ willingness to put a full year upfront or multi-years upfront for larger enterprise customers. So that dynamic has changed really over the past year.

But -- and with MSSPs, we see a lot of monthly and quarterly payments. So that’s always going to be the dynamic with us..

And is there any difference in linearity of deal flow during the quarter, this quarter versus previous quarters?.

No. Linearity was fairly consistent..

Our next question comes from the line of Trevor Walsh with JMP Securities. Please go ahead..

Great. Thanks team for taking my question. Appreciate it. And also appreciate the updates around Purple AI. Maybe, Tomer, just a quick one for you on that.

Of your customer conversations, what’s been kind of the primary pushback, if any, around just the adoption of that new product? And then how does that maybe translate into what you’re seeing as -- from just kind of an initial catch rate of what you’re expecting around with Purple AI as we move into kind of the beginning of next year, and if that tracks similar to maybe Singularity Cloud or the Security Data Lake, if you expect that type of uptick or if there are maybe other kind of puts and takes there?.

Sure. We’re not seeing, I think, any type of pushback per se. I think that some of the questions that we’ve been asked revolved around potentially training more modules -- more models -- more AI models that are tailored to the customer environment and how we plan to address that.

So I think there is largely a lot of excitement towards the capability In terms of how we’re thinking about it. Obviously, it takes some time to scale a whole new technology. And obviously we’re doing it responsibly. We want to make sure there is the right safeguards. We want to make sure that privacy is kept.

All of these things are incredibly important for a company like ours. I mean, we’re not just an average consumer company. We deal with security and we need to make sure that these things are in place. In terms of the magnitude, I mean, Purple AI is definitely almost another product line for us, right? I mean, it’s not just a module.

So, how we’re treating it, how we’re structuring our go-to-market, what we anticipate Purple will contribute in the, call it, the next 24 months, it’s definitely in the magnitude of something like cloud, something like data. But again, I mean, it’s early days. It looks very, very promising.

I think the fact that it’s an enterprise-wide capability, so once again, it’s not something that you sell per seat, it’s not something that just for one footprint, and the application of it can be virtually endless in the enterprise environment.

I think that puts us in a league of its own in terms of the other offerings that we’re seeing in the security space..

The next question comes from the line of Rudy Kessinger with D.A. Davidson. Please go ahead..

Dave, I guess just on the net new ARR, I guess, the implied net new ARR for Q4, it implies about, I guess, half the growth versus Q3 as you saw last year.

So just what are your assumptions, on close rates, budget flush, et cetera relative to I guess Q3 but also Q4 of last year?.

Yes. So obviously we’ve increased our guidance to about $200 million in net new ARR for the full year, up from $195 million. So, we’re seeing clear signs of stabilization. We’re expecting Q4 net new ARR to be essentially flat to what it was in Q4 of last year. We don’t expect a budget flush.

We’ve never really been a recipient of that, although I wouldn’t mind it if it were to come. But really the way we’re thinking about this is that Q4 is seasonally our largest quarter of the year. We don’t expect Q4 this year to be any different than historically. We delivered upside to Q3.

We outperformed typical seasonality and we’re expecting that to carry into Q4. And I think one of the things to be concerned about is just there’s still macro uncertainty, there’s geopolitical uncertainties. Those are continuing to persist. We want to be mindful of the evolving macro dynamics.

But I think overall we’re pleased with the outlook we’re seeing, we’re pleased with the performance we had in Q3, and we’re pleased with the execution of our teams. So, the stabilization we’re seeing and the visibility we have for Q4 makes us optimistic that things are getting better..

Okay. And then just a quick follow-up, the margin improvement, very, very nice to see.

Just on gross margins, any one time items to call out that drove that 79% in Q3 and why the step back down about 150 basis points in Q4?.

There’s about 150 basis points of FX gain. Obviously we have a fair amount of support people across Europe. The U.S. saw favorable U.S. dollar to -- especially to the shekel over the end of Q3.

Some of that has flipped thus far in Q4, but on a constant currency basis we’re assuming, we’d have been roughly at about 77.5%, which is what we’re guiding for Q4..

Our next question is from the line of Gabriela Borges with Goldman Sachs. Please go ahead..

This is Max on for Gabriela. Thanks for taking our question. As a follow-up to the prior question, we have a question for you.

As you think about your fiscal year 2025 planning assumptions, it would be great to get your observation on what is incrementally changing in your priorities headed into next year, especially with your new CRO in place? Thank you..

We’ll provide an outlook next quarter. It feels prudent to get through the largest quarter of the year before turning to a new calendar year and budget expectations. Look, our market position is strong and we execute well. I think we have multiple growth drivers. Our goal remains the same. It’s to maximize growth and improve margins.

And obviously, at the same time, as Dave mentioned, the economic challenges are still very, very present, and we’re not assuming any bettering conditions significantly next year. We’re very encouraged by our new CRO, very excited to have Michael with us. Obviously, he brings a wealth of experience.

It definitely is something that we planned for quite a few quarters. We also want to wish Mark the best in his retirement, and we look forward to really scaling the business in the next couple of years beyond $1 billion..

Our next question comes from the line of Ray McDonough with Guggenheim. Please go ahead..

Tomer, over the past couple of quarters, we’ve talked about some downsizing on renewals, and I understand the commentary around the macro in general has been that trends are relatively stable, but in that area specifically around renewals, are those trends starting to change at all? Are you still seeing similar customer behavior? And maybe just continuing to zoom out, as you look at kind of what transpired in November and as you talk to customers about heading into the next calendar year, how are those budget conversations around security spend shaping up? Do you feel close rates may improve next year as the threat environment seems to get more intense? Just any commentary on broader level spend and your feeling going into next would be helpful..

Yes. Look, all I can say is that things remain pretty consistent. I don’t think that anybody feels like they can buy forward licenses for something that they don’t use. So rightsizing, truly understanding what you need to use, I think that dynamic is here to stay. I don’t think anything changes with that. Cybersecurity has been top of mind for years now.

I don’t think there’s anything new in that. So all-in-all, I think there’s really no change that I can call out at this point in time..

And Dave, as the data lake solution continues to scale, can you talk about the patterns of overages on consumption that you’re seeing and assuming that’s where the majority of consumption revenue comes from? And maybe to what extent you’ve been successful in capturing incremental commitments, which would otherwise have been overages? And how should we think about that potentially point being a tailwind to ARR growth next year, as the data lake solution scales?.

Yes. We really didn’t have any changes or unexpected impact from consumption during the quarter at all. One of the things that we’re seeing and we’re encouraged by is that customers that did have overages when they do commit to us are committing at the level that they were spending.

So if a customer is moving from consumption to subscription, we’re seeing that at the levels that they were spending. As Tomer said, they’re not putting a lot of elevated spend in that. They’re essentially carrying forward at the rates they’ve been doing. So, we really haven’t seen anything except for stabilization..

Our next question comes from the line of Gray Powell with BTIG. Please go ahead..

I really appreciated the color that you gave on the macro environment in the prepared remarks. I guess, I just want to follow up there. So we’ve been in a weak macro for like 18 months now.

How do you feel about your visibility on customer behavior patterns and just -- like customer behavior patterns today and your ability to predict your business today versus this time a year ago?.

I mean obviously, we know more, but once again, I feel like we’re still in the bad macro, we remain in the bad macro, and we expect the bad macro to continue. I think even within the bad macro, obviously, you still see us grow 40%-plus. So, at the end of the day, I think we’ve adjusted at the beginning of this year to what we believe we can extract.

And I think that we’re seeing practically stabilization across customer behavior. I think customer expectations remain roughly the same as what they were a few quarters ago. So all in all, once again, I wouldn’t assume anything is trending better, but it’s also not trending worse. It’s the same macro.

And to Dave’s point, I think our team’s execution, our ability to adapt and really, I think convey the value in our platform, has helped us kind of navigate through it..

And then, one more, if I may. So when you acquired Attivo back in early, I think it was 2022, that business was growing at about a 50% annual pace. Just with the tax, more recently, you’re increasingly targeting identity systems.

How should we think about the growth potential on that business? Has there been any incremental tailwinds?.

I think it’s -- for us, it’s just another module out of a pretty large list of capabilities that we have. We’re targeting bigger market opportunities, and I think our attention goes towards designing our go-to-market around where we feel the most traction and the biggest opportunity is. Identity is just one of more modules that we have.

I also think that in cybersecurity in general, a lot of these capabilities are very much I would call them, temporary in their ability to actually alleviate the threat vector. So, it’s identity today. Tomorrow, it’s going to something else. A year ago, it was exploitation. I think these are constantly moving targets.

And identity is obviously growing with our business. It’s a great capability to have. But again, we’re focused on cloud, focused on data, focused on AI as really tiebreakers for defenders in the enterprise..

Thank you. Our last question comes from the line of Eric Heath with KeyBanc Capital Markets. Please go ahead..

Dave, just a housekeeping question. I know before you had some targets out there for EBIT profitability for fiscal ‘25 and free cash flow profitability for second half of ‘25, so just curious if that stands. And then just I’ll add the second question, which for Tomer, it sounds like you’re taking a different approach to your pricing around gen AI.

So just curious what the pricing mechanism is for Purple AI and just how customers are -- what the feedback is from customers on that pricing strategy?.

Sure. I can start. Thank you for the question. We’re committed to optimizing growth and margin improvement, and we remain on track to achieving positive free cash flow in the second half of fiscal year ‘25. We’re delivering margin improvement in an incredibly strong pace, more than 25 points of operating margin improvement for nine consecutive quarters.

It’s our entire history as a public company and we’re going to continue with that. Free cash flow margin improved 40% year-over-year. Our net income margin was negative 5%. So, we’ve been very proactive with our cost structure. We’ve shown measurable progress to achieving profitability.

And we’ve also raised our full year operating margin guidance from negative 25% to negative 20% this last quarter. So, we’re well on our way to achieving our profitability targets. We expect Q4 free cash flow margin in the negative single digits, so you’re going to see improvement there too.

So really what we’re doing is we’re aligning our investment plans with the pace of growth. We’ll continue to selectively invest in key growth areas such as cloud and data, unlocking significant TAMs where we have distinct competitive advantages. And that’s the path that we’re progressing to.

Obviously, we’ll be guiding at the end of Q4, so look out for that. But everything we’re doing as a company and a lot of the improvements you’re seeing right now are setting us up on the pace to make sure that what we want to achieve in fiscal 2025 becomes achievable. Right now we’re focused on free cash flow creation.

We expect that in the second half of next year, and we’re working towards that..

As for Purple pricing, as I mentioned, given that it’s an enterprise-wide capability, we’re still obviously experimenting with it. It’s still obviously not fully baked. But to us, I mean, just attaching it to the data ingested, I think is something that we see as just a very straightforward way to go about it.

That said, obviously for platform capabilities set so wide, like the one that we have today, you also see us doing more and more ELA type structured deals. So you can imagine Purple can be part of that. So, all-in-all, a lot of opportunity for more uplift. But I’ll just once again mention, to us, it’s about customer value.

And we want to sure that customers see the value from Purple. I think the pricing structure is secondary to the amount of value that you can tangibly show to the customer, and that’s the focus with Purple AI..

Thank you. I would now like to pass the conference back to Tomer Weingarten, the CEO, for any closing remarks..

Thank you all for joining us today. From a collective standpoint, the ongoing conflicts and geopolitical tensions impacting people around the globe are disheartening. I’m humbled by the perseverance and commitment of Sentinels globally and especially our own people in Israel, who endured some of the worst atrocities in recent history.

Cyber warfare plays an important role in this as well. Cyber attacks, espionage, disinformation and influence operations are attempting to destabilize so many aspects of society. The war in cyberspace is now fully embedded into all of our lives and the concept of truth is eroding.

Generative AI capabilities are a significant contributing factor to the severity of the situation, and this is only generation one. At SentinelOne, our mission is to be a force for good using AI technology to create a safer world and safeguard our customers. We hope for a peaceful tomorrow.

Once again, I want to thank all Sentinels, our customers and our partners for helping us drive this mission. Thank you..

That concludes today’s conference call. I hope you all enjoy the rest of your day. You may now disconnect your lines..