Palo Alto Networks Jumped the SASE Gun

There’s a new buzzword in the world of computer security. Secure access service edge (SASE) is a term coined by Gartner (NYSE:IT) to describe a world where users routinely work outside their company’s firewall but must be protected from threats nonetheless.

Source: Sundry Photography /

The whole industry is jumping on SASE. Few more so than Palo Alto Networks (NYSE:PANW), which plummeted 10% recently on what many termed negative guidance.

Palo Alto’s SASE offering is called Prisma Access, and the company is advertising that it has solved the SASE problem.

But has it? Can it? That’s the debate that is beginning right now, and on it hinges the future of PANW stock.

Does Palo Alto Comply With SASE?

Palo Alto is telling anyone who will listen that Prisma Access makes it perfectly compliant with the standards of SASE, warning that enterprises aren’t ready for the new threats, but PANW is.

Shlomo Kramer of privately held Cato Networks — also a co-founder of Check Point Software Technologies (NASDAQ:CHKP) — insists that not only has Palo Alto not built a SASE platform, but it can’t.

It can’t, he says, because PANW is wedded to the idea of network appliances, at some arbitrary network edge, and the idea that there is a boundary between internal and external networks. He dismisses Palo Alto’s effort this way. “This isn’t SASE, this is someone else’s appliance stuck in the cloud.”

Industry analyst Richard Stiennon agrees. He calls Palo Alto’s effort “marketecture,” virtual instances of the company’s existing firewall spun into data centers with traffic routed to them by hardware in branch offices and data centers.

When It Rains, It Pours

The criticism of industry experts — combined with embarrassment — is hitting Palo Alto shares. A breach in Palo Alto’s own network leaked personal data on seven current and former employees.  The data was apparently leaked in February, by an external contractor.

Palo Alto’s financial results, covering the first quarter of its 2020 fiscal year, show a loss of $59.6 million, or 62 cents per diluted share, on revenue of almost $772 million. Revenue was up nearly 18% from a year ago. The company projects revenue for the next quarter, between $838 million and $848 million, that will show similar growth.

But here’s the problem for Palo Alto, and indeed for all cybersecurity stocks. The challenges of the field are constantly changing. This requires constant investment in the business, often ahead of revenue, as in this case. PANW continues to lose money and, while the losses had been declining, it’s now on pace to lose close to 2017’s $2.39 per share if it can’t turn things around. Thus, there is much at stake in the SASE debate.

Even assuming Palo Alto hasn’t completely cracked the SASE code, neither have its competitors. Cato Networks, which says it has cracked it by starting from a clean sheet of paper, is still privately held. All of Palo Alto’s main competitors, like Fortinet (NASDAQ:FTNT) and FireEye (NASDAQ:FEYE), are using some version of the same next-generation firewall technology Palo Alto has.

The Bottom Line on PANW Stock

Computer security demands constant investment by customers, companies and investors. The problem for investors is that it’s hard to turn that investment into profit at the bleeding edge, where Palo Alto works. Companies behind that edge, including profitable companies like Intel (NASDAQ:INTC) and Cisco (NASDAQ:CSCO), are still spinning on the SASE challenge.

The approach to network security may have to change in response to SASE as Gartner has described it. No company can do business entirely within its own firewalls. Palo Alto’s current approach may be inadequate. But the company is big enough to improve on it, and it may be the best choice many customers have.

This SASE misstep, while a blow, is unlikely to be fatal to Palo Alto Networks.

Dana Blankenhorn  is a financial and technology journalist. He is the author of the historical mystery romance The Reluctant Detective Travels in Time, available now at the Amazon Kindle store. Write him at or follow him on Twitter at @danablankenhorn. As of this writing he owned no shares in companies mentioned in this story.

Article printed from InvestorPlace Media,

©2021 InvestorPlace Media, LLC