Filed by Palo Alto Networks, Inc.
pursuant to Rule 425 under the Securities Act of 1933
Subject Company: CyberArk Software Ltd.
Commission File No.: 001-36625
Date: August 19, 2025
The following are excerpts from the Palo Alto Networks, Inc. (“PANW” or “we”) Q4 2025 earnings presentation released on August 18, 2025. The excerpts contain only those portions of the presentation that relate to the proposed transaction with CyberArk Software Ltd. (the “Proposed Transaction”).
The Next Chapter of Our Multi-Platform Journey: Identity Security Why Identity? Why Now? Why CyberArk? Similar to Network Security, Convergence between Category leader in Identity Identity is a key control Identity & Security Security & Privileged Access and enforcement point. Platformization is needed Security-first approach to Growth of AI agents will in Identity Security: make Identity Security hundreds of vendors across Identity since Day 1 more critical multiple domains Customers are looking for The rise of Machine Common platform vision a comprehensive platform; Identities and AI Agents will for Identity Security Identity Security advances drive an inflection in the our breadth Identity Security market 1 © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
The Integration of CyberArk Will Deliver a Comprehensive Cybersecurity Platform to Our Joint Customers Announce Interim Period Anticipated Close 7/30/25 Between Announce & Close 2H FY’26 Separate Companies 75K+ 10K+ focused on: Customers Customers (incl. >75% of G2000) (incl. >55% of F500) Driving Innovation Execution against product roadmap 3,000 300+ Go-to-market Core Sellers Core Sellers excellence Palo Alto Networks and CyberArk remain independent companies until the closing of the proposed acquisition, which remains subject to customary closing conditions. 2 © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
We Are Targeting 40%+ Free Cash Flow Margin for the Combined Company in FY’28 Future Free Cash Flow Margin supported by Continued Operating Margin Expansion 40%+ Continued smooth transition FY’28 Adj. Free Cash Flow Margin to deferred payments for combined Palo Alto Networks & CyberArk Capex-light business model 45869-001 18Aug25 20:52 Page 4 3 © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
The following transcript are excerpts from the PANW Q4 2025 earnings call on August 18, 2025 that relate to the Proposed Transaction.
Nikesh Arora
Chairman & Chief Executive Officer, Palo Alto Networks, Inc.
Of course, we’ve heard the market, and it’s clear our customers are asking for comprehensive security platforms. Over the last seven years, I have been asked often, why are we not a player in identity? And for the longest of time, I believe that identity was not at an inflection point. But as we saw the emergence of agentic AI, as we saw AI getting mass adoption, we’re beginning to reach conviction that the identity market will inflect in the next 12 to 24 months.
If you believe you believe that we have been able to identify inflections in a good way at Palo Alto Networks, it is important for you to believe that we have this one right as well. Similar to our roots in network, identity is a key enforcement point for enterprise security. Unlike most of the forms of security, like network firewalls, identity is also a real-time product. And because of this, we believe that the future for identity will actually be owned by somebody who is well prepared to take on the challenges of identity going forward as opposed to a new player.
Hence, we have diverged from our original approach of going and buying first-in-market best-of-breed products to go and own market or categories. Instead, we believe the future in this category is going to belong to somebody who’s already established a strong reputation and is a leader in identity security.
So as the widespread deployment of AI agents makes privileged access more important, we believe security, not SSO focused identity vendors are best positioned to address emerging needs and that growth in PAM data and sensors will further solidify category leaders like CyberArk.
Second, with 90% of our breaches involving stolen or mismanaged credentials, every user machine and AI agent should be considered a privileged user, rather than just a small set of IT administrators. CyberArk’s reach extends to over 8 million privileged end users and over 50% of the Fortune 500. With the right product strategy and go-to-market acceleration from Palo Alto Networks, we believe CyberArk will be able to both deepen their penetration in PAM and target a significantly larger base of global IAM users and machine identities.
Thirdly, the identity industry is lacking a broader platform. Today, over 100 vendors are vying to capture the customers’ attention across multiple functional domains. These domains are converging as the complexity of stitching together disparate solutions and the rise in identity-related breaches push enterprises to favor better integration.
We believe Palo Alto can accelerate CyberArk’s platform vision as they look to expand across multiple identity domains. By combining their leadership in identity security with our industry-leading AI-powered security platforms and our platformization approach coupled with our go-to-market, we will be able to offer the most complete integrated security solution in the market. We’re building an evergreen security company that will define the industry for decades to come.
After many detailed conversations, we have strategic alignment with the CyberArk team and a common culture of innovation. Following the close of transaction, we will optimize our combined go-to-market resources and continue to lead innovation. To provide some context, we have nearly 10 times the number of core sellers, and we see an opportunity to expand CyberArk’s presence into our much larger 75,000 customer base.
Overall, we believe this accelerates our mission to double the value of our joint businesses over the next five years. We are strategically entering this category now to define the next chapter of cybersecurity for the AI era. We look forward to providing more details on our strategy, once we close the transaction.
. . .
Dipak Golechha
Chief Financial Officer, Palo Alto Networks, Inc.
Finally, I’d like to give an update around our financial expectations for the combined Palo Alto Networks and CyberArk. As you can see, we are pursuing this acquisition from a position of strength and are excited about our integration efforts post-close.
Based on our continued operating margin expansion and visibility of free cash flow and our continued smooth transition to deferred payments, we’re targeting adjusted free cash flow of 40% plus for the combined company in fiscal 2028, the first full year post-integration. This target assumes the impact of M&A-related synergies. We intend to provide more details on the full scope of synergies post the closing of the transaction, which we continue to expect will happen in the second half of fiscal year 2026.
We’re excited about the outcomes of the combined Palo Alto Networks and CyberArk businesses will deliver from a security perspective as well as from a TSR perspective for the shareholders of both companies.
. . .
Matthew Hedberg
Analyst, RBC Capital Markets LLC
Sure. Thanks, Hamza. The top line results are super impressive. I have a question for Dipak. The 40% free cash flow margins by 2028 is also equally impressive. Maybe a question for you or even Lee from a product integration perspective. Can you talk about some of the underlying components of how you get there and sort of your confidence level on that? Because that is obviously, I think, well above what a lot of us thought post-integration.
Dipak Golechha
Chief Financial Officer, Palo Alto Networks, Inc.
Well, let me start. I mean, like we wouldn’t be guiding to it if we didn’t have confidence in it, Matt. But I think, look, it’s really underpinned by the operating margins. You’ve seen a lot of operating margin expansion occur over the last three years. We feel very confident that we have a business model that scales at every single line item of the P&L. I’ve talked through that before. We’re a low capital-light business model, which always helps from a free cash flow point of view. So I’d say pretty high degree of confidence.
I think the meta point is when the strategy is to platformize and customers are buying into it and we’re cross-correlating the data, that really helps us scale well as a company, and then that helps scale very well from a cash point of view as well. That’s effectively what we’re seeing, like as we guide into the future.
Nikesh Arora
Chairman & Chief Executive Officer, Palo Alto Networks, Inc.
I will add to what Dipak just said. I think he showed you a beautiful slide about how we feel like some of our free cash flow has been sat upon because of the transition from effectively – yeah, and towards annual billings. So, now, given that a majority of our business has shifted towards annual billings, we know that the rest is still going to be upfront cash. So given that, we get a sense that we’ll get some relief on the free cash flow margin in the next 24 months.
So I think putting all those together in a box and mixing it, we believe we definitely can achieve more than 40% margin. Of course, it will require some degree of work with our CyberArk colleagues and partners when we get this deal done. But we feel confident that they’re equally aligned in terms of what we want to achieve.
Forward-Looking Statements
This communication contains “forward-looking” statements within the meaning of Section 27A of the Securities Act and Section 21E of the Exchange Act. All statements other than statements of historical or current facts, including, without limitation, statements regarding the cybersecurity threat landscape, expectations regarding our platformization strategy and related progress and opportunities, long-term expectations regarding annual recurring revenue, remaining performance obligation, product development strategy and expectations regarding artificial intelligence (AI), financial outlook for the first quarter of fiscal 2026 and fiscal year 2026, mid and long-term financial expectations, the expected future benefits to us, CyberArk Software Ltd. (“CyberArk”) and our and their respective customers from completing the proposed transaction with CyberArk, the anticipated future integration of our and CyberArk’s capabilities and the benefits they will deliver, the expected completion of the proposed transaction with CyberArk, the expected timing of the proposed transaction with CyberArk, the proposed accretion to free cash flow, revenue growth, and gross margin, the timing and amount of the synergies from the proposed transaction with CyberArk, modeling points, business and economic conditions and challenges, and other financial, operational and business expectations, made in this communication are forward-looking. We use words such as “anticipates,” “believes,” “continue,” “estimate,” “expects,” “future,” “intends,” “may,” “plan,” and similar expressions to identify forward-looking statements, although not all forward-looking statements contain these identifying words. Forward-looking statements reflect management’s current expectations and are inherently uncertain. Actual results could differ materially for a variety of reasons that are beyond our control and changing rapidly.
There are a significant number of factors that could cause actual results to differ materially from forward-looking statements made or implied in this communication, including: developments and changes in general or worldwide market, geopolitical, economic, and business conditions; failure of our platformization product offerings; failure to achieve the expected benefits of our strategic partnerships and acquisitions; changes in the fair value of our contingent consideration liability associated with acquisitions; the occurrence of any event, change or other circumstance that could give rise to the termination of the proposed transaction with CyberArk; our ability to successfully integrate CyberArk’s businesses and technologies; the risk that the expected benefits and synergies of the proposed transaction may not be fully achieved in a timely manner, or at all; the risk that we or CyberArk will be unable to retain and hire key personnel; the risk associated with CyberArk’s ability to obtain the approval of its shareholders required to consummate the proposed transaction; the risk that the conditions to the proposed transaction with CyberArk are not satisfied on a timely basis, or at all, or the failure of the proposed transaction with CyberArk to close for any other reason or to close on the anticipated terms; the risk that any regulatory approval, consent or authorization that may be required for the proposed transaction with CyberArk is not obtained or is obtained subject to conditions that are not anticipated or that could adversely affect the expected benefits of the transaction with CyberArk; significant and/or unanticipated difficulties, liabilities or expenditures relating to the transaction with CyberArk; the effect of the announcement, pendency or completion of the proposed transaction with CyberArk on our and CyberArk’s business relationships and business operations generally; the effect of the announcement or pendency of the proposed transaction with
CyberArk on our common share price or CyberArk’s ordinary share price and uncertainty as to the long-term value of our or CyberArk’s common or ordinary share; risks related to disruption of management time from ongoing business operations due to the proposed transaction with CyberArk; the outcome of any legal proceedings that may be instituted against us, CyberArk or our respective directors; risks associated with managing our growth; risks associated with new product, subscription and support offerings, including our product offerings that leverage AI; shifts in priorities or delays in the development or release of new product or subscription or other offerings, or the failure to timely develop and achieve market acceptance of new products and subscriptions as well as existing products, subscriptions and support offerings; failure of our business strategies; rapidly evolving technological developments in the market for security products, subscriptions or support offerings; defects, errors, or vulnerabilities in our products, subscriptions, or support offerings; our customers’ purchasing decisions and the length of sales cycles; our competition; our ability to attract and retain new customers; our ability to acquire and integrate other companies, products, or technologies in a successful manner; our debt repayment obligations; and our share repurchase program, which may not be fully consummated or enhance shareholder value, and any share repurchases which could affect the price of our common stock.
For additional risks and uncertainties on these and other factors that could affect our financial results and cause actual results to differ materially from those described in the forward-looking statements we make in this communication are included under the captions “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and elsewhere in our Quarterly Report on Form 10-Q filed with the U.S. Securities and Exchange Commission (the “SEC”) on May 21, 2025, which is available on our website at investors.paloaltonetworks.com and on the SEC’s website at www.sec.gov. Please also refer to CyberArk’s periodic reports and other filings with the SEC, including the risk factors contained in CyberArk’s annual report on Form 20-F and reports of foreign private issuer on Form 6-K. Additional information will also be set forth in other documents that we file with or furnish to the SEC from time to time. All forward-looking statements in this communication are based on our current beliefs and information available to management as of the date hereof, and we do not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.
Non-GAAP Financial Measures
All information in this communication is as of August 18, 2025. This communication contains non-GAAP financial measures and key metrics relating to the company’s past and expected future performance. We have not reconciled diluted non-GAAP earnings per share guidance to GAAP earnings per diluted share, non-GAAP operating margin to GAAP operating margin or adjusted free cash flow margin guidance to GAAP net cash from operating activities because we do not provide guidance on GAAP net income (loss) or net cash from operating activities and would not be able to present the various reconciling cash and non-cash items between GAAP and non-GAAP financial measures, including share-based compensation expense, without unreasonable effort.
No Offer or Solicitation
This communication is not intended to and shall not constitute an offer to buy or sell or the solicitation of an offer to buy or sell any securities or a solicitation of any vote or approval, nor shall there be any sale of securities in any jurisdiction in which such offer, solicitation or sale would be unlawful prior to registration or qualification under the securities laws of any such jurisdiction. No offering of securities shall be made, except by means of a prospectus meeting the requirements of Section 10 of the U.S. Securities Act of 1933, as amended.
Additional Information about the Merger and Where to Find It
In connection with the proposed transaction with CyberArk, we intend to file with the SEC a registration statement on Form S-4, which will include a proxy statement of CyberArk that also constitutes a prospectus of our common shares to be offered in the proposed transaction. We and CyberArk may also file or furnish other relevant documents with the SEC regarding the proposed transaction. This communication is not a substitute for the proxy statement/prospectus or registration statement or any other document that we or CyberArk may file or furnish with the SEC or send to security holders in connection with the proposed transaction. The registration statement will include a definitive proxy statement/prospectus, which will be sent to shareholders of CyberArk seeking their approval of the proposed transaction. INVESTORS AND SECURITY HOLDERS ARE URGED TO READ THE REGISTRATION STATEMENT ON FORM S-4, THE PROXY STATEMENT/PROSPECTUS INCLUDED WITHIN THE REGISTRATION STATEMENT ON FORM S-4 AND ANY OTHER RELEVANT DOCUMENTS THAT MAY BE FILED OR FURNISHED WITH THE SEC, AS WELL AS ANY AMENDMENTS OR SUPPLEMENTS TO THESE DOCUMENTS, CAREFULLY AND IN THEIR ENTIRETY WHEN THEY BECOME AVAILABLE BECAUSE THEY CONTAIN OR WILL CONTAIN IMPORTANT INFORMATION ABOUT THE PROPOSED TRANSACTION. Investors and security holders will be able to obtain free copies of the registration statement and proxy statement/prospectus, when available, and other documents containing important information about us, CyberArk and the proposed transaction, once such documents are filed or furnished with the SEC through the website maintained by the SEC at www.sec.gov. Copies of the documents filed with the SEC by us will be available free of charge on our website at www.paloaltonetworks.com or by contacting our Investor Relations Department by email at [email protected]. Copies of the documents filed or furnished with the SEC by CyberArk will be available free of charge on CyberArk’s website at www.cyberark.com or by contacting CyberArk’s Investor Relations department by email at [email protected] or by phone at 617-558-2132.