Okta Inc (OKTA) 2024 Q3 法說會逐字稿

Hi, everybody. Welcome to Okta's Third Quarter Fiscal Year 2024 Earnings Webcast. I'm Dave Gennarelli, Senior Vice President of Investor Relations at Okta. With me in today's meeting, we have Todd McKinnon, our Chief Executive Officer and Co-Founder; and Brett Tighe, our Chief Financial Officer.

大家好。歡迎收看 Okta 2024 財年第三季財報網路廣播。我是戴夫·根納雷利 (Dave Gennarelli)，Okta 投資者關係高級副總裁。和我一起參加今天的會議的還有我們的執行長兼聯合創始人 Todd McKinnon；以及我們的財務長 Brett Tighe。

Today's meeting will include forward-looking statements pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, including, but not limited to, statements regarding our financial outlook and market positioning. Forward-looking statements involve known and unknown risks and uncertainties that may cause our actual results, performance or achievements to be materially different from those expressed or implied by the forward-looking statements. Forward-looking statements represent our management's beliefs and assumptions only as of the date made. Information on factors that could affect our financial results is included in our filings with the SEC from time to time, including the section titled Risk Factors in our previously filed Form 10-Q.

今天的會議將包括根據 1995 年《私人證券訴訟改革法案》安全港條款做出的前瞻性聲明，包括但不限於有關我們的財務前景和市場定位的聲明。前瞻性陳述涉及已知和未知的風險和不確定性，可能導致我們的實際結果、績效或成就與前瞻性陳述明示或暗示的結果、績效或成就有重大差異。前瞻性陳述僅代表我們管理階層截至做出之日的信念和假設。有關可能影響我們財務表現的因素的資訊包含在我們不時向 SEC 提交的文件中，包括我們先前提交的 10-Q 表格中標題為「風險因素」的部分。

In addition, during today's meeting, we will discuss non-GAAP financial measures. Though we may not state it explicitly during the meeting, all references to profitability are non-GAAP. These non-GAAP financial measures are in addition to and not a substitute for or superior to measures of financial performance prepared in accordance with GAAP. A reconciliation between GAAP and non-GAAP financial measures and a discussion of the limitations of using non-GAAP measures versus their closest GAAP equivalents is available in our earnings release. You can also find more detailed information in our supplemental financial materials, which include trended financial statements and key metrics posted on our Investor Relations website.

此外，在今天的會議上，我們將討論非公認會計準則財務指標。儘管我們可能不會在會議期間明確說明，但所有提及獲利能力的內容都是非公認會計準則。這些非公認會計原則財務指標是根據公認會計原則編制的財務績效指標的補充，而不是替代或優於這些指標。我們的收益報告中提供了 GAAP 和非 GAAP 財務指標之間的對賬，以及使用非 GAAP 指標與最接近的 GAAP 指標相比使用非 GAAP 指標的局限性的討論。您還可以在我們的補充財務資料中找到更多詳細信息，其中包括趨勢財務報表和我們投資者關係網站上發布的關鍵指標。

In today's meeting, we will quote a number of numeric or growth changes as well as discuss our financial performance. And unless otherwise noted, each such reference represents a year-over-year comparison.

在今天的會議上，我們將引用一些數字或成長變化，並討論我們的財務表現。除非另有說明，否則每個此類參考都代表逐年比較。

Now I'll turn the meeting over to Todd McKinnon. Todd?

現在我將把會議交給托德·麥金農。托德？

Thanks, Dave, and thank you, everyone, for joining us this afternoon. We want to kick off this call by addressing what's top of mind for everyone, so we're trying a new format this quarter. In light of the new security blog we posted this morning, we felt it was important to get the earnings release and guidance out before the market opened as well. And around the same time that the earnings press release hit the wire, we posted prepared remarks to the IR website, which contains some of my typical commentary around customer wins and other notable news from the quarter. This new format allows me to spend more time discussing the new information while also leaving more time for Q&A.

謝謝戴夫，也謝謝大家今天下午加入我們。我們希望透過解決每個人最關心的問題來開始這次電話會議，因此我們本季將嘗試一種新的格式。鑑於我們今天早上發布的新安全博客，我們認為在開盤前發布收益報告和指引也很重要。大約在財報新聞稿發布的同時，我們在 IR 網站上發布了準備好的評論，其中包含我對客戶獲勝的一些典型評論以及本季度的其他值得注意的新聞。這種新的形式讓我可以花更多的時間討論新訊息，同時也留出更多的時間進行問答。

I want to start by summarizing the update we shared in a blog post this morning related to the October security incident involving our support case management system. Upon deeper analysis of the event, we determined that the threat actor obtained the contact information of our support portal users across a significant portion of our customers, including the names and e-mail addresses of all Okta admins, except customers in our FedRAMP High and DoD IL4 environments. While this information cannot be used to directly access an Okta environment and does not include user credentials or sensitive personal data, a threat actor may use the information for targeted phishing attempts. With this more detailed information, we felt strongly that sharing this information will help our customers better protect themselves against an increased risk of phishing and social engineering attacks. We have engaged a digital forensics firm to validate our findings and currently expect that they will complete their analysis in mid-December. Once finalized, we will share the report with customers and publicly.

首先，我想總結一下我們今天早上在部落格文章中分享的與 10 月份涉及我們的支援案例管理系統的安全事件相關的更新。經過對該事件的深入分析，我們確定威脅行為者獲取了我們很大一部分客戶的支援門戶用戶的聯絡資訊，包括所有Okta 管理員的姓名和電子郵件地址（FedRAMP High 和FedRAMP High 中的客戶除外） . DoD IL4 環境。雖然此資訊不能用於直接存取 Okta 環境，也不包括使用者憑證或敏感個人數據，但威脅行為者可能會使用該資訊進行有針對性的網路釣魚嘗試。有了這些更詳細的信息，我們強烈認為共享這些資訊將幫助我們的客戶更好地保護自己免受網路釣魚和社會工程攻擊風險的增加。我們已經聘請了一家數位鑑識公司來驗證我們的發現，目前預計他們將在 12 月中旬完成分析。一旦最終確定，我們將與客戶分享並公開報告。

Now let me address what Okta is doing to better protect ourselves from security threats. Over the years, we have dedicated significant resources towards securing our product environment. Given recent events, we recognize that we need to do more to improve the security architecture of our broader operations. That includes the applications we use, the hardware we deploy and the vendors we work with.

現在讓我談談 Okta 正在採取哪些措施來更好地保護我們自己免受安全威脅。多年來，我們投入了大量資源來保護我們的產品環境。鑑於最近發生的事件，我們認識到我們需要採取更多措施來改善更廣泛業務的安全架構。這包括我們使用的應用程式、我們部署的硬體以及我們合作的供應商。

Over the past few weeks, we have taken several steps to further strengthen our security posture. We have initiated a hyper-focused security action plan by rallying the entire organization as well as engaging with third-party security firms to fortify our team's efforts. The stakes are high, and we will do whatever it takes to protect our current and future customers. Bolstering our security environment is by far the highest priority for Okta.

在過去幾週，我們採取了多項措施來進一步加強我們的安全態勢。我們啟動了一項高度集中的安全行動計劃，召集整個組織並與第三方安全公司合作，以加強我們團隊的努力。風險很高，我們將盡一切努力保護我們目前和未來的客戶。迄今為止，加強我們的安全環境是 Okta 的首要任務。

The job of securing the Okta ecosystem will never be done, but during this hyper-focused phase, no other project or even product development area is more important. In fact, the launch dates for the new products and features that we highlighted at Oktane last month will be pushed out approximately 90 days. The exception being Okta Privileged Access, which becomes generally available this week.

確保 Okta 生態系統安全的工作永遠不會完成，但在這個高度集中的階段，沒有其他專案甚至產品開發領域比這更重要。事實上，我們上個月在 Oktane 上強調的新產品和功能的發布日期將推遲約 90 天。 Okta Privileged Access 是個例外，本週將全面推出。

Now turning to our Q3 results. Top line metrics were strong. We continue to experience particular strength with large customers. Similar to the past few quarters, our fastest-growing cohort was customers with $1 million-plus ACV with growth of over 40%. It was also a strong quarter for new and upsells across our public sector vertical. We also produced record non-GAAP operating profit and record free cash flow in the quarter as we continue to demonstrate the leverage in our model.

現在轉向我們的第三季業績。營收指標強勁。我們繼續在大客戶中體驗到特殊的優勢。與過去幾季類似，我們成長最快的群體是 ACV 超過 100 萬美元的客戶，成長超過 40%。這也是我們公共部門垂直領域新產品和追加銷售的強勁季度。隨著我們繼續證明模型中的槓桿作用，我們在本季度也創造了創紀錄的非公認會計原則營業利潤和創紀錄的自由現金流。

In other news, we're thrilled that Jon Addison, who has been our interim CRO since the start of this fiscal year, has been appointed to the permanent position. With Jon's appointment as CRO and our continued confidence in the go-to-market leadership team, we have closed the search for a President of Worldwide Field Operations.

在其他消息中，我們很高興 Jon Addison 被任命為永久職位，他自本財年開始以來一直擔任我們的臨時 CRO。隨著 Jon 被任命為 CRO，以及我們對市場推廣領導團隊的持續信心，我們已經結束了對全球現場營運總裁的搜尋工作。

Okta is driven by our vision to free everyone to safely use any technology. The measures we're taking to increase the security of Okta and our ecosystem gives us confidence in our ability to move forward. We will come out of this even stronger because Okta is the only modern platform for neutral and independent identity access management, governance and now privileged access.

Okta 的願景是讓每個人都能安全地使用任何技術。我們為提高 Okta 和生態系統的安全性而採取的措施讓我們對前進的能力充滿信心。我們將變得更加強大，因為 Okta 是唯一一個用於中立和獨立身分存取管理、治理以及現在特權存取的現代平台。

Before turning it over to Brett, I want to thank our employees for their tireless efforts. I want to thank our customers and partners who put their trust in Okta every day. I also thank everyone who supported us at Oktane last month, where we had over 4,000 people at the live event in San Francisco and over 19,000 viewing online.

在將其交給布雷特之前，我要感謝我們的員工的不懈努力。我要感謝每天信任 Okta 的客戶和合作夥伴。我還要感謝上個月在 Oktane 支持我們的所有人，我們有超過 4,000 人參加了舊金山的現場活動，並有超過 19,000 人在線觀看。

Now I'll turn it to Brett to walk you through more details of our financial results and forward outlook.

現在我將請布雷特向您介紹我們財務業績和未來展望的更多細節。

Thanks, Todd, and thank you, everyone, for joining us today. The actions we've taken over the past few quarters to drive efficiencies in our cost structure continue to yield impressive results. I'll review our third quarter results and our outlook, but first, I'll start with some commentary on the macro environment. Macro headwinds, while stabilized, continue to impact our business. Metrics that we use to gauge the macro environment such as contract duration, average deal size and pipeline mix were largely consistent with what we experienced in the first half of the year.

謝謝托德，也謝謝大家今天加入我們。過去幾季我們為提高成本結構效率所採取的行動持續產生令人印象深刻的成果。我將回顧我們第三季的業績和前景，但首先，我將從對宏觀環境的一些評論開始。宏觀不利因素雖然穩定，但仍持續影響我們的業務。我們用來衡量宏觀環境的指標，例如合約期限、平均交易規模和管道組合，與我們今年上半年的經驗基本一致。

Separately, we published the advisory regarding the recent security incident on October 20, which was 11 days ago in the quarter. While business at the close of the quarter slowed somewhat, our overall financial performance in Q3 was strong.

另外，我們在 10 月 20 日（即本季 11 天前）發布了有關最近發生的安全事件的公告。雖然本季末的業務有所放緩，但我們第三季的整體財務表現強勁。

Turning to Q3 results. Total revenue growth for the third quarter was 21%, driven by a 22% increase in subscription revenue. Subscription revenue represented 97% of our total revenue. International revenue grew 20% and represented 21% of our total revenue. FX had a minor impact on total revenue growth but was a 2 point headwind to international revenue growth.

轉向第三季的結果。第三季總營收成長 21%，訂閱收入成長 22%。訂閱收入占我們總收入的 97%。國際收入成長了 20%，占我們總收入的 21%。外匯對總收入成長影響較小，但對國際收入成長產生 2 個百分點的阻力。

RPO or subscription backlog grew 8%. The general shortening of contract term lengths signed over the past several quarters has impacted total RPO growth. Our overall average term length remains just over 2.5 years. Current RPO, which represents subscription backlog we expect to recognize as revenue over the next 12 months, grew 16% to $1.83 billion.

RPO 或訂閱積壓成長了 8%。過去幾季簽署的合約期限普遍縮短，影響了 RPO 總成長。我們的整體平均任期仍略高於 2.5 年。目前的 RPO（我們預計在未來 12 個月內確認為營收）成長了 16%，達到 18.3 億美元。

Turning to retention. Consistent with prior quarters, gross retention rates remained strong in the mid-90% range. Our dollar-based net retention rate for the trailing 12-month period remained strong at 115% and was driven by both upsell and cross-sell activities. Similar to the past few quarters, macro-related pressure resulted in smaller seat expansions than in previous years. We believe this trend will persist in the current environment. The net retention rate may fluctuate from quarter-to-quarter as the mix of new business, renewals and upsells fluctuates. As I've noted previously, we've experienced a macro-related shift in our business mix to more upsell and cross-sell versus new business.

轉向保留。與前幾季一致，總保留率仍保持在 90% 左右的強勁水平。在過去 12 個月期間，我們以美元計算的淨留存率保持在 115% 的強勁水平，這主要受到追加銷售和交叉銷售活動的推動。與過去幾季類似，宏觀相關壓力導致席次擴張幅度小於前幾年。我們相信這種趨勢在當前環境下將持續下去。隨著新業務、續訂和追加銷售的組合的波動，淨保留率可能會逐季度波動。正如我之前指出的，我們的業務組合經歷了與宏觀相關的轉變，與新業務相比，更多的追加銷售和交叉銷售。

Before turning to expense items and profitability, I'll point out that I'll be discussing non-GAAP results unless otherwise noted. Looking at operating expenses. Total operating expenses for the quarter were lower than expected. The better-than-expected profitability is due to the combination of revenue over-performance and our continued focus on spend efficiency measures.

在討論費用項目和獲利能力之前，我要指出的是，除非另有說明，否則我將討論非公認會計原則的結果。看看營運費用。該季度的總營運費用低於預期。獲利能力優於預期是由於收入超額表現和我們持續關注支出效率措施的結合。

Total headcount at the end of Q3 slightly increased sequentially to approximately 5,900. Q3 free cash flow was a record $150 million, yielding a free cash flow margin of 26%. Free cash flow was significantly better than expected, driven by billings and strong collections. During the third quarter, we opportunistically repurchased $150 million of our 2026 convertible debt notes. This resulted in an $18 million GAAP-only gain. Over the past 3 quarters, we've repurchased $900 million of debt resulting in a $91 million GAAP-only gain. We will continue to regularly evaluate our capital structure and capital allocation priorities.

第三季末總員工人數較上季略有增加，約 5,900 人。第三季自由現金流達到創紀錄的 1.5 億美元，自由現金流利潤率為 26%。在帳單和強勁收款的推動下，自由現金流明顯優於預期。第三季度，我們趁機回購了 1.5 億美元的 2026 年可轉換債券。僅按照 GAAP 計算，這帶來了 1800 萬美元的收益。在過去 3 個季度中，我們回購了 9 億美元的債務，僅以 GAAP 計算實現了 9,100 萬美元的收益。我們將繼續定期評估我們的資本結構和資本配置優先事項。

Our balance sheet remains strong, anchored by $2.13 billion in cash, cash equivalents and short-term investments. Our cash, cash equivalents and short-term investments position net of remaining convertible debt is $820 million.

我們的資產負債表依然強勁，由 21.3 億美元的現金、現金等價物和短期投資支撐。扣除剩餘可轉換債務後，我們的現金、現金等價物和短期投資部位為 8.2 億美元。

Now let's turn to our business outlook for Q4 and FY '24 and a preliminary look at FY '25. As always, we take a prudent approach to forward guidance, we are factoring in a stable but still challenging macro environment. We're also factoring in the recent security incident. For the fourth quarter of FY '24, we expect total revenue of $585 million to $587 million, representing growth of 15%; current RPO of $1.875 billion to $1.880 billion, representing growth of 11% to 12%; non-GAAP operating income of $102 million to $104 million, which yields a non-GAAP operating margin of 17% to 18%; and non-GAAP diluted net income per share of $0.50 to $0.51, assuming diluted weighted average shares outstanding of 180 million.

現在讓我們轉向 24 年第四季和 24 財年的業務展望，以及 25 財年的初步展望。一如既往，我們對前瞻性指引採取審慎的態度，我們考慮到穩定但仍充滿挑戰的宏觀環境。我們也考慮了最近發生的安全事件。對於 24 財年第四季度，我們預計總營收為 5.85 億美元至 5.87 億美元，成長 15%；目前RPO為18.75億美元至18.80億美元，成長11%至12%；非 GAAP 營業收入為 1.02 億至 1.04 億美元，非 GAAP 營業利潤率為 17% 至 18%；假設稀釋後加權平均流通股為 1.8 億股，非公認會計準則稀釋後每股淨利為 0.50 美元至 0.51 美元。

For FY '24, we are raising our revenue outlook by $30 million at the high end of the range. We now expect revenue of $2.243 billion to $2.245 billion, representing growth of 21%. We are raising our outlook for non-GAAP operating income by $65 million at the high end to $283 million to $285 million, which yields a non-GAAP operating margin of 13%. Non-GAAP diluted net income per share is raised to $1.47 to $1.48, assuming diluted weighted average shares outstanding of 179 million. And we are raising our free cash flow margin outlook for FY '24 to 19% from 15% previously. On a dollar basis, that's a raise of over $90 million and sets us up to close the year achieving the Rule of 40.

對於 24 財年，我們將營收預期上調了 3,000 萬美元（上限）。我們目前預計營收為 22.43 億美元至 22.45 億美元，成長 21%。我們將非 GAAP 營業收入的預期上限提高了 6,500 萬美元，達到 2.83 億至 2.85 億美元，這使得非 GAAP 營業利潤率為 13%。假設稀釋後加權平均流通股為 1.79 億股，非 GAAP 稀釋每股淨利上調至 1.47 至 1.48 美元。我們將 24 財年的自由現金流利潤率預期從先前的 15% 上調至 19%。以美元計算，這意味著籌集了超過 9000 萬美元，使我們能夠在今年結束時實現 40 條規則。

While we are still in the early phases of financial planning, we would like to provide a preliminary view of FY '25. I'll reiterate that we are prudently factoring in a stable but challenging macro environment as well as potential impacts from the recent security incident.

雖然我們仍處於財務規劃的早期階段，但我們希望提供 25 財年的初步看法。我重申，我們正在審慎考慮穩定但充滿挑戰的宏觀環境以及近期安全事件的潛在影響。

We continue to focus on expense control and estimated non-GAAP operating margin of approximately 17%. We're also targeting free cash flow margin to be at least 19%. From a revenue perspective, we estimate total revenue to be in the range of $2.460 billion to $2.470 billion or growth of approximately 10%. We are applying a static 26% non-GAAP effective tax rate for FY '24 and FY '25.

我們繼續關注費用控制，預計非 GAAP 營運利潤率約為 17%。我們也將自由現金流利潤率目標定為至少 19%。從營收角度來看，我們預計總收入將在 24.6 億美元至 24.7 億美元之間，成長約 10%。我們對 24 財年和 25 財年採用 26% 的靜態非 GAAP 有效稅率。

To wrap things up, we are confident that we've set the path of profitable growth for years to come. We continue to focus on initiatives to drive the top line while making significant progress to drive improvements to our operating and cash flow margins.

總而言之，我們有信心為未來幾年的獲利成長奠定基礎。我們持續專注於推動營收成長的舉措，同時在推動營運和現金流利潤率改善方面取得重大進展。

With that, I'll turn it back over to Dave for Q&A. Dave?

這樣，我會將其轉回給戴夫進行問答。戴夫？

Thanks, Brett. I see that there are quite a few hands raised already, so I'll take them in order. (Operator Instructions) And with that, we'll go to Brian Essex at JPMorgan.

謝謝，布雷特。我看到已經有不少人舉手了，我就按順序發言吧。 （操作員說明）接下來，我們將去找摩根大通的 Brian Essex。

I guess I'll start off with the easy one, and that's the preliminary fiscal '25 outlook. And I just want to ask you in the context of, I guess, taking into consideration 2 issues in particular. One would be the impact, as you guys alluded to, of the most recent breach on your pipeline, close rates, customer relationships. And the other would be, I guess, the need for you to improve your relationship with channel partners in order to drive better growth. So with regard to that preliminary outlook, how should we think about assumptions baked into that outlook, particularly as it relates to traction or churn with customers and contribution from partners considering these issues? And we're in the spectrum of guidance being "kitchen sinked" until we consider this forecast to be.

我想我會從簡單的開始，這就是 25 財年的初步展望。我想，我想特別考慮兩個問題來問你。正如你們所提到的，其中之一是最近一次違規對您的管道、成交率、客戶關係的影響。我想，另一個是您需要改善與通路合作夥伴的關係，以推動更好的成長。因此，關於初步前景，我們應該如何考慮該前景中的假設，特別是當它與客戶的吸引力或流失以及考慮這些問題的合作夥伴的貢獻有關時？在我們考慮這項預測之前，我們的指導範圍是「廚房沉沒」。

Brian, thanks for the question, and thanks for jumping on the release this morning early before the market. That was a little bit atypical given the situations of the customer advisory, but we appreciate you covering, everyone else that covered it as well. We know it's extra -- something you weren't planning for us. We appreciate it.

布萊恩，謝謝你提出這個問題，也謝謝你今天早上在市場開盤前就發布了這一消息。考慮到客戶諮詢的情況，這有點不典型，但我們感謝您的報道，以及其他報道該問題的人。我們知道這是額外的——您沒有為我們計劃的東西。我們很感激。

I'll comment just on the business strategy behind the guidance first of all. I think that might be helpful. The -- we have -- it's very important and it's very clear to everyone at Okta that security is the top priority. We've prioritized security at some level over the years, and it's been balanced with other priorities, growth, new product development and various things to run the business. And those efforts, I'm simplifying a little bit but often have gone into product security, infrastructure, making sure that was very, very solid. And we know now that we -- that's not good enough. We have to do more.

首先，我將僅評論該指南背後的業務策略。我認為這可能會有所幫助。我們知道，這非常重要，Okta 的每個人都非常清楚，安全是首要任務。多年來，我們在某種程度上優先考慮安全性，並與其他優先事項、成長、新產品開發和業務運營的各種事項保持平衡。我對這些努力進行了一些簡化，但通常都涉及產品安全、基礎設施，以確保它們非常非常可靠。我們現在知道我們——這還不夠好。我們必須做得更多。

We know that Okta is one of the most targeted companies in the world because of the leadership position we have in this important market of identity access management, and that makes us, along with other cybersecurity companies, extremely targeted and relentlessly attacked. And we have to raise our game to be able to defend ourselves and our customers against those attack. So we're really upping the level of priority, and it's very clear to everyone at Okta that, for the end of this year and going into next year, that the #1 priority is securing Okta and securing our customers, full stop. And everything else is prioritized after that.

我們知道，Okta 是世界上最受攻擊的公司之一，因為我們在這個重要的身分存取管理市場中佔據領導地位，這使得我們與其他網路安全公司一起成為極具針對性和無情的攻擊。我們必須提高我們的水平，以便能夠保護我們自己和我們的客戶免受這些攻擊。因此，我們確實提高了優先級，Okta 的每個人都非常清楚，從今年年底到明年，第一要務是確保 Okta 的安全並確保我們的客戶安全，句號。之後的所有事情都會優先考慮。

And the second most -- the #2 priority is -- after security is growth and profitable growth, profitably growing the business. And I think you see that reflected in the business strategy in terms of the direction we're giving teams. We have a 90-day all hands on deck in terms of focusing on bottoms-up ideas and security efforts across the company, getting help from outside industry experts tops down to bolster our own experts. We've done this in various degrees over the years, but we're really aggressively doing more of this to get all the best minds and best input on these opportunities and problems for us.

第二個最重要的——第二個優先事項是——繼安全之後是成長和獲利成長，即獲利性的業務成長。我認為您會看到這反映在我們為團隊提供的方向的業務策略中。我們有一個為期 90 天的全體人員齊心協力，重點關注整個公司自下而上的想法和安全工作，自上而下地從外部行業專家那裡獲得幫助，以支持我們自己的專家。多年來，我們已經在不同程度上做到了這一點，但我們確實正在積極地做更多這樣的事情，以便為我們的這些機會和問題吸引所有最優秀的人才和最好的意見。

We're making sure that it's not just of a 1 year or 1 quarter change. It's really a continued accelerated evolution of our cultural change to really being -- having the culture of one of the most secure companies in the world.

我們確保這不僅僅是一年或一個季度的變化。這實際上是我們文化變革的持續加速演變，真正成為擁有世界上最安全的公司之一的文化。

Remember, Okta started as a -- it was -- our focus was enabling technology and making it easy to adopt the cloud. It wasn't necessarily started 15 years ago as a cyber company. Now that changed a few years into the company, and it's very clear to us now that -- and has been for the last few years that the bar is the most secure company in the world, full stop. And so that's the #1 priority, and that's what we're focused on.

請記住，Okta 最初是——事實上——我們的重點是支援技術並讓雲端的採用變得容易。它不一定是 15 年前作為一家網路公司成立的。公司成立幾年後，這種情況發生了變化，我們很清楚，過去幾年來，酒吧是世界上最安全的公司，句號。所以這是第一要務，也是我們關注的重點。

And then part of that, of course, is kind of the last pillar that we're really focused on now, which is making sure the products themselves, as customers use them, the actual security use cases on those products are prioritized incredibly highly. A great example of that is making sure that when we think about managing access to privileged resources, we -- with our new privileged access management product, making sure we prioritize and make it work great with our own Okta administration console because attackers are going after that because that's such a valuable target.

當然，其中一部分是我們現在真正關注的最後一個支柱，即確保產品本身，當客戶使用它們時，這些產品的實際安全用例被高度優先考慮。一個很好的例子是，確保當我們考慮管理對特權資源的存取權時，我們使用新的特權存取管理產品，確保我們優先考慮並使其與我們自己的Okta 管理控制台一起正常工作，因為攻擊者正在追趕因為這是一個非常有價值的目標。

So it's a wholesale clear communication to customers and to employees and to partners and investors, security is the top priority, full stop, and we will stop at nothing to make sure we become one of the most secure companies in the world because it's kind of clear to everyone that we're short of where we need to be now, and we will fix that.

因此，這是對客戶、員工、合作夥伴和投資者的全面且清晰的溝通，安全是重中之重，句號，我們將不惜一切代價確保我們成為世界上最安全的公司之一，因為這是一種每個人都清楚，我們目前還沒有達到需要達到的目標，我們將解決這個問題。

And I'll just add a couple of comments there, Brian. Thanks for -- one, nice to see you. Thanks for the question. But in terms of the guidance philosophy, really no difference from what we've done before. I think we all know, for years now, we give this early look. It's a prudent look. We've got 5 quarters ago. We've got a big Q4 ahead of us. And so we're factoring in 2 major factors, like I said a few minutes ago, which is around the macro and then also around the security incident and making sure we're being prudent about the guidance at this point given how far out we are from the end of FY '25.

布萊恩，我將在此添加一些評論。謝謝——一，很高興見到你。謝謝你的提問。但就指導理念而言，與我們之前所做的確實沒有什麼不同。我想我們都知道，多年來，我們都給予這種早期的關注。這是一種謹慎的表情。我們已經有 5 個季度了。我們即將迎來重要的第四季。因此，我們正在考慮兩個主要因素，就像我幾分鐘前所說的那樣，這兩個因素圍繞著宏觀因素，然後也圍繞著安全事件，並確保我們在這一點上對指導保持謹慎態度，因為我們距離我們還有多遠。從 25 財年末開始。

On the -- you asked a question too, Brian, about the channel partners?

關於－布萊恩，你也問了一個關於通路夥伴的問題？

Yes.

是的。

I think that's -- I would say that's a continued thread and a continuation of what we've been doing this year with our enhanced partner program and clarifying the partners we're working with and investing on the ones that are really moving the needles. The things you've heard us talk about in previous calls, that's an ongoing thing, and we're continuing to execute on that and seeing benefits from that in the business.

我認為這是一個持續的線索，也是我們今年透過增強合作夥伴計畫所做的事情的延續，並澄清了我們正在合作的合作夥伴，並對那些真正能帶來推動作用的合作夥伴進行了投資。您在之前的電話會議中聽到我們談論的事情是一個持續的事情，我們將繼續執行這一點並在業務中看到好處。

I guess do you get the pipeline internally to hit that number without incremental improvement in partner contribution? Or how confident you are doing that [10%]...

我想如果不逐步改進合作夥伴的貢獻，您是否可以在內部建立管道來達到這個數字？或者您對這樣做有多大信心 [10%]...

We're very happy with where the pipeline is.

我們對管道的位置非常滿意。

Yes. We're confident in what we've given you guys today. Like I said, no change in the guidance philosophy.

是的。我們對今天帶給你們的東西充滿信心。正如我所說，指導理念沒有改變。

Let's go to Rob Owens at Piper.

讓我們去找 Piper 的 Rob Owens 吧。

I appreciate the transparency and disclosure around the breach and realizing these things can take on a life of their own as time passes. But I was curious more so what you're doing for customers to assuage concerns around the breach itself aside from pushing out some launch dates here. And any proactive steps that you're taking to help future retention?

我很欣賞違規行為的透明度和披露，並意識到隨著時間的推移，這些事情可以發揮自己的生命力。但我更好奇的是，除了在這裡推遲一些發布日期之外，你們還為客戶做些什麼來緩解對漏洞本身的擔憂。您正在採取哪些積極措施來幫助未來保留人才？

Yes. I've been -- I've had many, many conversations with customers over the last few weeks as you can imagine, and the reactions vary. Some are from, "Thanks for the update. We appreciate the communication," to the other extreme, which is a lot of frustration and concern. The common thread or the common theme is that we're incredibly important to our customers, and they're relying on us for their critical infrastructure of their Customer Identity or their Workforce Identity. So it really matters.

是的。正如你可以想像的那樣，在過去的幾周里，我與客戶進行了很多很多的對話，而且反應各不相同。有些是從「感謝您的更新。我們感謝您的溝通」到另一個極端，即充滿挫折感和擔憂。共同的線索或共同的主題是，我們對客戶非常重要，他們依靠我們來提供客戶身分或員工身分的關鍵基礎設施。所以這真的很重要。

And the first thing they want to know is that do we know how important this is and are we taking these things seriously. Do we have the right plan in place to react to these things and get better going forward? And when I talk to them, the themes that resonate are really clear priority, comprehensive look at all the threats and all the opportunities across product and infrastructure, making sure the cultural tone from the top is set appropriately, and I can do that in a way no one else in the company can do. So I'm very clear about that.

他們想知道的第一件事是我們是否知道這有多重要以及我們是否認真對待這些事情。我們是否制定了正確的計劃來應對這些事情並取得更好的進展？當我與他們交談時，引起共鳴的主題是非常明確的優先事項，全面審視產品和基礎設施中的所有威脅和所有機會，確保高層的文化基調設定得當，我可以在公司中沒有其他人可以做到的方式。所以我對此非常清楚。

And then the last thing I talked about before is how the products can help them be more secure because this all is about the foundation for their security. And once that foundation is solid, then they can use our products to be -- to further enhance their own security.

我之前談到的最後一件事是產品如何幫助他們變得更加安全，因為這一切都是關於他們的安全的基礎。一旦基礎穩固，他們就可以使用我們的產品來進一步增強自己的安全性。

So I think to your specific question about what we're doing specifically, I think it's -- part of it is being open and transparent. One of the reasons why we thought this most recent disclosure, the one we did yesterday and then publicly this morning is that when we talk to customers, the #1 thing they want is transparency. And they want to know as soon as possible what is the risk increase, what are the threats. And our commitment as -- on our journey to be one of the most secure companies in the world is to make sure we fulfill that commitment and make sure we're open and transparent and disclose all the information we have.

所以我認為，對於你關於我們正在做什麼的具體問題，我認為其中一部分是公開和透明的。我們之所以認為最近的披露，即我們昨天所做的，然後今天早上公開的，原因之一是，當我們與客戶交談時，他們想要的第一件事是透明度。他們想盡快知道什麼是風險增加，什麼是威脅。在成為世界上最安全的公司之一的過程中，我們的承諾是確保我們履行這項承諾，並確保我們公開、透明並揭露我們擁有的所有資訊。

So I know it seems a little strange right now, but in some ways, what we did yesterday and today are executing on this plan and this commitment we've made to them. And then I think there's many more things we can do in terms of just making sure customers understand what happened and what we're doing about it, and you'll see us do more about these -- toward these communication efforts going forward.

所以我知道現在看起來有點奇怪，但在某些方面，我們昨天和今天所做的都是在執行這個計劃以及我們向他們所做的承諾。然後我認為我們可以做更多的事情來確保客戶了解發生了什麼以及我們正在採取什麼措施，並且您會看到我們在這些方面做更多的事情 - 朝著這些溝通努力前進。

But at the end of the day, I was talking to -- I have -- I was talking -- one of my conversations was with a CISO of a large manufacturing company that's been heavily adopted on Okta, and this is common to how these things go. He said, Todd, this -- you are -- the position you are in the ecosystem in the industry, you are one of the most attacked and focused on from an adversarial perspective companies in the world. And we know that if you take this as seriously as you're saying you do and you have these plans and these priorities in place to improve your -- make sure you're one of the most secure companies in the world, that's going to be more than enough for what we need because you're going to be attacked way more than we ever will.

但最終，我正在與一家大型製造公司的 CISO 交談，該公司已在 Okta 上廣泛採用，這對這些事情進展順利。他說，托德，你在產業生態系統中的地位，你是世界上最受攻擊和從敵對角度關注的公司之一。我們知道，如果您像您所說的那樣認真對待這一問題，並且您有這些計劃和優先事項來改善您的計劃——確保您是世界上最安全的公司之一，那麼這將足以滿足我們的需要，因為你們將受到比我們更多的攻擊。

And so I think they see it as -- once we communicate the details, once they can understand our plans and our priority and our focus, they come away with more comfort. But again, at the end of the day, what they really want is no issues like this, and that's ultimately our goal, to try to prevent these whenever possible.

所以我認為他們認為——一旦我們溝通了細節，一旦他們能夠理解我們的計劃、我們的優先事項和我們的重點，他們就會感到更加安慰。但歸根究底，他們真正想要的不是這樣的問題，這也是我們的最終目標，盡可能阻止這些問題的發生。

Let's go to Adam Tindle at Raymond James.

讓我們去找雷蒙德詹姆斯的亞當廷德爾。

Todd, I wanted to ask a little bit more about the renewal process in light of the security incident. Brett mentioned that contract duration continues to shorten, so the thought would be the renewal process is likely happening more frequently moving forward. Wonder what kind of processes you have in place to retain customers. And any ideas that Jon brings to the CRO role to this process? And Brett, if you could just touch on the assumptions on gross retention and NRR embedded, I know you're factoring in the security incident, but I would imagine that's where it's going to hit the most, so that would be really helpful to understand what the assumptions embedded are.

托德，鑑於安全事件，我想多問一些有關續約流程的問題。布雷特提到，合約期限持續縮短，因此我們認為續約過程可能會更頻繁地發生。想知道您採取了哪些流程來留住客戶。 Jon 為 CRO 角色對此流程帶來了什麼想法？ Brett，如果你能談談關於總保留率和嵌入 NRR 的假設，我知道你正在考慮安全事件，但我想這就是它受到的影響最大的地方，所以這對理解非常有幫助嵌入的假設是什麼。

The renewals process and execution of that is something where it's a very mature part of our company and we're very good at it. I think it leads to our -- as we've talked about several times, the gross retention in the mid-90s is a healthy level. And it's -- so it's a strong muscle we have.

續訂流程和執行是我們公司非常成熟的部分，我們非常擅長。我認為這會導致我們——正如我們多次談到的那樣，90 年代中期的總保留率是一個健康的水平。這是我們擁有的強大肌肉。

Contract durations, as Brett mentioned, have been shortening. I think it's -- they're still, on average, 2.5 years. And the reason they're shortening is this started happening during some of the more economic slowdowns last year. It's just, I think, across the board, people are not signing up for as much as they -- in terms of length of subscription as they wanted to.

正如布雷特所提到的，合約期限一直在縮短。我認為平均仍然是 2.5 年。縮短的原因是去年經濟放緩期間開始發生這種情況。我認為，從整體來看，人們的訂閱量並沒有達到他們想要的程度——就訂閱時間而言，他們並沒有達到他們想要的程度。

So I think that the renewals conversation will continue to be addressed effectively by our existing motion that we don't need some kind of new motion or new conversation. I think it comes down to making sure that the adoption of the product is high, which we're very good at getting our products adopted and making sure that the value is being delivered and that the price they're being charged for is fair. So there'll definitely be some -- as we just communicate to customers about our prioritization of security and our focus on and our execution across that plan, that will be funneled down to the renewals team as well. But I don't see any big changes to the overall renewal motion because of this.

因此，我認為續約對話將繼續透過我們現有的動議得到有效解決，我們不需要某種新動議或新對話。我認為這歸根結底是要確保產品的採用率很高，我們非常擅長讓我們的產品被採用，並確保價值實現，並且收取的價格是公平的。因此，肯定會有一些 - 因為我們只是與客戶溝通我們的安全優先事項以及我們對該計劃的關注和執行，這也將被傳達給續訂團隊。但我認為整體更新動議不會因此而發生任何重大變化。

Yes. I can also add on to that, Adam. Thank you for the question. So first on the contract duration, just to be clear, there's been a general shortening of contracts to what Todd was talking about, but part of the reason is actually the success we've had in public sector, which typically is only a 1-year contract. So that business doing well is going to put a headwind on our contract duration, so I guess, that's a good issue to have in terms of contract duration.

是的。我還可以補充一點，亞當。感謝你的提問。首先是關於合約期限，需要明確的是，合約普遍縮短到托德所說的那樣，但部分原因實際上是我們在公共部門取得的成功，這通常只是 1-年合約。因此，業務表現良好會對我們的合約期限帶來不利影響，所以我想，就合約期限而言，這是一個很好的問題。

So in terms of what we baked into the guidance for specifically NRR, net retention rate, or gross retention rate in FY '25, we haven't gotten to that level of detail given we're so early in the planning process. But what I would say is we do believe both the macro puts a headwind on growth and also the security incident. And so where each of them comes through, I mean, macro, we've talked about new business, seat expansions being impacted there. From the security incident perspective, we think growth is impacted. I can't give you exactly is it more upsell or is it more gross retention in terms of FY '25.

因此，就我們在 25 財年納入具體 NRR、淨保留率或總保留率的指導內容而言，考慮到我們還處於規劃過程的早期階段，我們還沒有達到這一級別的詳細程度。但我想說的是，我們確實相信宏觀經濟對成長和安全事件都構成了阻力。因此，我的意思是，宏觀上，我們已經討論了新業務、座位擴張受到的影響。從安全事件的角度來看，我們認為成長受到了影響。我無法準確地告訴您，就 25 財年而言，是追加銷售更多還是總留存率更高。

But what I can tell you is, in terms of FY '24, like we've talked about in the past, we did expect that number to tick down. Net retention is going to tick down throughout the balance of this fiscal year. And we had a nice quarter in Q3, 115%, flat with Q2. So we do still expect it to drop in Q4 based on those macro headwinds we've talked about with seat expansions but that hopefully helps you with a little bit more detail on how we're thinking about FY '25 as well as that net retention rate in the very near term next quarter.

但我可以告訴你的是，就 24 財年而言，就像我們過去討論過的那樣，我們確實預計這個數字會下降。在本財年的剩餘時間內，淨保留率將會下降。第三季我們的季度表現不錯，為 115%，與第二季持平。因此，基於我們討論過的席位擴張的宏觀阻力，我們仍然預計第四季度會有所下降，但這希望能幫助您更詳細地了解我們如何考慮 25 財年以及淨保留率下個季度的近期利率。

Next go to Rudy Kessinger at D.A. Davidson.

接下來前往 D.A. 的 Rudy Kessinger戴維森。

Appreciate the candor as it relates to the breach. Todd, at Oktane, it seemed pretty clear that you were hinting that you guys were close to hiring a new President of Worldwide Field Operations or Head of Sales, and today, I know you're closing that search. You're moving Jon into the permanent role. So I guess I have just a couple of clarifications. Did the breach impact your ability to land a new Head of Sales at all? And secondly, just understanding the current structure, is Jon going to be taking on both the Head of Sales and Chief Revenue Officer roles? Or will you be remaining, I guess, the Head of Sales for the time being?

感謝與違規行為相關的坦誠。 Todd，在 Oktane，您似乎很清楚地暗示，你們即將聘請一位新的全球現場營運總裁或銷售主管，而今天，我知道你們將結束這一搜尋。你正在讓喬恩擔任永久角色。所以我想我只有幾個澄清。這次違規行為是否影響了您聘請新銷售主管的能力？其次，只要了解目前的結構，喬恩是否會同時擔任銷售主管和首席營收長的角色？或者我想您會暫時繼續擔任銷售主管嗎？

Yes. Thanks for asking for clarification. On the previous question, I forgot to answer the part about Jon. The decision for the go-to-market structure was finalized before October 20, so it was finalized in early October. So it had no -- nothing to do with the security incident. The -- I think there were -- since the search started in January of this year, late January, the time line on it was we were going to make a decision to finalize things by October, and we hit our time line.

是的。感謝您要求澄清。關於上一個問題，我忘了回答關於喬恩的部分。上市結構的決定是在10月20日之前敲定的，因此是在10月初敲定的。所以它與安全事件沒有任何關係。我認為，自從搜索從今年 1 月、1 月下旬開始以來，我們將在 10 月之前做出決定，最終完成工作，我們達到了我們的時間表。

So we didn't want to have an interim structure going into planning for FY '25, so the goal was to finish it by the end of October. We -- I can't remember exactly the order of operations in terms of when the final decision was made versus when I made those comments. But what I knew at the time for sure is that we were going to finalize one of our finalist candidates and Jon being one of those finalist candidates. We were going to finalize it soon and be ready to roll on our original schedule, which was, like I said, to wrap it up in October.

因此，我們不想在 25 財年的規劃中採用臨時結構，因此目標是在 10 月底之前完成。我們 - 我記不清具體的操作順序，即何時做出最終決定以及何時發表這些評論。但我當時確信的是，我們將最終確定一位決賽候選人，而喬恩就是其中之一。我們很快就會敲定它，並準備好按照我們原來的時間表進行，就像我說的，在十月結束它。

The decision came down to a few things. One is that the -- I think that Jon is -- I talked to dozens and dozens of candidates and interviewed and looked everywhere and different levels of experience and backgrounds. And every person I talk to, the person doing the job was outperforming them. Jon was doing a great job. I was with him in customer meetings around the world. I was -- more importantly, talking about strategy going forward and understanding his strategic vision and his familiarity with the market and areas around the world and with the product segments and the identity industry and he would just really shine brightly. It's like the 9-month job interview.

這個決定歸結為幾件事。一是——我認為喬恩是——我與數十名候選人進行了交談，進行了面試，並考察了各地不同程度的經驗和背景。與我交談過的每個人，從事這項工作的人都比他們表現得更好。喬恩做得很好。我和他一起參加了世界各地的客戶會議。更重要的是，我正在談論未來的策略並了解他的戰略願景以及他對世界各地市場和地區以及產品細分和身份行業的熟悉程度，他真的會閃閃發光。這就像為期 9 個月的工作面試。

And it really -- it kind of made it hard for other candidates to compare. And I think -- so once I made the decision that he was the right guy to be the Chief Revenue Officer, I also made the decision that I really like the current structure of business operations under Eugenio as the President of Business Operations -- Global Business Operations; the marketing function under one of our strongest operational executives, Eric Kelleher; and then Jon running sales and presales and partners reporting directly to me. So basically, the flatter organizational structure where I have direct the business operations, customer success or customer -- Chief Customer Officer marketing and then Chief Revenue reporting directly to me, it was the best thing for us going forward.

確實，這讓其他候選人很難進行比較。我認為，一旦我決定他是擔任首席營收官的合適人選，我也決定我真的很喜歡尤金尼奧（Eugenio）作為全球業務運營總裁目前的業務運營結構商業運作;我們最強大的營運主管之一 Eric Kelleher 負責行銷職能；然後喬恩負責銷售和售前工作，合作夥伴直接向我報告。所以基本上，扁平化的組織結構讓我直接負責業務運營、客戶成功或客戶——首席客戶官行銷，然後首席收入直接向我報告，這對我們前進來說是最好的事情。

So there's really like 2 decisions. It was who's the best Chief Revenue Officer in the world, and then do we need that extra layer of a president. And the best thing for Okta for the future is to finish out the search for president and have these talented capable people in place that drive us forward.

所以其實有兩個決定。誰是世界上最好的首席營收官，然後我們是否需要額外的一位總裁。對 Okta 來說，未來最好的事情就是完成總統的尋找，並讓這些有才華、有能力的人就位，推動我們前進。

Great. Let's go to Hamza, Morgan Stanley.

偉大的。讓我們看看摩根士丹利的哈姆札。

Todd, on a high level, could you speak to the switching costs of your products? And based on your very early conversations, would you anticipate some customer churn as a result of the incident?

托德，您能從高層次談談您產品的轉換成本嗎？根據你們早期的談話，你們預期該事件會導致一些客戶流失嗎？

I think the switching costs vary and it's one of the great things about both the Customer Identity products and the Workforce Identity products, are that you can -- they're very flexible. You can implement them very quickly and easily. And then you can also implement them in a way that's quite comprehensive and connected to everything and very complete and cover every technology and every resource in the customer's environment. So the switching costs vary.

我認為轉換成本各不相同，客戶身分產品和勞動力身分產品的優點之一就是可以—它們非常靈活。您可以非常快速、輕鬆地實施它們。然後你也可以以非常全面、與一切相關、非常完整、涵蓋客戶環境中的每一項技術和每一項資源的方式來實施它們。所以轉換成本各不相同。

I mean there are companies that have a relatively light implementation and the switching costs are pretty low. And then there are implementations that are very deep and broad and lots of custom integrations and so forth, and the switching costs are higher. So I think it varies.

我的意思是有些公司的實施相對較輕，轉換成本也相當低。然後還有非常深入和廣泛的實現以及大量的自訂整合等等，並且轉換成本更高。所以我認為這會有所不同。

I don't -- I think there's various reasons why people switch off. And I think it's pretty hard, and it's always in customers that are less likely adopted and have lower switching costs, which is -- seems pretty obvious, but that's true. And I think that -- I think we're -- we've seen some people switching off for various reasons. Sometimes it's -- like we've said, our gross retention is mid-90s, but -- so that means, by definition, there's some percentage that are switching off. Various reasons for doing that. And I think at the end of the day, it's going to be hard to directly ascribe it to one thing, so I think we're just trying to make customers successful and provide huge value in the products.

我不認為——我認為人們停止工作有許多原因。我認為這非常困難，而且總是在那些不太可能被採用且轉換成本較低的客戶中，這似乎很明顯，但這是事實。我認為——我認為我們——我們已經看到一些人因為各種原因而不再工作。有時，正如我們所說，我們的總保留率是 90 年代中期，但是，根據定義，這意味著有一定比例的人正在關閉。這樣做的原因有很多。我認為歸根結底，很難​​將其直接歸因於一件事，所以我認為我們只是試圖讓客戶成功並在產品中提供巨大的價值。

And our strategy of a converged platform on the workforce side and covering every identity use case with customer and workforce. And we have, I think, prudent assumptions in the forward guide about what is baking in security incident or baking in macro. We're comfortable with that guidance, and we're going to go out there and execute our plan. And I think it's going to be -- in the long term, we're going to show a lot of success and deliver a lot of value to customers, and that's going to drive success across the board.

我們的策略是在勞動力方面建立一個融合平台，涵蓋客戶和勞動力的每個身分用例。我認為，我們在前瞻性指南中對安全事件或宏觀的影響做出了謹慎的假設。我們對這項指導感到滿意，我們將出去執行我們的計劃。我認為從長遠來看，我們將取得很多成功，並為客戶提供大量價值，這將推動全面成功。

We'll go to Joe Gallo at Jefferies.

我們將去找傑富瑞的喬·加洛。

Impressive margin performance this quarter and guidance next year. Can you just further unpack the drivers of leverage there? And then just talk through whether that inhibits the growth algo at all. And then just maybe whether -- how do you think about longer-term growth? Do these margins kind of reflect a new reality of potentially a lower long-term sustainable growth?

本季的利潤率表現令人印象深刻，明年的指導也令人印象深刻。能否進一步解析那裡的槓桿驅動因素？然後討論這是否會完全抑製成長演算法。然後也許—您如何看待長期成長？這些利潤率是否反映了長期可持續成長可能較低的新現實？

Thanks, Joe. So in terms of the -- how we're achieving this, this is really something we've been working on for probably about 18 months at this point. I don't know if you remember. Last year, we started this cost structure efficiency whether it be from moving headcount to lower-cost regions or rationalizing software, rationalizing real estate. It's been a long-time effort for us to be able to really set up the structure to be able to deliver these types of margins.

謝謝，喬。因此，就我們如何實現這一目標而言，這實際上是我們目前可能已經努力了大約 18 個月的事情。不知道你還記不記得。去年，我們開始了這種成本結構效率的提高，無論是從將員工轉移到成本較低的地區，還是軟體合理化、房地產合理化。我們經過了長期的努力才能夠真正建立起能夠提供這些類型利潤的結構。

I'm really excited that actually we can talk about Rule of 40 this year because that's how we look at the business and manage the business and kind of think about it from the lens of growth versus profitability. But ultimately, all this hard work is allowing us to offer up and guide with confidence these margins that you see in the FY '25 guidance, 17% non-GAAP operating margin, at least 19% free cash flow margin.

我真的很興奮，實際上我們今年可以討論 40 條規則，因為這就是我們看待業務和管理業務的方式，並從成長與獲利的角度來思考它。但最終，所有這些艱苦工作使我們能夠充滿信心地提供和指導您在 25 財年指導中看到的這些利潤率，即 17% 的非 GAAP 營運利潤率，至少 19% 的自由現金流利潤率。

And so that's a really good shift for us. We've set up that structure to be able to drive that efficiency, drive the leverage in the business. And as far as growth versus margin, we're always going to balance the 2 and ultimately look to balance the 2.

所以這對我們來說是一個非常好的轉變。我們建立這種結構是為了能夠提高效率，並提高業務槓桿率。就成長與利潤率而言，我們總是會平衡兩者，並最終尋求平衡兩者。

So I can't give you anything beyond FY '25, but we're always going to manage the business through that lens of the Rule of 40, something we're very proud of that we feel we can achieve this year and we'll always target as we as we move forward into FY '25 and beyond. It's something we really kind of pride ourselves on doing overall.

因此，我無法向您提供 25 財年之後的任何信息，但我們始終會透過 40 條規則的視角來管理業務，我們對此感到非常自豪，我們認為今年可以實現這一目標，而且我們」當我們進入25 財年及以後時，我們將始終以此為目標。總體而言，這是我們真正感到自豪的事情。

Next up, we're actually going to go to Madeline Brooks at BofA. She got knocked out of the queue. I'm putting her back in the spot here.

接下來，我們實際上要去美國銀行的馬德琳布魯克斯 (Madeline Brooks)。她被排除在隊列之外。我要把她放回原來的位置。

Appreciate it. And just appreciate the transparency of your remarks. I know many people have said that, but just really want to emphasize that.

欣賞它。並欣賞您言論的透明度。我知道很多人都這麼說過，但我只是想強調這一點。

So the question is if I look at what happened this quarter, my quick math implies that roughly 99% of net new cRPO came from the existing base. It's a two parter. Across peers, those numbers begin to kind of turn positive again, where contributions from net new customers increasing post macro. So the first part is why do you think the trend in your numbers is different than other cyber peers. And the second part is, is there any concern that heading into next year, the existing customer base will already be saturated leaving less room for upside, especially with this 90-day pushout of new products and the potential headwind from the new bids given the recent security event?

所以問題是，如果我看看本季發生的情況，我的快速計算表明，大約 99% 的淨新增 cRPO 來自現有基礎。這是一個二人組。在同業中，這些數字開始再次轉正，其中淨新客戶的貢獻在宏觀調控後有所增加。因此，第一部分是為什麼您認為您的數位趨勢與其他網路同行不同。第二部分是，是否擔心進入明年，現有客戶群已經飽和，上升空間越來越小，特別是考慮到新產品的推出時間為 90 天，以及新投標可能帶來的阻力最近的安全事件？

Sorry, Madeline, you broke up a little bit on me, but I think you were saying the mix on cRPO was related more to upsell versus new business? Is that...

抱歉，Madeline，您對我有點不滿，但我認為您是說 cRPO 上的組合更多地與追加銷售而非新業務相關？就是它...

She said she calculated 90% of the cRPO came from existing customers.

她說，她計算出 90% 的 cRPO 來自現有客戶。

Yes. Okay. Yes, I can't say that I have that number at hand, Madeline. But what I will say is, as we've talked about in the past, our mix of business has shifted more toward upsells. We believe that's related directly to the macro side of the house really putting pressure on new business, and so I think that's why you're seeing those numbers.

是的。好的。是的，我不能說我手邊有那個號碼，瑪德琳。但我要說的是，正如我們過去談到的那樣，我們的業務組合已更多地轉向加售。我們認為，這與宏觀方面直接相關，確實給新業務帶來了壓力，所以我認為這就是您看到這些數字的原因。

I think we had a nice quarter from new customer adds. Net adds was up 400. You heard Todd talk about the $1 million customers. Greater than $100,000 customers had a nice addition as well, an increase sequentially versus Q2. So we do see new business helping us out, but we do see a headwind there due to the macro headwinds that, although have stabilized, still are headwind to our growth in the business.

我認為我們在新客戶增加方面度過了一個不錯的季度。淨增加值上漲了 400。您聽到托德談論價值 100 萬美元的客戶。超過 10 萬美元的客戶也有不錯的成長，與第二季相比有所增加。因此，我們確實看到新業務幫助我們擺脫困境，但由於宏觀逆風，我們確實看到了逆風，儘管宏觀逆風已經穩定下來，但仍然對我們的業務成長構成逆風。

Yes. And one thing I can add there, hopefully, it's helpful, is the new products. We have with -- we have 3 amazing products to sell our existing customers. I mean some customers have Customer Identity, but we still have a lot of customers to sell Customer Identity to. And then we have many, many customers to sell Okta Identity Governance to. That thing is just starting to roll. It's had some early success, but it's been GA-ed a little over a year now, starting to get a ton of traction. We had a couple of really important deals with the one I mentioned in my comments that we posted at the site, was a global pharmaceutical company, had a big OIG upsell and then the new GA of PAM.

是的。我可以在那裡添加一件事，希望它有幫助，那就是新產品。我們有 3 種令人驚嘆的產品可以向現有客戶銷售。我的意思是有些客戶擁有客戶身份，但我們仍然有很多客戶可以向其出售客戶身份。然後我們有很多很多客戶可以向其銷售 Okta Identity Governance。那東西才剛開始滾動。它在早期取得了一些成功，但現在已經發布一年多了，開始獲得巨大的關注。我們與我在網站上發布的評論中提到的一家全球製藥公司達成了幾筆非常重要的交易，OIG 進行了大量追加銷售，然後是 PAM 的新 GA。

So I don't -- I think we have a ton of new products from the pipeline to sell our customers, and that's what we're making sure we operationalize those newer products and execute well in selling those. And I think the 90-day delay on some of the new products could potentially be impactful at some point, but we're not short of products for FY '24 for sure -- or sorry, FY '25 for sure.

所以我不認為——我認為我們有大量的新產品可以銷售給我們的客戶，這就是我們確保我們經營這些新產品並在銷售這些產品時表現良好的原因。我認為某些新產品的 90 天延遲可能會在某些時候產生影響，但我們肯定不缺少 24 財年的產品，或者抱歉，肯定不缺 25 財年的產品。

Let's go to Eric Heath at KeyBanc.

讓我們去找 KeyBanc 的 Eric Heath。

So Todd, it's great to see PAM's getting rolled out this week. I guess kind of 2 parts to the PAM opportunity. So one, just what learnings can you draw from OIG to relay that into some similar early success into PAM, number one? And then number two, just given PAM can be used to protect the customers on Okta environment, is this something that you could potentially make available to customers at no extra charge just as it relates to protecting their own Okta environment?

Todd，很高興看到 PAM 本週推出。我認為 PAM 機會分為兩部分。那麼，您可以從 OIG 中汲取哪些經驗教訓，並將其轉化為 PAM 的一些類似的早期成功，第一？第二，鑑於 PAM 可用於保護 Okta 環境中的客戶，您是否可以免費向客戶提供此功能，就像保護自己的 Okta 環境一樣？

I think there's -- we're really excited about Privileged Access. And I think the biggest -- I think there's a couple lessons from OIG that are just -- I would call them independent of any product area, so just new product introductions across the board, things like best practices to when to enable broadly, when to enable different segments of the market. Like one of the learnings from OIG was that it's having much more success in larger enterprises than we expected, and so I think we'll roll that learning to PAM and will enable the larger enterprise sellers sooner than we did with OIG because we anticipate that it could have the same phenomenon and exceed our expectations in larger enterprise.

我認為我們對特權訪問感到非常興奮。我認為最大的——我認為 OIG 為我們帶來了一些教訓——我認為它們獨立於任何產品領域，所以只是全面推出新產品，例如最佳實踐、何時廣泛啟用、何時廣泛啟用等。以支援不同的市場區隔。就像OIG 的經驗之一是，它在大型企業中取得的成功比我們預期的要大得多，因此我認為我們會將這一經驗推廣到PAM，並將比我們與OIG 合作更快地為大型企業賣家提供協助，因為我們預計在更大的企業中，它可能會出現相同的現象，並且超出我們的預期。

Another interesting phenomenon for OIG was that OIG is exceeding our expectations in kind of, call them, brownfield environments where they already have an existing governance solution. So we'll bring those learnings to the PAM product as well.

OIG 的另一個有趣現像是，OIG 超越了我們的預期，即所謂的棕地環境，他們已經擁有現有的治理解決方案。因此，我們也將把這些經驗教訓應用到 PAM 產品中。

On the product direction, one area that is -- through the early access phase and now that we move into GA, one of the learnings on the product directions is that customers -- the product's main focus has been through the LEA, Limited -- or sorry, through the early access has been on servers, so Linux and Windows servers, Kubernetes clusters, managing access to these things, these kind of infrastructure-type resources.

在產品方向上，一個領域是 - 通過早期訪問階段，現在我們進入 GA，關於產品方向的學習之一是客戶 - 產品的主要焦點是通過 LEA, Limited -或者抱歉，通過早期訪問已經在服務器上，所以Linux和Windows伺服器，Kubernetes集群，管理對這些東西，這些基礎設施類型資源的存取。

Customers find a lot of value in having us manage the privileged accounts in SaaS apps. So we're connected to Salesforce. We're connected to Workday. We're connected to GitHub, manage the privileged accounts in there. So that's an exciting direction as, as you mentioned, what is one of the most critical privileged account systems in the world. It's Okta Admin Console.

客戶發現讓我們管理 SaaS 應用程式中的特權帳戶非常有價值。這樣我們就連接到了 Salesforce。我們已連接到 Workday。我們連接到 GitHub，管理那裡的特權帳戶。因此，正如您所提到的，這是一個令人興奮的方向，因為它是世界上最關鍵的特權帳戶系統之一。這是 Okta 管理控制台。

So we're exploring ideas to better integrate that, and that's going to be a big focus. And your idea about offering it for free to every Okta customer is a very interesting one. And this might be the first time ever I've taken product input on an earnings call, but I do take it.

因此，我們正在探索更好地整合這一點的想法，這將是一個重點。您向每位 Okta 客戶免費提供該服務的想法非常有趣。這可能是我第一次在財報電話會議上聽取產品意見，但我確實接受了。

Great. Next, let's go to Gray Powell at BTIG.

偉大的。接下來，讓我們來看看 BTIG 的 Gray Powell。

Okay. Great. So yes, I guess, kind of a modeling question here. Normally, I would expect sequential growth in cRPO in Q3 to be at a similar level to that of what you've seen in Q2. At least that's what you've seen the last couple of years. This year, you added $54 million in net new cRPO. Last quarter, you added $71 million.

好的。偉大的。所以，是的，我想，這是一個建模問題。通常情況下，我預計第三季 cRPO 的環比成長將與第二季的水平相似。至少這是你過去幾年所看到的。今年，您新增的 cRPO 淨值增加了 5,400 萬美元。上個季度，您增加了 7,100 萬美元。

So I know this is kind of rough. But like is it safe to say that the main difference there was the breach happening with like 10 or 11 days left in the quarter and then customers just taking a pause? Or is there something else that I should be thinking of?

所以我知道這有點粗糙。但是否可以肯定地說，主要區別是在該季度還剩 10 或 11 天時發生了違規，然後客戶只是暫停了？或者還有什麼我該考慮的嗎？

And then the other part of the question would be, as we think of Q4 trends, like how much of a hangover is there? How much should we expect the lingering impact of the breach to be on conversations with customers?

然後問題的另一部分是，當我們想到第四季的趨勢時，例如宿醉的程度有多大？我們應該預期此次違規行為會對與客戶的對話產生多大的持續影響？

Yes. Thanks, Greg. So from a sequential perspective, I think I wouldn't do that math in terms of backing into the impact associated with the incident. I would more think about renewals timing. That can have a heavy impact on cRPO quarter-to-quarter. So we feel we had a really nice quarter in terms of Q3 growing 16%, $1.83 billion in current RPO. So I wouldn't read too much detail into that.

是的。謝謝，格雷格。因此，從順序的角度來看，我認為我不會根據與該事件相關的影響來進行計算。我會多考慮續訂時間。這可能會對每季的 cRPO 產生重大影響。因此，我們認為我們度過了一個非常好的季度，第三季度成長了 16%，目前 RPO 達到 18.3 億美元。所以我不會讀太多細節。

In terms of Q4, all of it's baked in. All of what we think the potential impact is associated with the security incident, that is in the guidance that we've given you here today, 11% to 12% and $1.88 billion at the top end of the range. So that's kind of how we think about things.

就第四季度而言，所有這些都已經融入其中。我們認為所有潛在影響都與安全事件相關，這在我們今天在這裡向您提供的指導中，11% 到 12% 以及 18.8 億美元範圍的頂端。這就是我們思考事物的方式。

Go to Peter Weed at Bernstein.

去伯恩斯坦的彼得威德那裡吧。

It looks like the change in your anticipated growth in quarter 4 came down relative to what you implied last quarter by almost 3 percentage points. And I think you've said that this is the impact of the outage. Is that experiential? In other words, like there are some things that you've already seen occur that are leading you to believe that you will definitely see that.

看起來您第四季的預期成長變化相對於上季的預期下降了近 3 個百分點。我想你已經說過這​​是停電的影響。這算經驗嗎？換句話說，就像有些你已經看到發生的事情讓你相信你一定會看到它。

And is that turning up in customers that are kind of showing that they're going to leave? Is that people are failing to upgrade at the pace that they have been before? Is that it's harder to win new customers, so you anticipate -- you had a really nice quarter actually, getting new customers, sequentially up. Do you anticipate that to take a dive? I'm trying to figure out like where that shows up kind of in the stack of where you would have normally thought that kind of sequential growth quarter-over-quarter, that seems to have been kind of eliminated as a result of the outage.

這是否會出現在客戶身上，表示他們要離開？人們是否無法以以前的速度升級？贏得新客戶變得更加困難，所以您預計 - 實際上您度過了一個非常好的季度，獲得了新客戶，連續上升。你預計會潛水嗎？我試圖找出這種情況在你通常認為的季度環比連續增長的堆疊中出現的位置，但由於停電，這種增長似乎已經被消除了。

Yes, the incident. So if you look at every quarter, Peter, there's always deals that push from quarter-to-quarter. It's just a natural part of our business. We saw an elevated level of that, and we ascribe that, that potentially could be related to the security incident. So we're taking that into our guidance when we think about Q4 and thinking about it from a prudent perspective, especially given how big the number can be in Q4 and setting the trajectory for fiscal year '25. So that's how we're thinking about things.

是的，事件。因此，如果你觀察每個季度，彼得，總會有逐季度推動的交易。這只是我們業務的一個自然組成部分。我們發現這種情況的程度有所提高，我們認為這可能與安全事件有關。因此，當我們考慮第四季度並從謹慎的角度思考時，我們會將這一點納入我們的指導中，特別是考慮到第四季度的數字有多大並為 25 財年設定軌跡。這就是我們思考問題的方式。

So it's actually more just there are deals that stayed in the pipeline, but you just anticipate they may push out of this quarter into the next quarter. But they [did] already from Q3 into Q4. Wouldn't that like give you deals that would be closing in this quarter that should plug some of that gap? So you'd have to really push out a lot of deals out of Q4 and to Q1 at that point.

因此，實際上更多的是有一些交易仍在醞釀中，但你只是預計它們可能會從本季推遲到下個季度。但他們已經從第三季進入第四季了。這難道不會為您提供將在本季度完成的交易，從而彌補部分缺口嗎？因此，你必須在第四季和第一季推出大量交易。

Yes. And you're right. We actually have already seen some of those deals close in Q4, which is a good sign, but we're being prudent given the environment out there today, given both the macro and the impact associated with the security incidents. So we're just being thoughtful.

是的。你是對的。實際上，我們已經看到其中一些交易在第四季度完成，這是一個好兆頭，但考慮到當今的環境、宏觀環境以及與安全事件相關的影響，我們持謹慎態度。所以我們只是深思熟慮。

Yes. I mean if you think about the chronology of it, it's 11 days left in the quarter, and then we're only just a month into the fourth quarter. So we -- in terms of the window to see the impact, we're a little bit limited on a window to see the impact, so I think that drives some of the pragmatism in the guide.

是的。我的意思是，如果你考慮時間順序，本季還剩 11 天，距離第四季只有一個月了。因此，就觀察影響的窗口而言，我們觀察影響的窗口有點有限，所以我認為這推動了指南中的一些實用主義。

All right. Let's go to Adam Borg at Stifel.

好的。讓我們去找 Stifel 的 Adam Borg。

Maybe a bigger picture question here. So international is still about 20%, 21% of the mix. And just given the size of the company, just seems like there's a lot of international opportunity ahead. So just as you think about the channel investments and you think about the new CRO and CMO in place, what are the thoughts about kind of accelerating opportunity in the international theater to potentially help accelerate growth?

也許這裡有一個更大的問題。所以國際化還是20%、21%左右的比例。考慮到公司的規模，未來似乎有許多國際機會。因此，當您考慮通路投資並考慮新的 CRO 和 CMO 時，您對國際舞台上可能有助於加速成長的加速機會有何想法？

I think it's a big opportunity. I do think from a macro perspective in terms of the stabilized macro but still a challenging macro, I think the macro impact internationally has probably been more pronounced, from my observation, than in North America over the last year or so.

我認為這是一個很大的機會。我確實認為，從宏觀角度來看，就穩定的宏觀而言，但仍然是一個具有挑戰性的宏觀，我認為，根據我的觀察，國際宏觀影響可能比過去一年左右的北美更為明顯。

We also have -- in terms of the interim to permanent CRO with Jon, that also gives us the opportunity to backfill Jon as the General Manager of Europe, and we have some candidates in the late-stage pipeline for that. So that's more leadership stability internationally. Couple that with a great leadership team in Asia Pacific, which is performing well. You have a really good opportunity for solid performance internationally, which is -- has to be an important part of our future.

我們還有——就喬恩的臨時到永久 CRO 而言，這也讓我們有機會回補喬恩擔任歐洲總經理，我們在後期階段有一些候選人。因此，國際上的領導地位更加穩定。再加上亞太地區表現良好的優秀領導團隊。你們有一個非常好的機會在國際上取得穩定的表現，這必須成為我們未來的重要組成部分。

If you just look at the numbers, the market is -- half the market's probably outside the U.S. over time in terms of identity management. We're using rough numbers. And over the next 5 to 10 years, we're going to make sure we get that mix higher than it is now in terms of a percentage of revenue.

如果你只看數字，就身分管理而言，隨著時間的推移，市場的一半可能在美國以外。我們使用的是粗略數字。在接下來的 5 到 10 年裡，我們將確保這種組合在收入中所佔的百分比高於現在。

I'd also add, just Jon being an international person himself, like he brings that lens, right? And so we're really excited about that and the opportunity out in front of us because I agree with Todd. We've got a lot of opportunity internationally.

我還要補充一點，喬恩本人就是一個國際人士，就像他帶來了那個鏡頭，對吧？因此，我們對此以及擺在我們面前的機會感到非常興奮，因為我同意托德的觀點。我們在國際上有很多機會。

Next up is Matt Hedberg at RBC.

接下來是加拿大皇家銀行 (RBC) 的 Matt Hedberg。

Great. Todd, a product question. In your prepared remarks, you noted you're pleasantly surprised, I think, by the size of organizations adopting your Identity Governance product. I think a year ago, it probably would have surprised a lot of us. I think we would have thought maybe some of the traction would have been from smaller organizations or midsized organizations.

偉大的。托德，一個產品問題。在您準備好的演講中，您指出，我認為您對採用您的身分治理產品的組織規模感到驚訝。我想一年前，這可能會讓我們很多人感到驚訝。我想我們會認為一些吸引力可能來自小型組織或中型組織。

So I guess maybe why the success up market, do you think, at this point? And then, Brett, when you think about the impact to -- from governance in your '25 outlook, I assume you're taking a very modest approach. But just thoughts on how you're thinking about that product next year?

所以我想也許為什麼高端市場會成功，你認為在這一點上？然後，布雷特，當您考慮 25 世紀展望中治理的影響時，我認為您採取了非常溫和的方法。但只是想一下明年您如何看待該產品？

The -- I just think that large organizations have -- there's a lot of complexity. And I think maybe we underestimated the -- I think we looked at some of these larger organizations and what they were doing with the existing governance solutions, and we assume that they were -- these solutions were covering the SAPs, the Oracle apps, the legacy apps and assuming that they would also be covering all the cloud stuff and all the new. I think that assumption is just proving to be maybe not as accurate as we thought. I think a lot of these legacy products aren't covering where the center of gravity is moving, which is cloud-centric application workloads and cloud infrastructure. And so the product is a better fit for these large companies than we thought.

我只是認為大型組織有很多複雜性。我認為也許我們低估了——我認為我們研究了一些較大的組織以及他們使用現有治理解決方案所做的事情，我們假設它們——這些解決方案涵蓋了 SAP、Oracle 應用程式、遺留應用程序並假設它們也將涵蓋所有雲端內容和所有新內容。我認為事實證明這個假設可能不如我們想像的那麼準確。我認為許多遺留產品都沒有涵蓋重心的轉移，即以雲端為中心的應用程式工作負載和雲端基礎設施。因此，該產品比我們想像的更適合這些大公司。

I think also just our overall -- the last, call it, 5 or 6 quarters with -- when the macro environment changed, you're just seeing more success for Okta in the bigger companies, so I think it's -- I think OIG has a big future in mid-enterprise and SMB. But I think that segment is just the slower segment right now, so we're not seeing the attaches with OIG there that we could over time.

我認為，我們的整體情況——最後，稱之為5 或6 個季度——當宏觀環境發生變化時，你會看到Okta 在更大的公司中取得了更多成功，所以我認為——我認為OIG在中型企業和中小企業中有著廣闊的前景。但我認為該部分目前只是速度較慢的部分，因此隨著時間的推移，我們看不到 OIG 的附件。

So I think your -- it looks better because more people are -- have the problem and finding value from it in a large enterprise. And also large enterprise is just doing so well with 40% growth in that cohort, both in ACV of those deals and in customer kind of those deals in Q3. So I think attaching OIG -- there's more opportunities to attach there relative to the entire business, so I think that's influencing the perception as well.

所以我認為你的——看起來更好，因為更多的人——有這個問題，並在大型企業中從中找到價值。而且大型企業的表現也非常好，該群體的成長達到了 40%，無論是這些交易的 ACV 還是第三季這些交易的客戶類型。所以我認為加入 OIG——相對於整個企業來說，加入那裡有更多的機會，所以我認為這也會影響人們的看法。

Yes. And I would add, although we're very excited about the progress so far, Matt, I mean, yes, we are being modest with our expectations in the guidance we've given you here today. One thing that I know you guys have asked in the past is how much -- and we've told you -- we keep telling we're going to update you every time we get a new number. But that third of workforce spend being IGA continues to hold steady through the end of Q3. So that's the number we've given you in the past, and it continues to be that. So the upsell associated with it is significant, and we're very pleased with how things are going just like Todd said.

是的。我想補充一點，儘管我們對迄今為止的進展感到非常興奮，馬特，我的意思是，是的，我們對今天在這裡向您提供的指導的期望是謙虛的。我知道你們過去問過的一件事是，我們已經告訴你們，我們一直告訴你們，每次我們收到新號碼時，我們都會更新你們的資訊。但到第三季末，用於 IGA 的勞動力支出的三分之一繼續保持穩定。這就是我們過去給您的數字，並且仍然如此。因此，與之相關的追加銷售非常重要，正如托德所說，我們對事情的進展感到非常滿意。

Great. Next up, Jonathan Ho at William Blair.

偉大的。接下來是威廉布萊爾的喬納森何 (Jonathan Ho)。

With regards to the breach, can you give us a little bit more detail on maybe what's still left in the third-party validation and investigation? And how confident are you that this is going to be the last finding that comes out of this investigation?

關於違規行為，您能否提供我們更多細節，說明第三方驗證和調查中還剩下哪些內容？您對這將是本次調查的最後發現有多大信心？

Yes. It's a great question, Jonathan. In my many, many conversations with customers, this comes up like speed of disclosure, and they want to know all the information as fast as possible and why does disclosure take time and what else is left to disclose, et cetera. So it is on everyone's mind obviously.

是的。這是一個很好的問題，喬納森。在我與客戶的多次對話中，這就像披露的速度一樣，他們希望盡快了解所有信息，為什麼披露需要時間以及還有什麼需要披露，等等。所以這顯然是每個人的想法。

I think the general philosophy we're taking is that we're trying to disclose as much as we know as quickly as possible. I think a couple of weeks after the incident, when we had our first disclosure, we disclosed everything we knew at the time. And we just kept looking.

我認為我們所採取的整體理念是，我們試圖盡快揭露我們所知道的盡可能多的資訊。我認為事件發生幾週後，當我們第一次披露時，我們披露了當時所知道的一切。我們只是繼續尋找。

Like you're talking about the log files from our support system. We're quite voluminous, and the team went over them click by click, row by row, line by line, kind of took first pass and looked at all the things they thought were incredibly sensitive and took a quick run of some of these reports and found it wasn't much interesting data and then published the first RCA and remediation steps and then like a good security company would, kept looking and kept digging and made sure we had everything covered and far more. And we were more thorough about these reports and ran completely and saw the data was there, made the decision to do a further disclosure based on risk of phishing like we've outlined.

就像您正在談論我們支援系統的日誌檔案一樣。我們的資料量很大，團隊逐點擊、逐行、逐行地檢查它們，有點像是第一次通過，查看了他們認為非常敏感的所有內容，并快速瀏覽了其中一些報告發現這並不是什麼有趣的數據，然後發布了第一個RCA 和修復步驟，然後像一家優秀的安全公司一樣，繼續尋找並繼續挖掘，並確保我們涵蓋了所有內容，甚至更多。我們對這些報告進行了更徹底的了解，並進行了完整的運行，看到數據就在那裡，並決定根據我們概述的網路釣魚風險進行進一步的披露。

And so I think the way I characterize it is now our internal team has gone over it many, many times, and our internal investigation is done. Like we don't think there's anything else productively we can look at. We've worked with the vendor and got supplemental logs. We've combed through it. We've done everything 3, 4, 5 times to check it. But we still want to make sure we cover all the bases, so we brought on this firm that has started a couple of weeks ago, and they're looking at it.

所以我認為我描述它的方式是現在我們的內部團隊已經檢查了很多很多次，我們的內部調查已經完成。就好像我們認為沒有其他有效的東西可以看一樣。我們已與供應商合作並獲得了補充日誌。我們已經梳理過了。我們已經做了 3、4、5 次來檢查它。但我們仍然想確保涵蓋所有基礎，因此我們聘請了這家幾週前成立的公司，他們正在考慮。

I think we're doing it, obviously, to be very thorough and clear. I think it's a relatively low priority that they'll find anything additionally, but we'll have to wait and see in mid-December when they're done with their analysis.

顯然，我認為我們這樣做是為了非常徹底和清晰。我認為他們會發現任何額外的東西的優先順序相對較低，但我們必須在 12 月中旬等待他們完成分析。

Okay. I'd like to welcome back Fatima Boolani from Citi.

好的。我歡迎來自花旗的法蒂瑪·布爾尼 (Fatima Boolani) 回來。

I appreciate the question. Todd, you were very categorical about securing Okta. So your customers are secure as being the #1 priority. So the question for you is, is that a people, process or technology or maybe all of the above conversation. And then maybe, Brett, it's not immediately apparent in your margin guidance that you're going to be taking and making these investments. So can you just sort of help us understand and kind of what envelope a lot of this up-leveling and reinforcing of your internal security architecture, what shape or form is that going to take?

我很欣賞這個問題。托德，你對於保護 Okta 的態度非常明確。因此，您的客戶安全是第一要務。因此，您面臨的問題是，人員、流程或技術，或者可能是上述所有對話。然後，布雷特，也許你的保證金指導中並沒有立即表明你將進行這些投資。那麼，您能否幫助我們了解一下，您的內部安全架構的升級和強化的範圍是什麼，將採取什麼形式？

Yes. It's a super insightful question, Fatima. The -- it's -- and as you guessed, it's all of the above. And I think we -- the program internally is called program bedrock, building the bedrock foundation. And it has 4 pillars. I'll call them pillars.

是的。這是一個非常有洞察力的問題，法蒂瑪。正如你所猜測的，它就是以上所有內容。我認為我們——該計劃內部稱為計劃基岩，構建基岩基礎。它有 4 個支柱。我稱它們為支柱。

The first one is there's just bottoms up get all the ideas on the table of everything we know that the team thinks would be great ideas to make us the most secure company in the world. And like a good example of something from this pillar is like this thing that we're advising customers to do with the latest notification around having MFA for all administrator accounts. That really should be required. There shouldn't be an option to not.

第一個是自下而上地將我們所知道的所有想法擺在桌面上，團隊認為這些想法將使我們成為世界上最安全的公司。這個支柱的一個很好的例子就是我們建議客戶使用有關為所有管理員帳戶設定 MFA 的最新通知。這確實應該是需要的。不應該有不這樣做的選擇。

Again, over the years, we, in some cases, made the choice for convenience and speed of implementation or frictionless adoption instead of security. But as we march toward being the most -- or one of the most secure companies in the world, that's going to change.

多年來，在某些情況下，我們再次選擇了實施的便利性和速度或無摩擦的採用，而不是安全性。但隨著我們邁向成為世界上最安全的公司或最安全的公司之一，這種情況將會改變。

So we have to make that required and you got to work through that because there's a reason sometimes customers don't have MFA required. Maybe it's a service account. Maybe there's a specific workflow. But everyone, as we do this bottoms-up effort, it's like a lot of good ideas on how we can make that better.

因此，我們必須滿足這項要求，並且您必須解決這個問題，因為有時客戶不需要 MFA，這是有原因的。也許這是一個服務帳戶。也許有特定的工作流程。但是每個人，當我們進行這種自下而上的努力時，就像我們有很多關於如何做得更好的好主意一樣。

And that whole bucket of bottoms up, we have a lot of awesome smart people on the team that have the time and space now to let those ideas come out, and they're going to -- we're going to have time and space to implement them as well. So that's the bottoms-up track.

由下而上，我們團隊中有很多很棒的聰明人，他們現在有時間和空間來讓這些想法浮現出來，他們將會——我們將有時間和空間也實施它們。這就是由下而上的軌道。

The second track is really, call it, tops down, which is making sure from an internal security architecture perspective, specifically in overall business operations and IT operations as inclusive of obviously product and infrastructure, but getting the top experts in the world and to give us their opinion on how we should be architecting our -- this part of our security posture and architecture, and there's people that do this for the most secure companies in the world, and we want to take those experts and combine them with our experts internally to make sure we have the best security blueprint from an architectural perspective. So we have bottoms up. We have tops down.

第二條路線實際上是自上而下，即從內部安全架構的角度確保，特別是在整體業務運營和 IT 運營中，顯然包括產品和基礎設施，但要聘請世界頂級專家並給予他們對我們應該如何建構我們的安全態勢和架構的這一部分提出了意見，有人為世界上最安全的公司做這件事，我們希望吸收這些專家並將他們與我們內部的專家結合起來確保我們從架構角度擁有最佳的安全藍圖。所以我們自下而上。我們自上而下。

And then the third pillar is really cultural. And that starts with me and the leadership team in setting this clear priority and setting the expectation that we are going to be the most -- our goal is to be one of the most secure companies in the world, and we're going to prioritize that, number one.

第三個支柱確實是文化。首先，我和領導團隊設定了明確的優先事項，並設定了我們將成為最安全的公司的期望——我們的目標是成為世界上最安全的公司之一，我們將優先考慮那，第一。

When you think about executing well, it can be pretty straightforward. It's like you have to make sure you have a clear vision. We want to be one of the most secure companies in the world. We want -- you got to set clear priority and get the right amount of resources on it. And that kind of sets up this cultural component to be successful.

當你考慮良好執行時，它可能非常簡單。這就像你必須確保你有一個清晰的願景。我們希望成為世界上最安全的公司之一。我們希望——你必須設定明確的優先級，並為此獲得適量的資源。這使得這種文化成分能夠取得成功。

And then the last one is, I think I mentioned before, is in the product. We have to make sure that the products themselves are beyond just being valuable and powerful for our customers. They have to be built in a way that ensures the security of our customers as well. And the best example for this is, after the notification of this incident in October, we quickly implemented this feature, which actually cryptographically binds an administrator console session to a specific network. So this is the kind of thing that is very valuable for customers and keeps them occur.

最後一個是，我想我之前提到過，是在產品中。我們必須確保產品本身對我們的客戶來說不僅僅是有價值和強大的。它們的建構方式也必須確保我們客戶的安全。最好的例子是，在 10 月收到此事件的通知後，我們很快就實現了此功能，該功能實際上以加密方式將管理員控制台會話綁定到特定網路。所以這是一種對客戶來說非常有價值並讓他們不斷發生的事情。

And as we think about it more and go through the entire product architecture and overview, there's many more of these things that can put us closer to being, from a product perspective and products that protect our customers and their use of it and their deployments of it, the most secure company in the world. And that's the fourth pillar.

當我們更多地思考並瀏覽整個產品架構和概述時，有更多的事情可以讓我們更接近，從產品的角度來看，產品可以保護我們的客戶及其對產品的使用和部署。它是世界上最安全的公司。這是第四個支柱。

So it's quite comprehensive. The -- I think the 90-day focus gives everyone's space and clarity to have no confusion about this being the priority. And I think after 90 days, what you'll see is obviously these kind of efforts have -- they've been going on in some shape or form for many years, and they will continue after these 90 days. But right now, we just need this real clear alignment on getting ourselves closer to that goal of being the most secure company in the world.

所以說的還是比較全面的。我認為 90 天的重點為每個人提供了空間和清晰度，使他們不會對此優先事項感到困惑。我認為 90 天之後，你會看到顯然這些努力已經以某種形式進行了很多年，並且在 90 天之後它們將繼續下去。但現在，我們只需要這種真正明確的協調，讓我們更接近成為世界上最安全的公司的目標。

And then for the second part of your question, Fatima, it's -- really, there's 2 things. One, we're already investing a good amount in FY '24. So to step up in the margins, it's not like we're starting at 0. So we're investing a good amount right now. We're going to invest more in Q4.

法蒂瑪，對於你問題的第二部分，確實有兩件事。第一，我們已經在 24 財年投入了大量資金。因此，為了提高利潤率，我們並不是從 0 開始。所以我們現在正在投入大量資金。我們將在第四季加大投資。

But this is 1 of the benefits of the structural efficiencies that we found and driven over the last 12 to 18 months. It allows us to expand the non-GAAP operating margin from 13% to 17% while also investing more into these critical areas like security. And so we've invested a lot already. We're going to invest even more in FY '25 but while also being able to balance it with the margin that you mentioned. So it's one of those benefits of us doing what we've been working so hard on for the last 12 to 18 months.

但這是我們在過去 12 至 18 個月中發現並推動的結構效率的好處之一。它使我們能夠將非 GAAP 營業利潤率從 13% 擴大到 17%，同時在安全等關鍵領域進行更多投資。所以我們已經投入了大量資金。我們將在 25 財年進行更多投資，同時也能夠與您提到的利潤保持平衡。因此，這是我們在過去 12 到 18 個月裡一直努力工作的好處之一。

Okay. We're going to try to get to a couple more. Let's go to Josh Tilton at Wolfe Research.

好的。我們將嘗試更多。讓我們去找沃爾夫研究中心的喬許‧蒂爾頓。

Can you hear me?

你聽得到我嗎？

Loud and clear, Josh.

大聲而清晰，喬許。

Great. I wanted to clarify a previous question. Does the guidance for Q4 embed some conservatism around the recent incident because you are anticipating to see something or because you are already seeing an impact. And then just a follow-up is, Todd, you mentioned that you spoke to customers and they kind of understand why, as an identity provider, you guys are being targeted by hackers so much.

偉大的。我想澄清之前的一個問題。第四季度的指導是否對最近的事件嵌入了一些保守主義，因為您預計會看到一些事情，或者因為您已經看到了影響。然後，托德，您提到您與客戶進行了交談，他們有點理解為什麼作為身份提供商，你們如此多地成為黑客的目標。

Is that raising any questions from the customer base as to whether or not it makes sense to go all in with all of your identity needs from one provider? Or given that you guys are the center of the security ecosystem and the #1 target for hackers, does it maybe make sense to diversify some of your identity risk across a different PAM vendor and a different governance provider?

這是否會引起客戶群的任何疑問：從一個提供者全面滿足您的所有身分需求是否有意義？或者考慮到你們是安全生態系統的中心和駭客的第一個目標，在不同的 PAM 供應商和不同的治理提供者之間分散一些身分風險是否有意義？

Josh, I'll take the first part. So anticipating is the answer, short answer since we're running out of time, because we did see, like I said earlier, an elevated amount of pushes or deal pushes from Q3 into Q4. And so we're just anticipating that as we go through the quarter because, as a reminder to everybody, we do not have a linear bookings quarter. It is very back-end weighted. And so we're just taking into account what we saw at the end of Q3 and looking and making sure we had put that into our expectations for Q4.

喬希，我來參加第一部分。因此，期待答案，簡短的答案，因為我們已經沒有時間了，因為正如我之前所說，我們確實看到從第三季度到第四季度的推動或交易推動量有所增加。因此，我們只是在本季進行預測，因為提醒大家，我們沒有線性的預訂季度。它非常注重後端。因此，我們只是考慮我們在第三季末看到的情況，並進行研究並確保我們已將其納入對第四季度的預期中。

Yes. And on the question on the -- getting everything from 1 vendor versus spreading out your risk with different vendors, I think it comes down to -- at the actual physical layer of how the products are implemented, how you mitigate that risk of getting everything from one vendor.

是的。關於從 1 個供應商獲取所有內容與向不同供應商分散風險的問題，我認為歸根結底在於，在產品如何實施的實際物理層，如何降低獲取所有內容的風險來自一個供應商。

And then the second thing is the product, there has to be a lot of value in getting it from one vendor like in terms of decreasing risk, the operational simplicity, the power of how you can secure things because things are better integrated. So that's the -- in fact, I was having this exact conversation with a customer just a few days ago about the risks and reward of consolidated around one vendor versus the spread things around, spread the risk perspective. And I think that's the -- those are the variables in the equation that people think about.

第二件事是產品，從一個供應商那裡獲得它必須有很多價值，例如降低風險、操作簡單性、保護事物的力量，因為事物整合得更好。事實上，我幾天前剛與一位客戶進行了一次確切的對話，討論了圍繞一個供應商進行整合與分散風險和分散風險視角的風險和回報。我認為這就是人們所考慮的等式中的變數。

Go to John DiFucci at Guggenheim.

去古根漢找約翰·迪福奇。

So Todd, my question is a follow-up to Fatima's question. I got to remember to try to get ahead of her because she -- it's hard to follow her, but I thought that was a really good question. And thank you for all the detail you gave around that, the program, bedrock. But in the end, still like how long is it going to take to get to, as you say, raise your game to get to a point of, I don't know, you're never going to be comfortable but relative comfort when you can actually sit down with the customer and tell them that you're there? You're never quite there, but you're there don't -- listen, we worry about it every day. We don't want this to happen ever again. That's not to say it never will. But how long do you get to a point where you have that relative comfort through that?

托德，我的問題是法蒂瑪問題的後續問題。我必須記住要盡力走在她前面，因為她——很難追隨她，但我認為這是一個非常好的問題。感謝您提供的所有細節、程序、基礎。但最終，仍然需要多長時間才能達到，正如你所說，提高你的遊戲水平，我不知道，你永遠不會感到舒服，但相對舒適您真的可以與客戶坐下來並告訴他們您在那裡嗎？你永遠不會完全在那裡，但你並不在那裡——聽著，我們每天都擔心它。我們不希望這種情況再次發生。這並不是說它永遠不會。但是你要花多久時間才能達到相對舒適的程度呢？

Yes. It's a super smart question, super smart question. I think I would add color this way. This has been something we've been very focused on for several years, particularly since Lapsus$ breach a couple of years ago. We've been very focused on it and actually made quite a bit of progress to make us feel comfortable about our progress toward being one of the most secure companies in the world.

是的。這是一個超級聰明的問題，超級聰明的問題。我想我會這樣添加顏色。這是我們多年來一直非常關注的事情，特別是自從幾年前 Lapsus$ 違規以來。我們一直非常關注這一點，並且實際上取得了相當大的進展，這讓我們對成為世界上最安全的公司之一的進展感到滿意。

I think the reason for the 90-day sprint and focus are as -- there are -- there is a calculation of I and the management team think that there are enough things that will decrease the risk at a significant level. Not that the risk is incredibly high, but there's enough things that'll decrease the risk at a significant level that we think it's worth a sprint here. But probably more importantly, John, it's kind of cultural.

我認為 90 天衝刺和重點的原因是——有——我和管理團隊進行了計算，認為有足夠的事情可以顯著降低風險。並不是說風險非常高，而是有足夠的東西可以顯著降低風險，我們認為值得在這裡衝刺。但也許更重要的是，約翰，這是一種文化。

It's execution requires clear priority, and nothing makes the priority clear for everyone than a full focus in a 90-day sprint. So beyond the decrease in risk and getting us closer to this area, as you described it, where we feel real comfortable as we progress toward being one of the most secure companies in the world, there is just a cultural tone setting thing, which I think is very important for customers and for investors and for employees as well.

它的執行需要明確的優先級，沒有什麼比全神貫注於 90 天的衝刺更能讓每個人都清楚優先級的了。因此，除了降低風險並使我們更接近這個領域之外，正如您所描述的那樣，當我們朝著成為世界上最安全的公司之一的方向前進時，我們感到非常舒服，只有一種文化基調設定，我對此感到滿意。「思考」對客戶、投資者和員工都非常重要。

So it's the 90 days and then just keep going. And by the way, I'm just going to...

現在是 90 天，然後繼續下去。順便說一句，我只是要去...

And it's not like we've never been focused on security because we've absolutely had a huge focus on it. Like I said, very, very specific and mature in the areas of the product and the infrastructure. I think we're not as mature and we haven't had the comprehensive approach on the overall IT operations and overall company operations. But it's something we've been doing for a long time, and we're going to have the sprint and then we'll keep doing for a long time after because we have to be -- like I've said it many times, we have to be one of the most secure companies in the world given the position we're playing and the critical role we fill for our customers. And that's what they expect from us and that's what we expect from ourselves as well.

我們並不是從來沒有關注過安全性，因為我們絕對非常關注它。就像我說的，在產品和基礎設施領域非常非常具體和成熟。我認為我們還不夠成熟，我們還沒有對整體 IT 營運和整體公司營運採取全面的方法。但這是我們長期以來一直在做的事情，我們將進行衝刺，然後我們將在很長一段時間內繼續這樣做，因為我們必須——就像我多次說過的那樣，鑑於我們所扮演的角色以及我們為客戶扮演的關鍵角色，我們必須成為世界上最安全的公司之一。這就是他們對我們的期望，也是我們對自己的期望。

And listen, I just have to add one last thing, something I never say. Actually, I think you guys did a good job. I mean this quarter, numbers look good and then even some -- given everything that's going on, I guess, nice job.

聽著，我只需要補充最後一件事，一件我從未說過的事。事實上，我認為你們做得很好。我的意思是，這個季度的數字看起來不錯，甚至還有一些——考慮到正在發生的一切，我想，做得很好。

Yes, appreciate it. A lot of hard work from the team.

是的，很欣賞。團隊付出了很多努力。

Great. And now we're going into overtime here. We're going to take Fred and then Shrenik, and we're going to have to cut it off at that point. But Fred Havemeyer from Macquarie, go ahead.

偉大的。現在我們要進入加時賽了。我們要先拿下佛瑞德，然後再拿下史萊尼克，我們必須在那時切斷它。但麥格理的 Fred Havemeyer，繼續吧。

I think many good questions have been asked. So I think, Todd, what I'd like to ask is, as we from the outside are looking at what you were doing at Okta, what sort of concrete checkpoints might we expect to see to understand what progress you're making here towards improving your overall security posture, understanding also that no news is kind of good news with respect to data breaches. And secondly, on that one, with the upcoming SEC disclosure time frame and requirements, do you feel that you have the reporting frameworks in place to comfortably meet all of those requirements?

我認為已經提出了很多很好的問題。所以我想，托德，我想問的是，當我們從外部觀察你在 Okta 所做的事情時，我們希望看到什麼樣的具體檢查點來了解你在這裡取得的進展改善您的整體安全狀況，並了解在資料外洩方面沒有消息就是好消息。其次，在這一點上，隨著美國證券交易委員會即將到來的揭露時間框架和要求，您是否認為您擁有適當的報告框架來輕鬆滿足所有這些要求？

Yes. On the second question, I feel really good about that. The disclosure frameworks and so forth, something we -- I think, in some ways, we're -- the role we play in the industry and the tone and the transparency we're trying to set with customers, we have a lot of things in place that put us in good standing there in terms of our ability to execute on those disclosures.

是的。關於第二個問題，我對此感覺非常好。揭露框架等等，我們——我認為，在某些方面，我們——我們在行業中扮演的角色以及我們試圖與客戶設定的基調和透明度，我們有很多就我們執行這些披露的能力而言，我們已經採取了一些措施，使我們在這方面享有良好的聲譽。

The first question you asked is I think there's -- for -- we're -- we have a really good answer on the product visible things. We're going to be reporting those out like as we would do product releases or future capabilities. These -- like the 2 examples I mentioned are the network binding for session tokens and the required MFA. That's going to be published. And so you'll see the road map for those things, and you'll see that thing published publicly into customers.

你問的第一個問題是，我認為對於產品可見的東西，我們有一個非常好的答案。我們將像發布產品或未來功能一樣報告這些內容。這些 - 就像我提到的 2 個範例一樣，是會話令牌的網路綁定和所需的 MFA。那將被發布。因此，您將看到這些事情的路線圖，並且您將看到該事情公開發布給客戶。

I think the internal stuff, the things that the team comes up with in terms of improving our operational security and comprehensive look at the security and taking in outside experts, we have to think more about how to communicate that broadly to customers. But I think it's just as important because not only is it just give customers confidence and how seriously, how aggressively we're taking this, but also it can help them learn because every customer I talk to, they're thinking like what can we learn from Okta because Okta is on this journey to be one of the most secure companies in the world. I can learn from that. So I think there's value in sharing that not just from the da trust perspective but also from the learning and the helping customers through that education.

我認為內部的東西，團隊在提高我們的營運安全性和全面審視安全性以及吸收外部專家方面提出的東西，我們必須更多地考慮如何與客戶進行廣泛的溝通。但我認為這同樣重要，因為它不僅給客戶信心以及我們如何認真、如何積極地對待這件事，而且還可以幫助他們學習，因為與我交談的每一位客戶，他們都在思考我們可以做什麼是向 Okta 學習，因為 Okta 正在成為世界上最安全的公司之一。我可以從中學習。因此，我認為分享是有價值的，不僅從信任的角度來看，而且從透過教育學習和幫助客戶的角度來看。

Okay. Last question to Shrenik Kothari at Baird.

好的。最後一個問題是問貝爾德的 Shrenik Kothari。

Appreciate the transparency, Todd and Brett. Just to follow up on your point, Todd, on product security focus and customer security focus. In light of the recent hack incident, I know the role of PAM seem to be elevating and becoming even more kind of broad-based. It's great to see that you guys are focused on PAM, as you said, the only product whose GA is on track versus other product features maybe relatively deprioritized.

托德和布雷特，感謝透明度。托德，我只是想跟進您關於產品安全重點和客戶安全重點的觀點。鑑於最近的駭客事件，我知道 PAM 的作用似乎正在提升，並且變得更加廣泛。很高興看到你們專注於 PAM，正如你們所說，與其他產品功能相比，PAM 是唯一一個 GA 步入正軌的產品，而其他產品功能的優先級可能相對較低。

Can you elaborate how are you positioning PAM in your customer conversations? More importantly, how are customers responding? And how does the customer feedback evolve? And given post this hack incident on one hand, of course, everybody knows PAM is going to be a key piece of puzzle in this threat landscape, while the incident perhaps leading to customer perception of perhaps not adequate implementation of core PAM solutions within your internal environments on the other hand, so if you can provide your thoughts there, you should.

您能否詳細說明如何在客戶對話中定位 PAM？更重要的是，客戶的反應如何？客戶回饋如何演變？一方面，考慮到這次駭客事件，當然，每個人都知道 PAM 將成為這一威脅情勢中的關鍵難題，而該事件可能會導致客戶認為您的內部可能沒有充分實施核心 PAM 解決方案另一方面，如果你能在那裡提供你的想法，你應該這樣做。

Yes. No, it's a good -- I think every specific incident is different, and PAM and the definition of PAM addresses some of them better than others. So I won't comment specifically on this recent incident and what our PAM product does or doesn't do. But broadly speaking, what you're saying is right. All of these attacks, whether it's -- are highlighting the need for very strong phishing-resistant access management, identity governance and then privileged access management and control.

是的。不，這是一件好事——我認為每個具體事件都是不同的，PAM 和 PAM 的定義比其他事件更好地解決了其中一些事件。因此，我不會具體評論最近的這起事件以及我們的 PAM 產品做什麼或不做什麼。但總的來說，你說的是對的。所有這些攻擊，無論是否，都強調需要非常強大的防網路釣魚存取管理、身分治理以及特權存取管理和控制。

And I think the reception that we've seen with customers is, basically, it's very simple. Our position is very simple. It's like you're using Okta to manage the user life cycle and the access for many business applications, you should use the same engine and the same access control for your privileged servers and containers and as I mentioned earlier, in a future release coming relatively quickly for your SaaS applications and for the Okta Admin Console itself. So that's the pitch.

我認為我們所看到的客戶的接待基本上非常簡單。我們的立場非常簡單。就像您使用 Okta 來管理用戶生命週期和許多業務應用程式的存取一樣，您應該對特權伺服器和容器使用相同的引擎和相同的存取控制，正如我之前提到的，在未來的版本中相對快速適用於您的SaaS 應用程式和Okta 管理控制臺本身。這就是球場。

And what customers like is that they get this comprehensive integrated workflow across all of the access points they're trying to secure, whether that's servers, apps, business applications, different kinds of applications, and that's what resonates. And then they can report that back to their auditor, and they get complete visibility from a governance, risk and compliance assessment, and that's the value prop for them.

客戶喜歡的是，他們可以在他們試圖保護的所有接入點上獲得這種全面的整合工作流程，無論是伺服器、應用程式、業務應用程式還是不同類型的應用程序，這就是引起共鳴的原因。然後他們可以將其報告給審計員，他們可以從治理、風險和合規性評估中獲得完整的可見性，這就是他們的價值支柱。

So it is -- the market we serve and the opportunity for our products is only getting bigger and bigger, and the threat landscape is part of that. There's many other drivers of the market size we're going after. And it's one of the reasons why we're so optimistic and bullish about the long-term future given all the work and focus we're putting into the products in the company and the team. And it's -- there's some bright and sunny future ahead of us. We're excited about it.

事實就是如此——我們服務的市場和我們產品的機會只會變得越來越大，威脅格局也是其中的一部分。我們追求的市場規模還有許多其他驅動因素。鑑於我們在公司和團隊的產品中投入的所有工作和重點，這也是我們對長期未來如此樂觀和樂觀的原因之一。我們面前有光明燦爛的未來。我們對此感到興奮。

Okay. Thanks, everybody. That's it for today's meeting. If you have any follow-up questions, you can e-mail us at investor@okta.com. Thanks.

好的。謝謝大家。今天的會議就到此為止。如果您有任何後續問題，可以發送電子郵件至investor@okta.com。謝謝。