Welcome to SailPoint's First Quarter 2026 Earnings Conference Call. [Operator Instructions] Please be advised today's conference is being recorded. I would now like to hand the conference over to your speaker today, Scott Schmitz. Please go ahead. Scott Sc

Good morning, and thank you for joining us today to discuss SailPoint's Fiscal First Quarter 2026 financial results. joining me today are SailPoint's Founder and CEO, Mark McClain; and our Chief Financial Officer, Brian Carolan. For the Q&A portion of today's call, we will also be joined by our President, Matt Mills. Please note that today's call will include forward-looking statements, and because these statements are based on the company's current intent, expectations and projections, they are not guarantees of future performance, and a variety of factors could cause actual results to differ materially. This call will also include references to non-GAAP results, which excludes certain items that do not reflect our underlying business performance. Please reference this morning's press release in the Investors section of sailpoint.com for further information regarding forward-looking statements and reconciliations of GAAP to non-GAAP financial measures. And with that, I'd like to turn the call over to Mark.

Thank you, Scott. Good morning, everyone, and thank you for joining us today. We're thrilled to share our fiscal Q1 2026 results. We closed the quarter with $925 million in annual recurring revenue, or ARR, a 30% year-over-year increase, with SaaS ARR growing 39% year-over-year. Our ARR growth reflects continued high demand as we believe identity security continues to be a top cybersecurity investment priority for enterprise leaders. We also saw a 62% year-over-year increase in customers with ARR greater than $1 million. This highlights our continued ability to support the significant scale and complexity prevalent among enterprises today. Today's digital enterprises demand a trusted partner who can secure the full spectrum of identities from the human workforce, which includes employees, contractors and third-party suppliers to the digital workforce, which spans machines and autonomous AI agents across a hybrid environment. Organizations with this level of scale and complexity need identity controls that are both broad and deep. This is where SailPoint stands apart and the market is taking notice. Our expertise in enterprise-class governance continues to drive share gains over both legacy and niche players the Gartner's latest IGA market sizing report, placing us at nearly 21% market share, which represents about 5x the gain of our nearest direct competitor. We believe this leadership reflects our commitment to meet the evolving identity security needs of our customers as well as their belief that SailPoint is more than just an IGA vendor. Our innovation strategy is central to our long-term durable growth and our differentiation in the market. Let me highlight the key tenets behind that strategy. First, our foundational principle is simple, least privilege for all enterprise identities. Every identity, human or digital carry some level of privilege what matters is context, the role it plays, where it operates and what it needs access to. A contractor with temporary access to intellectual property, a payroll bot executing critical transactions or a remote agent handling regulated data, all are privileged, but each in a different way. Legacy PAM tools were built for a narrow world, admin accounts on static infrastructure. SailPoint breaks that mold, delivering fine- grained contextual governance for all identities, systems and access levels at enterprise scale. Our policy-driven model defines who or what gives access to information and what actions they can take, a modern unified approach that we believe is fundamentally different from how others manage identities today. Second, we're leading in the governance of emerging identity types, particularly machine identities and AI agents. Machine identities have proliferated with some hidden deep within directories like Active Directory and Entra, making them difficult to track or secure. SailPoint machine identity security delivers deep visibility, control and entitlement level governance for these often overlooked assets such as service accounts, software bots and intelligent devices. When it comes to machines, other vendors primarily manage keys and certificates not the actual access rights, our approach goes far deeper providing the full identity governance life cycle for the actual machines, those keys and certificates belong to. AI agents represent the next frontier. These autonomous systems are now underwriting loans, onboarding customers and executing critical operations across both cloud-native apps and legacy systems. They make decisions independently, often operating with a level of self-governance that redefines what it means to be an identity. With our new offering, Agent Identity Security planned for release this fall, we believe SailPoint is uniquely positioned to govern this new class of digital identities alongside all human and machine identities across the full spectrum of access from the cloud to the mainframe. Third, we're embracing AI not just as a disruptor, but as a catalyst for cyber resilience. Just last quarter, we introduced Harbor Pilot, our AI-powered assistant and is already gaining strong traction. Harbor pilot embeds AI to the fabric of identity programs. servicing recommendations, guiding configurations and driving faster, smarter decisions. Users can issue prompts such as, share all roles with no entitlements or make me a workflow that creates a certification when a user's department changes to surface actionable insights in real time. It's also fueling a new wave of low-code, no-code workflow automation enabling intuitive intelligent management of identity processes. These innovations make our platform even more powerful and easier to use, helping security teams achieve more with less. In many ways, Harbor Pilot functions like a digital employee with deep expertise in both SailPoint and identity security. Fourth, threat prevention must evolve. And with Atlas, we are transforming how it's done. Atlas is our unified intelligence platform built on a consolidated data model and shared services architecture designed to deliver deep identity context at scale. As the authoritative source of identity entitlements for many of the world's most complex organizations, we enable advanced entitlement level risk modeling that surfaces granular signals in real time. This allows for proactive detection and response identifying threats before they can be exploited. By continuously mapping identities, entitlements, behaviors and risks, Atlas becomes an intelligent foundation of modern identity security powering decisions with context, and fortifying the entire enterprise security stack. Innovation alone isn't enough. We know identity security must operate in lockstep with the broader ecosystem. That's why we're forging deep partnerships with cloud providers, systems integrators and technology leaders as we work together with forward-thinking customers to ensure our Atlas platform integrates seamlessly into all customer environments. Our shared data model and flexible architecture enable partners to build on SailPoint enhancing coverage and accelerating outcomes across a wide range of identity security needs. We're continuously focused on expanding connectivity across the portfolio, making it easier for customers to govern access to more business-critical applications. This ecosystem strategy is helping us scale across the market. For large enterprises, our expanded strategic alliance with Deloitte is a prime example. Together, we're enabling organizations to navigate the rise of AI agents, harnessing them as a force for efficiency while helping improve governance and security. At the same time, we're extending our reach into the mid-market through our managed service provider, or MSP program, which gives midsized enterprises access to SailPoint's industry-leading solution through trusted partners. Across the board, our ecosystem is a growth engine, bringing SailPoint to more customers with more efficiency and greater impact. Our ecosystem is a force multiplier, and our consistent NRR is the proof. Half of our new bookings this quarter came from existing customers, a strong indicator of the trust and value we continue to deliver. And these customers aren't just renewing, they're expanding. For us, it's not just about the number of individual solutions the customer buys. It's about the outcomes we deliver, the breadth and depths of identity coverage we provide and the unique high stakes problems we help solve. That value is reflected in the numbers. Our average ARR per customer is nearly 3x higher than that of other identity security vendors, a clear signal of the comprehensive enterprise-wide role SailPoint plays across our customers' environments. As an example, a leading mortgage lender significantly deepened their investment with us as part of their broader digital transformation and modernization efforts. They upgraded to our Identity Security Cloud Business Plus suite adding Machine Identity Security and data access security, plus training and services support. Their decision was driven by the proven ROI they had already seen and the value of our unified solution both on a scalable integrated architecture in the Atlas platform. Today, we continue to see strong customer adoption across our platform. Our workflow usage hit an all-time high during fiscal Q1 2026 with a record number of identity workflows being built. They are evidence that our customers are scaling their use of SailPoint to govern more apps, new use cases and diverse identity types. This includes machine identities where we've seen robust demand and a strong and growing pipeline since the initial launch of SailPoint Machine Identity Security last fall. This quarter, interest in Machine Identity Security continued to grow among both existing and new customers. A Fortune 500 manufacturer expanded their SailPoint investment to better manage service accounts with greater precision. Meanwhile, a Fortune 25 retailer became a new SailPoint customer adopting our most comprehensive Identity Security Cloud Business Plus suite, along with Machine Identity Security non-employee risk management, a suite of connectors and advisory and success services. They went all in on SailPoint confident in our proven ability to deliver identity security at the scale and sophistication required to support their massive identity landscape. As we look ahead, we remain confident in the depth of our pipeline, the velocity of our sales motion and the resilience of identity and cybersecurity budgets. As identity-centric threats continue to be a top challenge for global enterprises today, we believe it's clear that identity has become the hub of modern security strategy, serving as the common link across all aspects of enterprise security, from networks and cloud infrastructure to end points, data and applications. And while some competitors tout momentum with the collection of products, we are not seeing that approach resonate in our core enterprise market. Our win rate remains strong among large complex organizations that demands the depth, breadth and sophistication that we believe only SailPoint can deliver. This represents clear validation that our focused platform-driven strategy is winning where it matters most. In closing, I'm grateful to everyone at SailPoint and our partners for ensuring we continue to stay in front. We're executing with focus, innovating with purpose and delivering real value where it matters most. As the industry increasingly recognizes identity security as the backbone of enterprise resilience, SailPoint will continue to be the identity security innovator and trusted partner leading the way. And now let me hand it off to Brian, who will share more details on our financial results for the quarter.

Thank you, Mark, and good morning, everyone. Thank you for joining us today. Our fiscal year 2026 is off to a strong start with ARR, revenue and adjusted operating margin each exceeding the high end of our first quarter guidance as we continue to deliver durable growth at scale. We ended fiscal Q1 '26 with ARR of $925 million, an increase of 30% year-over-year, with SaaS ARR of $574 million, growing 39% year-over-year. Currency was less than a 1 point benefit to our total ARR growth. Our strong results showcase our leadership position, strong competitive advantage and durable growth profile. Importantly, we have not seen a fundamental change in demand due to the macro environment. Today, more than ever, enterprises are focused on what they believe to be most critical, and we continue to see evidence that identity security is business essential and often at the top of the spending priority list. As such, we plan to continue to execute on the large opportunity in front of us delivering value to our customers. More specifically, our pipelines remain robust with deal velocity and close rates consistent with prior quarters. Our customer retention rates continue to be very strong, and our growth drivers are consistent with approximately half of our Q1 ARR growth coming from new customers and half from existing customer expansion. We continue to see significant growth potential through a universe of new customers that are primed for a more modern solution. In fact, many of our new customer wins are displacements of other solutions that cannot keep up with the scale and complexity of enterprise environments. We also see a large opportunity to expand within our installed base. Our NRR of 115% remained steady this quarter with many drivers, including suite upgrades, migrations, upsell and cross-sell initiatives. We were encouraged by the growing ARR contribution from our nonemployee risk management, machine identity security and data access security modules, which more than doubled from the same period a year ago. Let me now cover our strong Q1 results. In Q1 '26, we delivered total revenue of $230 million, up 23% year-over-year, with subscription revenue of $215 million, up 27% year-over-year. Adjusted gross profit margin was 76.3%, and adjusted operating margin remained healthy and well ahead of our expectations at 10.2%. Our adjusted operating margin upside versus guidance was the result of higher term revenue mix, cost discipline and the timing of investments. Moving to the balance sheet. We ended the quarter with $228 million of cash and equivalents and no debt after paying off our outstanding balance in March. Cash used in operating activities was $97 million and includes $37 million of cash paid for interest expense and $88 million of cash paid for items that ended with our IPO, such as equity award payouts and monitoring fees. Turning now to guidance. For simplicity, I will refer to the midpoint of our guidance ranges. Full details can be found in this morning's press release and supplemental earnings deck. For the fiscal second quarter of 2026, we expect ARR to be $965 million, up approximately 26% year-over-year compared to current consensus of 23.5% growth. For our fiscal year 2026 and we are increasing our ARR outlook by $20 million to $1.1 billion, up 25.5% year-over-year compared to our prior guidance of 23.2% growth. The increase in our ARR guidance primarily reflects organic growth of the business and assumes no material change in FX rates. For revenue, we expect the fiscal second quarter 2026 to be $243 million, an increase of 22% year-over-year with an adjusted operating margin of 12.1%. We expect our diluted share count to be approximately 557 million shares and adjusted EPS to be $0.045. For fiscal year 2026, we expect revenue to be approximately $1.039 billion, an increase of 21% year-over-year with an adjusted operating margin of 15.7%. We expect our diluted share count to be approximately 565 million shares and adjusted EPS to be $0.18. Please note, we included additional modeling notes in our supplemental earnings deck. In summary, we believe we are well positioned to win the next generation of identity security because of the depth and breadth of our platform, our enterprise scale and our willingness to listen and respond to market needs. We continue to see several durable growth drivers that position us for sustained long-term growth, and we are relentlessly focused on executing on that opportunity. With that, let's invite Matt Mills, our President, to join us and open the call for questions. Operator?

[Operator Instructions] Our first question comes from Joel Fishbein with Truist.

Thanks for taking the question and congrats on excellent execution. I guess I have so many questions. But the first one, for you, Matt, in terms of machine identity, it seems like it's starting to inflect I know you have deployed, the new products coming out, Agent Identity Security in the fall. Can you just tell us what the -- what you think the pricing looks like in that market? And can you share some of the competitive dynamics that you're seeing in that market?

Yes. Thanks for the question, Joel. Look, at the end of the day, when we look at the market and we look at our customers and our prospects alike, machine identity is top of the list for all of them. It's important to them. Many of our customers, as you know, I mean, the idea of machine identity is not necessarily new, right? We've been dealing with a lot of things around service accounts and bots for some time now. But here, certainly in the last 12 months, it's kind of moved its way to the threat vector and therefore, it's become a hugely important topic of concern for all of our customers and prospect alike. I think when you start talking about the pricing of it, Look, this is -- I followed a lot of the things that you -- guys like yourself have put out and others. And I think it's a huge moving target. And I think it's going to be value based. And so I think -- at this point in time, it's all going to play out. But I think it becomes quite difficult to kind of say it's this or it's that. We just know it's a significant opportunity for us.

The only thing I'd add, Joe, on the competitive side, it's Mark, is the clarity we're trying to help establish in the market and where we're focused on the machine identity problem versus, say, others around us. I think we continue to see a lot of the focus from others is on what we would call the authentication of those machines, the server certificates, the identity of the machine. We're focused as we have been for human identities on the authorization capabilities, what can those accounts or systems do, bots, RPAs, et cetera. So again, we find that it may be tenable that we may coexist with other machine identity security solutions where just like, say, we coexist with an SSO vendor because they're solving a different part of the identity problem. I think where we're focused in machine identity is differentiated, and we're hearing that back from the customers we're engaging with.

Our next question comes from Matt Hedberg with RBC.

I'll offer my congrats as well, really strong results. One area I wanted to ask about, it sound like you guys didn't call out any macro pressure, but I know you guys have some U.S. Fed exposure and other cyber vendors have been calling out maybe some pressure there. Just curious on what you're seeing in that particular vertical.

Yes. Matt, this is Matt. Yes. Look, we -- for us thus far, I'd say it's been business as usual, right? We haven't seen any extensive result or material result from anything DOGE related. I think we continue to keep our head on a swivel and look, but our business remains resolute. And like I said, thus far, we've not seen anything that would indicate we've got challenges as a result of DOGE.

Our next question comes from Rob Owens with Piper Sandler.

I wanted to unpack the ARR strength, which accelerated in the quarter when we look at the growth rate. And I guess the 2 components, as you look at new customers, which I think you said were half of it, just -- can you give us a sense of where those conversations are? Is there a sense of urgency, especially in this very uneven environment? And second, with regard to the existing customers, which I think came through in a better NRR quarter-over-quarter, is this a function of more identities? Is this a function of modules being added on or tier upgrades?

Rob, it's Brian here. I hope you're well. So with respect to the new customer acquisition, I think that what we're seeing is just great success from this being a very resilient market for us. These are business essential programs. Companies are not looking to cut back on identity security. They often rise to the top of the stack for CIOs and CISOs. And really, we're seeing pipeline from failed deployments of other competitive solutions that we're able to go back in and save and restart them for them. So we're pleased with our new customer acquisition. We continue to make great progress there. With respect to existing customers, we're continuing to see, again, about half of this comes from new logos, but half from expansion opportunities within our installed base. And there's been this nice kind of even disposition of several growth vectors. This includes migrations of on-prem customers into net new SaaS solutions where we typically see a 2 to 3x uplift on their ARR spend. We do see quantity upsell, so more identities being sold. I called out there's other cross-sell initiatives. So some of those new products like nonemployee risk management, machine identity security, data access security, that's all contributing to low single digits of our expansion, then also our SaaS suite upgrades. So these are customers that are moving from point level SaaS solutions into our suite. So again, we're really pleased to see that nice cross-sell and upsell disposition.

Our next question comes from Peter Levine with Evercore.

Maybe one, Mark, you talked about the success we're seeing in AI kind of a bit of an inflection point, but maybe share with us why is IGA better positioned to kind of capitalize on the rise of AI over some of the PAM vendors or even the identity access management providers. Just curious to know why you think governance is better positioned. And then maybe, Brian, I know you said not much of a macro, but perhaps did you bake in anything into the full year guide. You raised the guide. But just curious, were there any guardrails that you kind of factored in into the full year guide just to kind of assume maybe things get worse, but just curious to know what your philosophy was that.

Thanks, Peter. Yes, on the first one there on AI. I think sometimes it helps to go back to the basics. When we first came to market, the first time in '17, we were trying to help make sure we position where we thought what was not even called IGA at that time was. And then we said, look, at the end of the day, we answered 3 simple questions for humans, and that was who has access to what, how does that compare to who should have access, kind of policy versus actual. And then what are they doing with it? And the truth is, I think those are the same 3 core questions that are going to get asked about Agentic AI, right? It's like what is this agent, what does it have access to? And is it performing according to my expectations, and an authorization tool like ours, governance tool is well designed and suited for that question. Access and authentication tools are not, right? We often go back to a very simple metaphor, what we experience it every time we're up here in New York for investor meetings of the security guard at the front door knows that you've gotten into the building, that's access, that's letting you into the application of the building, they really lose track of where you go once you leave that front desk. And that's sort of the SSO problem. They aren't designed to understand all the entitlements capabilities that an identity has inside those complex applications. And that's going to be true for agents. What does the agent have access to, what is it allowed to do? What data can it see? Can it change data? Those are hard questions to answer without a governance framework, and that's really where we're coming from. So we think the access and privilege vendors that don't have that heritage are just going to be very challenged in trying to answer those very difficult questions. Now I'll turn it over to Brian for the other part.

Yes. Thank you. So we're not expecting currently any major change in the macro environment. So we're not building in any sort of headwind. But having said that, we are mindful of it. And we're doing a great deal of deal scrutiny with rigorous pipeline management, but we continue to see good demand for the identity security space. So we're aware of it. We're not immune to it. We're watching deal timing, in particular because a lot of times, these are programs that it may change from one quarter to the next. But again, the underlying fundamental demand is still there and is strong.

[Operator Instructions] Our next question comes from Gray Powell with BTIG.

Yes, I just would love to hear what you're seeing in terms of customer willingness to migrate from legacy IGA solutions like Oracle and IBM. And then does macro uncertainty impact any of those projects? Or is it really just more a function of like pending end of life and customers need to modernize?

Yes. Thanks, Gray. This is Matt. Look, I think what we're seeing now is actually a little bit of an acceleration there. I think the security landscape today is such that it's really bringing out the flows, if you will, on these legacy systems. And in many cases, as you probably know, they're heavily customized and it becomes a handful just to keep up with in of itself, not to mention the accelerating threat landscape. So I would tell you, we continue to see really good opportunities, and we continue to win at a high rate.

And Gray, just one point to add. You may have seen the recent Gartner report. And in terms of our overall market share gains that we made in recent history, we're more than 5x or about 5x our nearest competitor. So we feel like we're displacing legacy competition and also winning against some new competitors.

Got it. Thanks for correcting my name there. I get a lot of Gary's and Gregs in my life.

Our next question comes from Shaul Eyal with TD Cowen.

Congrats gents on strong results and guidance. Question to Mark or Matt. Given that Accenture is one of your leading partners, what are you hearing internally as it relates to their overall activities with SailPoint. Will they be one of your prime go-to-market partners as we think about further Gen AI adoption?

Thank you, Shaul. This is Matt. Look, I -- we're very fortunate, we have a strong ecosystem of partners, of which Accenture is a big part of. They continue to be one of our largest partners, and I don't see anything that would cause that to change. So we continue to work with them. We invest in them. They're one of our large MSP partners, right? And so I would tell you, from an expectation perspective, we continue to invest with them and do good things for our customers and prospects.

I think just to add, Shaul, we made a little note of what we're doing with Deloitte on the call today around agents, but with all of our leading partners, PwC, Accenture and many others, Optiv, strong partnerships we are expecting to move in the direction of supporting customers' needs around agentic with all of those leading partners, just pleased to be able to kind of reference multiple good things there. But yes, Accenture continues to be one of our top partners around the globe, and we can expect that to just continue to expand as we go.

Our next question comes from Joseph Gallo with Jefferies.

Brian, it was great to see some of the margin strength even with most of the upside coming from SaaS. Can you just update us on where you are on sales capacity, where you're investing? And then where some of this leverage is actually coming from?

Sure. So we were pleased with our margin performance this year exceeding the Q1 guidance that we put out there. Some of that was driven by timing of investments, too, which we'll catch up on some of that as the year goes along. I'd say we're in a good spot with capacity adds, more to come on that. We're investing in things like customer success early on in the year, just to make sure we're still driving a strong gross retention rate and net revenue retention rate. So we feel like this is going to be a balanced strategy. We're really pleased with the 30% ARR growth. We want to make sure we're continuing to invest in that, while still contributing and delivering some level of margin expansion which gave us confidence to increase it for the year.

Our next question comes from Brian Essex with JPMorgan.

Congrats on some solid results. Maybe, Mark, for you, in your prepared remarks, you called out a retailer that went "all in on sale". Could you provide a little detail there? What was the catalyst to move? What did you displace? Maybe how long was that sales cycle? And how indicative is that deal with regard to what you typically see with new customer lands?

Yes, I'll probably flip that, Brian, over to Matt, who's got more detail. I will tell you that, that kind of a strategic large-scale win is not atypical. We certainly called that one out. But in general, I think we're finding that almost inevitably in those large shops, they've got some level of deployment of something. Generally, it's one of the legacy vendors that we're displacing. But we always try to reemphasize that quite often, it's fairly minimally deployed. And so it's not uncommon for us to say within the first 6 to 9 months of deployment to run past any the level of deployment they had because that's really the frustration they have with those legacy tools if they aren't covering the landscape and as they try to think about securing their whole landscape, they're just very frustrated with those legacy tools, and that's often the driver. But this is -- it's a great story because they're sort of picking up on all the core aspects of the story.

Yes. Thanks. I'll just add, Brian. Look, I think when you look at these large opportunities, they start with a fair amount of relationship and education that happens before you actually start prosecuting an opportunity. And I think that was the case here. We built a very strong relationship with this company. And as Mark said, they're running a legacy solution, and they feel the pain of the legacy solution in terms of what it can do and the problems it's causing for them. And so once we started the opportunity, I think it went in fairly short order, but a great win for our team. And then it kind of validates the whole idea that we continue to win at a very high rate in replacing these legacy solutions.

Our next question comes from Gabriela Borges with Goldman Sachs.

For Mark and for Matt, we've talked on IGA for some time now about how one of the limiting factors for adoption is how long or how annoying it can be to switch from one vendor to another. So my question for you is, what are you doing with AI internally to perhaps speed up some of that implementation? And how do you think about on the flip side, the risk that this lowers the barriers to entry for some new enabled IGA vendor to come down the pipeline and potentially disrupt you?

Thanks, Gabriela. I'll start and see Matt has some thoughts to add. I think a couple of points. One is when we show -- especially in these mid- to large enterprises with fairly complex IT environment, our 2 decades of building connections deep, we were probably going to have to come up with some terminology delineation here because a connector is not a connector in this world, right? It's one thing for an access tool to say, I connect an application, which means they can log you in. For us, that means we can do deep governance typically around the entitlements and who can access data, et cetera, within these applications. But it's our rich heritage of connection with all of the commercial apps these enterprises care about and many bespoke apps that gives them confidence. That is a big area of focus, though, is to leverage AI to both increase the rate of speed where we can get to those new bespoke applications that we haven't already connected with in a typical enterprise environment and also to make it simpler for nontechnical people to do that work quite often that some of the areas of slowdown in these implementations is having to do deep technical work to kind of connect into these business applications. We're trying to use AI to speed up and leverage what we know from all the tens of thousands of connections we've built to make that simpler and easier. And so to your point about kind of others out there, we are certainly well aware of some of the earlier-stage vendors and identity are starting to make some strong claims about connectivity. We've done pretty deeply into all of that. Those that are making claims about very rapid expansion of connectivity are typically doing those very shallow connectors, where they can connect to a resource, but they can't really do entitlement level governance. And so we're helping make sure customers are clear on kind of the actual capabilities that we have and how that compares to some of the claims being made by some of the newer vendors. But again, what Matt would tell you is when we get into these large complex environments, our win rate continues to be incredibly high once customers are really clear on the differentiation of what we're offering.

Our next question comes from Tal Liani with Bank of America.

ARR was very strong this quarter, $27 million above expectations. For the next quarter, you're also guiding up $20 million above. But when I look at the full year, I have to reduce my estimates for net new ARR in order to hit because the increase in the full year is lower than what we're seeing this quarter and next quarter. So is there anything that is happening with timing of orders that is pulling things forward? Or is it just kind of the way the numbers are and we shouldn't pay attention to it.

Tal, it's Brian here. So yes, there was nothing unique about pull forward of any deals or revenue. This is basically -- I'd really encourage you to look at ARR on an annual basis for our FY '26 guide, we're actually raising that by more than 200 basis points. But also the Q2 guide is 200 basis points above current consensus. And just keep in mind, that 3% beat that we had in Q1 or the $27 million, that's an annual metric as compared to what other companies would do in terms of quarterly revenue numbers. And when it came to the quarterly revenue and operating income beats, we passed all of that through and raised Q2 as well. So it's just part of our philosophy. We feel good about it, and it's a good place to start for Q2.

Our next question comes from Keith Weiss with Morgan Stanley.

Congratulations on a great start to the fiscal year. A lot of big numbers in this Q1 print. I guess one that we haven't really dug into yet was the large customer numbers, really good growth on both the $250,000 customers and the $1 million plus customers. So 2 questions within that. Like one, anything in particular driving that? Or is it just the summation of the expanding solution portfolio traction in identity management market? And then maybe somewhat related, any change in sales strategy or go-to-market strategy as we enter into the new fiscal year? Anything that is worth noting in terms of how you guys are approaching that market opportunity from a go-to-market perspective?

I'll start just with respect to the increasing deal size. I mean we're really pleased with it. I mean, greater than $250,000 ARR customer count that's up about 28% year-over-year. The greater than $1 million, as we mentioned, is up 62% year-over-year. We're also not just the number of customers that we're landing, it's just a more sizable number. Our average ARR per customer is now above $300,000. It's really driven by expansion opportunities across the board in terms of just overall identity growth, suite upgrades, upsell and cross- sell of new modules. And then I'll defer to Matt just on some additional color.

Yes. Thanks, Keith. Look, there's been really no big change relative to our go-to-market strategy, our selling strategy. As you know, we're fairly pragmatic in terms of who we market to, we work off a target account list. And so none of that has changed, and we'll continue to execute that for the remainder of the year.

Our next question comes from Michael Romanelli with Mizuho.

This is Mike on for Gregg Moskowitz. Congrats on the strong results. So I guess -- so I was wondering if, firstly, is Harbor Pilot is included in any of your suites? And will there be an additional charge for this technology? And then just quickly on the migration impact to net retention rate. Was that about 3 to 4 points again this quarter?

I got the first part, Mike, on the Harbor Pilot.

Yes. Just real quick on the migrations. It did contribute low single digits in terms of the NRR contribution.

Yes. Within the NRR, what was from migration, yes, in that sort of those 4 contributors, all roughly 1/4 of that 15%. And on the first part, Mike, yes, Harbor Pilot is included with our platform today. So the first 2 offerings, the AI offerings within Harbor Pilot, we -- at this point, it just included that in our offering. I think as we continue to add new capabilities. We'll look at where whether and when we might price that out separately at some point based on the value delivery. We, at this point, are kind of anxious for customers to adopt some of the AI capabilities to help them be more efficient and effective in ramping up their implementations and deployments. And a lot of these initial Harbor Pilot capabilities are doing is just letting them more rapidly get the answers they need to address their issues. So we'll continue to watch how that evolves. But for now, it's just buried into the cost of our platform.

Our next question comes from Andrew Nowinski with Wells Fargo.

Okay. I'm just wondering what drove the 18% growth in your non-SaaS ARR in Q1? And I know you're assuming 90% of net new comes from SaaS going forward, but that still implies growth in your non-SaaS ARR. So just wondering if you could give any more color on what's driving that?

Andy, it's Brian. So we actually saw a fairly strong term business for Q1, both on renewals and also a couple of new sizable customers chose to go with an on-prem solution just given their environment. So moving forward, we still are targeting that 90-10 mix, meaning 90% SaaS and 10% term. So we do believe that SaaS is going to continue to be the first and foremost sales play for us, but we did see some nice uptick in some term business for the quarter.

Our next question comes from Saket Kalia with Barclays.

Echo the nice speed on ARR. Brian, maybe for you. I was wondering if you could just talk to the shape of net new ARR this year, maybe comparing it to prior years. And then -- anecdotally, of course, and then separately, I was wondering if you could go 1 level deeper just into the components of the 115% NRR, particularly whether you saw more contribution than expected for migrations?

So I wouldn't think there's anything materially different about our ARR and our new customer acquisition. We're actually really pleased with the consistency of it, to be honest with you, and the nice disposition between new and existing customers. And as I mentioned, what's great about the expansion with the existing installed base is the almost even distribution among things like migrations and quantity upsell, and then the cross-sell initiatives that I called out in terms of nonemployee risk management, machine identity security, data access security, that bucket alone was more than double it was a year ago. And then we're also experiencing our SaaS suite upgrades as well. So again, just think about this as half and half, and we're really pleased with that disposition.

And then anything just on the shape of net new ARR for the year. I know that last year, I think Q2 was particularly healthy. I can't remember if it was Fed or another vertical, but anything you want to say just in the shape of the year?

We had a fairly strong Q2 last year. We typically are kind of a second half company when it comes to net new ARR growth. So I'd continue to think of it that way, but nothing super unusual year-over-year.

And I'm not showing any further questions at this time. I'd like to turn the call back over to Mark for any closing remarks.

Thank you. I appreciate everyone's questions today and for all the great notes that have been written up over the course of our first few months here being public. So we look forward to continuing the dialogue, and thanks for everyone's interest on the call today. We'll talk to you soon. Thanks. Have a great day.

Thank you. Ladies and gentlemen, this does conclude today's presentation. We thank you for your participation. You may now disconnect, and have a wonderful day.