DruckFin

Netskope Q1 FY2027: AI Security Pipeline Is the Fastest-Growing in Company History — and the Ramp Is Just Beginning

Q1 FY2027 earnings call, June 3, 2026 — ARR hits $845M, new AI products land first enterprise deals within weeks of launch

Netskope delivered a cleaner-than-expected first quarter, but the headline numbers are almost beside the point. What investors should be focused on is the company's assertion — backed by early deal evidence — that its newly launched AI security suite is generating pipeline faster than any product in Netskope's history. That claim, combined with a sales force that is still roughly half-ramped and an AI security market that management describes as entirely greenfield, sets up a second-half story that is either going to validate the investment thesis in a meaningful way or expose the gap between pipeline excitement and real revenue conversion.

The Numbers: Solid Beat, But Net New ARR Is the Friction Point

ARR grew 29% year-over-year to $845 million, and revenue of $201.6 million came in ahead of guidance, growing 28%. Gross margin expanded roughly three percentage points to 77%, and operating margin improved four points to negative 14%, also ahead of plan. Geographically, EMEA led at 31% growth, followed by Americas at 27% and APJ at 25%. RPO grew 33% to over $1.2 billion, with contracted future billings up 71%.

The number that will attract scrutiny is net new ARR of $34 million, down from $39 million in the prior-year quarter and, as Brad Zelnick of Deutsche Bank noted on the call, the lowest dollar figure in nearly two years despite sales and marketing spend up roughly 50% over that stretch. CFO Drew Del Matto was direct about the cause: Q1 of last year included multiple seven-figure upsell deals that drove net new ARR growth of 79%, making the year-over-year comparison structurally difficult. NRR came in at 113%, which Del Matto acknowledged is "probably at the lower end" of the mid-teens range management targets. Gross retention, however, hit a company record — above the mid-90s and still improving — which tells you existing customers are not leaving, but expansion is uneven quarter to quarter.

New logo ARR grew approximately 60% year-over-year, which is a genuinely strong signal and helps contextualize the NRR softness. The quarter was disproportionately weighted toward new business rather than upsell, and with 57% of customers now using four or more Netskope One products, up from 49% a year ago, the platform cross-sell engine is moving in the right direction even if it did not produce an outsized upsell quarter this time around.

The AI Security Suite: Greenfield, Fast Pipeline, First Real Deals Closed

The most consequential development in this quarter is the launch and initial commercial traction of Netskope's AI security product suite. Released just last quarter, the four initial products — AI Gateway, AI Guardrails, Agentic Broker, and a Red Teaming offering — are priced per transaction, meaning per prompt and response, which management argues makes them straightforward to deploy and scale. The AI Command Center, announced this week, adds a unified discovery, risk visualization, and autonomous remediation layer on top of those products. AgentSkope, also newly announced, introduces AI agents for security operations workflows, priced on an outcome basis tied to incident resolution.

CEO Sanjay Beri was unambiguous about what he is seeing: "We've never seen a product pipeline grow like it has for the AI security products." Two early enterprise deals have already closed. A technology customer purchased the full AI security suite to solve the problem of legacy proxies lacking visibility into AI traffic. A large U.S. bank, an early beta customer, deployed AI Guardrails for real-time control, LLM policy enforcement, user behavior analytics, and inline threat protection to meet regulatory requirements around sensitive financial data.

The AgentSkope DLP AI SecOps agent provides perhaps the most concrete demonstration of the value proposition. During beta trials, a global consulting firm generating over 14 million alerts and two million incidents per day was able to reduce that to approximately 100 actionable cases for human review. That is not a rounding error in operational efficiency. It is the kind of outcome that security teams with finite headcount will pay for.

Why Netskope's Architectural Position in Agentic AI Is Structurally Different

Beri made a pointed argument about why Netskope is structurally better positioned than most security vendors to handle the agentic AI threat vector, and it is worth understanding the logic. "The security industry has spent years evolving security and network architectures to assume breach for human users, but that same rigor has not been applied to the AI agents now operating inside organizations." The key distinction is that Netskope's inline infrastructure sits at the point where traffic flows — not out-of-band — meaning it sees content and context, not just the existence of a connection. "Most security and networking systems see that a connection is happening. Our wedge infrastructure sees what's deep inside it and brings deep context to it."

AI agents in enterprise environments communicate through APIs, CLI, and increasingly through the Model Context Protocol, which has "quickly become the dominant standard for agentic integrations." Netskope's platform was architected to parse API and JSON traffic natively — which is also the language of AI — giving it a contextual inspection capability that legacy network security vendors simply do not have. The company claims 10-plus years of processing enterprise traffic at this depth has produced proprietary behavioral data embedded in its 190-plus domain-specific models, an advantage it argues is difficult for incumbents or new entrants to replicate.

Beri also made a pointed comment about frontier model releases: "The frontier model releases, including Anthropic's models and OpenAI's GPT 5.5, are genuine inflection points for the industry. However, they do not touch the vector that is already active inside environments now. The data flowing through agents, cloud applications, and enterprise workflows that authenticate as users, operate at the privilege level of your people, and move sensitive information to destinations your security team has never reviewed." That is a clean articulation of why AI model safety and enterprise AI security are distinct problems — and why Netskope's market is not being solved upstream.

Ecosystem Credentialing: Anthropic, OpenAI, Google, Microsoft

Netskope has assembled an AI ecosystem footprint that carries genuine credentialing value. The company has joined Anthropic's Project Glasswing, giving it preview access to Claude models to identify vulnerabilities and contribute findings back to the coalition. Its technology integration with Anthropic also includes a cloud compliance API connection, enabling real-time data governance enforcement across Claude deployments. Netskope is a member of OpenAI's Data Program using GPT-5.5, recognized as a trusted defender of critical enterprise infrastructure — a designation shared with a select group of security vendors. A partnership with Google introduces AI guardrails powered by Google Cloud TPUs and Vertex AI, with native optimization for NVIDIA GPUs as well. The company was also named Microsoft Security Partner of the Year in the prior year. The breadth of this ecosystem positioning is unusual and not easily replicated by point-solution competitors.

Data Sovereignty: A Structural Advantage That Is Becoming a Requirement

One underappreciated element of Netskope's positioning is its NewEdge private cloud, spanning more than 120 data centers globally. As enterprises face increasing data residency and sovereignty requirements — particularly in regulated industries and international markets — the ability to enforce local processing for any traffic type and define geo-based policies on where security processing occurs is becoming a procurement requirement, not a differentiator. Management described this explicitly: "As data sovereignty becomes increasingly critical in the AI era, no other platform can match this combination of global reach and granular control." The Latin American utility win and the APJ telecom SASE deployment across more than 5,000 managed sites are direct reflections of this advantage in action.

Go-to-Market: The Back-Half Bet

Approximately half of Netskope's sales reps are newly hired or still ramping. The peak of hiring occurred in the second half of fiscal 2026, meaning productivity should accelerate in the back half of fiscal 2027 as those reps mature. This is the central thesis for net new ARR reacceleration, and management is explicit that Q2 will remain under pressure for the same structural reasons as Q1. Full-year revenue guidance was raised to $879 million to $883 million, approximately 24% growth at the midpoint — meaningfully higher than the beat alone would justify, which Del Matto characterized as a reflection of confidence in the back-half ramp of both reps and AI security demand.

Free cash flow was negative $57 million in Q1, which management called the low watermark as customers transition to annual billing — a shift that compresses near-term collections but improves forward visibility. The 71% growth in contracted future billings is the relevant leading indicator. Management expects a return to positive free cash flow in the back half, with full-year guidance of positive 2% to 4% free cash flow margin unchanged.

CFO Transition: Managed, But Worth Monitoring

Drew Del Matto announced his intention to retire after more than seven years with Netskope, during which the company scaled from approximately $70 million of ARR to $845 million and completed its IPO. He will remain CFO through the successor search and then transition to an advisory role. The transition is characterized as planned and long-term in nature, and there are no operational changes implied. That said, a CFO transition at a company in the middle of a critical growth inflection — ramping a large sales force, launching a new product category, and managing a free cash flow trough — is a variable worth tracking. Continuity through the search process matters, and investors should watch for how quickly a high-caliber replacement is identified.

The Core Risk: Pipeline Excitement Must Convert

The bull case on Netskope is coherent and well-supported by the technology architecture, the ecosystem positioning, and the early AI security deal evidence. The risk is equally clear: with half the sales force still ramping and the AI security products just weeks into general availability, the company is asking investors to trust a second-half inflection that has not yet shown up in the net new ARR line. The 80%-plus POC win rate and record GRR suggest the product holds up under scrutiny. The question is whether the go-to-market engine, now significantly expanded and still maturing, can bring enough qualified opportunities to close at that win rate and at a pace that moves the ARR needle. That answer will come in Q3 and Q4 of fiscal 2027.

Read Next

Motorola Solutions: D-Fend Acquisition Reveals a $1B Counter-Drone TAM Set to Triple by 2030, While SVX Body Camera Targets Axon's Tier 1 Stronghold

2026-06-04

Zscaler CEO: "Agentic AI Is the Biggest Unsolved Problem in Security — and We're Launching the Solution Next Week"

2026-06-04

William Blair: Manhattan Associates Posts Back-to-Back Record Booking Quarters Amid Market Turmoil — AI Agents Delivering 6–30% Shipment Lift in Production

2026-06-04

Figure Technology Solutions: The Only Blockchain Lender With AAA Ratings and $1.4 Billion in Monthly Volume Is Now Building the Fannie Mae of Tokenized Credit

2026-06-04

Lumentum: Supply Constrained Today, Scale-Up Tsunami Coming in 2028

2026-06-04

ON Semiconductor: From $5K to $115K Per Rack — The 800-Volt Opportunity Wall Street Is Underestimating

2026-06-04
Disclaimer: This article is for informational purposes only and does not constitute investment advice or a recommendation to buy, sell, or hold any security. Our analysts provide detailed coverage of corporate events but can make mistakes, always conduct your own due diligence. The views and opinions expressed do not necessarily reflect those of DruckFin. We have not independently verified all information used herein, and it may contain errors or omissions. Before making any investment decision, consult a qualified financial advisor. DruckFin and its affiliates disclaim any liability for any losses arising from reliance on this content. For full terms, see our Terms of Use.